Re: [PATCH] meta-isar/example-raw: Remove /etc/resolv.conf in postinst

public inbox for isar-users@googlegroups.com
 help / color / mirror / Atom feed

From: Henning Schild <henning.schild@siemens.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: <isar-users@googlegroups.com>, <claudius.heine.ext@siemens.com>
Subject: Re: [PATCH] meta-isar/example-raw: Remove /etc/resolv.conf in postinst
Date: Tue, 17 Apr 2018 15:20:40 +0200	[thread overview]
Message-ID: <20180417152040.5265bf7d@mmd1pvb1c.ad001.siemens.net> (raw)
In-Reply-To: <9f1829c8-331e-031c-8c03-37cc5b76c44a@siemens.com>

Am Tue, 17 Apr 2018 15:03:28 +0200
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> On 2018-04-17 14:46, [ext] Henning Schild wrote:
> > Issue: debootstrap copies /etc/resolv.conf from the host into the
> > rootfs, and we need it there to use apt-get. But we do not always
> > want it there after we are done installing
> > 
> > Fix: remove the leaked file in our image customization package, to
> > reach a defined state. That happens to be the state we had with
> > multistrap.
> > 
> > Impact: images will not contain a resolv.conf anymore, just like in
> > the multistrap days. If you want one do not install example-raw and
> > customize in your own hook
> > 
> > Signed-off-by: Henning Schild <henning.schild@siemens.com>
> > ---
> >  meta-isar/recipes-app/example-raw/files/postinst | 4 ++++
> >  1 file changed, 4 insertions(+)
> > 
> > diff --git a/meta-isar/recipes-app/example-raw/files/postinst
> > b/meta-isar/recipes-app/example-raw/files/postinst index
> > f60be8c..385473e 100644 ---
> > a/meta-isar/recipes-app/example-raw/files/postinst +++
> > b/meta-isar/recipes-app/example-raw/files/postinst @@ -19,4 +19,8
> > @@ chown -R isar:isar /var/lib/isar # but we take the same password
> > for this example echo "root:root" | chpasswd
> >  
> > +# debootstrap will leak these two files from the build host, get
> > them +# into a defined state
> > +# every image will have to handle these two somehow
> >  echo "isar" > /etc/hostname
> > +rm -f /etc/resolv.conf  
> 
> That cleaning should go into the generic images. It's not a
> customization.

Just discussed that with Claudius offline. And we came to the
conclusion that it can not really go anywhere else.

Instead our conclusion was, that these two files are special and every
image should contain a customization script to bring those two into a
defined state. We read debootstrap code and confirmed that it is these
two files only. In fact we found resolv.conf after a question around
hostname appeared.

If you delete them in the image-recipe, you can not tune them in hooks
anymore. And the image needs them as long as it needs internet ... want
to use apt-get.

We could handle them in a post do_rootfs task that end-users would
override to customize. The bb-task would not be very debian-like and
would open a tempting hack-vector that end-users might use to smuggle
rootfs-changes around apt.

Henning

> Jan
>

next prev parent reply	other threads:[~2018-04-17 13:20 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-17 12:46 Henning Schild
2018-04-17 13:03 ` Jan Kiszka
2018-04-17 13:20   ` Henning Schild [this message]
2018-04-17 13:23     ` Jan Kiszka
2018-04-17 15:09       ` Henning Schild
2018-04-17 15:37 ` [PATCH] isar-bootstrap: Remove leaked hostname and resolv.conf from images Henning Schild
2018-04-19 15:35   ` Claudius Heine
2018-04-20 12:05     ` Henning Schild
2018-04-25 11:21   ` Jan Kiszka
2018-04-25 11:52     ` Alexander Smirnov
2018-04-25 13:33       ` Alexander Smirnov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180417152040.5265bf7d@mmd1pvb1c.ad001.siemens.net \
    --to=henning.schild@siemens.com \
    --cc=claudius.heine.ext@siemens.com \
    --cc=isar-users@googlegroups.com \
    --cc=jan.kiszka@siemens.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox