[OE-core] [PATCH 1/3] update_gio_module_cache: fix host user contamination

Peter Kjellerstedt peter.kjellerstedt at axis.com
Wed Mar 29 23:54:33 UTC 2017 

From: openembedded-core-bounces at lists.openembedded.org [mailto:openembedded-core-bounces at lists.openembedded.org] On Behalf Of Christopher Larson
Sent: den 29 mars 2017 22:40
To: Andrea Adami
Cc: openembedded-core
Subject: Re: [OE-core] [PATCH 1/3] update_gio_module_cache: fix host user contamination


On Wed, Mar 29, 2017 at 1:33 PM, Andrea Adami <andrea.adami at gmail.com<mailto:andrea.adami at gmail.com>> wrote:
On Tue, Mar 28, 2017 at 6:14 PM, Christopher Larson <kergoth at gmail.com<mailto:kergoth at gmail.com>> wrote:
> From: Abdur Rehman <abdur_rehman at mentor.com<mailto:abdur_rehman at mentor.com>>
>
> update_gio_module_cache intercept creates file:
> $D${libdir}/gio/modules/giomodule.cache
>
> Change ownership of this file to root:root to avoid user contamination
> by host.
>
> Signed-off-by: Abdur Rehman <abdur_rehman at mentor.com<mailto:abdur_rehman at mentor.com>>
> Signed-off-by: Christopher Larson <chris_larson at mentor.com<mailto:chris_larson at mentor.com>>
> ---
>  scripts/postinst-intercepts/update_gio_module_cache | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/scripts/postinst-intercepts/update_gio_module_cache b/scripts/postinst-intercepts/update_gio_module_cache
> index fe468092cf..92092f2144 100644
> --- a/scripts/postinst-intercepts/update_gio_module_cache
> +++ b/scripts/postinst-intercepts/update_gio_module_cache
> @@ -5,3 +5,5 @@ set -e
>  PSEUDO_UNLOAD=1 qemuwrapper -L $D -E LD_LIBRARY_PATH=$D${libdir}:$D${base_libdir} \
>          $D${libexecdir}/${binprefix}gio-querymodules $D${libdir}/gio/modules/
>
> +chown root:root $D${libdir}/gio/modules/giomodule.cache
> +
> --
> 2.11.1
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org<mailto:Openembedded-core at lists.openembedded.org>
> http://lists.openembedded.org/mailman/listinfo/openembedded-core


Hello,
There must be something wrong with this patch.
After fresh pull of an hour ago I git:

andrea at ThinkPad-T520:/oe/oe-core/build$ bitbake core-image-base
Loading cache: 100% |############################################| Time: 0:00:00
Loaded 2095 entries from dependency cache.
NOTE: Resolving any missing task queue dependencies

Build Configuration:
BB_VERSION        = "1.33.2"
BUILD_SYS         = "x86_64-linux"
NATIVELSBSTRING   = "ubuntu-16.04"
TARGET_SYS        = "arm-oe-linux-gnueabi"
MACHINE           = "c7x0"
DISTRO            = "nodistro"
DISTRO_VERSION    = "nodistro.0"
TUNE_FEATURES     = "arm armv5 thumb dsp"
TARGET_FPU        = "soft"
meta              = "master:c187326afcf1e9d781c1bd0923e1362a6f50f613"
meta-handheld     = "master:f88f5bc546ec18de232a91dc1c8185ad242c45f7"
meta-oe
meta-initramfs    = "master:225e64d95bc41077782815f3dceb6f2d1a42b167"

Initialising tasks: 100% |#######################################| Time: 0:00:08
NOTE: Executing SetScene Tasks
NOTE: Executing RunQueue Tasks
WARNING: core-image-base-1.0-r0 do_rootfs: The postinstall intercept
hook 'update_gio_module_cache' failed (exit code: 1)! See log for
details! (Output: b'')
WARNING: core-image-base-1.0-r0 do_rootfs: The postinstalls for the
following packages will be postponed for first boot: libglib-2.0-0
NOTE: Tasks Summary: Attempted 3440 tasks of which 3427 didn't need to
be rerun and all succeeded.

Odd, we’ve been running with this applied for ages. Is there anything useful in do_rootfs? I’ll attempt to repro here. Thanks, and sorry for the hassle.
--
Christopher Larson
kergoth at gmail dot com
Founder - BitBake, OpenEmbedded, OpenZaurus
Senior Software Engineer, Mentor Graphics

I have sent a patch to fix this. The interesting part from the log was:

chown: cannot access `${WORKDIR}/rootfs/usr/lib/gio/modules/giomodule.cache': No such file or directory

One thing that confuses me though is the “(Output: b'')” part in the warning below:

WARNING: core-image-base-1.0-r0 do_rootfs: The postinstall intercept hook 'update_gio_module_cache' failed (exit code: 1)! See log for details! (Output: b'')

What does that b'' mean?

//Peter

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20170329/d17ac585/attachment-0002.html>

More information about the Openembedded-core mailing list