From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6623002413686063104 X-Received: by 2002:a2e:9119:: with SMTP id m25-v6mr198021ljg.22.1542037914440; Mon, 12 Nov 2018 07:51:54 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a19:fc1e:: with SMTP id a30ls517098lfi.12.gmail; Mon, 12 Nov 2018 07:51:54 -0800 (PST) X-Google-Smtp-Source: AJdET5dC3ho5raOiltWHEGDugLXJCn28pGJeSoyc5dmF5GUUIM8MNGqE1G6NAR9+ncczMAx49p30 X-Received: by 2002:ac2:42d0:: with SMTP id n16mr179062lfl.5.1542037913927; Mon, 12 Nov 2018 07:51:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542037913; cv=none; d=google.com; s=arc-20160816; b=G/FxTkOn8MDRLMnilBneBkweejKWdmaAMDYIhffBjeCWfFNa8mbuNmQHYH/tDG03az hdU+9vwbv7KihEpyWRa3Nq756966gvlEeM2/4jcdu4JjUV+E+E9CXytmPxWoXv4KN480 9GlCMe+z9jc2/CFJWRJc4i8EJ99QqoRA4pBOIzk/D6kWmXp92xgtIlyWD6dIFam0lcY/ V6s4Y4Z2KibyWhgNM7YkcFTBJVVRK+uQD5t+xNB4vOq2+L299DCvimHWbOeaZLWT0W2e kUOfzOx5voNi8qWmUdsE8NSlq4fF1o6Odj+Rg34dXLCAy78qN1EWiNXYkTVpd+jyVABj meSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=ZbUsDipwDDYQK8wn7U4GBcHy2m8fhaZ1WdNXUJ0aC8A=; b=l0OKyeWIZ1AtN70q2OR5glWQGwDHGHo4R8zZwuguuUTG1D/u+qfxx03sMypoV5eNBj FBEwBRhujgsS+LFn3Mw3JNc/qtuvqt4gAu391F4Ml4/MgjPevi5ddCX6RI2YdoQMgUvW v3AFFDV1Ubsi9osOqo46rat1jd6IRdrm7ry1DR7NuChFzXUB6bLQ0Xu8/EtGq47rScTQ RAy8NwpEMUOSwtxVNI7dF6wPFay/SJFeF16ibD9OmJIKyIidvfORBAbK/NY4QJddPZTy maod0HRDjDp2+3h1XFkpEIZe8DCG7zW0esFDJfVDgpvqnxRbaCaFbx3gMF1tctWFhrk9 f8UA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com Return-Path: Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2]) by gmr-mx.google.com with ESMTPS id w10si631138lfc.5.2018.11.12.07.51.53 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Nov 2018 07:51:53 -0800 (PST) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id wACFpr64015583 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Mon, 12 Nov 2018 16:51:53 +0100 Received: from md1za8fc.ad001.siemens.net ([139.25.69.119]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id wACFpqVJ016877; Mon, 12 Nov 2018 16:51:52 +0100 From: Henning Schild To: isar-users Cc: Jan Kiszka Subject: [PATCH 1/3] buildchroot: Align UID and GID of builder user with caller Date: Mon, 12 Nov 2018 16:51:47 +0100 Message-Id: <20181112155149.24215-2-henning.schild@siemens.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181112155149.24215-1-henning.schild@siemens.com> References: <20181112155149.24215-1-henning.schild@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUID: VSigU64yMWfS From: Jan Kiszka This fixes EPERM on rebuild and also some clean builds: We have to align the IDs of the builder user with the user in the host environment. Otherwise, files and directories can become unaccessible during the build. Fixes: be291cd991bd ("buildchroot: build debian packages as "builder" not "root"") Signed-off-by: Jan Kiszka --- meta/recipes-devtools/buildchroot/buildchroot.inc | 4 +++- meta/recipes-devtools/buildchroot/files/configscript.sh | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/meta/recipes-devtools/buildchroot/buildchroot.inc b/meta/recipes-devtools/buildchroot/buildchroot.inc index 7dd909e..2c44db9 100644 --- a/meta/recipes-devtools/buildchroot/buildchroot.inc +++ b/meta/recipes-devtools/buildchroot/buildchroot.inc @@ -36,7 +36,9 @@ do_build() { # Configure root filesystem sudo install -m 755 ${WORKDIR}/configscript.sh ${BUILDCHROOT_DIR} - sudo chroot ${BUILDCHROOT_DIR} /configscript.sh + USER_ID=$(id -u) + GROUP_ID=$(id -g) + sudo chroot ${BUILDCHROOT_DIR} /configscript.sh $USER_ID $GROUP_ID sudo mount --bind ${DL_DIR} ${BUILDCHROOT_DIR}/downloads } diff --git a/meta/recipes-devtools/buildchroot/files/configscript.sh b/meta/recipes-devtools/buildchroot/files/configscript.sh index 30660e7..7e49385 100644 --- a/meta/recipes-devtools/buildchroot/files/configscript.sh +++ b/meta/recipes-devtools/buildchroot/files/configscript.sh @@ -10,6 +10,6 @@ locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8 locales locales/default_environment_locale select en_US.UTF-8 END -addgroup --quiet --system builder -useradd --system --gid builder --no-create-home --home /home/builder --no-user-group --comment "Isar buildchroot build user" builder +addgroup --quiet --system builder --gid $2 +useradd --system --uid $1 --gid builder --no-create-home --home /home/builder --no-user-group --comment "Isar buildchroot build user" builder chown -R builder:builder /home/builder -- 2.19.1