diff mbox series

[meta-networking] chrony: Ensure /var/lib/chrony belongs to correct user/group

Message ID GVXPR01MB10499B15E6F189486ADB3D348A896A@GVXPR01MB10499.eurprd01.prod.exchangelabs.com
State New
Headers show
Series [meta-networking] chrony: Ensure /var/lib/chrony belongs to correct user/group | expand

Commit Message

Schulz, Andreas - Enabler & Imaging Software Jan. 21, 2026, 1:39 p.m. UTC 
Signed-off-by: Andreas Schulz <andreas.schulz2@karlstorz.com>
---
 .../recipes-support/chrony/chrony_4.8.bb            | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/meta-networking/recipes-support/chrony/chrony_4.8.bb b/meta-networking/recipes-support/chrony/chrony_4.8.bb
index f50576c272..a7fc73e081 100644
--- a/meta-networking/recipes-support/chrony/chrony_4.8.bb
+++ b/meta-networking/recipes-support/chrony/chrony_4.8.bb
@@ -48,6 +48,7 @@  inherit update-rc.d systemd pkgconfig
 inherit_defer ${@bb.utils.contains('PACKAGECONFIG', 'privdrop', 'useradd', '', d)}
 USERADD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '${PN}', '', d)}"
 USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--system -d / -M --shell /sbin/nologin chronyd;', '', d)}"
+GROUPADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--system chronyd', '', d)}"
 
 # Configuration options:
 # - Security-related:
@@ -113,10 +114,18 @@  do_install() {
 
     if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
         install -d ${D}${sysconfdir}/tmpfiles.d
-        echo "d /var/lib/chrony 0755 root root -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf
+        if ${@bb.utils.contains('PACKAGECONFIG', 'privdrop', 'true', 'false', d)}; then
+            echo "d /var/lib/chrony 0755 chronyd chronyd -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf
+        else
+            echo "d /var/lib/chrony 0755 root root -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf
+        fi
     else
         install -d ${D}${sysconfdir}/default/volatiles
-        echo "d root root 0755 /var/lib/chrony none" > "${D}${sysconfdir}/default/volatiles/00_runtime_chrony_dirs"
+        if ${@bb.utils.contains('PACKAGECONFIG', 'privdrop', 'true', 'false', d)}; then
+            echo "d chronyd chronyd 0755 /var/lib/chrony none" > "${D}${sysconfdir}/default/volatiles/00_runtime_chrony_dirs"
+        else
+            echo "d root root 0755 /var/lib/chrony none" > "${D}${sysconfdir}/default/volatiles/00_runtime_chrony_dirs"
+        fi
     fi
 
 }