diff options
-rw-r--r-- | package/utils/busybox/Makefile | 5 | ||||
-rwxr-xr-x | package/utils/busybox/files/ntpd-hotplug | 12 | ||||
-rw-r--r-- | package/utils/busybox/files/ntpd_acl.json | 8 | ||||
-rwxr-xr-x | package/utils/busybox/files/sysntpd | 7 |
4 files changed, 28 insertions, 4 deletions
diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile index e62cef0713..366a767e88 100644 --- a/package/utils/busybox/Makefile +++ b/package/utils/busybox/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=busybox PKG_VERSION:=1.31.1 -PKG_RELEASE:=8 +PKG_RELEASE:=9 PKG_FLAGS:=essential PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 @@ -145,8 +145,9 @@ endif ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_NTPD),) $(INSTALL_BIN) ./files/sysntpd $(1)/etc/init.d/sysntpd $(INSTALL_BIN) ./files/ntpd-hotplug $(1)/usr/sbin/ntpd-hotplug - $(INSTALL_DIR) $(1)/etc/capabilities/ + $(INSTALL_DIR) $(1)/etc/capabilities $(1)/usr/share/acl.d $(INSTALL_DATA) ./files/ntpd.capabilities $(1)/etc/capabilities/ntpd.json + $(INSTALL_DATA) ./files/ntpd_acl.json $(1)/usr/share/acl.d/ntpd.json endif -rm -rf $(1)/lib64 endef diff --git a/package/utils/busybox/files/ntpd-hotplug b/package/utils/busybox/files/ntpd-hotplug index 8d6d609166..f09f5bbb7f 100755 --- a/package/utils/busybox/files/ntpd-hotplug +++ b/package/utils/busybox/files/ntpd-hotplug @@ -1,2 +1,12 @@ #!/bin/sh -ACTION="$1" /sbin/hotplug-call ntp + +. /usr/share/libubox/jshn.sh + +addenv="$( env | while read line; do echo "json_add_string \"\" \"$line\";"; done )" +json_init +json_add_array env +json_add_string "" "ACTION=$1" +eval "$addenv" +json_close_array env + +ubus call hotplug.ntp call "$(json_dump)" diff --git a/package/utils/busybox/files/ntpd_acl.json b/package/utils/busybox/files/ntpd_acl.json new file mode 100644 index 0000000000..991793db36 --- /dev/null +++ b/package/utils/busybox/files/ntpd_acl.json @@ -0,0 +1,8 @@ +{ + "user": "ntp", + "access": { + "hotplug.ntp": { + "methods": [ "call" ] + } + } +} diff --git a/package/utils/busybox/files/sysntpd b/package/utils/busybox/files/sysntpd index 19571a2306..e4a070762f 100755 --- a/package/utils/busybox/files/sysntpd +++ b/package/utils/busybox/files/sysntpd @@ -56,7 +56,12 @@ start_ntpd_instance() { done procd_set_param respawn [ -x /sbin/ujail -a -e /etc/capabilities/ntpd.json ] && { - procd_add_jail ntpd + procd_add_jail ntpd ubus + procd_add_jail_mount "$HOTPLUG_SCRIPT" + procd_add_jail_mount "/usr/share/libubox/jshn.sh" + procd_add_jail_mount "/usr/bin/env" + procd_add_jail_mount "/usr/bin/jshn" + procd_add_jail_mount "/bin/ubus" procd_set_param capabilities /etc/capabilities/ntpd.json procd_set_param user ntp procd_set_param group ntp |