From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6906006289225089024 X-Received: by 2002:ac8:128c:: with SMTP id y12mr31292691qti.127.1607964062385; Mon, 14 Dec 2020 08:41:02 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a37:7cc2:: with SMTP id x185ls8286986qkc.3.gmail; Mon, 14 Dec 2020 08:41:01 -0800 (PST) X-Google-Smtp-Source: ABdhPJysr1DHonCYJtC6eLcwYZCC/r3kC1DRjjfGG6C1ITM1fi5hAhC3KfdpnY4ydqUKQmXPjzx+ X-Received: by 2002:a37:b982:: with SMTP id j124mr34449920qkf.1.1607964061718; Mon, 14 Dec 2020 08:41:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607964061; cv=none; d=google.com; s=arc-20160816; b=f076d1PNXC9mt+nhyzxlmCKBxi1KX9oWuStG0g1j5Va/IfP787A3j1fXyISbgQLP82 r+BitGk1ejk1HorYRxq+b1vNuFMck2U3xCd+OuJsL0HlS/MhHYcH7dU6XDs8I1h8910e jRO4rF/kfdoOlexYtXviZZKEbndu5aQe5oAtkUt0W7bO+OyQYlp0lGqBvyvvEGAw9cpS qjGeDusPKoasXoONeAwlMjwbBG3ZaHRyVZEFZiaXq/8jWYCH1b6J7FRrGa/wKA2w/Gn8 ZhN2inMM5RYM/2g+GA1tdKfsy1Q8d5W1Za/Fw2E3WhwFg00DekkkijpDo3x1JHas4SZU x/wg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date; bh=A7BpoBnsf552jkrLLRZGV/d7zqF80bPDkGXYYOHcm4s=; b=NqI3G9V29kHnTTYKGdQ+dJ+XfILkOJ24ZZijWMDTKIJaZt0pnvzmcPocQ82lxpdO7Z QvOhZGav4L57DrrjxFVISgZRrCltzdZA5TeG5AkHFRQTMYMJ5Yd2J4565Zb/sP35HPEi 2jOZjelTJ58mg/sNL3Q/0DlE9knD8u21ITUPdWrKwRCIXTJwWkSxFCMyCtZWQxaTjAuT mIP6cwLginIjS11M0hbp2guZxoIVqswU7tpFps8tLa7T1rQd3Gt+K/Bcx7Mi3CDG+z8s dm9faQ5OZDLrh7bzYGEjiT7DM2CnOrK5aEItS5xZnMLDusNaFUFI1jDDaAVZsfoEYQRy n0NA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.40 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from gecko.sbs.de (gecko.sbs.de. [194.138.37.40]) by gmr-mx.google.com with ESMTPS id f21si1267313qtx.5.2020.12.14.08.41.01 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Dec 2020 08:41:01 -0800 (PST) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.40 as permitted sender) client-ip=194.138.37.40; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.40 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35]) by gecko.sbs.de (8.15.2/8.15.2) with ESMTPS id 0BEGexDM016996 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Mon, 14 Dec 2020 17:41:00 +0100 Received: from md1za8fc.ad001.siemens.net ([167.87.44.172]) by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 0BEGexM1007512; Mon, 14 Dec 2020 17:40:59 +0100 Date: Mon, 14 Dec 2020 17:40:57 +0100 From: Henning Schild To: Jan Kiszka Cc: isar-users Subject: Re: [PATCH 1/6] meta: image: Account for Ubuntu differences in do_copy_boot_files Message-ID: <20201214174057.717ea24a@md1za8fc.ad001.siemens.net> In-Reply-To: References: <20201214131630.0dd0f131@md1za8fc.ad001.siemens.net> <20201214133637.58f89677@md1za8fc.ad001.siemens.net> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TUID: jCo+Za/t40XX Am Mon, 14 Dec 2020 17:39:28 +0100 schrieb Jan Kiszka : > On 14.12.20 13:36, Henning Schild wrote: > > Am Mon, 14 Dec 2020 13:27:30 +0100 > > schrieb Jan Kiszka : > > > >> On 14.12.20 13:16, Henning Schild wrote: > >>> Am Mon, 14 Dec 2020 08:11:22 +0100 > >>> schrieb Jan Kiszka : > >>> > >>>> From: Jan Kiszka > >>>> > >>>> Ubuntu places kernel and initrd links under /boot. Furthermore, > >>>> it makes the kernel unreadable for non-root users. Account for > >>>> the latter by cat'ing the kernel under sudo, redirecting the > >>>> output to the deployment artifact so that it is owned by the > >>>> building user. > >>>> > >>>> Signed-off-by: Jan Kiszka > >>>> --- > >>>> meta/classes/image.bbclass | 9 ++++++--- > >>>> 1 file changed, 6 insertions(+), 3 deletions(-) > >>>> > >>>> diff --git a/meta/classes/image.bbclass > >>>> b/meta/classes/image.bbclass index 74fc8500..eddc4449 100644 > >>>> --- a/meta/classes/image.bbclass > >>>> +++ b/meta/classes/image.bbclass > >>>> @@ -132,15 +132,18 @@ EOF > >>>> > >>>> do_copy_boot_files[dirs] = "${DEPLOY_DIR_IMAGE}" > >>>> do_copy_boot_files() { > >>>> - kernel="$(realpath -q '${IMAGE_ROOTFS}/vmlinuz')" > >>>> + kernel="$(realpath -q '${IMAGE_ROOTFS}'/vmlinu[xz])" > >>>> if [ ! -f "$kernel" ]; then > >>>> - kernel="$(realpath -q '${IMAGE_ROOTFS}/vmlinux')" > >>>> + kernel="$(realpath -q > >>>> '${IMAGE_ROOTFS}'/boot/vmlinu[xz])" fi > >>>> if [ -f "$kernel" ]; then > >>>> - cp -f "$kernel" '${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGE}' > >>>> + sudo cat "$kernel" > > >>>> "${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGE}" > >>> > >>> Why "cat" instead of "cp"? I think the real trick is the sudo > >>> anyways. > >> > >> "Furthermore, it > >> makes the kernel unreadable for non-root users. Account for the > >> latter by cat'ing the kernel under sudo, redirecting the output to > >> the deployment artifact so that it is owned by the building user." > >> > > > > I think i would prefer "--no-preserve=mode" to make that explicit in > > the code ... instead of the commit message. Sorry for my quick > > shots on this series. > > --no-preserve=mode and also --no-preserve=ownership do not help. Any > other trick I miss? Would prefer something explicit as well. sudo cp && chmod && chown Henning > Jan >