From: Henning Schild <henning.schild@siemens.com>
To: isar-users@googlegroups.com
Cc: claudius.heine.ext@siemens.com,
Jan Kiszka <jan.kiszka@siemens.com>,
Henning Schild <henning.schild@siemens.com>
Subject: [PATCH] isar-bootstrap: Remove leaked hostname and resolv.conf from images
Date: Tue, 17 Apr 2018 17:37:59 +0200 [thread overview]
Message-ID: <20180417153759.17355-1-henning.schild@siemens.com> (raw)
In-Reply-To: <20180417124618.30964-1-henning.schild@siemens.com>
debootstrap will leak the build hosts /etc/hostname and /etc/resolv.conf
into all rootfss it builds. That is done so the newly created rootfs
will have internet access once you chroot into it.
For the buildchroot we need internet and the leakage does not hurt, for
the final image we probably do not want any of these files anymore.
So split up the apt-get into a download and install phase and delete
the two files after fetching the packages, but only for the image and
not the buildchroot.
Signed-off-by: Henning Schild <henning.schild@siemens.com>
---
meta-isar/recipes-core/images/isar-image-base.bb | 3 ++-
meta/classes/isar-bootstrap-helper.bbclass | 13 +++++++++----
meta/recipes-devtools/buildchroot/buildchroot.bb | 3 ++-
3 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/meta-isar/recipes-core/images/isar-image-base.bb b/meta-isar/recipes-core/images/isar-image-base.bb
index c4799d3..989386c 100644
--- a/meta-isar/recipes-core/images/isar-image-base.bb
+++ b/meta-isar/recipes-core/images/isar-image-base.bb
@@ -36,7 +36,8 @@ do_rootfs() {
mkdir -p $CDIRS
fi
- setup_root_file_system "${IMAGE_ROOTFS}" ${IMAGE_PREINSTALL} ${IMAGE_INSTALL}
+ setup_root_file_system "${IMAGE_ROOTFS}" "clean" \
+ ${IMAGE_PREINSTALL} ${IMAGE_INSTALL}
# Configure root filesystem
sudo install -m 755 "${WORKDIR}/${DISTRO_CONFIG_SCRIPT}" "${IMAGE_ROOTFS}"
diff --git a/meta/classes/isar-bootstrap-helper.bbclass b/meta/classes/isar-bootstrap-helper.bbclass
index a06116d..e062921 100644
--- a/meta/classes/isar-bootstrap-helper.bbclass
+++ b/meta/classes/isar-bootstrap-helper.bbclass
@@ -7,8 +7,13 @@
setup_root_file_system() {
ROOTFSDIR="$1"
+ CLEANHOSTLEAK="$2"
+ shift
shift
PACKAGES="$@"
+ APT_ARGS="install --yes --allow-unauthenticated \
+ -o Debug::pkgProblemResolver=yes"
+ CLEANHOSTLEAK_FILES="${ROOTFSDIR}/etc/hostname ${ROOTFSDIR}/etc/resolv.conf"
sudo cp -Trpfx \
"${DEPLOY_DIR_IMAGE}/isar-bootstrap-${DISTRO}-${DISTRO_ARCH}/" \
@@ -32,8 +37,8 @@ setup_root_file_system() {
-o Dir::Etc::sourceparts="-" \
-o APT::Get::List-Cleanup="0"
sudo -E chroot "$ROOTFSDIR" \
- /usr/bin/apt-get install -y \
- --allow-unauthenticated \
- -o Debug::pkgProblemResolver=yes \
- $PACKAGES
+ /usr/bin/apt-get ${APT_ARGS} --download-only $PACKAGES
+ [ "clean" = ${CLEANHOSTLEAK} ] && sudo rm -f ${CLEANHOSTLEAK_FILES}
+ sudo -E chroot "$ROOTFSDIR" \
+ /usr/bin/apt-get ${APT_ARGS} $PACKAGES
}
diff --git a/meta/recipes-devtools/buildchroot/buildchroot.bb b/meta/recipes-devtools/buildchroot/buildchroot.bb
index b16e63a..0beb188 100644
--- a/meta/recipes-devtools/buildchroot/buildchroot.bb
+++ b/meta/recipes-devtools/buildchroot/buildchroot.bb
@@ -44,7 +44,8 @@ do_build() {
mkdir -p $CDIRS
fi
- setup_root_file_system "${BUILDCHROOT_DIR}" ${BUILDCHROOT_PREINSTALL}
+ setup_root_file_system "${BUILDCHROOT_DIR}" "noclean" \
+ ${BUILDCHROOT_PREINSTALL}
# Install package builder script
sudo chmod -R a+rw "${BUILDCHROOT_DIR}/home/builder"
--
2.16.1
next prev parent reply other threads:[~2018-04-17 15:38 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-17 12:46 [PATCH] meta-isar/example-raw: Remove /etc/resolv.conf in postinst Henning Schild
2018-04-17 13:03 ` Jan Kiszka
2018-04-17 13:20 ` Henning Schild
2018-04-17 13:23 ` Jan Kiszka
2018-04-17 15:09 ` Henning Schild
2018-04-17 15:37 ` Henning Schild [this message]
2018-04-19 15:35 ` [PATCH] isar-bootstrap: Remove leaked hostname and resolv.conf from images Claudius Heine
2018-04-20 12:05 ` Henning Schild
2018-04-25 11:21 ` Jan Kiszka
2018-04-25 11:52 ` Alexander Smirnov
2018-04-25 13:33 ` Alexander Smirnov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180417153759.17355-1-henning.schild@siemens.com \
--to=henning.schild@siemens.com \
--cc=claudius.heine.ext@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=jan.kiszka@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox