[OE-core] issue with file-ownership in images

Andreas Müller schnitzeltony at googlemail.com
Thu Apr 17 09:07:06 UTC 2014 

Hi,

I know it is release-panic but at least for me this is an issue
causing lots of headaches.

Symptom:
In case a recipe changes ownership of files during install, file UIDs
& GIDs are found with incorrect values in image - at least for opkg
(this is what I have tested so far).

To investigate, I created an image containing polkit with the patch
attached. Polkit was chosen because it is not working: no rules are
analyzed due to missing access rights caused by wrong ownership.

log.do_rootfs shows:
| Installing polkit (0.112-r0) to root...
| Downloading file:/home/a.mueller/tmp/oe-core-eglibc/deploy/ipk/armv7at2hf-vfp-neon/polkit_0.112-r0_armv7at2hf-vfp-neon.ipk.
...
| update_unamecache returned false for polkitd UID: 995
...
| update_unamecache returned false for polkitd UID: 995
...
| Running useradd commands...
| NOTE: Performing useradd with [--root
/home/a.mueller/tmp/oe-core-eglibc/work/overo-angstrom-linux-gnueabi/xfce4-tiny-image/1.0-r0/rootfs
--system --no-create-home --user-group --home-dir /etc/polkit-1
polkitd] and 10 times of retry
| update_unamecache returned true for  UID: 0
...

The code creating this log is:
    if (update_unamecache(tar.formated.uname))
    {
        tar_entry->uid = uid_cache;
        opkg_msg(NOTICE,"update_unamecache returned true for %s UID:
%i\n", tar.formated.uname, tar_entry->uid);
    }
    else
    {
        tar_entry->uid = strtol(tar.formated.uid, NULL, 8);
        opkg_msg(NOTICE,"update_unamecache returned false for %s UID:
%i\n", tar.formated.uname, tar_entry->uid);
    }

Conclusion:
opkg sets file ownership during unpacking ipk. At this time the
users/groups are not found in the image since preinst has not run yet.
So opkg decides to set the UID/GID which were found during install as
fallback. These IDs are coming from sysroot and are different form
those found in the image. I checked: polkit has 995 in sysroot but
image ends up with 997 for polkit.

I did some attempts to change order of operations in opkg but these
did not lead to some improvement yet - and I have no idea if other
package-managers are affected too.

So anybody around with more experience and willing to take care or give hints?

Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-opkg-add-debug-messages-to-analyse-polkit-s-file-own.patch
Type: text/x-patch
Size: 2633 bytes
Desc: not available
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20140417/1b96bed2/attachment-0002.bin>

More information about the Openembedded-core mailing list