From: Daan De Meyer Date: Wed, 24 May 2023 13:32:17 +0000 (+0200) Subject: meson: Create credstore directories X-Git-Tag: v254-rc1~379 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=24039e1207c169b18adf5234ad300ea3ba1b671e;p=thirdparty%2Fsystemd.git meson: Create credstore directories Let's make the creds directories a bit more discoverable and make it easier for users to use them. This also allows us to fix the mode to 0700 for /etc instead of the usual 0755 which is what probably would happen if users had to create this directory themselves. --- diff --git a/meson.build b/meson.build index 496ca70ecc5..97622b6d973 100644 --- a/meson.build +++ b/meson.build @@ -208,6 +208,7 @@ catalogstatedir = systemdstatedir / 'catalog' randomseeddir = localstatedir / 'lib/systemd' profiledir = rootlibexecdir / 'portable' / 'profile' ntpservicelistdir = rootprefixdir / 'lib/systemd/ntp-units.d' +credstoredir = prefixdir / 'lib/credstore' docdir = get_option('docdir') if docdir == '' @@ -709,6 +710,7 @@ find = find_program('find') meson_make_symlink = project_source_root + '/tools/meson-make-symlink.sh' mkdir_p = 'mkdir -p $DESTDIR/@0@' +mkdir_p_mode = 'mkdir -p $DESTDIR/@0@ -m @1@' # If -Dxxx-path option is found, use that. Otherwise, check in $PATH, # /usr/sbin, /sbin, and fall back to the default from middle column. @@ -3844,6 +3846,14 @@ public_programs += executable( install : true, install_dir : rootbindir) +# Protecting files from the distro in /usr doesn't make sense since they can be trivially accessed otherwise, +# so don't restrict the access mode in /usr. That doesn't apply to /etc, so we do restrict the access mode +# there. +meson.add_install_script('sh', '-c', mkdir_p.format(credstoredir)) +if install_sysconfdir + meson.add_install_script('sh', '-c', mkdir_p_mode.format(sysconfdir / 'credstore', '0700')) +endif + executable( 'systemd-volatile-root', 'src/volatile-root/volatile-root.c',