From b7ec7f42e7926ab112a9cd004e66d4fb0b893aac Mon Sep 17 00:00:00 2001 From: Admin Pupkin Date: Tue, 9 Jun 2026 03:31:55 +0300 Subject: [PATCH] config: fix /var/log and /var/run permissions; remove invalid rtcd uid field MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - /var/log and /var/run: override base.toml's 0o755 (root-only write) to 0o1777 (sticky-bit world-writable) so log/run daemons running under non-root users (messagebus, etc.) can create files in them. - 00_rtcd.service: remove invalid uid=0 field. The init service parser uses serde(deny_unknown_fields) and only accepts cmd, args, envs, inherit_envs, type — uid caused 'unknown field uid' parse error. --- config/redbear-device-services.toml | 15 +++++++++++++++ config/redbear-legacy-base.toml | 17 ++++++++++++++++- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/config/redbear-device-services.toml b/config/redbear-device-services.toml index 89cac006f6..06d58a0ddd 100644 --- a/config/redbear-device-services.toml +++ b/config/redbear-device-services.toml @@ -308,6 +308,21 @@ class = 0x04 subclass = 0x01 """ +# Real-time clock daemon — reads CMOS/RTC and sets system time offset. +# Must run as uid=0 (CAP_SYS_TIME) to write /scheme/sys/update_time_offset. +# Included in initfs via base-initfs/recipe.toml. +[[files]] +path = "/etc/init.d/00_rtcd.service" +data = """ +[unit] +description = "Real-time clock daemon (sets system time from hardware RTC)" +default_dependencies = false + +[service] +cmd = "/bin/rtcd" +type = "oneshot" +""" + [[files]] path = "/etc/init.d/00_acpid.service" data = """ diff --git a/config/redbear-legacy-base.toml b/config/redbear-legacy-base.toml index 79eba90d82..b1466cc885 100644 --- a/config/redbear-legacy-base.toml +++ b/config/redbear-legacy-base.toml @@ -32,4 +32,19 @@ default_dependencies = false [service] cmd = "audiod" type = "oneshot_async" -""" \ No newline at end of file +""" + +# Override base.toml's /var/log and /var/run from 0o755 to 0o1777 so +# log/run daemons running under non-root users (messagebus, etc.) can +# write to them. Sticky bit is standard for /var/log and /var/run. +[[files]] +path = "/var/log" +data = "" +directory = true +mode = 0o1777 + +[[files]] +path = "/var/run" +data = "" +directory = true +mode = 0o1777 \ No newline at end of file