[OE-core] HA: [PATCH] util-linux: fix owner and group for binaries in resulting image
Popov Anton
Anton.Popov at t-platforms.ru
Tue May 7 12:47:17 UTC 2019
Hi,
I don't think so. At the moment we are using rocko release and found this problem in util-linux-2.30 recipe.
the problem is that util-linux builds with regular user permissions and result files are owned by user with uid 1000 in our case. for most of binaries in /bin and /sbin generated by util-linux this permissions issue is not a problem (Because all binaries has o+x set). But for those of them who have suid bit setted it became a real trouble.
With best regards,
Anton Popov
________________________________________
От: Jacob Kroon [jacob.kroon at gmail.com]
Отправлено: 7 мая 2019 г. 8:04
Кому: Popov Anton
Копия: openembedded-core at lists.openembedded.org
Тема: Re: [OE-core] [PATCH] util-linux: fix owner and group for binaries in resulting image
Hi,
Are we sure this is not caused by the new glibc2.29/pseudo problems
that has been seen previously ?
Which distro are you building on, and which version of poky/oe are you using ?
/Jacob
On Mon, May 6, 2019 at 5:46 PM Popov Anton <Anton.Popov at t-platforms.ru> wrote:
>
> util-linux source produce some binaries with setuid bit set
>
> do_install function produce binaries in /sbin and /bin with uid:gid
> of user who build image this lead to messages like this:
> mount /dev/sdb1 /mnt/flash
> mount: only root can do that (effective UID is 1000)
> this patch changing owner of binaries in /bin and /sbin to 0:0
>
> Signed-off-by: Anton Popov <Anton.Popov at t-platforms.ru>
> ---
> meta/recipes-core/util-linux/util-linux.inc | 21 +++++++++++++++++++++
> 1 file changed, 21 insertions(+)
>
> diff --git a/meta/recipes-core/util-linux/util-linux.inc b/meta/recipes-core/util-linux/util-linux.inc
> index 34255a2dec..d75a2dd399 100644
> --- a/meta/recipes-core/util-linux/util-linux.inc
> +++ b/meta/recipes-core/util-linux/util-linux.inc
> @@ -201,6 +201,27 @@ do_install () {
> fi
> }
>
> +# when building yocto image with non-root user some binaries appears in resulting
> +# image with rights of user who build image. This behaviour may lead to misfunction
> +# of some binaries like mount because of setuid bit on them:
> +# mount /dev/sdb1 /mnt/flash
> +# mount: only root can do that (effective UID is 1000)
> +# ls -ld which mount
> +# lrwxrwxrwx 1 root root 21 Jan 2 1970 /bin/mount -> /bin/mount.util-linux # root at mitx-fp32:/mnt/system/initrd# ls -ld /bin/mount.util-linux # -rwsr-xr-x 1 1000 1000 28020 Apr 23 12:49 /bin/mount.util-linux
> +do_install_append_class-target () {
> + for p in $sbinprogs $sbinprogs_a; do
> + if [ -f "${D}${base_sbindir}/$p" ]; then
> + chown 0:0 "${D}${base_sbindir}/$p"
> + fi
> + done
> + for p in $binprogs_a; do
> + if [ -f "${D}${base_bindir}/$p" ]; then
> + chown 0:0 "${D}${base_bindir}/$p"
> + fi
> + done
> +}
> +
> +
> # nologin causes a conflict with shadow-native
> # kill causes a conflict with coreutils-native (if ${bindir}==${base_bindir})
> do_install_append_class-native () {
> --
> 2.20.1
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
More information about the Openembedded-core
mailing list