[OE-core] issue with file-ownership in images

Paul Barker paul at paulbarker.me.uk
Thu Apr 17 09:46:07 UTC 2014 

On 17 April 2014 10:07, Andreas Müller <schnitzeltony at googlemail.com> wrote:
> Hi,
>
> I know it is release-panic but at least for me this is an issue
> causing lots of headaches.
>
> Symptom:
> In case a recipe changes ownership of files during install, file UIDs
> & GIDs are found with incorrect values in image - at least for opkg
> (this is what I have tested so far).
>
> To investigate, I created an image containing polkit with the patch
> attached. Polkit was chosen because it is not working: no rules are
> analyzed due to missing access rights caused by wrong ownership.
>
> log.do_rootfs shows:
> | Installing polkit (0.112-r0) to root...
> | Downloading file:/home/a.mueller/tmp/oe-core-eglibc/deploy/ipk/armv7at2hf-vfp-neon/polkit_0.112-r0_armv7at2hf-vfp-neon.ipk.
> ...
> | update_unamecache returned false for polkitd UID: 995
> ...
> | update_unamecache returned false for polkitd UID: 995
> ...
> | Running useradd commands...
> | NOTE: Performing useradd with [--root
> /home/a.mueller/tmp/oe-core-eglibc/work/overo-angstrom-linux-gnueabi/xfce4-tiny-image/1.0-r0/rootfs
> --system --no-create-home --user-group --home-dir /etc/polkit-1
> polkitd] and 10 times of retry
> | update_unamecache returned true for  UID: 0
> ...
>
> The code creating this log is:
>     if (update_unamecache(tar.formated.uname))
>     {
>         tar_entry->uid = uid_cache;
>         opkg_msg(NOTICE,"update_unamecache returned true for %s UID:
> %i\n", tar.formated.uname, tar_entry->uid);
>     }
>     else
>     {
>         tar_entry->uid = strtol(tar.formated.uid, NULL, 8);
>         opkg_msg(NOTICE,"update_unamecache returned false for %s UID:
> %i\n", tar.formated.uname, tar_entry->uid);
>     }
>

As a slight aside to the immediate problem, the update_unamecache() in
opkg v0.2.x is fairly ugly and is removed in the current development
sources (which will become opkg v0.3.0). Instead, libarchive is used
for package extraction and it has a more flexible interface for uid
and gid lookup. It would certainly be possible to add options to the
next version of opkg to lookup uids & gids from a given passwd & group
file (which could be those from the sysroot). Is that something that
would be useful in the future?

> Conclusion:
> opkg sets file ownership during unpacking ipk. At this time the
> users/groups are not found in the image since preinst has not run yet.
> So opkg decides to set the UID/GID which were found during install as
> fallback. These IDs are coming from sysroot and are different form
> those found in the image. I checked: polkit has 995 in sysroot but
> image ends up with 997 for polkit.
>
> I did some attempts to change order of operations in opkg but these
> did not lead to some improvement yet - and I have no idea if other
> package-managers are affected too.
>
> So anybody around with more experience and willing to take care or give hints?

For the problem at hand, do we know if this a new issue or was it
present in the dora or dylan branches of OE?

>
> Andreas
>

Many thanks,

-- 
Paul Barker

Email: paul at paulbarker.me.uk
http://www.paulbarker.me.uk

More information about the Openembedded-core mailing list