chrony: Ensure /var/lib/chrony belongs to correct user/group

Signed-off-by: Andreas Schulz <andreas.schulz2@karlstorz.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-04-02 02:49:12 +00:00 · 2026-01-21 13:39:12 +00:00 · 2026-01-21 13:39:12 +00:00 · 37f675a8bc
commit 37f675a8bc
parent 9650622e07
1 changed files with 11 additions and 2 deletions
--- a/meta-networking/recipes-support/chrony/chrony_4.8.bb
+++ b/meta-networking/recipes-support/chrony/chrony_4.8.bb
@ -48,6 +48,7 @@ inherit update-rc.d systemd pkgconfig
 inherit_defer ${@bb.utils.contains('PACKAGECONFIG', 'privdrop', 'useradd', '', d)}
 USERADD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '${PN}', '', d)}"
 USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--system -d / -M --shell /sbin/nologin chronyd;', '', d)}"
+GROUPADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--system chronyd', '', d)}"

 # Configuration options:
 # - Security-related:
@ -113,11 +114,19 @@ do_install() {

    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
        install -d ${D}${sysconfdir}/tmpfiles.d
+        if ${@bb.utils.contains('PACKAGECONFIG', 'privdrop', 'true', 'false', d)}; then
+            echo "d /var/lib/chrony 0755 chronyd chronyd -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf
+        else
            echo "d /var/lib/chrony 0755 root root -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf
+        fi
    else
        install -d ${D}${sysconfdir}/default/volatiles
+        if ${@bb.utils.contains('PACKAGECONFIG', 'privdrop', 'true', 'false', d)}; then
+            echo "d chronyd chronyd 0755 /var/lib/chrony none" > "${D}${sysconfdir}/default/volatiles/00_runtime_chrony_dirs"
+        else
            echo "d root root 0755 /var/lib/chrony none" > "${D}${sysconfdir}/default/volatiles/00_runtime_chrony_dirs"
        fi
+    fi

 }