From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6906006289225089024 X-Received: by 2002:a0c:aac3:: with SMTP id g3mr22503906qvb.40.1607949402517; Mon, 14 Dec 2020 04:36:42 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:620a:242:: with SMTP id q2ls7918881qkn.9.gmail; Mon, 14 Dec 2020 04:36:42 -0800 (PST) X-Google-Smtp-Source: ABdhPJw7WxY/MAYILmG/SeQSbpO/uyWBeemNadEwsgNTzbcfDWwUzFRRHcCnnohjZlwmomsD6kJe X-Received: by 2002:a05:620a:1203:: with SMTP id u3mr15025447qkj.39.1607949401960; Mon, 14 Dec 2020 04:36:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607949401; cv=none; d=google.com; s=arc-20160816; b=H4k41GTENzi+kyGYbMCE8Sl7sM2uRL30UI6iec0zXFGwlPsivBQ8ppYmTNHste13DP lFxMWedjuBtTt3YR6yM2eMUO2uGimJtybAEtDVnf4RCkZXS0DwjJ6THjMUey6luOt8VA zaP5UCDeMQhv+M1s+YU9jzXbQ/DB7uOUqA6ICx41mhDfxtUKaotZ0Pv4OBPrO16/viJZ NcbNRLb3GkiJJ3baYVbJeqxj1fagJ5CvqFwWOUPSG4SB7PujN7ihnIgU0K4cyKkNFngd jajVrSx2Wge00UOg3P7pXj2X6jGkp0GAwfj974iZq7MMGTaWlwdTObDBm/2FOn+0YQM7 Cxcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date; bh=1A9qIO2ior2L4kAIJuJrYy1bc6nbVqiCHcToQnjemjg=; b=QtfgKUnGQBvo6RXkvBeZ6NxeUDazhTdDpxuzkx5moqSKDl1/cqHo9tL3vC/FE3LCfB fFDfgAiO6xLSuWnBUkJlU2VnANvgRTj0K2e2HGoqg1TBset4fnUkepIQC2ftdG5/UK89 Pls/3JHbsGSMyusV0FYqxcXadS4QUZXH7BSpxivh0AloMiBj/KszY/balzfZSZ9yYxjc 2pazebc60mdudHBzt2ZiVbC8YsLmdyYTREJ3zJKC19/oP04Ze2szgn8R3DSpZhs1hU2C zw/Fffv169wIMqRSbFG5kWraspZofVdIbUNAyhmivO53S1K30U5yrVknQIpkeeCVTDQb OcdA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from lizzard.sbs.de (lizzard.sbs.de. [194.138.37.39]) by gmr-mx.google.com with ESMTPS id f16si1388899qkg.3.2020.12.14.04.36.41 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Dec 2020 04:36:41 -0800 (PST) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.39 as permitted sender) client-ip=194.138.37.39; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35]) by lizzard.sbs.de (8.15.2/8.15.2) with ESMTPS id 0BECaeNL008959 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Mon, 14 Dec 2020 13:36:40 +0100 Received: from md1za8fc.ad001.siemens.net ([167.87.44.172]) by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 0BECadOu010569; Mon, 14 Dec 2020 13:36:40 +0100 Date: Mon, 14 Dec 2020 13:36:37 +0100 From: Henning Schild To: Jan Kiszka Cc: isar-users Subject: Re: [PATCH 1/6] meta: image: Account for Ubuntu differences in do_copy_boot_files Message-ID: <20201214133637.58f89677@md1za8fc.ad001.siemens.net> In-Reply-To: References: <20201214131630.0dd0f131@md1za8fc.ad001.siemens.net> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TUID: AHsZuGoT/foZ Am Mon, 14 Dec 2020 13:27:30 +0100 schrieb Jan Kiszka : > On 14.12.20 13:16, Henning Schild wrote: > > Am Mon, 14 Dec 2020 08:11:22 +0100 > > schrieb Jan Kiszka : > > > >> From: Jan Kiszka > >> > >> Ubuntu places kernel and initrd links under /boot. Furthermore, it > >> makes the kernel unreadable for non-root users. Account for the > >> latter by cat'ing the kernel under sudo, redirecting the output to > >> the deployment artifact so that it is owned by the building user. > >> > >> Signed-off-by: Jan Kiszka > >> --- > >> meta/classes/image.bbclass | 9 ++++++--- > >> 1 file changed, 6 insertions(+), 3 deletions(-) > >> > >> diff --git a/meta/classes/image.bbclass > >> b/meta/classes/image.bbclass index 74fc8500..eddc4449 100644 > >> --- a/meta/classes/image.bbclass > >> +++ b/meta/classes/image.bbclass > >> @@ -132,15 +132,18 @@ EOF > >> > >> do_copy_boot_files[dirs] = "${DEPLOY_DIR_IMAGE}" > >> do_copy_boot_files() { > >> - kernel="$(realpath -q '${IMAGE_ROOTFS}/vmlinuz')" > >> + kernel="$(realpath -q '${IMAGE_ROOTFS}'/vmlinu[xz])" > >> if [ ! -f "$kernel" ]; then > >> - kernel="$(realpath -q '${IMAGE_ROOTFS}/vmlinux')" > >> + kernel="$(realpath -q '${IMAGE_ROOTFS}'/boot/vmlinu[xz])" > >> fi > >> if [ -f "$kernel" ]; then > >> - cp -f "$kernel" '${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGE}' > >> + sudo cat "$kernel" > > >> "${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGE}" > > > > Why "cat" instead of "cp"? I think the real trick is the sudo > > anyways. > > "Furthermore, it > makes the kernel unreadable for non-root users. Account for the > latter by cat'ing the kernel under sudo, redirecting the output to > the deployment artifact so that it is owned by the building user." I think i would prefer "--no-preserve=mode" to make that explicit in the code ... instead of the commit message. Sorry for my quick shots on this series. Henning > Jan > > > Henning > > > >> fi > >> > >> initrd="$(realpath -q '${IMAGE_ROOTFS}/initrd.img')" > >> + if [ ! -f "$initrd" ]; then > >> + initrd="$(realpath -q '${IMAGE_ROOTFS}/boot/initrd.img')" > >> + fi > >> if [ -f "$initrd" ]; then > >> cp -f "$initrd" '${DEPLOY_DIR_IMAGE}/${INITRD_IMAGE}' > >> fi > > > >