From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Thu, 05 Jun 2025 08:42:34 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-pj1-f60.google.com (mail-pj1-f60.google.com [209.85.216.60]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 5556gWDb001090 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 5 Jun 2025 08:42:33 +0200 Received: by mail-pj1-f60.google.com with SMTP id 98e67ed59e1d1-3111b56e11dsf204779a91.1 for ; Wed, 04 Jun 2025 23:42:33 -0700 (PDT) ARC-Seal: i=3; a=rsa-sha256; t=1749105746; cv=pass; d=google.com; s=arc-20240605; b=c1Wxx1Jno5SDX/FrnE1QzoIayNVSdjXDftlsiWW2uh8/ZAkyyqrWp3VEpBNEG+1VxM hKmnX5CsIuRVfI7sNH86ULKx7A121jxoNnmGkyvbAg+JPWbg5HHI4m4Bj1K/oMPwD0YB y+oW5BNXyb5ze6n88euOz4VhLRxUYad0WbX5gDGQ3MsdcKGxYSKjYf+vcJ860CkBK/0h 8BT5pUai30OKp2lYZXFTEVL3fWUSfIXOq1vtkJYIou0tvFaC+eMKCGJ1TssfO0N/nalq QrE/U/hzondE2A3JcawvspZX5u18bQB4WblttKO0BGIMeE8bMraqZvEFdGMrmLE/f/Jb R7Cw== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version :content-transfer-encoding:content-id:user-agent:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:cc:to:from:dkim-signature; bh=z/4M6wrxTwE7f1ivbTJ2GiUzkX+I1q0o/MmLEU+niug=; fh=k3FL3kJOsMFHVmMuHEcqbfsE4Zgj3+iUT3X5QuhAHHE=; b=a0fRUGkzgCyYMQI3QWSq5W/DVhUnP9kaEOYOThdPOPG2CaIuBfWZhJpL125gJ69WZU OdBAQcv/6gnjWsv5Q+EBOHnfkTsE1QtFayP+dqqRdcquTKDfq1HzIG80Zl2dw5lDbxMt Z/ylht1xFDCVplh7t48R0F2+zwtmDIvmVxogq2LTvCQCH/caq+njmDW+WcRWYqIeCTUP j31zDTTbezn4CIJJe7y0o/YNfBH1qNINe4hem9/5RzTZyqNcfHSCIV4qlVs4xL+1wOvO bBd8OsQ867Gm3cFgljcf5PM9Z8ujROKa9u4udZGnButeS+fGSsfv8Wm9Tbee9E5RsYdh BdFw==; darn=ilbers.de ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="p7uS1O/C"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of cedric.hombourger@siemens.com designates 2a01:111:f403:260e::61c as permitted sender) smtp.mailfrom=cedric.hombourger@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1749105746; x=1749710546; darn=ilbers.de; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :content-transfer-encoding:content-id:user-agent:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:cc:to:from:from:to:cc:subject:date:message-id :reply-to; bh=z/4M6wrxTwE7f1ivbTJ2GiUzkX+I1q0o/MmLEU+niug=; b=BlX99PCtqvCRvFfCTKJVeIQeJyUdFXgHDUWptgb7LgOQ4i8C8d4muTNXiKDA8K3hGZ UmMzNX75oQCjZK3MTe1eD9f3BpScI/+G82ZXwerFEbgS7uLz0wgNrnRJaoKGX33EZhu+ h6+al3b3AtTo6FtqL9N8GIWh5V6IzTc2UGZUr1312+Ry4VbgQKTrdRrxo/KoRk/mmhT3 nCZJFH5dHY11/doQMJf30baY1zTGM4d0cSGBkJXqq9bFrvY0qk8zMpo85MvrAXFpFlRh uTGJVEg2x/a8wbBWiWYY+/UW62pxppsKUDqGO4e7V4tYm5iKyMXAti/FntucngtPRQ4O tnuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749105746; x=1749710546; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :content-transfer-encoding:content-id:user-agent:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:cc:to:from:x-beenthere:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=z/4M6wrxTwE7f1ivbTJ2GiUzkX+I1q0o/MmLEU+niug=; b=gtczBW7Uf646/7+H1wX90KzgGAOD7h/OSKVFUPsRyIDjfEakYDxwOpU6MDo2oL9wHf plM2SsTNqqwGwNBxAkYJrE1fHylX8FlaflSySZ/Q1IdmGRQ7DQBICxcfaRRFmo3wq8q3 FM+9QsLzHDmVIc9ktX4dlDedb54TtfqlYgyLocXDkoXy82aT2J4/Lt0jhNJq5UysYRKs XAFlBufg+YhnWqkdsJTjYss5xWCKrFBOgZO+fmszUbPGOjJkLNuj+a1s8eeF7xG9/2Fv spmICqJfhdknkqHZ2mrccz4dqoeJN+uORYsHZJDJ22UOOQM6Swsyb7SOJwasVt4JyT81 VavQ== X-Forwarded-Encrypted: i=3; AJvYcCVMxBNxmFYPtGLLMRYBctBd+UTUtsDYc5825B0o84vDx7/q7uNQcTJjy0WtGSwQoc9MYA3a@ilbers.de X-Gm-Message-State: AOJu0Yy+Ohy45L56cUndYhTPxCDAcEHl2ml+IYFzfa6eL60pB+wnfSl+ nnMQYBHEYkZwIPo/dW4zFnYTg3KssoLufgeQuI3LHNV6x+Z1gEJ1vA9C X-Google-Smtp-Source: AGHT+IGAoLGiLY20EaOHC/PCVE78R1VaYpwTMxR7YZxxlAEsnw1so5RCKIkpYwb2ztGcI0O9Hoz/kw== X-Received: by 2002:a17:90b:5112:b0:311:b0ec:135e with SMTP id 98e67ed59e1d1-3130ccaf20bmr3414873a91.2.1749105746279; Wed, 04 Jun 2025 23:42:26 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=AZMbMZceb8s4/20uKUI2BKeP55OEcPkoqbQdnkqG98vwVW3ppA== Received: by 2002:a17:902:9f96:b0:234:ae27:bf40 with SMTP id d9443c01a7336-235f1b232a6ls4339455ad.1.-pod-prod-00-us; Wed, 04 Jun 2025 23:42:25 -0700 (PDT) X-Received: by 2002:a17:903:234a:b0:234:9fee:af95 with SMTP id d9443c01a7336-235f107a0cbmr40662655ad.0.1749105744738; Wed, 04 Jun 2025 23:42:24 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1749105744; cv=pass; d=google.com; s=arc-20240605; b=g36JamzWG7UM/YDlJqkD0VzTl2/mGRyV8DTHwXoCw5aWzXzIgdzSrJd4PsZ1zRUOIF Lj11OyYmNRScKjgiPsQtxo1KwFXTuIOCpfKr1o1vGHBFRXzRrOjfUVsE8gIlr4Ms1Ypp vteIP+kDV9FVF3U2oa8tB+Gy0+fzY5v+0jht5Zohq5lYXClqs7ZoTPT4lAMytVLVY9v1 zLnzJflkVLqOkRYo4CNZj4ZDiHDuKQEpCK/jvDDibRal2wGd0lPoi8E2XZDBs7HIEpXr aTpsD9BLXNs1ntKVdPUyCi2NlN6OdK2KBjQsLnZyy4HPse1et+x65s8FoeXCSU4AC+N2 09vg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:content-id:user-agent :content-language:accept-language:in-reply-to:references:message-id :date:thread-index:thread-topic:subject:cc:to:from:dkim-signature; bh=F+knsa30s92acI14fmmMS1wfudUUBIAjr45nAoIaQxw=; fh=X8lgNEQRyY+dscOrEwU5K412v7/nKTLZ+uTRqVWtKdg=; b=MoT6LjF/sjXYGnvJdO8iuIQFxy7KKAYyRn7vv940mxTLpbO6cDxgFPpfoLw67StDJO 2t27k71bfCIK8AvNbWNQb8BuwcG2TlfUkblz4844Q6uqo8xTmCfxAcJ+FckRwqdUHyGG 132LqQS+7tDf+OA9TEyj3FNmseNDx/IFBcCcoIRvUAxq6AhSveqgIi6R/MU+pzNLnMgF kD4MEf4N0D0TlR7bp8rE610zWvFhPRKQE1+eUXt9Q6YDxuaJrzrqRp8rlw7HZNUHQaNy I2SyPuVt/DfbU5Cne2Ru6wzGW12wN4WmVtiZ9l2x5/agwlIkWiKf2tG+9UTARLqU7r0b VP8g==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="p7uS1O/C"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of cedric.hombourger@siemens.com designates 2a01:111:f403:260e::61c as permitted sender) smtp.mailfrom=cedric.hombourger@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03on2061c.outbound.protection.outlook.com. [2a01:111:f403:260e::61c]) by gmr-mx.google.com with ESMTPS id d9443c01a7336-235c887495asi2585165ad.10.2025.06.04.23.42.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 04 Jun 2025 23:42:24 -0700 (PDT) Received-SPF: pass (google.com: domain of cedric.hombourger@siemens.com designates 2a01:111:f403:260e::61c as permitted sender) client-ip=2a01:111:f403:260e::61c; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=RHHfQCQD1/ihJg1lp3ZP2SjYFK8gJIC0iJbG2VgYN69b1JYeWEUXO40xFZYZJRehFKGdTUVlt7dNWSJCZUwyi+bKZEJ2eQvgSbqFbcf3ZoDE3BqHo0rQixiqP/K5iNbGNoBeN2vGrToTRcV791elGuELhwwL0AZIB3Zir0BW92iY8pQDvL3mn0QJg+4nHmyUvGVrFmOxD/Ut51QvyAW1Dj9WhJrRbFO9XmKKgCPGui3JSp6dg0oHndgHHbzGsJT93ZkMtCekXsJb5lfMWw+OhKkKXeyqPYdMZcaMqecjJVnr/HmYWKz615s9wJBCYTyLPSfjRgSccMvcLCGaTEpsRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=F+knsa30s92acI14fmmMS1wfudUUBIAjr45nAoIaQxw=; b=WqIsPaoIH/FysJw9Opt4vbYIFcUrsefR18tbpJCmHxo4oTYamEQvcjSifWYg6Wv3Tk0MLUBA1LsQXcISAIYxkYQkRm2Xzc51buj5Mh68SVWcIVt1Ab5l5V0HSO0+eREUW3LVzN2dLkcS1llYTbUvXk2rgfEZSeYexOJ63fg3c5by/z5J5lqr0RCt/XzZVT4sD8mHwwrMChAtjGE0f4N+3qUcDO8VmNKLIyBLBDWLu81gaZLkQ31LQOouxKoA3wFZOO4mncLy/vbEj1k8v2A4oQJ9x7N3POnKsAB2tmNkdEAJtgqjydWA72u53X51tOtwKurLBk5HYvPDVWQlM4bCAw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from AS8PR10MB7875.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:629::5) by AM0PR10MB3140.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:189::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8813.20; Thu, 5 Jun 2025 06:42:16 +0000 Received: from AS8PR10MB7875.EURPRD10.PROD.OUTLOOK.COM ([fe80::cd6d:2dce:458b:5321]) by AS8PR10MB7875.EURPRD10.PROD.OUTLOOK.COM ([fe80::cd6d:2dce:458b:5321%3]) with mapi id 15.20.8792.034; Thu, 5 Jun 2025 06:42:16 +0000 From: "'cedric.hombourger@siemens.com' via isar-users" To: "isar-users@googlegroups.com" CC: "MOESSBAUER, Felix" Subject: Re: [PATCH 1/4] rootfs: introduce wrapper to run commands against a rootfs Thread-Topic: [PATCH 1/4] rootfs: introduce wrapper to run commands against a rootfs Thread-Index: AQHbyLVN8tBWKwGWek2DXiatjXZF2rPeu04AgBV9OoA= Date: Thu, 5 Jun 2025 06:42:16 +0000 Message-ID: References: <20250515150727.1764989-2-cedric.hombourger@siemens.com> <20250519115750.3195300-1-cedric.hombourger@siemens.com> <20250519115750.3195300-2-cedric.hombourger@siemens.com> <27cd63ffc8d2ae1c7ad97367df6e1327993f4d1b.camel@siemens.com> In-Reply-To: <27cd63ffc8d2ae1c7ad97367df6e1327993f4d1b.camel@siemens.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Evolution 3.44.4-0ubuntu2+intune x-ms-publictraffictype: Email x-ms-traffictypediagnostic: AS8PR10MB7875:EE_|AM0PR10MB3140:EE_ x-ms-office365-filtering-correlation-id: 3d837859-21a8-4c7d-9ee7-08dda3fc1cdd x-ms-exchange-atpmessageproperties: SA x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|376014|366016|1800799024|38070700018; x-microsoft-antispam-message-info: =?utf-8?B?NUFzd0Z6Vi9QUGN1bVRDdW0wUW8rcUhyK1FTSjhqd3YyOUNjQmF6aENnRDl2?= =?utf-8?B?dFRtWXNGYnlCR2VCamRNbmFVOW05U3JrYklqSUZHSHNBRWZFVFJIalRDb1Vh?= =?utf-8?B?QnRpaVFDSUFVd3dZRnpIUU5CSHZ0c2pMeTVzenN4V2N3WWJESktpc0FEMzJq?= =?utf-8?B?U3NxSUs2bXo5NUF0VldIcTBlckE3RzErcFFPaDlINEM5eGpqT09DN2ppdXFG?= =?utf-8?B?OS9paHI5Y1AzZ092d2pEcVNHVStlWmtxblU5NjRIZjBMb0JXVjY0QWJSZkV6?= =?utf-8?B?bmdrcytQMDVyelE3M0QzVUFYMURzZm0yNEQ0ZG95d1VhekxTNEcyZ01JRWJv?= =?utf-8?B?UStpMW1qRmJibW5XbDhFWDZBRWNKYjkvTFU5MDNiQ0xpSHVtSlFaK25xZnZS?= =?utf-8?B?Uk1objVUUTNZRStMcjh4TTRhb2VVei9TS1hEKzh6TWxVekRjVm9WSTJpVHpE?= =?utf-8?B?Ry96dHArdU9RZ3NkL01jclNBemVmb1ArRlhwT25uMU8vTVZvVXZmMkV3ZzZl?= =?utf-8?B?UWgvKzNVbXBxY0ZyT1BPckdTU0xmTjVOaDcrL0dtZ1F5MkxTZS9Yb3lSZEZz?= =?utf-8?B?N0N2cHEyOUNib3VPQlA1Q1dBaE85MDl4UXk3TGpGNnBHZGl4c0s5OHpnOGFl?= =?utf-8?B?QWR4QTFqR2FMY0hsTlk5cjhVRnFkM0hlL0IvckxtYzQ3Sjl2bmZQd2h1cTVw?= =?utf-8?B?QTB0VHg5blhwWU5GSStTZ0p3Q2ZITG0wNU5FU3VrZUtyTnB1d0pzeGpoZGtv?= =?utf-8?B?bkI3Nm1rK0Y1WGlDNEpvNHIvenM1M1dkbWRQR2c0VXJ6RFRndEpYQ2VDaVZW?= =?utf-8?B?VVdEdWFrbDRTN0tBRWRrZzlmekNIWDZ2RUVFcnFYZVpHVFpOeUYwcGhtMFE0?= =?utf-8?B?SnhWVWNZODRYY2FjL3krczN0MDJ2aW9sd0tqNXhiNlZNSnFyb1NpU0F3bUY2?= =?utf-8?B?dThWcDFybUNCb3M3b2owcjNlV0xRTStRRlpmT01TNU9nZk9SRzhtN1Zqbyth?= =?utf-8?B?cFR4bEJUa2U3alp2VndvTEJjQTFFdmgvSDROZWV4dzVkZm5XVXZlVkNmaGJY?= =?utf-8?B?aUJTdUJpejY0dUEzVFN6d3k0a2paQlpSNlBuTTd0QlFOVFFaZCtuVDVKTk5r?= =?utf-8?B?UEh3Z3B3cFpWT2RHc1ppcE11a0ljcVFiMnhmS05vOGxOeHNadXA4ZHFvWDhJ?= =?utf-8?B?SHZ6WHpqZ05XL3h1V1U4SzAzSDZxd0pWSnVoWlJURDZxVHNIcElnNFZVVzd0?= =?utf-8?B?djdFQ2JYQksrTE0vdE5jT2dpeW1HN0p5KzZQc2RiS0JJTk80cW9DMUk5cDBz?= =?utf-8?B?dW53R1hUZmpSTzcyamJyZWRYQnp6WDVTWDlTajFJa2RiTDZBaVdJN3dYK09F?= =?utf-8?B?MXJsYTc0b1FFVUY5UklwMVEzeEtlV1M1Q3VnOTFVa3ZlT3RoK3JpekpwSEdP?= =?utf-8?B?TTBkb3ppMkxFa0NIb2p6RnBLYjBpYmRjVjNudWdET2ZZdHY1YU45S2MvTTY3?= =?utf-8?B?VURwcnBRV0xMUDlWMFVUbGNDUHZ2R2ZuQS9FaE9GcDdub3Q4VkhvLzNZbG1h?= =?utf-8?B?dDNFNWhSbGxCTEZWcmd2MzQycWh4WlZIdVZ6WXpERWIyNjlGSWR6NHNIM0Fy?= =?utf-8?B?RkU5ZlFWWUpMQXg2YXJMWnY3Ky9uMmN6WEUyOTU4WmNhTitZclk5Um9aeXp2?= =?utf-8?B?eDIxSkRXREI0MHNsRjNYSlBGMW1ubzFlY3p3N3RkRllISmRmc0thMmNDTWJM?= =?utf-8?B?OUJCRmlqZklSQzVUM0x0enJqbWJtbDNQc3RrVkNSYkY1LzVyK3V5NFpSdGND?= =?utf-8?B?K1lacThtQ3FEeVBoV25kVzg1ZmRBTTY2Ympnb1Q0SkJ2eGNNb3ZrbTVjcENS?= =?utf-8?B?eE1NankvWDVqYVRndGYvU2NmQ3Zqd2tZdEZYSWRPWGUxNStPUjh5NGJkRENZ?= =?utf-8?Q?YWvGStVN8m8=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS8PR10MB7875.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(376014)(366016)(1800799024)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?M2hGMDlPeUc5YTBtSFFLdkJxQ204d3VnTUgxTVBEVzhWMkU5MDdOSkNVTDBl?= =?utf-8?B?Z0xzQ3ZEM2lzamtzRXZYTzFoa2ljV2N3citmeTQwa3F2bXRERkZLSGdIdFM3?= =?utf-8?B?YWtDaC94cVdGMko0cHBiN1dwM0NQR0hDcGtObkNjeXdUZEFiT1YzcXpOVGV2?= =?utf-8?B?azZKVWJ3d2JPSUxGbm9ycUQ1VFB3N2R5SW5IM2U3SVJnV05FN2tmVGJSLzkv?= =?utf-8?B?b2JqQnl6c25odTJ3VEt6ZXVIa3Q0Tk5MSXlrODNsRkVJU1Q5azkyRVRMazNE?= =?utf-8?B?OEFiRElUSFo0akE4VDdoSVBYNVhkeDhjQWlFeURNdktPY3BJa2FNWTBUTHBH?= =?utf-8?B?VTEzc3BaZTdzbm1tTVQwMmNNT2t1d280ZmNRZzZobHZkMFpuS2RZQkFMY2xj?= =?utf-8?B?ZVJFNEExQ3pHMXgzZmx2bmhEcnA3L3JoZFdLdzN2K1dKUEFOU0ljVU5mRHE5?= =?utf-8?B?TDNWRzdhU1ZHbnVkTWNpZHlGNXBHY0F0eUVkanNRSXdEcXlvc3NoVzY2cHlv?= =?utf-8?B?UmNOM2tkV1h4T3hsd2JjbEZBa2ZOcHMxVC9YUGh5TnFEa3ltT3BNeXpicCtF?= =?utf-8?B?SFM4OUU5NkhDN1dUc1owTVBFT1dzdmJpVlYzcjBYamc5Z0ZZbXJhcmJDajJ2?= =?utf-8?B?RllMelJsMzdDcDZBWjRuZ1JGaHRKWjBkd0dSL1hnVEdaWUVwSXhiaDRSMUk2?= =?utf-8?B?RExnWXBadTN2MGlUNWFvTGp6Rmp2VDErRmJicmZHODdZNU0rcENPaXlRSkVa?= =?utf-8?B?UVI2MjMyT2w5Y3BNSEJVcnc5QzIrTVlnZThrMXBzZ1VhdlVkWWF4UktTK0dK?= =?utf-8?B?U0ZiRTExNEtoRjVSU25rdkV1Rnk1OFV4NGZqYlBoSU5ya0hQMUtUY0JpTWUy?= =?utf-8?B?SkJYU2ExeXJKYTFTWnJkVGpqVDVyMjY1SUYyb0RUekdNOENaSnIzK3FHMzBT?= =?utf-8?B?WHY4dVVNdTlCc2FrOTZvWDRQSy9HMTZiSHBESTlyR2ZGb25MMTFLRFdLeVFi?= =?utf-8?B?Rnhad0RxTmRaNVdJQ1RWdTRJM1l4UEgrcXZWT0txTzJHcSt6N2kweUp6clBh?= =?utf-8?B?dFhSeXV4ejgxU2N3VmgwNFlGWi9UQlpHN2l0c0MyM2ExQkZwRjErMU5qaFNH?= =?utf-8?B?QTcxaEdpY05CZmVlcW9qazdwSEVhQUUvUlRSdW91UUVtNU13SWgvZkpqOUxO?= =?utf-8?B?aE13aXZZcXhGUjAxV3hVMTRwWVVEeGNsNzVjTFBXT3JhZ283U25aTWkvSy8w?= =?utf-8?B?eC83YWcwSlE2UFFKeEF6aDNtUDVWUlhWMU5DZTV4Ly9HeURBbkRNZDBVbG5W?= =?utf-8?B?ZGpScGd0a09ydG45dXRDK1lRKyt1RmxOSVREOGhkVkJKWVdRVmlvMWtURlA4?= =?utf-8?B?T2tHVDJ4T05nNVRsWlJ4VlMzdkF0VFJucjhMcGtTWFFqSFIwMld2RS84SVFk?= =?utf-8?B?UXk1RloweHR2NlZ0c0tWWCt6M1l0dXFrS3YwU2lQMlEwMnFtbTBSSGJqRHMr?= =?utf-8?B?aFBTQk1UL3g2RDlzOVV4Y3AvRU5yZXlZL0FiL2NhWHU2K1dwUVFxVyswSGlh?= =?utf-8?B?anQwUVFwN1lPTyt4VnVqdmFWRHVta1pINlVXSFErSW9Ld2VBSnNuYWpyNWNw?= =?utf-8?B?cUNjTDFySzZPVE1BVjgzazdqcUlWdzBXQzdEZ3lZb1NsNk5UUUMzM0hYb0VT?= =?utf-8?B?a2h4eUI1YjhIRUR3T3ViVHhFM3J2Wk9PaTJJeXczdlBRbUU1a1NFYkhncU5M?= =?utf-8?B?NEhDWnZucHNCd2pRRkN4UzNsQjBlcW9NSGFxOG5Wa0VOdVNwdGluU01JWS92?= =?utf-8?B?L3JrcUVvUUoyYzIvRGJLRHZhVEFwZnF0bjh2eG5DelcxT3c1RXBDNmF0ZWpv?= =?utf-8?B?R1Z3SHdUam96TjJzQXVqWm5rWmQwZ1V6Ykhwd1NIeTdxaS9PU0djQXRITE9M?= =?utf-8?B?WHFZOUZ3ekxRSExjdFFGdFdvUHk3dzBkc2dNZjRyZDNvSEppNmllSTBVUVpH?= =?utf-8?B?bXlJbFBjYTNLek5wemVPdzlGNEFDZVMvN2NTWXIwc2hPT1FrYlFHc2h5L1dJ?= =?utf-8?B?TGlucnFPbHFFeVozY2RyY3JuK1VvVThCeThWNWVtMW5ubDFUSVcxYm1XZTcx?= =?utf-8?B?NDR0Y1VEZ0ZleGZaOVBBcEVIVXdaUFZ1SFM5b0J3MW9VeFppOElaYU5tVnBI?= =?utf-8?Q?s9kx50Zf5lRKS2J/0o2vi+4=3D?= Content-Type: text/plain; charset="UTF-8" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: AS8PR10MB7875.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 3d837859-21a8-4c7d-9ee7-08dda3fc1cdd X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jun 2025 06:42:16.7810 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Z0BaFO6QAifVgqdoxU3i+FWlp7jverzQnqNB6Wr2QRj1QTURdeho36gq/kihuFoL0z27sQEIyOcSy+cJcoaigeotsKOEtfuYNeB19WmdVyo= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB3140 X-Original-Sender: cedric.hombourger@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="p7uS1O/C"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of cedric.hombourger@siemens.com designates 2a01:111:f403:260e::61c as permitted sender) smtp.mailfrom=cedric.hombourger@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: "cedric.hombourger@siemens.com" Reply-To: "cedric.hombourger@siemens.com" Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-TUID: PqnVAEBrLBly On Thu, 2025-05-22 at 14:32 +0000, Moessbauer, Felix (FT RPD CED OES- DE) wrote: > On Mon, 2025-05-19 at 13:57 +0200, Cedric Hombourger wrote: > > "sudo chroot" is used in several places to run commands inside > > rootfs > > directories constructed by Isar. There are cases where a command > > could > > be used without elevated privileges as long as special folders such > > as > > /isar-apt are mounted (they are often referenced as /isar-apt in > > configuration files found in the target rootfs). For such cases, > > bubblewrap may be used to create a non-privileged namespace (either > > in a bare/native environment or within a docker/podman container) > > where the command will be executed as if chroot had been used. The > > rootfs may also be the host root file-system: this should however > > be used with care to avoid host contamination problems (note: Isar > > already relies on a number of host tools). >=20 > Hi, this looks promising. I gave it a try on some of our internal > layers (arm64) in a custom kas container under podman. >=20 > I'm wondering if this could also be used to run the apt in > do_rootfs_install natively (maybe in combination with dpkg --root). >=20 > Tested-by: Felix Moessbauer Dear maintainers, can we move forward with these changes or are there any concerns that need to be addressed? Thank you! >=20 > Felix >=20 > >=20 > > Signed-off-by: Cedric Hombourger > > --- > > =C2=A0RECIPE-API-CHANGELOG.md=C2=A0=C2=A0=C2=A0=C2=A0 |=C2=A0 6 ++++ > > =C2=A0doc/user_manual.md=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 |=C2=A0 1 + > > =C2=A0meta/classes/rootfs.bbclass | 66 > > +++++++++++++++++++++++++++++++++++++ > > =C2=A03 files changed, 73 insertions(+) > >=20 > > diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md > > index a4cf1338..725737b2 100644 > > --- a/RECIPE-API-CHANGELOG.md > > +++ b/RECIPE-API-CHANGELOG.md > > @@ -722,3 +722,9 @@ Optional fields of the isar-apt repo can be > > controlled by adding to the > > =C2=A0 > > =C2=A0Changes in next > > =C2=A0--------------- > > + > > +### Require bubblewrap to run non-privileged commands with bind- > > mounts > > + > > +Isar occasionally needs to run commands within root file-systems > > that it > > +builds and with several bind-mounts (e.g. /isar-apt). bubblewrap > > may > > be > > +used in Isar classes instead of `sudo chroot`. > > diff --git a/doc/user_manual.md b/doc/user_manual.md > > index 0dc317c3..3cf1a9aa 100644 > > --- a/doc/user_manual.md > > +++ b/doc/user_manual.md > > @@ -75,6 +75,7 @@ Install the following packages: > > =C2=A0``` > > =C2=A0apt install \ > > =C2=A0=C2=A0 binfmt-support \ > > +=C2=A0 bubblewrap \ > > =C2=A0=C2=A0 bzip2 \ > > =C2=A0=C2=A0 mmdebstrap \ > > =C2=A0=C2=A0 arch-test \ > > diff --git a/meta/classes/rootfs.bbclass > > b/meta/classes/rootfs.bbclass > > index 5f877962..5b96b414 100644 > > --- a/meta/classes/rootfs.bbclass > > +++ b/meta/classes/rootfs.bbclass > > @@ -34,6 +34,72 @@ export LANG =3D "C" > > =C2=A0export LANGUAGE =3D "C" > > =C2=A0export LC_ALL =3D "C" > > =C2=A0 > > +# Execute a command against a rootfs and with isar-apt bind- > > mounted. > > +# Additional mounts may be specified using --bind > > > > and a > > +# custom directory for the command to be executed with --chdir > > . The > > +# command is assumed to follow the special "--" argument. This > > would > > replace > > +# "sudo chroot" calls especially when a native command may be used > > instead of > > +# chroot'ed command and without elevated privileges (the command > > will likely > > +# take the rootfs as argument; e.g. apt-get -o Dir=3D${ROOTFSDIR}). > > If > > the > > +# optional rootfs argument is omitted, the host rootfs will be > > used > > (e.g. to > > +# run native commands): this should be used with care. > > +# > > +# Usage: rootfs_cmd [options] [rootfs] -- command > > +# > > +rootfs_cmd() { > > +=C2=A0=C2=A0=C2=A0 set -- "$@" > > +=C2=A0=C2=A0=C2=A0 bwrap_args=3D"--bind ${REPO_ISAR_DIR}/${DISTRO} /is= ar-apt" > > +=C2=A0=C2=A0=C2=A0 rootfs=3D"" > > + > > +=C2=A0=C2=A0=C2=A0 while [ "${#}" -gt "0" ] && [ "${1}" !=3D "--" ]; d= o > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 case "${1}" in > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --b= ind) > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 if [ "${#}" -lt "3" ]; then > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "--bind requires two = arguments" > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 fi > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args} --bind ${2} ${3}" > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 shift 3 > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 ;; > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --c= hdir) > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 if [ "${#}" -lt "2" ]; then > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "${1} requires an arg= ument" > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 fi > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args} ${1} ${2}" > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 shift 2 > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 ;; > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 -*) > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 bbfatal "${1} is not a supported option!" > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 ;; > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 *) > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 if [ -z "${rootfs}" ]; then > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 rootfs=3D"${1}" > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 shift > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 else > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "unexpected argument = '${1}'" > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 fi > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 ;; > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 esac > > +=C2=A0=C2=A0=C2=A0 done > > + > > +=C2=A0=C2=A0=C2=A0 if [ -n "${rootfs}" ]; then > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args}= --bind ${rootfs} ${rootfs}" > > +=C2=A0=C2=A0=C2=A0 fi > > + > > +=C2=A0=C2=A0=C2=A0 if [ "${#}" -le "1" ] || [ "${1}" !=3D "--" ]; then > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bbfatal "no command specifi= ed (missing --)" > > +=C2=A0=C2=A0=C2=A0 fi > > +=C2=A0=C2=A0=C2=A0 shift=C2=A0 # remove "--", command and its argument= s follows > > + > > +=C2=A0=C2=A0=C2=A0 for ro_d in bin etc lib lib64 sys usr var; do > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 [ -d ${rootfs}/${ro_d} ] ||= continue > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 bwrap_args=3D"${bwrap_args}= --ro-bind ${rootfs}/${ro_d} > > /${ro_d}" > > +=C2=A0=C2=A0=C2=A0 done > > + > > +=C2=A0=C2=A0=C2=A0 bwrap --unshare-user --unshare-pid ${bwrap_args} \ > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 --dev-bind /dev /dev --proc= /proc --tmpfs /tmp \ > > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 -- "${@}" > > +} > > + > > =C2=A0rootfs_do_mounts[weight] =3D "3" > > =C2=A0rootfs_do_mounts() { > > =C2=A0=C2=A0=C2=A0=C2=A0 sudo -s <<'EOSUDO' >=20 --=20 Cedric Hombourger Siemens AG www.siemens.com --=20 You received this message because you are subscribed to the Google Groups "= isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to isar-users+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/isar-users/= b38288e179d92bca6d70957fba9b441145dcb76b.camel%40siemens.com.