diff options
| author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2020-06-22 11:57:17 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2020-07-07 23:15:10 +0100 |
| commit | 9bb6919310a6ce812691dd555ce59e2c81ac557a (patch) | |
| tree | bee82662f2a745316d8ca92a952b9e2a714065d6 /meta/classes | |
| parent | 76431687786f250a1a114d2b8257b38d1a9c8651 (diff) | |
| download | poky-9bb6919310a6ce812691dd555ce59e2c81ac557a.tar.gz | |
rootfs-postcommands: Improve/fix rootfs_check_host_user_contaminated
Currently if the find command finds /home it stops checking the other
files. Tweak the find expression to fix this.
Also, from Alex Kiernan <alex.kiernan@gmail.com>, generate output for
each contaminated path so it's visible in the main log file.
When matches are found, dump the data from the group and passwd files
so useful debugging can be done based on the results.
(From OE-Core rev: 602162c0e33b429b8254de04af72a2aa5111867a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 504f1d158bf7c6ad08fbce755021db2b14565231)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes')
| -rw-r--r-- | meta/classes/rootfs-postcommands.bbclass | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass index 2f171836fa..c43b9a9823 100644 --- a/meta/classes/rootfs-postcommands.bbclass +++ b/meta/classes/rootfs-postcommands.bbclass | |||
| @@ -308,12 +308,16 @@ rootfs_check_host_user_contaminated () { | |||
| 308 | HOST_USER_UID="$(PSEUDO_UNLOAD=1 id -u)" | 308 | HOST_USER_UID="$(PSEUDO_UNLOAD=1 id -u)" |
| 309 | HOST_USER_GID="$(PSEUDO_UNLOAD=1 id -g)" | 309 | HOST_USER_GID="$(PSEUDO_UNLOAD=1 id -g)" |
| 310 | 310 | ||
| 311 | find "${IMAGE_ROOTFS}" -wholename "${IMAGE_ROOTFS}/home" -prune \ | 311 | find "${IMAGE_ROOTFS}" -path "${IMAGE_ROOTFS}/home" -prune -o \ |
| 312 | -user "$HOST_USER_UID" -o -group "$HOST_USER_GID" >"$contaminated" | 312 | -user "$HOST_USER_UID" -print -o -group "$HOST_USER_GID" -print >"$contaminated" |
| 313 | |||
| 314 | sed -e "s,${IMAGE_ROOTFS},," $contaminated | while read line; do | ||
| 315 | bbwarn "Path in the rootfs is owned by the same user or group as the user running bitbake:" $line `ls -lan ${IMAGE_ROOTFS}/$line` | ||
| 316 | done | ||
| 313 | 317 | ||
| 314 | if [ -s "$contaminated" ]; then | 318 | if [ -s "$contaminated" ]; then |
| 315 | echo "WARNING: Paths in the rootfs are owned by the same user or group as the user running bitbake. See the logfile for the specific paths." | 319 | bbwarn "/etc/passwd:" `cat ${IMAGE_ROOTFS}/etc/passwd` |
| 316 | cat "$contaminated" | sed "s,^, ," | 320 | bbwarn "/etc/group:" `cat ${IMAGE_ROOTFS}/etc/group` |
| 317 | fi | 321 | fi |
| 318 | } | 322 | } |
| 319 | 323 | ||