From patchwork Mon May 19 11:57:47 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "cedric.hombourger@siemens.com" X-Patchwork-Id: 4213 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Mon, 19 May 2025 13:58:24 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-wr1-f56.google.com (mail-wr1-f56.google.com [209.85.221.56]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 54JBwNEZ018159 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2025 13:58:23 +0200 Received: by mail-wr1-f56.google.com with SMTP id ffacd0b85a97d-3a361c82d9dsf317941f8f.2 for ; Mon, 19 May 2025 04:58:23 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1747655898; cv=pass; d=google.com; s=arc-20240605; b=W/fd3mccCWtvim5AGaqH5cJYGCii8CVBPjDYWB7kGKqYbILYjJxlibCRamVlEy9bu9 dMtJJ9Spb/3iTu4ZXQyBcK0NZrhQMJHJftJppht60we23SM/K9OGgttth6yZ5Bc8C5ha nTUV4me8ij6QaT91qUk8UF6cUnJBCwmqcdPFGvIn3IUzFbRcJv7xqgQqXGWdLgcTtZaH LX4JtVth7Wfvy+cLd45Qyyto1QC+ymrzUgGHTMlvLfPxgxrCaiTAhV+2mmvWoJ3N+cK6 O/i2yhUeFyXJYTIyGyfQRMNGvFnPQBgkbjeU0ynUwIhvisEdA6sKxuhjTRLdgCULJljs R/DA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=yrHwf/WtHuEawDw9J44kw13IVJZb9iXLIfQGlJPI4k8=; fh=1jPMFMLTcRntOqEoIxWLeUiGU08tDcFOzcZsYUk0ZxY=; b=B0MBq+XDzw+DsG/p0Wb9K/+UEaGAhLnIh5IMm75GevWRX9njX9xL9DjBwwiOawgxoK V7pROpSDdE+REVIqywBS45LRMLwIoCO4HLa4HunFKYePxPoNpYZcTr2Dc+/1rSGBPUkO xS3WfTSMjrhfFQkmg9CKZNEtsOffEkKlRYAsBil7kjwoCNym+fESD3v8uODzT5bx80lI hkCoZY6BFGn72YUIVX7vTpQ65VQU/Os0hie0ToBULR7y/W8cbVmKeEweeYgEyCGRyPZr hAnZajF4EB8wHlXg1gEbAp3a/hAgQHL2tV2z8kRrFZ7eGJGZ7rFGfJbQ5LUJ9ysRF0am J1BA==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=CBeJZ9fo; spf=pass (google.com: domain of fm-1212295-20250519115813d3ffc491885eb7773e-0idr7d@rts-flowmailer.siemens.com designates 185.136.64.226 as permitted sender) smtp.mailfrom=fm-1212295-20250519115813d3ffc491885eb7773e-0IDr7D@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1747655898; x=1748260698; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=yrHwf/WtHuEawDw9J44kw13IVJZb9iXLIfQGlJPI4k8=; b=uc6wH+gbnvLFFXNqe7kqbzOvl3tIibDUms30OMvZr/uViMVBZNciCycqG+NVmfkXGc 0QCvXwrURC7msSjodb6qUiUdkMVQvQICWEK7NDs/FnAI7rKUgxPr86OpNDt99/EGDy58 IcLsKhCsJ7/CWKvsVn2sfzOIE9b/vHF7gRHt26/4XbUsaZnHz7zQebhYgl5ULHNtYmPQ tVPi2z0XueJ9g7yad347jIPk8OhdWVSRTzATJ2+2vNdkprnBMEWi3vDIStZHKxsu6ZDP 2sXd1bRUq5qclVp08NHSszpSpH7RCzSecH8jb8TicTORZHtNiIha7q1OGgSbMEhs3rCp 8/gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747655898; x=1748260698; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=yrHwf/WtHuEawDw9J44kw13IVJZb9iXLIfQGlJPI4k8=; b=VJjRRh9BTsXmnlGQf2lIybyTl1DGCsXyF6OSY5Ft2VY3O7rL9vsADCcY1c2KMWwX6O aCanaR81872QwJxUYi2Sxb1+CbDpUdwlfgjknP+uwLwOzO0uomhYym9iYL7cpFxwhjlr +BwnzigqQmYFasM4k94J6MBhmEqeNWWKc4DZQ8i090x670AMkjOlRuJruDgM90KXvuzh rYct8sRaFHOgOgtrirzD3+2hBaVBwZSREkio9F8VkgyKdJ2iUCDMjirFY5Zcp6CIIOXo QgO6JfUL2fqTBFYD4KtQxW6zmduHAnP4rxGvCFNe7BUgsQAU2xkGfBdDyGKv3EK7E6mI 9/lA== X-Forwarded-Encrypted: i=2; AJvYcCVy8PLfIi+Q6yKx2XnQvYah4BWhvx8zUuIHeq6wXGI8tPfAWLEVJR109BCnIjsvAyAV7+bxaDU=@isar-build.org X-Gm-Message-State: AOJu0YxtqFVdw1XHgGPLQVcKZwe2Py+p5WBGo7Wqu7tzU9Hm8KKvTSHO crgwm7XXTDepp8jKMoezaIpIUk041cxvmcZVUOVOcgahuIIIITQwvFK4 X-Google-Smtp-Source: AGHT+IHUw5v7AyFjyi5Yep1Zvrb48USsFtqFyV+eVZ5nQ5OySTkrGsWMq/LFcnIm1pwppMXWgHbupg== X-Received: by 2002:a05:600c:4f8e:b0:442:fac9:5e2f with SMTP id 5b1f17b1804b1-442fd60e7c3mr42044035e9.2.1747655897096; Mon, 19 May 2025 04:58:17 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=AVT/gBHzziOtJEX+H4eD8+DW7a0BoBrnFsJAbdfseM5jahC4IQ== Received: by 2002:a05:600c:3d0b:b0:43b:c5a5:513c with SMTP id 5b1f17b1804b1-442f8782f41ls1496185e9.1.-pod-prod-02-eu; Mon, 19 May 2025 04:58:14 -0700 (PDT) X-Received: by 2002:a05:600c:64cf:b0:442:e9eb:cba2 with SMTP id 5b1f17b1804b1-442fd5a1054mr137531295e9.0.1747655894412; Mon, 19 May 2025 04:58:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747655894; cv=none; d=google.com; s=arc-20240605; b=QKCaG9Il58/ylSBG50fhY5grN7Vyo2xGhitDhthRLHVbNfgpoBUiK0tAYmraM2MORr n8qGouFb0cM7BvMOdGR4z+IEP/y/XANEzmJ2PIyz1OpfGyiTdEgHTpQx/SnBCW5cfOGt YBmczCXEz+MKZ1hivI0ih3tOSUDcl8E0bIa1NXgDgTNtRkm5N1OG0DdK9KoCVeiqs7d+ Y1UwJgrmcYPt3MWGyjc0MPYaxQLTFrlRm6JsGZNAD3H5iRQVC17iRKmHwBURRBYwnke/ a+77trhpim5iZZ1/e3Q7zC//07NebPfD32XR1hRN5NjCS6hft9yJWynPR8Zbyj0E1XV5 g1oA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=Rxqy/i9jmF3n8GI1f+kCRds2Kzmz6AV6tgyliaVoNgY=; fh=D/q4xMKxZDyLo2GtmwQ/2prSr9aCFD3HVqTCj43epLY=; b=PtRm6I+UYES+zvSktYRghYs05N7F7ccPGILNuWFy6tyFODy65zTW3JB0Ncqr8exdch KwbdHSVAts8HXXSl2CXEef8N7H/AY9rSnnMxZwmYpz7nsFlOFkp1q65JXvUXZN8DuGup uE50mlwQrsf4mrSlyrcd3wBtkuWawaEMfYnarKtGPI5ptQNtmUrAASJThW4u86HicImm dMr2GpkCfwpUBH4sxoxr0Vd8UAe6/QHUXPSQaAYNZ1gJQSdOEo2sQbl/5vNBm/vnT12U qbstuyDC0MfIkgwfUy7HivBqEmnC7SMapYR+jXZRbIElBDhvcJOAz/Wx7wg911ulHQ31 N6Sw==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=CBeJZ9fo; spf=pass (google.com: domain of fm-1212295-20250519115813d3ffc491885eb7773e-0idr7d@rts-flowmailer.siemens.com designates 185.136.64.226 as permitted sender) smtp.mailfrom=fm-1212295-20250519115813d3ffc491885eb7773e-0IDr7D@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-226.siemens.flowmailer.net (mta-64-226.siemens.flowmailer.net. [185.136.64.226]) by gmr-mx.google.com with ESMTPS id 5b1f17b1804b1-442fb685038si2353755e9.0.2025.05.19.04.58.14 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 May 2025 04:58:14 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1212295-20250519115813d3ffc491885eb7773e-0idr7d@rts-flowmailer.siemens.com designates 185.136.64.226 as permitted sender) client-ip=185.136.64.226; Received: by mta-64-226.siemens.flowmailer.net with ESMTPSA id 20250519115813d3ffc491885eb7773e for ; Mon, 19 May 2025 13:58:13 +0200 X-Patchwork-Original-From: "'Cedric Hombourger' via isar-users" From: "cedric.hombourger@siemens.com" To: isar-users@googlegroups.com Cc: felix.moessbauer@siemens.com, Cedric Hombourger Subject: [PATCH 1/4] rootfs: introduce wrapper to run commands against a rootfs Date: Mon, 19 May 2025 13:57:47 +0200 Message-Id: <20250519115750.3195300-2-cedric.hombourger@siemens.com> In-Reply-To: <20250519115750.3195300-1-cedric.hombourger@siemens.com> References: <20250515150727.1764989-2-cedric.hombourger@siemens.com> <20250519115750.3195300-1-cedric.hombourger@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1212295:519-21489:flowmailer X-Original-Sender: cedric.hombourger@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=CBeJZ9fo; spf=pass (google.com: domain of fm-1212295-20250519115813d3ffc491885eb7773e-0idr7d@rts-flowmailer.siemens.com designates 185.136.64.226 as permitted sender) smtp.mailfrom=fm-1212295-20250519115813d3ffc491885eb7773e-0IDr7D@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Cedric Hombourger Reply-To: Cedric Hombourger Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= "sudo chroot" is used in several places to run commands inside rootfs directories constructed by Isar. There are cases where a command could be used without elevated privileges as long as special folders such as /isar-apt are mounted (they are often referenced as /isar-apt in configuration files found in the target rootfs). For such cases, bubblewrap may be used to create a non-privileged namespace (either in a bare/native environment or within a docker/podman container) where the command will be executed as if chroot had been used. The rootfs may also be the host root file-system: this should however be used with care to avoid host contamination problems (note: Isar already relies on a number of host tools). Signed-off-by: Cedric Hombourger Tested-by: Felix Moessbauer --- RECIPE-API-CHANGELOG.md | 6 ++++ doc/user_manual.md | 1 + meta/classes/rootfs.bbclass | 66 +++++++++++++++++++++++++++++++++++++ 3 files changed, 73 insertions(+) diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index a4cf1338..725737b2 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -722,3 +722,9 @@ Optional fields of the isar-apt repo can be controlled by adding to the Changes in next --------------- + +### Require bubblewrap to run non-privileged commands with bind-mounts + +Isar occasionally needs to run commands within root file-systems that it +builds and with several bind-mounts (e.g. /isar-apt). bubblewrap may be +used in Isar classes instead of `sudo chroot`. diff --git a/doc/user_manual.md b/doc/user_manual.md index 0dc317c3..3cf1a9aa 100644 --- a/doc/user_manual.md +++ b/doc/user_manual.md @@ -75,6 +75,7 @@ Install the following packages: ``` apt install \ binfmt-support \ + bubblewrap \ bzip2 \ mmdebstrap \ arch-test \ diff --git a/meta/classes/rootfs.bbclass b/meta/classes/rootfs.bbclass index 5f877962..5b96b414 100644 --- a/meta/classes/rootfs.bbclass +++ b/meta/classes/rootfs.bbclass @@ -34,6 +34,72 @@ export LANG = "C" export LANGUAGE = "C" export LC_ALL = "C" +# Execute a command against a rootfs and with isar-apt bind-mounted. +# Additional mounts may be specified using --bind and a +# custom directory for the command to be executed with --chdir . The +# command is assumed to follow the special "--" argument. This would replace +# "sudo chroot" calls especially when a native command may be used instead of +# chroot'ed command and without elevated privileges (the command will likely +# take the rootfs as argument; e.g. apt-get -o Dir=${ROOTFSDIR}). If the +# optional rootfs argument is omitted, the host rootfs will be used (e.g. to +# run native commands): this should be used with care. +# +# Usage: rootfs_cmd [options] [rootfs] -- command +# +rootfs_cmd() { + set -- "$@" + bwrap_args="--bind ${REPO_ISAR_DIR}/${DISTRO} /isar-apt" + rootfs="" + + while [ "${#}" -gt "0" ] && [ "${1}" != "--" ]; do + case "${1}" in + --bind) + if [ "${#}" -lt "3" ]; then + bbfatal "--bind requires two arguments" + fi + bwrap_args="${bwrap_args} --bind ${2} ${3}" + shift 3 + ;; + --chdir) + if [ "${#}" -lt "2" ]; then + bbfatal "${1} requires an argument" + fi + bwrap_args="${bwrap_args} ${1} ${2}" + shift 2 + ;; + -*) + bbfatal "${1} is not a supported option!" + ;; + *) + if [ -z "${rootfs}" ]; then + rootfs="${1}" + shift + else + bbfatal "unexpected argument '${1}'" + fi + ;; + esac + done + + if [ -n "${rootfs}" ]; then + bwrap_args="${bwrap_args} --bind ${rootfs} ${rootfs}" + fi + + if [ "${#}" -le "1" ] || [ "${1}" != "--" ]; then + bbfatal "no command specified (missing --)" + fi + shift # remove "--", command and its arguments follows + + for ro_d in bin etc lib lib64 sys usr var; do + [ -d ${rootfs}/${ro_d} ] || continue + bwrap_args="${bwrap_args} --ro-bind ${rootfs}/${ro_d} /${ro_d}" + done + + bwrap --unshare-user --unshare-pid ${bwrap_args} \ + --dev-bind /dev /dev --proc /proc --tmpfs /tmp \ + -- "${@}" +} + rootfs_do_mounts[weight] = "3" rootfs_do_mounts() { sudo -s <<'EOSUDO' From patchwork Mon May 19 11:57:48 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "cedric.hombourger@siemens.com" X-Patchwork-Id: 4212 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Mon, 19 May 2025 13:58:24 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-ed1-f63.google.com (mail-ed1-f63.google.com [209.85.208.63]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 54JBwNZV018147 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2025 13:58:23 +0200 Received: by mail-ed1-f63.google.com with SMTP id 4fb4d7f45d1cf-601fb2b7859sf613725a12.3 for ; Mon, 19 May 2025 04:58:23 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1747655897; cv=pass; d=google.com; s=arc-20240605; b=CotrhaG1iX8ZsR16j14L7foFYC3zEH2NvT40nhvY5MeeR3OP01z5MnZvLbzuEJVDNA f1ac0QLfYA0PnqabT9xqTL8ToMUMKURrqk6AieR0u4NxWLWQOCMUA0WSouIsRtggjJHc O6iAHfIp2qupfFABKd/vCzpaR7ruQ7THxQKPu4o+Eb2tgk6huwMPMskD1Av/Q6/Ve8jb USa4oQqhBRcsEVh4w+ZvQEhAejjZvRmALp3mRlDJJRVXA+tOS/CMASFeSU2oUTwGEsxb qP/YF51sdlItrCofh+yCf0meA+c1j/8lkNMXOl/M7jvjN7AIqRITnieV8rGfYL1KinUY wumg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Yf8PsUeaBFA/I140D4g4QDIFxECafAciEj0ApQQFsEU=; fh=KL8XXpOp4J0Fyhc3F4xao1i7lA8raw+xdTB3D3mXhfo=; b=iNWYsdDBwMG0Er0lWIlsXw3Sj/YVQaA8KTiz5fDo5mH+JzpleX3QIQPV3JEGfncjcg UZi5HGU7w6X3uZrfju/5mXYv3ZhnrU3JH8rOc8pn9XSwN//METhvMvx40x6AEYolgoXH X209pKwIb5Qq/WDFZutJ4E+L48XAbECgpVLCjSbP9Z/LHwYvRbHJ8BDjOt9/dxivC+1z JJ+32/4ljmAtQWfUVK3i457PT+vQSTdY6IBrOTbuHWQvNT71VgrvHM/aKqSi+63m3YAZ IXIlEBsmwiayVS66fBLxtm7ZcLUY3QgK73Y7TIsDUcfAafFPRr0qvOt5TcWffL7eTXJz Gr6w==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=PhCQ4kVY; spf=pass (google.com: domain of fm-1212295-2025051911581484ad99ed22a832611e-cfne2l@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025051911581484ad99ed22a832611e-CFNe2l@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1747655897; x=1748260697; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=Yf8PsUeaBFA/I140D4g4QDIFxECafAciEj0ApQQFsEU=; b=Mm7xbJKNp3FwZyINMk9Xh01wy4o/6S2HGU0/Rlz48/nYy+w0ZG6nt5nHRUS6dVWgh0 JDoNrdrAyVvHMLKzH1vK/QIxGZm5W/yxLRGNE/q5b7HhM6KDrKwHGwBxySy3NDQlfJAM fDmhTc8H2fF0ASIuQgRZpXOJj1YTj+UuFhyJhKY0a82K2a+Iaf4/yiFXj7N2UpXC0JUB xgYKl6YxtNT8aPTbsuvssjMFbyZVvW4WbSq8yqu6R6X6Y0L7btZNJ6lmmOj9DgTxJAKj NRwh9Z6djVc8/eU1COfgCFI/UDVDHt6zEjb7aWTDt9G/cAWkSxG7uSZXSFsimlilMmIr Srkw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747655897; x=1748260697; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=Yf8PsUeaBFA/I140D4g4QDIFxECafAciEj0ApQQFsEU=; b=w0HmjSGqG10cEuMeh3dYWoKrpXINMQ1ANyYf4dcHBGXyqv5ucby+nOdaiLhI1wqqsf bwh/ZorDZisSyyj43RVvsuLbyuGxseZwGIw4gGp5MN5JWjVzA2rsULuFRKEDtGtfQRiE GSfeBp3CNzkR1Vfj49pVk3p7kcWKZGAAv/crJ1Rl7xC369Uk45jM1/rak/LwWJnmwxAd 8NWW79qnhv5IKF/paJSztZehAVC2u6t0PWc64mFhYLPeNH2uKY2bx8emvz4Zzta/YXa0 sc52R2Ru9kW2ho509JHVCJNdTV07NOOUw/K3rBTsIlNoQJukW8XPm0vURDA/XEYJ7XHi Neow== X-Forwarded-Encrypted: i=2; AJvYcCUowdkF/QYF/LDLkN10sHMm7sQh79Z+b5oci1U4kfsbIoXmEMKE/Qon1QJux49mpyl2jEaIRoU=@isar-build.org X-Gm-Message-State: AOJu0Yy8hwVvAYqCKwrSdBfRu1bmjKxBqu2vw2Q7nWj1Meg1KFV1EUh9 SV2Ss+6dNuH7sR0jKLx8/j0Ea30YLnBYtUlyfxl0VqYQm2U/LZ9DhlGk X-Google-Smtp-Source: AGHT+IEfMOp091TQ6yCdGbgR1mSnngfichFVHQdbIDNfwLxJBc6J2/kfD/5VDFxNshqmWzpUNYwMwA== X-Received: by 2002:a05:6402:40cc:b0:5f4:d57e:4ab6 with SMTP id 4fb4d7f45d1cf-6011411a954mr8882528a12.24.1747655897309; Mon, 19 May 2025 04:58:17 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=AVT/gBG7kf+mbAz6uJkaImUitv+F7BmfclKZUEF2osPWrLOo2g== Received: by 2002:a05:6402:1ecd:b0:601:a35e:6dd5 with SMTP id 4fb4d7f45d1cf-601a35e7064ls120714a12.0.-pod-prod-05-eu; Mon, 19 May 2025 04:58:14 -0700 (PDT) X-Received: by 2002:a17:906:c14d:b0:ad2:3efc:dd7a with SMTP id a640c23a62f3a-ad536b57a13mr1147253766b.4.1747655894439; Mon, 19 May 2025 04:58:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747655894; cv=none; d=google.com; s=arc-20240605; b=N92k5rzRLHgTt0k1IciBuKgQsWmo+ROD2s94Zc/Sk21NF+iqxVVtmhb7V1hzPECQmk T9/EkD9r5sq6DXhgYLKxqNo4kecpUUqx8mh6rS+lHdrTHueaZciyLZfPK+EL/BclPJA+ nvtOg9mn6BYeW1y2LLoDBXpame/zT8hXuS1wBAWcAefABjFBHQcFKtUivPij7EbBL/LM AIA7iCfQsbftAwv7cUoTJAFl1WdCnq/iTHf+AvDQNTHbNYkKbpPQlgoesPAmQXLcD5uH fRFZhZg4sVNRSKo8X9hnyVA+c44BTcQ4I2z5LEY+R2fTlE4YpJZ8ZQce3Xad9MkRkS3a toeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=yTHyZtp/Gm/LWcW3yXuXiRnaKYLCtILET9xhsLbpom4=; fh=D/q4xMKxZDyLo2GtmwQ/2prSr9aCFD3HVqTCj43epLY=; b=QdtCP1JwFUvitOjgzyLncqWMmjq33OqgANWWacAe9uodZy2k0ikxbdfp5crPmF2JLm gk2lnCqN4aX/y9QJlDZdIv+3CWSAD6jw8texSJo+e5wsCtyDZNBfL0TGyCMY4OscbYbU DzFqgxoFb8zYI93+udLmvv/eHk7TEigkbXzIzcNLAx9F0PN+sHPd6Yf/XFdYY9a0w9pO +3Q42CBu06RPyicsxhkCO1Z/BLuntnam75kMA2iSUEpb9OT2tHBbc5KGam66hf8Yn1jU BniwVYyCyyPCWbg0WhZSowHlMJUUd1nvoVUhpcn1tNkX7WP0LKr/rVqwQSgtGWCDW3jP JFQQ==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=PhCQ4kVY; spf=pass (google.com: domain of fm-1212295-2025051911581484ad99ed22a832611e-cfne2l@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025051911581484ad99ed22a832611e-CFNe2l@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net. [185.136.64.228]) by gmr-mx.google.com with ESMTPS id 4fb4d7f45d1cf-6005ae4a03esi108842a12.3.2025.05.19.04.58.14 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 May 2025 04:58:14 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1212295-2025051911581484ad99ed22a832611e-cfne2l@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) client-ip=185.136.64.228; Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 2025051911581484ad99ed22a832611e for ; Mon, 19 May 2025 13:58:14 +0200 X-Patchwork-Original-From: "'Cedric Hombourger' via isar-users" From: "cedric.hombourger@siemens.com" To: isar-users@googlegroups.com Cc: felix.moessbauer@siemens.com, Cedric Hombourger Subject: [PATCH 2/4] deb-dl-dir: optimize caching of source packages using apt natively Date: Mon, 19 May 2025 13:57:48 +0200 Message-Id: <20250519115750.3195300-3-cedric.hombourger@siemens.com> In-Reply-To: <20250519115750.3195300-1-cedric.hombourger@siemens.com> References: <20250515150727.1764989-2-cedric.hombourger@siemens.com> <20250519115750.3195300-1-cedric.hombourger@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1212295:519-21489:flowmailer X-Original-Sender: cedric.hombourger@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=PhCQ4kVY; spf=pass (google.com: domain of fm-1212295-2025051911581484ad99ed22a832611e-cfne2l@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025051911581484ad99ed22a832611e-CFNe2l@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Cedric Hombourger Reply-To: Cedric Hombourger Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= source package are downloaded by entering the target rootfs and run apt there. For foreign architectures, this results in apt being executed under QEMU and leads to poor performance. By using the recently introduced rootfs_native_cmd command wrapper, apt will be executed natively against the target rootfs and without elevated privileges. For our test work-load, caching was reduced from more than 10 hours to an hour. Performance is also more consistent as it will no longer depend as to when bitbake kicks caching of source packages for foreign architecture rootfs vs rootfs for the host (in multiconfig builds). Signed-off-by: Cedric Hombourger --- meta/classes/deb-dl-dir.bbclass | 37 ++++++++------------------------- 1 file changed, 9 insertions(+), 28 deletions(-) diff --git a/meta/classes/deb-dl-dir.bbclass b/meta/classes/deb-dl-dir.bbclass index 3f560da4..7026f4f4 100644 --- a/meta/classes/deb-dl-dir.bbclass +++ b/meta/classes/deb-dl-dir.bbclass @@ -5,25 +5,6 @@ inherit repository -debsrc_do_mounts() { - sudo -s <"${DEBSRCDIR}/${rootfs_distro}.lock" - - debsrc_undo_mounts "${rootfs}" } dbg_pkgs_download() { From patchwork Mon May 19 11:57:49 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "cedric.hombourger@siemens.com" X-Patchwork-Id: 4215 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Mon, 19 May 2025 13:58:25 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-ed1-f62.google.com (mail-ed1-f62.google.com [209.85.208.62]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 54JBwOBM018169 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2025 13:58:24 +0200 Received: by mail-ed1-f62.google.com with SMTP id 4fb4d7f45d1cf-60179d8e964sf2658705a12.2 for ; Mon, 19 May 2025 04:58:24 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1747655898; cv=pass; d=google.com; s=arc-20240605; b=GZzuGLUaF/hPqAWs8wtTbd9ugx/h6sSJ+s+7Wz4OrH0sBeizzmGlEw1z70Uol3bd5Q puQ0CHJpbzowulFTRK3Bdg20zmc5i7BojjLXOye2vZ3BAKF6gbIW2hTa+YA9osFpROOV fuwcU1yOXyQ5zUNnLyLoc5E1XPMUTgkN8noe1y2K3Qy6h45lWjS3NUDy62jz8hqWjetk yhEcK3jsayvY7P9x1KjUXoP0DpX9p8h4zcpQwuxtbxjV7Zxu42TFe0Bn32SN/7yVYDHo HnGmX44xhVJZ33FEwPEKllkw9bi8dCltVxZ1qjnlhqaXMtSz8Ry16HWYxZDd2bwFbN80 vEgA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=56z04knEaYklCtrwAWoSiyxcmXEAeVwqq8s3nqkuzW0=; fh=q+5MjwgNuINQTF3WFcgCYlk0oe5FPrwNF0aGLdBpIWY=; b=jq1Vifb7d0rD2+2hVrdbd6+KrLrun1sd0mfb1xxL9DbaNaJcqh0egFuLJvdPMCy8vO P/v8oEdn3wOEV4CfWDuSDZEV8xrC8nvthNuR4HYsht9ft6gktMwdIPu6FDIW4gaA2Fgi SMWQTFhxQA3SGJcNkBsQZ5AFjsvqMgbUqDOaIK2DQ5wt5qSgsN2gk4pig8AUbxC+g8Vh cZjFTKjxi7VQIcyUC4n6WYC8SyxI745cVKv4h0HUuGOXYvRom0nOaWQ9DIE+H+Jrzt2B PKb/lVxMIs5C3u0sJenJ1CFthw7KC+jAsTRO3Vb49hb06rrK/8LK8da3VAWn1jN0jgMD NmJQ==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=VO0yqnxN; spf=pass (google.com: domain of fm-1212295-20250519115814c245885f99e000305a-ezu_1i@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-20250519115814c245885f99e000305a-ezU_1i@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1747655898; x=1748260698; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=56z04knEaYklCtrwAWoSiyxcmXEAeVwqq8s3nqkuzW0=; b=cZoEB5C+v/QnP+G4A2lMKl6b57L65LnVhptFz6btTWeopyYSAxc8CMnGnymlPyOp3n 0ACeTZGEM6Qgayy7oXdXMrQvPOBVq/c5xAJk3QKSrvda5Jm/n/kQDYajz/Z8HKblYNtE mou6UUN5HU7AsYWKFxXqp3s7DEOiINsOsauT+/M3DPgCteuhIeGcQ78H7Hr7qU8nm3pz BmugPR+yVPN7+fDC1bF2jXb0N8bJKRh2qmsXg/U8N/KPOAj8IX7SmrVUyKmlQWQ7ts3r U9wVT4uuW8JbnJuuEY3Qf3MxRqSA4wMTTPji3xONZ1m3O2cnhC4DSibad/h9QSokZQeM uNWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747655898; x=1748260698; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=56z04knEaYklCtrwAWoSiyxcmXEAeVwqq8s3nqkuzW0=; b=HEI4Fg0ifqC/pvOac8GMMi6aKFafoPZwSLH4Y37E3vRhZL6iBr18J9JPMGSYUyV9mH hjJ4llLtVVUk+JH5itLWXQ2vKD45zDBqrOx7VDq8q22HCATsbRutXf8t6Vu0xvW3z2tc qpCIY6FAy9O49lZTPGC9Dm2jd7H71wLinlsLJWJsVo4KNZGgS5/EUWBjO/ZvKDu1Nl7s XRqG3AH1jjy8p4nz2/H+laMfq++lx8Y6cjU8UVXD9hwfI59v9Bu2EvSGJbO0IGmm8KdO swuPbyUcTNE4oVTmIEjIiIPTYMML+UIqrS1rHmoC909lgtFVPnX2rD3nkZcYinef9lmy W9Pg== X-Forwarded-Encrypted: i=2; AJvYcCVDJ9Pve9syxaR6TBWkedbp4ix2pD8KpB1aAeVzuocomGpGdZw1xtCGHnMSFzkYvNJHbI4IASQ=@isar-build.org X-Gm-Message-State: AOJu0YyqvNao6zGClttwWO82LFvv5p6rIGxvEQzLi/tMGtES/9M2qWou Q77EfUB4VKYBgUubmUORgfg9ldJjlLP+pxY+EDwTq2RImLUBIhiEVsba X-Google-Smtp-Source: AGHT+IF8SUFDY2eifwgZVWo74NK+gC73xgchqW26g4z3Ie8s/LEwuizo1fhLhv0O+BP4sLIGv45tLQ== X-Received: by 2002:a05:6402:5cd:b0:5f6:4a5b:9305 with SMTP id 4fb4d7f45d1cf-60119cd4192mr10287968a12.33.1747655897769; Mon, 19 May 2025 04:58:17 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=AVT/gBF9M0vgiWpbywM8qm27QkP4zr7hUZhWLr+Pc+nB2fxcSA== Received: by 2002:a05:6402:2341:b0:5f4:8519:a63d with SMTP id 4fb4d7f45d1cf-5ffc94698fals447015a12.2.-pod-prod-06-eu; Mon, 19 May 2025 04:58:15 -0700 (PDT) X-Received: by 2002:a05:6402:3508:b0:5fb:868b:5a59 with SMTP id 4fb4d7f45d1cf-60119cd0c1bmr10899430a12.32.1747655894936; Mon, 19 May 2025 04:58:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747655894; cv=none; d=google.com; s=arc-20240605; b=L4em2nJ34qprIUHX14bo8EhPbFplA2wW80UNT8R4+uGgp0fQFQYq9h1egOv3SqxeKq yHVH4sVKqMYS4h19APjXTICpmVYLNxQhjbcpSVB89g61AlIYusMb2YpD2ki6bco5IgxU JfII7heIG62dJqg+dYWwHRq/YYyfEhLpWZnkJ3D0uWdNefm0vA/t4UMI23gjGnfsRNhJ LonAM/o+Fe2qqDTMk8aQQC9IA/9yEVTckYXMGvzr0d9nZiMNHL0dZ3CbnCpVVi47i3Oz Hg45/wJQ8G1d9nHjjF51/+LLQQEFL9L4voXmbkSdswjG0xtd7kvyjOzGg5Kz0c4YLHfn yygQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=4hNIqM2vyvntWek21pO5SDHeWjBNW2wkEN4si36cJLw=; fh=D/q4xMKxZDyLo2GtmwQ/2prSr9aCFD3HVqTCj43epLY=; b=h5XafRIL0qhBxbT67uj4J6vqhD1+ak+TiEq2TpMig6GAUOWC1rSNZRSyEDrixIWMza LWfUmWf0AU6me2lYcnIIRSc69fqb2opdsY531lNl6afS2mvyJ1FvyXaFRFsdUEiCahFS jHaWAKh+2TtcbfaGiNTCoSUgOZHLfnS64Zz17Zf3N81EGGSg3M+PvRwM+k2rCs1uyBDu oiTrwFyI6JA9gs3N8UtcIo3O6xRxA+x/renMfDCVvZzwsgQKYVEze/UMKXzK0dFfontc f2l4yDOgW0UgyAEthbffQcjrlcRv3hUhMT+1o3CsGP6hy1VKRPsqqE016ccmAZ3XhTEr 1wqg==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=VO0yqnxN; spf=pass (google.com: domain of fm-1212295-20250519115814c245885f99e000305a-ezu_1i@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-20250519115814c245885f99e000305a-ezU_1i@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net. [185.136.64.228]) by gmr-mx.google.com with ESMTPS id 4fb4d7f45d1cf-6005ae4a03esi108842a12.3.2025.05.19.04.58.14 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 May 2025 04:58:14 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1212295-20250519115814c245885f99e000305a-ezu_1i@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) client-ip=185.136.64.228; Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 20250519115814c245885f99e000305a for ; Mon, 19 May 2025 13:58:14 +0200 X-Patchwork-Original-From: "'Cedric Hombourger' via isar-users" From: "cedric.hombourger@siemens.com" To: isar-users@googlegroups.com Cc: felix.moessbauer@siemens.com, Cedric Hombourger Subject: [PATCH 3/4] image-postproc-extension: refactor systemd version checks Date: Mon, 19 May 2025 13:57:49 +0200 Message-Id: <20250519115750.3195300-4-cedric.hombourger@siemens.com> In-Reply-To: <20250519115750.3195300-1-cedric.hombourger@siemens.com> References: <20250515150727.1764989-2-cedric.hombourger@siemens.com> <20250519115750.3195300-1-cedric.hombourger@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1212295:519-21489:flowmailer X-Original-Sender: cedric.hombourger@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=VO0yqnxN; spf=pass (google.com: domain of fm-1212295-20250519115814c245885f99e000305a-ezu_1i@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-20250519115814c245885f99e000305a-ezU_1i@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Cedric Hombourger Reply-To: Cedric Hombourger Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Signed-off-by: Cedric Hombourger --- meta/classes/image-postproc-extension.bbclass | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass index 991bac4c..0af588d8 100644 --- a/meta/classes/image-postproc-extension.bbclass +++ b/meta/classes/image-postproc-extension.bbclass @@ -53,12 +53,17 @@ image_postprocess_mark() { --build-id "${BUILD_ID}" --variant "${DESCRIPTION}" --version "${PV}" } +# Use dpkg to find out which version of systemd is installed into the image or reports "0" +image_systemd_version() { + sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" +} + ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id" image_postprocess_machine_id() { # systemd(1) takes care of recreating the machine-id on first boot # for systemd < v247, set to empty string, else set to uninitialized # (required if initramfs with ro root is used) - SYSTEMD_VERSION=$( sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" ) + SYSTEMD_VERSION=$( image_systemd_version ) MACHINE_ID="uninitialized" if dpkg --compare-versions "$SYSTEMD_VERSION" "lt" "247"; then MACHINE_ID="" @@ -82,10 +87,7 @@ image_postprocess_sshd_key_regen() { ROOTFS_POSTPROCESS_COMMAND =+ "image_posprocess_disable_systemd_firstboot" image_posprocess_disable_systemd_firstboot() { - SYSTEMD_VERSION=$(sudo chroot '${ROOTFSDIR}' dpkg-query \ - --showformat='${source:Upstream-Version}' \ - --show systemd || echo "0" ) - + SYSTEMD_VERSION=$( image_systemd_version ) if dpkg --compare-versions "$SYSTEMD_VERSION" "ge" "251"; then sudo chroot '${ROOTFSDIR}' systemctl mask systemd-firstboot if ! cmd_output=$(sudo chroot '${ROOTFSDIR}' systemd-firstboot \ From patchwork Mon May 19 11:57:50 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "cedric.hombourger@siemens.com" X-Patchwork-Id: 4214 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Mon, 19 May 2025 13:58:25 +0200 X-Sieve: CMU Sieve 2.4 Received: from mail-ed1-f62.google.com (mail-ed1-f62.google.com [209.85.208.62]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 54JBwOQl018173 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 19 May 2025 13:58:24 +0200 Received: by mail-ed1-f62.google.com with SMTP id 4fb4d7f45d1cf-601f87bb9c8sf441128a12.2 for ; Mon, 19 May 2025 04:58:24 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1747655899; cv=pass; d=google.com; s=arc-20240605; b=EqPLrSqwQvH2mKm3tnnV/mlQJGBttRMHyYU8hCJq6E16T4Mkao3Izw4NdW/CoARkTc DYKEL1ectQo53Dtmo8Xy5UJ7Sga/wZsFvnpPLEcskGvqSodv8ty+Yi1RGc7hTNIB9lvb 3c3cf1YjxjF49q/ol82vzK5YHUcMCiHPUUAwSwbBtD2/PclLUxvKXjsvtYkIRFqDr/qo e5wIBkjClRJScH+2s1od+X7uRm7Q/2KwBfkCfQVja6uERYxkC8WFOhnB7SS19DetP9kv MWJfvTV5wCMTg0v0O91wr4D6nGCnhY70h0bK3o02SzggNnjBIaWzhwZo+kE8Lx3W6aVy gd+g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:feedback-id:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=isFZ3HXy7wRwYJqgWMEilIF9h3hdeWbTSa3UGR7Hs1k=; fh=fRsVG7SBcRit8CVIhLk/TmluFbmaf/XTszY61Nzx6lc=; b=KWDkZ6kny4UpXNVbQAtGchjPGznu3vNGxsM+PJPSZyJDDjp0tObFEQXLFJWbc8ede3 Nvdy9JYqc9zTU/PeoDtPcLMt+U5L9BwuPeb/EHzpk8CzTSK+Zaq0/i7q6MCBq4uqDhK4 tJUtFftMRpvb7SEIuki5W4O1dv+IeW/biKkkiDYNSnPMMoK5zn4RcTYqmhhGTvQ9og/C 3yIgWg97lfEq4/FySgMake9dNx8R7K0SY10Fu3tI1AgDppYsr3jUqI4f+uMc49LjBLDN rlqGgUvYnf57eXqSPOIeKiJ2thNTwmZOFLleD5nw13khrNvQ4VhL7W53PXxsnwJXhm9z JYcg==; darn=isar-build.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=btmr5hGB; spf=pass (google.com: domain of fm-1212295-2025051911581567f7c93fe55db9f24e-5_ocvg@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025051911581567f7c93fe55db9f24e-5_OcvG@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1747655899; x=1748260699; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:from:to:cc:subject:date:message-id:reply-to; bh=isFZ3HXy7wRwYJqgWMEilIF9h3hdeWbTSa3UGR7Hs1k=; b=dqOJ69+N5Kpa/C5U/MUY23RJkW5xQmrMS1OGIAycwPkN8Z0jsZVHdqNH/RIc93JEBe VEDfy/HVnb1GSz+MsKko7ZSq7oSxnRTZFFDPjcJ7K4+BWdBWRm3j/2TULCNRgH3nnQqt HpfXIEs2sJ0Y36PRBdDcCgjytU62+GKMTkbNDXX+/ekJ6l3DDkm8FKUo768E5NMGNl5D In33L/v1D8m41vBMXcqcJi/St4ZKzYfV1NgM1LcEjZ9X8EXpcOL0v2ZQV28PIWWsBWf8 mq6RYMRoYEorG9xo/y2PXoo1teT/mdw5InguqgsqM//E6x6XolGJMkrtVgnDz4HnAvUk xEyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747655899; x=1748260699; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:feedback-id :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=isFZ3HXy7wRwYJqgWMEilIF9h3hdeWbTSa3UGR7Hs1k=; b=qfZC9pL7WhPgWnB/MQgAJ/0R5mGDfvHc43u6NWO+lRq3jzB2wk2Viz+fzCt9KkXhxG 2xdS47NNulxJ3FyCzsky6bD1/gwrpYrr8X4SJtK2wYa4b9OUvdRpbAru3AYKtWi8dq+e kWoPolP+UoTd2O3RH2XNjshPx7xml+3QZm9naxA9k7PfxDU9B6Iw1clkUOJlYnHZ5Xbd tN8o/hJ7L4os4/S/SS3fLZSbU2C8T+Cxdmj1wn2q+jhQhjv/XbH3OER5goWzXHHDGv6i MGnKprTJfiOFEBvh5/QGTRUMNvWo9v8rn6h83nQj3wjV8ujLX577D5mLK3HVKObsX/Uv Ggkg== X-Forwarded-Encrypted: i=2; AJvYcCW7Kzjb3/qGyBky5KrhWrJoXQlvPpsWVsgAfwBL0qsb8dg6zm9cZCN1cbGyp8f/O3CieR793Ug=@isar-build.org X-Gm-Message-State: AOJu0YxXx5Pi+Kzs52Gg7PiuhafDDpmgLQZgeq27t4dHKbp6egHNbaMK uZmtV/dMowd9Lf0VTLolS9iB4L1erpqlbkvH4J1xKz5H+gK66TWaIqML X-Google-Smtp-Source: AGHT+IHe4i8Lp70V1Tsl+grKxAQ4hHmZmj4bc375hnDPHoZ4hp/uMUnvE/AxFif2OBPOv+/pwcs69g== X-Received: by 2002:a05:6402:3253:b0:5fd:d62b:6dc5 with SMTP id 4fb4d7f45d1cf-60090114c74mr7851606a12.29.1747655898086; Mon, 19 May 2025 04:58:18 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com; h=AVT/gBF69uWGBq3lOYoOiMf6Qw5iAcxvW2d/mVtrfGHL91xQsA== Received: by 2002:a05:6402:234b:b0:601:956f:a0d0 with SMTP id 4fb4d7f45d1cf-601956fa570ls40627a12.0.-pod-prod-09-eu; Mon, 19 May 2025 04:58:15 -0700 (PDT) X-Received: by 2002:a05:6402:50c9:b0:601:a681:4d5c with SMTP id 4fb4d7f45d1cf-601a6814f05mr5935112a12.32.1747655895267; Mon, 19 May 2025 04:58:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747655895; cv=none; d=google.com; s=arc-20240605; b=Vs8+9KYyp4bns9RkWd6K9SrfSjWpOdoJM/xNlPadBwhflqnKSvPmX5RD+lHJtv9sR2 Jto6a3aMQYjEax1L60iiAvoxTaU+9LbQ6X9b4gijVJQGGuVVybd3HMsctmO9i38CI7qg MqowhbG+Wa+j7Z0YJAYTv0oPyukfSDQLdmqqyWBoJoltpt9HatIxl/stMbebBNaUm95o kP6l+4iU/gxtdFmJbQqaA0t4XvITqZ0l5LNoTA5/iiSvXQtHSnsl2n9fFZ/DH7flTUWq uA1JZKBCrOce/JPwfIbNqDPqPwgvG+edKCEas7/aTnlSKIXOQ4DH5oKPeb8f5K5zVcSV 32ag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=feedback-id:content-transfer-encoding:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=KApA2UjJbAH/6BeAl0NyQErfyQf06/muodYX3dDztAw=; fh=D/q4xMKxZDyLo2GtmwQ/2prSr9aCFD3HVqTCj43epLY=; b=XJyx8jGiSzF1coif9WFVzgXzSVQq/y6aaKSQWiTTYVRbyqDfHPtNKh17cXU6qrFrSS jaDZFDtLFHKa83YygvLQouR8SKVlb2EiDLWiDNZWjoRNPDNR8v4UmnTzcXFZQgdwgVeW M41W9Ku9aU5MSe0gXOV4vrdBGksoZTV3UL9xc7/f/Np8AJti/bvtejWKn9JsD2muCg/F bdL4cqVSDxrw3p+0Sl+XPOr9Pht1EfAgg6jGTZHEZAH1Zz8bMpLaEDkPA1wTLsYPZ41s k9LPyGfeGXBQZCr5AY5hoTbqfa6M9GrAk4rPsts+rsRPcIYpK8AuNEOiK0K4zst0dOUv 0rxg==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=btmr5hGB; spf=pass (google.com: domain of fm-1212295-2025051911581567f7c93fe55db9f24e-5_ocvg@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025051911581567f7c93fe55db9f24e-5_OcvG@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net. [185.136.64.228]) by gmr-mx.google.com with ESMTPS id 4fb4d7f45d1cf-6005ae4a03esi108842a12.3.2025.05.19.04.58.15 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 May 2025 04:58:15 -0700 (PDT) Received-SPF: pass (google.com: domain of fm-1212295-2025051911581567f7c93fe55db9f24e-5_ocvg@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) client-ip=185.136.64.228; Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 2025051911581567f7c93fe55db9f24e for ; Mon, 19 May 2025 13:58:15 +0200 X-Patchwork-Original-From: "'Cedric Hombourger' via isar-users" From: "cedric.hombourger@siemens.com" To: isar-users@googlegroups.com Cc: felix.moessbauer@siemens.com, Cedric Hombourger Subject: [PATCH 4/4] image-postproc-extension: extract systemd's version using rootfs_cmd Date: Mon, 19 May 2025 13:57:50 +0200 Message-Id: <20250519115750.3195300-5-cedric.hombourger@siemens.com> In-Reply-To: <20250519115750.3195300-1-cedric.hombourger@siemens.com> References: <20250515150727.1764989-2-cedric.hombourger@siemens.com> <20250519115750.3195300-1-cedric.hombourger@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-1212295:519-21489:flowmailer X-Original-Sender: cedric.hombourger@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=fm1 header.b=btmr5hGB; spf=pass (google.com: domain of fm-1212295-2025051911581567f7c93fe55db9f24e-5_ocvg@rts-flowmailer.siemens.com designates 185.136.64.228 as permitted sender) smtp.mailfrom=fm-1212295-2025051911581567f7c93fe55db9f24e-5_OcvG@rts-flowmailer.siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Cedric Hombourger Reply-To: Cedric Hombourger Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Elevated privileges are not required to query the rootfs for the version of systemd: replace "sudo chroot" with "rootfs_cmd" Signed-off-by: Cedric Hombourger --- meta/classes/image-postproc-extension.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes/image-postproc-extension.bbclass b/meta/classes/image-postproc-extension.bbclass index 0af588d8..21dcfccc 100644 --- a/meta/classes/image-postproc-extension.bbclass +++ b/meta/classes/image-postproc-extension.bbclass @@ -55,7 +55,7 @@ image_postprocess_mark() { # Use dpkg to find out which version of systemd is installed into the image or reports "0" image_systemd_version() { - sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" + rootfs_cmd ${IMAGE_ROOTFS} -- dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" } ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_machine_id"