From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6592648938739728384
X-Received: by 2002:a19:94c5:: with SMTP id o66-v6mr56113lfk.19.1536756598358;
        Wed, 12 Sep 2018 05:49:58 -0700 (PDT)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a19:175b:: with SMTP id n88-v6ls129044lfi.18.gmail; Wed, 12
 Sep 2018 05:49:57 -0700 (PDT)
X-Google-Smtp-Source: ANB0Vda+ntXnArzueyB0E7YmJVmZV7pFOtD4lv2kNiXwVjOc3UZU9L80A8JQSiTMyGv1Iq4DaTdj
X-Received: by 2002:a19:1747:: with SMTP id n68-v6mr56074lfi.6.1536756597951;
        Wed, 12 Sep 2018 05:49:57 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536756597; cv=none;
        d=google.com; s=arc-20160816;
        b=pDTUhTTYiCT8xOBhnkMIi49fhBPR+BEXl7VOyL7dfxzTRdOa966elJySnnTElV5yPm
         CBXCjR/RxVlgahZWDmku46Zt5WdMFNKD8fM3jt+bwEpRprIrs7nLJMlF/Lx1J/vBdnpK
         eERUc/ZE43P5DKHWHB4SnGCM07mfunDmwTY0wGWSO40mal7r95U7hb8JeIVZF5fHyVmN
         M06W6WF6in1KHSyU52Pbr+1hs7ukpDt7O4FvEL6l82kQoh5XtQKow9XCcygpxKXbwfoe
         S93mrrDi2So7Rhk5r+ohA1NLZcvxJLfcCL+FY/VL3f5Evf3ovgPEQQtLLxNyO49ZdoBE
         4bgw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:subject:cc:to:from:date;
        bh=02Qk6gRbAyBKpJC2mrBMnrQtdh0i50mZV6osdpaTlco=;
        b=BdPFlB5KAlQrjFIBvur6cre6vfnUduK6rlnMjVm6e1i+yXL79DZh9JSzSSIi5YjptQ
         zDxtCl34RBpinMnAK3Xmp2c5lB4Coj7sIfZNrAV7PKF0NUumCi/+q4A07eZ7+tCLYtIy
         tbHdwbTbQSUsXEReu3IrB5JW2gtljbxtg9RjMmKKor2VI67ZYpkEOMdkTnJMXRQmJbS3
         r9NHCDV0zhWPYcBpLig5UIEG376Y+0MnyMtbjRHZE8bPWc5Piro4SgKh/qixtYZeqoCC
         QJsqCYfRlhW6ULr7lymlPgS98wXlKrC93wdLVHI7EzjIqBFEKDMSDolOfDSotJxiZdFh
         57gg==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=henning.schild@siemens.com
Return-Path: <henning.schild@siemens.com>
Received: from goliath.siemens.de (goliath.siemens.de. [192.35.17.28])
        by gmr-mx.google.com with ESMTPS id v82-v6si43602lje.2.2018.09.12.05.49.57
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 12 Sep 2018 05:49:57 -0700 (PDT)
Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.28 as permitted sender) client-ip=192.35.17.28;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=henning.schild@siemens.com
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66])
	by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id w8CCnubm027098
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Wed, 12 Sep 2018 14:49:57 +0200
Received: from md1pvb1c.ad001.siemens.net (md1pvb1c.ad001.siemens.net [139.25.68.40])
	by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id w8CCnuWo000610;
	Wed, 12 Sep 2018 14:49:56 +0200
Date: Wed, 12 Sep 2018 14:49:55 +0200
From: Henning Schild <henning.schild@siemens.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: isar-users <isar-users@googlegroups.com>
Subject: Re: [PATCH v3] wic-image: Fix up file ownership in isar repo after
 wic run
Message-ID: <20180912144955.4ce5ab6c@md1pvb1c.ad001.siemens.net>
In-Reply-To: <f37e89cf-8753-75cf-1ca9-4781e47235f7@siemens.com>
References: <f37e89cf-8753-75cf-1ca9-4781e47235f7@siemens.com>
X-Mailer: Claws Mail 3.15.0-dirty (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-TUID: 4mp8Tlz6Bi+L

Am Thu, 23 Aug 2018 14:12:19 +0200
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> This prevents needlessly leaving the __pycache__ directories
> root-owned behind after running wic as superuser - will only cause
> troubles to the user when trying to clean up the isar repo.
> 
> We update the ownership only for selected subdirs of the repo to avoid
> touching local files.
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> 
> Changes in v3:
>  - catch ALL relevant folders (first test, then post - hmpf)
> 
>  meta/classes/wic-img.bbclass | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/meta/classes/wic-img.bbclass
> b/meta/classes/wic-img.bbclass index b56df7b..bc405c1 100644
> --- a/meta/classes/wic-img.bbclass
> +++ b/meta/classes/wic-img.bbclass
> @@ -71,6 +71,7 @@ do_wic_image() {
>      export MTOOLS_SKIP_CHECK=1
>  
>      sudo -E chroot ${BUILDCHROOT_DIR} ${ISARROOT}/scripts/wic create
> ${WKS_FILE} --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -o /tmp/ -e
> ${IMAGE_BASENAME} ${WIC_CREATE_EXTRA_ARGS}
> +    sudo chown -R $(stat -c "%U" ${ISARROOT}) ${ISARROOT}/meta
> ${ISARROOT}/meta-isar ${ISARROOT}/scripts cp -f `ls -t -1
> ${BUILDCHROOT_DIR}/tmp/${WKS_FILE}*.direct | head -1`
> ${WIC_IMAGE_FILE} }

This breaks if ISARROOT is mounted ro, chown will fail with "read only
file system" and there will not even be any __pycache__ things to chown.

Steps to reproduce:
git clone isar
cd isar
mkdir out
docker run -v $(pwd):/this/:ro -v $(pwd)/out:/out:rw -e USER_ID=$(id
-u) --rm -t -i  --cap-add=SYS_ADMIN --cap-add=MKNOD -e
http_proxy=$http_proxy -e https_proxy=$https_proxy  -e
ftp_proxy=$ftp_proxy -e no_proxy=$no_proxy $CONTAINER sh -c bash
docker> cd /out
docker> source /this/isar-init-build-env
isar> bitbake <a wic image>

Henning