Re: [PATCH 2/2] sudo: Fail on the first error

public inbox for isar-users@googlegroups.com
 help / color / mirror / Atom feed

From: Henning Schild <henning.schild@siemens.com>
To: Anton Mikanovich <amikan@ilbers.de>
Cc: <isar-users@googlegroups.com>
Subject: Re: [PATCH 2/2] sudo: Fail on the first error
Date: Fri, 17 Dec 2021 13:05:30 +0100	[thread overview]
Message-ID: <20211217130530.48268378@md1za8fc.ad001.siemens.net> (raw)
In-Reply-To: <20211210081054.225747-3-amikan@ilbers.de>

Nice catch. I think we do have several other subshell places that could
benefit from that as well.

i.e. "sh -c ..." could become "sh -e -c ..."

regards,
Henning

Am Fri, 10 Dec 2021 11:10:54 +0300
schrieb Anton Mikanovich <amikan@ilbers.de>:

> The code execution inside sudo section should be stopped on the first
> command failure because the next commands can cause incorrect
> behavior.
> 
> Signed-off-by: Anton Mikanovich <amikan@ilbers.de>
> ---
>  meta/classes/deb-dl-dir.bbclass                   | 2 ++
>  meta/classes/image-locales-extension.bbclass      | 1 +
>  meta/classes/image.bbclass                        | 1 +
>  meta/classes/rootfs.bbclass                       | 2 ++
>  meta/classes/vm-img.bbclass                       | 1 +
>  meta/classes/wic-img.bbclass                      | 1 +
>  meta/recipes-devtools/buildchroot/buildchroot.inc | 1 +
>  7 files changed, 9 insertions(+)
> 
> diff --git a/meta/classes/deb-dl-dir.bbclass
> b/meta/classes/deb-dl-dir.bbclass index 29bf45b..ffbff07 100644
> --- a/meta/classes/deb-dl-dir.bbclass
> +++ b/meta/classes/deb-dl-dir.bbclass
> @@ -22,6 +22,7 @@ is_not_part_of_current_build() {
>  
>  debsrc_do_mounts() {
>      sudo -s <<EOSUDO
> +    set -e
>      mkdir -p "${1}/deb-src"
>      mountpoint -q "${1}/deb-src" || \
>      mount --bind "${DEBSRCDIR}" "${1}/deb-src"
> @@ -30,6 +31,7 @@ EOSUDO
>  
>  debsrc_undo_mounts() {
>      sudo -s <<EOSUDO
> +    set -e
>      mkdir -p "${1}/deb-src"
>      mountpoint -q "${1}/deb-src" && \
>      umount -l "${1}/deb-src"
> diff --git a/meta/classes/image-locales-extension.bbclass
> b/meta/classes/image-locales-extension.bbclass index 0f0d0ca..25af540
> 100644 --- a/meta/classes/image-locales-extension.bbclass
> +++ b/meta/classes/image-locales-extension.bbclass
> @@ -59,6 +59,7 @@ __EOF__
>  
>      # Install configuration into image:
>      sudo -E -s <<'EOSUDO'
> +        set -e
>          cat '${WORKDIR}/locale.gen' >> '${ROOTFSDIR}/etc/locale.gen'
>          cat '${WORKDIR}/locale.default' >
> '${ROOTFSDIR}/etc/default/locale' cat '${WORKDIR}/locale.nopurge' >
> '${ROOTFSDIR}/etc/locale.nopurge' diff --git
> a/meta/classes/image.bbclass b/meta/classes/image.bbclass index
> 95c14e5..ea49354 100644 --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -189,6 +189,7 @@ addtask deploy before do_build after do_image
>  
>  do_rootfs_finalize() {
>      sudo -s <<'EOSUDO'
> +        set -e
>          test -e "${ROOTFSDIR}/chroot-setup.sh" && \
>              "${ROOTFSDIR}/chroot-setup.sh" "cleanup" "${ROOTFSDIR}"
>          rm -f "${ROOTFSDIR}/chroot-setup.sh"
> diff --git a/meta/classes/rootfs.bbclass b/meta/classes/rootfs.bbclass
> index e0604e0..6ecb39d 100644
> --- a/meta/classes/rootfs.bbclass
> +++ b/meta/classes/rootfs.bbclass
> @@ -30,6 +30,7 @@ export LC_ALL = "C"
>  rootfs_do_mounts[weight] = "3"
>  rootfs_do_mounts() {
>      sudo -s <<'EOSUDO'
> +        set -e
>          mountpoint -q '${ROOTFSDIR}/dev' || \
>              mount --rbind /dev '${ROOTFSDIR}/dev'
>          mount --make-rslave '${ROOTFSDIR}/dev'
> @@ -80,6 +81,7 @@ ROOTFS_CONFIGURE_COMMAND +=
> "rootfs_configure_isar_apt" rootfs_configure_isar_apt[weight] = "2"
>  rootfs_configure_isar_apt() {
>      sudo -s <<'EOSUDO'
> +    set -e
>  
>      mkdir -p '${ROOTFSDIR}/etc/apt/sources.list.d'
>      echo 'deb [trusted=yes] file:///isar-apt ${DEBDISTRONAME} main'
> > \ diff --git a/meta/classes/vm-img.bbclass
> > b/meta/classes/vm-img.bbclass
> index b230af2..c75a544 100644
> --- a/meta/classes/vm-img.bbclass
> +++ b/meta/classes/vm-img.bbclass
> @@ -95,6 +95,7 @@ do_create_ova() {
>      image_do_mounts
>  
>      sudo -Es chroot --userspec=$( id -u ):$( id -g )
> ${BUILDCHROOT_DIR} <<'EOSUDO'
> +        set -e
>          export DISK_SIZE_BYTES=$(qemu-img info -f vmdk
> "${VIRTUAL_MACHINE_DISK}" \ | gawk 'match($0, /^virtual
> size:.*\(([0-9]+) bytes\)/, a) {print a[1]}') export
> DISK_UUID=$(uuidgen) diff --git a/meta/classes/wic-img.bbclass
> b/meta/classes/wic-img.bbclass index 80ca5f7..7537a27 100644
> --- a/meta/classes/wic-img.bbclass
> +++ b/meta/classes/wic-img.bbclass
> @@ -156,6 +156,7 @@ wic_do_mounts() {
>      buildchroot_do_mounts
>      sudo -s <<'EOSUDO'
>          ( flock 9
> +        set -e
>          for dir in ${BBLAYERS} ${STAGING_DIR} ${SCRIPTSDIR}
> ${BITBAKEDIR}; do mkdir -p ${BUILDCHROOT_DIR}/$dir
>              if ! mountpoint ${BUILDCHROOT_DIR}/$dir >/dev/null 2>&1;
> then diff --git a/meta/recipes-devtools/buildchroot/buildchroot.inc
> b/meta/recipes-devtools/buildchroot/buildchroot.inc index
> 726c7bb..6d9ced0 100644 ---
> a/meta/recipes-devtools/buildchroot/buildchroot.inc +++
> b/meta/recipes-devtools/buildchroot/buildchroot.inc @@ -44,6 +44,7 @@
> BUILDCHROOT_PREINSTALL_COMMON = " \ 
>  rootfs_do_mounts_append() {
>      sudo -s <<'EOSUDO'
> +    set -e
>      mkdir -p '${BUILDCHROOT_DIR}/downloads'
>      mountpoint -q '${BUILDCHROOT_DIR}/downloads' || \
>          mount --bind '${DL_DIR}' '${BUILDCHROOT_DIR}/downloads'

next prev parent reply	other threads:[~2021-12-17 12:05 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-10  8:10 [PATCH 0/2] Fail on the first error inside sudo Anton Mikanovich
2021-12-10  8:10 ` [PATCH 1/2] rootfs: Execute rmdir only if needed Anton Mikanovich
2021-12-10  8:10 ` [PATCH 2/2] sudo: Fail on the first error Anton Mikanovich
2021-12-17 12:05   ` Henning Schild [this message]
2021-12-17 11:04 ` [PATCH 0/2] Fail on the first error inside sudo Anton Mikanovich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211217130530.48268378@md1za8fc.ad001.siemens.net \
    --to=henning.schild@siemens.com \
    --cc=amikan@ilbers.de \
    --cc=isar-users@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox