[OE-core] [PATCH 1/3] update_gio_module_cache: fix host user contamination
Peter Kjellerstedt
peter.kjellerstedt at axis.com
Wed Mar 29 23:54:33 UTC 2017
From: openembedded-core-bounces at lists.openembedded.org [mailto:openembedded-core-bounces at lists.openembedded.org] On Behalf Of Christopher Larson
Sent: den 29 mars 2017 22:40
To: Andrea Adami
Cc: openembedded-core
Subject: Re: [OE-core] [PATCH 1/3] update_gio_module_cache: fix host user contamination
On Wed, Mar 29, 2017 at 1:33 PM, Andrea Adami <andrea.adami at gmail.com<mailto:andrea.adami at gmail.com>> wrote:
On Tue, Mar 28, 2017 at 6:14 PM, Christopher Larson <kergoth at gmail.com<mailto:kergoth at gmail.com>> wrote:
> From: Abdur Rehman <abdur_rehman at mentor.com<mailto:abdur_rehman at mentor.com>>
>
> update_gio_module_cache intercept creates file:
> $D${libdir}/gio/modules/giomodule.cache
>
> Change ownership of this file to root:root to avoid user contamination
> by host.
>
> Signed-off-by: Abdur Rehman <abdur_rehman at mentor.com<mailto:abdur_rehman at mentor.com>>
> Signed-off-by: Christopher Larson <chris_larson at mentor.com<mailto:chris_larson at mentor.com>>
> ---
> scripts/postinst-intercepts/update_gio_module_cache | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/scripts/postinst-intercepts/update_gio_module_cache b/scripts/postinst-intercepts/update_gio_module_cache
> index fe468092cf..92092f2144 100644
> --- a/scripts/postinst-intercepts/update_gio_module_cache
> +++ b/scripts/postinst-intercepts/update_gio_module_cache
> @@ -5,3 +5,5 @@ set -e
> PSEUDO_UNLOAD=1 qemuwrapper -L $D -E LD_LIBRARY_PATH=$D${libdir}:$D${base_libdir} \
> $D${libexecdir}/${binprefix}gio-querymodules $D${libdir}/gio/modules/
>
> +chown root:root $D${libdir}/gio/modules/giomodule.cache
> +
> --
> 2.11.1
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org<mailto:Openembedded-core at lists.openembedded.org>
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
Hello,
There must be something wrong with this patch.
After fresh pull of an hour ago I git:
andrea at ThinkPad-T520:/oe/oe-core/build$ bitbake core-image-base
Loading cache: 100% |############################################| Time: 0:00:00
Loaded 2095 entries from dependency cache.
NOTE: Resolving any missing task queue dependencies
Build Configuration:
BB_VERSION = "1.33.2"
BUILD_SYS = "x86_64-linux"
NATIVELSBSTRING = "ubuntu-16.04"
TARGET_SYS = "arm-oe-linux-gnueabi"
MACHINE = "c7x0"
DISTRO = "nodistro"
DISTRO_VERSION = "nodistro.0"
TUNE_FEATURES = "arm armv5 thumb dsp"
TARGET_FPU = "soft"
meta = "master:c187326afcf1e9d781c1bd0923e1362a6f50f613"
meta-handheld = "master:f88f5bc546ec18de232a91dc1c8185ad242c45f7"
meta-oe
meta-initramfs = "master:225e64d95bc41077782815f3dceb6f2d1a42b167"
Initialising tasks: 100% |#######################################| Time: 0:00:08
NOTE: Executing SetScene Tasks
NOTE: Executing RunQueue Tasks
WARNING: core-image-base-1.0-r0 do_rootfs: The postinstall intercept
hook 'update_gio_module_cache' failed (exit code: 1)! See log for
details! (Output: b'')
WARNING: core-image-base-1.0-r0 do_rootfs: The postinstalls for the
following packages will be postponed for first boot: libglib-2.0-0
NOTE: Tasks Summary: Attempted 3440 tasks of which 3427 didn't need to
be rerun and all succeeded.
Odd, we’ve been running with this applied for ages. Is there anything useful in do_rootfs? I’ll attempt to repro here. Thanks, and sorry for the hassle.
--
Christopher Larson
kergoth at gmail dot com
Founder - BitBake, OpenEmbedded, OpenZaurus
Senior Software Engineer, Mentor Graphics
I have sent a patch to fix this. The interesting part from the log was:
chown: cannot access `${WORKDIR}/rootfs/usr/lib/gio/modules/giomodule.cache': No such file or directory
One thing that confuses me though is the “(Output: b'')” part in the warning below:
WARNING: core-image-base-1.0-r0 do_rootfs: The postinstall intercept hook 'update_gio_module_cache' failed (exit code: 1)! See log for details! (Output: b'')
What does that b'' mean?
//Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20170329/d17ac585/attachment-0002.html>
More information about the Openembedded-core
mailing list