From: "'cedric.hombourger@siemens.com' via isar-users" <isar-users@googlegroups.com>
To: "Heinisch, Alexander" <alexander.heinisch@siemens.com>,
"isar-users@googlegroups.com" <isar-users@googlegroups.com>
Cc: "MOESSBAUER, Felix" <felix.moessbauer@siemens.com>
Subject: Re: [PATCH v2] classes/image-postproc: chroot before postprocessing /etc/machine-id
Date: Wed, 22 Oct 2025 09:09:48 +0000 [thread overview]
Message-ID: <015be7d274ac0be11e3e25248989c49673e6a551.camel@siemens.com> (raw)
In-Reply-To: <e23c2bc74bc10177e8bfbfbf975100106d880efe.camel@siemens.com>
On Tue, 2025-10-21 at 17:58 +0200, Cedric Hombourger wrote:
> On Tue, 2025-10-21 at 11:22 +0000, 'Heinisch, Alexander' via isar-
> users
> wrote:
> > Any updates on this patch? Seems it got lost.
> >
> > On Wed, 2025-09-17 at 11:28 +0200, alexander.heinisch@siemens.com
> > wrote:
> > > From: Alexander Heinisch <alexander.heinisch@siemens.com>
> > >
> > > If /etc/machine-id happens to be a link to e.g. /var/...
> > > the postprocessing overrides build-hosts /var/... instead of
> > > the desired file on the rootfs.
> > >
> > > Signed-off-by: Alexander Heinisch
> > > <alexander.heinisch@siemens.com>
> > > ---
> > > meta/classes/image-postproc-extension.bbclass | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/meta/classes/image-postproc-extension.bbclass
> > > b/meta/classes/image-postproc-extension.bbclass
> > > index 991bac4c..b332e826 100644
> > > --- a/meta/classes/image-postproc-extension.bbclass
> > > +++ b/meta/classes/image-postproc-extension.bbclass
> > > @@ -63,7 +63,7 @@ image_postprocess_machine_id() {
> > > if dpkg --compare-versions "$SYSTEMD_VERSION" "lt" "247";
> > > then
> > > MACHINE_ID=""
> > > fi
> > > - echo "$MACHINE_ID" | sudo tee '${IMAGE_ROOTFS}/etc/machine-
> > > id'
> > > + echo "$MACHINE_ID" | sudo chroot ${IMAGE_ROOTFS} tee
> > > /etc/machine-id
>
> we could use the newly introduced rootfs_cmd to avoid a sudo call
> here.
> reach out if you need some clarification on how to use rootfs_cmd
Just to update everyone. Alexander and I discussed and concluded that
rootfs_cmd may not be used here since we require write access to a
root-owned file (rootfs_cmd is only an alternative to sudo chroot for
commands where we do not require elevated privileges)
>
> > > sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id'
> > > }
> > >
> >
> > --
> > Alexander Heinisch
> > Siemens AG
> > www.siemens.com
> >
>
--
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/015be7d274ac0be11e3e25248989c49673e6a551.camel%40siemens.com.
next prev parent reply other threads:[~2025-10-22 9:10 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-17 9:28 alexander.heinisch via isar-users
2025-10-21 11:22 ` 'Heinisch, Alexander' via isar-users
2025-10-21 15:58 ` 'cedric.hombourger@siemens.com' via isar-users
2025-10-22 9:09 ` 'cedric.hombourger@siemens.com' via isar-users [this message]
2025-10-23 16:02 ` Zhihang Wei
2025-10-23 19:26 ` 'Heinisch, Alexander' via isar-users
2025-10-24 15:56 ` Zhihang Wei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=015be7d274ac0be11e3e25248989c49673e6a551.camel@siemens.com \
--to=isar-users@googlegroups.com \
--cc=alexander.heinisch@siemens.com \
--cc=cedric.hombourger@siemens.com \
--cc=felix.moessbauer@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox