aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRicardo Ribalda Delgado <ricardo.ribalda@gmail.com>2020-04-19 08:35:29 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-04-26 13:58:45 +0100
commitfd739c15cdba221d9d497d3402b7d929c0be2ca4 (patch)
tree3d9e43b97a8b1a1b302344be8160aa8b6f516f17
parent9d8e6daa866d2f19b2a6324072b984a866715426 (diff)
downloadopenembedded-core-contrib-fd739c15cdba221d9d497d3402b7d929c0be2ca4.tar.gz
openembedded-core-contrib-fd739c15cdba221d9d497d3402b7d929c0be2ca4.tar.bz2
openembedded-core-contrib-fd739c15cdba221d9d497d3402b7d929c0be2ca4.zip
wic: Fix permissions when using exclude or include path
When parameters include_path or exclude_path are passed to the rootfs plugin, it will copy the partition content into a folder and make all the modifications there. This is done using copyhardlinktree(), which does not take into consideration the content of the pseudo folder, which contains the information about the right permissions and ownership of the folders. This results in a rootfs owned by the user that is running the wic command (usually UID 1000), which makes some rootfs unbootable. This bug can be easily triggerd with the following .wks part / --source rootfs --fstype=ext4 --exclude-path=home And this sequence: $ wic create test-permissions -e core-image-minimal -o test/ $ sudo mount test/test-permissions-202004080823-sda.direct.p1 /mnt $ ls -la /mnt/etc/shadow To fix this we copy the content of the pseudo folders to the new folder and modify the pseudo database using the "pseudo -B" command. If the rootfs is not a rootfs generated by bitbake a warning is shown making the user aware that the permissions on the target might not match what he expects. WARNING: /tmp/test/../pseudo folder does not exist. Usernames and permissions will be invalid Cc: Paul Barker <pbarker@konsulko.com> Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--scripts/lib/wic/partition.py7
-rw-r--r--scripts/lib/wic/plugins/source/rootfs.py37
2 files changed, 38 insertions, 6 deletions
diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index 2d95f78439b..b02711be374 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -190,7 +190,7 @@ class Partition():
(self.mountpoint, self.size, self.fixed_size))
def prepare_rootfs(self, cr_workdir, oe_builddir, rootfs_dir,
- native_sysroot, real_rootfs = True):
+ native_sysroot, real_rootfs = True, pseudo_dir = None):
"""
Prepare content for a rootfs partition i.e. create a partition
and fill it from a /rootfs dir.
@@ -198,8 +198,9 @@ class Partition():
Currently handles ext2/3/4, btrfs, vfat and squashfs.
"""
p_prefix = os.environ.get("PSEUDO_PREFIX", "%s/usr" % native_sysroot)
- p_localstatedir = os.environ.get("PSEUDO_LOCALSTATEDIR",
- "%s/../pseudo" % rootfs_dir)
+ if (pseudo_dir == None):
+ pseudo_dir = "%s/../pseudo" % rootfs_dir
+ p_localstatedir = os.environ.get("PSEUDO_LOCALSTATEDIR", pseudo_dir)
p_passwd = os.environ.get("PSEUDO_PASSWD", rootfs_dir)
p_nosymlinkexp = os.environ.get("PSEUDO_NOSYMLINKEXP", "1")
pseudo = "export PSEUDO_PREFIX=%s;" % p_prefix
diff --git a/scripts/lib/wic/plugins/source/rootfs.py b/scripts/lib/wic/plugins/source/rootfs.py
index 705aeb55637..8b2a067385d 100644
--- a/scripts/lib/wic/plugins/source/rootfs.py
+++ b/scripts/lib/wic/plugins/source/rootfs.py
@@ -20,7 +20,7 @@ from oe.path import copyhardlinktree
from wic import WicError
from wic.pluginbase import SourcePlugin
-from wic.misc import get_bitbake_var
+from wic.misc import get_bitbake_var, exec_native_cmd
logger = logging.getLogger('wic')
@@ -44,6 +44,15 @@ class RootfsPlugin(SourcePlugin):
return os.path.realpath(image_rootfs_dir)
+ @staticmethod
+ def __get_pseudo(native_sysroot, rootfs, pseudo_dir):
+ pseudo = "export PSEUDO_PREFIX=%s/usr;" % native_sysroot
+ pseudo += "export PSEUDO_LOCALSTATEDIR=%s;" % pseudo_dir
+ pseudo += "export PSEUDO_PASSWD=%s;" % rootfs
+ pseudo += "export PSEUDO_NOSYMLINKEXP=1;"
+ pseudo += "%s " % get_bitbake_var("FAKEROOTCMD")
+ return pseudo
+
@classmethod
def do_prepare_partition(cls, part, source_params, cr, cr_workdir,
oe_builddir, bootimg_dir, kernel_dir,
@@ -68,8 +77,14 @@ class RootfsPlugin(SourcePlugin):
"it is not a valid path, exiting" % part.rootfs_dir)
part.rootfs_dir = cls.__get_rootfs_dir(rootfs_dir)
+ pseudo_dir = os.path.join(part.rootfs_dir, "../pseudo")
+ if not os.path.lexists(pseudo_dir):
+ logger.warn("%s folder does not exist. "
+ "Usernames and permissions will be invalid " % pseudo_dir)
+ pseudo_dir = None
new_rootfs = None
+ new_pseudo = None
# Handle excluded paths.
if part.exclude_path or part.include_path:
# We need a new rootfs directory we can delete files from. Copy to
@@ -78,9 +93,24 @@ class RootfsPlugin(SourcePlugin):
if os.path.lexists(new_rootfs):
shutil.rmtree(os.path.join(new_rootfs))
-
copyhardlinktree(part.rootfs_dir, new_rootfs)
+ # Convert the pseudo directory to its new location
+ if (pseudo_dir):
+ new_pseudo = os.path.realpath(
+ os.path.join(cr_workdir, "pseudo%d" % part.lineno))
+ if os.path.lexists(new_pseudo):
+ shutil.rmtree(new_pseudo)
+ os.mkdir(new_pseudo)
+ shutil.copy(os.path.join(pseudo_dir, "files.db"),
+ os.path.join(new_pseudo, "files.db"))
+
+ pseudo_cmd = "%s -B -m %s -M %s" % (cls.__get_pseudo(native_sysroot,
+ new_rootfs,
+ new_pseudo),
+ part.rootfs_dir, new_rootfs)
+ exec_native_cmd(pseudo_cmd, native_sysroot)
+
for path in part.include_path or []:
copyhardlinktree(path, new_rootfs)
@@ -112,4 +142,5 @@ class RootfsPlugin(SourcePlugin):
shutil.rmtree(full_path)
part.prepare_rootfs(cr_workdir, oe_builddir,
- new_rootfs or part.rootfs_dir, native_sysroot)
+ new_rootfs or part.rootfs_dir, native_sysroot,
+ pseudo_dir = new_pseudo or pseudo_dir)