From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Thu, 22 May 2025 16:32:48 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-qv1-f58.google.com (mail-qv1-f58.google.com [209.85.219.58]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 54MEWkvl001386 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 22 May 2025 16:32:47 +0200 Received: by mail-qv1-f58.google.com with SMTP id 6a1803df08f44-6f8c0a83f9csf106181026d6.2 for ; Thu, 22 May 2025 07:32:47 -0700 (PDT) ARC-Seal: i=3; a=rsa-sha256; t=1747924361; cv=pass; d=google.com; s=arc-20240605; b=JscQNFdb3i1OPblPe2qpXv/QgSqWfSGqy6PYb/Y+Lap7+TMNJpcRybwQcsw38COjJs vD/QLysDFUyJZFOVsrHvRTffMB7kHRMi+kuJj5j8U+Xi52i6IwO55BFZO29RPCH6yVjo qYPRXooZ+6aupkmceVPy+5ZHn+FxfHktGl+ySevW8/OYuwDTexlvy+NtKq+XXkimUiOA nBZG0rHvu7tGITIApcMGGhKROmGfvqx/9bfn9n8FmF0/dU/Uo4ZfGc+Cp6DlPZ8tOU8s QG/cLKk9F2UzqxjuUtTJSt07L4CGbTn696ETrUSsOoXRp1UpVRYUnuSv6PGIUkh3vdrw yM9A== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version :content-transfer-encoding:content-id:user-agent:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:to:from:dkim-signature; bh=amN0DJfehz3JEJCoCWHRieIx+O5ESKlWuFhecRWlKfM=; fh=zK/V0FB0pV/mJtO3oDQu5wbXdIwVSC96lSD/W7TpPrQ=; b=fSLX3qR0D0hGxgFtPlrrvWMjpI8rgYQls55bPwgIX9Mr4n6TqwDxGkMSoFuqzXYRYn 94q2kwYzn949j2EEIxCWvjtyF5X9mkcl8mIuzjGVKE+xG5tWE/R5bX0FSs0bF8paFV+y iOWDHL45Y5HCk9R5Jy4gnYp6hFXpSmvq3Owt96ZsCMRbComNN1TqQZRgThKgvY8Gqc+z Pwrd/oBHwjKDwjHUm9U2658wQ+FfGj0sm7fX9CcsG0qqw8E/Lryfh5wttn/IcOpBPk1+ FVqRLGUsAnpJEzgaImWBqv8YEhvilNYPO0r/HTtsVn22bDbJW/HV+D51LROnnxwtpZLp +sfA==; darn=ilbers.de ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=NaQt6tQU; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:2612::625 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1747924361; x=1748529161; darn=ilbers.de; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :content-transfer-encoding:content-id:user-agent:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=amN0DJfehz3JEJCoCWHRieIx+O5ESKlWuFhecRWlKfM=; b=ViIZalHCzmKCoj0bUfylwpMhvJarWUE3Ka/nX87QbzqCyQJbSUBm3JVNfRV0ivB87c tCMUeE/sb57nN6tRopoflq0mGa6sMYs7oJjsoXoErNx/HqVHwkdMzExZ4LA5n+jCNiXx 91vSiadOfYbs4xFPrRc4uS4WjZAlJe4Bx8fGTnrhkdlU1xvfD/GJTsjF7Xe1eb6i7MCQ 9p2/Y3Mp4dfvyqQGc7tDvhnAzT22ti11gyJ049Aga5GvlkkUjt3G9kZHQFGTG0yJ57Ms OvTyWwocML5UogcH0LCvUCIFYTeuDfkGsUGqOVcdD0+f2OiHflZcl4EnwkeFm6YuDJPq TbeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747924361; x=1748529161; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :content-transfer-encoding:content-id:user-agent:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:to:from:x-beenthere:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=amN0DJfehz3JEJCoCWHRieIx+O5ESKlWuFhecRWlKfM=; b=cb5y6TZmWM8Ml7Q2UdFVPpg8+eqLZ2b1ZRbkj/vmyqHjY+jmnQQd8Ia67vgV5WJpg2 XIaNHt6ydMQnO+u3B20M+8z0x7eR01CHiKIdnPyXqtZmVoZVGtWLPbR/sHz4zGS4TYan DZsSpVABsPSn9a2ujqE1wWgonof7bpBZRld0qrBiYkMEyTbNoa/ZYMIrjhHl3GLNlpdN uLMmLIlqv/AbKZ4y7ptUhaxfz7NZSlnb/v47jaN35sgoROsvEwTwo2Vju4vMX3MTZqdu WmrA90+0MZ/BIk+uhlDDRc9uDrpdXZYMg754LosvbwKrC6RzLO0pz7IVxRLqwvjXzeRa CK7g== X-Forwarded-Encrypted: i=3; AJvYcCUcsSkC0PtXWhLozeuOkrHaDFOjjVmxGyjxObmboL6ukg+4qGA/c7qefqpNh9VdH1w9pewC@ilbers.de X-Gm-Message-State: AOJu0Ywup0WwDy9nfQ7SevlqVn61WGzDyFFwhAJ/2Bqwm73IhWdk6VGB 34hjphc8YL7Ku3XBCGHN0xEP3jNb9lmoa5b7smOggbkCRp8Ms+h5qDKh X-Google-Smtp-Source: AGHT+IHC92+JV4FjZtZ+3r/E8eN1n6I3Mo84oMnwFTiinICc+uqzkSLJdcg4+c7zbcPc9w6kIvqcfQ== X-Received: by 2002:a05:6214:2346:b0:6f8:997d:fc81 with SMTP id 6a1803df08f44-6f8b2d27bf1mr402059446d6.20.1747924361139; Thu, 22 May 2025 07:32:41 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=AVT/gBE1a/0n2QMVKDY0yYfbp4L68q2KhG8qw6B7iriXvVDaJA== Received: by 2002:a05:6214:2aa4:b0:6f8:d1bb:1890 with SMTP id 6a1803df08f44-6f8d1bb1932ls9070036d6.1.-pod-prod-05-us; Thu, 22 May 2025 07:32:39 -0700 (PDT) X-Received: by 2002:a05:6122:1b07:b0:52c:49b6:7f05 with SMTP id 71dfb90a1353d-52dbcd6d4a1mr22587041e0c.6.1747924359310; Thu, 22 May 2025 07:32:39 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1747924359; cv=pass; d=google.com; s=arc-20240605; b=EqAy9clZehHRloXG/sjZ1MsAW6HU1GTJSETyZl6vBQzJyCcQ2/l2shunLJPPJWJjxO XJ0Uh+AR72HXiTyyl/h8/vhxHeKNN03tovyTs20Q0+LgJKCa8vhGFqLMKH2DZXWKJC0q xJngYZ9EUgEb2ryGuLMUT90OJZ3aBu0AoSKsO5o7AwnxV6DeISPV5Zh79gPYSHSMisiu IXGKFKRkro74+/Z0OF7cuGrBV9E7RleVz1kgKC37aJXknt1ieX51/8kk5QHJaKlS9fbj QChU8WAp0wecsim1g2QDaqJJlt2HQJetWfJd+2IyjHq608WDn9nqNjRZqgYI6xrWlUKu EUQg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:content-id:user-agent :content-language:accept-language:in-reply-to:references:message-id :date:thread-index:thread-topic:subject:to:from:dkim-signature; bh=oFvZaP/DbKvW+aNQWQgybXaOSDeDLH/Can2nORrZXXk=; fh=S6weerWJs3K0zA1fo17KOmbj0c/6l+QiCY+NAy3/nN4=; b=MJaKM0OMyZdSmS0B/R7YC9mamO8oujR12OChyE7w4fsug3PjgDhEZFmLluEruVY4o8 IUM9Ji0INWtQZSpt+Pzl7zARe6/YA9hkkXwQC4mWFYPoFYElzwRQvaZ4ArgcsS+0LA+V wprH6d4qd016Fh0SsCBvsWnG61MFosEgY7zRMXp4epoCT/InBO0DeeiOPAQ9HmSdLPw1 AEcYytqKIRwjS9tWj4GtKPfPNJ6MdmDs8GMvL3zCbjlsVy/8nUf5rU9zGClNH+AO2rwV 5jW9V9W5fthVEFTSDyiDx/zIy6afzPTKyiMwsNKrmwW0Z0iuo6PO/QtZCH+L56snO/fM h4cQ==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=NaQt6tQU; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:2612::625 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on20625.outbound.protection.outlook.com. [2a01:111:f403:2612::625]) by gmr-mx.google.com with ESMTPS id 71dfb90a1353d-52dbaa33d3csi671816e0c.4.2025.05.22.07.32.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 May 2025 07:32:39 -0700 (PDT) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:2612::625 as permitted sender) client-ip=2a01:111:f403:2612::625; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=TTwDWjBwnoVn3sxXqmhrJvy8gSCVp6C30/A0uGsG83A0OqomaMG4ghO/9iQWX+Y4sLfE00P8jeCUY37ANAczOXzu8ryWjqHN8mcJV5gKEp/uDOXFe0ETK8L1MrKrVho3NxmBGipTapHgogasv5lRbVsHYtagxfnEBo2tbgcGl7AUTY3FruFflUEy+8oTHyEdmRwF6V8TIN+GUj915vxu49MDG9a4J4UvxPSe9uN8H+vezMLIpDeu1JgQho3qNbSmnAWUG0XjEpiA9p+89EqvCmFScWJ2VL13AUq+wCgaJfFfmLRJ+m9CAIzb3yBT8xUmTvgNZB4PBf2hwvyX9uUs6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oFvZaP/DbKvW+aNQWQgybXaOSDeDLH/Can2nORrZXXk=; b=SGUAzaQthY5tYt6Jq+d1PTu+tT6qQ9egFqh17n7ranjfxxk8TuycxdhW709WyPkcdZRKcYXWiyctXJDQ/Rl8YJC3VZaU6NXnIlP6QByxp3/ssU0z88cLzJwW1v/cDtH2YnWLdyupwaVub3Lls2fKuHLFwb8NpMod7CoJpoS1S72lFY3IqSH0Q5WKzy563thPF4QuiKGjCMthUXl5sK42gAKhkvrCRbEbN9Yf6XMzOb+9BAT+HDUU8QlEkEpObCCAgXfMxCKSD80hV07xcZ2s3nFAWvHuI1j/8AXY1C55lNlDuTdTEHTk6ncfycG5QXkCJR1bdtEZwTBnwPLuD6WKzQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by DB8PR10MB3692.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:13c::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8746.31; Thu, 22 May 2025 14:32:36 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::8198:b4e0:8d12:3dfe]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::8198:b4e0:8d12:3dfe%5]) with mapi id 15.20.8722.031; Thu, 22 May 2025 14:32:36 +0000 From: "'MOESSBAUER, Felix' via isar-users" To: "isar-users@googlegroups.com" , "cedric.hombourger@siemens.com" Subject: Re: [PATCH 1/4] rootfs: introduce wrapper to run commands against a rootfs Thread-Topic: [PATCH 1/4] rootfs: introduce wrapper to run commands against a rootfs Thread-Index: AQHbyLVNd87UhmzwJ0Gu5CR6xdVFhbPeu02A Date: Thu, 22 May 2025 14:32:36 +0000 Message-ID: <27cd63ffc8d2ae1c7ad97367df6e1327993f4d1b.camel@siemens.com> References: <20250515150727.1764989-2-cedric.hombourger@siemens.com> <20250519115750.3195300-1-cedric.hombourger@siemens.com> <20250519115750.3195300-2-cedric.hombourger@siemens.com> In-Reply-To: <20250519115750.3195300-2-cedric.hombourger@siemens.com> Accept-Language: de-DE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Evolution 3.56.1-1 x-ms-publictraffictype: Email x-ms-traffictypediagnostic: DU0PR10MB6828:EE_|DB8PR10MB3692:EE_ x-ms-office365-filtering-correlation-id: c2196f0e-8f20-4784-8e35-08dd993d7f79 x-ms-exchange-atpmessageproperties: SA x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|366016|1800799024|376014|38070700018; x-microsoft-antispam-message-info: =?utf-8?B?RjJCMkx3L0hEUzlOVkdkQzFpSlNTWmo0ZS9saFgxYzlrQW04cDhsYWxVNkx0?= =?utf-8?B?b3N0OTQxWDF4cmpKU3cxYXg2Z2ZrQTlBK0wwZldrOTAzTHB6TGt1cTNWMTAy?= =?utf-8?B?L3RBYWFQa3BtenNubDNvZVd3N2xxbXNGSThacUtER1JTWUU3SFRjcXlMbzVJ?= =?utf-8?B?V1FBTW15MUtJZStJQnpwbnZjdGF3aEtGbWlnSHlZWUgwWmk2VFBGTXlZNWRN?= =?utf-8?B?TUp4R2NFczVFbkZVdFNoNmZaenZTL0pidHo1RFRxNmF1MkFYajJpYXc4M01o?= =?utf-8?B?YWUxZUd3c1d2c3ZPVk9neDVmS3laY2EyaHpBQWJibzNSc2FFVTdtTHBydlNv?= =?utf-8?B?aE92Nks2WW9QVGFBRm90dW9QME92anRnOTQvTCtOTmUxTU9oQWdXQmFLQVJ6?= =?utf-8?B?TUtlT29xaTRJTkc0OFc3SG1jYitCZEc0VGRTdlJpMkhoVmY4MDdEdWdPcUxy?= =?utf-8?B?TFVNRWFBeGt5UzErMEkydzU1OFBHU2JHYURmL3d3a1pKNjdFTU82V1g2ZkFC?= =?utf-8?B?S1RQR1YyVkt0cEtVTGk4aC96eUlKb2hzbDl0aXpuMmlxMXQvZjhMcmxTRkIy?= =?utf-8?B?WVNCNVM4VWlDUElCNE12bDREWVBpdElpaVYyY3A2WFUwSi92TmNWQm5TYWxB?= =?utf-8?B?RUVUNVRaeFMyVFJWSElucXpPUnFXdWxudFgyajZjY1pETHV4RlgvaXNnNmhj?= =?utf-8?B?Rm5RdHpIQXQwUlBQTDhxb1hiNWZJNjgzNk1YQmhBS1lpaUpzdFpZYzVsVDRV?= =?utf-8?B?c1phM3VxckNlcFdlSVRmV1ZhaWRqcktWdm5jWVpsUlkvejlCeUdNZGhJNVc0?= =?utf-8?B?c25FRERuM2dlNHJDYkVyYkZLVDdBU3dpVXpjdlNwTUFaTFpMbXdLRzc3d1I5?= =?utf-8?B?a1ZkLzM5TWtnYm41L3g4d0JtTXA2Y2VTSE5FQjEvd0ZNeHVjZ1Fpa0pFMjNq?= =?utf-8?B?MFRSSkRHMWRpTEcwWUd4ZjRLenFXYUZaRVY2YWpYTUFZTHJkemRRV3djekZD?= =?utf-8?B?cVBpYzhESUhFZTdDTyt0RVdHQmVVZlE1cVFWNU9wSDM3UWZUa2RLbnh1U0Nv?= =?utf-8?B?dDZrckV4bzhUOFBUMWkxSEtYb01MVXZzR3NTUzVuajR2bnA1M3pqK2VlVUtU?= =?utf-8?B?c2V3Y0N1YnRiczcwbU5qczdvaXNZL0d3VWMzZ1k4YklMc3JpM1lDNnR0UVcy?= =?utf-8?B?WWpCUnA0OUszelJsdDJLMENxanpqb0hUNnl4TEMxdStreG16N21xeUpQaU85?= =?utf-8?B?U3ptUktrbGQrTHVFb2ord0pxM2NkTEdJMlp4TlB5eWFHU3o3dnZFb1MzVEFk?= =?utf-8?B?Vjh3MDQvbzl2S0RwMWJnQ2ZjUzBGck80VUtWTHJPVmlsMDlybGZvZjZZUDds?= =?utf-8?B?V2xUVUsxVm8wUnRsUEFHT2QzSFloYlVBUTdnb3JlcjBHd0VLL0pwNTFsOUs3?= =?utf-8?B?T2h4aWEvWkl1Wnozbi9COUppMjlhMjgwM2NHeS9zVEdaTmthMUw3Z0dXdHpt?= =?utf-8?B?ZWVGRk1TT3Z3OVZueThVMCtkVXkzRGltWCtCc096Y1FFL2JGWENCelpualZi?= =?utf-8?B?TUFLUXRya3JIc3cwQ09YckpCRCticThKelJadUpJOG5GNjRjVW9uS2RpeWgy?= =?utf-8?B?Znl2RUF0alJDSGgydnFpdWw2clhjRjVaOVdwNWZ1RkFNWlhMbHpaUE12ck94?= =?utf-8?B?dDdnOG91U05xWmZiUUFGRzg3bCtXMlFham5PcGl5WmxQU0tOcTI5SDIxU1FV?= =?utf-8?B?ZGVWYjlyNVlKRHk4d2lGWTJWNWxuSWhPNVRZclhVWVhSY0wvendGMnBZaXJm?= =?utf-8?B?Q0xMbHA5VXRvTUdVTWNERG1Ub3JiNVdWdVZLdmR2ajhNYUJVRVQ2ZjlXU1VW?= =?utf-8?B?ckVyalhhNGF0aGcyOE96YXV4K0labEgrRW9mLzdSWTZIMHk4blNPUnRxUDRN?= =?utf-8?B?b0xEaDU5Q2NrZm1uVGMrZ290K05RRUVhTk5sanN6K3o0RVlRR0VGWXlPNHR5?= =?utf-8?Q?ydClN6OV1e0nPNR5TTCsPmEzkY1sBU=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?R2FJc2pVYU0ydlhOQU96Q01ic09rZHBhUzBVb1g4L2Rjc3dTdkRxL2VDRldl?= =?utf-8?B?ajl2SUF1NmNmNjFJaEJBYlhiMnp1a0szVnRWQ3lSTlA0UnlITHEySWFET1dB?= =?utf-8?B?ejF6dlJmaHlPcFIrTGJzZm10bmswR0dtaUthckhjVFpUQVdHSk5OZzVjWHow?= =?utf-8?B?ZHpPNGJHMWJUS0dROG5YalFVR3hyeGNMQU1aM3lvTlhscHFzOEtyMU40akVn?= =?utf-8?B?QmgraVVuUXpHNkZVYzR2RHJmNW1STmRuVm1BVWprL2RMNzFBTGUwVG1aRGFy?= =?utf-8?B?L05yaUM1TmFYZnZscU5iVWZqMXRweG9rMkcrZ3FWaW00ZGpuYTJsSUh5cDhR?= =?utf-8?B?azVmTWw5cVVGTlZ2M0FpTnkzQkdUMTJBWWZrVnNuRjlIWVhmNHR4M1JGb1k2?= =?utf-8?B?MTdYb1FoWDVTVVNwZ3A2Vk1JUERZc1dCME8xZ0Znd1cwSCtsMmdhSG56ZUNO?= =?utf-8?B?bEFGNGNWYjhKUzNWcE5TVFNrL3ROM1dlbnVoK2VZY3RWRUpGSERTQ21zYzBs?= =?utf-8?B?U280Vy9MYVRMZkp4Q2d0TkZMM2hHTmFQSU54aDloMXllczI2eXBmdWdqaitv?= =?utf-8?B?N1F2ZU1XZFdYc2lNUzZIL1d4bU00NFd1Y2E2S01JWmx5aVhpQVpINUJpbkx4?= =?utf-8?B?ZXRKa3pSaWYrd00vQitrZEVZR21rL3d0YkhuYU12UFRUMDJMZElub25TV2s1?= =?utf-8?B?TDJOaUMydlhQVXBkQ2hYVFdSSWlTWllva2hueXh0bzZvS2w4eVVmclZzb2lJ?= =?utf-8?B?aCsvY2dqSS81WWtLQXlXNDlwVGx3SEFOMUIvZXpEQ0ZzUDRoZmFodE9vK3lB?= =?utf-8?B?MWFnbENPTXNQSjBEQUxVN2dVR2RQMUFYQXRsSE9RUUV3MzljNm01YnQ0QnVr?= =?utf-8?B?VE1OYkk5NmpYUXVNVFVQbHI4TE53NDNBaWxRaUI0eHdadFNYZ0djdWw1SXNV?= =?utf-8?B?WHNOS1NrQTdvZGkvQldpbytMOUZwc3BGYjd3OEF2bTdFcDZrdkNrekp2S3BQ?= =?utf-8?B?eTdJbGRjZEVWM1V1cDVCNWhjUVV6TnRSN2ZNK3dKUGRvc0lkSHFNYWM5NE5r?= =?utf-8?B?VkkwbzZnNnNZN0k2MFZJaUNVVUszWUx0TmxWRDhjanpubHRIM0RSTU1PZjJq?= =?utf-8?B?VnV0ZTNiaXF4UVJwcjVvWDJMZENQSFg0dmcvbmxNTDBpWlVEcGJGOWRXNVB6?= =?utf-8?B?ZHp5U25wWmxEam9nQlcvdGo2R1Jta2xzaHNyRHFKeW9MQnJGajhiMXkwMis0?= =?utf-8?B?eGl2SU9kN2NackZDWnN2TGN0SERzUDhCSGxLTVpsQUlvcEJtT28vMzZLbXZV?= =?utf-8?B?ZXl2bHdBVE5jdFVrU2NFWVJkNkVSUHRLK1ZnTnZsYlhOUTFvZVFaWnZBbGVl?= =?utf-8?B?TnRZMFVMVHV5T043UFB5NjlsRUhLazZrcitNN0dDeFFJUmZ3MHV0elAxSElC?= =?utf-8?B?MyszWDZmQnpLOVpLOVZvU1RUalg2WlNYOWgvdXZDVmtXcnN1WHB5RUJLRUNo?= =?utf-8?B?WHFlUC9yTENYc2Z0R21ZNGhIdE51RzZVR2d3dHlSUUQ4VmxNNW9mM1JWTjRz?= =?utf-8?B?bHhDbXhKZ3RXK1Vkem5IV3FHaWlLNE1MM1Z0SGFadGFJdjd6Qm1LTWsvNDl5?= =?utf-8?B?UzJsT043c0ZVQTU0KzN0anIyUC9za3NQVUhNNXBmelkzbXdZQ2VGenZpT1Bz?= =?utf-8?B?dlA4VFFaNnlsT3lkdW9CZE90U0M0NTlBOGNtcFlvRFhXUi9TUlVCdUhBTUVi?= =?utf-8?B?TmV1L2FqYlV4UTRtbENsZ01BV0Q3MVRFb29HTHdzMmFReG5pZ3QxZlRpZ3lX?= =?utf-8?B?NVpNdnladFAyR3hLdXdxcTFPSEVJdnV0cTVnYXEvL1FkWkxydGFhbDdEeENs?= =?utf-8?B?MDlIUlRQYWlnTmNsQ1Z5Kys5VmF6cXFBQWtRTklucko4bkZCYXNPYWM1OHow?= =?utf-8?B?TW4vQzdhb2E4U0FibkVXSFk4VUs2L1JEVzlSelZLK3MvR1h5OHBQdzd5TFU5?= =?utf-8?B?MU9jTFprb1UxSHhUeS9QeU9sdFAzTWxaQzNpM2xHVGRLaVZTUWZqa0k5NWZ3?= =?utf-8?B?VjM4enJLOHg4cWFwZlhmT3V4Q3gwVTFabGMwbmRiSDZtUURuazJxc3B0bGJ5?= =?utf-8?B?MGxIN3A4TGxRcndyR1A3UDBtOWZscXNXd0JhYkV6TzQwL0E0aUw3VmFkbjNO?= =?utf-8?Q?zUyI7HWTnRuNtUgv9rS5rXE=3D?= Content-Type: text/plain; charset="UTF-8" Content-ID: <8760596D71444F40A82D69B7E9AFCF83@EURPRD10.PROD.OUTLOOK.COM> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: c2196f0e-8f20-4784-8e35-08dd993d7f79 X-MS-Exchange-CrossTenant-originalarrivaltime: 22 May 2025 14:32:36.6617 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: eDokuPaT3ih1w8dNxrf9YqBZu6j03FnxW21JGNSMZA0JNuofGJRikkdPzuFyA7hDJYkKLwYF7spKXvChgFUbiy340QN5PP7xCaHuVYd16DU= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR10MB3692 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=NaQt6tQU; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:2612::625 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: "MOESSBAUER, Felix" Reply-To: "MOESSBAUER, Felix" Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-TUID: /aYOb5lsMHud On Mon, 2025-05-19 at 13:57 +0200, Cedric Hombourger wrote: > "sudo chroot" is used in several places to run commands inside rootfs > directories constructed by Isar. There are cases where a command > could > be used without elevated privileges as long as special folders such > as > /isar-apt are mounted (they are often referenced as /isar-apt in > configuration files found in the target rootfs). For such cases, > bubblewrap may be used to create a non-privileged namespace (either > in a bare/native environment or within a docker/podman container) > where the command will be executed as if chroot had been used. The > rootfs may also be the host root file-system: this should however > be used with care to avoid host contamination problems (note: Isar > already relies on a number of host tools). Hi, this looks promising. I gave it a try on some of our internal layers (arm64) in a custom kas container under podman. I'm wondering if this could also be used to run the apt in do_rootfs_install natively (maybe in combination with dpkg --root). Tested-by: Felix Moessbauer Felix >=20 > Signed-off-by: Cedric Hombourger > --- > =C2=A0RECIPE-API-CHANGELOG.md=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0 6 ++++ > =C2=A0doc/user_manual.md=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0 |=C2=A0 1 + > =C2=A0meta/classes/rootfs.bbclass | 66 > +++++++++++++++++++++++++++++++++++++ > =C2=A03 files changed, 73 insertions(+) >=20 > diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md > index a4cf1338..725737b2 100644 > --- a/RECIPE-API-CHANGELOG.md > +++ b/RECIPE-API-CHANGELOG.md > @@ -722,3 +722,9 @@ Optional fields of the isar-apt repo can be > controlled by adding to the > =C2=A0 > =C2=A0Changes in next > =C2=A0--------------- > + > +### Require bubblewrap to run non-privileged commands with bind- > mounts > + > +Isar occasionally needs to run commands within root file-systems > that it > +builds and with several bind-mounts (e.g. /isar-apt). bubblewrap may > be > +used in Isar classes instead of `sudo chroot`. > diff --git a/doc/user_manual.md b/doc/user_manual.md > index 0dc317c3..3cf1a9aa 100644 > --- a/doc/user_manual.md > +++ b/doc/user_manual.md > @@ -75,6 +75,7 @@ Install the following packages: > =C2=A0``` > =C2=A0apt install \ > =C2=A0=C2=A0 binfmt-support \ > +=C2=A0 bubblewrap \ > =C2=A0=C2=A0 bzip2 \ > =C2=A0=C2=A0 mmdebstrap \ > =C2=A0=C2=A0 arch-test \ > diff --git a/meta/classes/rootfs.bbclass > b/meta/classes/rootfs.bbclass > index 5f877962..5b96b414 100644 > --- a/meta/classes/rootfs.bbclass > +++ b/meta/classes/rootfs.bbclass > @@ -34,6 +34,72 @@ export LANG =3D "C" > =C2=A0export LANGUAGE =3D "C" > =C2=A0export LC_ALL =3D "C" > =C2=A0 > +# Execute a command against a rootfs and with isar-apt bind-mounted. > +# Additional mounts may be specified using --bind > and a > +# custom directory for the command to be executed with --chdir > . The > +# command is assumed to follow the special "--" argument. This would > replace > +# "sudo chroot" calls especially when a native command may be used > instead of > +# chroot'ed command and without elevated privileges (the command > will likely > +# take the rootfs as argument; e.g. apt-get -o Dir=3D${ROOTFSDIR}). If > the > +# optional rootfs argument is omitted, the host rootfs will be used > (e.g. to > +# run native commands): this should be used with care. > +# > +# Usage: rootfs_cmd [options] [rootfs] -- command > +# > +rootfs_cmd() { > +=C2=A0=C2=A0=C2=A0 set -- "$@" > +=C2=A0=C2=A0=C2=A0 bwrap_args=3D"--bind ${REPO_ISAR_DIR}/${DISTRO} /isar= -apt" > +=C2=A0=C2=A0=C2=A0 rootfs=3D"" > + > +=C2=A0=C2=A0=C2=A0 while [ "${#}" -gt "0" ] && [ "${1}" !=3D "--" ]; do > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 case "${1}" in > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --bin= d) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 if [ "${#}" -lt "3" ]; then > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "--bind requires two arg= uments" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 fi > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args} --bind ${2} ${3}" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 shift 3 > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 ;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --chd= ir) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 if [ "${#}" -lt "2" ]; then > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "${1} requires an argume= nt" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 fi > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args} ${1} ${2}" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 shift 2 > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 ;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 -*) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 bbfatal "${1} is not a supported option!" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 ;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 *) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 if [ -z "${rootfs}" ]; then > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 rootfs=3D"${1}" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 shift > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 else > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "unexpected argument '${= 1}'" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 fi > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 ;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 esac > +=C2=A0=C2=A0=C2=A0 done > + > +=C2=A0=C2=A0=C2=A0 if [ -n "${rootfs}" ]; then > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args} -= -bind ${rootfs} ${rootfs}" > +=C2=A0=C2=A0=C2=A0 fi > + > +=C2=A0=C2=A0=C2=A0 if [ "${#}" -le "1" ] || [ "${1}" !=3D "--" ]; then > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "no command specified= (missing --)" > +=C2=A0=C2=A0=C2=A0 fi > +=C2=A0=C2=A0=C2=A0 shift=C2=A0 # remove "--", command and its arguments = follows > + > +=C2=A0=C2=A0=C2=A0 for ro_d in bin etc lib lib64 sys usr var; do > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 [ -d ${rootfs}/${ro_d} ] || c= ontinue > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args} -= -ro-bind ${rootfs}/${ro_d} > /${ro_d}" > +=C2=A0=C2=A0=C2=A0 done > + > +=C2=A0=C2=A0=C2=A0 bwrap --unshare-user --unshare-pid ${bwrap_args} \ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --dev-bind /dev /dev --proc /= proc --tmpfs /tmp \ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 -- "${@}" > +} > + > =C2=A0rootfs_do_mounts[weight] =3D "3" > =C2=A0rootfs_do_mounts() { > =C2=A0=C2=A0=C2=A0=C2=A0 sudo -s <<'EOSUDO' --=20 Siemens AG Linux Expert Center Friedrich-Ludwig-Bauer-Str. 3 85748 Garching, Germany --=20 You received this message because you are subscribed to the Google Groups "= isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/= 27cd63ffc8d2ae1c7ad97367df6e1327993f4d1b.camel%40siemens.com.