[OE-core] dbus build host uid/gid leaking into target home directory
Martin Jansa
martin.jansa at gmail.com
Tue Oct 14 09:45:53 UTC 2014
On Tue, Oct 14, 2014 at 11:43:34AM +0200, Martin Jansa wrote:
> On Tue, Oct 14, 2014 at 07:23:52AM +0100, Paul Barker wrote:
> > On 13 October 2014 10:13, Paul Eggleton <paul.eggleton at linux.intel.com> wrote:
> > > On Sunday 12 October 2014 16:05:41 Peter A. Bigot wrote:
> > >> Pilot error. This ultimately turned out to be a side-effect of the way
> > >> I create my image media: I unpacking the rootfs tar file onto a mounted
> > >> sdcard outside the pseudo environment and forgot that tar records
> > >> user/group by name not uid/gid.
> > >
> > > I used to use this method previously, and I guess it can still work if you're
> > > not including certain packages in your image - but I wonder if we should note
> > > this potential pitfall somewhere in the documentation. I'm not entirely sure
> > > where such a note would go, though.
> > >
> >
> > It probably does need noting somewhere - I've been doing exactly this
> > for the last year or so and never even thought that I might be risking
> > bad uid/gid values. It makes sense now I think about it but it never
> > crossed my mind.
> >
> > Looking at 'man tar', there is a '--numeric-owner' option to always
> > use numbers for user/group names. It might just be that we need to
> > recommend using this option when untarring a rootfs onto a mounted
> > volume. This option is present in GNU tar, I'm not sure about other
> > implementations, and I haven't given it a proper test, but it looks
> > like the thing we want.
>
> It's not supported in busybox's tar implementation at least wasn't with
> default config last time I've checked couple years ago - we're using it
> since then without any issues.
More info
http://lists.openembedded.org/pipermail/openembedded-core/2011-December/053866.html
--
Martin 'JaMa' Jansa jabber: Martin.Jansa at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20141014/435cdc3e/attachment-0002.sig>
More information about the Openembedded-core
mailing list