diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2012-06-05 18:02:00 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2012-06-05 18:02:00 +0000 |
commit | 15c52a84fba09deed2cdcbbe54d448eb222c0c6a (patch) | |
tree | 4cf4bc5f8db1f76c8acb427be26060712f05fd28 | |
parent | 8ac33e5cdf0f7fece847d7912adb46889b0bb713 (diff) | |
download | master-187ad058-15c52a84fba09deed2cdcbbe54d448eb222c0c6a.tar.gz master-187ad058-15c52a84fba09deed2cdcbbe54d448eb222c0c6a.tar.bz2 master-187ad058-15c52a84fba09deed2cdcbbe54d448eb222c0c6a.zip |
[package] base-files: add permission exceptions, do not clobber shadow permissions - based on patch by Mark Mentovai <mark@moxienet.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@32073 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r-- | include/image.mk | 2 | ||||
-rw-r--r-- | package/base-files/Makefile | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/include/image.mk b/include/image.mk index 473e391ae4..b0d6dfae61 100644 --- a/include/image.mk +++ b/include/image.mk @@ -142,7 +142,7 @@ endif define Image/mkfs/prepare/default # Use symbolic permissions to avoid clobbering SUID/SGID/sticky bits - - $(FIND) $(TARGET_DIR) -type f -not -perm +0100 -not -name 'ssh_host*' -print0 | $(XARGS) -0 chmod u+rw,g+r,o+r + - $(FIND) $(TARGET_DIR) -type f -not -perm +0100 -not -name 'ssh_host*' -not -name 'shadow' -print0 | $(XARGS) -0 chmod u+rw,g+r,o+r - $(FIND) $(TARGET_DIR) -type f -perm +0100 -print0 | $(XARGS) -0 chmod u+rwx,g+rx,o+rx - $(FIND) $(TARGET_DIR) -type d -print0 | $(XARGS) -0 chmod u+rwx,g+rx,o+rx $(INSTALL_DIR) $(TARGET_DIR)/tmp diff --git a/package/base-files/Makefile b/package/base-files/Makefile index 68c8e0233b..88167b788b 100644 --- a/package/base-files/Makefile +++ b/package/base-files/Makefile @@ -470,6 +470,10 @@ define Package/base-files/install ln -sf /tmp $(1)/var mkdir -p $(1)/etc ln -sf /tmp/resolv.conf /tmp/fstab /tmp/TZ $(1)/etc/ + + chmod 0600 $(1)/etc/shadow + chmod 1777 $(1)/tmp + $(call ImageConfigOptions,$(1)) $(call Package/base-files/install-target,$(1)) for conffile in $(1)/etc/config/*; do \ |