From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6517242303530139648 X-Received: by 10.28.153.194 with SMTP id b185mr3515668wme.9.1517413720942; Wed, 31 Jan 2018 07:48:40 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 10.223.156.130 with SMTP id d2ls1704215wre.13.gmail; Wed, 31 Jan 2018 07:48:40 -0800 (PST) X-Google-Smtp-Source: AH8x227Pm4XYvk/CXMVju5zxMAV9GAOL0gshQCZhfO1kFCA9YImtMW/GkdBc0sTVydZ/woXVVMwh X-Received: by 10.28.112.15 with SMTP id l15mr2878318wmc.8.1517413720484; Wed, 31 Jan 2018 07:48:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517413720; cv=none; d=google.com; s=arc-20160816; b=HT02fX8O/RzsuIxdEuEPWRmtFN1Z+gqaoaRyBDRPbFGjIvf3ahcb9rsv0QVhMufPWA mPQQ+GMLgWsKlUCjv+fpAFQ+48y7gujun8AgqqgylcWAWQk5UFn9o6FUpnJgjOfn/brU NYg/SABhhnTRtALe8Mk25eb80Ci7C6D3HEWB+o87ocJF0FgRZLdy6tbf2i8+NnUHvYf+ +VzHgrT8jrLzg8N2TYjb6Z6Pr8IvtjKO/6m6tEoqIbwzdjJ864S+pvHjOQRw0HUm8AUj T8bplz2geltqumqg4dlIiksR9hlVbnq7uQnef4frTiFSZnUrj1HeoPs/khBXOw8tsVWn fowA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=m+ojrKluEnWdWUl/BdQ4ZyRQ0oowRj3tXzCVIy+MJ7o=; b=YC9I6omXUIDD16rLqvNT2YaT9aegkN4nWY4atu0KB5/Sz/WTZk0jlNxeNCChbAl7kd +Z5bByIc12v7261As+wLTjkCuvIVjZLlgbQJaGp7LIZhw5EjvqInFWIiWRbayIQOKdn+ bZ8ln2Nlo364UndKLpUPxiK58GOP3VJxUyLhI1yuth5sCkkrejjZe0VEJvDshkaOov8P OsEJ0LEadbktKHGq9IDHTwl3lfvBXQpckdG0bqC9zAY4PgjQtyLC2e25KNIFxMVlW0+i 9jZaOk97XN9gxHbs3/ieMussGJmclc/jJLrw0xhceqAI0u94duyVOzSahGXeNK/o0AF0 +LoQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com Return-Path: Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2]) by gmr-mx.google.com with ESMTPS id s5si1199589wra.3.2018.01.31.07.48.40 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jan 2018 07:48:40 -0800 (PST) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com Received: from mail2.siemens.de (mail2.siemens.de [139.25.208.11]) by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id w0VFmds6020976 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 31 Jan 2018 16:48:40 +0100 Received: from md1pvb1c.ad001.siemens.net (md1pvb1c.ad001.siemens.net [139.25.68.40] (may be forged)) by mail2.siemens.de (8.15.2/8.15.2) with ESMTP id w0VFmdeQ018662; Wed, 31 Jan 2018 16:48:39 +0100 From: Henning Schild To: isar-users@googlegroups.com Cc: Henning Schild Subject: [PATCH 2/2] images: wic: do not call wic with sudo anymore Date: Wed, 31 Jan 2018 16:48:38 +0100 Message-Id: <20180131154838.14707-2-henning.schild@siemens.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20180131154838.14707-1-henning.schild@siemens.com> References: <20180131154838.14707-1-henning.schild@siemens.com> X-TUID: wG85eZ0IToz2 Issues: 1. wic was called under sudo 2. wic and its plugins can use sudo to do whatever they want Impact: Issue 1 is addressed, but Issue 2 has always been there and has come to stay. Signed-off-by: Henning Schild --- meta/classes/wic-img.bbclass | 17 ++++++++++++++++- scripts/wic_fakeroot | 37 ++++++++++++++++++++++--------------- 2 files changed, 38 insertions(+), 16 deletions(-) diff --git a/meta/classes/wic-img.bbclass b/meta/classes/wic-img.bbclass index 72779eb..444e003 100644 --- a/meta/classes/wic-img.bbclass +++ b/meta/classes/wic-img.bbclass @@ -59,7 +59,22 @@ do_wic_image() { export BUILDDIR="${BUILDDIR}" export MTOOLS_SKIP_CHECK=1 - sudo -E PATH="$PATH:/builder/isar/bitbake/bin:/builder/isar/scripts" /builder/isar/scripts/wic create ${WKS_FILE} --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -o ${DEPLOY_DIR_IMAGE} -e ${IMAGE_BASENAME} ${WIC_CREATE_EXTRA_ARGS} + # Play a dirty trick to redirect "du" and "mkfs.*" to FAKEROOTCMD + WTOOLS_SYSROOT="${TMPDIR}/trick_wic/" + mkdir -p ${WTOOLS_SYSROOT}/sbin + mkdir -p ${WTOOLS_SYSROOT}/usr/bin + for fstype in btrfs ext2 ext3 ext4 vfat; do + ln -sf /builder/isar/scripts/${FAKEROOTCMD} \ + ${WTOOLS_SYSROOT}/sbin/mkfs.${fstype} + done + ln -sf /builder/isar/scripts/${FAKEROOTCMD} \ + ${WTOOLS_SYSROOT}/usr/bin/du + + echo "RECIPE_SYSROOT_NATIVE=\"${WTOOLS_SYSROOT}\"" >> \ + ${STAGING_DIR}/${MACHINE}/imgdata/wic-tools.env + + export PATH="${WTOOLS_SYSROOT}/sbin:${WTOOLS_SYSROOT}/usr/sbin:${WTOOLS_SYSROOT}/usr/bin:${PATH}" + /builder/isar/scripts/wic create ${WKS_FILE} --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -o ${DEPLOY_DIR_IMAGE} -e ${IMAGE_BASENAME} ${WIC_CREATE_EXTRA_ARGS} } addtask wic_image before do_build after do_copy_boot_files diff --git a/scripts/wic_fakeroot b/scripts/wic_fakeroot index 9e01c38..01865a0 100755 --- a/scripts/wic_fakeroot +++ b/scripts/wic_fakeroot @@ -1,10 +1,11 @@ #!/usr/bin/env python3 # # wic needs a FAKEROOT cmd to run, the default is pseudo. In Isar we do/can not -# use pseudo. And we call wic as root to begin with, so this script could be a -# dummy doing nothing. It is almost a dummy ... -# -# If the fsck hack ever becomes obsolete, FAKEROOTCMD ?= "true;" can be used +# use pseudo at the moment. +# All wic calls to exec_native_cmd will end up here, if they wanted pseudo. +# They will get executed under sudo. +# In addition we prepend "du"s and "mkfs"s with a sudo, just like a Isar +# specific patch did before. # # This software is a part of Isar. # Copyright (C) 2018 Siemens AG @@ -15,23 +16,29 @@ import shutil import subprocess args = sys.argv -args.pop(0) -cmd = args[0] +args[0] = os.path.basename(args[0]) + +if not (args[0].startswith('mkfs.') or args[0] == 'du'): + # the wrapper was not called directly and not for one of the known + # hacks + if args[0] != 'wic_fakeroot': + sys.exit(1) + args.pop(0) -# expect to be running as root -# we could loosen that and execv(sudo, args) but even some early -# "du"s fail, which do not use the fakeroot-wrapper -# i.e. in wics partition.py the "du -ks" fails on -# var/cache/apt/archives/partial -# rootfs/root ... -assert 'root' == os.environ["USER"] +cmd = args[0] # e2fsck <= 1.43.5 returns 1 on non-errors (stretch and before affected) # treat 1 as safe ... the filesystem was successfully repaired and is OK if cmd.startswith('fsck.'): - ret = subprocess.call(args) + ret = subprocess.call(['sudo'] + args) if ret == 0 or ret == 1: sys.exit(0) sys.exit(ret) -os.execv(shutil.which(cmd), args) +# now remove the previous 3 entries from PATH, the ones we used to trick some guys in here +path = ':'.join(os.environ['PATH'].split(':')[3:]) +path += ":/builder/isar/bitbake/bin:/builder/isar/scripts" + +args = ['-E', 'PATH="%s"' % path ] + args + +os.execv(shutil.which('sudo'), args) -- 2.13.6