| Message ID | 20260630151704.2896341-2-alex.kiernan@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | dhcpcd: Add PACKAGECONFIG for seccomp | expand |
Does this need libseccomp dependency too ? On Tue, Jun 30, 2026, 8:17 AM Alex Kiernan via lists.openembedded.org <alex.kiernan=gmail.com@lists.openembedded.org> wrote: > Pass --enable/disable-seccomp to the build based on DISTRO_FEATURES. > > Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> > --- > meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb > b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb > index 6ebfc195323d..58865e108d24 100644 > --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb > +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb > @@ -24,10 +24,11 @@ inherit pkgconfig autotools-brokensep systemd useradd > > SYSTEMD_SERVICE:${PN} = "dhcpcd.service" > > -PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" > +PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 > seccomp', d)}" > > PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev" > PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" > +PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp" > # ntp conflicts with chrony > PACKAGECONFIG[ntp] = "--with-hook=ntp, , ,ntp" > PACKAGECONFIG[chrony] = "--with-hook=ntp, , ,chrony" > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#239905): > https://lists.openembedded.org/g/openembedded-core/message/239905 > Mute This Topic: https://lists.openembedded.org/mt/120048679/1997914 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
Oddly no... it's hand coded (and defaults on): https://github.com/NetworkConfiguration/dhcpcd/blob/8b312918d8f1885d7fe8fcc03a7e06ae8a0314b4/src/privsep-linux.c#L127 Possibly even more oddly, I actually wanted this option because I'm stuck with a legacy vendor kernel which doesn't have seccomp and I was trying to deal with all the noise that a sensible userland generates! The next job is to get rid of the legacy kernel, but one thing at a time. On Tue, Jun 30, 2026 at 5:11 PM Khem Raj <raj.khem@gmail.com> wrote: > > Does this need libseccomp dependency too ? > > On Tue, Jun 30, 2026, 8:17 AM Alex Kiernan via lists.openembedded.org <alex.kiernan=gmail.com@lists.openembedded.org> wrote: >> >> Pass --enable/disable-seccomp to the build based on DISTRO_FEATURES. >> >> Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> >> --- >> meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb | 3 ++- >> 1 file changed, 2 insertions(+), 1 deletion(-) >> >> diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb >> index 6ebfc195323d..58865e108d24 100644 >> --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb >> +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb >> @@ -24,10 +24,11 @@ inherit pkgconfig autotools-brokensep systemd useradd >> >> SYSTEMD_SERVICE:${PN} = "dhcpcd.service" >> >> -PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" >> +PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 seccomp', d)}" >> >> PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev" >> PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" >> +PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp" >> # ntp conflicts with chrony >> PACKAGECONFIG[ntp] = "--with-hook=ntp, , ,ntp" >> PACKAGECONFIG[chrony] = "--with-hook=ntp, , ,chrony" >> >> -=-=-=-=-=-=-=-=-=-=-=- >> Links: You receive all messages sent to this group. >> View/Reply Online (#239905): https://lists.openembedded.org/g/openembedded-core/message/239905 >> Mute This Topic: https://lists.openembedded.org/mt/120048679/1997914 >> Group Owner: openembedded-core+owner@lists.openembedded.org >> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [raj.khem@gmail.com] >> -=-=-=-=-=-=-=-=-=-=-=- >>
diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb index 6ebfc195323d..58865e108d24 100644 --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb @@ -24,10 +24,11 @@ inherit pkgconfig autotools-brokensep systemd useradd SYSTEMD_SERVICE:${PN} = "dhcpcd.service" -PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" +PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 seccomp', d)}" PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" +PACKAGECONFIG[seccomp] = "--enable-seccomp,--disable-seccomp" # ntp conflicts with chrony PACKAGECONFIG[ntp] = "--with-hook=ntp, , ,ntp" PACKAGECONFIG[chrony] = "--with-hook=ntp, , ,chrony"
Pass --enable/disable-seccomp to the build based on DISTRO_FEATURES. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> --- meta/recipes-connectivity/dhcpcd/dhcpcd_10.3.2.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)