[OE-core] [PATCH 1/3] update_gio_module_cache: fix host user contamination

Jussi Kukkonen jussi.kukkonen at intel.com
Thu Mar 30 08:54:07 UTC 2017 

On 30 March 2017 at 00:08, Andrea Adami <andrea.adami at gmail.com> wrote:

> On Wed, Mar 29, 2017 at 10:40 PM, Christopher Larson <kergoth at gmail.com>
> wrote:
> >
> > On Wed, Mar 29, 2017 at 1:33 PM, Andrea Adami <andrea.adami at gmail.com>
> > wrote:
> >>
> >> On Tue, Mar 28, 2017 at 6:14 PM, Christopher Larson <kergoth at gmail.com>
> >> wrote:
> >> > From: Abdur Rehman <abdur_rehman at mentor.com>
> >> >
> >> > update_gio_module_cache intercept creates file:
> >> > $D${libdir}/gio/modules/giomodule.cache
> >> >
> >> > Change ownership of this file to root:root to avoid user contamination
> >> > by host.
> >> >
> >> > Signed-off-by: Abdur Rehman <abdur_rehman at mentor.com>
> >> > Signed-off-by: Christopher Larson <chris_larson at mentor.com>
> >> > ---
> >> >  scripts/postinst-intercepts/update_gio_module_cache | 2 ++
> >> >  1 file changed, 2 insertions(+)
> >> >
> >> > diff --git a/scripts/postinst-intercepts/update_gio_module_cache
> >> > b/scripts/postinst-intercepts/update_gio_module_cache
> >> > index fe468092cf..92092f2144 100644
> >> > --- a/scripts/postinst-intercepts/update_gio_module_cache
> >> > +++ b/scripts/postinst-intercepts/update_gio_module_cache
> >> > @@ -5,3 +5,5 @@ set -e
> >> >  PSEUDO_UNLOAD=1 qemuwrapper -L $D -E
> >> > LD_LIBRARY_PATH=$D${libdir}:$D${base_libdir} \
> >> >          $D${libexecdir}/${binprefix}gio-querymodules
> >> > $D${libdir}/gio/modules/
> >> >
> >> > +chown root:root $D${libdir}/gio/modules/giomodule.cache
> >> > +
> >> > --
> >> > 2.11.1
> >> >
> >> > --
> >> > _______________________________________________
> >> > Openembedded-core mailing list
> >> > Openembedded-core at lists.openembedded.org
> >> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
> >>
> >>
> >> Hello,
> >> There must be something wrong with this patch.
> >> After fresh pull of an hour ago I git:
> >>
> >> andrea at ThinkPad-T520:/oe/oe-core/build$ bitbake core-image-base
> >> Loading cache: 100% |############################################|
> Time:
> >> 0:00:00
> >> Loaded 2095 entries from dependency cache.
> >> NOTE: Resolving any missing task queue dependencies
> >>
> >> Build Configuration:
> >> BB_VERSION        = "1.33.2"
> >> BUILD_SYS         = "x86_64-linux"
> >> NATIVELSBSTRING   = "ubuntu-16.04"
> >> TARGET_SYS        = "arm-oe-linux-gnueabi"
> >> MACHINE           = "c7x0"
> >> DISTRO            = "nodistro"
> >> DISTRO_VERSION    = "nodistro.0"
> >> TUNE_FEATURES     = "arm armv5 thumb dsp"
> >> TARGET_FPU        = "soft"
> >> meta              = "master:c187326afcf1e9d781c1bd0923e1362a6f50f613"
> >> meta-handheld     = "master:f88f5bc546ec18de232a91dc1c8185ad242c45f7"
> >> meta-oe
> >> meta-initramfs    = "master:225e64d95bc41077782815f3dceb6f2d1a42b167"
> >>
> >> Initialising tasks: 100% |#######################################|
> Time:
> >> 0:00:08
> >> NOTE: Executing SetScene Tasks
> >> NOTE: Executing RunQueue Tasks
> >> WARNING: core-image-base-1.0-r0 do_rootfs: The postinstall intercept
> >> hook 'update_gio_module_cache' failed (exit code: 1)! See log for
> >> details! (Output: b'')
> >> WARNING: core-image-base-1.0-r0 do_rootfs: The postinstalls for the
> >> following packages will be postponed for first boot: libglib-2.0-0
> >> NOTE: Tasks Summary: Attempted 3440 tasks of which 3427 didn't need to
> >> be rerun and all succeeded.
> >
> >
> > Odd, we’ve been running with this applied for ages. Is there anything
> useful
> > in do_rootfs? I’ll attempt to repro here. Thanks, and sorry for the
> hassle.
> > --
>
> There is just a laconical message:
>
> NOTE: Running intercept scripts:
> NOTE: > Executing update_gio_module_cache intercept ...
> chown: cannot access
> '/tmp/build/tmp-glibc/work/c7x0-oe-linux-gnueabi/core-
> image-base/1.0-r0/rootfs/usr/lib/gio/modules/giomodule.cache':
> No such file or directory
>
> Here the permissions:
> andrea at ThinkPad-T520:/tmp/build/tmp-glibc/work/c7x0-oe-
> linux-gnueabi/core-image-base/1.0-r0/rootfs/usr/lib/gio$
> ls -al
> total 0
> drwxr-xr-x 3 andrea andrea   60 mar 29 21:33 .
> drwxr-xr-x 6 andrea andrea 1660 mar 29 22:51 ..
> drwxr-xr-x 2 andrea andrea   40 mar 29 21:33 modules
>

Can you check if usr/lib/gio/modules/giomodule.cache really exists or not?
And if it does not, what the gio-querymodules call looks like in
temp/run.do_rootfs?

Jussi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20170330/fa6105c4/attachment-0002.html>

More information about the Openembedded-core mailing list