From: claudius.heine.ext@siemens.com
To: isar-users@googlegroups.com
Cc: Claudius Heine <ch@denx.de>
Subject: [PATCH v2 1/1] meta/isar-bootstrap: deactivate daemon activation in chroot environment
Date: Tue, 5 Jun 2018 13:36:45 +0200 [thread overview]
Message-ID: <20180605113645.27936-2-claudius.heine.ext@siemens.com> (raw)
In-Reply-To: <20180605113645.27936-1-claudius.heine.ext@siemens.com>
From: Claudius Heine <ch@denx.de>
Daemons are started in postinst steps of debian packages. Those daemons
should not be started within the chroot environment, since they will be
left running.
This commit disables the execution of daemons the same way upstream
debian does it in debootstrap and debian-installer, by replacing deamon
executing binaries with fake ones.
This is then reversed in the image cleanup step.
Signed-off-by: Claudius Heine <ch@denx.de>
---
meta/classes/isar-bootstrap-helper.bbclass | 2 +
.../isar-bootstrap/files/chroot-setup.sh | 146 ++++++++++++++++++
.../isar-bootstrap/isar-bootstrap.bb | 11 +-
3 files changed, 157 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-core/isar-bootstrap/files/chroot-setup.sh
diff --git a/meta/classes/isar-bootstrap-helper.bbclass b/meta/classes/isar-bootstrap-helper.bbclass
index 2d95ed6..a3f1686 100644
--- a/meta/classes/isar-bootstrap-helper.bbclass
+++ b/meta/classes/isar-bootstrap-helper.bbclass
@@ -67,5 +67,7 @@ setup_root_file_system() {
/usr/bin/apt-get autoremove --purge --yes
sudo -E chroot "$ROOTFSDIR" \
/usr/bin/apt-get clean
+ sudo "$ROOTFSDIR/chroot-setup.sh" "cleanup" "$ROOTFSDIR"
+ sudo rm -f "$ROOTFSDIR/chroot-setup.sh"
fi
}
diff --git a/meta/recipes-core/isar-bootstrap/files/chroot-setup.sh b/meta/recipes-core/isar-bootstrap/files/chroot-setup.sh
new file mode 100644
index 0000000..47d295b
--- /dev/null
+++ b/meta/recipes-core/isar-bootstrap/files/chroot-setup.sh
@@ -0,0 +1,146 @@
+#!/bin/sh
+#
+# Copyright (c) David Whedon <dwhedon@debian.org>, 2001
+# Copyright (c) Tollef Fog Heen <tfheen@debian.org>, 2002
+# Copyright (c) Thorsten Sauter <tsauter@gmx.net>, 2003
+# Copyright (c) Rob Landley <rob@landley.net>, 2003
+# Copyright (c) Joey Hess <joeyh@debian.org>, 2003
+# Copyright (c) Colin Watson <cjwatson@debian.org>, 2005
+# Copyright (c) Siemens AG, 2018 (changes authored by Claudius Heine <ch@denx.de>)
+#
+# This file is based on:
+# https://salsa.debian.org/installer-team/debian-installer-utils/blob/master/chroot-setup.sh
+# Link to the original copyright notice:
+# https://salsa.debian.org/installer-team/debian-installer-utils/blob/master/debian/copyright
+#
+# SPDX-License-Identifier: GPL-2.0
+
+usage() {
+ cat <<-EOF 1>&2
+ Script to setup and cleanup chroot environments.
+ This script setups chroot environments so that
+ startup of daemons from debian package scripts
+ is prevented.
+
+ Usage:
+ $(basename $0) [command] [parameters]
+ commands:
+ setup [target path] Setup chroot environment
+ cleanup [target path] Cleanup chroot environment
+ EOF
+}
+
+check_target() {
+ TARGET="${1:-""}"
+
+ if [ -z "${TARGET}" ]; then
+ echo "Please set a target." 1>&2
+ echo 1>&2
+ usage
+ return 1
+ fi
+
+ # Bail out if directories we need are not there
+ if [ ! -d "/${TARGET}/sbin" ] || [ ! -d "/${TARGET}/usr/sbin" ] || \
+ [ ! -d "/${TARGET}/proc" ]; then
+ echo "Target '${TARGET}' does not exist or does contain"\
+ "required directories" 1>&2
+ echo 1>&2
+ usage
+ return 1
+ fi
+
+ return 0
+}
+
+divert () {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ chroot "/${TARGET}" dpkg-divert --quiet --add --divert "$2.REAL" --rename "$2"
+}
+
+undivert () {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ rm -f "/${TARGET}$2"
+ chroot "/${TARGET}" dpkg-divert --quiet --remove --rename "$2"
+}
+
+chroot_setup() {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ # Create a policy-rc.d to stop maintainer scripts using invoke-rc.d
+ # from running init scripts. In case of maintainer scripts that do not
+ # use invoke-rc.d, add a dummy start-stop-daemon.
+ cat > "/${TARGET}/usr/sbin/policy-rc.d" <<-EOF
+ #!/bin/sh
+ exit 101
+ EOF
+ chmod a+rx "/${TARGET}/usr/sbin/policy-rc.d"
+
+ if [ -e "/${TARGET}/sbin/start-stop-daemon" ]; then
+ divert "${TARGET}" /sbin/start-stop-daemon
+ fi
+ cat > "/${TARGET}/sbin/start-stop-daemon" <<-EOF
+ #!/bin/sh
+ echo 1>&2
+ echo 'Warning: Fake start-stop-daemon called, doing nothing.' 1>&2
+ exit 0
+ EOF
+ chmod a+rx "/${TARGET}/sbin/start-stop-daemon"
+
+ # If Upstart is in use, add a dummy initctl to stop it starting jobs.
+ if [ -x "/${TARGET}/sbin/initctl" ]; then
+ divert "${TARGET}" /sbin/initctl
+ cat > "/${TARGET}/sbin/initctl" <<-EOF
+ #!/bin/sh
+ if [ "\$1" = version ]; then exec /sbin/initctl.REAL "\$@"; fi
+ echo 1>&2
+ echo 'Warning: Fake initctl called, doing nothing.' 1>&2
+ exit 0
+ EOF
+ chmod a+rx "/${TARGET}/sbin/initctl"
+ fi
+}
+
+chroot_cleanup() {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ rm -f "/${TARGET}/usr/sbin/policy-rc.d"
+ undivert "${TARGET}" /sbin/start-stop-daemon
+ if [ -x "/${TARGET}/sbin/initctl.REAL" ]; then
+ undivert "${TARGET}" /sbin/initctl
+ fi
+}
+
+main() {
+ CMD="${1:-""}"
+
+ if [ -z "${CMD}" ]; then
+ usage
+ return 1
+ fi
+ shift
+
+ case "${CMD}" in
+ "setup")
+ chroot_setup $@;;
+ "cleanup")
+ chroot_cleanup $@;;
+ *)
+ echo "Unknown command '${CMD}'." 1>&2
+ echo 1>&2
+ usage
+ return 1;;
+ esac
+}
+
+main $@
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb b/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb
index bb3992b..497a4f4 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb
@@ -13,7 +13,8 @@ FILESPATH_prepend := "${THISDIR}/files:"
SRC_URI = " \
file://isar-apt.conf \
file://isar-apt-fallback.conf \
- file://locale"
+ file://locale \
+ file://chroot-setup.sh"
PV = "1.0"
WORKDIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/${PN}"
@@ -201,6 +202,12 @@ do_set_locale() {
}
addtask set_locale after do_bootstrap
+do_setup_chroot() {
+ sudo install -v -m755 "${WORKDIR}/chroot-setup.sh" "${ROOTFSDIR}/chroot-setup.sh"
+ sudo "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}"
+}
+addtask setup_chroot before do_build after do_bootstrap
+
def get_host_release():
import platform
rel = platform.release()
@@ -237,7 +244,7 @@ do_apt_update() {
sudo -E chroot "${ROOTFSDIR}" /usr/bin/apt-get dist-upgrade -y \
-o Debug::pkgProblemResolver=yes
}
-addtask apt_update before do_build after do_apt_config_install do_set_locale
+addtask apt_update before do_build after do_apt_config_install do_set_locale do_setup_chroot
do_deploy[stamp-extra-info] = "${DISTRO}-${DISTRO_ARCH}"
do_deploy[dirs] = "${DEPLOY_DIR_IMAGE}"
--
2.17.1
next prev parent reply other threads:[~2018-06-05 11:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-05 11:36 [PATCH v2 0/1] Disable daemon activation claudius.heine.ext
2018-06-05 11:36 ` claudius.heine.ext [this message]
2018-06-05 17:11 ` Maxim Yu. Osipov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180605113645.27936-2-claudius.heine.ext@siemens.com \
--to=claudius.heine.ext@siemens.com \
--cc=ch@denx.de \
--cc=isar-users@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox