* [PATCH v2 1/1] meta/isar-bootstrap: deactivate daemon activation in chroot environment
2018-06-05 11:36 [PATCH v2 0/1] Disable daemon activation claudius.heine.ext
@ 2018-06-05 11:36 ` claudius.heine.ext
2018-06-05 17:11 ` [PATCH v2 0/1] Disable daemon activation Maxim Yu. Osipov
1 sibling, 0 replies; 3+ messages in thread
From: claudius.heine.ext @ 2018-06-05 11:36 UTC (permalink / raw)
To: isar-users; +Cc: Claudius Heine
From: Claudius Heine <ch@denx.de>
Daemons are started in postinst steps of debian packages. Those daemons
should not be started within the chroot environment, since they will be
left running.
This commit disables the execution of daemons the same way upstream
debian does it in debootstrap and debian-installer, by replacing deamon
executing binaries with fake ones.
This is then reversed in the image cleanup step.
Signed-off-by: Claudius Heine <ch@denx.de>
---
meta/classes/isar-bootstrap-helper.bbclass | 2 +
.../isar-bootstrap/files/chroot-setup.sh | 146 ++++++++++++++++++
.../isar-bootstrap/isar-bootstrap.bb | 11 +-
3 files changed, 157 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-core/isar-bootstrap/files/chroot-setup.sh
diff --git a/meta/classes/isar-bootstrap-helper.bbclass b/meta/classes/isar-bootstrap-helper.bbclass
index 2d95ed6..a3f1686 100644
--- a/meta/classes/isar-bootstrap-helper.bbclass
+++ b/meta/classes/isar-bootstrap-helper.bbclass
@@ -67,5 +67,7 @@ setup_root_file_system() {
/usr/bin/apt-get autoremove --purge --yes
sudo -E chroot "$ROOTFSDIR" \
/usr/bin/apt-get clean
+ sudo "$ROOTFSDIR/chroot-setup.sh" "cleanup" "$ROOTFSDIR"
+ sudo rm -f "$ROOTFSDIR/chroot-setup.sh"
fi
}
diff --git a/meta/recipes-core/isar-bootstrap/files/chroot-setup.sh b/meta/recipes-core/isar-bootstrap/files/chroot-setup.sh
new file mode 100644
index 0000000..47d295b
--- /dev/null
+++ b/meta/recipes-core/isar-bootstrap/files/chroot-setup.sh
@@ -0,0 +1,146 @@
+#!/bin/sh
+#
+# Copyright (c) David Whedon <dwhedon@debian.org>, 2001
+# Copyright (c) Tollef Fog Heen <tfheen@debian.org>, 2002
+# Copyright (c) Thorsten Sauter <tsauter@gmx.net>, 2003
+# Copyright (c) Rob Landley <rob@landley.net>, 2003
+# Copyright (c) Joey Hess <joeyh@debian.org>, 2003
+# Copyright (c) Colin Watson <cjwatson@debian.org>, 2005
+# Copyright (c) Siemens AG, 2018 (changes authored by Claudius Heine <ch@denx.de>)
+#
+# This file is based on:
+# https://salsa.debian.org/installer-team/debian-installer-utils/blob/master/chroot-setup.sh
+# Link to the original copyright notice:
+# https://salsa.debian.org/installer-team/debian-installer-utils/blob/master/debian/copyright
+#
+# SPDX-License-Identifier: GPL-2.0
+
+usage() {
+ cat <<-EOF 1>&2
+ Script to setup and cleanup chroot environments.
+ This script setups chroot environments so that
+ startup of daemons from debian package scripts
+ is prevented.
+
+ Usage:
+ $(basename $0) [command] [parameters]
+ commands:
+ setup [target path] Setup chroot environment
+ cleanup [target path] Cleanup chroot environment
+ EOF
+}
+
+check_target() {
+ TARGET="${1:-""}"
+
+ if [ -z "${TARGET}" ]; then
+ echo "Please set a target." 1>&2
+ echo 1>&2
+ usage
+ return 1
+ fi
+
+ # Bail out if directories we need are not there
+ if [ ! -d "/${TARGET}/sbin" ] || [ ! -d "/${TARGET}/usr/sbin" ] || \
+ [ ! -d "/${TARGET}/proc" ]; then
+ echo "Target '${TARGET}' does not exist or does contain"\
+ "required directories" 1>&2
+ echo 1>&2
+ usage
+ return 1
+ fi
+
+ return 0
+}
+
+divert () {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ chroot "/${TARGET}" dpkg-divert --quiet --add --divert "$2.REAL" --rename "$2"
+}
+
+undivert () {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ rm -f "/${TARGET}$2"
+ chroot "/${TARGET}" dpkg-divert --quiet --remove --rename "$2"
+}
+
+chroot_setup() {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ # Create a policy-rc.d to stop maintainer scripts using invoke-rc.d
+ # from running init scripts. In case of maintainer scripts that do not
+ # use invoke-rc.d, add a dummy start-stop-daemon.
+ cat > "/${TARGET}/usr/sbin/policy-rc.d" <<-EOF
+ #!/bin/sh
+ exit 101
+ EOF
+ chmod a+rx "/${TARGET}/usr/sbin/policy-rc.d"
+
+ if [ -e "/${TARGET}/sbin/start-stop-daemon" ]; then
+ divert "${TARGET}" /sbin/start-stop-daemon
+ fi
+ cat > "/${TARGET}/sbin/start-stop-daemon" <<-EOF
+ #!/bin/sh
+ echo 1>&2
+ echo 'Warning: Fake start-stop-daemon called, doing nothing.' 1>&2
+ exit 0
+ EOF
+ chmod a+rx "/${TARGET}/sbin/start-stop-daemon"
+
+ # If Upstart is in use, add a dummy initctl to stop it starting jobs.
+ if [ -x "/${TARGET}/sbin/initctl" ]; then
+ divert "${TARGET}" /sbin/initctl
+ cat > "/${TARGET}/sbin/initctl" <<-EOF
+ #!/bin/sh
+ if [ "\$1" = version ]; then exec /sbin/initctl.REAL "\$@"; fi
+ echo 1>&2
+ echo 'Warning: Fake initctl called, doing nothing.' 1>&2
+ exit 0
+ EOF
+ chmod a+rx "/${TARGET}/sbin/initctl"
+ fi
+}
+
+chroot_cleanup() {
+ TARGET="${1:-""}"
+
+ check_target "${TARGET}" || return 1
+
+ rm -f "/${TARGET}/usr/sbin/policy-rc.d"
+ undivert "${TARGET}" /sbin/start-stop-daemon
+ if [ -x "/${TARGET}/sbin/initctl.REAL" ]; then
+ undivert "${TARGET}" /sbin/initctl
+ fi
+}
+
+main() {
+ CMD="${1:-""}"
+
+ if [ -z "${CMD}" ]; then
+ usage
+ return 1
+ fi
+ shift
+
+ case "${CMD}" in
+ "setup")
+ chroot_setup $@;;
+ "cleanup")
+ chroot_cleanup $@;;
+ *)
+ echo "Unknown command '${CMD}'." 1>&2
+ echo 1>&2
+ usage
+ return 1;;
+ esac
+}
+
+main $@
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb b/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb
index bb3992b..497a4f4 100644
--- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb
+++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.bb
@@ -13,7 +13,8 @@ FILESPATH_prepend := "${THISDIR}/files:"
SRC_URI = " \
file://isar-apt.conf \
file://isar-apt-fallback.conf \
- file://locale"
+ file://locale \
+ file://chroot-setup.sh"
PV = "1.0"
WORKDIR = "${TMPDIR}/work/${DISTRO}-${DISTRO_ARCH}/${PN}"
@@ -201,6 +202,12 @@ do_set_locale() {
}
addtask set_locale after do_bootstrap
+do_setup_chroot() {
+ sudo install -v -m755 "${WORKDIR}/chroot-setup.sh" "${ROOTFSDIR}/chroot-setup.sh"
+ sudo "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}"
+}
+addtask setup_chroot before do_build after do_bootstrap
+
def get_host_release():
import platform
rel = platform.release()
@@ -237,7 +244,7 @@ do_apt_update() {
sudo -E chroot "${ROOTFSDIR}" /usr/bin/apt-get dist-upgrade -y \
-o Debug::pkgProblemResolver=yes
}
-addtask apt_update before do_build after do_apt_config_install do_set_locale
+addtask apt_update before do_build after do_apt_config_install do_set_locale do_setup_chroot
do_deploy[stamp-extra-info] = "${DISTRO}-${DISTRO_ARCH}"
do_deploy[dirs] = "${DEPLOY_DIR_IMAGE}"
--
2.17.1
^ permalink raw reply [flat|nested] 3+ messages in thread