Re: [RFC 04/12] introduce wrappers for privileged execution

["'Jan Kiszka' via isar-users" <isar-users@googlegroups.com>]

On 18.02.26 12:58, 'Felix Moessbauer' via isar-users wrote:
> As a preparation to enable rootless builds, we introduce wrappers for
> common cases of privileged command execution. The wrappers are defined
> in the base class where later on the executor dispatching will be
> implemented as well.
> 
> The wrappers are introduced throughout the whole codebase and downstream
> layers are also encouraged to use them to increase compatibility with
> upcoming API changes.
> 
> Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
> ---
>  RECIPE-API-CHANGELOG.md                       | 16 ++++
>  meta/classes-global/base.bbclass              | 30 +++++++
>  meta/classes-recipe/deb-dl-dir.bbclass        |  4 +-
>  meta/classes-recipe/dpkg-base.bbclass         |  2 +-
>  meta/classes-recipe/dpkg.bbclass              |  2 +-
>  .../image-account-extension.bbclass           |  4 +-
>  .../image-locales-extension.bbclass           |  4 +-
>  .../image-postproc-extension.bbclass          | 30 +++----
>  meta/classes-recipe/image.bbclass             | 14 +--
>  .../imagetypes_container.bbclass              | 26 +++---
>  meta/classes-recipe/imagetypes_wic.bbclass    |  4 +-
>  meta/classes-recipe/rootfs.bbclass            | 88 +++++++++----------
>  meta/classes-recipe/sbuild.bbclass            | 10 +--
>  meta/classes-recipe/sdk.bbclass               | 14 +--
>  meta/classes/sbom.bbclass                     |  2 +-
>  .../isar-mmdebstrap/isar-mmdebstrap.inc       | 12 +--
>  .../unittests/test_image_account_extension.py |  9 +-
>  17 files changed, 157 insertions(+), 114 deletions(-)
> 
> diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md
> index 0bad8a44..bc40a403 100644
> --- a/RECIPE-API-CHANGELOG.md
> +++ b/RECIPE-API-CHANGELOG.md
> @@ -962,3 +962,19 @@ INSTALLER_UNATTENDED_ABORT_ENABLE = "1"
>  # Optional: set countdown timeout in seconds (default 5)
>  INSTALLER_UNATTENDED_ABORT_TIMEOUT = "5"
>  ```
> +
> +### Execution of privileged commands
> +
> +When operations require higher privileges than those available to the build user,
> +the following helper functions shall be used:
> +
> +**run_privileged**: Run a command as root while preserving the environment.
> +
> +**run_privileged_here**: Execute commands provided via stdin in a root shell.

From their names, these two commands sound to me like they differ in
where they are running the commands, not how. But from the description
it is the latter. "run_privileged_from_stdin"?

> +
> +**run_in_chroot**: Run a command within a chroot environment. The first argument
> +specifies the rootfs path.
> +
> +Using these helpers instead of direct `sudo` invocations centralizes platform-specific
> +privileged execution logic in `base.bbclass`. Direct use of `sudo` is discouraged
> +in downstream layers.

Are there sudos left in Isar after this conversion? If not, should we
start to catch sudo as invalid afterwards?

Jan

-- 
Siemens AG, Foundational Technologies
Linux Expert Center

-- 
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/3b3f160d-f71b-4c2f-bcf6-ef5a2ef48baa%40siemens.com.