[OE-core] [PATCH v4 1/3] image.bbclass: add prohibited-paths QA test
Otavio Salvador
otavio.salvador at ossystems.com.br
Thu Nov 16 17:58:48 UTC 2017
On Thu, Nov 16, 2017 at 1:05 PM, Martyn Welch
<martyn.welch at collabora.co.uk> wrote:
> Sometimes we wish to ensure that files or directories are not installed
> somewhere that may prove detrimental to the operation of the system. For
> example, this may be the case if files are placed in a directory that is
> utilised as a mount point at run time, thus making them inaccessible once
> when the mount point is being utilised.
>
> Implement the prohibited paths QA test, which enables such locations to be
> specified in a "IMAGE_QA_PROHIBITED_PATHS" variable. This implementation
> allows for a colon separated list of paths to be provided. Shell style
> wildcards can be used.
>
> Signed-off-by: Fabien Lahoudere <fabien.lahoudere at collabora.co.uk>
> Signed-off-by: Martyn Welch <martyn.welch at collabora.co.uk>
> ---
> Changes since v1:
> - Correcting author and SOB.
>
> Changes since v2:
> - Reimplemented as image rather than package level QA test.
> - Changed variable from PROHIBITED_PATH to PROHIBITED_PATHS to better
> reflect its use.
>
> Changes since v3:
> - Rename variable to IMAGE_QA_PROHIBITED_PATHS.
> - Use str.startswith().
> - Simplify if statement.
>
> meta/classes/image.bbclass | 20 ++++++++++++++++++++
> 1 file changed, 20 insertions(+)
>
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index d93de02..9053ce3 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -296,6 +296,26 @@ python do_image_complete_setscene () {
> }
> addtask do_image_complete_setscene
>
> +python image_check_prohibited_paths () {
> + import glob
> + from oe.utils import ImageQAFailed
> +
> + rootfs = d.getVar('IMAGE_ROOTFS')
> +
> + path = (d.getVar('IMAGE_QA_PROHIBITED_PATHS') or "")
> + if path != "":
> + for p in path.split(':'):
> + if not p.startswith('/'):
> + raise ImageQAFailed("IMAGE_QA_PROHIBITED_PATHS \"%s\" must be an absolute path" % p, image_check_prohibited_paths)
> +
> + match = glob.glob("%s%s" % (rootfs, p))
> + if match:
> + loc = ", ".join(item.replace(rootfs, '') for item in match)
> + raise ImageQAFailed("Match(es) for IMAGE_QA_PROHIBITED_PATHS \"%s\": %s" % (p, loc), image_check_prohibited_paths)
> +}
for p in path.split(':'):
if not p.startswith('/'):
so you can drop the if path != "".
An empty list won't go inside the for. Each item needs to be tested.
> +IMAGE_QA_COMMANDS += "image_check_prohibited_paths"
> +
> # Add image-level QA/sanity checks to IMAGE_QA_COMMANDS
> #
> # IMAGE_QA_COMMANDS += " \
> --
> 2.1.4
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
--
Otavio Salvador O.S. Systems
http://www.ossystems.com.br http://code.ossystems.com.br
Mobile: +55 (53) 9981-7854 Mobile: +1 (347) 903-9750
More information about the Openembedded-core
mailing list