From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6592648938739728384
X-Received: by 2002:adf:8231:: with SMTP id 46-v6mr187788wrb.12.1536758567122;
        Wed, 12 Sep 2018 06:22:47 -0700 (PDT)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:adf:a907:: with SMTP id u7-v6ls628326wrc.9.gmail; Wed, 12
 Sep 2018 06:22:46 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdYXCvyMfTX1d1lJl27913G/42d/Xuf4NeukPVJILPCj/ligwtkyBn8v9HzLvU7mDK3/omzY
X-Received: by 2002:a5d:5201:: with SMTP id j1-v6mr190180wrv.30.1536758566628;
        Wed, 12 Sep 2018 06:22:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536758566; cv=none;
        d=google.com; s=arc-20160816;
        b=i7j0RgsK8afVUachQuXHa1/vcPkyr2IbTDbG/PkNMy2fixfLBG+nLdTlUmdsCR0+ys
         Lyg1xEspz9aIMUiUca73MngKB7zXKBJLI4wUFy+wggxKYAsyexWJ/C8dbC/6DV4fXOvX
         B49QE9jkibLqKc3AGzG+oL60SwYYttWUSiTQ4XOr/CDppHUnqbsL2jjqW+XOuC27NsLX
         ned1RENajwN/Qa7Dum6SUpnup6KpCXvTHC9u2yOe0qxuXkJ2K9Os3Wt+6hirhJnQdCeG
         nWAqr0IJ/Xbd+pxAvWerwE3D2O0kuoSVpy0OIO4Orcoqk2awyKqLLzbyNE2jqQAmdpsv
         xh3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:content-language:in-reply-to:mime-version
         :user-agent:date:message-id:from:references:cc:to:subject;
        bh=P6gw7ZOM/+Bc1UOUjHRdA/8h8vaMfdxpWLfn3jw25qc=;
        b=GfbTyvABgGEpGDYQzAJckKWwkcch2lCVm+4zLsCyBcoki75RGWF5vnXVD8SEnvr3xs
         91+VA38eiTKa7FeXqyWMHtjDARIOkggwYJbqZx4Y9dtfJ6NC/iuKqCodZxuiEVBcr1ol
         dLrrz92rS53Xvk7pKvwL+8YLbDQ7ylSFqydabZsnkZAwcHzJNMGNYhDlNVOQeOsX980x
         h5It3CzzasNynH2ugdCFxzXJzy+REbRDleejR8rNUAtiJxBVPTDacilsGbkovO9xS8vs
         xLXInPt3iJkX6I+g50IckWtLZLgoWT5f+KvLb93K1Q+ie7u5jQStLdeH9wBD/sQSM3Mf
         XRTQ==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com
Return-Path: <jan.kiszka@siemens.com>
Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2])
        by gmr-mx.google.com with ESMTPS id y13-v6si33531wrd.3.2018.09.12.06.22.46
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 12 Sep 2018 06:22:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66])
	by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id w8CDMjaj011558
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Wed, 12 Sep 2018 15:22:46 +0200
Received: from [139.22.35.125] ([139.22.35.125])
	by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id w8CDMjbn013357;
	Wed, 12 Sep 2018 15:22:45 +0200
Subject: Re: [PATCH v3] wic-image: Fix up file ownership in isar repo after
 wic run
To: Henning Schild <henning.schild@siemens.com>
Cc: isar-users <isar-users@googlegroups.com>
References: <f37e89cf-8753-75cf-1ca9-4781e47235f7@siemens.com>
 <20180912144955.4ce5ab6c@md1pvb1c.ad001.siemens.net>
From: Jan Kiszka <jan.kiszka@siemens.com>
Message-ID: <08576cb2-3597-d15b-10f2-3d1818298a6a@siemens.com>
Date: Wed, 12 Sep 2018 15:22:44 +0200
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.8.1.12)
 Gecko/20080226 SUSE/2.0.0.12-1.1 Thunderbird/2.0.0.12 Mnenhy/0.7.5.666
MIME-Version: 1.0
In-Reply-To: <20180912144955.4ce5ab6c@md1pvb1c.ad001.siemens.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-TUID: JLRzkivb35y4

On 12.09.18 14:49, Henning Schild wrote:
> Am Thu, 23 Aug 2018 14:12:19 +0200
> schrieb Jan Kiszka <jan.kiszka@siemens.com>:
> 
>> This prevents needlessly leaving the __pycache__ directories
>> root-owned behind after running wic as superuser - will only cause
>> troubles to the user when trying to clean up the isar repo.
>>
>> We update the ownership only for selected subdirs of the repo to avoid
>> touching local files.
>>
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>> ---
>>
>> Changes in v3:
>>   - catch ALL relevant folders (first test, then post - hmpf)
>>
>>   meta/classes/wic-img.bbclass | 1 +
>>   1 file changed, 1 insertion(+)
>>
>> diff --git a/meta/classes/wic-img.bbclass
>> b/meta/classes/wic-img.bbclass index b56df7b..bc405c1 100644
>> --- a/meta/classes/wic-img.bbclass
>> +++ b/meta/classes/wic-img.bbclass
>> @@ -71,6 +71,7 @@ do_wic_image() {
>>       export MTOOLS_SKIP_CHECK=1
>>   
>>       sudo -E chroot ${BUILDCHROOT_DIR} ${ISARROOT}/scripts/wic create
>> ${WKS_FILE} --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -o /tmp/ -e
>> ${IMAGE_BASENAME} ${WIC_CREATE_EXTRA_ARGS}
>> +    sudo chown -R $(stat -c "%U" ${ISARROOT}) ${ISARROOT}/meta
>> ${ISARROOT}/meta-isar ${ISARROOT}/scripts cp -f `ls -t -1
>> ${BUILDCHROOT_DIR}/tmp/${WKS_FILE}*.direct | head -1`
>> ${WIC_IMAGE_FILE} }
> 
> This breaks if ISARROOT is mounted ro, chown will fail with "read only
> file system" and there will not even be any __pycache__ things to chown.
> 
> Steps to reproduce:
> git clone isar
> cd isar
> mkdir out
> docker run -v $(pwd):/this/:ro -v $(pwd)/out:/out:rw -e USER_ID=$(id
> -u) --rm -t -i  --cap-add=SYS_ADMIN --cap-add=MKNOD -e
> http_proxy=$http_proxy -e https_proxy=$https_proxy  -e
> ftp_proxy=$ftp_proxy -e no_proxy=$no_proxy $CONTAINER sh -c bash
> docker> cd /out
> docker> source /this/isar-init-build-env
> isar> bitbake <a wic image>
> 

Valid remark, and I just realized that I recently hacked this effect away 
locally by adjusting some docker script.

Should be easy to fix by allowing that command to fail. Mind to write that 
one-liner and test it?

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux