[OE-core] [PATCH 1/3] update_gio_module_cache: fix host user contamination

[Andrea Adami]

On Wed, Mar 29, 2017 at 10:40 PM, Christopher Larson <kergoth at gmail.com> wrote:
>
> On Wed, Mar 29, 2017 at 1:33 PM, Andrea Adami <andrea.adami at gmail.com>
> wrote:
>>
>> On Tue, Mar 28, 2017 at 6:14 PM, Christopher Larson <kergoth at gmail.com>
>> wrote:
>> > From: Abdur Rehman <abdur_rehman at mentor.com>
>> >
>> > update_gio_module_cache intercept creates file:
>> > $D${libdir}/gio/modules/giomodule.cache
>> >
>> > Change ownership of this file to root:root to avoid user contamination
>> > by host.
>> >
>> > Signed-off-by: Abdur Rehman <abdur_rehman at mentor.com>
>> > Signed-off-by: Christopher Larson <chris_larson at mentor.com>
>> > ---
>> >  scripts/postinst-intercepts/update_gio_module_cache | 2 ++
>> >  1 file changed, 2 insertions(+)
>> >
>> > diff --git a/scripts/postinst-intercepts/update_gio_module_cache
>> > b/scripts/postinst-intercepts/update_gio_module_cache
>> > index fe468092cf..92092f2144 100644
>> > --- a/scripts/postinst-intercepts/update_gio_module_cache
>> > +++ b/scripts/postinst-intercepts/update_gio_module_cache
>> > @@ -5,3 +5,5 @@ set -e
>> >  PSEUDO_UNLOAD=1 qemuwrapper -L $D -E
>> > LD_LIBRARY_PATH=$D${libdir}:$D${base_libdir} \
>> >          $D${libexecdir}/${binprefix}gio-querymodules
>> > $D${libdir}/gio/modules/
>> >
>> > +chown root:root $D${libdir}/gio/modules/giomodule.cache
>> > +
>> > --
>> > 2.11.1
>> >
>> > --
>> > _______________________________________________
>> > Openembedded-core mailing list
>> > Openembedded-core at lists.openembedded.org
>> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
>>
>> Hello,
>> There must be something wrong with this patch.
>> After fresh pull of an hour ago I git:
>>
>> andrea at ThinkPad-T520:/oe/oe-core/build$ bitbake core-image-base
>> Loading cache: 100% |############################################| Time:
>> 0:00:00
>> Loaded 2095 entries from dependency cache.
>> NOTE: Resolving any missing task queue dependencies
>>
>> Build Configuration:
>> BB_VERSION        = "1.33.2"
>> BUILD_SYS         = "x86_64-linux"
>> NATIVELSBSTRING   = "ubuntu-16.04"
>> TARGET_SYS        = "arm-oe-linux-gnueabi"
>> MACHINE           = "c7x0"
>> DISTRO            = "nodistro"
>> DISTRO_VERSION    = "nodistro.0"
>> TUNE_FEATURES     = "arm armv5 thumb dsp"
>> TARGET_FPU        = "soft"
>> meta              = "master:c187326afcf1e9d781c1bd0923e1362a6f50f613"
>> meta-handheld     = "master:f88f5bc546ec18de232a91dc1c8185ad242c45f7"
>> meta-oe
>> meta-initramfs    = "master:225e64d95bc41077782815f3dceb6f2d1a42b167"
>>
>> Initialising tasks: 100% |#######################################| Time:
>> 0:00:08
>> NOTE: Executing SetScene Tasks
>> NOTE: Executing RunQueue Tasks
>> WARNING: core-image-base-1.0-r0 do_rootfs: The postinstall intercept
>> hook 'update_gio_module_cache' failed (exit code: 1)! See log for
>> details! (Output: b'')
>> WARNING: core-image-base-1.0-r0 do_rootfs: The postinstalls for the
>> following packages will be postponed for first boot: libglib-2.0-0
>> NOTE: Tasks Summary: Attempted 3440 tasks of which 3427 didn't need to
>> be rerun and all succeeded.
>
>
> Odd, we’ve been running with this applied for ages. Is there anything useful
> in do_rootfs? I’ll attempt to repro here. Thanks, and sorry for the hassle.
> --

There is just a laconical message:

NOTE: Running intercept scripts:
NOTE: > Executing update_gio_module_cache intercept ...
chown: cannot access
'/tmp/build/tmp-glibc/work/c7x0-oe-linux-gnueabi/core-image-base/1.0-r0/rootfs/usr/lib/gio/modules/giomodule.cache':
No such file or directory

Here the permissions:
andrea at ThinkPad-T520:/tmp/build/tmp-glibc/work/c7x0-oe-linux-gnueabi/core-image-base/1.0-r0/rootfs/usr/lib/gio$
ls -al
total 0
drwxr-xr-x 3 andrea andrea   60 mar 29 21:33 .
drwxr-xr-x 6 andrea andrea 1660 mar 29 22:51 ..
drwxr-xr-x 2 andrea andrea   40 mar 29 21:33 modules

Cheers
Andrea

> Christopher Larson
> kergoth at gmail dot com
> Founder - BitBake, OpenEmbedded, OpenZaurus
> Senior Software Engineer, Mentor Graphics