diff options
author | Jackie Huang <jackie.huang@windriver.com> | 2014-03-04 18:07:57 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-03-07 14:58:45 +0000 |
commit | fa7d335f2282234f10310318b01f1c4fd02af3d9 (patch) | |
tree | c1f8947215e9492e83a8908af02762055142e163 | |
parent | 370717d32821d0c6d82901e6b4de7cdbba20bbaf (diff) | |
download | ast2050-yocto-poky-fa7d335f2282234f10310318b01f1c4fd02af3d9.zip ast2050-yocto-poky-fa7d335f2282234f10310318b01f1c4fd02af3d9.tar.gz |
rpcbind: add rpc user and run rpcbind daemon with rpc user
For security policy, change to run rpcbind daemon with rpc user
just like Redhat does, so set the --with-rpcuser to rpc and add rpc user.
(From OE-Core rev: 52f7a1b403eabc52ca104f752484ec1572f2d9dd)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb b/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb index d9eb1a2..23219e0 100644 --- a/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb +++ b/meta/recipes-extended/rpcbind/rpcbind_0.2.1.bb @@ -37,7 +37,13 @@ INITSCRIPT_PARAMS = "start 12 2 3 4 5 . stop 60 0 1 6 ." SYSTEMD_SERVICE_${PN} = "rpcbind.service" SYSTEMD_AUTO_ENABLE = "disable" -EXTRA_OECONF += " --enable-warmstarts " +inherit useradd + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM_${PN} = "--system --no-create-home \ + --shell /bin/false --user-group rpc" + +EXTRA_OECONF += " --enable-warmstarts --with-rpcuser=rpc" do_install_append () { mv ${D}${bindir} ${D}${sbindir} |