From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6621153044585250816
X-Received: by 2002:a17:906:6dc7:: with SMTP id j7-v6mr167612ejt.10.1541607911259;
        Wed, 07 Nov 2018 08:25:11 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a17:906:5fc7:: with SMTP id k7-v6ls5105271ejv.15.gmail; Wed,
 07 Nov 2018 08:25:10 -0800 (PST)
X-Google-Smtp-Source: AJdET5eG17f+jyPASRV0WYnncTXHN0yDW+vBheNQrn9a+B3De5DK2KB1n82P+bUDhGqdEkkjA/Bi
X-Received: by 2002:a17:906:e82:: with SMTP id p2-v6mr161399ejf.13.1541607910872;
        Wed, 07 Nov 2018 08:25:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1541607910; cv=none;
        d=google.com; s=arc-20160816;
        b=A79tnEjM9b6raIu4qK3vSp/n/+OZYswlmdazAqYy9Dlfm+dfVts/Kl6BbMFZxBcnh/
         FGVQUKcgSD3mND5eT5BKWt9FrXlVUYY83MOXbdctGiCvLhVLNJV3kTZcuGaAnaTlov0a
         Og9EBZrc5d4WCuEgnMW8yR81X/qxgyOQjI49NEb5HUPtiM74kRwmbkI+lB4oENGo/qQJ
         0EaUXf/DvPh8l2L7ec79+tbpSNhOEwuSEeCKB245WiavJGbqyiwdEvrtiSOtVE4coMT6
         /X4iFkDCTXaEZwpt4jwI8fsC6n6N0rHx4QjeT+U+itb42Ogh9lsVi/5TafywaITtAHDK
         +WQA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:subject:cc:to:from:date;
        bh=dhUWUBxXP1yVES5UkYxauJARq4/AsziQPpd3zpJKLu8=;
        b=S5T/uejGW0daxEy2mPiaz7WaFLiV1BQfebXu7K/mfgw7xeQYWlHPM4NSUKlZ+5NA5U
         Iyn0O/pHxPBsCtSVTsPTOWwJCyQra8wUjhuo78+cUqeNaFq46LiQxQr2T2Ev9+GEHeb7
         i7Zo2F6Efv7Fpv4/A1705zWtzT5E2FcCHUOxs5myRtFk9Xw4D47OnXke4xrO53wGmEsn
         5He0j07wJDAT6Bgj1UTjaYbV0E95lNtAkPvyCFelkaERSg5sIjlIo10urSn4svMOLyW0
         jPuOLe4BxBrdVKML7xSq1OFiGbyvddlpREBeOVlgEthkYmpr8d9RqbP609eHTQeA69Bh
         cp6w==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=henning.schild@siemens.com
Return-Path: <henning.schild@siemens.com>
Received: from david.siemens.de (david.siemens.de. [192.35.17.14])
        by gmr-mx.google.com with ESMTPS id m25-v6si35989ejb.1.2018.11.07.08.25.10
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 07 Nov 2018 08:25:10 -0800 (PST)
Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.14 as permitted sender) client-ip=192.35.17.14;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=henning.schild@siemens.com
Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35])
	by david.siemens.de (8.15.2/8.15.2) with ESMTPS id wA7GPARw018515
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Wed, 7 Nov 2018 17:25:10 +0100
Received: from md1za8fc.ad001.siemens.net ([139.25.69.189])
	by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id wA7GPAjp012870;
	Wed, 7 Nov 2018 17:25:10 +0100
Date: Wed, 7 Nov 2018 17:25:09 +0100
From: Henning Schild <henning.schild@siemens.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: isar-users <isar-users@googlegroups.com>,
        Adriaan Schmidt
 <adriaan.schmidt@siemens.com>
Subject: Re: [PATCH] meta/dpkg-raw: fix raw package file ownership
Message-ID: <20181107172509.59d1d663@md1za8fc.ad001.siemens.net>
In-Reply-To: <b6abe00b-9093-fc5a-3e85-85c8826389a0@siemens.com>
References: <20181107161519.16595-1-henning.schild@siemens.com>
	<b6abe00b-9093-fc5a-3e85-85c8826389a0@siemens.com>
X-Mailer: Claws Mail 3.15.0-dirty (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-TUID: SW0k0xl7KmYo

Am Wed, 7 Nov 2018 17:19:14 +0100
schrieb Jan Kiszka <jan.kiszka@siemens.com>:

> On 07.11.18 17:15, [ext] Henning Schild wrote:
> > Make sure the whole content of the package defaults to ownership
> > "root:root", deviations will have to be done in postinst.
> > Before the file ownership was coming from our build environment and
> > typically was "1000:1000".
> > 
> > Reported-by: Adriaan Schmidt <adriaan.schmidt@siemens.com>
> > Signed-off-by: Henning Schild <henning.schild@siemens.com>
> > ---
> >   meta/classes/dpkg-raw.bbclass | 2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/meta/classes/dpkg-raw.bbclass
> > b/meta/classes/dpkg-raw.bbclass index c848f3d..d662422 100644
> > --- a/meta/classes/dpkg-raw.bbclass
> > +++ b/meta/classes/dpkg-raw.bbclass
> > @@ -54,6 +54,6 @@ do_prepare_build() {
> >   }
> >   
> >   dpkg_runbuild() {
> > -	sudo chown -R root:root ${D}/DEBIAN/
> > +	sudo chown -R root:root ${D}
> >   	sudo chroot ${BUILDCHROOT_DIR} dpkg-deb --build
> > ${PP}/image ${PP} }
> >   
> 
> That will overwrite potentially different settings of derived recipes
> - not optimal.

I think the only sane way of chowning inside a package is in postinst,
because you never know the id before-hand. Maybe there are a few exotic
hard-coded users/groups ...
So my assumption is that any package doing chowning does that in
postinst and otherwise all files belong to root. This commit implement
the assumption. It might be wrong but in that case i want a
counter-example from you ;).

Henning

> Jan
>