Re: [RFC PATCH 0/2] RFC: Implement deterministic uid/gid

From: Martin Jansa <martin.jansa@gmail.com>
To: Mark Hatle <mark.hatle@windriver.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [RFC PATCH 0/2] RFC: Implement deterministic uid/gid
Date: Fri, 10 Jan 2014 00:19:30 +0100	[thread overview]
Message-ID: <20140109231930.GJ3709@jama> (raw)
In-Reply-To: <52CEFD48.5070901@windriver.com>

[-- Attachment #1: Type: text/plain, Size: 3268 bytes --]

On Thu, Jan 09, 2014 at 01:49:28PM -0600, Mark Hatle wrote:
> I have updated the git://git.yoctoproject.org/poky-contrib mhatle/uidgid to the 
> latest oe-core master.
> 
> I haven't seen any comments on this RFC yet.  Does anyone have any opinion 
> either way on the code referenced here?

I wanted to do more tests and find some smaller reproducer, but I'm
interested in this series.

What I'm seeing in our builds is that when you compare
files-in-image.txt report from independent (not reusing sstate-cache)
builds with exactly the same metadata, group owners aren't
deterministic.

Random files in image getting owned by "messagebus" group etc., these
issues went away when useradd class creating these ad-hoc groups had
parameter for fixed gid or when I've added these groups directly to
base-passwd group.master.

Is this the same problem you're addressing in this patchset?

> I'm confident patch 01/02 should be added to master.
> 
> The patch 02/02 works properly in all of my testing and does implement support 
> for 'deterministic uid/gid' with dynamic passwd/group file construction during 
> package install.  The code is only activated if USERADD_REWRITE_PARAMS is set to 
> '1', so it's low risk -- but it does add a fairly large chunk of code to be 
> maintained over time.
> 
> --Mark
> 
> On 12/10/13, 12:31 PM, Mark Hatle wrote:
> > The following series implements the deterministic uid/gid setting for a
> > distribution.  Currently when a filesystem is generated the uid/gid values
> > are generally set at install time, so the install order determines what
> > the actual uid/gid values become.  In order to create a deterministic uid/gid
> > set, that still dynamically constructs the passwd/group file, we add an
> > option to read a special passwd/group file to allow the system to determine
> > the values.
> >
> > It uses the existing parameters, and the values from the special passwd/group
> > files to reconstruct the parameter set to ensure these items are fully
> > defined with static values.
> >
> > The first patch (01/02) is generally applicable.  It fixes a real bug in
> > the way the user/group adds occur today within the system.
> >
> > Patch 02/02 implements the new functionality.
> >
> >
> > The following changes since commit 8505f0fa48cc79d51616b923c6e2c778c4b46a44:
> >
> >    libmatchbox: use PACKAGECONFIG (2013-12-10 14:13:01 +0000)
> >
> > are available in the git repository at:
> >
> >    git://git.yoctoproject.org/poky-contrib mhatle/uidgid
> >    http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=mhatle/uidgid
> >
> > Mark Hatle (2):
> >    useradd.bbclass: Fix build time install issues
> >    useradd.bbclass: Add ability to select a static uid/gid automatically
> >
> >   meta/classes/useradd.bbclass         | 247 ++++++++++++++++++++++++++++++++++-
> >   meta/conf/local.conf.sample.extended |  24 ++++
> >   2 files changed, 265 insertions(+), 6 deletions(-)
> >
> 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core

-- 
Martin 'JaMa' Jansa     jabber: Martin.Jansa@gmail.com

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 205 bytes --]