From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6623002413686063104 X-Received: by 2002:a19:1aca:: with SMTP id a193mr375419lfa.6.1542095586413; Mon, 12 Nov 2018 23:53:06 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a2e:4a09:: with SMTP id x9-v6ls878269lja.18.gmail; Mon, 12 Nov 2018 23:53:05 -0800 (PST) X-Google-Smtp-Source: AJdET5ca75jEDOsvT2r2UD1JtG1pmPDDrEblrpL8JrEyvyttE0sqvW/gC2NWhvgrbaVYxdF+vw59 X-Received: by 2002:a2e:7009:: with SMTP id l9-v6mr412097ljc.18.1542095585734; Mon, 12 Nov 2018 23:53:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542095585; cv=none; d=google.com; s=arc-20160816; b=rjTf3j3h9UwprfJI5NTp1I6A2TWoup3pdvb00fcpRB8wZQhhvA6B3NXeeHh61WIMrb Fb2XoCiv9X1o4wAqx00++9kDSI1JJvsNbrrfQI1y4Ql+SIC3083nLM2pxr9tRtgdGii2 AwAEjQeFddsLh2KlVBhBz7e05J4818woNycEE5HbrMgBa7tAb0grPz4z99XtH00HPFrd UE08wu7dKIe9yVWcYpjYwzKYD9HblaRaDnFK5mdQnSs0x9f5M7mzr9F0hQNgYoPEHhFC DouLeYsjv7++xZbROHVH2PN/SPhoDAK3qM7LFQ93gAnrr0IcXEFkHE1xgyG8DKpOjP23 RUjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :user-agent:date:message-id:from:references:to:subject; bh=igXjJnLc63KQHR2UL/nY/0AGvUT3mp1o3oc2NvhRguo=; b=QhwZxzY4pYr4yzHkK/+1rIsNUTztLTuiAA08ivFcrMV53iCEJo/ULXOyZBg0rYjuZp xe8a40CbqaXniVJzBLR4JcJ43JS0wfcGLYSflZYovqWjr+RLsqIcDd134AEehkURyusM bFTDoDYUkJjZ8HpOS4n3r4/E0Gj3l2daIXRRI3szi9Y2ESigUfFMOZUuFzOGNg6vIY9i CswJDD83yY8ErqJQOloVXh9vmsqS/d4jaQb4nfrYbjxBtCujISm28Ol5TjhKySVULlht g85vjSRUZx0BfMmS6IB0brZ35/XE7LaES8jQ68EWKbbnc/S8C0zeiYLlohlvcLcOPvC4 iChg== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com Return-Path: Received: from goliath.siemens.de (goliath.siemens.de. [192.35.17.28]) by gmr-mx.google.com with ESMTPS id a192si384066lfa.4.2018.11.12.23.53.05 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Nov 2018 23:53:05 -0800 (PST) Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.28 as permitted sender) client-ip=192.35.17.28; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id wAD7r4Ls012177 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 13 Nov 2018 08:53:04 +0100 Received: from [139.22.114.214] ([139.22.114.214]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id wAD7r4Kc003898; Tue, 13 Nov 2018 08:53:04 +0100 Subject: Re: [PATCH 1/3] buildchroot: Align UID and GID of builder user with caller To: Henning Schild , isar-users References: <20181112155149.24215-1-henning.schild@siemens.com> <20181112155149.24215-2-henning.schild@siemens.com> From: Jan Kiszka Message-ID: <7d205eef-33f9-ff7b-b267-d5bc92048e02@siemens.com> Date: Tue, 13 Nov 2018 08:53:03 +0100 User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.8.1.12) Gecko/20080226 SUSE/2.0.0.12-1.1 Thunderbird/2.0.0.12 Mnenhy/0.7.5.666 MIME-Version: 1.0 In-Reply-To: <20181112155149.24215-2-henning.schild@siemens.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-TUID: YRw7RRYtrF8u On 12.11.18 16:51, Henning Schild wrote: > From: Jan Kiszka > > This fixes EPERM on rebuild and also some clean builds: We have to align > the IDs of the builder user with the user in the host environment. > Otherwise, files and directories can become unaccessible during the > build. > > Fixes: be291cd991bd ("buildchroot: build debian packages as "builder" not "root"") > Signed-off-by: Jan Kiszka > --- > meta/recipes-devtools/buildchroot/buildchroot.inc | 4 +++- > meta/recipes-devtools/buildchroot/files/configscript.sh | 4 ++-- > 2 files changed, 5 insertions(+), 3 deletions(-) > > diff --git a/meta/recipes-devtools/buildchroot/buildchroot.inc b/meta/recipes-devtools/buildchroot/buildchroot.inc > index 7dd909e..2c44db9 100644 > --- a/meta/recipes-devtools/buildchroot/buildchroot.inc > +++ b/meta/recipes-devtools/buildchroot/buildchroot.inc > @@ -36,7 +36,9 @@ do_build() { > > # Configure root filesystem > sudo install -m 755 ${WORKDIR}/configscript.sh ${BUILDCHROOT_DIR} > - sudo chroot ${BUILDCHROOT_DIR} /configscript.sh > + USER_ID=$(id -u) > + GROUP_ID=$(id -g) > + sudo chroot ${BUILDCHROOT_DIR} /configscript.sh $USER_ID $GROUP_ID > > sudo mount --bind ${DL_DIR} ${BUILDCHROOT_DIR}/downloads > } > diff --git a/meta/recipes-devtools/buildchroot/files/configscript.sh b/meta/recipes-devtools/buildchroot/files/configscript.sh > index 30660e7..7e49385 100644 > --- a/meta/recipes-devtools/buildchroot/files/configscript.sh > +++ b/meta/recipes-devtools/buildchroot/files/configscript.sh > @@ -10,6 +10,6 @@ locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8 > locales locales/default_environment_locale select en_US.UTF-8 > END > > -addgroup --quiet --system builder > -useradd --system --gid builder --no-create-home --home /home/builder --no-user-group --comment "Isar buildchroot build user" builder > +addgroup --quiet --system builder --gid $2 > +useradd --system --uid $1 --gid builder --no-create-home --home /home/builder --no-user-group --comment "Isar buildchroot build user" builder > chown -R builder:builder /home/builder > -o ? Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux