Re: [PATCH 01/16] meta: ext4-img: copy and keep attributes, always copy with sudo

[Alexander Smirnov <alex.bluesman.smirnov@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 2653 bytes --]

Hi,

2017-08-01 13:17 GMT+03:00 Henning Schild <henning.schild@siemens.com>:

> Some security enhancing packages can cause our initrd to be not readable
> by a normal user. So we need to copy with sudo.
>

Please be more explicit which packages, it'd be nice to have examples here
in the commit message.
In general Isar follows the way to reduce usage of 'sudo' as much as
possible, so every new entry should have good reasons.


> Also regular cp would destroy ownership and other attributes of files,
> possibly creating problems in the future.
>

Also an example is highly appreciated.


>
> Signed-off-by: Henning Schild <henning.schild@siemens.com>
> ---
>  meta/classes/ext4-img.bbclass | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/meta/classes/ext4-img.bbclass b/meta/classes/ext4-img.bbclass
> index 65d4c11..6dc2039 100644
> --- a/meta/classes/ext4-img.bbclass
> +++ b/meta/classes/ext4-img.bbclass
> @@ -21,16 +21,16 @@ do_ext4_image() {
>
>      mkdir -p ${WORKDIR}/mnt
>      sudo mount -o loop ${EXT4_IMAGE_FILE} ${WORKDIR}/mnt
> -    sudo cp -r ${S}/* ${WORKDIR}/mnt
> +    sudo cp -a ${S}/* ${WORKDIR}/mnt
>      sudo umount ${WORKDIR}/mnt
>      rm -r ${WORKDIR}/mnt
>
>      if [ -n "${KERNEL_IMAGE}" ]; then
> -        cp ${S}/boot/${KERNEL_IMAGE} ${DEPLOY_DIR_IMAGE}
> +        sudo cp -a ${S}/boot/${KERNEL_IMAGE} ${DEPLOY_DIR_IMAGE}
>

1. Ideally DEPLOY_DIR_IMAGE should not contain files with root permissions,
the only multistrap filesystems should require them. Any spread of sudo
significantly increases the probability to damage host system. Also I don't
see the reason to keep kernel image undo supervisor permissions.
2. If KERNEL_IMAGE is symbolic link, 'cp -a' will copy symlink only.


>      fi
>
>      if [ -n "${INITRD_IMAGE}" ]; then
> -        cp ${S}/boot/${INITRD_IMAGE} ${DEPLOY_DIR_IMAGE}
> +        sudo cp -a ${S}/boot/${INITRD_IMAGE} ${DEPLOY_DIR_IMAGE}
>      fi
>

I think that closed initrd is more private case than mainstream. Can we
cosider possibility to implement this as optional security feature?


>  }
>
> --
> 2.13.0
>
> --
> You received this message because you are subscribed to the Google Groups
> "isar-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to isar-users+unsubscribe@googlegroups.com.
> To post to this group, send email to isar-users@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/isar-users/5e98880f61dba959ada0c9bc8feca65b0a5760e5.1501582237.git.
> henning.schild%40siemens.com.
> For more options, visit https://groups.google.com/d/optout.
>

[-- Attachment #2: Type: text/html, Size: 4461 bytes --]