diff options
| author | Roshan Pius <rpius@chromium.org> | 2015-01-07 09:38:11 -0800 |
|---|---|---|
| committer | Aleksander Morgado <aleksander@aleksander.es> | 2015-01-09 13:13:31 +0100 |
| commit | 8ddd37c2ac674b65fe3e223c61c5a100646abbc2 (patch) | |
| tree | d98bae46a731baa6b5afbaf0cd0ad42eef764c4e /configure.ac | |
| parent | 4c4b16d3f94940c2b631e7d614b0fe71083b8450 (diff) | |
libqmi-glib,utils: avoid getpwnam() call if --enable-qmi-username not used
If --enable-qmi-username isn't explicitly used, we should just check
for the root user UID, without using getpwnam(). See e.g. these SELinux warnings:
SELinux is preventing /usr/bin/bash from read access on the file /etc/passwd.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that bash should be allowed read access on the passwd file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do allow this access for now by executing:
# grep qmi-proxy /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/configure.ac b/configure.ac index c1ca6ef..0c87850 100644 --- a/configure.ac +++ b/configure.ac @@ -80,17 +80,20 @@ dnl Documentation GTK_DOC_CHECK(1.0) # QMI username +QMI_USERNAME="root" AC_ARG_ENABLE(qmi-username, AS_HELP_STRING([--enable-qmi-username=<username>], [user allowed to access QMI devices])) if test -n "$enable_qmi_username" ; then + QMI_USERNAME_ENABLED=yes + AC_DEFINE(QMI_USERNAME_ENABLED, 1, [Define if we enable QMI username]) QMI_USERNAME="$enable_qmi_username" + AC_SUBST(QMI_USERNAME) + AC_DEFINE_UNQUOTED(QMI_USERNAME, "$QMI_USERNAME", [Define the QMI username]) else - QMI_USERNAME="root" + QMI_USERNAME_ENABLED=no fi -AM_CONDITIONAL([INSTALL_QMI_UDEV_RULES], [test "x$enable_qmi_username" = "x$QMI_USERNAME"]) -AC_SUBST(QMI_USERNAME) -AC_DEFINE_UNQUOTED(QMI_USERNAME, "$QMI_USERNAME", [Define the QMI username]) -AM_COND_IF([INSTALL_QMI_UDEV_RULES], [AC_CONFIG_FILES([src/qmi-proxy/76-qmi-proxy-device-ownership.rules])]) + +AM_CONDITIONAL([QMI_USERNAME_ENABLED], [test "x$QMI_USERNAME_ENABLED" = "xyes"]) # udev base directory AC_ARG_WITH(udev-base-dir, AS_HELP_STRING([--with-udev-base-dir=DIR], [where udev base directory is])) @@ -126,6 +129,11 @@ AC_CONFIG_FILES([Makefile docs/reference/libqmi-glib/Makefile docs/reference/libqmi-glib/version.xml docs/man/Makefile]) + +if test "x$QMI_USERNAME_ENABLED" = "xyes"; then + AC_CONFIG_FILES([src/qmi-proxy/76-qmi-proxy-device-ownership.rules]) +fi + AC_OUTPUT echo " @@ -137,5 +145,5 @@ echo " Maintainer mode: ${USE_MAINTAINER_MODE} udev base directory: ${UDEV_BASE_DIR} Documentation: ${enable_gtk_doc} - QMI username: ${QMI_USERNAME} + QMI username: ${QMI_USERNAME_ENABLED} (${QMI_USERNAME}) " |