projects / platform / upstream / glibc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 174295f)
Smack: add the execute lable to ldconfig 52/44952/1 accepted/tizen_mobile accepted/tizen_tv accepted/tizen_wearable tizen tizen_3.0.m1_mobile tizen_3.0.m1_tv tizen_base_old accepted/tizen/base/20151223.052356 accepted/tizen/mobile/20150731.102545 accepted/tizen/tv/20150731.102730 accepted/tizen/wearable/20150731.102850 submit/tizen/20150730.054848 submit/tizen_base/20151223.111111 submit/tizen_base/20151223.111112 submit/tizen_common/20151015.190624 submit/tizen_common/20151019.135620 submit/tizen_common/20151023.083358 submit/tizen_common/20151026.085049 tizen_3.0.m1_mobile_release tizen_3.0.m1_tv_release tizen_3.0.m2.a1_mobile_release tizen_3.0.m2.a1_tv_release
authorSangjung Woo <sangjung.woo@samsung.com>
Thu, 30 Jul 2015 05:25:17 +0000 (14:25 +0900)
committerSangjung Woo <sangjung.woo@samsung.com>
Thu, 30 Jul 2015 05:25:17 +0000 (14:25 +0900)
Since Tizen platform use the 3-domain Smack, even the init process (i.e.
systemd) has the specific Smack label called 'system'. When init updates
the ld.so.cache file, ld.so.cache file is labeled as 'system' because
ldconfig is executed by the init. However, app application need to
access that cache file to map the shared object but it doesn't. This
patch adds the execute label as "_" to ldconfig so that all files
created by ldconfig have the "_" label.

Change-Id: Ib58d26e1409f83685c5f4877bdf11696b26e7ca3
Signed-off-by: Sangjung Woo <sangjung.woo@samsung.com>
packaging/glibc.manifest patch | blob | history

diff --git a/packaging/glibc.manifest b/packaging/glibc.manifest
index 017d22d..14b2780 100644 (file)
--- a/packaging/glibc.manifest
+++ b/packaging/glibc.manifest
@@ -2,4 +2,7 @@
  <request>
     <domain name="_"/>
  </request>
+ <assign>
+    <filesystem path="/sbin/ldconfig" exec_label="_" />
+ </assign>
 </manifest>
Domain: System / Toolchain;