From: Gary Thomas <gary@mlbassoc.com>
To: openembedded-core@lists.openembedded.org
Subject: Re: dbus build host uid/gid leaking into target home directory
Date: Sat, 11 Oct 2014 15:10:56 -0600 [thread overview]
Message-ID: <54399CE0.5000807@mlbassoc.com> (raw)
In-Reply-To: <543965E7.3040806@pabigot.com>
On 2014-10-11 11:16, Peter A. Bigot wrote:
> Back at http://lists.openembedded.org/pipermail/openembedded-core/2011-December/053836.html it was noted that the dbus home directory /var/lib/dbus on the target was using the
> build host uid/gid. Various discussion agreed this shouldn't happen, but there was no resolution in the thread.
>
> I found https://bugzilla.yoctoproject.org/show_bug.cgi?id=1711 which is marked fixed, but on a newly installed system I find:
>
> root@beaglebone:~# ls -l /var/lib
> total 52
> drwxr-xr-x 2 root root 4096 Oct 11 2014 alsa
> drwxr-xr-x 2 root root 4096 Oct 11 2014 arpd
> drwxr-xr-x 2 root root 4096 Oct 11 12:30 connman
> drwxr-xr-x 2 102 105 4096 Oct 11 2014 dbus
>
> where the dbus uid/gid is from my host system as shown by:
>
> root@beaglebone:~# grep dbus /etc/passwd
> messagebus:x:999:998::/var/lib/dbus:/bin/false
> llc[140]$ grep dbus /etc/passwd
> messagebus:x:102:105::/var/run/dbus:/bin/false
>
> This arises in an image extending core-image-base building meta-ti's version of beaglebone. (I'm actually trying to fix the same problem arising in a patch intended to make sure
> ntp's home directory exists, but the dbus one appears to be the same thing.)
>
> The suggested workaround for opkg of using a pkg_postinst script doesn't work in my case because the rpm post-install script gets run on the build host that's creating rootfs.The
> ownership is wrong in the generated rootfs tar files whether or not there's a post-install script that tries to change it.
>
> For my ntp patch I verified that removing the package and installing it on the target does work as expected.
>
> Does anybody else see this sort of thing?
>
> If not, where in the image packaging code is the magic that's supposed to help pseudo record who's really supposed to own the files and re-apply that when the image packaging is done?
It does not happen in my builds which are more-or-less stock
Poky (I have my own distro and BSP layers). Must be something
going on in the meta-ti layer?
Are you using the latest OE-core (or Poky/Yocto) master?
--
------------------------------------------------------------
Gary Thomas | Consulting for the
MLB Associates | Embedded world
------------------------------------------------------------
next prev parent reply other threads:[~2014-10-11 21:20 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-11 17:16 dbus build host uid/gid leaking into target home directory Peter A. Bigot
2014-10-11 21:10 ` Gary Thomas [this message]
2014-10-11 23:14 ` Peter A. Bigot
2014-10-11 23:27 ` Gary Thomas
2014-10-12 6:31 ` Peter A. Bigot
2014-10-12 21:05 ` Peter A. Bigot
2014-10-13 9:13 ` Paul Eggleton
2014-10-13 12:00 ` Peter A. Bigot
2014-10-14 6:23 ` Paul Barker
2014-10-14 9:39 ` Burton, Ross
2014-10-14 9:43 ` Martin Jansa
2014-10-14 9:45 ` Martin Jansa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54399CE0.5000807@mlbassoc.com \
--to=gary@mlbassoc.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.