From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6623002413686063104
X-Received: by 2002:a1c:c914:: with SMTP id f20-v6mr184152wmb.25.1542184271867;
        Wed, 14 Nov 2018 00:31:11 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a1c:c90:: with SMTP id 138-v6ls2708803wmm.13.gmail; Wed, 14
 Nov 2018 00:31:11 -0800 (PST)
X-Google-Smtp-Source: AJdET5dafsye+WP1qk9qxYkj6wHe6SbbJ+sx44PpfzV3UrRFAMBRbMDo/PC+sPFcJgvLXWu9IKfP
X-Received: by 2002:a1c:1582:: with SMTP id 124-v6mr199218wmv.13.1542184271337;
        Wed, 14 Nov 2018 00:31:11 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1542184271; cv=none;
        d=google.com; s=arc-20160816;
        b=fPcBuL5tlzFHDftWe6styrFaC1NY8dpJDDmrqQ9LndL8T/AvWB3W53xwcqzGooe72s
         OROsY3ok+1bOXLGB5X+pf1N337MG8jc7AB/zgUqr9TT/SL4nWczVdD10K5rlOuBSD5Ra
         g9NBuL/u6YZb7a5eP746Lv8W5JM/LzybK6tb+wAKEqoEyE0KJONhOXzdWdej5B6eLRWF
         F0sZzaeK689hC//8rw5jydnGvfKKnlc3GWlWD4bB5O6QCchfxyEEDhbYWbje5OgvDuaj
         MaUiMZf2w8CNdlW00Hfh4TIBTNG0SBVqbOpzmLl14aOw8J+cSnin7y+HMPbBPGAzyXgu
         mpPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:content-language:in-reply-to:mime-version
         :user-agent:date:message-id:from:references:cc:to:subject;
        bh=o6hL//KkPTftrvkSL49WE28MO3T5EQajE+TcEkzegpE=;
        b=Mpty7EnqTsxoCEs89zLk1SDXG7ZnlBVg8mld1nABsIMaT/SiFUj6G43UF8pzNRbKM2
         k67fH7z9gtMIzKmQmrYf7R3HYp5+S9U3L8sxdhZ1MjCU8LH+JziV8f0320AXhom/Ib0Q
         bgwFA2GJtyY0FO/8oZaVie2k+w2OMUMxO+SeyYZi7u31/iystpWD6tGvNX1hfFHtq+Xu
         pRpfptWBOdBT/wrWUaC3smxuKSaRLc4hdOFUqQvVUDbUoPN9cNEY3/4VZmaeO22d9WQZ
         0OTbpvHXds8pThSTprv9pksJBKW+cOecLaS8XASQgPp+/yBPz8ef2/3n7P6csLn2wWly
         W+Xw==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com
Return-Path: <jan.kiszka@siemens.com>
Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2])
        by gmr-mx.google.com with ESMTPS id z129-v6si366342wmc.0.2018.11.14.00.31.11
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 14 Nov 2018 00:31:11 -0800 (PST)
Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66])
	by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id wAE8VAmO009874
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Wed, 14 Nov 2018 09:31:10 +0100
Received: from [167.87.48.179] ([167.87.48.179])
	by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id wAE8V9C2002439;
	Wed, 14 Nov 2018 09:31:09 +0100
Subject: [PATCH v2 1/3] buildchroot: Align UID and GID of builder user with
 caller
To: isar-users <isar-users@googlegroups.com>
Cc: Henning Schild <henning.schild@siemens.com>
References: <20181112155149.24215-1-henning.schild@siemens.com>
 <20181112155149.24215-2-henning.schild@siemens.com>
 <7d205eef-33f9-ff7b-b267-d5bc92048e02@siemens.com>
 <20181114083249.37e0aa26@md1za8fc.ad001.siemens.net>
From: Jan Kiszka <jan.kiszka@siemens.com>
Message-ID: <60a370f9-3a7b-7333-a7d9-c49bbadfe145@siemens.com>
Date: Wed, 14 Nov 2018 09:31:09 +0100
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.8.1.12)
 Gecko/20080226 SUSE/2.0.0.12-1.1 Thunderbird/2.0.0.12 Mnenhy/0.7.5.666
MIME-Version: 1.0
In-Reply-To: <20181114083249.37e0aa26@md1za8fc.ad001.siemens.net>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-TUID: RZ/8u5MmD0jg

This fixes EPERM on rebuild and also some clean builds: We have to align
the IDs of the builder user with the user in the host environment.
Otherwise, files and directories can become unaccessible during the
build.

Fixes: be291cd991bd ("buildchroot: build debian packages as "builder" not "root"")
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---

Changes in v2:
 - permit duplicate UID and GID inside buildchroot

 meta/recipes-devtools/buildchroot/buildchroot.inc       | 4 +++-
 meta/recipes-devtools/buildchroot/files/configscript.sh | 4 ++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-devtools/buildchroot/buildchroot.inc b/meta/recipes-devtools/buildchroot/buildchroot.inc
index 7dd909e..2c44db9 100644
--- a/meta/recipes-devtools/buildchroot/buildchroot.inc
+++ b/meta/recipes-devtools/buildchroot/buildchroot.inc
@@ -36,7 +36,9 @@ do_build() {
 
     # Configure root filesystem
     sudo install -m 755 ${WORKDIR}/configscript.sh ${BUILDCHROOT_DIR}
-    sudo chroot ${BUILDCHROOT_DIR} /configscript.sh
+    USER_ID=$(id -u)
+    GROUP_ID=$(id -g)
+    sudo chroot ${BUILDCHROOT_DIR} /configscript.sh $USER_ID $GROUP_ID
 
     sudo mount --bind ${DL_DIR} ${BUILDCHROOT_DIR}/downloads
 }
diff --git a/meta/recipes-devtools/buildchroot/files/configscript.sh b/meta/recipes-devtools/buildchroot/files/configscript.sh
index 30660e7..25a21ef 100644
--- a/meta/recipes-devtools/buildchroot/files/configscript.sh
+++ b/meta/recipes-devtools/buildchroot/files/configscript.sh
@@ -10,6 +10,6 @@ locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8
 locales locales/default_environment_locale select en_US.UTF-8
 END
 
-addgroup --quiet --system builder
-useradd --system --gid builder --no-create-home --home /home/builder --no-user-group --comment "Isar buildchroot build user" builder
+groupadd --system builder -o --gid $2
+useradd --system -o --uid $1 --gid builder --no-create-home --home /home/builder --no-user-group --comment "Isar buildchroot build user" builder
 chown -R builder:builder /home/builder
-- 
2.16.4