Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-22 14:49:24 +01:00
Code Releases Activity

build: Fix issue with incorrect ReadWritePaths in unit files

Browse Source
This commit is contained in:
Marcel Holtmann 2019-08-03 09:52:28 +02:00
parent a8faa23de6
commit 16c489490c
4 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile.am
View File

@ -568,8 +568,10 @@ ell/ell.h: Makefile
echo "#include <$$f>" >> $@ ; \ echo "#include <$$f>" >> $@ ; \
done done
SED_PROCESS = $(AM_V_GEN)$(MKDIR_P) $(dir $@) && \ SED_PROCESS = $(AM_V_GEN)$(MKDIR_P) $(dir $@) && $(SED) \
$(SED) -e 's,@libexecdir\@,$(libexecdir),g' \ -e 's,@libexecdir\@,$(libexecdir),g' \
-e 's,@daemon_storagedir\@,$(daemon_storagedir),g' \
-e 's,@wired_storagedir\@,$(wired_storagedir),g' \
< $< > $@ < $< > $@
%.service: %.service.in Makefile %.service: %.service.in Makefile

3
configure.ac
View File

@ -116,6 +116,9 @@ else
wired_storagedir="${localstatedir}/lib/ead" wired_storagedir="${localstatedir}/lib/ead"
fi fi
AC_SUBST([daemon_storagedir], [${daemon_storagedir}])
AC_SUBST([wired_storagedir], [${wired_storagedir}])
AC_DEFINE_UNQUOTED(DAEMON_STORAGEDIR, "${daemon_storagedir}", AC_DEFINE_UNQUOTED(DAEMON_STORAGEDIR, "${daemon_storagedir}",
[Directory for Wireless daemon storage files]) [Directory for Wireless daemon storage files])
AC_DEFINE_UNQUOTED(DAEMON_CONFIGDIR, "/etc/iwd", AC_DEFINE_UNQUOTED(DAEMON_CONFIGDIR, "/etc/iwd",

2
src/iwd.service.in
View File

@ -15,7 +15,7 @@ DevicePolicy=closed
DeviceAllow=/dev/rfkill rw DeviceAllow=/dev/rfkill rw
ProtectHome=yes ProtectHome=yes
ProtectSystem=strict ProtectSystem=strict
ReadWritePaths=/var/lib/iwd/ ReadWritePaths=@daemon_storagedir@
ProtectControlGroups=yes ProtectControlGroups=yes
ProtectKernelModules=yes ProtectKernelModules=yes

9
wired/ead.service.in
View File

@ -8,6 +8,15 @@ Type=dbus
BusName=net.connman.ead BusName=net.connman.ead
ExecStart=@libexecdir@/ead ExecStart=@libexecdir@/ead
LimitNPROC=1 LimitNPROC=1
Restart=on-failure
PrivateTmp=true
NoNewPrivileges=true
PrivateDevices=true
ProtectHome=yes
ProtectSystem=strict
ReadWritePaths=@wired_storagedir@
ProtectControlGroups=yes
ProtectKernelModules=yes
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target