From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6906006289225089024 X-Received: by 2002:a9d:12a1:: with SMTP id g30mr19100038otg.331.1607949673665; Mon, 14 Dec 2020 04:41:13 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a9d:6841:: with SMTP id c1ls4253036oto.8.gmail; Mon, 14 Dec 2020 04:41:11 -0800 (PST) X-Google-Smtp-Source: ABdhPJzDPnaZKOXIxbzUwQvYbYRaR5IDDiRUGGHXDsUycjKzHBL5MFvu+lv71UA0v4ujDEnR5KMl X-Received: by 2002:a9d:8e2:: with SMTP id 89mr18967996otf.215.1607949670287; Mon, 14 Dec 2020 04:41:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1607949670; cv=none; d=google.com; s=arc-20160816; b=gSijA4LwX+oEJLMCeppLAFJDJPYwHT+a5c4iT8DbApsA/qlAzw5pZznNnFx5LIcFe+ 88VoLZA43dSSY1N+QfiWCc7OdDEMGvFXayCjReaP36krW6CqhDR7XJ/ScUvNly4Pmha1 1qSlxGLrX+Ga2CujYL3BocnJjOACCWsfEyuRPdOjj7OpnvHZ5yOivp8bflhOAuK0wOkh BnPWbVb8o5ecgJp58jfmxd82EpXUfFffj1YMDfNd84T71EwT7lPwAmw2OD2Hi8mJSV/e YNA2qre5NRZ8InqqbUZPaJzU77+a7X2olweDXqveUVbmOMfkTO0sOqZ5934QZq/GNiq8 oOdA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :user-agent:date:message-id:from:references:cc:to:subject; bh=vMH3f+Kpqxcy6Pxpd3/0JOCtkIptw1rrwDQs8Wdip+Y=; b=xAwaTEvcjHtcPHKOmPiF1wbiinnJLyge5B5MItZ1uERA95l8cBO2oofHx3oG26J18I GA6IGk+SPH3QPY8WrraBM7srVDns6GXMv9TjqJ9tYSHMEuVOmOEkl4zRnMpbxZkY742C itDySqw/3K+2crKBO1Zd13KP+h6oWvrVlu8EVtUhJMv5wFpus0CKgfo3VjFBuUZ6G0Vi XBf2as1sjgALxmz9VeOvdxFgKqmrpx1FEQwH+h+GLZpTfl7mtfJYeNK5dEelvVS4OlTa yzGOWzd8EERjZky7hOPOkmDdSvZX0ILTHH1B3D/LgJ39FB8FcF31NpqjJJNGnzr6EEY6 1uSg== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 194.138.37.40 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from gecko.sbs.de (gecko.sbs.de. [194.138.37.40]) by gmr-mx.google.com with ESMTPS id w68si1340956oia.4.2020.12.14.04.41.09 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 14 Dec 2020 04:41:10 -0800 (PST) Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 194.138.37.40 as permitted sender) client-ip=194.138.37.40; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 194.138.37.40 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by gecko.sbs.de (8.15.2/8.15.2) with ESMTPS id 0BECRV2K007641 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Mon, 14 Dec 2020 13:27:31 +0100 Received: from [167.87.38.225] ([167.87.38.225]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id 0BECRURk000601; Mon, 14 Dec 2020 13:27:30 +0100 Subject: Re: [PATCH 1/6] meta: image: Account for Ubuntu differences in do_copy_boot_files To: Henning Schild Cc: isar-users References: <20201214131630.0dd0f131@md1za8fc.ad001.siemens.net> From: Jan Kiszka Message-ID: Date: Mon, 14 Dec 2020 13:27:30 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 MIME-Version: 1.0 In-Reply-To: <20201214131630.0dd0f131@md1za8fc.ad001.siemens.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-TUID: iJopGFdUcnK0 On 14.12.20 13:16, Henning Schild wrote: > Am Mon, 14 Dec 2020 08:11:22 +0100 > schrieb Jan Kiszka : > >> From: Jan Kiszka >> >> Ubuntu places kernel and initrd links under /boot. Furthermore, it >> makes the kernel unreadable for non-root users. Account for the >> latter by cat'ing the kernel under sudo, redirecting the output to >> the deployment artifact so that it is owned by the building user. >> >> Signed-off-by: Jan Kiszka >> --- >> meta/classes/image.bbclass | 9 ++++++--- >> 1 file changed, 6 insertions(+), 3 deletions(-) >> >> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass >> index 74fc8500..eddc4449 100644 >> --- a/meta/classes/image.bbclass >> +++ b/meta/classes/image.bbclass >> @@ -132,15 +132,18 @@ EOF >> >> do_copy_boot_files[dirs] = "${DEPLOY_DIR_IMAGE}" >> do_copy_boot_files() { >> - kernel="$(realpath -q '${IMAGE_ROOTFS}/vmlinuz')" >> + kernel="$(realpath -q '${IMAGE_ROOTFS}'/vmlinu[xz])" >> if [ ! -f "$kernel" ]; then >> - kernel="$(realpath -q '${IMAGE_ROOTFS}/vmlinux')" >> + kernel="$(realpath -q '${IMAGE_ROOTFS}'/boot/vmlinu[xz])" >> fi >> if [ -f "$kernel" ]; then >> - cp -f "$kernel" '${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGE}' >> + sudo cat "$kernel" > "${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGE}" > > Why "cat" instead of "cp"? I think the real trick is the sudo anyways. > "Furthermore, it makes the kernel unreadable for non-root users. Account for the latter by cat'ing the kernel under sudo, redirecting the output to the deployment artifact so that it is owned by the building user." Jan > Henning > >> fi >> >> initrd="$(realpath -q '${IMAGE_ROOTFS}/initrd.img')" >> + if [ ! -f "$initrd" ]; then >> + initrd="$(realpath -q '${IMAGE_ROOTFS}/boot/initrd.img')" >> + fi >> if [ -f "$initrd" ]; then >> cp -f "$initrd" '${DEPLOY_DIR_IMAGE}/${INITRD_IMAGE}' >> fi > -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux