diff mbox series

[v1,07/15] rootfs_generate_initramfs: rework deployment to avoid chowning

Message ID 20260226162843.1642329-8-felix.moessbauer@siemens.com
State Under Review
Headers show
Series add support to build isar unprivileged | expand

Commit Message

Felix Moessbauer Feb. 26, 2026, 4:28 p.m. UTC 
Previously the initrd was deployed as root and later chowned in the
deploy dir. This involves privileged operations which will no longer be
possible when running rootless. To prepare for that, we deploy via a
stdout and create the target file by the correct user.

While doing this, we also remove a useless sudo invocation when listing
the ROOTFS/boot dir, as this can be listed by all users.

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
 meta/classes-recipe/rootfs.bbclass | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)
diff mbox series

Patch

diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass
index 81cc26f6..c74f4b8c 100644
--- a/meta/classes-recipe/rootfs.bbclass
+++ b/meta/classes-recipe/rootfs.bbclass
@@ -620,18 +620,16 @@  python do_generate_initramfs_setscene () {
 
 rootfs_generate_initramfs[progress] = "custom:rootfs_progress.InitrdProgressHandler"
 rootfs_generate_initramfs() {
-    if [ -n "$(sudo find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then
+    if [ -n "$(find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then
         for kernel in ${ROOTFSDIR}/boot/vmlinu[xz]-*; do
             export kernel_version=$(basename $kernel | cut -d'-' -f2-)
             mods_total="$(find ${ROOTFSDIR}/usr/lib/modules/$kernel_version -type f -name '*.ko*' | wc -l)"
             echo "Total number of modules: $mods_total"
             echo "Generating initrd for kernel version: $kernel_version"
-            run_in_chroot "${ROOTFSDIR}" sh -ec ' \
-                ${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}; \
-                find /boot -name "initrd.img-$kernel_version*" -exec install --mode 0644 {} /isar-work/initrd.img \; \
-                '
+            run_in_chroot "${ROOTFSDIR}" sh -ec '${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}'
+            find ${ROOTFSDIR}/boot -name "initrd.img-$kernel_version*" -exec cat {} \; \
+                > ${DEPLOYDIR}/${INITRD_DEPLOY_FILE}
         done
-        install --owner $(id -u) --group $(id -g) ${WORKDIR}/initrd.img ${DEPLOYDIR}/${INITRD_DEPLOY_FILE}
     else
         echo "no kernel in this rootfs, do not generate initrd"
     fi