From patchwork Tue Jul 27 12:07:11 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Jos=C3=A9_Pekkarinen?=
 <jose.pekkarinen@unikie.com>
X-Patchwork-Id: 1510479
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=140.211.166.138; helo=smtp1.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=unikie-com.20150623.gappssmtp.com
 header.i=@unikie-com.20150623.gappssmtp.com header.a=rsa-sha256
 header.s=20150623 header.b=eob6WnEZ;
	dkim-atps=neutral
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4GYwXK1QhHz9sWX
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Tue, 27 Jul 2021 22:07:28 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp1.osuosl.org (Postfix) with ESMTP id 5CBD382C3B;
	Tue, 27 Jul 2021 12:07:26 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
	by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id npZPjcQpunlY; Tue, 27 Jul 2021 12:07:23 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp1.osuosl.org (Postfix) with ESMTP id F082B83224;
	Tue, 27 Jul 2021 12:07:22 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
 by ash.osuosl.org (Postfix) with ESMTP id 9FB001BF42C
 for <buildroot@lists.busybox.net>; Tue, 27 Jul 2021 12:07:21 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp1.osuosl.org (Postfix) with ESMTP id 8BD7383224
 for <buildroot@lists.busybox.net>; Tue, 27 Jul 2021 12:07:21 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
 by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id nmlLRNHx-ZAd for <buildroot@lists.busybox.net>;
 Tue, 27 Jul 2021 12:07:17 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-lj1-x233.google.com (mail-lj1-x233.google.com
 [IPv6:2a00:1450:4864:20::233])
 by smtp1.osuosl.org (Postfix) with ESMTPS id 454B882C3B
 for <buildroot@busybox.net>; Tue, 27 Jul 2021 12:07:17 +0000 (UTC)
Received: by mail-lj1-x233.google.com with SMTP id f12so15620267ljn.1
 for <buildroot@busybox.net>; Tue, 27 Jul 2021 05:07:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=unikie-com.20150623.gappssmtp.com; s=20150623;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=eo74NSEjhcEz4XnjSqZGtpC9YOaBJG5luYZGeXmHlMc=;
 b=eob6WnEZJRUwd2zZogdGWjtC5CmEiyzBF3CToxPYeLVmVpz+YQD/vC7GCulKfkGjUS
 2rLOdT1xEC3+HBZIrO7j4nfcyqXLUJpLeVXEVB9yi2kHxN3syBuHceFi0WHYydMQL21g
 wDUzIuVsAFr0/O1P8EfVkgrTHwrpLm2+fFFxxVs9yN0YKZGZgddubfcYhqNk+p5IW2Vf
 CXIgH+IGbegKmrjdGIpxoJrBRvooGdWZUVyo2hD/PHAi4yD98VvBIyy8K5Ih81FzEgF0
 UVIy+UVlQoq4YG5Wzdu0uOcWkulgLmWqOK9q1pY6XU+gfAtAUbLKNiXPq/pZuz1ucm7T
 jfJQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=eo74NSEjhcEz4XnjSqZGtpC9YOaBJG5luYZGeXmHlMc=;
 b=JeYbEiArxK9GxciuSkm6q1ElqWk8tUJKhlgRyS2lY3IYgdrToH8N3FrmR/F/BeKiOL
 dh9gQqJTEtbDPk8f7fMrjXz6l3dpwJT6jhDIDVtobVYh0KBGMwquuQFIwiGmglfyuJ+8
 fZ68PfDFFSv1qh3Yy0yXRhm2duP3FFQmd+ilRDApnN4V+wjT+A5orVP9cCaG43YBaqOB
 iLM+1jpRElhZnyh3J2mqPgd/s6cBEUVIX6LXaxnqOq8/FgNuSKSFjyhH/mbJwMk7p7sX
 dhbPrE7gyezyHf+atM8M6NdiB3Dmz4zbug8Y9K0tKa+183XNt5JC4RMQu8DEwGe9VBmq
 UDYg==
X-Gm-Message-State: AOAM5304W7vni7nOuXhXeflQsoGowYNv/VYfGnEfg9EwbyyY9AMVgy7s
 iD1tmU7o5VonbxCxoU5tbqOKcBAY0fCp/De5
X-Google-Smtp-Source: 
 ABdhPJyBp3ffI4HSxreqXHKyqQNKaX8MExvfQzwyWkBp+a8VdThJUE66ApnsmqpuG1OE48vslGulqg==
X-Received: by 2002:a2e:9e8e:: with SMTP id
 f14mr15310232ljk.502.1627387634568;
 Tue, 27 Jul 2021 05:07:14 -0700 (PDT)
Received: from Unikie-T14-Gen-2i.madriguera.foxhound.fi
 (dd707cyhr0-9-n4qyc9ty-3.rev.dnainternet.fi.
 [2001:14ba:1efd:b100:cef7:fbf5:e1a0:1760])
 by smtp.googlemail.com with ESMTPSA id k16sm276942lfo.218.2021.07.27.05.07.14
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 27 Jul 2021 05:07:14 -0700 (PDT)
From: =?utf-8?q?Jos=C3=A9_Pekkarinen?= <jose.pekkarinen@unikie.com>
To: buildroot@busybox.net
Date: Tue, 27 Jul 2021 15:07:11 +0300
Message-Id: <20210727120711.4160529-1-jose.pekkarinen@unikie.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] package/restorecond: Add new init script
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: =?utf-8?q?Jos=C3=A9_Pekkarinen?= <jose.pekkarinen@unikie.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

The current restorecond upstream init script is no
good fit for the user space generated by buildroot,
this script is an extension of the original, that
brings some changes from the debian init script to
use start-stop-daemon instead of daemon, while
removing dependencies on /etc/rc.d/init.d/functions
and /lib/lsb/init-functions.

Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
---
 package/restorecond/S02restorecond | 113 +++++++++++++++++++++++++++++
 package/restorecond/restorecond.mk |   4 +-
 2 files changed, 115 insertions(+), 2 deletions(-)
 create mode 100644 package/restorecond/S02restorecond

diff --git a/package/restorecond/S02restorecond b/package/restorecond/S02restorecond
new file mode 100644
index 0000000000..24ee30853f
--- /dev/null
+++ b/package/restorecond/S02restorecond
@@ -0,0 +1,113 @@
+#!/bin/sh
+#
+# restorecond:		Daemon used to maintain path file context
+#
+# chkconfig:	- 12 87
+# description:	restorecond uses inotify to look for creation of new files \
+# listed in the /etc/selinux/restorecond.conf file, and restores the \
+# correct security context.
+#
+# processname: /usr/sbin/restorecond
+# config: /etc/selinux/restorecond.conf
+# pidfile: /run/restorecond.pid
+#
+# Return values according to LSB for all commands but status:
+# 0 - success
+# 1 - generic or unspecified error
+# 2 - invalid or excess argument(s)
+# 3 - unimplemented feature (e.g. "reload")
+# 4 - insufficient privilege
+# 5 - program is not installed
+# 6 - program is not configured
+# 7 - program is not running
+
+PATH=/sbin:/bin:/usr/bin:/usr/sbin
+DESC="SELinux file context maintaining daemon"
+NAME=restorecond
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS=""
+PIDFILE=/var/run/$NAME.pid
+LOCKFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 7
+
+# Check that we are root ... so non-root users stop here
+test $EUID = 0  || exit 4
+
+test -x /usr/sbin/restorecond  || exit 5
+test -f /etc/selinux/restorecond.conf  || exit 6
+
+RETVAL=0
+
+start()
+{
+	# Return
+	#   0 if daemon has been started
+	#   1 if daemon was already running
+	#   2 if daemon could not be started
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+		|| return 1
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+		$DAEMON_ARGS \
+		|| return 2
+	touch $LOCKFILE
+	return "$RETVAL"
+}
+
+stop()
+{
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+	RETVAL="$?"
+	[ "$RETVAL" = 2 ] && return 2
+
+	rm -f $PIDFILE
+	rm -f $LOCKFILE
+	return "$RETVAL"
+}
+
+restart()
+{
+    stop
+    start
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	echo -n $"Starting restorecond: "
+	start
+    case "$?" in
+        0|1) echo "Ok!" ;;
+        2) echo "Failed" ;;
+    esac
+	;;
+  stop)
+	echo -n $"Shutting down restorecond: "
+	stop
+    case "$?" in
+        0|1) echo "Ok!" ;;
+        2) echo "Failed" ;;
+    esac
+	;;
+  status)
+	status restorecond
+	RETVAL=$?
+	;;
+  force-reload|restart|reload)
+	restart
+	;;
+  condrestart)
+	[ -e /var/lock/subsys/restorecond ] && restart || :
+	;;
+  *)
+        echo $"Usage: $0 {start|stop|restart|force-reload|status|condrestart}"
+        RETVAL=3
+esac
+
+exit $RETVAL
diff --git a/package/restorecond/restorecond.mk b/package/restorecond/restorecond.mk
index 7ab7e978dd..3c6fb57ea6 100644
--- a/package/restorecond/restorecond.mk
+++ b/package/restorecond/restorecond.mk
@@ -27,8 +27,8 @@ define RESTORECOND_BUILD_CMDS
 endef
 
 define RESTORECOND_INSTALL_INIT_SYSV
-	$(INSTALL) -m 0755 -D $(@D)/restorecond.init \
-		$(TARGET_DIR)/etc/init.d/S20restorecond
+	$(INSTALL) -m 0755 -D package/restorecond/S02restorecond \
+		$(TARGET_DIR)/etc/init.d/S02restorecond
 endef
 
 define RESTORECOND_INSTALL_INIT_SYSTEMD