PKG_NAME:=busybox
PKG_VERSION:=1.31.1
-PKG_RELEASE:=8
+PKG_RELEASE:=9
PKG_FLAGS:=essential
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_NTPD),)
$(INSTALL_BIN) ./files/sysntpd $(1)/etc/init.d/sysntpd
$(INSTALL_BIN) ./files/ntpd-hotplug $(1)/usr/sbin/ntpd-hotplug
- $(INSTALL_DIR) $(1)/etc/capabilities/
+ $(INSTALL_DIR) $(1)/etc/capabilities $(1)/usr/share/acl.d
$(INSTALL_DATA) ./files/ntpd.capabilities $(1)/etc/capabilities/ntpd.json
+ $(INSTALL_DATA) ./files/ntpd_acl.json $(1)/usr/share/acl.d/ntpd.json
endif
-rm -rf $(1)/lib64
endef
#!/bin/sh
-ACTION="$1" /sbin/hotplug-call ntp
+
+. /usr/share/libubox/jshn.sh
+
+addenv="$( env | while read line; do echo "json_add_string \"\" \"$line\";"; done )"
+json_init
+json_add_array env
+json_add_string "" "ACTION=$1"
+eval "$addenv"
+json_close_array env
+
+ubus call hotplug.ntp call "$(json_dump)"
--- /dev/null
+{
+ "user": "ntp",
+ "access": {
+ "hotplug.ntp": {
+ "methods": [ "call" ]
+ }
+ }
+}
done
procd_set_param respawn
[ -x /sbin/ujail -a -e /etc/capabilities/ntpd.json ] && {
- procd_add_jail ntpd
+ procd_add_jail ntpd ubus
+ procd_add_jail_mount "$HOTPLUG_SCRIPT"
+ procd_add_jail_mount "/usr/share/libubox/jshn.sh"
+ procd_add_jail_mount "/usr/bin/env"
+ procd_add_jail_mount "/usr/bin/jshn"
+ procd_add_jail_mount "/bin/ubus"
procd_set_param capabilities /etc/capabilities/ntpd.json
procd_set_param user ntp
procd_set_param group ntp
projects / openwrt / openwrt.git / commitdiff