Message ID | 20240304103716.1100116-3-Adithya.Balakumar@toshiba-tsip.com |
---|---|
State | Superseded, archived |
Headers | show |
Series | Fix reproducibility of /etc/shadow file when image built on different days | expand |
On Mon, 2024-03-04 at 16:07 +0530, Adithya Balakumar wrote: > > When a user account is created / updated, the third field (sp_lstchg) > > in the /etc/shadow file could be modified. The third field contains > > the date of the last password change expressed as the number of days > > since Jan 1,1970. When the images are built on different days, the > > value of sp_lstchg will be different making the image not > > reproducible. > > > > Adding the SOURCE_DATE_EPOCH variable to environment ensures that > > sp_lstchg value is set with respect to the SOURCE_DATE_EPOCH value. > > > > Signed-off-by: Adithya Balakumar <[Adithya.Balakumar@toshiba-tsip.com](mailto:Adithya.Balakumar@toshiba-tsip.com )> > > --- > > meta/classes/image-account-extension.bbclass | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/meta/classes/image-account-extension.bbclass > > b/meta/classes/image-account-extension.bbclass > > index 9e67cb91..5fe67106 100644 > > --- a/meta/classes/image-account-extension.bbclass > > +++ b/meta/classes/image-account-extension.bbclass > > @@ -131,6 +131,11 @@ def image_create_users(d: "DataSmart") -> None: > > > > ROOTFS_POSTPROCESS_COMMAND += "image_postprocess_accounts" > > python image_postprocess_accounts() { > > + import os > > + if os.getenv("SOURCE_DATE_EPOCH") == None: > > + source_date_epoch = d.getVar("SOURCE_DATE_EPOCH") > > + os.environ["SOURCE_DATE_EPOCH"] = source_date_epoch > > + If bitbake var is empty, this fails the following way: ERROR: mc:qemuamd64-bullseye:isar-image-ci-1.0-r0 do_rootfs_postprocess: Error executing a python function in exec_func_python() autogenerated: The stack trace of python calls that resulted in this exception/failure was: File: 'exec_func_python() autogenerated', lineno: 2, function: <module> 0001: *** 0002:image_postprocess_accounts(d) 0003: File: '/workspace/build/isar_ub_devel_fast/552/meta/classes/image-account-extension.bbclass', lineno: 137, function: image_postprocess_accounts 0133:python image_postprocess_accounts() { 0134: import os 0135: if os.getenv("SOURCE_DATE_EPOCH") == None: 0136: source_date_epoch = d.getVar("SOURCE_DATE_EPOCH") *** 0137: os.environ["SOURCE_DATE_EPOCH"] = source_date_epoch 0138: 0139: image_create_groups(d) 0140: image_create_users(d) 0141:} File: '<frozen os>', lineno: 684, function: __setitem__ File "<frozen os>", line 684, in __setitem__ File: '<frozen os>', lineno: 758, function: encode File "<frozen os>", line 758, in encode Exception: TypeError: str expected, not NoneType > > image_create_groups(d) > > image_create_users(d) > > } > > -- > > 2.39.2 > > > >
I Apologize. Will fix this is in v2. Thanks and Regards, Adithya Balakumar -----Original Message----- From: Uladzimir Bely <ubely@ilbers.de> Sent: Tuesday, March 5, 2024 9:49 AM To: balakumar adithya(TSIP TEUR) <Adithya.Balakumar@toshiba-tsip.com>; isar-users@googlegroups.com Subject: Re: [PATCH 2/2] image-account-extension.bbclass: Export SOURCE_DATE_EPOCH variable On Mon, 2024-03-04 at 16:07 +0530, Adithya Balakumar wrote: > > When a user account is created / updated, the third field (sp_lstchg) > > in the /etc/shadow file could be modified. The third field contains > > the date of the last password change expressed as the number of days > > since Jan 1,1970. When the images are built on different days, the > > value of sp_lstchg will be different making the image not > > reproducible. > > > > Adding the SOURCE_DATE_EPOCH variable to environment ensures that > > sp_lstchg value is set with respect to the SOURCE_DATE_EPOCH value. > > > > Signed-off-by: Adithya Balakumar <[Adithya.Balakumar@toshiba-tsip.com](mailto:Adithya.Balakumar@toshiba-tsip.com )> > > --- > > meta/classes/image-account-extension.bbclass | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/meta/classes/image-account-extension.bbclass > > b/meta/classes/image-account-extension.bbclass > > index 9e67cb91..5fe67106 100644 > > --- a/meta/classes/image-account-extension.bbclass > > +++ b/meta/classes/image-account-extension.bbclass > > @@ -131,6 +131,11 @@ def image_create_users(d: "DataSmart") -> None: > > > > ROOTFS_POSTPROCESS_COMMAND += "image_postprocess_accounts" > > python image_postprocess_accounts() { > > + import os > > + if os.getenv("SOURCE_DATE_EPOCH") == None: > > + source_date_epoch = d.getVar("SOURCE_DATE_EPOCH") > > + os.environ["SOURCE_DATE_EPOCH"] = source_date_epoch > > + If bitbake var is empty, this fails the following way: ERROR: mc:qemuamd64-bullseye:isar-image-ci-1.0-r0 do_rootfs_postprocess: Error executing a python function in exec_func_python() autogenerated: The stack trace of python calls that resulted in this exception/failure was: File: 'exec_func_python() autogenerated', lineno: 2, function: <module> 0001: *** 0002:image_postprocess_accounts(d) 0003: File: '/workspace/build/isar_ub_devel_fast/552/meta/classes/image-account-extension.bbclass', lineno: 137, function: image_postprocess_accounts 0133:python image_postprocess_accounts() { 0134: import os 0135: if os.getenv("SOURCE_DATE_EPOCH") == None: 0136: source_date_epoch = d.getVar("SOURCE_DATE_EPOCH") *** 0137: os.environ["SOURCE_DATE_EPOCH"] = source_date_epoch 0138: 0139: image_create_groups(d) 0140: image_create_users(d) 0141:} File: '<frozen os>', lineno: 684, function: __setitem__ File "<frozen os>", line 684, in __setitem__ File: '<frozen os>', lineno: 758, function: encode File "<frozen os>", line 758, in encode Exception: TypeError: str expected, not NoneType > > image_create_groups(d) > > image_create_users(d) > > } > > -- > > 2.39.2 > > > >
diff --git a/meta/classes/image-account-extension.bbclass b/meta/classes/image-account-extension.bbclass index 9e67cb91..5fe67106 100644 --- a/meta/classes/image-account-extension.bbclass +++ b/meta/classes/image-account-extension.bbclass @@ -131,6 +131,11 @@ def image_create_users(d: "DataSmart") -> None: ROOTFS_POSTPROCESS_COMMAND += "image_postprocess_accounts" python image_postprocess_accounts() { + import os + if os.getenv("SOURCE_DATE_EPOCH") == None: + source_date_epoch = d.getVar("SOURCE_DATE_EPOCH") + os.environ["SOURCE_DATE_EPOCH"] = source_date_epoch + image_create_groups(d) image_create_users(d) }
When a user account is created / updated, the third field (sp_lstchg) in the /etc/shadow file could be modified. The third field contains the date of the last password change expressed as the number of days since Jan 1,1970. When the images are built on different days, the value of sp_lstchg will be different making the image not reproducible. Adding the SOURCE_DATE_EPOCH variable to environment ensures that sp_lstchg value is set with respect to the SOURCE_DATE_EPOCH value. Signed-off-by: Adithya Balakumar <Adithya.Balakumar@toshiba-tsip.com> --- meta/classes/image-account-extension.bbclass | 5 +++++ 1 file changed, 5 insertions(+)