From patchwork Thu Sep 25 06:54:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "cedric.hombourger@siemens.com" X-Patchwork-Id: 4377 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Thu, 25 Sep 2025 08:54:55 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-yb1-f189.google.com (mail-yb1-f189.google.com [209.85.219.189]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 58P6sro4002123 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 25 Sep 2025 08:54:54 +0200 Received: by mail-yb1-f189.google.com with SMTP id 3f1490d57ef6-eb0718279d2sf691567276.3 for ; Wed, 24 Sep 2025 23:54:54 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1758783287; cv=pass; d=google.com; s=arc-20240605; b=FMfxDa5loLl52gfeB2oJLHY3m8A0nEidnxjOiBYCtXoVADSJzDkDD1GyzkU733w0YR XxzP2T1impRmxDu31Dr2qTudsG69ENhTxaIlYVJtNz8N9jgjVyipn7aGq1GnRgoxKW/Y I3+xrhxODbQuPhEJIap+KnDRC5nOslqALdKById7OJ3ACcnNcMudlkKQwMJCiWfAIkQF 6tJrTSQkEyc+fMwAmZiS9Wt7PFEvRKlX8vAw176N5QENsvnHA6rhdt8DNbEeWTUmV+X+ 4yLQ4s6qGTKmaxo3gI25JXBIMwemq8uHLGWLXkcwMBLxNlcNR5M05HDskW1Om0Bkw9Sx wAhQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=e+I1/EeLJRMir3sFwe5PQHNtfAVebKPzHRiyQhXsE3U=; fh=zAR3sTIEOLsLnaijWfqRRcQqnHSUTbUuJhmx7l67m9M=; b=L1FlWJ0ORX1yXBx7Cp/EqWvujWqceEMSW8XLGSLWVLXDC5L1ZK8rNB7QpfdahQY6XK 0/swU/UoeBdad2yeBy+7yZYsuo/ZRVDUzkAshCy4tLAigQMTbF8D7ojy1GpcxIZrjCXM edAXHn6Me/v9Jhe+H66Ab4ozARvfZf9ZpiiNiyppJzdkvvrcHIiN3OnDy4vBcB/fTdxB A7I4Ih5iQpjl7KOrXFjlRKXdxDu96VLZpSFuOhYJKLN7Kn4EPpwssTIv3unrN/jajweC 9advfdQKz0XQeYVAy92JSuU5vok3OeJUaFbtx3/JMSnt9Z1WjN5ucGc24opr5VASjECk VUaw==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=JxeIdMN7; spf=pass (google.com: domain of fm-1212295-2025092506544306043743660002077a-t7uhgd@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025092506544306043743660002077a-T7UHgD@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1758783287; x=1759388087; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=e+I1/EeLJRMir3sFwe5PQHNtfAVebKPzHRiyQhXsE3U=; b=mTnyq+LUg4f6cQBetHTvnRx4/apRd1F0D+uIa7zeaIScMSznqXdCzKGxSCufGlydPV +dwo1a21TwZmXljA9oTEfYRluwoNkxssb13mQU6ArxaXaxu0R4PTlDUvGu1P4cZH379B ExKX6oOES9GlwlJn0ioCRaSXY041bE+tSnhhSvQS45GyD5/JI/ECl4RTYtgj2X7os2ZS jaboxRLpf8DEtLppBv7Hto7uRN7zdCzHO9Hv9rv78nbKbvQ+QF8qu6jDgMTjYuK0llCg VD4itPMEDFdQkHRl7RsxIUA/AvVPcigDCjBCwp2V1P5gAH7cafMDAb43mr786IMMUZL0 KdyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1758783287; x=1759388087; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=e+I1/EeLJRMir3sFwe5PQHNtfAVebKPzHRiyQhXsE3U=; b=dS+3DsEV2vsd9V0lsTbHNgnRMWlSX83bXVXD63DNsAe1I74XLwR53EWjuoFvVxPia+ ukptY6sb2mtsy8nMCQnO+d1AZgi8jQn+aeQ40pS12xT5yfIJMJt9IiKkzST6C1XiCgRv l6JDwZe6BF0aFupXcfRkBFmt8OZy0+CAc2oPMbdZfhigs0VnrgnT6RXzZ0oLLLhhxL+2 S7RtjRnzmotZyHvOvjp6QrT9gixKpXG4HZqdPKLfPfKTv6VEHjCgCGjUbCVgz64MsL70 WnQF74cRPVBY6UxoyCnwOf81ViWeR+kwyHFYIp8b5E1+pmeRH92LS8N0YfcinwGsnQ0D tvIg== X-Forwarded-Encrypted: i=2; AJvYcCWhB3lTv5g/LabrB5lQH6mFBd5NYHYJuRHDZtS6PbWWYhmlHJgji4cc8KWtevXtDpjxsGWBcPk=@isar-build.org X-Gm-Message-State: AOJu0Yz5j/SAazejtiDVpzgn5cT1FbFdc9/qkhLrtFfSnbPyjjkjMnjE FVtpIwn1FpJY8x+1gMb4MApZhw/B6H9nLWmmQtuMqIo+km8OxtOfZIK+ X-Google-Smtp-Source: AGHT+IE5XSXFw7mNbWmHWsyYfIPxxyIh+nH37dKZ0SW9sOctu/DWCePhHAE2ddJs8KqSUB0jpHe+JA== X-Received: by 2002:a05:690e:4241:b0:635:4ecf:bdcd with SMTP id 956f58d0204a3-6361a8ad2b9mr1266447d50.47.1758783286785; Wed, 24 Sep 2025 23:54:46 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h="ARHlJd5UH32tFFzxaomcoOCRsmGXddJk6mx5Xmovnpm3wWT/aw==" Received: by 2002:a05:690e:42d3:b0:601:f279:9614 with SMTP id 956f58d0204a3-6361b37da85ls203979d50.0.-pod-prod-02-us; Wed, 24 Sep 2025 23:54:45 -0700 (PDT) X-Received: by 2002:a05:690e:2442:b0:600:4a6c:bed6 with SMTP id 956f58d0204a3-6361a890925mr1262087d50.36.1758783284832; Wed, 24 Sep 2025 23:54:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1758783284; cv=none; d=google.com; s=arc-20240605; b=RxzgyymlszFEztq2RHe/ecbyErF2KEKrQC8s9uQeFeQccyL4vYh2Fnp0j/Vwoc54Td yQvHK6/HiM1gZLarjYyZ52VVzfHOOpNFi7bLaNfsELNlA2vEnIDhujJtMUN59CcnS5ec cUWd3Y8lgIR5CLokmpLM3Ej8KeJOS+FiM7wUSvvt/HuXB0YmQ+qmldbLB+tS23jqedn7 h7VNExS6Nq2yPZZ/S0YwQEOZ17oXUmVRVnhtf1R8ke0/jk9UZILgChGNqVpFshZ1dRsE /EDjFCGizsiUgVFBZEmOuceHcZ19/9QyWZKzfHA3Eb3XKbTtBuXLL3/Xrq/P0ZV59TlP /kww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=jr2C+oYYPggLCfbJoYlAW3QELe9Nj37+1sbAp4rI8xM=; fh=GJh20mB+jF6oQ+me1R+hLO+vPKOaUsE8susJALlxkPc=; b=lRqJJT1pMgTsY2r+sDYKuhOzuEZZ7APbgWriIAH18+jthvQuOhYDGDPeV4w6SY01WX HMM2e4cfYa3p/jElq+JW1vDHrOQ3VSKHOJ6+a1rdjWV4Fph6HmXYEhehmBPOx3KGqgX1 Zj5Rx1QUO4xDimS6d86dc6W35R+yx27AQrr+lKR8sFsFI9di62EjbrR7+ifumo4Ta+Ye QkrqlkIgoroG0T8jR7Zrf74KAbgGdvVtkU3kdE0FoByIY4icZfKTqGEW19k1z2VQiLbJ ANP8ybPcL9yz+vPUUUO+j86bxEHm9aV5foeNvaH6OgZRrTGbkY8ds6nW4mHWxNw/s6n1 dnIA==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=JxeIdMN7; spf=pass (google.com: domain of fm-1212295-2025092506544306043743660002077a-t7uhgd@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025092506544306043743660002077a-T7UHgD@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net. [185.136.64.228]) by gmr-mx.google.com with ESMTPS id 956f58d0204a3-6361e540b5csi68328d50.0.2025.09.24.23.54.44 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 Sep 2025 23:54:44 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1212295-2025092506544306043743660002077a-t7uhgd@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) client-ip=185.136.64.228; Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 2025092506544306043743660002077a for ; Thu, 25 Sep 2025 08:54:43 +0200 X-Patchwork-Original-From: "'Cedric Hombourger' via isar-users" From: "cedric.hombourger@siemens.com" To: isar-users@googlegroups.com Cc: "cedric.hombourger@siemens.com" Subject: [PATCH v4 3/4] bootstrap: create lock for downloads/deb without sudo Date: Thu, 25 Sep 2025 08:54:23 +0200 Message-ID: <20250925065433.4180883-4-cedric.hombourger@siemens.com> In-Reply-To: <20250925065433.4180883-1-cedric.hombourger@siemens.com> References: <20250925065433.4180883-1-cedric.hombourger@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1212295:519-21489:flowmailer X-Original-Sender: cedric.hombourger@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=JxeIdMN7; spf=pass (google.com: domain of fm-1212295-2025092506544306043743660002077a-t7uhgd@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025092506544306043743660002077a-T7UHgD@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Cedric Hombourger Reply-To: Cedric Hombourger Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= From: "cedric.hombourger@siemens.com" The syncin/syncout commands passed to mmdebstrap will create a lock file in downloads/deb if it does not exist. As mmdebstrap is being executed as root, the lock would also be owned by root and this will cause problems for rootless commands that may be executed later (such as downloading of Debian packages). Create the lock file without sudo prior to running mmdebstrap for it to be owned by the build user rather than root. Signed-off-by: Cedric Hombourger Tested-by: Andreas Naumann --- meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index 931f6f13..b2de61ad 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -181,6 +181,10 @@ do_bootstrap() { && sudo umount $base_apt_tmp \ && rm -rf --one-file-system $base_apt_tmp' EXIT + # Create lock file so that it is owned by the user running the build (not root) + mkdir -p ${DEBDIR} + touch ${DEB_DL_LOCK} + sudo TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ $arch_param \ --mode=unshare \