[Buildroot] [PATCH 3/3] [RFC] package/busybox: gneerate permissions for enabeld applets

Yann E. MORIN yann.morin.1998 at free.fr
Wed Dec 14 16:44:52 UTC 2016 

Peter, All,

On 2016-12-13 23:32 +0100, Peter Korsgaard spake thusly:
> >>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:
> 
>  > DO NOT COMMIT THIS.
>  > This is jsut an example how to use FOO_PERMISSIONS_FILE.
> 
>  > Signed-off-by: "Yann E. MORIN" <yann.morin.1998 at free.fr>
>  > ---
>  >  package/busybox/busybox.mk | 15 +++++++++++++++
>  >  1 file changed, 15 insertions(+)
> 
>  > diff --git a/package/busybox/busybox.mk b/package/busybox/busybox.mk
>  > index f4a241d..9c1f2e8 100644
>  > --- a/package/busybox/busybox.mk
>  > +++ b/package/busybox/busybox.mk
>  > @@ -60,9 +60,24 @@ BUSYBOX_KCONFIG_FRAGMENT_FILES = $(call qstrip,$(BR2_PACKAGE_BUSYBOX_CONFIG_FRAG
>  >  BUSYBOX_KCONFIG_EDITORS = menuconfig xconfig gconfig
>  >  BUSYBOX_KCONFIG_OPTS = $(BUSYBOX_MAKE_OPTS)
>  
>  > +ifeq ($(BR2_PACKAGE_BUSYBOX_INDIVIDUAL_BINARIES),y)
>  > +BUSYBOX_PERMISSIONS_FILE = $(@D)/busybox.permissions
> 
> Careful, what does $(@D) refer to here? When it is used here in the file
> it is output/build/busybox-*, but when it is expanded in fs/common.mk it
> refers to output/images:
> 
> cat    /home/peko/source/buildroot/output-test/images/busybox.permissions   >> /home/peko/source/buildroot/output-test/build/_device_table.txt
> cat: /home/peko/source/buildroot/output-test/images/busybox.permissions: No such file or directory
> 
> 
> > +define BUSYBOX_GEN_PERMISSIONS
>  > +	for app in `grep -r -e "APPLET.*BB_SUID_REQUIRE\|APPLET.*BB_SUID_MAYBE" $(@D)/include/applets.h \
>  > +		| sed -e 's/,.*//' -e 's/.*(//'`; \
>  > +	do \
>  > +		temp=`grep -w $${app} $(@D)/busybox.links`; \
>  > +		if [ -n "$${temp}" ]; then \
>  > +			echo "$${temp} f 4755 0  0 - - - - -"
> 
> You forgot to append ; \ so it doesn't actually work.

No, it does not. Again, as I said in the cover-letter and in this commit
log, it is just a very early smnapshot of the directions we'd have to
follow to allow packages to provide non-constant (i.e. generated)
permissions, and how relatively easy it would be.

If we ever want to do it, of course.

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

More information about the buildroot mailing list