| Message ID | 20250618135040.8252-5-cedric.hombourger@siemens.com |
|---|---|
| State | Superseded, archived |
| Headers | show |
| Series | non-privileged commands in chroot | expand |
On 6/18/25 15:50, 'Cedric Hombourger' via isar-users wrote: > Elevated privileges are not required to query the rootfs for the version > of systemd: replace "sudo chroot" with "rootfs_cmd" > > Signed-off-by: Cedric Hombourger <cedric.hombourger@siemens.com> > --- > meta/classes/image-postproc-extension.bbclass | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass > index 0af588d8..21dcfccc 100644 > --- a/meta/classes/image-postproc-extension.bbclass > +++ b/meta/classes/image-postproc-extension.bbclass > @@ -55,7 +55,7 @@ image_postprocess_mark() { > > # Use dpkg to find out which version of systemd is installed into the image or reports "0" > image_systemd_version() { > - sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" > + rootfs_cmd ${IMAGE_ROOTFS} -- dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" > } Why are we not using the root parameter of dpkg-query for this? Quirin > > ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id"
On 20.06.25 11:16, 'Quirin Gylstorff' via isar-users wrote: > > > On 6/18/25 15:50, 'Cedric Hombourger' via isar-users wrote: >> Elevated privileges are not required to query the rootfs for the version >> of systemd: replace "sudo chroot" with "rootfs_cmd" >> >> Signed-off-by: Cedric Hombourger <cedric.hombourger@siemens.com> >> --- >> meta/classes/image-postproc-extension.bbclass | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/ >> classes/image-postproc-extension.bbclass >> index 0af588d8..21dcfccc 100644 >> --- a/meta/classes/image-postproc-extension.bbclass >> +++ b/meta/classes/image-postproc-extension.bbclass >> @@ -55,7 +55,7 @@ image_postprocess_mark() { >> # Use dpkg to find out which version of systemd is installed into >> the image or reports "0" >> image_systemd_version() { >> - sudo chroot ${IMAGE_ROOTFS} dpkg-query -- >> showformat='${source:Upstream-Version}' --show systemd || echo "0" >> + rootfs_cmd ${IMAGE_ROOTFS} -- dpkg-query -- >> showformat='${source:Upstream-Version}' --show systemd || echo "0" >> } > Why are we not using the root parameter of dpkg-query for this? > Pro: even faster than any wrapper Con: brings some dependency between dpkg and data base versions But this option should still be considered in the discussion, maybe also depending on the type of access (read as above vs. write as in other cases). Cedric, did you think about it? Jan
diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass index 0af588d8..21dcfccc 100644 --- a/meta/classes/image-postproc-extension.bbclass +++ b/meta/classes/image-postproc-extension.bbclass @@ -55,7 +55,7 @@ image_postprocess_mark() { # Use dpkg to find out which version of systemd is installed into the image or reports "0" image_systemd_version() { - sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" + rootfs_cmd ${IMAGE_ROOTFS} -- dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" } ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id"
Elevated privileges are not required to query the rootfs for the version of systemd: replace "sudo chroot" with "rootfs_cmd" Signed-off-by: Cedric Hombourger <cedric.hombourger@siemens.com> --- meta/classes/image-postproc-extension.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)