From a2d79f44e9fcc17eeb682e8f30ec1a3eb25d43d5 Mon Sep 17 00:00:00 2001
From: Marta Rybczynska <marta.rybczynska@ygreky.com>
Date: Wed, 9 Jul 2025 10:14:00 +0200
Subject: [PATCH] bastille: prevent host uids on files

We get an intermittent QA error about file permissions, happening roughly
on 1 build of 10.

The change adds chown to prevent host ids on files related to the
set_required_questions.py script, to avoid long debugging for now.

Signed-off-by: Marta Rybczynska <marta.rybczynska@ygreky.com>
(cherry picked from commit 7bdd0a8b48442e3a93b98647801c2ff5dee7267b)
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
---
 .../meta-perl/recipes-security/bastille/bastille_3.2.1.bb       | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb b/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb
index f2ef335..afd7bfc 100644
--- a/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb
+++ b/dynamic-layers/meta-perl/recipes-security/bastille/bastille_3.2.1.bb
@@ -146,6 +146,8 @@ do_install () {
 
 	${THISDIR}/files/set_required_questions.py ${D}${sysconfdir}/Bastille/config ${D}${datadir}/Bastille/Questions
 
+	chown root:root -R ${D}/${datadir}/Bastille
+
 	ln -s RevertBastille ${D}${sbindir}/UndoBastille
 
     # Create /var/log/Bastille in runtime.