From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6545397795972448256 X-Received: by 10.80.244.1 with SMTP id r1mr803571edm.4.1523971242249; Tue, 17 Apr 2018 06:20:42 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 10.80.194.145 with SMTP id o17ls902668edf.6.gmail; Tue, 17 Apr 2018 06:20:41 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/tVJ66rwxHS7MQaozOoUxCJfCnmLU1OUQtcc/SRObajSrs6XSbTs27ZMuNZuw+7SO0vDD5 X-Received: by 10.80.214.205 with SMTP id l13mr799625edj.5.1523971241779; Tue, 17 Apr 2018 06:20:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523971241; cv=none; d=google.com; s=arc-20160816; b=cWniGUcverf9sNhZEJxqVFCpmM/CdYiJG+tLxhUDWeiIxy69lX0BCDgFbC6254//CM WJGiMmfz3kjx/SbeT+J6iH4RN2ZcTSEaCAnDpiBYpgHbkgkmpXSdNPkJ74kBKpWQKgxN zfpjgi4Z7t+5l83cN3s5vzRSAx88+SQbUGWtbV6aU8wrJbhW/u+p6rrE5UvtZIRnXApw zPWdnnUpH5BhA3zHLbfDEKicIcFlnezbtCJngWtVTP1zKvJBy7rwIFchqf+iDZam4aqC /BEa4slFstYRgsWFqQAUAhF5aBkmZoSIQTmn9XGNmKm+k+4wiZH3G02SzEYgFTSg2ke7 FyFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:arc-authentication-results; bh=5cZnNvRR9py5uJTANiGG1RX4CV7lOhMn5xoevxRX5rI=; b=aOr1dEQUUWqGOTWByIuh/fyHNIjMRuEX7iJNTZppNpaCbumZ1lovPAZu2udYyToGEK StrTUwBoX1OqjoiAHwc4aSaBjkJJq+ZY97T4QYgjwMkDNQBwCNjwEEWAlSjbn9Lc7LA5 iRnTkzLi5cNzjDuAE+tzpmy598jDY3GNx5MVm+HUqwRu5em6aRG+3hHAVU6oUyNFzp5B l0laHSOCpsm5ipsJAJvjcQu5Ifhja7r64AAdX0mpFj6HrhVNavFUV4k8+ox97y23WRJZ sd0us+PgaUF2I5e44QJ3tXj88Y8Dp2tXlzvJ7vRpUnuxC0KOiIwKDk1K9QAB9eS82phe sVQw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=henning.schild@siemens.com Return-Path: Received: from david.siemens.de (david.siemens.de. [192.35.17.14]) by gmr-mx.google.com with ESMTPS id t16si273962edi.0.2018.04.17.06.20.41 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 17 Apr 2018 06:20:41 -0700 (PDT) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.14 as permitted sender) client-ip=192.35.17.14; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=henning.schild@siemens.com Received: from mail2.siemens.de (mail2.siemens.de [139.25.208.11]) by david.siemens.de (8.15.2/8.15.2) with ESMTPS id w3HDKfaV010885 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 17 Apr 2018 15:20:41 +0200 Received: from mmd1pvb1c.ad001.siemens.net (md1pvb1c.ad001.siemens.net [139.25.68.40] (may be forged)) by mail2.siemens.de (8.15.2/8.15.2) with ESMTP id w3HDKeR8016366; Tue, 17 Apr 2018 15:20:40 +0200 Date: Tue, 17 Apr 2018 15:20:40 +0200 From: Henning Schild To: Jan Kiszka Cc: , Subject: Re: [PATCH] meta-isar/example-raw: Remove /etc/resolv.conf in postinst Message-ID: <20180417152040.5265bf7d@mmd1pvb1c.ad001.siemens.net> In-Reply-To: <9f1829c8-331e-031c-8c03-37cc5b76c44a@siemens.com> References: <20180417124618.30964-1-henning.schild@siemens.com> <9f1829c8-331e-031c-8c03-37cc5b76c44a@siemens.com> X-Mailer: Claws Mail 3.15.0-dirty (GTK+ 2.24.31; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TUID: mN9vef5iEIPO Am Tue, 17 Apr 2018 15:03:28 +0200 schrieb Jan Kiszka : > On 2018-04-17 14:46, [ext] Henning Schild wrote: > > Issue: debootstrap copies /etc/resolv.conf from the host into the > > rootfs, and we need it there to use apt-get. But we do not always > > want it there after we are done installing > > > > Fix: remove the leaked file in our image customization package, to > > reach a defined state. That happens to be the state we had with > > multistrap. > > > > Impact: images will not contain a resolv.conf anymore, just like in > > the multistrap days. If you want one do not install example-raw and > > customize in your own hook > > > > Signed-off-by: Henning Schild > > --- > > meta-isar/recipes-app/example-raw/files/postinst | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/meta-isar/recipes-app/example-raw/files/postinst > > b/meta-isar/recipes-app/example-raw/files/postinst index > > f60be8c..385473e 100644 --- > > a/meta-isar/recipes-app/example-raw/files/postinst +++ > > b/meta-isar/recipes-app/example-raw/files/postinst @@ -19,4 +19,8 > > @@ chown -R isar:isar /var/lib/isar # but we take the same password > > for this example echo "root:root" | chpasswd > > > > +# debootstrap will leak these two files from the build host, get > > them +# into a defined state > > +# every image will have to handle these two somehow > > echo "isar" > /etc/hostname > > +rm -f /etc/resolv.conf > > That cleaning should go into the generic images. It's not a > customization. Just discussed that with Claudius offline. And we came to the conclusion that it can not really go anywhere else. Instead our conclusion was, that these two files are special and every image should contain a customization script to bring those two into a defined state. We read debootstrap code and confirmed that it is these two files only. In fact we found resolv.conf after a question around hostname appeared. If you delete them in the image-recipe, you can not tune them in hooks anymore. And the image needs them as long as it needs internet ... want to use apt-get. We could handle them in a post do_rootfs task that end-users would override to customize. The bb-task would not be very debian-like and would open a tempting hack-vector that end-users might use to smuggle rootfs-changes around apt. Henning > Jan >