Re: [OE-core] [PATCH] shadow: Split securetty into a separate recipe

Wed, 25 Jan 2012 06:06:48 -0800 

On Tue, Jan 24, 2012 at 05:10:23PM +0000, Richard Purdie wrote:
> The securetty file is machine specific whilst the rest of the shadow recipe
> is not. Unfortunately making the recipce machine specific is both inefficient
> and also causes dependency problems since parts of the system such as the 
> useradd
> code depend upon it and this introduces a machine specific element to sstate
> checksums which should not be machine specific.
> 
> To resolve this, this patch separates out the file into a separate recipe
> meaning the machine specific components are isolated.
> 
> Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>

Acked-by: Martin Jansa <martin.ja...@gmail.com>

> ---
> diff --git a/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb 
> b/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb
> new file mode 100644
> index 0000000..e391d24
> --- a/dev/null
> +++ b/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb
> @@ -0,0 +1,29 @@
> +SUMMARY = "Provider of the machine specific securetty file"
> +DESCRIPTION = "Provider of the machine specific securetty file"
> +SECTION = "base utils"
> +LICENSE = "MIT"
> +LIC_FILES_CHKSUM = 
> "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
> +
> +INHIBIT_DEFAULT_DEPS = "1"
> +
> +SRC_URI = "file://securetty"
> +
> +# Since we deduce our arch from ${SERIAL_CONSOLE}
> +PACKAGE_ARCH = "${MACHINE_ARCH}"
> +
> +do_install () {
> +     # Ensure we add a suitable securetty file to the package that has
> +     # most common embedded TTYs defined.
> +     if [ ! -z "${SERIAL_CONSOLE}" ]; then
> +             # Our SERIAL_CONSOLE contains a baud rate and sometimes a -L
> +             # option as well. The following pearl :) takes that and converts
> +             # it into newline-separated tty's and appends them into
> +             # securetty. So if a machine has a weird looking console device
> +             # node (e.g. ttyAMA0) that securetty does not know, it will get
> +             # appended to securetty and root logins will be allowed on that
> +             # console.
> +             echo "${SERIAL_CONSOLE}" | sed -e 's/[0-9][0-9]\|\-L//g'|tr "[ 
> ]" "[\n]"  >> ${WORKDIR}/securetty
> +     fi
> +     install -d ${D}${sysconfdir}
> +     install -m 0400 ${WORKDIR}/securetty ${D}${sysconfdir}/securetty 
> +}
> diff --git a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb 
> b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
> index dddac2c..a69eb7c 100644
> --- a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
> +++ b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
> @@ -8,13 +8,12 @@ LIC_FILES_CHKSUM = 
> "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
>                      
> file://src/passwd.c;firstline=8;endline=30;md5=2899a045e90511d0e043b85a7db7e2fe"
>  
>  DEPENDS = "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
> -RDEPENDS_${PN} = "${@base_contains('DISTRO_FEATURES', 'pam', 
> '${PAM_PLUGINS}', '', d)}"
> -PR = "r6"
> +RDEPENDS_${PN} = "shadow-securetty ${@base_contains('DISTRO_FEATURES', 
> 'pam', '${PAM_PLUGINS}', '', d)}"
> +PR = "r7"
>  
>  SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/${BPN}-${PV}.tar.bz2 
> \
>             file://login_defs_pam.sed \
>             ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', 
> d)} \
> -           file://securetty \
>             file://shadow.automake-1.11.patch \
>             file://shadow-4.1.3-dots-in-usernames.patch \
>             file://shadow-4.1.4.2-env-reset-keep-locale.patch \
> @@ -27,9 +26,6 @@ SRC_URI[sha256sum] = 
> "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9
>  
>  inherit autotools gettext
>  
> -# Since we deduce our arch from ${SERIAL_CONSOLE}
> -PACKAGE_ARCH = "${MACHINE_ARCH}"
> -
>  EXTRA_OECONF += "--without-audit \
>                   --without-libcrack \
>                   ${@base_contains('DISTRO_FEATURES', 'pam', '--with-libpam', 
> '--without-libpam', d)} \
> @@ -101,20 +97,6 @@ do_install_append() {
>       # lead rpm failed dependencies.
>       ln -sf vipw.${PN} ${D}${base_sbindir}/vigr.${PN}
>       ln -sf newgrp.${PN} ${D}${bindir}/sg
> -
> -     # Ensure we add a suitable securetty file to the package that has
> -     # most common embedded TTYs defined.
> -     if [ ! -z "${SERIAL_CONSOLE}" ]; then
> -             # Our SERIAL_CONSOLE contains a baud rate and sometimes a -L
> -             # option as well. The following pearl :) takes that and converts
> -             # it into newline-separated tty's and appends them into
> -             # securetty. So if a machine has a weird looking console device
> -             # node (e.g. ttyAMA0) that securetty does not know, it will get
> -             # appended to securetty and root logins will be allowed on that
> -             # console.
> -             echo "${SERIAL_CONSOLE}" | sed -e 's/[0-9][0-9]\|\-L//g'|tr "[ 
> ]" "[\n]"  >> ${WORKDIR}/securetty
> -     fi
> -     install -m 0400 ${WORKDIR}/securetty ${D}${sysconfdir}/securetty 
>  }
>  
>  pkg_postinst_${PN} () {
> 
> 
> 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core

-- 
Martin 'JaMa' Jansa     jabber: martin.ja...@gmail.com

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core

Reply via email to