From patchwork Mon Aug  9 05:55:57 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Jos=C3=A9_Pekkarinen?=
 <jose.pekkarinen@unikie.com>
X-Patchwork-Id: 1514924
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=140.211.166.138; helo=smtp1.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=unikie-com.20150623.gappssmtp.com
 header.i=@unikie-com.20150623.gappssmtp.com header.a=rsa-sha256
 header.s=20150623 header.b=vaKS/TkJ;
	dkim-atps=neutral
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4Gjlgs2THDz9sWS
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Mon,  9 Aug 2021 15:56:09 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp1.osuosl.org (Postfix) with ESMTP id 9D57E82A7F;
	Mon,  9 Aug 2021 05:56:06 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
	by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id zPAalfrkRZeV; Mon,  9 Aug 2021 05:56:05 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp1.osuosl.org (Postfix) with ESMTP id C146482A4E;
	Mon,  9 Aug 2021 05:56:04 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136])
 by ash.osuosl.org (Postfix) with ESMTP id 842C11BF39A
 for <buildroot@lists.busybox.net>; Mon,  9 Aug 2021 05:56:02 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp3.osuosl.org (Postfix) with ESMTP id 73FD9606A6
 for <buildroot@lists.busybox.net>; Mon,  9 Aug 2021 05:56:02 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Authentication-Results: smtp3.osuosl.org (amavisd-new);
 dkim=pass (2048-bit key) header.d=unikie-com.20150623.gappssmtp.com
Received: from smtp3.osuosl.org ([127.0.0.1])
 by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id LA1agnwgDYsR for <buildroot@lists.busybox.net>;
 Mon,  9 Aug 2021 05:56:01 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com
 [IPv6:2a00:1450:4864:20::132])
 by smtp3.osuosl.org (Postfix) with ESMTPS id 8E2306068B
 for <buildroot@buildroot.org>; Mon,  9 Aug 2021 05:56:01 +0000 (UTC)
Received: by mail-lf1-x132.google.com with SMTP id x27so8883310lfu.5
 for <buildroot@buildroot.org>; Sun, 08 Aug 2021 22:56:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=unikie-com.20150623.gappssmtp.com; s=20150623;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=eo74NSEjhcEz4XnjSqZGtpC9YOaBJG5luYZGeXmHlMc=;
 b=vaKS/TkJ5Ts3KSgYr6uK0RLVrj62bX2+XKqlqzvJpKmIDfeZk1u0fVxBC5/Mr6FkQN
 zusaP057OmaPEgi/zFyU0htrWAb4U4wFihdxaFvqUflytlTHFL1w0mXQjGW4oOxV4eC5
 VCubtcX0pQB7N5Mujz5xEZsHKlyGrCu4VXZYeuQDs8lpYiTHozKq38GQlSQocPI5mG/4
 qMuDjoPRFJMjWvLAFKobpoddRJToFhOViOlJXQC1YmsBt2Kvk6W9LjmdbdDjSZXduyj/
 ASs3updRVWFHgDGBdPLIVaCBtS0t++Xj8eMmlBtmOhw1ZC3y2iE9eEnAnRVqNlv0zaYT
 ZBBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=eo74NSEjhcEz4XnjSqZGtpC9YOaBJG5luYZGeXmHlMc=;
 b=mVqwOTwSEbtzWUvHoO7lBdFjoRbjUmPw+Pe/i+M7RdzUbG26pcZPg6p/Egq2SRJiRh
 pxnWNPYkZ9Z/VzIbiUkuy4fLJ8EkQ7H67qvmAUd5xLU6rSZJl6Bx4/Y2NoesutqGxPag
 Thmxb43EgyoNzA+339LB06Xg+wh4pQeSMvlPvqaRds8FeXNVoE64UQ5UIDPDKiyI4QG4
 wHOCL2lLFHI0GjzyXc8TjUP+mBEugejckYOPKCVsldjb6/yAZzvDZR9Jx0dz1baAG6ul
 PJVsvdGKLOvUhcWcfGsfWyqLFIBdCicFjlMMntIkPYxQmCJVn+Y0lzKgIQckeIJueRN0
 WAKg==
X-Gm-Message-State: AOAM530v7gb3MlWdYQ+dSUDs9OeEdtPY19elmYrBwVfYQdakOtNLHTt+
 QKl0Jdc155f6lOv+LdJY7DDDfuN+biqqz5bh
X-Google-Smtp-Source: 
 ABdhPJyAxNwoif5vksJexAoQQLzUqHm36iw3LHGpEuxgbvhKnL+T+TUXrsGd/MQkqmx50eYNLQOHsw==
X-Received: by 2002:a19:c350:: with SMTP id
 t77mr15836397lff.142.1628488559283;
 Sun, 08 Aug 2021 22:55:59 -0700 (PDT)
Received: from Unikie-T14-Gen-2i.madriguera.foxhound.fi
 (88-113-104-240.elisa-laajakaista.fi. [88.113.104.240])
 by smtp.googlemail.com with ESMTPSA id n12sm1481484ljq.35.2021.08.08.22.55.58
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 08 Aug 2021 22:55:58 -0700 (PDT)
From: =?utf-8?q?Jos=C3=A9_Pekkarinen?= <jose.pekkarinen@unikie.com>
To: buildroot@buildroot.org
Date: Mon,  9 Aug 2021 08:55:57 +0300
Message-Id: <20210809055557.8698-1-jose.pekkarinen@unikie.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] package/restorecond: Add new init script
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: =?utf-8?q?Jos=C3=A9_Pekkarinen?= <jose.pekkarinen@unikie.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

The current restorecond upstream init script is no
good fit for the user space generated by buildroot,
this script is an extension of the original, that
brings some changes from the debian init script to
use start-stop-daemon instead of daemon, while
removing dependencies on /etc/rc.d/init.d/functions
and /lib/lsb/init-functions.

Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
---
 package/restorecond/S02restorecond | 113 +++++++++++++++++++++++++++++
 package/restorecond/restorecond.mk |   4 +-
 2 files changed, 115 insertions(+), 2 deletions(-)
 create mode 100644 package/restorecond/S02restorecond

diff --git a/package/restorecond/S02restorecond b/package/restorecond/S02restorecond
new file mode 100644
index 0000000000..24ee30853f
--- /dev/null
+++ b/package/restorecond/S02restorecond
@@ -0,0 +1,113 @@
+#!/bin/sh
+#
+# restorecond:		Daemon used to maintain path file context
+#
+# chkconfig:	- 12 87
+# description:	restorecond uses inotify to look for creation of new files \
+# listed in the /etc/selinux/restorecond.conf file, and restores the \
+# correct security context.
+#
+# processname: /usr/sbin/restorecond
+# config: /etc/selinux/restorecond.conf
+# pidfile: /run/restorecond.pid
+#
+# Return values according to LSB for all commands but status:
+# 0 - success
+# 1 - generic or unspecified error
+# 2 - invalid or excess argument(s)
+# 3 - unimplemented feature (e.g. "reload")
+# 4 - insufficient privilege
+# 5 - program is not installed
+# 6 - program is not configured
+# 7 - program is not running
+
+PATH=/sbin:/bin:/usr/bin:/usr/sbin
+DESC="SELinux file context maintaining daemon"
+NAME=restorecond
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS=""
+PIDFILE=/var/run/$NAME.pid
+LOCKFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 7
+
+# Check that we are root ... so non-root users stop here
+test $EUID = 0  || exit 4
+
+test -x /usr/sbin/restorecond  || exit 5
+test -f /etc/selinux/restorecond.conf  || exit 6
+
+RETVAL=0
+
+start()
+{
+	# Return
+	#   0 if daemon has been started
+	#   1 if daemon was already running
+	#   2 if daemon could not be started
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+		|| return 1
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+		$DAEMON_ARGS \
+		|| return 2
+	touch $LOCKFILE
+	return "$RETVAL"
+}
+
+stop()
+{
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+	RETVAL="$?"
+	[ "$RETVAL" = 2 ] && return 2
+
+	rm -f $PIDFILE
+	rm -f $LOCKFILE
+	return "$RETVAL"
+}
+
+restart()
+{
+    stop
+    start
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	echo -n $"Starting restorecond: "
+	start
+    case "$?" in
+        0|1) echo "Ok!" ;;
+        2) echo "Failed" ;;
+    esac
+	;;
+  stop)
+	echo -n $"Shutting down restorecond: "
+	stop
+    case "$?" in
+        0|1) echo "Ok!" ;;
+        2) echo "Failed" ;;
+    esac
+	;;
+  status)
+	status restorecond
+	RETVAL=$?
+	;;
+  force-reload|restart|reload)
+	restart
+	;;
+  condrestart)
+	[ -e /var/lock/subsys/restorecond ] && restart || :
+	;;
+  *)
+        echo $"Usage: $0 {start|stop|restart|force-reload|status|condrestart}"
+        RETVAL=3
+esac
+
+exit $RETVAL
diff --git a/package/restorecond/restorecond.mk b/package/restorecond/restorecond.mk
index 7ab7e978dd..3c6fb57ea6 100644
--- a/package/restorecond/restorecond.mk
+++ b/package/restorecond/restorecond.mk
@@ -27,8 +27,8 @@ define RESTORECOND_BUILD_CMDS
 endef
 
 define RESTORECOND_INSTALL_INIT_SYSV
-	$(INSTALL) -m 0755 -D $(@D)/restorecond.init \
-		$(TARGET_DIR)/etc/init.d/S20restorecond
+	$(INSTALL) -m 0755 -D package/restorecond/S02restorecond \
+		$(TARGET_DIR)/etc/init.d/S02restorecond
 endef
 
 define RESTORECOND_INSTALL_INIT_SYSTEMD