From: "Piotr Łobacz" <p.lobacz@welotec.com>
To: openembedded-core@lists.openembedded.org
Cc: "Piotr Łobacz" <p.lobacz@welotec.com>
Subject: [OE-Core][PATCH v11][master-next 3/5] opkg-utils: add acl and xattr support
Date: Wed, 26 Jul 2023 11:22:26 +0200 [thread overview]
Message-ID: <20230726092228.1005306-3-p.lobacz@welotec.com> (raw)
In-Reply-To: <20230726092228.1005306-1-p.lobacz@welotec.com>
Add support for tar archives created with --acls and/or --xattrs options,
PAX header format.
GNU tar and libarchive already supports ACLs and extended attributes.
We can now add this support as well to opkg-build script in order to use
fsetattr or setcap inside do_install command and end up with a file in
an image with the relevant ACLs and xattrs.
Signed-off-by: Piotr Łobacz <p.lobacz@welotec.com>
---
...kg-build-Add-acls-and-xattrs-support.patch | 164 ++++++++++++++++++
.../opkg-utils/opkg-utils_0.6.2.bb | 1 +
2 files changed, 165 insertions(+)
create mode 100644 meta/recipes-devtools/opkg-utils/opkg-utils/0002-opkg-build-Add-acls-and-xattrs-support.patch
diff --git a/meta/recipes-devtools/opkg-utils/opkg-utils/0002-opkg-build-Add-acls-and-xattrs-support.patch b/meta/recipes-devtools/opkg-utils/opkg-utils/0002-opkg-build-Add-acls-and-xattrs-support.patch
new file mode 100644
index 0000000000..7e88c1754c
--- /dev/null
+++ b/meta/recipes-devtools/opkg-utils/opkg-utils/0002-opkg-build-Add-acls-and-xattrs-support.patch
@@ -0,0 +1,164 @@
+From 03931040018a0e3cc34e4c93a625f3671ff1a980 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Piotr=20=C5=81obacz?= <p.lobacz@welotec.com>
+Date: Wed, 5 Jul 2023 10:31:13 +0200
+Subject: [PATCH] opkg-build: Add acls and xattrs support
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Add support for tar archives created with --acls and/or --xattrs options,
+PAX header format.
+
+GNU tar and libarchive already supports ACLs and extended attributes.
+We can now add this support as well to opkg-build script in order to use
+fsetattr or setcap inside do_install command and end up with a file in
+an image with the relevant ACLs and xattrs.
+
+Upstream-Status: Submitted [https://groups.google.com/g/opkg-devel/c/dYNHrLjDwg8]
+
+[1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=15097
+[2] https://groups.google.com/g/opkg-devel/c/aEGL7XRXfaA
+
+Signed-off-by: Piotr Łobacz <p.lobacz@welotec.com>
+---
+ opkg-build | 76 +++++++++++++++++++++++++++++++++++-------------------
+ 1 file changed, 50 insertions(+), 26 deletions(-)
+
+diff --git a/opkg-build b/opkg-build
+index a9e45d4..47ac1a8 100755
+--- a/opkg-build
++++ b/opkg-build
+@@ -145,6 +145,7 @@ You probably want to chown these to a system user: " >&2
+ ###
+ # opkg-build "main"
+ ###
++attributesargs=""
+ ogargs=""
+ outer=ar
+ noclean=0
+@@ -153,22 +154,6 @@ compressor=gzip
+ zipargs="-9n"
+ compressorargs=""
+
+-# Determine if tar supports the --format argument by checking the help output.
+-#
+-# This is needed because:
+-# - Busybox tar doesn't support '--format'
+-# - On some Linux distros, tar now defaults to posix format if '--format'
+-# isn't explicitly specified
+-# - Opkg doesn't currently support posix format archives
+-#
+-# It's easier to check for mention of the '--format' option than to detect the
+-# tar implementation and maintain a list of which support '--format'.
+-tarformat=""
+-if tar --help 2>&1 | grep -- "--format" > /dev/null;
+-then
+- tarformat="--format=gnu"
+-fi
+-
+ compressor_ext() {
+ case $1 in
+ gzip|pigz)
+@@ -197,13 +182,17 @@ compressor_ext() {
+ : <<=cut
+ =head1 SYNOPSIS
+
+-B<opkg-build> [B<-c>] [B<-C>] [B<-Z> I<compressor>] [B<-a>] [B<-O>] [B<-o> I<owner>] [B<-g> I<group>] I<pkg_directory> [I<destination_directory>]
++B<opkg-build> [B<-A>] [B<-X>] [B<-c>] [B<-C>] [B<-Z> I<compressor>] [B<-a>] [B<-O>] [B<-o> I<owner>] [B<-g> I<group>] I<pkg_directory> [I<destination_directory>]
+
+ =cut
+
+-usage="Usage: $0 [-c] [-C] [-Z compressor] [-a compressor_args] [-O] [-o owner] [-g group] <pkg_directory> [<destination_directory>]"
+-while getopts "a:cCg:ho:vOZ:" opt; do
++usage="Usage: $0 [-A] [-X] [-c] [-C] [-Z compressor] [-a compressor_args] [-O] [-o owner] [-g group] <pkg_directory> [<destination_directory>]"
++while getopts "Aa:cCg:ho:vOXZ:" opt; do
+ case $opt in
++ A ) attributesargs="--acls"
++ ;;
++ X ) attributesargs="$attributesargs --xattrs"
++ ;;
+ o ) owner=$OPTARG
+ ogargs="--owner=$owner"
+ ;;
+@@ -232,6 +221,31 @@ while getopts "a:cCg:ho:vOZ:" opt; do
+ esac
+ done
+
++# Determine if tar supports the --format argument by checking the help output.
++#
++# This is needed because:
++# - Busybox tar doesn't support '--format'
++# - On some Linux distros, tar now defaults to posix format if '--format'
++# isn't explicitly specified
++# - Opkg doesn't currently support posix format archives
++#
++# It's easier to check for mention of the '--format' option than to detect the
++# tar implementation and maintain a list of which support '--format'.
++tarformat=""
++if tar --help 2>&1 | grep -- "--format" > /dev/null;
++then
++ # For ACLs or xattr support, gnu format will not work
++ # we need to set posix format instead
++ if [ ! -z "$attributesargs" ] ; then
++ tarformat="--format=posix"
++ else
++ tarformat="--format=gnu"
++ fi
++elif [ ! -z "$attributesargs" ] ; then
++ echo "*** Error: Attributes: $attributesargs, doesn't' work, without posix format, which is not supported by tar command." >&2
++ exit 1
++fi
++
+ cext=$(compressor_ext $compressor)
+
+ # pgzip requires -T to avoid timestamps on the gzip archive
+@@ -301,21 +315,31 @@ fi
+ tmp_dir=$dest_dir/IPKG_BUILD.$$
+ mkdir $tmp_dir
+
+-build_date="${SOURCE_DATE_EPOCH:-$(date +%s)}"
+-
+-mtime_args=""
++mtime_args="--mtime=@${SOURCE_DATE_EPOCH:-$(date +%s)}"
+ # --clamp-mtime requires tar > 1.28. Only use it if SOURCE_DATE_EPOCH is set, to avoid having a generic case dependency on tar > 1.28.
+ # this setting will make sure files generated at build time have consistent mtimes, for reproducible builds.
+ if [ ! -z "$SOURCE_DATE_EPOCH" ]; then
+- mtime_args="--mtime=@$build_date --clamp-mtime"
++ mtime_args="$mtime_args --clamp-mtime"
++fi
++
++# Notice, that if you create an archive in POSIX format (see section GNU tar and POSIX tar) and the environment variable POSIXLY_CORRECT is set,
++# then the two archives created using the same options on the same set of files will not be byte-to-byte equivalent even with the above option.
++# This is because the posix default for extended header names includes the PID of the tar process, which is different at each run. To produce
++# byte-to-byte equivalent archives in this case, either unset POSIXLY_CORRECT, or use the following option:
++#
++# --pax-option=exthdr.name=%d/PaxHeaders/%f,atime:=0,ctime:=0
++#
++# https://www.gnu.org/software/tar/manual/html_node/PAX-keywords.html
++if [[ "$tarformat" == "--format=posix" ]]; then
++ mtime_args="$mtime_args --pax-option=exthdr.name=%d/PaxHeaders/%f,atime:=0,ctime:=0"
+ fi
+
+ export LANG=C
+ export LC_ALL=C
+ ( cd $pkg_dir/$CONTROL && find . -type f | sort > $tmp_dir/control_list )
+ ( cd $pkg_dir && find . -path ./$CONTROL -prune -o -path . -o -print | sort > $tmp_dir/file_list )
+-( cd $pkg_dir && tar $ogargs $tsortargs --no-recursion $mtime_args -c $tarformat -T $tmp_dir/file_list | $compressor $compressorargs > $tmp_dir/data.tar.$cext )
+-( cd $pkg_dir/$CONTROL && tar $ogargs $tsortargs --no-recursion --mtime=@$build_date -c $tarformat -T $tmp_dir/control_list | gzip $zipargs > $tmp_dir/control.tar.gz )
++( cd $pkg_dir && tar $attributesargs $ogargs $tsortargs --numeric-owner --no-recursion $mtime_args -c $tarformat -T $tmp_dir/file_list | $compressor $compressorargs > $tmp_dir/data.tar.$cext )
++( cd $pkg_dir/$CONTROL && tar $ogargs $tsortargs --no-recursion $mtime_args -c $tarformat -T $tmp_dir/control_list | gzip $zipargs > $tmp_dir/control.tar.gz )
+ rm $tmp_dir/file_list
+ rm $tmp_dir/control_list
+
+@@ -331,7 +355,7 @@ rm -f $pkg_file
+ if [ "$outer" = "ar" ] ; then
+ ( cd $tmp_dir && ar -crfD $pkg_file ./debian-binary ./control.tar.gz ./data.tar.$cext )
+ else
+- ( cd $tmp_dir && tar -c $tsortargs --mtime=@$build_date $tarformat ./debian-binary ./control.tar.gz ./data.tar.$cext | gzip $zipargs > $pkg_file )
++ ( cd $tmp_dir && tar -c $tsortargs $mtime_args $tarformat ./debian-binary ./control.tar.gz ./data.tar.$cext | gzip $zipargs > $pkg_file )
+ fi
+
+ rm $tmp_dir/debian-binary $tmp_dir/data.tar.$cext $tmp_dir/control.tar.gz
+--
+2.34.1
+
diff --git a/meta/recipes-devtools/opkg-utils/opkg-utils_0.6.2.bb b/meta/recipes-devtools/opkg-utils/opkg-utils_0.6.2.bb
index eb88b9b734..d5ce2cfbe2 100644
--- a/meta/recipes-devtools/opkg-utils/opkg-utils_0.6.2.bb
+++ b/meta/recipes-devtools/opkg-utils/opkg-utils_0.6.2.bb
@@ -9,6 +9,7 @@ PROVIDES += "${@bb.utils.contains('PACKAGECONFIG', 'update-alternatives', 'virtu
SRC_URI = "git://git.yoctoproject.org/opkg-utils;protocol=https;branch=master \
file://0001-update-alternatives-correctly-match-priority.patch \
+ file://0002-opkg-build-Add-acls-and-xattrs-support.patch \
"
SRCREV = "67994e62dc598282830385da75ba9b1abbbda941"
--
2.34.1
next prev parent reply other threads:[~2023-07-26 9:22 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-26 9:22 [OE-Core][PATCH v11][master-next 1/5] package_ipk.bbclass: add support for ACLs and xattr Piotr Łobacz
2023-07-26 9:22 ` [OE-Core][PATCH v11][master-next 2/5] package.bbclass: " Piotr Łobacz
2023-07-26 9:22 ` Piotr Łobacz [this message]
2023-07-26 9:22 ` [OE-Core][PATCH v11][master-next 4/5] opkg: add options to enable support for acl " Piotr Łobacz
2023-07-26 9:22 ` [OE-Core][PATCH v11][master-next 5/5] opkg: set locale from system environment variables Piotr Łobacz
2023-07-26 9:27 ` ODP: [OE-Core][PATCH v11][master-next 1/5] package_ipk.bbclass: add support for ACLs and xattr Piotr Łobacz
2023-07-27 14:18 ` Alexandre Belloni
2023-07-27 15:30 ` ODP: " Piotr Łobacz
2023-07-28 22:58 ` Piotr Łobacz
[not found] ` <17762A3A069807A3.31298@lists.openembedded.org>
2023-07-31 19:03 ` Piotr Łobacz
2023-07-31 19:09 ` Piotr Łobacz
2023-07-31 20:25 ` Joshua Watt
2023-07-31 21:19 ` Richard Purdie
2023-07-31 21:23 ` Piotr Łobacz
[not found] ` <177710C9CE043B33.12785@lists.openembedded.org>
2023-07-31 21:28 ` ODP: " Piotr Łobacz
2023-08-01 13:04 ` Martin Jansa
2023-08-01 13:27 ` ODP: " Piotr Łobacz
[not found] ` <1777455C95C57250.15736@lists.openembedded.org>
2023-08-01 15:16 ` Piotr Łobacz
2023-08-01 15:41 ` Richard Purdie
2023-08-01 16:00 ` ODP: " Piotr Łobacz
[not found] ` <17774DB8C4C2BE4F.15736@lists.openembedded.org>
2023-08-02 1:17 ` Piotr Łobacz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230726092228.1005306-3-p.lobacz@welotec.com \
--to=p.lobacz@welotec.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox