From patchwork Fri Feb 20 17:15:43 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4884 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:23 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f55.google.com (mail-oa1-f55.google.com [209.85.160.55]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGMDI005927 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:22 +0100 Received: by mail-oa1-f55.google.com with SMTP id 586e51a60fabf-409037c3f0bsf11703867fac.1 for ; Fri, 20 Feb 2026 09:16:22 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607775; cv=pass; d=google.com; s=arc-20240605; b=eet+CSOfLYLCz2tHQd959q1n/avGPqtSahtHSsvfMIr9eP5XxjMF3t4j9lnLe2czMn VU2q7xGpu3Mal80faK87+qfVEgb0Rjgr695YMdPAFh+NBm6X+Wzl5k9cl+dI3yGHOTGY 20TdC0hHP94OgxI84JZ9dcqnQVL7Of1y6U6UYfGdu5QD2ZI+21OpCCduX8nUe3upUD4Z AFGQMSdP6icQ9UEKgdeXqtpcSDIUEKXDpDxpv3RxF4WuYSOJMAw6DAYnONoTMNDSekDT g1ITVeaqviAHavPTqirDtbWKQJ0sVcpPDtaw1XHRlFatVgAzIkyut9R1dMva2fBj2ZFU tskQ== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=ivTjKXEhCqjlRGbbiOp9LBUqJ6dh6V4cegYeGRmwd7k=; fh=O+iez5lakq0ssGIUzSaUBXztPJ2ezNnpuGGBsyDDQLA=; b=VsA8+Y83m4cUB3aZvrCe091AnvuXs3cv0JS8hWd4pHv58jMxYbhSdfppSQGxlyqep6 dXU63YC6YHUByBB470V0eIN0Y5umMu7xvt2FTS7XHEK+ElGmwtNX2efWBhyjr5kwrBNQ BEA0K69prMhd/6aeDOQyuxxZqlgDMi48Pyh6abSqj17zXhO3DJkHKoFxeYyXdg/XOLRY xplNhiiA2Uoh1XPLN5wXuwtBI76Y//QodsoQXXTGb9MWzyJFrDAJq1RhWKhEV71t90TV LaEFlraqiSVH1TSanqjy6fyNkdPBR1YGWhZsW9l5mqsyHAOaYEE2xJ6f9b48ZJ7+ldQe R33w==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=u1IQTFrG; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607775; x=1772212575; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=ivTjKXEhCqjlRGbbiOp9LBUqJ6dh6V4cegYeGRmwd7k=; b=ZMR55Gs2UD0p2N5MUzrTu4dMr+ZSncONNqAr/VMllKGun9puHJmuSAAyqb86bneITy tStuJzaPlzOdceoIE7DqLXm7f5FpwAlWQRitWsj6y2Ggg/Xy6MSqeYxrt2Co7RKKUYoZ YBl2Unjrf5Ira8sDEkHhsWCgoLKq2Eqb+w4bzI8kfiFJi9L9WyR9UACQejiwEGpTESjA lCUIEdw9r5ucJbettUBR7lt8uYubdvhTF49RmFy+8MxRKf3n/7Bdr/zVY/agtPRLBNcg lW1T8Uh0RV5xnvSWRu2+Pn2YHCvT3ZFPePv1ITFbuQmMNF2zD4jDndx87+LwOwJaZdEC rrSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607775; x=1772212575; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ivTjKXEhCqjlRGbbiOp9LBUqJ6dh6V4cegYeGRmwd7k=; b=PrPceOWWZqhwd0sTdLBjiZMSLqqwF0r2/Nv4NIJtttmUajpTV0wrpXTHxVvuQVHije ZMxLxLy7GA/hkLwM01vh1Mtoi0U9OcWsBQl3CTpgEXZeyxirsMm6mV6Tfy6BCVqyNFII TzMlmf819tvfz9QWU/Pv5Ig0hNr/QGEyQicC+Jny8+hLzlpfUfjk1ApA5AvANTRgBIER GCwtYRsVrK/wyIAf4rwcKhjpOpGiqSCT0ViRAOdpsZmkWlwW4PDV/lQBZpTmxHKOTxDX 1oOaXd1i7O+VGY3BmciYOQZSEe9NmI2KQazrpg4M3GtUJJxs4IPvzKzdl5FlRSKtOaOo Yo5w== X-Forwarded-Encrypted: i=3; AJvYcCWdyddLZ+wByIGh/fWTmFptL7OoLjDnPURXnEE+gIE716B+C26YC8NNjyGsF5/FcolVFZq6pq0=@isar-build.org X-Gm-Message-State: AOJu0Yw5C39sgl6aKus8TaetLA+nGluxNluvsQh7RZOggo1ZFHJsP+nP FcjOICc43qLewMEBkQRB5w6sMRUVZfsLgH0HkCGNKTZsPFCQZZcA1esh X-Received: by 2002:a05:6870:c1d0:b0:408:9c83:5b1a with SMTP id 586e51a60fabf-4157abe6023mr274934fac.4.1771607775382; Fri, 20 Feb 2026 09:16:15 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+Fa3V8LuBQy+TO9gZ5sldyL9QhQemo9IKmkbBNZdOrX7Q==" Received: by 2002:a05:6870:1413:b0:3c9:732d:60f2 with SMTP id 586e51a60fabf-40ef2b41d95ls4521322fac.1.-pod-prod-02-us; Fri, 20 Feb 2026 09:16:14 -0800 (PST) X-Received: by 2002:a05:6808:191c:b0:450:cb93:69ef with SMTP id 5614622812f47-464463d85fcmr384930b6e.56.1771607774316; Fri, 20 Feb 2026 09:16:14 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607774; cv=pass; d=google.com; s=arc-20240605; b=Ooav3XAcVvbtFmpfXT1Ljvy/9/t8kkieEu52rjhj/LwhwUhIQOTDUJu5do1d8NWnP8 1T4L9v45O5WfAw3g8QwvSVd9SUtPtPPW/mBWqU7hNSMt/b6J5OFwz7WBUDB/FVp6YOUp 8eg9At+IqAYwpYnITMvT84kr2UnRWCvuk07Pbff0u7bYyxuBoOkBKNhmlmlyJYXEBFZN S0lqzFnx9rO6WxmjXxglhEZ0wFGsegG/wFyJMpJHhlPr7aNFRlED5zlebSJWytWUItLD 9yVYHrbFGy+QaYNlXBUfMARXB8szDrR+tF9chZFcON4a+40nUkiZXqGjOv2h/H5h6E2N c11Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=gs1TYjA0sLOIzBL+Qb51efk00elL4suvrBXkX9ZNWkU=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=K6ko5tyqfgxZkfPn+lOviaDZqyDOxFaq0x4UZntYzIbUDe8V3tTuNuTYDNF9M6LHfl 9aPH55FWOCakvP8qC3nQnGpJ51oYYEDfziHTUm3EmymxrCPWgBxHMwR+iN161PBuaV1K v2sCXUsP/pxZrX98cgUl1mYVP7+yylijAE/U0glwvOWfBFDPO+1mSUKKn9NphV8AuzIj bwnAgE5lhUYIEPUeTvtOaVrYkcjS/r+IpSPRzO/hFXwkjQI43ODasi8JcMI5x1RyXpFQ 2IUIns5QXOgE29sXZnoeHRt9OyBTpDqMu+bLR6aCorBpZv5FIqdnJkWuSeShm2UhnUVF YI6A==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=u1IQTFrG; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743968b6e.0.2026.02.20.09.16.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:14 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=RGGb5bD6Akf15VlU9T99eKBWADrhREmhQypSVOmh1hDBJuBJmnqW1x1Pec1kNnlioQM+m8iZq6kC7ea2FQb7WS/eGLBtVurAmxDR5vDKdXegzajYRIULgW0oz+sC7gdOGl+mgwZsOfP71rQb1+1/RaIgZh+V96xwZpBxeuJ5p9QTNfQgJl4x+zsMXmKm/QCH6i4o2pZp8DBrGZZu68SnG1z5lQw1lJ8FlNmnQNIE89yLQZN/2jrAuWxUTYp6kxHco/GzdiN/khJ6+1g4L1l/5mFX08NtfApYYymZ+iEDDATeu/8S7KfWDh24Rx6dAGu9AC3KAegYHboTohzl8Per5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gs1TYjA0sLOIzBL+Qb51efk00elL4suvrBXkX9ZNWkU=; b=PELaiS+F3WykcesVranwiAJIpbeT3Wfe5PeDWxKeCAeFgcNoTYYdTaK3BZxgplNmOL2uWDjfwJeZgSA9RsXKwbuSq6+RXtjHAQxEmV/eBV6Y/sqBaBdyNLRryQVl2ElJJQupmLgJpkgNR7QKQM6KFV+bN7jfDItTyysbsJ0VPpEIyeD3wtMBdjcjTiNqAL9BQYk20N5lHVyrCFQkj7SNbG7QWZWdz7eD8N0RIa+OYuoiO0a+vFHSTDrNAf3ItCSN9vwvTBwS3c2KgHbaZk6jElD8kFDi0TZkMfZuYsmRmwDMdi0QlotIFFOrJe7yK5psUlGIO+6zUIYmpXMSlx1/xg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:11 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:11 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 01/19] refactor bootstrap: store rootfs tar with user permissions Date: Fri, 20 Feb 2026 18:15:43 +0100 Message-ID: <20260220171601.3845113-2-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 12ea112d-0c2c-4abf-949d-08de70a3be77 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: wJNJx42em8j7O4nXz7XuT76n6Ep9J7sQwll56k+NYipBq96mCQLdp2Tv6/nsXwuYxRqwxYR7PB6KFkKsNg4EeRQnZ7Dc7nteq6fsBrBO7T6X1t8sjZlIiKBB64CCK69sGBBs82Y5VYLClxV0VIT+XcVtqB/o2IsFkD5pu8jkehVZ7nJcaMXmVt+bpvvnUAEPvWal6aUccSQIhmlyjS7bx29Gi56rU/ALGeYeEo/Hcg/bAFpPJMrCtg/D/PEaEyYiGnHmruTd1r2qo9FTSl9YTRrEm6k2sjwzu3741JzETfjF7FG2UWiUJwS07QRFmPoexGQk8B31812M/Gchu4tRdAreMjDSpFcn/k9udmFeflrPzDwTj2zmRQRVrg8WmnTn1RG3Wkbiz8Dfv43o87BGW1z3fhFgFmTE5g8smEUspkmzEPQy9LSSn4auMyq0PyMAp6KU22OzwsSdyQgl5wTRgzrQ5UqBRIO1Gw1c0JXFVOwq1WcYEckjMdAXpEk8Lzdb1KonReS/7OqXocD99VsRc12jRd88oHDz7SncNZhwPB69xrX7Uw+NzU/vBqzDtrS6dKTKDiVBw4bAzsetRS/YqkObsqEN4q6J70+TIyaDPTfMqDHccXSNpMNw9vO9TYvhkcgVgoL/pcF2uxlVCtxrWsImvnPaPV/ZF/4TMxXU9OETlzxVdrs0dr85k4Uwl/CQBoK8w4+BHJ/uQxIhjTQWg0zA8WQH8iGzFlACmfzkdoRFdajxlHoKd39x6eWDvjlRV/ezj7xd/t5Zm7OSY06sY76aKT9PQUpHubgjFnC24gjCZt6qB7zHKh3gKhf3PrMAzwdWskGnIJJXOOmNOyUuxpqOLRYviVxXQ6wGOhd+3HeFnCQvkr6JnAaU16MBHpQevxczAxRgKTXLbqp5ZPIOKV+ig3G62BUb/+7KNo77IuGOlC1NFbWmO7yiDfrdz0KDfX5nFaeIpZ6oUxPNKnj8v+bQepp325tQEpO1Ufotq7E0jLJGitlvx9TgV/mxrxgvprHvEPoP0CXj9EaCwEnzFKqmF9SZYT+an8X+c/+BlcnFIpGFZJa26w9oLEud6Cdz7gDmbvXQIeuQRWQWex1A8cTOXK8EcQt5ntynCyR0wET2kzdapKPDkYTbdYhkCD2mJkkVHEvs7ePKGwcUCT2j9okmAA1CfoHiQIn7vY07GaeQ5gfPF/lz5oXVjjoysYoKpkU7ONGqahWabBe8dI8o5AsVsqVwtuH8nERvej3anCVuqroO5zg9DIHz+kbgnyBVXhRQXyXJIJ9JP5O+MmdKTR/bbZG9Jz7zTsrBHZCjp7riMCr0ghPz4c3vd3wJTaQ8ctk5nPK17/sNSEcIj0a1hHoGWGHMsvdRDKyZEo1prkQHNTDO2vV1ui9g8mSUqTBrWW+PcOBxKPXigzAJQHHQfwg8RpR7HiB26xLzzEGnn5aQoP6PwriCiBU3Sz7SvO85+RXdROtVSFrK54LzPM0HfGQ+iJkeILitvBT+Pgo/TuxP8CLc5XWrboyDQcDXJ0eGQ+jhewWcdExNoE6+eC9BPhs24543Kj8ZrpszD3fx1R4= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: gvVZHudM7zr+qwE6+l0JsVAKEkHOoWhdPjNFHnXFCVtrDIL2Ny6V9e46EN7BXXXByufSOWJLblleEojEB8grltqwwbPCAvvQwxp2hXZGsJ3CM1FMnMTO35cpWyAjIzRTC8P31B5OGUN7lJ3CZhCOXGvWC9Vb0l2TMUCJ46DQMIBnfWu3Nc5hOG2D7Pv20xl8tEOsPTfn21nJTX8xHOWX4rauNLkVq7FInMfxY0x4JKtv0VwHpxPOcjrKFsNrNVFRM+hLsEadw+I+nyP1P1E/j5DFlKyPiOdAatg1+KkLE0fFtfJSWtKXT41nd6SB9wTSEfcBihBnsh1xk7y+4ruvUgUJ47uFt0I4TEkPalKX0IbxzwwIzWPZzLVpUipf6ST6D1E/JvoVk41HuHD+2gXmneRZjjJ3/7srchxUWlCT0AyhiDeUkyRb+yAn6KlTYLHBciq186BEbNUR0Vsh2tWAZohQQgGvJN536H/D8lF7P3HacALxXKqoz5bKFO11cAL9IuslydtwxYRGGHQ8uucutgjmAog9vZHnzG2suiyDPXfRNvxE8zvB99/B/tRwtu6qFk9XWdR97dxn7e0lC9KaibB/vXpdu5j9hHNk9inSuEI7faDxBToedAJmYrYnXkpsP7kl10QbqDYlP//gm+75LpK0IYcPVi1vLFFG/UQq/NpBer6oy9mSOJalt8f4ASFoFv01pbsIHtuhpbMXlh63sqoqro4WdAQrjdIW7b79IfawwrXL7DaI0PzStw+JatVtqThhJxTR0LBYz7UY9pk8nQ2w52rTVqdkfKJgw0LEz1xVrb1ZO1Z5qyFnsU54t2hM7cVY/iW5fiUgOAhOIp85K3P16YetUugl+hNncRTOYM59ubs+RXreo3FXnNDtBv0RnOY5e6zZGBWdPzDTSE/PQXAapkLRrYwLlMAHieQ8V6/hKbjOY1smdmihidjQZr2aHEwylxQ6cN2ktAr9i5VqQtfe3dAuOrbyk8I+Flk+80K53jVg2h49jdaF/++hpOr6pZLLGpxHqTPAtoTbRJUbLnLDNnFVvTwkoWcTaSJiHyRdE/gXjxVVCoZehv0SCo9l6NznKXvKOhBiISreGTCNGqF3jc7kFKUB+upvX1AgGcIfgovfsLcfO6xJ+laAxFHqxWh4+4wWWZCpEI8750FwpCD8nmYeAymyFPHOWkm1PirkedvoTTu4AIzrihnmwbADIoiKKPepEhUo4TbqaLB27CRYQLDwYLSJ4wXpDuslpojf6tQKyAFfG8ulHO5uNkN41wH+NUbfTAFKI04DOLri/eQCld+yyLqimg0nc4I4LzeNxLKC70SOSBvW63B7/BTi9k7bSQcBedaW5M7tyOj4TgkfpSAu4H0qEQaKQuUIRphMG91rjUmv1vnpxmVgnY7WketUIpZQ1oru//jM+6/ZYP9LrBIx8EyJ0ZQksl/uMfbBJwQgcjBpW3fcBuPsC97yCiskJa6mBvMwb7HyyNECrYyP8A7afKoD8azISJM2+EOh5+n/PgboSei46T+4cf3Hy+zmR4IVYY7WT3K3EWgmzzOkk2XY5PLZtNjjs095GvNvSC3f36hVZz4MZ8HfyA06xIOUHuy2dCV8nqLC3T116E9WX69Qgi0SQI1fRpeL3cHiWMvG0NmRnkwJcEwE3lzcCQrY37Dcb10tG47YayBmBhrX3cLOU6oOtTcGZNfjox3CQqVYAfqe6I+VgR0lcKiY3bgy35ydNkAeh6O7MH2pNBEASwzA2nxX4aEsMfPbkMo= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 12ea112d-0c2c-4abf-949d-08de70a3be77 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:11.3351 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 34gBDcnTWg6EHRGAPBNRtHjRu2qMh+FrA2dH4Aw5LF9UG9p7Flyevjr3njN7XkP0mUbaj2+Vb4idCTUh8oea9dLkRMZyFZhD0huHa85K8UQ= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=u1IQTFrG; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= As the mmdebstrap itself is executed as root, the generated rootfs will also be owned by root when stored as file. To avoid this, we let mmdebstrap emit the rootfs on stdout and write it to a file outside of the sudo call. Signed-off-by: Felix Moessbauer --- .../isar-mmdebstrap/isar-mmdebstrap.inc | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index 73fe9434..d5bbae70 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -240,11 +240,11 @@ do_bootstrap() { ${@get_apt_opts(d, '--aptopt')} \ ${@get_distro_components_argument(d)} \ "${@get_distro_suite(d)}" \ - "${WORKDIR}/rootfs.tar.zst" \ - "$bootstrap_list" + - \ + "$bootstrap_list" > ${WORKDIR}/rootfs.tar.zst # Finalize bootstrap by setting the link in deploy - sudo ln -Tfsr "${WORKDIR}/rootfs.tar.zst" "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" + ln -Tfsr "${WORKDIR}/rootfs.tar.zst" "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" if [ "${ISAR_USE_CACHED_BASE_REPO}" != "1" ]; then deb_dl_dir_export "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" @@ -259,8 +259,7 @@ SSTATEPOSTINSTFUNCS += "bootstrap_sstate_finalize" bootstrap_sstate_prepare() { # this runs in SSTATE_BUILDDIR, which will be deleted automatically - sudo cp -a "${WORKDIR}/rootfs.tar.zst" ./bootstrap.tar.zst - sudo chown $(id -u):$(id -g) bootstrap.tar.zst + cp -a "${WORKDIR}/rootfs.tar.zst" ./bootstrap.tar.zst } bootstrap_sstate_finalize() { @@ -268,8 +267,8 @@ bootstrap_sstate_finalize() { # we should restore symlinks after using tar if [ -f bootstrap.tar.zst ]; then mv bootstrap.tar.zst "${WORKDIR}/rootfs.tar.zst" - sudo ln -Tfsr "${WORKDIR}/rootfs.tar.zst" \ - "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" + ln -Tfsr "${WORKDIR}/rootfs.tar.zst" \ + "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" fi } From patchwork Fri Feb 20 17:15:44 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4885 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:23 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f59.google.com (mail-oa1-f59.google.com [209.85.160.59]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGMs3005932 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:22 +0100 Received: by mail-oa1-f59.google.com with SMTP id 586e51a60fabf-40edeb2e7fdsf22389126fac.3 for ; Fri, 20 Feb 2026 09:16:22 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607776; cv=pass; d=google.com; s=arc-20240605; b=Xek292N8k1UprsMKESUbOWqk3BO75QO8ttV2/36Lh83Qcs2iKSAekCrIKHRyCx9XiU IJBFYrbQj+s9aOeQC92yCOpLL/NhjZaZothSkNFASA0D4plCu9BSERJuZRWPnuGKea9V CTQYFgTq73+k+l2rNXfprPZlo2LmbrljXz+VFmQBoTdncg+tkO9sVxz8s5crKPMC1WVg gDV2smLTPKTu/Co+clyAeqQ6f6GpVn+f4OdAx8y0+K++MqhvSTBBjo9dsj/eP5my72cP jkRHEfyifhE6w/7niMed/Y/xKYUB1QbzER9IkeCgonigte9WJHcJmSVuo7zU8FxcoFTA ViJA== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=hlt3llXUy2TGGHIN5d0Cvgi+nMQgo0DYE8BA7KQhnqY=; fh=gR47f5znNF/ez3LIO5IkGavsxmiFyr2EE9hX1+A7bFo=; b=NZHQsIOC8Bg29khozMV5OmM5VADzxqoI6BiIJfQzGTxnf81gM8qxuwRO4FfUHs6UVw VQ/RpJ/CBovDau2CNNKgkhJKHvUawz4ZEFwn9dhGo9IF0VGBqzP8wUP+UyscjR+L72ra 7SdwKTMWk3in0OGf+vu8nd+MMfHFHMdacfgiLza0ugrKPsl+zmdul3O2yU8kmZzuAnK4 hDApDjglOn6cgEkE9SCeW0qwn4hkIHT2+bnVfJOgRPBd4br1rt5y/GvKzxPLYSbx+nk8 pPJ3er9xFbH93H7YkQrlic1y7HLFz4ZwRdAo4b0c51uCevi0DKlYJswIp9AGZo4u29JO 0IjQ==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Q3MEof1Z; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607776; x=1772212576; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=hlt3llXUy2TGGHIN5d0Cvgi+nMQgo0DYE8BA7KQhnqY=; b=Y1Wkll36J7//JSn/qGFR5iwoXYM2tr0fm/hQ6xgVtD3SHbtzEcdWd0ldYf82WnKH7r 0dgw5UK7SnIJ1wbo+i5IJrA/vDkcMlICtcaAmTY8gwmoSlSe0nXGb4jnoOkRV/SSkp46 5u/Zm5st6IzqARlq5TX81WP4iAvbRS/s6/fg7aYqAQ+E4frvvCa2OVSKZyOufgl3vEis 9NBjJJGS3bGP1QsLqAg+DwCSMfOqZQ3jfQb3DQWLeIbi4yIPGVhYoNolml31c2K3NpyP PSZAZJGnor5/shCyxMwvatD0rkC0hmAR3JAma1bivhTV1Yj7ssgneqWVAbfXmlccuIQa CXtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607776; x=1772212576; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=hlt3llXUy2TGGHIN5d0Cvgi+nMQgo0DYE8BA7KQhnqY=; b=A9a4seDzZWn0FjUOYcMDAkLWEcHLyWFscHBYQJSIR+J4r3B6cALGg9DfglQEY8HhIe zc9yeRtpiGUmVoAspaPepvZDBj6ZTi0Izpls8t7TSv2IfMK5yV//Oc4WVQarFirbcN3F qF1IYEVGrwNXIAfi9nua3/nAHPyLIXdwi5AVgDLecdSexl8R9PSEOW2hoPC0YhP9tYEJ YcfvLgdQ05qiY5Mi8cz8A0aANdmy25a2xB+pK5eauil+h5T8jJMWSAdHdnpRd1YibdG6 J9vgfqrHdvun3A3BBSPa7OHPohdhNZOdwB4xg0iSEaj5+nrXwl5msVA7QsfgtJoZbScn VbbA== X-Forwarded-Encrypted: i=3; AJvYcCW+Yd3J6NaLxC44oWi9ZPVCFIHL1ln1TNKR93k5clA4dR5PwyEJmXXwzdqVaJfbIzW2f8avjo8=@isar-build.org X-Gm-Message-State: AOJu0Yz6K/qF4jDXR4/XxIkjcqpUCXX/edJYsGM8TC4xxkdR85L8yZ7q bb/C6+80Hejz0Za8Ie3Ctc/UHXGNd8VhKt6H7cAZljIMdSM249eUJwny X-Received: by 2002:a05:6871:9d0b:b0:404:1a4b:2e91 with SMTP id 586e51a60fabf-4157abcb11amr211703fac.2.1771607775876; Fri, 20 Feb 2026 09:16:15 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+EcSrK2AhdgNNbkAOkj8tBV1j+2aovyJPL3Oj8L59E7pg==" Received: by 2002:a05:6870:81ee:b0:40e:dd3c:1d52 with SMTP id 586e51a60fabf-40edd3c232als5195281fac.2.-pod-prod-09-us; Fri, 20 Feb 2026 09:16:14 -0800 (PST) X-Received: by 2002:a05:6808:4fc9:b0:45c:872a:57c with SMTP id 5614622812f47-464463fcbd0mr370542b6e.57.1771607774820; Fri, 20 Feb 2026 09:16:14 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607774; cv=pass; d=google.com; s=arc-20240605; b=G86Ekl/MlcBb4l6h2Y8O10lYUC2LuxB1hzHgQTM8EKQQhPOXknxT13n/W9XS8oOOi1 zT8ebWHPmvzgpZHTmZN7EOhIGFpRcFvCshEzO+xbT7q/GBYyHrt7+vHXyHaOJtPS+/rK z1LE7/gHF0+1/098xBQ8zFLNrp+7wzOvC434plfRJp51P1mlSbg7n1wUXTz6lKM0B6TS Y6jq3zRNzIQ//1sO8JEh1Izn1QjIUBHPRcrhnLDeAWiwn08Esptn6jjfkqKRJ5zvzYe3 1EuYmBxpMZX8xZMpTLPBfy+1VZfZdM0cWjR4WjhZ3w4v8h29Yd28mh5e7TbPSpyABmJa ygsA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=+EM26EnPCs5Roie9oKdlwLvjh5KOD+Lp700ADYNBCxg=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=bdN9B5SmjD5Q0RWEW7dpuGpPQgcdghed0ZKcxxXd9aZFNLZaUFRzDvTC/86j22UhY/ P5y1lapT09X0M90OxDElgdbVcbhVxzuHvUqnFbCr8tf06XimfaXm2lJlceQNKZLwSwwx vZjCJrCrqsF5Hn9WlhK87FWpZtm80iBpCs2SgcoOv5w+Xpm+qzsABbPj5sf7+mIGVtE7 cXCqFQC74UC4CmDSAykFCIYWnDeFgiTNO9yBQ/GvKB+jqozjJE0nQUnLvL7r4cHFyWQW th26L4/y8T/9ijVJ1NCy+8a6krYvzwv5eaukMBky86eOxIDaz9UZ+uP3WQNpUvrXLggW KrAA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Q3MEof1Z; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743968b6e.0.2026.02.20.09.16.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:14 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=g/ZxrjAmJU/+SDf61811uioL/CoRlaz81sx6/jBP7G+tksDVqN0PzKmgp5GCkrYonsWsGDT7oQT5CxKmOsRZhg+TeWwYMAoOP7nhzKVYoxMCmL+LCXZM/0YpnBWJHnIV5BkB0px5s0DNSLfECgSa+FpSWxMsiUc/qtU92QeDf18+FqLUrvfmI4411BGYLU/uoGCxFdEjknpU+MUdzfPjIyqKSMfx8KCscHiwHnubYztyNEVd8iX6qnsw/Q4XUAqWRo+hs90iHjm43mBcAjKumxlclKsMTSUjPz4w/CIgNrQyBS7n4S9po1voobnWr7VhFeJ9LQ8ov9VS25dIfBtoLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+EM26EnPCs5Roie9oKdlwLvjh5KOD+Lp700ADYNBCxg=; b=NSqTG6cI9Jzcff3qkqRR4N7EqK09WbL1yuRA6dy5rnu6cJBmvhOvh3tRSOvzwrmAErt98UDVxRtmtcFa5mVUhzsDrOVb6VkS1TXLcY2VBm99eo0iIb7RnWEBN3Qltsoxzlmuw0ulY1TrSUU+yWC4353Vb6g4qDfhvqanPzL0tED/tV1KIPrFic6JQ/ZNX3jNuVxzas0SW8/+pMh2lchoq4aTLFXhr+OW+gblCanypqhKvKCYUalOoXhNvDJ44SgfRdu2If7hKvuylWcL6I1D1+x4Mv36bkBVOU58mvv0z+eACPWQ/Bi6UYhRTz8GbHIm3kcECxkv+7uOMSYPhR6gxA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:12 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:12 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 02/19] deb-dl-dir: export without root privileges Date: Fri, 20 Feb 2026 18:15:44 +0100 Message-ID: <20260220171601.3845113-3-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 8e04262e-c9b0-44df-8940-08de70a3bee2 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: Zp76pT8UmNjdssO9mcIaCxWw48F2E7JYKEP86/MujWMcWIkvfrUd48st+ys9S6Vjp2HhtI/dLDvhECMquc7hQlldLGnAfZUjfzstd2Plb3H//Be1RBUxXv2xFSujedrSoUdBbRevD1nOgBhBraC+1dQ5JUCj4qhZ0Z9cmHEmiUsz53Q7YtdOyn8I0OoZZJXcyCEuRTHUDoSqJYs/4o9ee7tctx4wjvxip6gLAn+XnjBNHenPcMUgw7Uhp6nHDaLtO+UxAfRqZQI/AMItA9NlOqzA/B6m6O3JmbFrr7MGIbczAOHDEPF6NKR2+QkuB7R8jaeeYAI5PkEfZSU8HDsGZOabY9YuUkm97uQZIju/A9afaSPcDMDSRg0pKUTgNzmdqpI20MJ3cC3AlNQGgATdcDGpnFvHtTDkmsCmz/1t3qvsckq8Erm1P5W3JB8tU8HGbUDQcmTH9LmVz9Oc2Bq30KeXXs3xiiRiJvdiLnkg3OTkjXdnNFbFpJ0g6tYBMSgac7FViwsw1Xiz3HFmzmEknPoqM4ewV+OVGCZTBpNksIAJJvHeEECTg0aGNTol/1GnzeHY/JuaRl1FBgEfSOwYAb4Fkpq+f6/mm66FHx4rm5O4+JnWPjBdZyEnL+IpvXyCcuH2Tpv+QuIGXUgDhpbhIWmCLpPI0B5FWPmOdNsh6nX6/0wxtSkM2hP3FQavUphCGENfris+VhmzRkT5Y78BbgC+XS/V6nUdZKQaMqMU0kkEmAU4BDKgcs+YZt5adnbeZGOXaGjlvmLGjGl2LeTMxrUcaa2SmswbNDr8ZBVpOZTw+2FeIIB8a4MAaJkNb6e+jyi2INxf1Oe7AkESURCS40ynRyiP6mwPSPJ6ALgpy4WMYzR9kms8UtXA8ADztCLuQPAsJ3gXFXd8LfNSytRIKHfr8NX9jLbsbM+ct6dO2XNQpF/tT4kBauuT24ef68oh4LAYNYoo/OYnzvkIvTvgVoYlRg9x/66MbMrKoAp1DEvivf6Qo2MCkS1CBwkt+895FyFeuqdRtHCyxcc3P5K6DzJAdqpHVXQzdb0O7mHpOZZy4rf4N/4S7Tv1lYgLLmEsdNIVAHG/VG7QP7kYmBT1iLqdF1bLoDvybTbrYsdABe+e/mp1P317xqqx8ak9XcFjb2kzeZyTS94QQDSpKlqdwx1kyf0elWfLbwvclQS03Ia4iCfYcp4o4Ow45EPEwfe71P3+I7byZHcwi4WFeFYZ+V0y9o49B9+2mwdiv8tPxnDy7MGdoe90pUHsI69LA81fYZMRqnYDYhoiEnkpbtH+coaGpGhT5/iUkz3y7h587jePgIVAdCH96NGzeL1NeUeY4jdSN0DK4MSU3mKwyVOlornKOPk1uRY1+vlGE6dTTOUAnjVwuHqkq6cPRDHomNUp8HJqXrnMb8kVhE8j2aB//ynx6rmcD2pZ1ROE4n0TyGxuK4PVKt8c7wUbt+GS5QVXBok7HAu4XNeCMxpZhM2e2kP5FCipkizlSeBFoc8yPff1/y+qPIbM6L4Age1gsVHF9OHn2LckIc0sJxAbR5j0/MqnmO8oJ5Qcha4kuOOan7o= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: x7mPmG8uidlgj1BPV5CagsZOLoE/HwXZyeRepmTuTZ5nWTXTkm9Bqm7+tmWRbME9LlDqUZQAY9i5dtAqm5qMaVuOigGSRN1AsVrBKES/0AyEZ8Mi8LUP0tcZJ2cur3vvzdO+fOwkboOuwztZkxubfHq/cw3enIfktRBK+N8Ag4c6CDV49VByvVrCeAS4EpzoRZSDX8xbAQ1QAOigZcAGU8lpV/pg9HA7w7eBkTQBpUaiTXjWofgBFVrmfhOnwi6ipG0QqgCiJLsy3rU7bhsAWZDETE6vCKskWtDjDHM3Pw5f2pfGeFo6JNLNFMwTI2GY8itbjR58k/KNjCRb1G67LtzIldzAIE5W2d5gJJmSYdH66bA0HV7GVvWGrLXktGyn38crOH2K9RJySbpI9Vy6FGX0e17OFIhPj3aEsq13oAwmTdfDslM8zII78Zv0OvgTQgqb/7fpAy78nHIQjj0JIi410X/uApdHab+Fkl4r+vgu/TfGQ41rkzrhOfU547Gg5Tyl5lSt3J/viWUReCFYkZ+tsNHq9hA7GH5sqdsWBT2wdIwrUWZU/Xi/bjk5nTTz2nzgQQT25jyoTC/8VRPSWzpdgpxJjnOowxcsf5PItfHBbku9MPttp/ZSMyaPet1TiQpb/okacEMXuPFqv34iVj6GGF9pmWXQDjVaH0c7jh7pBYtEYczhua6QSPpPQGAWQdVVSBc7zfyV12yQVmJyhAthR9764tjPij/VA5TKryyd6xqFe/Rj5D6ebVJjMTIfY2z7YZ9yO0VE4XS+a0baToTLK+q/w+xaYxisXNxK+HH66s+S6vXu/oe357pmEhfgITlogj/N+d9YRFp//Fg7daSAawoH/k0vJe8b1qf3SbPysBapQVAjghEKi/QbpTooe2OB4arEbm4+gCN94H52BbLUOfcPOWQlrh+IYlO88VKgcoI0iMPC35614oMM4i0eI+8LhgE2xBA9eZAUvaU+aACNj80j8Kwa0AcoZaOl1D2veyrk/4fm6YHicAiuGCtAzuFcVl+ren4lgj9FwtbmN4DTy0Jh8l06hNRE5dd04JCITYDYnkmh1A0N3aHk+s6lO2VnlO3UeoQ4qUZlhbg8coYt1TQtXugpkTVhJsUs22C209ThT3l/SMfEMKGrZNv05ZM+qAWv3h1cKVJ+tM2MAQot1FKR6xZhvQt49vY0JMYWjvJtUWJE5yQ9SA7/uiXEafPIdBqCTI5GthllISssVCsxZPORwW4Z6YlebvkxBhZwTxwKH2wEbek7EOBTfoPl8wsq7zGcQ5B2PsmGEIxIEqGVB3iS0FsFcVKMZcAXGqOdarSYGdrpjAoWFJ5s1ZMV3eXIpekrXTIgib7Ws83x3k0C1crS0ge/eJmdeRCQvPclnDWC/ljpf0l1V6Yw+kQls3+kk+eOOBM20VwYU7oZYad3k47XteoDTeof762yncy2v+Hdu5pPxB1ABR6FMxVc/3eFKwwKc8/lRSbeH+xB1WN09Q8WpKNxXKjMO3BIVOpAY/dJwSstzzaMS6koQmk1mr9uIb1YfsdM/geZII9FcJyTvVhfRgqqMVWAa1e90EHV9OzWFdNW/6avmCa5Jcy9Ng187q6airoVQ5uYv+99OHDgVssGwU12g3pwkDnI5PgAXeQbmGgy+NM7VVDShGsLajMTGs1dHAYVZUyeCQtGlI7MIHwYA+yLBD3bai5Xv0W5Nmu+UMlZKnZXIRldP7tvQw2AxMLajd8koODO11nrlWhWO2bVIbTBiP+OtQCh2XE= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8e04262e-c9b0-44df-8940-08de70a3bee2 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:11.9885 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: tWM20a5TIxq5EZINJ9jYxISdh39R6Tmy4fFH2Pl3wAiCdrWC4lAmEzcakNSpCtXum2w0Sb2JT+qH9OwUeKYa+zGlu1subF7J3HKTilH/vbs= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Q3MEof1Z; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= The archive is world readable, so we can access it without root privileges. By that, the files in the download dir are also owned by the calling user, making the additional chown obsolete. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/deb-dl-dir.bbclass | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 7ebc3526..76c2435f 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -153,7 +153,7 @@ deb_dl_dir_export() { isar_debs="$(${SCRIPTSDIR}/lockrun.py -r -f '${REPO_ISAR_DIR}/isar.lock' -c \ "find '${REPO_ISAR_DIR}/${DISTRO}' -name '*.deb' -print")" - flock "${pc}".lock sudo -Es << 'EOSUDO' + flock "${pc}".lock /bin/bash -s << 'EOF' set -e printenv | grep -q BB_VERBOSE_LOGS && set -x @@ -170,6 +170,5 @@ deb_dl_dir_export() { ln -Pf "${p}" "${pc}" 2>/dev/null || cp -n "${p}" "${pc}" done - chown -R ${owner} "${pc}" -EOSUDO +EOF } From patchwork Fri Feb 20 17:15:45 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4886 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:25 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oo1-f55.google.com (mail-oo1-f55.google.com [209.85.161.55]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGN4X005946 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:24 +0100 Received: by mail-oo1-f55.google.com with SMTP id 006d021491bc7-6795b040001sf35946524eaf.0 for ; Fri, 20 Feb 2026 09:16:24 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607777; cv=pass; d=google.com; s=arc-20240605; b=eoe/b/4qqPvfiBNlkxgljvgLnG6Vz3s0+Kyhkz97eH0NLoJTs4b0UQmng0u5ZWtfBX XQcb+WFWh5WrqNwFH5CYxBtokVkkSdaTK/tsy7vb0HA32pX+5coHed9dNco+S1ZOgd2M zYyZV9cWgq92BLUEq2yDMctZzob4xys+ywoE3ZLObHwZ9UmrcIT28tPX/MwtDWDP3BD0 GwS4iNOsKkzm+JL35SLHlolg3rdJnNPohI4BVsmgzfJmWnCtGqDKlN+nWHi6CQImFCQC dW/9uZpgoY0V+Qt/XGLc2yhyfHY71hly7xNVJ1oXeRYAi7ltBIhAVGxNjcPF7efzbopw Y3Fg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=ZA91wTcutmxJ0wX7r0pn+9OxyYuja2KNOQwdK1R7y4E=; fh=9h9yIS/jS4uk/sPugg2ZA/ChPjGwWnv7K1yoif6Cios=; b=k4KGrQ5x/7/nAtFRveoMDqobPw9rtxBx0ru9oKlVUfZiWAXI1j2NKiLolZ304s7RX5 t2LSq6N//0eEzJwpTD9shBfn97yY+jaslMECZ2aF/CVMDLw5VCWq4K6deEyqyb8ZS45C FkJWelF2+1D2wyb3DiUVK+lSvX7E1vnW2XeLhkie/wxJ06QDoOXCf9DOSILrZ2KcUJVD kH1fF853QHybdC7rji+ZuIjL2I0K5cXcldNVpVpqbm1rCyXs4CL4K/VRm2iBCG6mXKrW GoJrgD9iN22wlSl7gbXx1Tkn1eMjp3DMJDBi2QryiaSglRD2zWJQR71TFLyKpRdUsXZ9 pHOg==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=azKhhGLm; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607776; x=1772212576; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=ZA91wTcutmxJ0wX7r0pn+9OxyYuja2KNOQwdK1R7y4E=; b=k4K71DY5cZIYj7G3xMsa63caUCA9+0Ma21HezHMBndLMeVFUtsRq1WwibBVomSWvNd XTrCWUwvemlFHeOO0O3GPE4pB6kgb7hOpixEAvS/Di9yY+EGfYioVMPyyOfzCLHQFz9S pBwf5q8VVF6/PjVnEi9yrf7MG2UrHeVhQD9kwRTyPpNFVd6s8kiNbnhO5H95R/Ij42So NoNQTG9GqvN+HbBXLDbK5HVod9ERTfxdApzQl2+9JvLQ123vWaxZd1XFlIvdM0PYpppg oRv+8zX6Su+74pjRazpQij/qW7vVF5y36L/Feu713CUAEWUK/SQunsI7XnCLdzWqdqbl WO/g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607776; x=1772212576; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZA91wTcutmxJ0wX7r0pn+9OxyYuja2KNOQwdK1R7y4E=; b=p07L7wcnE3ajtybthBkcio988pIw3ihpQnKKMGf79kNPM+uWYTe9COHyYXXqdWWTdJ ayKgzTR5iE9iILw8fQuXEArMcIDI+FInRO820jzzMvAEB0Z/eLwU+3rFMTPPGIaZftpw l07PJY5ewJrj4VxBZU15c+8NeAQ3QNiP94/DTLu0zxRJCxK4o2GGVJYJazWwGRt/JYjo fEFGlYn2UvnB7JWqX4Hs8K1ddosP9D+zGPz8hPd7u62rNEvjRi/dMun63r8OozDuAt8E 5m8+4JA8mlYEb22iJradHNRbup4l5tI3Kq2vZJkhjUBob4DvVXbSK66BJph+H1Oyhj3C mJwQ== X-Forwarded-Encrypted: i=3; AJvYcCUddlPEumaocg7CCD5AU1d7+q66LowQdPlwHfgMJ8plKd4VEyd6Cm/krKWwb/JwA73WfX7CapY=@isar-build.org X-Gm-Message-State: AOJu0YwMk2o1U5XkFddULLeUaOpBSw50tROTtdBz3dw6h3mYdn2XyscN V8glz/FRkg8g6s1x+akE373P++uoMbF6xJrXqi7B8MPCyEt2/V5Q5Oy2 X-Received: by 2002:a05:6820:221e:b0:679:bbd4:605e with SMTP id 006d021491bc7-679c4268b94mr371574eaf.16.1771607776376; Fri, 20 Feb 2026 09:16:16 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+Hm4O/fYIcHwmNJ6wm4bQJZ5/QwNRI74YHKGiLQEnY0tg==" Received: by 2002:a05:6871:293:b0:40f:1fb:db8f with SMTP id 586e51a60fabf-40f021a655bls6144380fac.1.-pod-prod-09-us; Fri, 20 Feb 2026 09:16:15 -0800 (PST) X-Received: by 2002:a05:6808:148d:b0:45e:ed45:15f4 with SMTP id 5614622812f47-4644633bf91mr426178b6e.35.1771607775312; Fri, 20 Feb 2026 09:16:15 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607775; cv=pass; d=google.com; s=arc-20240605; b=imY7IB14dAavwnmEcNK4TOxx0be82XxWOCjO69JlQ0yBsW20sl0MwnZN5Oz5kPRJ2B EEnmfigdJoDLXa/oKLSwXENFD77r1uDjOGnFybRHTSo8UIxvR+Ulav2ur7M8F1WRdtiW lJHQ5tmUTVqJuP4yG3WPmEBG6hXbdW+dzvV3dlc3WWyllQYY068cj0ByWZSxz/Q3uakc qh+jig8O/DgjHgz9OKd6hveipJujkLX4iExQ8iuIP73rEbzYLtgR6FRX6zPnWCFxJUlT zrydPhJk1fg0BrgAOFM6+4vmWYftK+zoFivOVpZHsM7JP4OGexFJhtdGcM3QUr0PpeuD qTuA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=eEhh0bG1gGkZZii8FVSOv9fYRw1oD18b9FcF9Pku96g=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=S9Qs7s+vmQUCTxMGUW4xz1yArs9hhZ857QcilHy1DzA4NZ1Z/Av/M/rEvzpK7iB4R1 YuhF9wZSZ+COsGgMKRiLRjHvNZKDMr2K+An3usry9nQEs6LsCoKnA2G5Vtrs+9ejnFbD WgXCMCkWguzQ6rD5biR0pQnRsvX6CWWHt8Sg1Uy/NekTE7JT3lwDjxSTYQMiEkPNH4x3 yOR6TokpsJoLY08AQUyDylSzFC0aKJg0pG0lH21icvouVnAR0L+P0MXQkPUtv/2cSmi2 nT70lOvfi3vH1RI1DCwlQv0LOrdJ2/Ns1QczMJgWlfqY8OGa+tNigZpM31K/MlijBLU1 35QA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=azKhhGLm; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743968b6e.0.2026.02.20.09.16.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:15 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QqfJTzJUge9laLqF0LA1MoZSCH6CuyfOz61un6gtY7ixAs2pT3Y7upGgJsvUgtlgkXhhPhp5Sj62pVUwIyKZBVyhX1R0QE0DKjSm+cQupI5b3zFZS2I9SVXkx7gFu9H4e2Jthq2lGebLDjRTlzzPoI8SIIp6fQstBexqFdpHLoPoHzMyJelwdFIfl067qiNFHezj4wBgRGdjyanNKhPD/TkjydXCgWAnNv4il6QWSxqUx+jbmIKAwq2SuXlAuSZFc0hQ8lLYRhbQtG3Ku4vL75TU8284wIs/Fr7yL/GZSLc1Xz2n/dpqAlZu1Fmd6v6pVl9RTJZVNpp9aU1qxQvBLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eEhh0bG1gGkZZii8FVSOv9fYRw1oD18b9FcF9Pku96g=; b=T5MltQjJwG2XGCIcEwit90zrobdvyIk3Q7satssRhOdiqZFGfR4gNc/7JQsJBGOuZ78AeBh16GpFnOXrrpjyHzWL3n6ybaUfWpes7I3FxhVUyWcAp28THq5i3xUnXwvc0TZY90HWnRaPL9dF5xubg0eaNBkP9QSkd8npFVon3eFdHKnx+T4W6ytCEjzz6BVqnznG/n4oPuWDglKAWJBM4LT5r3aw4OwUyEbxn2zRefUBg9TUWZ9Z0F2XHmmAGnv0alJj1ApBWa6GeTvsWPedZqrqaHXPS/docCbLu+sHn+EfArEpkKFYUN8/0i0imSwy9qjr1Zx3lRyCU61/MZBrMQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:12 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:12 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 03/19] download debs without locking Date: Fri, 20 Feb 2026 18:15:45 +0100 Message-ID: <20260220171601.3845113-4-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 38b8db48-74e7-43c8-8d10-08de70a3bf46 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: K7qQxTsulu126nGBsrtTMnBsA1y2x3PaUy/FJpVLNlr9ig+3Sw7wc8O6ult7Yum63/rjPj9EqDa0Vw9n9hihQ+a8lvcjBj5te43NmGMX9DUhpbJWKZ/hJrjCTXaXM3IvpsWAX27KdlbYM9EhAoQlfzRjlfSfNCxz2MtXcJkRHQj4XAZPqyDrk/kq9nvDqDviUPJ1tRZGtJ6GFMUhyh7JB/ukEQeHW6M0SAAywOdYFionPziV5/lJCP9+gdi0H7BzmSqTdiuWHdYcvCpGzPC0gQanTVGEKCjLt6fDgfD/TJ8IrRzDcHlt5jazx83XclRIZz2OpruhaUhET6l1mhQzoNxV+BbEQaTCiwxblayrpjiTuda26PC54IUy8H/1O1dFU4jqGmzkmNMqektQ6HarSNKwX4lTj5zBdutZXWEUEm77S9ZnROctqr8lWQtfd4zz32tNucH/ZWE959FuYsKxEb83OlWtyeGomk5LnCXlzw5x7cD0m/f06xFsHm+GGv7s2p2PCDooQhOuMTR3wIpZnhHca4BY/240o07CYnOCBMZouhqYf+Iv5DLVUOFjByWetQWjMiKwIkR7R4vRo7cV3KD2qRV6xRuLPKKfNCcMTW4AkiadoFLGAq+sqt/6fr7v0FAwFFm9zvUolfnHcN5VoOGZaRrpj3ovLyugabmY+7sUDLaQJ0ppeQ9EmkmOq3Zghxo6zscTTebtvAgXUFicvg+ouaCgv8Eba25WmvoQrsp6kOiumPtpQCkWPoUTmZDPAUHFLgJShw/ONsARtCGSXadyq6nuowOHIZKAOyWl0nj9QuPMq8cfV02mQnuOcCpe+2asKuFxtgAqMJ2PyeEXKajEUOtM8RkupviFpOtdYeQfS3jw12T44o2c1TCCG1ofT0eDrxXcfNObmx71IwSRIGR+h9Pj0pDz7UQckE08TBrp/XvwRS+o8ESG80p90xIIhXhfEvmLzyUYKHNDZ/RB76XJJ55FXLT16StbcsNUzo2578i8R1QtTjMPUHACWgKz4hWsU/0KMWWJRMKc0wX7+mNeNn9Zcv8wkqZxhQLz1OEo4xseXrg7nkzwiw+pSnydTj+INLFeFb5XfYV+71VUnbFCZ+NFkxM9G/sPGgcAKXSlCm7VfUEZbiVTS1jjxR+EGSIEPCfq9A9Zpu/kBFKVx2w+Qu21lMtMJMtcIFA4urrK8eezjNlauAdXziJ85PVSp4j9uNG/moucyA+djiJbukmfxH5Q1T7n06JnPZ6estdyl9w2uCz/b8IXXZ0XY8ThdUzxStgUgu31J9n2h4W8avTj+bUD9bwkrAK3IqvVH4KmMfYUosYHLJA/3ro8UK+0NQLpxwpMcibxggpdAW++EpMU4g4gXIPP9Y0UBOiJDOF/GwmQ0N80KQDgP/aJt54jEQFy0Z0tUP1LMuuHCAorUWfz9WTi2GYZkqHHzB4jHq0QG8txXdgWklvJNGhlXtZZ/5YH7tMjI2U/LiLH9pWxquskdITscYmBoX6/2pwGBTm9xZnHPyaikkLg/xRY7yYZlWTmsI5pKHnAm6HOdt9Lqoz5dN6I8p/phLA0bDYv3+k= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: hRW4WyFirInONzJwlycL9Ykxpp2+H5lFFA1OXZ30dljhZqpocIjecs+s01jvKEt8P+PriHa6ES0zS4MWkiPuaSZShIClm/tBtdJrnpdKDtZ2cPvPn6+9ppxihEjuNq0YzRq4gvXsVtXOS911LUiFrokkqS4Zi8jpmPVQND5CGdLEbI/kJqbx69x7jwG0nkkAZopys8flopzPxxk9y30Cq6t+ux6vPEKdEuOxnXnr2uzKfeVAphTCL2Kh6SAMtGx/ynfejGJb7+aFQn34BjHvQTn4CQTGkbVCnue2CrXC4zkSKtvwS4gzjIybDuJPetu8v2BfuAE0DDc0qpZ9lKmuLd2nFUJO/nUTDFk6L8WTlCRi1fBvjJZejOzOEQ60y1EGXOTTj3b3wR9b7QQTcUN4ydsga8UPE3HKVOA3TSbBSnu5blGf+Gi9RK02uPMJs349XnArIBRqcEkfWfT2uIaSJ5G8s3s0xVLXAlkLO3ZkiKCVC4tbGAd8GqFdIG1DiuMhqSHskricgyXh31ApoI3Mh6wDwZO5sDCo0NPww6sSTQ7yHLD5AsqAIEU6U/c4qsjuHDXiQ6nLjclkpP8n8kmIFSFe09IChCmhGt6R/86NaoAZK8BiNiASQYe+38VXB0mAMbKpvRuxi4/JBN/EgAG1YF3BOyx2r//MalxtM1YUsdYJb6/w7cA8xzEim+CoY8AZ/tL5Esh0ZJMPJEtygDQyc08/3E8SAKh4rdxdlCXADYsqycvLt94zZb/rU+x9to3ieqCCYu8Xg+UEy9EnZiqw5JVcGLrqMuuzPUPktxnjINLd50id/pbGwH2sCxZ/gWnk3+nAywO5fXwpm5vocJowkGK0pzpypoL4HwmrtdAX9oFIZa4f4y7Su1kERaGLEllpUumOjG4BgUSDGW8plMEOlKHixOyxYcTjTfr4yGwir/syDutFPhpDKUDvkzykPBA3WeKbcgzEOB2BAV7LYChq64OmkPsfExJP6a6QRNBdbW5p/krymO88NSF+Q0EmrAk6TcanZsFEgrmydIsCATDP/dQfhmTJBMX/ps1/YR00t3RrRYUcDOOnp4xc1o7WZUZWfh0pl+IR/0y+OqaA2Gq14Re6910X8kg90i5MTY7Z2tiVCTpdBirfVNmyY0kgN+DRwEo+xVeDnpwGd1mLOfXYKQPFgTf/34adyVAJ2TkQlhFE8RN4TUWtiB+KEHEtWWPLcz71Z3EevaNPkBkzNSpeoyCG4QsIok4Vui8MumwVRU/ZlHcMySimzP2dpuvhmUzdYxES8kFn0WP4z+TlKF4MyhmXMUMdn90yQaTeKv6Po4aRjOt7DxosJY0P9NTv+6xzd6lx/R0g1eA08P6pfqqAMrMTQ2MD6IuLQmIJ3AYrYd3oM6G5JjoeeSWMiiIRgbYiOYRAG/YHBoDEYyw3JD1U5dBJ8K+z+A9KoIHLJGeEjDnwIhprEfQxz7JjGY16ZiBe2kqgELkDIMIMmLs9QJsF0p84ZwKP65jr4p/1lHy37creo074yKo26fqzTna9YMmSdRopv9KtJjvZ4VEt/52QvPoXpKwcilAYWQUb/IQ7ME2WpeavYl5aPzF7TncN2DXXtZ8aB6TrOXWW52EMMOlXcDcLffKsql27wXAGnrzM3tmwGfgBIUichyEPcJxdP70rJ4W+zE14bpqTl1G4YQQsdgn1WaLhjJVZ1cIYthGwBFszX3ISEbt3nfQnkh5eg/SyF/4WPsJtOQJpoEtngwce3u+pnJrDQYB7q2Et/bQQ9Xo= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 38b8db48-74e7-43c8-8d10-08de70a3bf46 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:12.5671 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: G1ShCx7Y7689vW2EW6gix8JT2sS+OdMNlvW032Y5O8qsNeL/x6W9OZ9YWwBAC1Yss4gNoKCBJhXnuFoMJym1Uqc0+ib76YzzobtulApYXfM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=azKhhGLm; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= As we are only downloading and we are the only one acting on the rootfs, it is safe to not lock the apt cache. By that, we can avoid complex file ownerships in the tree. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/deb-dl-dir.bbclass | 2 +- meta/classes-recipe/dpkg-source.bbclass | 2 +- meta/classes-recipe/image-locales-extension.bbclass | 2 +- meta/classes-recipe/image-tools-extension.bbclass | 3 ++- meta/classes-recipe/rootfs.bbclass | 10 +--------- meta/lib/aptsrc_fetcher.py | 2 +- 6 files changed, 7 insertions(+), 14 deletions(-) diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 76c2435f..6675d48d 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -80,6 +80,7 @@ debsrc_download() { --chdir "/deb-src/${rootfs_distro}/${src}" \ -- \ apt-get -o APT::Architecture=${DISTRO_ARCH} \ + -oDebug::NoLocking=1 \ -o Dir="${rootfs}" -y --download-only \ --only-source source "${src}=${version}" \ || echo "${src} ${version}" >> ${missing} @@ -121,7 +122,6 @@ deb_dl_dir_import() { # let our unprivileged user place downloaded packages in /var/cache/apt/archives/ sudo -Es << ' EOSUDO' mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ - touch "${rootfs}"/var/cache/apt/archives/lock chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ EOSUDO diff --git a/meta/classes-recipe/dpkg-source.bbclass b/meta/classes-recipe/dpkg-source.bbclass index 1227da36..d0809477 100644 --- a/meta/classes-recipe/dpkg-source.bbclass +++ b/meta/classes-recipe/dpkg-source.bbclass @@ -77,7 +77,7 @@ do_fetch_common_source() { schroot -r -c ${session_id} -d / -- \ sh -c ' cd /work - apt-get -y --download-only --only-source -o Acquire::Source-Symlinks="false" source ${DEBIAN_SOURCE}' + apt-get -y --download-only --only-source -o Debug::NoLocking=1 -o Acquire::Source-Symlinks="false" source ${DEBIAN_SOURCE}' schroot -e -c ${session_id} remove_mounts diff --git a/meta/classes-recipe/image-locales-extension.bbclass b/meta/classes-recipe/image-locales-extension.bbclass index b6b07dba..9bff36ff 100644 --- a/meta/classes-recipe/image-locales-extension.bbclass +++ b/meta/classes-recipe/image-locales-extension.bbclass @@ -30,7 +30,7 @@ image_install_localepurge_download[weight] = "40" image_install_localepurge_download[network] = "${TASK_USE_NETWORK_AND_SUDO}" image_install_localepurge_download() { sudo -E chroot '${ROOTFSDIR}' \ - /usr/bin/apt-get ${ROOTFS_APT_ARGS} --download-only localepurge + /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only localepurge } ROOTFS_INSTALL_COMMAND += "image_install_localepurge_install" diff --git a/meta/classes-recipe/image-tools-extension.bbclass b/meta/classes-recipe/image-tools-extension.bbclass index b0f25a69..e88557f6 100644 --- a/meta/classes-recipe/image-tools-extension.bbclass +++ b/meta/classes-recipe/image-tools-extension.bbclass @@ -54,7 +54,8 @@ imager_run() { apt-get update \ -o Dir::Etc::SourceList='sources.list.d/isar-apt.list' \ -o Dir::Etc::SourceParts='-' \ - -o APT::Get::List-Cleanup='0' + -o APT::Get::List-Cleanup='0' \ + -o Debug::NoLocking=1 apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y \ --allow-unauthenticated --allow-downgrades --download-only install \ ${local_install}" diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 8485b32f..629dc666 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -340,18 +340,10 @@ rootfs_install_pkgs_download[progress] = "custom:rootfs_progress.PkgsDownloadPro rootfs_install_pkgs_download[isar-apt-lock] = "release-after" rootfs_install_pkgs_download[network] = "${TASK_USE_NETWORK}" rootfs_install_pkgs_download() { - mkdir -p "${WORKDIR}/dpkg" - - # Use our own dpkg lock files rather than those in the rootfs since we are not root - # (this is safe as there are no concurrent apt/dpkg operations for that rootfs) - touch "${WORKDIR}/dpkg/lock" "${WORKDIR}/dpkg/lock-frontend" - # download packages using apt in a non-privileged namespace rootfs_cmd --bind "${ROOTFSDIR}/var/cache/apt/archives" /var/cache/apt/archives \ - --bind "${WORKDIR}/dpkg/lock" /var/lib/dpkg/lock \ - --bind "${WORKDIR}/dpkg/lock-frontend" /var/lib/dpkg/lock-frontend \ ${ROOTFSDIR} \ - -- /usr/bin/apt-get ${ROOTFS_APT_ARGS} --download-only ${ROOTFS_PACKAGES} + -- /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only ${ROOTFS_PACKAGES} } ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT ??= "" diff --git a/meta/lib/aptsrc_fetcher.py b/meta/lib/aptsrc_fetcher.py index 041f5445..dfa784a9 100644 --- a/meta/lib/aptsrc_fetcher.py +++ b/meta/lib/aptsrc_fetcher.py @@ -41,7 +41,7 @@ class AptSrc(FetchMethod): set -e mkdir -p /downloads/{ud.localfile} cd /downloads/{ud.localfile} - apt-get -y --download-only --only-source source {ud.src_package} + apt-get -y -oDebug::NoLocking=1 --download-only --only-source source {ud.src_package} ' ''', d) except (OSError, FetchError): From patchwork Fri Feb 20 17:15:46 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4889 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:28 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f56.google.com (mail-oa1-f56.google.com [209.85.160.56]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGQgV005997 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:27 +0100 Received: by mail-oa1-f56.google.com with SMTP id 586e51a60fabf-4094f9a49a1sf29484328fac.1 for ; Fri, 20 Feb 2026 09:16:27 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607781; cv=pass; d=google.com; s=arc-20240605; b=SC4VJZ27HMmX66ENoMDjJTW2KK/yQcVBsoehnU3PUsEz6DUpwQtMIfKt0AMhBnq/ut 070WWVEOk3EoGkPglVs9hUE4pIeZVVtuBYIAJOlUe2LjSPLzzqOdB/G65fPDKjRR8jaG S2hCisADzEpioaPV70RKUhENSn8G4FHe554mCFOD+/NJ84lnerJ4ASCPNd4HRHH3nx1G U39f7cUOapsVSa34IdOHl6/emIQqURLuHl1Z+IioNdxXFUcktcKTT69uwzDFiv/KQA4I 1C7IegUVtlb/vmwcIZfnf8R6vVUMmL33mebo/DgJIWZOzyme3qJ6t4IrtUm28TiPqH0q V50A== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=Fre86fFon6CMSYVmVnenFewyaKcnfkPR7QWJMZDE0ig=; fh=nrm2z59zK/c4Pex8XsqsmUozTZ51WQinvUedMwDBKwU=; b=Zj5KwjOf+3qcDNXs2Fcce+aXZJdEtrYG8tGUUYRAxbOGnQ8dmeOdmU2gFMU6K5ZObq /bNQMTbk1yyE01rB2xn+jQlQjGOmWaAiC5GCOWgki1Ebv8Tu7WBCvJS1ULPg23Am7Qj2 U077e2EG7vc3pUhG4t/VErRcjf37h2tbjijERJeaesq2bUortAJaGKDE1ouKO+fXhheo 7Kvf0D6nfXTEu/QXSGQQIYJ31ZXJbe8rJGPLzShpN4NoXQbZDFFJHjDLvsF+54ebxeQZ byqOA7ZaWLiqn7kBDUpJuQsMXjKCO1ft6nEs96T+rK3BFiiPkErm2RDC3ACTF5kugNL1 Ln8w==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=UWM39ICl; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607781; x=1772212581; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=Fre86fFon6CMSYVmVnenFewyaKcnfkPR7QWJMZDE0ig=; b=PfErI+t3uKpoD3i+HrpJWAqd7Ybu1EokQUhEcxd57QaOwp5v1rcot8Jnxihfv89lxz f0wWbpVZKYHTq9gDNOsGoAQdgigJReebrgbNXPLvq2J9D9Cb1PmeNre2kBQL9T+nF3bq x+BF0o+eY8Sh0yyIMgAT+6IG06QaE1d3/DAIDr7h7I3D7TGDc8ONEFARbRVkXdZuUnPt 0KkW/KULw8pxi9yxWHtmXPp/CtN6YuuU9t74s55jbaghGBVAWvRdzdU+mlUkkopKuemj 9EC4H7prM28fuPoLnpKrv0ORgQ96RQYMYLONUafKdjZ9KCOuejaiXaWcIfhuF/ziH09V /3wg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607781; x=1772212581; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Fre86fFon6CMSYVmVnenFewyaKcnfkPR7QWJMZDE0ig=; b=GyVhbl65yoD7LErNz6yOZESJe4xvh3QQTUrQsegU7XdMGztTXiInf1MYSGiA9gUxp+ eGPomjjyfxPfEi0dYqecEDfLqlH+OOD2px/PuEMTIMgLqjsTawByQrGQCE2kZABIEFNh hOwuYs1o+hV76cS2izX/6QUxh9vmFN5HmFclsKpuMf04rzxYaitKMsKSA6RUxI3MmPQP YrcbfO89MgQAHTfMANWIGjrTRrsB8NH1CjMO1HacArFN9Wemnjtdbz1jlpKDxgEuCHsA 4xLCo+C1WOwlU3Vf0Oe+lyp9fqcGeXnLmsWbGNwpVH83H9CgzKmzJAUYtDZY1ysGKjCI Bhlg== X-Forwarded-Encrypted: i=3; AJvYcCXesqFXw6/Pi8+zfE8gTMGnD5n/cV2uQIdiNzslYFi+O/fq00bwwoQEl7/doEOr/gOJMlGIeHE=@isar-build.org X-Gm-Message-State: AOJu0YwJZq3zxMiy8bIaS7FhOqc4F3a/uTc38WrUWxqEpZZsUHR7qqB+ 5rcCF6m7bboF3aqWQ//lkHCKvaoSkVxCFRNI5uF8RHBvWExjzsuhxdwp X-Received: by 2002:a05:6871:739a:b0:409:8169:b40f with SMTP id 586e51a60fabf-4157ac79ea7mr234083fac.15.1771607780750; Fri, 20 Feb 2026 09:16:20 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+FwL0xWKsNroB00ESLbCh02upPSNYWW3/SyBHcVz6LmZg==" Received: by 2002:a05:6871:d10e:b0:404:2f39:e1c0 with SMTP id 586e51a60fabf-40eca697e32ls6987364fac.2.-pod-prod-08-us; Fri, 20 Feb 2026 09:16:19 -0800 (PST) X-Received: by 2002:a05:6808:1586:b0:462:d1c1:6de2 with SMTP id 5614622812f47-46446234418mr438251b6e.26.1771607779434; Fri, 20 Feb 2026 09:16:19 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607779; cv=pass; d=google.com; s=arc-20240605; b=XTlpzPHYWU0XpjSzTKDqqo00aHHLYEfZ6n787JAv2vyh9kCim1ii/1d7ctihKX1NjQ wgTPFzvgG5BvMDZXzvlmPfS7jr3z9+nsBxJuQA2WIGAzUJl1ibIIRayvcdd6to4QEAAZ WTVOu55YYgUbp+5dEuECw5bX2pKcu6xNQBvDcoQmnJJCg2IXat+cWLs8g/Dkl8I77rEM CAwL50W3lsaxJqFboG+okkvgTPZaIov3GPVaSeJoIu+72LXZ/ionUd1y3ZBmC7PN6zSR bZhcENZa8shPKgVFD0mrevlMr3qgPgVTaSc2c5Q2PUPIjJTAtupjUxlSJ/4YUm1oRCyb 2y6Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=PKXATXev2R2FmNQZhK+e8t5tXtsz6wmb3abz4IcR2Ls=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=Pef5TQmz2tWt0Kn/QqA6n6ZcM5lOIv+8Ar/JRAJDMkojs9DE/YHnqF1I1XLYZgzka5 rM4z51xxS3Rg3a6fcSYvn4ljSsDWaGqSVFZiRAldxeL+6b/8vg19wBa4M4Jez1UR39B5 3Uqs+e8obverqZA6zLUJHDGX6Y+UV+fv/UTepg93UOLOYzqMHTcMLGv0QEbLz9IORVCd efDX1GDuflJjr/zFSI+fvS83C0zuypQbTL6Ip8l7+e4MhHArIPFtYztqr+aRCIJP+9H+ dX+0uGeNFfTZXz3urHfWaTaF/JyNQkjPzTHpU0UQXd2OQ7vIx0RRrAdK3jqKoVhWL3tp j4jQ==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=UWM39ICl; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4636ae55f7bsi1149069b6e.2.2026.02.20.09.16.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:19 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ajT5fTxKshOPEy+LViPEObDmvW5qudu9nZcBjTddB3Ilb9sa/NcKKhiNQjI61dGelaYzEAMixh6zrM8pKp53srI1iu+urGicYMwCaAnWG50ILF/z8CDvsHEt2shjsjdi2ZKm6pc05jxUXZtMbg9cugo404DSamoWGxd06DsjGMLO00N7N3ZolKizIuluDiHPLDIp7Lau/cHWloHJb/I7egR7FlgmLmWZqR5NRhZ77GPdc0Y1XuJYROs95BAuERTHwo51/qgVxFVKvXho1mMqc1HAeP/aFGQtkSKhn+DoJxL4cci/5SFYGzFB1ccuXUQYkSsCNJKCOuzg7avUT5sm7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PKXATXev2R2FmNQZhK+e8t5tXtsz6wmb3abz4IcR2Ls=; b=TY9aJHMJS6+US61fBhg7Gp4wZBduBijzf9s8AoYxAY12cg07cOE54DA7Q2k24SEPyHctQqcWk5W0dGxpK1dW9izTqGP85INQQO42W6LVpS4ND/SYKbIftgB3Qqcau/Yw+HjFKBX/QXm9w+KL2HkznuP72sKKGs2lFcZ9y8FtQLYzJ2x/ImS+rLttXpRzSShhifD6+7GTBT8/MR4hAVdEM3bDHT9BRDRxf3quPjnT2jRDykwxFu+rgkRWrXTvacbdcc3MAhrG1MoaABZukasNaFY80W/cRauIL1Yu/Xr7kVxknNGdC+VWD24+vT5kVVbzW7Ozhl/ofyMxxDoFK+tTcA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:13 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:13 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 04/19] introduce wrappers for privileged execution Date: Fri, 20 Feb 2026 18:15:46 +0100 Message-ID: <20260220171601.3845113-5-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 564cc7aa-d978-4040-7172-08de70a3bfbe X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: u+styc7KijuXgiPh29f59qyeEDBM5DjgdVUUR5c21exvy+A4U6a+6jWukbe08e5k0u4n2bmEnrCMbvOTjw1oceOHiPanIOwkw8l9xCe1wuh4pucee8MCT/LuHfy7AuuPTcOkwhaABvKuPukivRiNFpgp7AFxC+xL2T8aijzS4/IXY+TQpBkip+MQk1BZyRk/7yE0mP7s1pFogmFH2gOK4oBkNOThvv1iRnmFjg/8CSfy3XPhr7vq097XdSV5+/IBT+4zzz6AA8NME+KxmqfLrXmdGvVH05KJYomZq8n9nXI+nEV1P9Wr5wTNwj7GXo9iD8jlc293lKdxqgNd9dhVdHisbV62xOR5i6dHHI4719VmLgUYumkM4YTXpp2AdiXYrPoIsdwyFpANdAIedWHQ8HpYA/aONoDwyKaeWOdu5fh5CnDJiB/eWxGyk9ZWrECaNpM6txb91YwUoaQIOyIokXjc6A5/rYjLVMV3vDK9cwqMMPSNbyv85PBoqac4lPiLoYFxWkzNWA26ko5LXiKLXGtyDK6xo3FeMkfdH+WRgaWEmCqK7zY5Uu51V3C0NklP/IcwC1C+q6JykZKoblx80atvy9XHGqlGLTybWhZmftaH9h9zEEi7wSfT1dCkFF/dhQPYaUiqTyKdwo/HaHTlOhSwXHawHiYmRavWZObJe0aOynoSQfUQBGJt/HhSMb41HmLTTXcOd2BP90Gh8qoQfHWZkcfxd+QvQfWAlJ8A2qh+3kpQG/O4QlZVY+Wbx3isdzofFMcJirCsJu4tSH8jMaQWrzQKPq7RwUOFpPhc8agGpNUkbULAA93CW4DH0+J3OoXbRl9MzDF56CRRPviDSHUem4fhznR1/GcSbxreYk2376ayLpp/y1FN8fKVgYRZFv2oczvKi5IZqtKmRVztI61YiiLhIrJ0f/6k0lPMOam+RR873OP++7RFbpjnigxWPT3tS71/ZgPcnSN0k2OqoPJ8EIL60jSqTs4OhcZZZfrdda//7P3CfONJYHnr37eZ3+DE/TYiBAoJv4XimrlT5Gw6XWkCPkURzbENKpBM4INNLY8KdYQtpdFM4b6WlGZmC22IPHn2HLhHQjsv6m4X0GbaLVt7WxLkFSiJ3O2wSZ8QDZN8CA/N9eGN4TRTmK1/g5CjkNln9Q5CHnUIGu6JdWnKjTXhm3NkRS269/YmkB7FT5TT8rqYpM9GcsbCwxPam0qkniTu4xl1YPwCE53sp0xHFkT0dzj0O2fFvFPjCWljmcI4OQhovdUsmhbVbjJY/eOMdBegnVG4VJocWKZkPoRNU8ZmNkqYBckEFaTDbajaUbAuJngqzHp4uHBLhFWn5YLZqRig0G6/TWLQ/n09bMkGWmfX8dzV5mUiF8PsFvy2aR3mVcRCl6UT2w70/6QSAuW1CdpY9UCDcFSPbOvFLyM1utdnz4w/KLDq84uzrKod+PSGcsEVUPS46UH237MmHxDq1x2Y8vBEkY2iW3IGThZYyfYBduGfMTiaJMitiUpt87Yq9AgHu4cNhbkFN60+ios72y0GOqfV7S9gp3a0XWgsHTj0IxXvR7PnRfXTq2o= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: eQCs+qTW3gM9ik5VlM0nKjhyvnNE5gTVK62V5Y+DSNRu8zZdW7NThGjCETiBPXhj1t+8kT6YIJ7j3u58xjsugGJwSjiVXzDSxaK0hpgy3bm9h4S9y5gVUA0NZ2eGFFGFi2j1SlMvMsT0Ot1LOeS5ejQM4yzJ4iVIMUngI9GRtTOvcvmjK1EhUlO4ov4+dSv0rtknh52DTTWDN6OIQHfsoXesFf9bOYDFoy1Vedc6iY+o0hKKzasbsacncqGXf2HpcFTW1Q7kjIr6wdRZgT+vbOqVvqmNox22tQfL2KfbQPksL+WJVUTb/vBJx8vOsueZvKnZNNfSjA7vd/Q1JsGXUGpvaiut5I40CDm2ivZWvnpt2H6exFlhM3Z5zVvu08DBReAO8NNLGf6WkPiof4E4dIb9rl6w5SjvVrolggktVzzYhntpbthVamgfrGMkHLUFuDS//pKZ8gOIkoQ/nx2U1rzUhB9nARCQYIb1CiKooH9QKeMPc4+GG9FlX5KGnePdPeVXM4qyTm0n4E8YZOOS4uUrP7WizG0EFsXsM+FR6K0+AjdMUfLuFgw7VGncQDS+NzlTPZ+7hYpC+YSIOHaNYwlUaauJFSVqbd8pQIaJTprOfyuMxAb1BFZgtg7l5sIkoZsJ8smeYDSoK9Ntiy/ob7eAjcDVhy01covYPfJ8pIyOM9+ST+9WhIeYGvTxn37b9iZZSc+7OT2FIN33yVsXOM/Zuq2I66QYNrdgSrwi4NKNQOdyDotVTGdrsX6yTSCcAI2n86k6E6xK4rOOVWPIGrLuQQRS78QAK3NPC58hF+rMqVeQGE5xM0mQKBpvMKSV100eb6n2yDEUKsl8fk0RB1PVCNvyXOmJpQ9LUtvWkJXFgD3rALvC5VPQPlwUm8gArKarxxse2DAvyeBRdJzaWY5eLLT+5LPZIgqZGXCKWONZqyn+sZCxGfvNsIkF7GD0ANGpkcjyGprBD3C+h/a9gakEaSE0+ffFda6cKVTicDBXJV5jNd+kTkW6JpPKwuAgG3qnZXoHIImkd492FbNC64D2s6+MjwuHIjR+YiKTpilg1SiNwgxtrjIx4hkSK8ZssP3vtyZawZOxLGrsXV9/nOw8SljCqWC9kztQwO2fJyw/9gUV03no+c3I7M5eNKtfCxSIJhSD0+KUQWtw2f8LSdq7Xck9wfCfZO06qgS/Am6m4tlPKCGtdlnt02JOQ+Miwl/IeS44u9VU9QqhgQokCR8cgrJMbGjszw2B/sHFd6NkffM2rPeBz+C6OdlznwpOyOF40kiEOiCRzFNuzX8Z2giHFyOkbMNgLMuolLnxqmhnGSD+t5vFsy+g7LJd+oF02W0v8Ewzr1yxPEzxXjXKgxRIy66IMfjR9NH2UzR7fOQnaVO2xDa1tC23FYKeVhOAYp1vQrmvyK8DSGqx6LuuiZX4sCchHcSxQs2qQ45gdTpewIcl5hl1CGeBVxVw/9O4zr29JEqzIeA6AX+bQAyMU+d1hkvvBHF+Uy4eV72Cn+VzZkHv4/RCauBGv2hMrO34IGVRVfCMLDyFS+8ZgL1JVIrwEzf6VqAqoywReGyj2e/09uLzwIAT7PNqpR1Cer1Sig1mpN1OEe5QfWN3VcWWq+3NqvSLBVEf93WsGY+jlhKuxFO7ywsuhEFsKTPnI4sHa6JkG4eq+F1dK/LqIL8D31SPnQrdmU6zpsXXTd9ZNDxH2h6asVzLWYPoQzwkNAa+9VXsh9quX/wFb/m+Upd172Wc2Dg4fOWvYCVtOx/wsBs= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 564cc7aa-d978-4040-7172-08de70a3bfbe X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:13.3703 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: y5RjIZE3LNsvA5uOBnrP9xP9rLJG0Idm8fPIb3/OjyEgV0L/wr3okr6Tgppv1h9mX1xYdqsNTcLvpe/MO95wNpeJzJCEPQMgn+cbTksI8rM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=UWM39ICl; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= As a preparation to enable rootless builds, we introduce wrappers for common cases of privileged command execution. The wrappers are defined in the base class where later on the executor dispatching will be implemented as well. The wrappers are introduced throughout the whole codebase and downstream layers are also encouraged to use them to increase compatibility with upcoming API changes. Signed-off-by: Felix Moessbauer --- RECIPE-API-CHANGELOG.md | 16 ++++ meta/classes-global/base.bbclass | 30 +++++++ meta/classes-recipe/deb-dl-dir.bbclass | 4 +- meta/classes-recipe/dpkg-base.bbclass | 2 +- meta/classes-recipe/dpkg.bbclass | 2 +- .../image-account-extension.bbclass | 4 +- .../image-locales-extension.bbclass | 4 +- .../image-postproc-extension.bbclass | 30 +++---- meta/classes-recipe/image.bbclass | 14 +-- .../imagetypes_container.bbclass | 26 +++--- meta/classes-recipe/imagetypes_wic.bbclass | 4 +- meta/classes-recipe/rootfs.bbclass | 88 +++++++++---------- meta/classes-recipe/sbuild.bbclass | 10 +-- meta/classes-recipe/sdk.bbclass | 14 +-- meta/classes/sbom.bbclass | 2 +- .../isar-mmdebstrap/isar-mmdebstrap.inc | 12 +-- .../unittests/test_image_account_extension.py | 9 +- 17 files changed, 157 insertions(+), 114 deletions(-) diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index 0bad8a44..ad03ed68 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -962,3 +962,19 @@ INSTALLER_UNATTENDED_ABORT_ENABLE = "1" # Optional: set countdown timeout in seconds (default 5) INSTALLER_UNATTENDED_ABORT_TIMEOUT = "5" ``` + +### Execution of privileged commands + +When operations require higher privileges than those available to the build user, +the following helper functions shall be used: + +**run_privileged**: Run a command as root while preserving the environment. + +**run_privileged_heredoc**: Execute commands provided via stdin in a root shell. + +**run_in_chroot**: Run a command within a chroot environment. The first argument +specifies the rootfs path. + +Using these helpers instead of direct `sudo` invocations centralizes platform-specific +privileged execution logic in `base.bbclass`. Direct use of `sudo` is discouraged +in downstream layers. diff --git a/meta/classes-global/base.bbclass b/meta/classes-global/base.bbclass index 6c788adb..ad3b616e 100644 --- a/meta/classes-global/base.bbclass +++ b/meta/classes-global/base.bbclass @@ -384,3 +384,33 @@ python deprecation_checking() { deprecation_checking[vardepsexclude] += "MACHINE" do_unpack[prefuncs] += "deprecation_checking" + +# Helpers for privileged execution. Only the non-underscore functions +# shall be used outside of this class. + +def run_privileged_cmd(d): + cmd = 'sudo -E' + bb.debug(1, "privileged cmd: %s" % cmd) + return cmd + +RUN_PRIVILEGED_CMD := "${@run_privileged_cmd(d)}" + +run_privileged() { + ${RUN_PRIVILEGED_CMD} "$@" +} + +run_privileged_heredoc() { + ${RUN_PRIVILEGED_CMD} /bin/bash -s "$@" +} + +# create a directory that is suitable to be the +# parent of a rootfs +create_chroot_parent_dir() { + mkdir -p "$@" +} + +run_in_chroot() { + rootfs="$1" + shift + ${RUN_PRIVILEGED_CMD} chroot "$rootfs" "$@" +} diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 6675d48d..05a16585 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -110,7 +110,7 @@ dbg_pkgs_download() { | grep "${DISTRO_ARCH}" \ | awk '!/Binary:/ {print $1}' \ | sort -u - done | xargs -r sudo -E chroot ${rootfs} sh -c '/usr/bin/apt-get -y --download-only install "$@"' -- + done | xargs -r run_in_chroot ${rootfs} sh -c '/usr/bin/apt-get -y --download-only install "$@"' -- } deb_dl_dir_import() { @@ -120,7 +120,7 @@ deb_dl_dir_import() { export gid=$(id -g) # let our unprivileged user place downloaded packages in /var/cache/apt/archives/ - sudo -Es << ' EOSUDO' + run_privileged_heredoc << ' EOSUDO' mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ EOSUDO diff --git a/meta/classes-recipe/dpkg-base.bbclass b/meta/classes-recipe/dpkg-base.bbclass index d8287e8d..03317ef2 100644 --- a/meta/classes-recipe/dpkg-base.bbclass +++ b/meta/classes-recipe/dpkg-base.bbclass @@ -161,7 +161,7 @@ def isar_export_build_settings(d): dpkg_schroot_create_configs() { schroot_create_configs - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' sbuild_fstab="${SBUILD_CONF_DIR}/fstab" fstab_isarapt="${WORKDIR}/isar-apt/${DISTRO}-${DISTRO_ARCH}/apt/${DISTRO} /isar-apt none rw,bind 0 0" grep -qxF "${fstab_isarapt}" ${sbuild_fstab} || echo "${fstab_isarapt}" >> ${sbuild_fstab} diff --git a/meta/classes-recipe/dpkg.bbclass b/meta/classes-recipe/dpkg.bbclass index 8bb5adeb..8d7ff092 100644 --- a/meta/classes-recipe/dpkg.bbclass +++ b/meta/classes-recipe/dpkg.bbclass @@ -129,5 +129,5 @@ dpkg_runbuild() { deb_dl_dir_export "${WORKDIR}/rootfs" "${distro}" # Cleanup apt artifacts - sudo rm -rf ${WORKDIR}/rootfs + run_privileged rm -rf ${WORKDIR}/rootfs } diff --git a/meta/classes-recipe/image-account-extension.bbclass b/meta/classes-recipe/image-account-extension.bbclass index a8a3c7ff..bd721130 100644 --- a/meta/classes-recipe/image-account-extension.bbclass +++ b/meta/classes-recipe/image-account-extension.bbclass @@ -34,7 +34,7 @@ def image_create_groups(d: "DataSmart") -> None: """ entries = (d.getVar("GROUPS") or "").split() rootfsdir = d.getVar("ROOTFSDIR") - chroot = ["sudo", "-E", "chroot", rootfsdir] + chroot = run_privileged_cmd(d).split() + ["chroot", rootfsdir] for entry in entries: args = [] @@ -72,7 +72,7 @@ def image_create_users(d: "DataSmart") -> None: entries = (d.getVar("USERS") or "").split() rootfsdir = d.getVar("ROOTFSDIR") - chroot = ["sudo", "-E", "chroot", rootfsdir] + chroot = run_privileged_cmd(d).split() + ["chroot", rootfsdir] for entry in entries: args = [] diff --git a/meta/classes-recipe/image-locales-extension.bbclass b/meta/classes-recipe/image-locales-extension.bbclass index 9bff36ff..c1e8c175 100644 --- a/meta/classes-recipe/image-locales-extension.bbclass +++ b/meta/classes-recipe/image-locales-extension.bbclass @@ -29,7 +29,7 @@ ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT += "image_install_localepurge_download" image_install_localepurge_download[weight] = "40" image_install_localepurge_download[network] = "${TASK_USE_NETWORK_AND_SUDO}" image_install_localepurge_download() { - sudo -E chroot '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only localepurge } @@ -60,7 +60,7 @@ ${@get_nopurge(d)} __EOF__ # Install configuration into image: - sudo -E -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e localepurge_state='i' if chroot '${ROOTFSDIR}' dpkg -s localepurge 2>/dev/null >&2 diff --git a/meta/classes-recipe/image-postproc-extension.bbclass b/meta/classes-recipe/image-postproc-extension.bbclass index 1aba2ec5..86db0f7b 100644 --- a/meta/classes-recipe/image-postproc-extension.bbclass +++ b/meta/classes-recipe/image-postproc-extension.bbclass @@ -17,19 +17,19 @@ update_etc_os_release() { done if [ -n "${OS_RELEASE_BUILD_ID}" ]; then - sudo sed -i '/^BUILD_ID=.*/d' '${IMAGE_ROOTFS}/etc/os-release' + run_privileged sed -i '/^BUILD_ID=.*/d' '${IMAGE_ROOTFS}/etc/os-release' echo "BUILD_ID=\"${OS_RELEASE_BUILD_ID}\"" | \ - sudo tee -a '${IMAGE_ROOTFS}/etc/os-release' + run_privileged tee -a '${IMAGE_ROOTFS}/etc/os-release' fi if [ -n "${OS_RELEASE_VARIANT}" ]; then - sudo sed -i '/^VARIANT=.*/d' '${IMAGE_ROOTFS}/etc/os-release' + run_privileged sed -i '/^VARIANT=.*/d' '${IMAGE_ROOTFS}/etc/os-release' echo "VARIANT=\"${OS_RELEASE_VARIANT}\"" | \ - sudo tee -a '${IMAGE_ROOTFS}/etc/os-release' + run_privileged tee -a '${IMAGE_ROOTFS}/etc/os-release' fi if [ -n "${OS_RELEASE_VARIANT_VERSION}" ]; then - sudo sed -i '/^VARIANT_VERSION=.*/d' '${IMAGE_ROOTFS}/etc/os-release' + run_privileged sed -i '/^VARIANT_VERSION=.*/d' '${IMAGE_ROOTFS}/etc/os-release' echo "VARIANT_VERSION=\"${OS_RELEASE_VARIANT_VERSION}\"" | \ - sudo tee -a '${IMAGE_ROOTFS}/etc/os-release' + run_privileged tee -a '${IMAGE_ROOTFS}/etc/os-release' fi } @@ -37,11 +37,11 @@ ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_configure" image_postprocess_configure() { # Configure root filesystem if [ -n "${DISTRO_CONFIG_SCRIPT}" ]; then - sudo install -m 755 "${WORKDIR}/${DISTRO_CONFIG_SCRIPT}" "${IMAGE_ROOTFS}" + run_privileged install -m 755 "${WORKDIR}/${DISTRO_CONFIG_SCRIPT}" "${IMAGE_ROOTFS}" TARGET_DISTRO_CONFIG_SCRIPT="$(basename ${DISTRO_CONFIG_SCRIPT})" - sudo chroot ${IMAGE_ROOTFS} "/$TARGET_DISTRO_CONFIG_SCRIPT" \ + run_in_chroot ${IMAGE_ROOTFS} "/$TARGET_DISTRO_CONFIG_SCRIPT" \ "${MACHINE_SERIAL}" "${BAUDRATE_TTY}" - sudo rm "${IMAGE_ROOTFS}/$TARGET_DISTRO_CONFIG_SCRIPT" + run_privileged rm "${IMAGE_ROOTFS}/$TARGET_DISTRO_CONFIG_SCRIPT" fi } @@ -58,13 +58,13 @@ image_postprocess_machine_id() { # systemd(1) takes care of recreating the machine-id on first boot # for systemd < v247, set to empty string, else set to uninitialized # (required if initramfs with ro root is used) - SYSTEMD_VERSION=$( sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" ) + SYSTEMD_VERSION=$( run_in_chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" ) MACHINE_ID="uninitialized" if dpkg --compare-versions "$SYSTEMD_VERSION" "lt" "247"; then MACHINE_ID="" fi - echo "$MACHINE_ID" | sudo chroot ${IMAGE_ROOTFS} tee /etc/machine-id - sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id' + echo "$MACHINE_ID" | run_in_chroot ${IMAGE_ROOTFS} tee /etc/machine-id + run_privileged rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id' } ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen" @@ -82,13 +82,13 @@ image_postprocess_sshd_key_regen() { ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_disable_systemd_firstboot" image_postprocess_disable_systemd_firstboot() { - SYSTEMD_VERSION=$(sudo chroot '${ROOTFSDIR}' dpkg-query \ + SYSTEMD_VERSION=$(run_in_chroot '${ROOTFSDIR}' dpkg-query \ --showformat='${source:Upstream-Version}' \ --show systemd || echo "0" ) if dpkg --compare-versions "$SYSTEMD_VERSION" "ge" "251"; then - sudo chroot '${ROOTFSDIR}' systemctl mask systemd-firstboot - if ! cmd_output=$(sudo chroot '${ROOTFSDIR}' systemd-firstboot \ + run_in_chroot '${ROOTFSDIR}' systemctl mask systemd-firstboot + if ! cmd_output=$(run_in_chroot '${ROOTFSDIR}' systemd-firstboot \ --prompt --welcome=false /dev/null); then bbwarn "Your image is not configured completely according to systemd-firstboot." bbwarn "It prompted: \"${cmd_output}\"" diff --git a/meta/classes-recipe/image.bbclass b/meta/classes-recipe/image.bbclass index afe6906e..4a250964 100644 --- a/meta/classes-recipe/image.bbclass +++ b/meta/classes-recipe/image.bbclass @@ -363,7 +363,7 @@ get_build_id() { ROOTFS_CONFIGURE_COMMAND += "image_configure_fstab" image_configure_fstab[weight] = "2" image_configure_fstab() { - sudo tee '${IMAGE_ROOTFS}/etc/fstab' << EOF + run_privileged tee '${IMAGE_ROOTFS}/etc/fstab' << EOF # Begin /etc/fstab proc /proc proc nosuid,noexec,nodev 0 0 sysfs /sys sysfs nosuid,noexec,nodev 0 0 @@ -391,7 +391,7 @@ do_copy_boot_files() { kernel="$(realpath -q '${IMAGE_ROOTFS}'/boot/vmlinu[xz])" fi if [ -f "$kernel" ]; then - sudo cat "$kernel" > "${DEPLOYDIR}/${KERNEL_IMAGE}" + run_privileged cat "$kernel" > "${DEPLOYDIR}/${KERNEL_IMAGE}" fi for file in ${DTB_FILES}; do @@ -447,7 +447,7 @@ def apt_list_files(d): IMAGE_LISTS = "${@ ' '.join(apt_list_files(d)) }" do_rootfs_finalize() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e if [ -e "${ROOTFSDIR}/chroot-setup.sh" ]; then @@ -473,14 +473,14 @@ EOSUDO # Sometimes qemu-user-static generates coredumps in chroot, move them # to work temporary directory and inform user about it. - for f in $(sudo find ${ROOTFSDIR} -type f -name *.core -exec file --mime-type {} \; | grep 'application/x-coredump' | cut -d: -f1); do - sudo mv "${f}" "${WORKDIR}/temp/" + for f in $(run_privileged find ${ROOTFSDIR} -type f -name *.core -exec file --mime-type {} \; | grep 'application/x-coredump' | cut -d: -f1); do + run_privileged mv "${f}" "${WORKDIR}/temp/" bbwarn "found core dump in rootfs, check it in ${WORKDIR}/temp/${f##*/}" done # Set same time-stamps to the newly generated file/folders in the # rootfs image for the purpose of reproducible builds. - sudo find ${ROOTFSDIR} -newermt "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ + run_privileged find ${ROOTFSDIR} -newermt "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' } do_rootfs_finalize[network] = "${TASK_USE_SUDO}" @@ -517,7 +517,7 @@ do_rootfs_quality_check() { ;; esac done - found=$( sudo find ${ROOTFSDIR} -type f -newer $rootfs_install_stamp $args ) + found=$( run_privileged find ${ROOTFSDIR} -type f -newer $rootfs_install_stamp $args ) if [ -n "$found" ]; then bbwarn "Files changed after package install. The following files seem" bbwarn "to have changed where they probably should not have." diff --git a/meta/classes-recipe/imagetypes_container.bbclass b/meta/classes-recipe/imagetypes_container.bbclass index ea15decf..b6cc4a14 100644 --- a/meta/classes-recipe/imagetypes_container.bbclass +++ b/meta/classes-recipe/imagetypes_container.bbclass @@ -37,38 +37,38 @@ do_containerize() { # prepare OCI container image skeleton bbdebug 1 "prepare OCI container image skeleton" - sudo rm -rf "${oci_img_dir}" "${oci_img_dir}_unpacked" - sudo umoci init --layout "${oci_img_dir}" - sudo umoci new --image "${oci_img_dir}:${empty_tag}" + run_privileged rm -rf "${oci_img_dir}" "${oci_img_dir}_unpacked" + run_privileged umoci init --layout "${oci_img_dir}" + run_privileged umoci new --image "${oci_img_dir}:${empty_tag}" if [ -n "${cmd}" ]; then - sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci config --image "${oci_img_dir}:${empty_tag}" \ --config.cmd="${cmd}" fi if [ -n "${entrypoint}" ]; then - sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci config --image "${oci_img_dir}:${empty_tag}" \ --config.entrypoint="${entrypoint}" fi if [ -n "${path}" ]; then - sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci config --image "${oci_img_dir}:${empty_tag}" \ --config.env="PATH=${path}" fi - sudo umoci unpack --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci unpack --image "${oci_img_dir}:${empty_tag}" \ "${oci_img_dir}_unpacked" # add root filesystem as the flesh of the skeleton - sudo cp --reflink=auto -a "${rootfs}"/* "${oci_img_dir}_unpacked/rootfs/" + run_privileged cp --reflink=auto -a "${rootfs}"/* "${oci_img_dir}_unpacked/rootfs/" # clean-up temporary files - sudo find "${oci_img_dir}_unpacked/rootfs/tmp" -mindepth 1 -delete + run_privileged find "${oci_img_dir}_unpacked/rootfs/tmp" -mindepth 1 -delete # pack container image bbdebug 1 "pack container image" - sudo umoci repack --image "${oci_img_dir}:${tag}" \ + run_privileged umoci repack --image "${oci_img_dir}:${tag}" \ "${oci_img_dir}_unpacked" - sudo umoci remove --image "${oci_img_dir}:${empty_tag}" - sudo rm -rf "${oci_img_dir}_unpacked" + run_privileged umoci remove --image "${oci_img_dir}:${empty_tag}" + run_privileged rm -rf "${oci_img_dir}_unpacked" # no root needed anymore - sudo chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + run_privileged chown --recursive $(id -u):$(id -g) "${oci_img_dir}" } convert_container() { diff --git a/meta/classes-recipe/imagetypes_wic.bbclass b/meta/classes-recipe/imagetypes_wic.bbclass index 6b82add3..63974a3e 100644 --- a/meta/classes-recipe/imagetypes_wic.bbclass +++ b/meta/classes-recipe/imagetypes_wic.bbclass @@ -193,8 +193,8 @@ generate_wic_image() { fi EOIMAGER - sudo chown -R $(stat -c "%U" ${LAYERDIR_core}) ${LAYERDIR_core} ${LAYERDIR_isar} ${SCRIPTSDIR} || true - sudo chown -R $(id -u):$(id -g) "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic"* + run_privileged chown -R $(stat -c "%U" ${LAYERDIR_core}) ${LAYERDIR_core} ${LAYERDIR_isar} ${SCRIPTSDIR} || true + run_privileged chown -R $(id -u):$(id -g) "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic"* rm -rf ${IMAGE_ROOTFS}/../pseudo cat ${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.manifest \ diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 629dc666..2b8139fa 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -136,7 +136,7 @@ rootfs_cmd() { rootfs_do_mounts[weight] = "3" rootfs_do_mounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mountpoint -q '${ROOTFSDIR}/dev' || \ ( mount -o bind,private /dev '${ROOTFSDIR}/dev' && @@ -182,7 +182,7 @@ EOSUDO } rootfs_do_umounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e if mountpoint -q '${ROOTFSDIR}/isar-apt'; then umount '${ROOTFSDIR}/isar-apt' @@ -225,7 +225,7 @@ rootfs_do_qemu() { if [ '${@repr(d.getVar('ROOTFS_ARCH') == d.getVar('HOST_ARCH'))}' = 'False' ] then test -e '${ROOTFSDIR}/usr/bin/qemu-${QEMU_ARCH}-static' || \ - sudo cp '/usr/bin/qemu-${QEMU_ARCH}-static' '${ROOTFSDIR}/usr/bin/qemu-${QEMU_ARCH}-static' + run_privileged cp '/usr/bin/qemu-${QEMU_ARCH}-static' '${ROOTFSDIR}/usr/bin/qemu-${QEMU_ARCH}-static' fi } @@ -240,16 +240,16 @@ ROOTFS_EXTRA_IMPORTED := "${@rootfs_extra_import(d)}" rootfs_prepare[weight] = "25" rootfs_prepare(){ - sudo tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" + run_privileged tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" # setup chroot - sudo "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}" + run_privileged "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}" } ROOTFS_CONFIGURE_COMMAND += "rootfs_configure_isar_apt" rootfs_configure_isar_apt[weight] = "2" rootfs_configure_isar_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mkdir -p '${ROOTFSDIR}/etc/apt/sources.list.d' @@ -270,7 +270,7 @@ EOSUDO ROOTFS_CONFIGURE_COMMAND += "rootfs_configure_apt" rootfs_configure_apt[weight] = "2" rootfs_configure_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mkdir -p '${ROOTFSDIR}/etc/apt/apt.conf.d' @@ -293,7 +293,7 @@ ROOTFS_CONFIGURE_COMMAND += "rootfs_disable_initrd_generation" rootfs_disable_initrd_generation[weight] = "1" rootfs_disable_initrd_generation() { # fully disable initrd generation - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mkdir -p "${ROOTFSDIR}${ROOTFS_STUBS_DIR}" @@ -310,7 +310,7 @@ rootfs_install_pkgs_update[weight] = "5" rootfs_install_pkgs_update[isar-apt-lock] = "acquire-before" rootfs_install_pkgs_update[network] = "${TASK_USE_NETWORK_AND_SUDO}" rootfs_install_pkgs_update() { - sudo -E chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ + run_in_chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ -o Dir::Etc::SourceParts="-" \ -o APT::Get::List-Cleanup="0" @@ -322,9 +322,9 @@ rootfs_install_resolvconf() { if [ "${@repr(bb.utils.to_boolean(d.getVar('BB_NO_NETWORK')))}" != "True" ] then if [ -L "${ROOTFSDIR}/etc/resolv.conf" ]; then - sudo unlink "${ROOTFSDIR}/etc/resolv.conf" + run_privileged unlink "${ROOTFSDIR}/etc/resolv.conf" fi - sudo cp -rL /etc/resolv.conf '${ROOTFSDIR}/etc' + run_privileged cp -rL /etc/resolv.conf '${ROOTFSDIR}/etc' fi } @@ -358,7 +358,7 @@ rootfs_export_package_cache() { ROOTFS_INSTALL_COMMAND += "${@ 'rootfs_install_clean_files' if (d.getVar('ROOTFS_CLEAN_FILES') or '').strip() else ''}" rootfs_install_clean_files[weight] = "2" rootfs_install_clean_files() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' for clean_file in ${ROOTFS_CLEAN_FILES}; do rm -f "${ROOTFSDIR}/$clean_file" done @@ -370,14 +370,14 @@ rootfs_install_pkgs_install[weight] = "8000" rootfs_install_pkgs_install[progress] = "custom:rootfs_progress.PkgsInstallProgressHandler" rootfs_install_pkgs_install[network] = "${TASK_USE_SUDO}" rootfs_install_pkgs_install() { - sudo -E chroot "${ROOTFSDIR}" \ + run_in_chroot "${ROOTFSDIR}" \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} ${ROOTFS_PACKAGES} } ROOTFS_INSTALL_COMMAND += "rootfs_restore_initrd_tooling" rootfs_restore_initrd_tooling[weight] = "1" rootfs_restore_initrd_tooling() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e rm -f "${ROOTFSDIR}/etc/apt/apt.conf.d/50isar-stubs" rm -rf "${ROOTFSDIR}${ROOTFS_STUBS_DIR}" @@ -386,8 +386,8 @@ EOSUDO ROOTFS_INSTALL_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'generate-initrd', '', 'rootfs_clear_initrd_symlinks', d)}" rootfs_clear_initrd_symlinks() { - sudo rm -f ${ROOTFSDIR}/initrd.img - sudo rm -f ${ROOTFSDIR}/initrd.img.old + run_privileged rm -f ${ROOTFSDIR}/initrd.img + run_privileged rm -f ${ROOTFSDIR}/initrd.img.old } do_rootfs_install[root_cleandirs] = "${ROOTFSDIR}" @@ -437,21 +437,21 @@ do_cache_deb_src[network] = "${TASK_USE_SUDO}" do_cache_deb_src() { if [ -e "${ROOTFSDIR}"/etc/resolv.conf ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar fi rootfs_install_resolvconf # Note: ISAR updates the apt state information(apt-get update) only once during bootstrap and # relies on that through out the build. Copy that state information instead of apt-get update # which generates a new state from upstream. - sudo tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" + run_privileged tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" deb_dl_dir_import ${ROOTFSDIR} ${ROOTFS_BASE_DISTRO}-${BASE_DISTRO_CODENAME} debsrc_download ${ROOTFSDIR} ${ROOTFS_BASE_DISTRO}-${BASE_DISTRO_CODENAME} - sudo rm -f "${ROOTFSDIR}"/etc/resolv.conf + run_privileged rm -f "${ROOTFSDIR}"/etc/resolv.conf if [ -e "${ROOTFSDIR}"/etc/resolv.conf.isar ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf.isar ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf fi } @@ -459,21 +459,21 @@ ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('BASE_REPO_FEATURES', 'cache cache_dbg_pkgs() { if [ -e "${ROOTFSDIR}"/etc/resolv.conf ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar fi rootfs_install_resolvconf # Note: ISAR updates the apt state information(apt-get update) only once during bootstrap and # relies on that through out the build. Copy that state information instead of apt-get update # which generates a new state from upstream. - sudo tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" + run_privileged tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" deb_dl_dir_import ${ROOTFSDIR} ${ROOTFS_BASE_DISTRO}-${BASE_DISTRO_CODENAME} dbg_pkgs_download ${ROOTFSDIR} - sudo rm -f "${ROOTFSDIR}"/etc/resolv.conf + run_privileged rm -f "${ROOTFSDIR}"/etc/resolv.conf if [ -e "${ROOTFSDIR}"/etc/resolv.conf.isar ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf.isar ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf fi } @@ -482,17 +482,17 @@ ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'generate ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-package-cache', 'rootfs_postprocess_clean_package_cache', '', d)}" rootfs_postprocess_clean_package_cache() { - sudo -E chroot '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ /usr/bin/apt-get clean - sudo rm -rf "${ROOTFSDIR}/var/lib/apt/lists/"* + run_privileged rm -rf "${ROOTFSDIR}/var/lib/apt/lists/"* # remove apt-cache folder itself (required in case rootfs is provided by sstate cache) - sudo rm -rf "${ROOTFSDIR}/var/cache/apt/archives" + run_privileged rm -rf "${ROOTFSDIR}/var/cache/apt/archives" } ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-log-files', 'rootfs_postprocess_clean_log_files', '', d)}" rootfs_postprocess_clean_log_files() { # Delete log files that are not owned by packages - sudo -E chroot '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ /usr/bin/find /var/log/ -type f \ -exec sh -c '! dpkg -S {} > /dev/null 2>&1' ';' \ -exec rm -f {} ';' @@ -501,32 +501,32 @@ rootfs_postprocess_clean_log_files() { ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-debconf-cache', 'rootfs_postprocess_clean_debconf_cache', '', d)}" rootfs_postprocess_clean_debconf_cache() { # Delete debconf cache files - sudo rm -rf "${ROOTFSDIR}/var/cache/debconf/"* + run_privileged rm -rf "${ROOTFSDIR}/var/cache/debconf/"* } ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-pycache', 'rootfs_postprocess_clean_pycache', '', d)}" rootfs_postprocess_clean_pycache() { - sudo find ${ROOTFSDIR}/usr -type f -name '*.pyc' -delete -print - sudo find ${ROOTFSDIR}/usr -type d -name '__pycache__' -delete -print + run_privileged find ${ROOTFSDIR}/usr -type f -name '*.pyc' -delete -print + run_privileged find ${ROOTFSDIR}/usr -type d -name '__pycache__' -delete -print } ROOTFS_POSTPROCESS_COMMAND += "rootfs_postprocess_clean_ldconfig_cache" rootfs_postprocess_clean_ldconfig_cache() { # the ldconfig aux-cache is not portable and breaks reproducability # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845034#49 - sudo rm -f ${ROOTFSDIR}/var/cache/ldconfig/aux-cache + run_privileged rm -f ${ROOTFSDIR}/var/cache/ldconfig/aux-cache } ROOTFS_POSTPROCESS_COMMAND += "rootfs_postprocess_clean_tmp" rootfs_postprocess_clean_tmp() { # /tmp is by definition non persistent across boots - sudo rm -rf "${ROOTFSDIR}/tmp/"* + run_privileged rm -rf "${ROOTFSDIR}/tmp/"* } ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'generate-manifest', 'rootfs_generate_manifest', '', d)}" rootfs_generate_manifest () { mkdir -p ${ROOTFS_MANIFEST_DEPLOY_DIR} - sudo -E chroot --userspec=$(id -u):$(id -g) '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ dpkg-query -W -f \ '${source:Package}|${source:Version}|${Package}:${Architecture}|${Version}\n' > \ '${ROOTFS_MANIFEST_DEPLOY_DIR}'/'${ROOTFS_PACKAGE_SUFFIX}'.manifest @@ -542,7 +542,7 @@ rootfs_export_dpkg_status() { ROOTFS_POSTPROCESS_COMMAND += "rootfs_cleanup_isar_apt" rootfs_cleanup_isar_apt[weight] = "2" rootfs_cleanup_isar_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e rm -f "${ROOTFSDIR}/etc/apt/sources.list.d/isar-apt.list" rm -f "${ROOTFSDIR}/etc/apt/preferences.d/isar-apt" @@ -553,7 +553,7 @@ EOSUDO ROOTFS_POSTPROCESS_COMMAND += "${@'rootfs_cleanup_base_apt' if bb.utils.to_boolean(d.getVar('ISAR_USE_CACHED_BASE_REPO')) else ''}" rootfs_cleanup_base_apt[weight] = "2" rootfs_cleanup_base_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e rm -f "${ROOTFSDIR}/etc/apt/sources.list.d/"*base-apt.list EOSUDO @@ -561,12 +561,12 @@ EOSUDO ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'populate-systemd-preset', 'image_postprocess_populate_systemd_preset', '', d)}" image_postprocess_populate_systemd_preset() { - SYSTEMD_INSTALLED=$(sudo chroot '${ROOTFSDIR}' dpkg-query \ + SYSTEMD_INSTALLED=$(run_in_chroot '${ROOTFSDIR}' dpkg-query \ --showformat='${db:Status-Status}' \ --show systemd || echo "" ) if (test "$SYSTEMD_INSTALLED" = "installed"); then - sudo chroot '${ROOTFSDIR}' systemctl preset-all --preset-mode="enable-only" + run_in_chroot '${ROOTFSDIR}' systemctl preset-all --preset-mode="enable-only" fi } @@ -626,7 +626,7 @@ rootfs_generate_initramfs() { mods_total="$(find ${ROOTFSDIR}/usr/lib/modules/$kernel_version -type f -name '*.ko*' | wc -l)" echo "Total number of modules: $mods_total" echo "Generating initrd for kernel version: $kernel_version" - sudo -E chroot "${ROOTFSDIR}" sh -ec ' \ + run_in_chroot "${ROOTFSDIR}" sh -ec ' \ ${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}; \ find /boot -name "initrd.img-$kernel_version*" -exec install --mode 0644 {} /isar-work/initrd.img \; \ ' @@ -663,11 +663,11 @@ rootfs_install_sstate_prepare() { # tar --one-file-system will cross bind-mounts to the same filesystem, # so we use some mount magic to prevent that mkdir -p ${WORKDIR}/mnt/rootfs - sudo mount -o bind,private '${WORKDIR}/rootfs' '${WORKDIR}/mnt/rootfs' -o ro + run_privileged mount -o bind,private '${WORKDIR}/rootfs' '${WORKDIR}/mnt/rootfs' -o ro lopts="--one-file-system --exclude=var/cache/apt/archives" - sudo tar -C ${WORKDIR}/mnt -cpSf rootfs.tar $lopts ${SSTATE_TAR_ATTR_FLAGS} rootfs - sudo umount ${WORKDIR}/mnt/rootfs - sudo chown $(id -u):$(id -g) rootfs.tar + run_privileged tar -C ${WORKDIR}/mnt -cpSf rootfs.tar $lopts ${SSTATE_TAR_ATTR_FLAGS} rootfs + run_privileged umount ${WORKDIR}/mnt/rootfs + run_privileged chown $(id -u):$(id -g) rootfs.tar } do_rootfs_install_sstate_prepare[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" @@ -676,7 +676,7 @@ rootfs_install_sstate_finalize() { # - after building the rootfs, the tar won't be there, but we also don't need to unpack # - after restoring from cache, there will be a tar which we unpack and then delete if [ -f rootfs.tar ]; then - sudo tar -C ${WORKDIR} -xpf rootfs.tar ${SSTATE_TAR_ATTR_FLAGS} + run_privileged tar -C ${WORKDIR} -xpf rootfs.tar ${SSTATE_TAR_ATTR_FLAGS} rm rootfs.tar fi } diff --git a/meta/classes-recipe/sbuild.bbclass b/meta/classes-recipe/sbuild.bbclass index 1ab72aad..ea0c5841 100644 --- a/meta/classes-recipe/sbuild.bbclass +++ b/meta/classes-recipe/sbuild.bbclass @@ -20,7 +20,7 @@ SCHROOT_LOCKFILE = "/tmp/schroot.lock" schroot_create_configs() { mkdir -p "${TMPDIR}/schroot-overlay" echo "Creating ${SCHROOT_CONF_FILE}" - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e cat << EOF > "${SCHROOT_CONF_FILE}" @@ -59,7 +59,7 @@ EOSUDO schroot_delete_configs() { (flock -x 9 set -e - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e if [ -d "${SBUILD_CONF_DIR}" ]; then echo "Removing ${SBUILD_CONF_DIR}" @@ -101,7 +101,7 @@ sbuild_export() { } insert_mounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e for mp in ${SCHROOT_MOUNTS}; do FSTAB_LINE="${mp%%:*} ${mp#*:} none rw,bind,private 0 0" @@ -112,7 +112,7 @@ EOSUDO } remove_mounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e for mp in ${SCHROOT_MOUNTS}; do FSTAB_LINE="${mp%%:*} ${mp#*:} none rw,bind,private 0 0" @@ -123,7 +123,7 @@ EOSUDO schroot_configure_ccache() { mkdir -p "${CCACHE_DIR}" - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e sbuild_fstab="${SBUILD_CONF_DIR}/fstab" diff --git a/meta/classes-recipe/sdk.bbclass b/meta/classes-recipe/sdk.bbclass index 17b56bcf..074f5ef8 100644 --- a/meta/classes-recipe/sdk.bbclass +++ b/meta/classes-recipe/sdk.bbclass @@ -69,12 +69,12 @@ ROOTFS_POSTPROCESS_COMMAND:remove = "${@'rootfs_cleanup_isar_apt' if bb.utils.to ROOTFS_CONFIGURE_COMMAND:append:class-sdk = " ${@'rootfs_configure_isar_apt_dir' if bb.utils.to_boolean(d.getVar('SDK_INCLUDE_ISAR_APT')) else ''}" rootfs_configure_isar_apt_dir() { # Copy isar-apt instead of mounting: - sudo cp -Trpfx --reflink=auto ${REPO_ISAR_DIR}/${DISTRO} ${ROOTFSDIR}/isar-apt + run_privileged cp -Trpfx --reflink=auto ${REPO_ISAR_DIR}/${DISTRO} ${ROOTFSDIR}/isar-apt } ROOTFS_POSTPROCESS_COMMAND:prepend:class-sdk = "sdkchroot_configscript " sdkchroot_configscript () { - sudo chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} + run_in_chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} } ROOTFS_POSTPROCESS_COMMAND:append:class-sdk = " sdkchroot_finalize" @@ -83,7 +83,7 @@ sdkchroot_finalize() { rootfs_do_umounts # Remove setup scripts - sudo rm -f ${ROOTFSDIR}/chroot-setup.sh ${ROOTFSDIR}/configscript.sh + run_privileged rm -f ${ROOTFSDIR}/chroot-setup.sh ${ROOTFSDIR}/configscript.sh # Make all links relative for link in $(find ${ROOTFSDIR}/ -type l); do @@ -95,16 +95,16 @@ sdkchroot_finalize() { new_target=$(realpath --no-symlinks -m --relative-to=$basedir ${ROOTFSDIR}${target}) # remove first to allow rewriting directory links - sudo rm $link - sudo ln -s $new_target $link + run_privileged rm $link + run_privileged ln -s $new_target $link fi done # Set up sysroot wrapper for tool_pattern in "gcc-[0-9]*" "g++-[0-9]*" "cpp-[0-9]*" "ld.bfd" "ld.gold"; do for tool in $(find ${ROOTFSDIR}/usr/bin -type f -name "*-linux-gnu*-${tool_pattern}"); do - sudo mv "${tool}" "${tool}.bin" - sudo ln -sf gcc-sysroot-wrapper.sh ${tool} + run_privileged mv "${tool}" "${tool}.bin" + run_privileged ln -sf gcc-sysroot-wrapper.sh ${tool} done done } diff --git a/meta/classes/sbom.bbclass b/meta/classes/sbom.bbclass index a16f6ea0..e3d0e702 100644 --- a/meta/classes/sbom.bbclass +++ b/meta/classes/sbom.bbclass @@ -41,7 +41,7 @@ def sbom_doc_uuid(d): d.setVar("SBOM_DOCUMENT_UUID", generate_document_uuid(d)) generate_sbom() { - sudo mkdir -p ${SBOM_CHROOT}/mnt/rootfs ${SBOM_CHROOT}/mnt/deploy-dir + run_privileged mkdir -p ${SBOM_CHROOT}/mnt/rootfs ${SBOM_CHROOT}/mnt/deploy-dir TIMESTAMP=$(date --iso-8601=s -d @${SOURCE_DATE_EPOCH}) bwrap \ diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index d5bbae70..f420c3c1 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -204,19 +204,19 @@ do_bootstrap() { trap '[ -r "${WORKDIR}/mmtmpdir" ] && tmpdir=$(cat "${WORKDIR}/mmtmpdir") \ && rm "${WORKDIR}/mmtmpdir"; \ [ -d "$tmpdir" ] && mountpoint -q $tmpdir/$base_apt_tmp \ - && sudo umount $tmpdir/$base_apt_tmp; \ + && run_privileged umount $tmpdir/$base_apt_tmp; \ [ -d "$tmpdir" ] && mountpoint -q $tmpdir/base-apt \ - && sudo umount $tmpdir/base-apt; \ - [ -d "$tmpdir" ] && sudo rm -rf --one-file-system $tmpdir; \ + && run_privileged umount $tmpdir/base-apt; \ + [ -d "$tmpdir" ] && run_privileged rm -rf --one-file-system $tmpdir; \ [ -n "$base_apt_tmp" ] && mountpoint -q $base_apt_tmp \ - && sudo umount $base_apt_tmp \ + && run_privileged umount $base_apt_tmp \ && rm -rf --one-file-system $base_apt_tmp' EXIT # Create lock file so that it is owned by the user running the build (not root) mkdir -p ${DEBDIR} touch ${DEB_DL_LOCK} - sudo TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ + run_privileged TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ $arch_param \ --mode=unshare \ ${MMHOOKS} \ @@ -248,7 +248,7 @@ do_bootstrap() { if [ "${ISAR_USE_CACHED_BASE_REPO}" != "1" ]; then deb_dl_dir_export "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" - sudo rm -rf --one-file-system "${WORKDIR}/dl_dir" + run_privileged rm -rf --one-file-system "${WORKDIR}/dl_dir" fi } addtask bootstrap before do_build after do_generate_keyrings diff --git a/testsuite/unittests/test_image_account_extension.py b/testsuite/unittests/test_image_account_extension.py index 97d221fd..e2ff4a5a 100644 --- a/testsuite/unittests/test_image_account_extension.py +++ b/testsuite/unittests/test_image_account_extension.py @@ -54,9 +54,8 @@ class TestImageAccountExtensionImageCreateUsers( image_create_users(d) run_mock.assert_called_once_with( + run_privileged_cmd(d).split() + [ - 'sudo', - '-E', 'chroot', rootfs.path(), '/usr/sbin/useradd', @@ -136,9 +135,8 @@ class TestImageAccountExtensionImageCreateGroups( image_create_groups(d) run_mock.assert_called_once_with( + run_privileged_cmd(d).split() + [ - 'sudo', - '-E', 'chroot', rootfs.path(), '/usr/sbin/groupadd', @@ -164,9 +162,8 @@ class TestImageAccountExtensionImageCreateGroups( image_create_groups(d) run_mock.assert_called_once_with( + run_privileged_cmd(d).split() + [ - 'sudo', - '-E', 'chroot', rootfs.path(), '/usr/sbin/groupmod', From patchwork Fri Feb 20 17:15:47 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4887 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:26 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f55.google.com (mail-oa1-f55.google.com [209.85.160.55]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGPcY005955 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:25 +0100 Received: by mail-oa1-f55.google.com with SMTP id 586e51a60fabf-409698ea4dbsf31582306fac.0 for ; Fri, 20 Feb 2026 09:16:25 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607780; cv=pass; d=google.com; s=arc-20240605; b=Sssxj8oiViIac6c4CRA1j1UQx7sSEc6KMjHVnnG1/LMJAkSGXfsKt3miV9oP68mHf7 +DOmdJPZN0zQtPkUIo14JEhyzR7KDMwfIhlcaQTQ8mhb06LdFZMquSmtaYD3eOExMIgM KAeyloK2o38G6ARyjBlsu/stSmaUrg9kljGYTs3ZLtXB3KJ/TkskXQke82/ADueDLlnP jZhBxqkLyWqEIFbhYJa2RlkSqUTm6jTZfixwwRHBzu+nYWp16Fbstgj9vX9r5uXme5Oc 3c16qGM3nZOMMCBz5Lwup/xlqFqABR2iRjO1sljkww4T3aKBY4TIboEPgSFO4jAMHKyw Upww== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=O9cncsblki4k6FvubnYsnFpuDUqmRtk0exjp6WoJK8k=; fh=J2lUMkVkE3bMUHAlYr8Z+xBNUhTu7yAY3TGc7WX9BcM=; b=k+q0dka5xvK6NfBiXevWxtwWUFE3j07P55zt66QWjwo6yMu64ARhtM7gyXTm9Q+2CK phg1UwOmlKLljrH4SDjSb4sXPrsWOoq9dkF4I4AOlj21SVxZb8I4XAqVc91a7BKu+fAE jjxRtLJrYI6CTAZFr97J1OJvhk8TRyK8dLs8MAOluo10BNIWzGIM0nAEZHOjyte+Mu6N UhJauDqUUwu/rlE0kpdeETb7CPmyXHa8LNlJbJ24i5L2dFkpVReaD9XMzBmX1QmBp7rv YFXyT9VanUBd8nuOcQugLF2HcE9XetOriGMdFJwgiQtRhN/k39BbOiB3w/nhBSjJ82nY 9MRw==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=O49N8Ltt; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607780; x=1772212580; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=O9cncsblki4k6FvubnYsnFpuDUqmRtk0exjp6WoJK8k=; b=Rov/zFifNiwVriU4RqBgPmsCnP7NIuIjQKTRDf1DK1OoYcv6rXOh6UxzOoJPLMh9+a bpJDpqAKesrntY1jkTm3A/UW8Hs56HCqYLGv7zcvgPoubJ48jYhVUUF+jEjpltnCaU+F ZRVO5GnbVia1CdwJbb3LaSVBi2z9PhTyGDsQpMwE8CGNfWrG2ynaTxVE/cEEIBWQZ6eC CNZ15HdTL6NvM57nLEdzb65t1MOiugRKRDSoPi/BEl2iteX274v1CJB87uLOuu6OF21F r7rD6JxAgtKAeFciJklFSv3KXvxW1L3JM2QFaUV2M7Grm9FK1URRPJdFaWV9MG4v96Od Gkzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607780; x=1772212580; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=O9cncsblki4k6FvubnYsnFpuDUqmRtk0exjp6WoJK8k=; b=xGmDd3+LvFWhArg2SyAWB+N/3/WL3qAPtU3ho5U9OjysKnjfhNKV+w91fSu6Kb4XX7 o/8gNQuJ73Ura7iPoog2L4uACgy7e9B3mL6hoZX4G1C+sgmuxH2FYa482NkNPagj4FyY lkWi8zQJYl9IsTzuhYyM+/qMjmWBB8uI/E5gnnfItnkYw/LlWJpg+EXJ7v/YCOpHn1GP VwtolL5fiu5kLPA5cgyW+FYTVbpi/J7pmKBGliCu7V89MyUaxpkj42rX3mF0Og7NtD6s /2g74M8f0A/Idxg4vKEh/QU4i7RFwsB0MTUo4dn7zn4H94VftLVSdRdHwfsrgLXwg1ij gj5g== X-Forwarded-Encrypted: i=3; AJvYcCXMfbT5y/peg8b2PqWPA3Ib2nnm/kDT+MuReAkhrXr1Gkrlnmfnt6umr7QmvZqll3owwicJaHk=@isar-build.org X-Gm-Message-State: AOJu0Yzi/il7YiR2zK+tZ3WOyTPbOjNCgrIQNo55yYEL6XkBrwziSEfm 2vhIZaOEUUj2U/Xcvza9uYWyUrvVuw5+9uTx9iCkvYu+T7LJLG5jyQHR X-Received: by 2002:a05:6870:ec92:b0:409:6ddb:10fc with SMTP id 586e51a60fabf-4157a9c9335mr229355fac.7.1771607779453; Fri, 20 Feb 2026 09:16:19 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+EdbHHFZDUKld4a9d/9yHCqrrGclQIHRQe7pTceUbvN9w==" Received: by 2002:a05:6870:c245:b0:3fd:e7af:6a2 with SMTP id 586e51a60fabf-41562a4f674ls383226fac.1.-pod-prod-00-us-canary; Fri, 20 Feb 2026 09:16:18 -0800 (PST) X-Received: by 2002:a05:6808:1b26:b0:455:e5c2:a6f9 with SMTP id 5614622812f47-464274c0d90mr3184507b6e.14.1771607778348; Fri, 20 Feb 2026 09:16:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607778; cv=pass; d=google.com; s=arc-20240605; b=bCifHIaEIp9oSdTL+BpaQ5X1clOkGXj78RzMs0vIVg+AquuF4bU12CpKxLw5ud0q6O RacXd4wyvqwXx39ZlyVZkJ4mmxg3QzGVyErXJda/qZJcs5ZALgnYL/kQvaKKE5HAhAMR 9devhlukbNuD6QPy61QrBa7uoKJ7279TVzWbmgbxEG7Ci6FbfiJiZ7/zGRNAd8zCLeVM HGTzysdPgsZld3FVgkUR0ae58ssDUnE+bI6md6vlDoIL3uuVd95kULy956RKi4lgj2Sq DK4m07DGLb6IxK4hEqitUkS+4oOthtUOeh/ZI3kwucsankd0tzK5Xq1J6Sl6Y3bbyNDO FVfA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=p8zkt9gfK47xY42Xq0CGZRT3R2alKaA4hRK5mwLRalo=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=H18iECLY7XiK8SbPVi6dz3Jq2oi3+p2RJz8aGrACejT/xop8ZVHhXzIJLGfYX/TrvL 4vifo38zT4DiiRlmxTyRX/3L7pa83y2c2EEikTd6dgF07d1KDwK7v2aA/ajYafveVDcv BQFVHyLdm9t0yQmy/hJ7IqLxwhoRsxGW0h86QMJ/zVofr3N/C+s8bW54M1u84L89GGB/ P/pZ3KaDIgkWVyxCiU2o/7G0B8vYlrQo0oc8/Gie4Km35NiToTvNte0G//oxEFMZSWvD ARhly1KnLP0lm8lI/T6m33NQ3vSMqgwPIDLNglid4EAuJSrkzzP825ajDY6ckx79tgFs DqoA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=O49N8Ltt; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4636ae55f7bsi1149069b6e.2.2026.02.20.09.16.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:18 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=t9CFYVkXGf3a97Uige3bkllDQhR+feY2b/KJm+EbqHKqZtHLUUcw+wGS1dgPTuh2ica1cVgQ/F7ITImApVV/VkefkyczLCL4wiuiMp9CxGkFh1nbRmdRVJj7GfpagjdKUU1wT4+SB67DFKfS4/BChtg+owZxJoamU1Dn5cQWRppSToikwoW/Pserzft/q/T+vEnKOhYiMR+/4Jk5hIu9hCCnqYNkA9vHB7jU+w3HNO8G7xUQ2k0txXm5ffENbaJt7LS77p/Qw/OxGbAn8XEbEleI5Bu+vTqBeLMun//yh6yjU5MSMDVdvB4DDGzRlNb5gpUhreKhctVDZgkNQItySQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=p8zkt9gfK47xY42Xq0CGZRT3R2alKaA4hRK5mwLRalo=; b=DJb9ZeVRn0j3KEa7kK1nfxhqXl8hwj4OY+suVv7bHreECPDWhPF/v6/4vW599WlSyWiSo/NR6Wx4WWr0sS21+45wSsu9e/L6MrLjpYKgrfM8eWcthqJWmK/Ln4Md5kF0EHdVsp113FFPAZXC8sccqcpf5DBEikNx05WHTwyyz8H1uELr79yl+lwD35yVP/xwK+i3/M6ebURYdUGo6DWjuQA+EMyYmA4etWBMRQdlhILWdCOAiFT2GziEWn/IDUi1d/EpAwNeOD993LYAdYG0p6Rgj0Om+fbsSZ7PQgPaRj1DBu8XEjVIc2gwZUyBwT45tLWd/17NFW928q3IGCZP4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:15 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:15 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 05/19] bootstrap: move cleanup trap to function Date: Fri, 20 Feb 2026 18:15:47 +0100 Message-ID: <20260220171601.3845113-6-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 877240dd-71e9-4d30-553e-08de70a3c03b X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: nTjYWjZ/+mvvf5afny4r6GZj06/gn9EtVPhAKPsJIiCE7+5kC4Y9XlTg/xAz1GnKuDkkmBgSdIW73pS0XdjnRptIlsd0y3kZs3vr5XLowgsdaFdZrmu6bV/53dSKMF+12JhoK1RgQptaJIP1cq7wDMUXEdC59xbOi0K217DQiQBASoyl4TGEyw+X2Q6PAO76yLOMTa2gfppSLfh7KVDIW569Ge4zmi1t5npy73Sl5kxZU1XS/Pw/twdH4Sjy3rnS6lZyoN83Lq4z2EC9P8vvmxvVlXAn7pNPLY0I5+98sq7yOoSePOl5GLO/G1YrAnO7C/Fk6reFpr/rNSwXv60dE/9kl4zzWRhOdC5jdOEcdEprCE+2hN/er1/4uB8VoATU1TYfnEp6RECSwyckS+J0L9QPWdgBAs/x1zO28dbCq8lJ3Bk4c/lk4H/BwV4r7MNvuZaIPRgYh+FwGjOW9J4D7zGgx7WOb0S1VCveTcGYf3Bu3Tz8wBgA2wxvaxu5uMefT+SJbS+dj0xG9HH/NmLQRub8tcWEwFq7CrL0XRtBsHDhETN81y926uoYAZB2vzX145ZH1OfqKzS0Qio8ziWZNoVQheUqWL3J8u2oPmKw9e4pDaEAdiP9iWtU1IPHk6rNcIvGymUPTWJi09X5/N5mksop5TxPo6VlD723HuNqn6bPumCJ/iOTSbXD4Z75wHHne/d/b8otln/LLHowgEqikizOzw8rpYOGntqliP61vIVXn2SwBUsyh167HJTlBPb9XbwY/77pwCLG6+NWk/5l1rCuMsob83BR/YEkMU+JNPw9bSjp0E2rnmbiXSeSI3dIx4KptIqI6YvCjiIPBDYCUmla//CrXQuJAQ/f54VEdIxsAyVaLtapb6HHCe9gShEwntUEqeIjJogd6vQ6tM2UL16CyM7e+PPSe29LsJiL393lHNXUTbS9VZhLr6EkBkzHFp9Bbx887QSWUhVg0tmcT2ymDjdPHO6w0aNJAYG1wy5ql8CgM14wLPYxjcAzAlZ9DLu66KpkfKkC8VVQOLeSV0mGooSPa82siUEQ7W9uQDRtgWGPVuKDf4jNXj4fsEzrNgQwJBhoDKS2izhwqza1CnkWgrefAGlZLZNSPmT4Z8ZfZq9EkhIQEFPzsmNPrbDs0NXNGzKQssOQy9Stdg/H/XX/aNAXaG6QqDwg0w5gARghjKqaPn/30t88YJw5y9W80sS76YbaQUEKa84fhZxWc8BjILLbIHyfjCnFqwoH1wbmMtfJnNgnaRtGDSiOzPhumu5gLI1NJpb7C/RiEPrLWwRZUFIPJWmVjc/xiskCcT/LEPO675bbv3UxKVpi6aLuAymbRVcC8Y0d2ikc5Sx9LZ6hwJ7+t6LFsGBWk4UUeCpEg20EyzED3htyiGXOC2EYX5d888R1BmHHAQcgOrXfUznMNZwsgmrLIg1etkGdJVHd365UrvrmongcsFWgz2p2dxGh1W/yaUjOLCpvabB3kZiZONxNBksbDdv97O6u8XscSHQU6SMQSHrhQkA1yMwHU7qv6EBzgpKLO+tIDvVFD2ZONtNrmcfcCyyaEizI6S4= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 61toRqk2UNQWgkC7/gfvVCoh5R2nIwrcGs/9XRFHk2K/M5UanFHM8RL/+dMbvqzIfl6UeKMl9AtAbd7lATuLxUWOWZ0RSHXL1pi88KpGppcW5Fz6QUsdFabiF3ZxUhDyW5Xtf2Tdc4chPFch/QRYr9aOqrhtZ1WAHutnUR8rNnbOT2YaOLjHa5hbptzEOSEEbEmRHmgol9xeq5MiFvKNMvJtA8BZDr/IVyCmpFRSZ7RtDaH5DAcyKUrkVKtLV6HPSUFyKpP8kI/L5LGB5tGfqdNkcmf4am9I1TKpGkbns12sWRC5zLszpYl05+1o0UiMdDjtcq1fK4ojvLbMBp+YWGxCZuBKxRaqRaaAfL5PGCMygMlNeZGQZzL/2OA3Gekx8FA5/nkHuhBTC5zUbF9+LWsIQo66AOmk+mloS3lymmxoeJFony+6qkzZB5mxHN6f0DWu/TkQDiMHgs1IiF2KdiFyGB3CXuoFwL+ev19BHMSxWICMlGdmH+SIuG8uTXCAJWF8Ae1aralkG+7wV1oRoIu76k70CZ+YjvGiQV0GeYrJYo/gThTNkay14vgTRhfdRuYmncR8g7xMCvKZs56eHfS1TB5TEOIOizQXjKoDsh+sHROBN2yafFZBZDMAneN4wSedF1AbrsWTvxpWRqHuECOc/zjl5xtRqzrq+0xPYkZKGVaCbgFyfABKvyVBBc98OQWXuR452M2Bxtx2kK+7Bjl6kE9If3HDfwWgtCrb9jg7/ubMVC5qMYOgCZ+adNTAxSyjNSd+por43X3Im0UOOU7AIqvQ6mgA9W7AKOfHDs1S4DjN8lm45oE6YEmk1jU6ttpGYSG2t6PdoiX7tEzlruduQNw2Mt59F9wcStuQE6gMSOlVQPi0nyRrcnoF739HDJb4Dvu5tQg//+Bb3CwEHhP3yWewPeyUwNbt15Fxn3i7LEn63Z6wbh4Etq2vtU2BAFzjHkKo1NrbJzXIp0gsBzbGEvOuOy9MOaIVcU+Fp2QC2a/OTtWM0NXM12aB/dVoTbSdsjhMS2UiKGG888l+/8UkP5BGlH2tExEcCg0qHNo9XpRLqjaWprDOimgqJqo/lzAq8CCVHFWKa6HK10HkvFIkAmI5Jm4G/kl2lSwcQ+Nh2zJNRhu++2tbalnMWalDGAiaCPe1Ku0J8UiAZsFIZ47WPSLSD6YeePIYhpjvCLzHBTVkGoz4iFLMc1MY4z9fPh17r/mVo1NZIMU16DDugMwjvAQAIzBkqgr4IM5Z4l5sr0J0IgpUE94ZCKHCOEpbMOeR2PjyWsZQ3DyTUxalJ+6fV3lw4iiN/+wKPoLJB2Eh9CMcjaYur1eapXFGSDI14KTX//WrjdKHMLsXNqhynRLIt6HlJayJj2oFUjtbJ5NA9/aAgyzuF2/6OgqqFaDFvOS+cFpfX1eK4kHCQiCgryAlp+/sYG1OaMedQ51dWmpKcc0KscCWJx1Qe5RXSjnOM1Zmp5NG6INhCZwYuaL5puDsLaPIs9XGCNocbcFZ49iAWD0SlVLrWE17ZcTFYkddSyLYw7fpwudtm8vatwp8dip6vfOT/MpNrzUpMyo2aWnyu5MT8Kiql8RZn7PKoMhNsZ2TNrh1mBqWvBuRt5X+zFHjaPNLt5IMHTbWUs6wqxPICvCdDFR/hDrVGsMV0jFpkGF1TSNP98cU9bjIyrteVcD3OJ1gp+tg4+al9Zy2Anm90xO88pLpIA5Yi0wz7pSqk3Gz3U40c6k4eapridsL3c1WyoexSESIcbdeE+GzRDY= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 877240dd-71e9-4d30-553e-08de70a3c03b X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:14.1704 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 1wkn4rRhNprFisr9WPCrvnH6vf8/Pqah6sjuFY8+HtX6PJw13H83/+uEc3J2g1ZhrIoO09qLQdC3x9udPY9W3GY+FGBV5L14FnvSNQi0JaY= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=O49N8Ltt; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= By that, we can make the trap more easily conditional. Signed-off-by: Felix Moessbauer --- .../isar-mmdebstrap/isar-mmdebstrap.inc | 24 +++++++++++-------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index f420c3c1..8ca295b7 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -105,6 +105,19 @@ def get_apt_auth_opts(d): f"--setup-hook='upload \"{workdir}/apt-auth\" /etc/apt/auth.conf.d/isar.conf'" return '' +bootstrap_cleanup() { + [ -r "${WORKDIR}/mmtmpdir" ] && tmpdir=$(cat "${WORKDIR}/mmtmpdir") \ + && rm "${WORKDIR}/mmtmpdir" + [ -d "$tmpdir" ] && mountpoint -q $tmpdir/$base_apt_tmp \ + && run_privileged umount $tmpdir/$base_apt_tmp + [ -d "$tmpdir" ] && mountpoint -q $tmpdir/base-apt \ + && run_privileged umount $tmpdir/base-apt + [ -d "$tmpdir" ] && run_privileged rm -rf --one-file-system $tmpdir + [ -n "$base_apt_tmp" ] && mountpoint -q $base_apt_tmp \ + && run_privileged umount $base_apt_tmp \ + && rm -rf --one-file-system $base_apt_tmp +} + do_bootstrap[vardeps] += " \ DISTRO_APT_PREMIRRORS \ ISAR_ENABLE_COMPAT_ARCH \ @@ -201,16 +214,7 @@ do_bootstrap() { # Cleanup mounts if fails trap 'exit 1' INT HUP QUIT TERM ALRM USR1 - trap '[ -r "${WORKDIR}/mmtmpdir" ] && tmpdir=$(cat "${WORKDIR}/mmtmpdir") \ - && rm "${WORKDIR}/mmtmpdir"; \ - [ -d "$tmpdir" ] && mountpoint -q $tmpdir/$base_apt_tmp \ - && run_privileged umount $tmpdir/$base_apt_tmp; \ - [ -d "$tmpdir" ] && mountpoint -q $tmpdir/base-apt \ - && run_privileged umount $tmpdir/base-apt; \ - [ -d "$tmpdir" ] && run_privileged rm -rf --one-file-system $tmpdir; \ - [ -n "$base_apt_tmp" ] && mountpoint -q $base_apt_tmp \ - && run_privileged umount $base_apt_tmp \ - && rm -rf --one-file-system $base_apt_tmp' EXIT + trap 'bootstrap_cleanup' EXIT # Create lock file so that it is owned by the user running the build (not root) mkdir -p ${DEBDIR} From patchwork Fri Feb 20 17:15:48 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4888 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:27 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oo1-f57.google.com (mail-oo1-f57.google.com [209.85.161.57]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGQmE005989 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:27 +0100 Received: by mail-oo1-f57.google.com with SMTP id 006d021491bc7-679946d3a6csf31075255eaf.1 for ; Fri, 20 Feb 2026 09:16:27 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607780; cv=pass; d=google.com; s=arc-20240605; b=NHedwRGBtLW7rX5tPQrWnyKjxjnNHJAaM1OP2ATW+sIdhkBgpb5FHSEf6Fnm6+RwBT 2f0leOVM9O0U5X+hUhokKyTrsfKzjGVVN0OdYqpGs0dQWV2oFV9w6qm81DQfLBs9rnyR yDgY05LQXPq39IfciRCJFP88hFtqIjMEplXz0fdIg8RNSDOnFLuTQdyzolwieyFY07AF iW94ajFZTuFoxI3YJdzR3fFH0iA7EXWUgJwvTRmxHLnyFeRyVr6jL9DXkpQMTWvDnklN uhWEjfgUQ9RhwlBvnQo9zvC73x0kx2uUlXB1W0jas1mdrXHikUUn2EvRzfFnbT2kQVU7 LsTg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=XtnBmTXdS6C5LtvpHMuun2iavRM0UX6PWECwMT2+Xcs=; fh=Z8m4kzpwfoT2L0IG0f+kRJde8GTnmzpZKv5wAPPWM3g=; b=eQTUZUPK7ECodVt7jyK6xnfZqba/kqseIQyKMPfpmLyKh29cYA0/jPzz72aVCaZElU mU+wJxH6Nsc4HX9GXiqvJHjf0Fn7Ld/r2Ge/QB07oWsq7Erg/I7Xy/cYnmNv3a/tTRY0 HMDfDl8myKcVZ9QQxq6fTaabFgyYqBImL/kxVege0eCU6fY/yACyqCD8u93b7JIxAOyX Y+rPGzV13amBLDAmgeKbzQ73LJmOkTNLIfSan+uu+JfOQFH/kq6L8On2B+i+Nm0GS4BM lYfwx3RczZsgNYnsnI7/lYwglH0//1E7oHq5jbxLX8OLxtU8Dl7QA4bWJERuuwCvFS53 pHTA==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=E+xyvH7I; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607780; x=1772212580; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=XtnBmTXdS6C5LtvpHMuun2iavRM0UX6PWECwMT2+Xcs=; b=JNIbDBkwDREiUG1WV4K+TXcg4Df6PAxl2Z0Sdfu3in3S0ZkIxkHiLnc9oRfBISMIzE g0nRMcaqCdygJunz9sbsFF223UlCIOehx9WuKUuw4QliZ5oqT1bjCVJ/i0C2zY8AJ3cr 1MIm1s6PPGt6CZgC8Oi2OxIr5s3m+CyPA3MQ38WuIElqzlX6FUYJdOP3RVlrqLwK4NbH MhLM9GQypP87azTkI5Jgmhm8NKIZzf21KAjFUvFVHC0TgKlZdPrzyjbRAhhsHA6jIxpJ /yKC9umPkEOs/tuqqPRFsuYSqrJXEMBP4mkv0Taw7MnyJvWsrNxP1iM+rdJj/SiVqYUC S9gg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607780; x=1772212580; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XtnBmTXdS6C5LtvpHMuun2iavRM0UX6PWECwMT2+Xcs=; b=h2Y8AZjjXsso/LRQXZlotujaMkqjvvAecEAtbgTjwaQWxYGoOFUUri7FV4ERTTnbbc gaLHiQmp8N2496qQcODrHhLqQdSymHeIC4GCsiose+t477kQhXeXYMJgKDtOeT6wmmv9 m0RmBq7SKNoQq8qHXHxxwB+l+djJLV7BGL38ZQ8GhDh4qwGkx2wwcBZ4iRrH71Bug9kA mQd66GFzt2wRU7DBfZF77lzwwSb0hVfyya/BLRcLHQNqxABGyQZbTQu7bDxhkadNucm+ 4UrIGS7gOG0W5I2/eW7pAMbFjqE/IRg1yHSnqBNmvvlaIusg/+mCX7uEX5cVUe4p5tPh IC4A== X-Forwarded-Encrypted: i=3; AJvYcCWmlHZgSMomLA0d2FLGLQJBQh5Kvqy8aVhGAwCIfGl9KDLIzWbLqg+NDfdZBM8jhSH4dtInygw=@isar-build.org X-Gm-Message-State: AOJu0Ywig0dg/dyaETbjLfI75AhKpjkEnMJgYq94MHXmUoOCKXM1lAEI IE17wYYYn12vsm/kSasLNY+5hHr6VMDHCUx2t8DpU5wSHvVVtJz2KJWj X-Received: by 2002:a05:6820:4811:b0:662:f763:c539 with SMTP id 006d021491bc7-679c4489312mr268793eaf.14.1771607779881; Fri, 20 Feb 2026 09:16:19 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+GgcbZUeU0MbTrF91bwUrlSKtp7jTsQUYWypCYQlWy38A==" Received: by 2002:a05:6820:813:b0:679:c3ec:1cf5 with SMTP id 006d021491bc7-679c3ec1ec5ls230138eaf.2.-pod-prod-08-us; Fri, 20 Feb 2026 09:16:19 -0800 (PST) X-Received: by 2002:a05:6808:1481:b0:45e:dbd9:afe4 with SMTP id 5614622812f47-4644638ede3mr350402b6e.42.1771607778856; Fri, 20 Feb 2026 09:16:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607778; cv=pass; d=google.com; s=arc-20240605; b=FSryitKJRHr3Ifr9g7yvun4QzNhjLOIhNKTcGOxZw5TJ09hqgkjIQAED9J8M09ad+n S2lRmRK7s/S0Y7ebiwd+F12slgQ02TaCCwCPYx/1SDW6YXPDRr4MGpvqwQSm2HBuLL7z 2BBVpadgtP3df+62jMO6WT+LR7pdN4DYKBdxVLMDIN+ASJqNYZgU1FBHsqbKGj+V/8zi 7Ifz96Ucm/e7jfesE8gO+4zPsDiJXu87bDX6EsS4hc4JlM+4bmydY53/uncM/6poHNWJ zn1WGQjfUYEwpNos91UA2EjNg3FokDTFXafQzgB//TcIRDkytNBK+FxFjHT14i/Vgz2i naUQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=alDRi9W9AnEeM6l22mRhk16YN97yXcNrdBEXeC0d8F0=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=JaObMMYO/bx0Uv7GjZQ7hrkI+hELfPkPNKcDZBUgqNAJ/JyRixVIiaiFKmYCBBU0ON ozeRRSbwpsH26deUj/0f7QIYS7XKE/Fwli9XNX5rRbH4UqeyBGJedmoyl3Uj+nZ3SOc0 g7ibtErdox9kc9XjOCPDf20QtUSoIUb4Lt3auyDuzei9tFKMR9XngdPQazKYJ7qm4iSk 6tgjnCkkoVwfinVrt1BHUT/HRiV0Stc1j2v3w3mraIRXysodR3S9wnTHoKsRHRLfTzEQ 30h+jwPUGEVZWpPACYFMOryhVhxRqv7isChVJCvjsGG9jOvmDBAN+K9K3NgJ7chy+LvC bhXg==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=E+xyvH7I; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4636ae55f7bsi1149069b6e.2.2026.02.20.09.16.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:18 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=kZFyksZT74W9ldiUJ7NBJg2aaNBJHYc9cZm89apVWZ5MIcy1PcSwoEM+9gOhbmqbGSjsZQTvDwc3MYLU98Dz9nJ9TmN8OQ7TkzV5CRnvfd/VKqVSXHufyo2Rhwgs5nHe7W6dl+pTwicg4LF5OymGKzzGp+6TtqfBiGYZF3x1cDBAHpWL8o1kaeyLuiHGhzYUwpwH0EPySdVfioMYI5RQYRYmy2QxkdmbWZqHQpSdN/qlQjNvv79XaH/2TVzOdriXYLsDeAXAYiENCLw0apbZxomPBt4LoiEbDNtuxswGbcIeoZFMmu13HQbpKRWe7bYOxe4/vKDp4/z2rl/vvswXlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=alDRi9W9AnEeM6l22mRhk16YN97yXcNrdBEXeC0d8F0=; b=YobBilyQz+Fowst4l17z9Tyn2dKj8Xd3O/EmaQWKFO9Fx92uiEdybtj6gdylyRDeXLIAk2yvIDxfEAQvu/Q9C81qKtwPEfn35kA0VeOSJqGZ/cecP4oDzubhB0Ta/khP/9+qWgU1gNNabcMJiqKqLaBBJnkuTRIgvvhWNwBQWZEbr6WJM5shYd+lpOeGxu90U0opZWBhAlGKefvrNc2G2RwxfnGihQaNzYONobqWJzd9sXgAyWf9CFhIqOSCke3nupK5V4awHmrnz9JnEXUXIttiJGjV3m4DWfc/iMPSJwSGqed2RfjooVSJG79t7I8M6+rjgWOa62p/JdSnn9yfcA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:15 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:15 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 06/19] rootfs: rework sstate caching of rootfs artifact Date: Fri, 20 Feb 2026 18:15:48 +0100 Message-ID: <20260220171601.3845113-7-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: d7c75b3c-9552-4ce0-55ae-08de70a3c0bd X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: LvJMCcgEqfv3EsI06sZSSmIB45dR6tUoAndTgMM243ppDqkAIjoOSRMBCYaNoCaS6oPGGg2Xg7kELhrCdqPa5X7ynhMAXoZQ3mcXaObrctKk4WjRB+tVcz2lgYkx9bh28LCJqSDIy5DCAN8TB0WLBZHLv7sF4JxE0j9YxqRyXr+UnmV7jl6X7SzKkhoqL0p/MguVhKM1MtItjFm3aSzstt4pziZWdEaNkUicD614As3v2wL++degQedhVasB9BXpMwdh5+dlB4hElV0/bXWxJGxJUgaHDBiwSDZsXXeiYDn4AxLUOMmR1M+g6kwSd1Lo9n5oqXxF9/I4I4tDhtXDo3EZaPk5JRv/q6A3Jt/V9L4fFsCdTsrv3nKpB+TcaOgNFT/h7r4TtiD12p4FzPfgJAD1/8uOOXQB8gJ7aM4i5xC55SjmpCT7+a1UcVo3dzUvtLauu8D5qdqQKQLeNRKMFD/KNDtlV2Ypbn8EFOs/9I30UUlIU9y8P6duj8dQFU87lNCH8I+B7z8dA56WzUqvZBAlxXlakmzTOGv6NRs3zdUTfJcnpXMcsXRDlAUCanDK4NGMc1XleU77hBEq6T+4HWzIjtn/F42OyMs93jBWCvvslnxLJ73f7riEUAcHqX0UuYFL1U/V7UGb7Qg1h4Om2wcFwre0tB1Q/SF9CuasyXP2QxPjUNpU+kwZGGTk+c8qVK4wHXUGj9Y51e9n79Q3ChIMNy3INQ8PT2sj1kF6mPq7qLxZ4cXLsoeIJ5hdqqhLl7gXrc9rny3Oa2hVkzeb6YETgVzTacKGc2YXDy/tXxuZey9hSCVj4LjGxVVYL27tK7JLM2vLWFJTL0MP3br6b5iNQ9ylk0L9i3wp0WMIV1xMl5eTt0c0X0fWrgh9+cnsdLNNZ6pBRoSgM13ELSK98EnS6RCdqj46J2nuvGBAKmUwE9R6IPd/zv4WP3N3YIdWcAnL+fz+ElM5zpCThJmiF/PfpvZoxZh0yTIHEONym8xjx1dXq+JhiiqIjI/DT5sA6L85V6OK/Ic/qf0XT8eyV6HbMIUq+UmEP+/lPmrec7eqpEE0s2GZ4fPE64PU3QfAEMqfcztmSjMM7kn4N2tuS9MwQB0fj7nCxqY7tU7CYt0Xtg63GGqODFE3y/etbJOK2dIVHAYpl4oHWQNqSEgDOuoWoCaurifs2WiTrcmkiuqsrMoFt8UvWuturBq3v6vzjlgeDf/HjtzejRnUMBtZQFk83uYa4/pgPzHOOFhdObw4yDQKuV+GcWIl20XdPIepvUHLbzzqtMD5PZXcmK7CxbRoA7sYTwjmfy7HH31HnG6RJhGwPwzZV9vx1/BwwhDTtBPN/Fb6Zp+TKGZnS7luu0ddQX0AIiH1CNZlQASMOZOBRf2/qa1yOoRGpSs7T4MiCo7QFjt4Ym7NsFNX6pDIAa3g+M8aw8mtYoz1Ez2TCXq4JxImFhAG1811XPWOznXpb/5B9M8IGFtp6090bw1BD1A3vENKzcpd1omAG3fgq/hwU2K8ATUXBipXMiozlwiRklhveqgejTAifYG2hAIt/UCqFLffRYcAFQNU7i9X5/I= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: M9Rymu58DCMh86wNkWHQUerU9CV6Lrg5Wk+wvP+5dzduYyFqoIDWhUJNK5mR20gPjfVpkAdkpulIoB9FPu/qhxvz4aShx70GbLqLHb/4Ej72JCEPhhiGKBVZRQvIsUQ6EdP6oM5jO8BxZQ97XF+HM6NqdsA7QhUc/xNlBsyxcILKCbjWRXQeXHhXxAMWvxWW8xgmf7TMlgjI3RIyV3zNJFubdtAqY3RjUtYI1/b1XyNTubqlKabCvZcy8CM3JxRoogGBE/nOGH75H0UTMK6MXZ/rzRQ8AyDte3K52klR3UZf5fmtMdwJAWTbU36dAna5hsd6s43o3Yww7AIQAOv0CIR1v5skIXB5lhLjz+DdfDulZsQ+AohqS4r7XzxdbX/ry9cvrbQ2TberR7yDCsWh/oIEfrSFOo9DFBbRmOdhNfEYF1enCf4GEIq71W/+1ZpQTcq7F3b2ck7JKlXjkklxOrvPhx25nB7PMG6txIo0fqCFN7Bl1qG4CpLFSlUg/Lk/n6Vd3h9tg1ERbnFBxzerkbwsyzOOYwW2DA5qdnHZAYYvpdlpxypZkxMnUtuN/ZzR0z7wVkQgOv8NVrP8n5M8Cpslv03SprzMISvxNSOh/b3wP8TQGinUj83RJ7igHuJVrjx/hdNh2WVcEzinpPpD3MRuelMNyBm0sNKETehEJC2nWP1uIn18dCcytFjAsmaOyctpdFfupcR0EOzkbHpte+QVeMa065TQU25I8cXxnREUfMSuvo0wcbQ1nwZD+dbO+Ohh6mt8x45LnXxyQQW9orzAPnvG1dC0Zps1UPKA16TXBE5rH96MP9+tlnW9OB1qRp4SU0UDFlTr5Qcuu8SmSFBmVsrmkyH7J5TaZpui1GzZoYo04nC/VzTD+bAz4oDTdyJ0aJj3mujo9LEd8DG+710SAeid9WTMxctEhTgkIIYt3Yi1vyE63dCMzz3kqgqpsHlZKblYQoaJm5YZN54AEUbNupNJ0ODjFOJ5i3X4nOD2Cj+rD7wQf4K6qF8gcMPAnTlc4kS/LqXWGMgmOypv8nm3mLwc2b5e88RyZERV8QSho+lC4CBObUOEAnKOEuKwFB+Jj3dHCyPZ1i54s6BrJn5k/ot8G32IdoOCQDGtWv/rqPuxJwS5+mxgM74wVlnkBeLLjjLg0tgmRIAKTn7SnhbCSRIVZ9dzZD909ZZNTjRBqyK5vuQayw7ZrUh3aKJENLbgbOFSIsOQQvxWoplBQdEFnDU3iIzmjkQFBNmvMFFGnw9vGfOzAjoO3srH0u19c8QBxK2DOSu0JkbVa3s2gk7H+nbnFQ95sOU8UPQb64mab1/PC4vbiSAAgRHAiM5nII4FwAxFz0Mr6TyG4Q7p9UnUBYIlJ9TQi27U4jHN/xvSZXhO0p6henhVlPzCYav2kqHhIqzAT1J6Wdcdj4cQfjgU7+4e3hS4L8Hz8fncY88/C/WnkjcuoCG6VekTz7dEH0k7GjDxrq5pOTdcOa6qscY6VlfL3MK/YsPSgbVTJnfg84NDAWPKrK3CcrFR4rYxYEtz2JszCeQqCrArEj0n2ocIazQvpaN/GNwqbaiNnbfVHb1DxGE7Ts3O/afPbYqlILucfL8TFUA8HivxzPP4mubejLDlE9uNq2Equr++D8fKAL5VzmNSmO6IXvCW2tq+BEXCPFTfK/hR52oRgqzIZlKNaKdc4xGZbJvHZarPzhni6oMlklhnImFBurz5QmrPon+COcAknurc6lBXbv9I6GT0wAuESKjihKT4eMNhtIk= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: d7c75b3c-9552-4ce0-55ae-08de70a3c0bd X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:15.0054 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: fibavteJBwwiAC5CXxpMxy9IjGTv5PucZSmY9YvYCfqh2GxmJu/fCO4HLywzfFXMkVm11mVacQRDFZMJT3tqz7fK9WMt+2YnKJ2TbBRoSnM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=E+xyvH7I; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= We ensure that the sstate artifact is always generated for the correct rootfs directory by using the ROOTFSDIR variable instead of the assumption that it is in "rootfs". Further, we avoid file permission cleanup by using stdout to pass the artifact from the privileged space to the caller. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/rootfs.bbclass | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 2b8139fa..33fc3cf6 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -663,11 +663,12 @@ rootfs_install_sstate_prepare() { # tar --one-file-system will cross bind-mounts to the same filesystem, # so we use some mount magic to prevent that mkdir -p ${WORKDIR}/mnt/rootfs - run_privileged mount -o bind,private '${WORKDIR}/rootfs' '${WORKDIR}/mnt/rootfs' -o ro - lopts="--one-file-system --exclude=var/cache/apt/archives" - run_privileged tar -C ${WORKDIR}/mnt -cpSf rootfs.tar $lopts ${SSTATE_TAR_ATTR_FLAGS} rootfs - run_privileged umount ${WORKDIR}/mnt/rootfs - run_privileged chown $(id -u):$(id -g) rootfs.tar + run_privileged_here <<'EOF' 3> rootfs.tar + mount -o bind,private '${ROOTFSDIR}' '${WORKDIR}/mnt/rootfs' -o ro + lopts="--one-file-system --exclude=var/cache/apt/archives" + tar -C ${WORKDIR}/mnt/rootfs -cpS $lopts ${SSTATE_TAR_ATTR_FLAGS} . >&3 + umount -q ${WORKDIR}/mnt/rootfs +EOF } do_rootfs_install_sstate_prepare[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" @@ -676,7 +677,8 @@ rootfs_install_sstate_finalize() { # - after building the rootfs, the tar won't be there, but we also don't need to unpack # - after restoring from cache, there will be a tar which we unpack and then delete if [ -f rootfs.tar ]; then - run_privileged tar -C ${WORKDIR} -xpf rootfs.tar ${SSTATE_TAR_ATTR_FLAGS} + mkdir -p ${ROOTFSDIR} + run_privileged tar -C ${ROOTFSDIR} -xp ${SSTATE_TAR_ATTR_FLAGS} < rootfs.tar rm rootfs.tar fi } From patchwork Fri Feb 20 17:15:49 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4891 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:31 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oi1-f191.google.com (mail-oi1-f191.google.com [209.85.167.191]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGTBD006253 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:30 +0100 Received: by mail-oi1-f191.google.com with SMTP id 5614622812f47-46394e9b526sf9429880b6e.0 for ; Fri, 20 Feb 2026 09:16:30 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607784; cv=pass; d=google.com; s=arc-20240605; b=iVWMTmrD6okouTiLzZV5hD5r3P70TubYJWB5xpbETx/hRyt/BCLYRGRCfIOyRlwX9d +w+fJzIb+evMZqidLlOAXc9NJpgn/FTguNRm+1C2ZvXIpQ4DntnGG6+4iRz7doX6lGob vo2XDLjlEIu+HVvf7+QiuvFrFy6Mf3b0XUNauEo+iddo8NpAkMCaaOw+XNbFFVGlOabo LtUfXwZJ0GHqhRkBmoK3tX4vnl9YjNwnRcUf5Dyg2YS/OlpUGS18a2oOtnGmTSAMSTGu WMk0SQhQnMRgV4zpQYd9jjOIyiRO5Lkb0W9ocr3jJVL/SGwSZRCLmk/KYLHtnhnYfvx1 w32g== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=PKxXiWxaswTJ6YsrvFP233TqqZb0UFBApWqPCYEgznU=; fh=dOICBDh1KmH3lF6Kz1feOuJXMeFBIdH95KA8y25XDUc=; b=B4awdh7PekjjYoz3mtcETFNg0pWWjuC63KH/6kUZWETv8AI+VevIhgFzvbkMvnm3MR p/Rkav7hLKcz2F2uPQ0A+TgRYf/42ysMbEPSMdeu3wRbNkWTEBOfXtD73BSDbAMDcjCX gnrAICyiiuCUY3X2DO7selYS0a0GaWsmyVz5X9qzPiCkhH5gA9Mw/2tEPx9LgJkHxkM7 JEZjqnUUHYXg3zxIh6tcd7HUQXSv90ZzgHxWb6AW1Ha18pY8xn/+YcERifZSdmcRm5Z8 IL8Rx7UlkHa7Vq5iHxAP4NmPtH7uFhGr/4j+GOD5y2Ipctwt9+SiB7feKuY4KAZQciKz 11Jg==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Z84VTRn3; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607784; x=1772212584; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=PKxXiWxaswTJ6YsrvFP233TqqZb0UFBApWqPCYEgznU=; b=PsXoF0J9aCGhne0YTlbIHtZ3FSvQoMw6DF/cUwAVntA6Bb1jZvGSLhZOrS0U6z4u42 YkXCL47Xjk8BL0BOMtnF882xLVRIetIgn6qzWeTvCP5Njw6MMCzCSu4JPV7J65RmK0YQ DBWVcVEaPeYNd6ImFFWv2nTDVYXytaXVpEf7WFGu5y0KqhCVT56X2S3msjJNk9kZoJWO AIw8ZDsq0/AvLyryWL4xX/dNtH32Hh0RoG4Ek7f9AnpY/1e/noBlsUCy0rQ+wVFUnIUJ SmuvKmgrtEdgKWzI27YbaaPw/VnXuC67zzXC2zH9WOEIPgXIi0n08bU/PDq3Vgs1aIle o+TQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607784; x=1772212584; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=PKxXiWxaswTJ6YsrvFP233TqqZb0UFBApWqPCYEgznU=; b=JP6HA5WF77WHnHqQoylwPqjASI94+DVjl35ykTCTz8yYtOL630zIk3EJgra4pg37wM qmFTCroAJi3dk1REis7Um+DN/nPwlUNmxX7NATfh5Z+65EzzyWpA4IUgfuEKP2LZ6IFX 3MvGPJNn3fyz8ICfprMKp342Wa/lFBqWcm1VOGt+DgQ7WqemTBQ08VwishD45w08obxB 3puK/NSRfSAM1U7ixXg+RDQ1IANNUOazvKWzpnojb0cVIH0jUGqoRalYvdW13qGS0jHJ 1VDRP04SVLeyuiYsgo9Kozx0uecWwPNeDzJG3gfvZ2CBucSO5bXDrkRWuzNmcmRvfF1t 2cFw== X-Forwarded-Encrypted: i=3; AJvYcCXggUnaarIzJV5TCEqEAXWAXfmX7b3yGHreUg+ZKtWRhi5EnxvuAsXtQq3Vj2D07k1TnsItF1o=@isar-build.org X-Gm-Message-State: AOJu0YxuFcR0f1f+cGhEeVxYcTSEI20eop2geDxHsYaE7pHJ1U69RoOf DfZlkCec+BBMO+RhZQXsP6miPj3/1RjbtRTNZ9ysbeLavfKEvwczuR9V X-Received: by 2002:a05:6808:1910:b0:45f:12bc:4579 with SMTP id 5614622812f47-464462082e9mr331183b6e.19.1771607783715; Fri, 20 Feb 2026 09:16:23 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+EUaqxaNI/9oawHeaA2jPjEmktg97vlEmP7M4nDHauwGw==" Received: by 2002:a05:6871:3301:b0:409:6328:a767 with SMTP id 586e51a60fabf-40eca620de7ls5912425fac.1.-pod-prod-04-us; Fri, 20 Feb 2026 09:16:20 -0800 (PST) X-Received: by 2002:a05:6808:1910:b0:462:dae0:193f with SMTP id 5614622812f47-464461d07fcmr390971b6e.15.1771607779962; Fri, 20 Feb 2026 09:16:19 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607779; cv=pass; d=google.com; s=arc-20240605; b=asxLuy0cpuMzd2IPPjUQuyUAtCoeERpVNkYrq68RQqPFb5RZnX1sFWBLJZKHY9pbc5 5I7X9gM2dh8vjSVrVicxvjEIx2puFVi2YL1LlJTijCDeI1TxV+hdgis4klXw+1bZm5gt RnWYjpPdb2+A+GOzVKWPO9dzDRY5nnsUm/PM5n4u0mtMPLOGArQ6P4vAQ6IrJLHUl3zS a9rVbIa1KJf2xGeg1D0RzayOaXMHfv2wdggBjI2OzJLxtIR0oIamOVhmPVaPtgZ3GwWU q7NNk7QHwLjWSbzIh/Mf51XRQwo0ta/JK+/AdKZ7DvDKn9ObS7ZgKvJdXODkC/x2/J8q 9p6Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=HgZGnHQGYFSxDTuYhrmpQX6Kbsn3VexXGHggCOObShc=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=kh0dfTgxlfPvhq0jfSXk5St7kR52wUdKH6TXTCgE+/iz9iDM4fOx7qF89q/OKREL2Z 1139RNv7PbH102hD1OyG8ukMreErroXbQgUMPypB0nLv7eplh/TRjBi/d5JF/6pCvrm3 ONWJqoqJTJX6om/rvz6lFV6JCEVJiU5oMQ4QLd3oVrZ+dWth3Raq6pvNlGCgwFkNce30 ZdiGOHG69Oqc+N9jCdjwS1g0OSIpQec2nAQ7631aJxDGd4nC2Skr3JEa1kXYhpQLoiOs C+BH7B6yUWtKqZ8zuLtqiEOzPQy7VVYCUGlKTBpVJgRcyCrjjMWzhe7WPGiTt54r5dBK LASA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Z84VTRn3; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4636ae55f7bsi1149069b6e.2.2026.02.20.09.16.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:19 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=SQFxZKhA/g+ya4UFgZYrDPeGkgD+bzf1uupKHA2IY4SeLJ4k47UG8Kt5gOhHhfEePRXOYb7gxKvQaHKjWIJpR6ly0xrkIvF1jW9vHQihthwD3VqTUwieHFh3lk5zNGbW1ir1KPiOegNunHJT8ppp4l+Y3cp4oDGfuAxnKEavp1/S855ehbWbp+Ah7orcTika0LY0eFNAG3/wNHvfE+RFsNAMno4n7yCOnAG7oSyKsIrncEf5B7UzEKXS0topW8E6KqW+CCh3LpSTrPPkq63cH3Fp1xc1s16jV49YZ0fRGwaEghtk/YHwaIgruL/uxL0T1xtVztKtLJB/CoX56tQCPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HgZGnHQGYFSxDTuYhrmpQX6Kbsn3VexXGHggCOObShc=; b=u3igz0UeNISyy52DSGNMzYsHEoiN3Vsa2V8VFgEax8hSQxm8OFUH0ZLth0bWxdo0tYF6BmA0Qx9GMjMTnp2JridTWeE0ZHHKAXLz28IcfPs3lQDo62ioWRgeEGR4N7AJLA9qjv5K1MrtiAgCk5RYaLxvFnYYh1G8h6hgXntX+ieTOenFMxy9gKrHye9FImlOOxIQa/Ugd6s9WUpbtxwv2e6fXQOfe1RJjx81WKclqcBnaVDmGS7UujOyBmviVQ1bbedY6aVDa42Pf1aWQmhKSLqqOu+ONbovtnCFqMogCC1K51jgQmo5xOkwfjH+c3u5jxuamWJ5b7Hv4m8C+nSQSg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:16 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:16 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 07/19] rootfs_generate_initramfs: rework deployment to avoid chowning Date: Fri, 20 Feb 2026 18:15:49 +0100 Message-ID: <20260220171601.3845113-8-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 37985cec-bdcb-4813-f0fe-08de70a3c11d X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: NjF9rm/4aGzhCDUPT0qUnLonT35YZazk5joDQ+ajQQT0vSq9RasSRKwNutjk3UqaZa1bgEc63UHFBhp0Nmi29Tldq+XFglgh1aiXCIEWZuVcMSIuuIB1jDZ2Seu5QUBuKWa190QpXQ89E5L+5XBO9ed6oYvkcxwFl53iMfAijJJuarZwx20obqLStNBTsJXrEF3EBWpsikgU+oJEMmp0SeIGykeMAQbwuzxkbZ/0EBxudemN6rW+uE0TM2T/1aUk8LVJshr6KTUDbsaOmVHkJyQ7JDKGL1sUGHtLyvuOih5HpgTgzV7g1ndqGY9XM7KlC8fN3bS0fq26Jg0NEgAZahpqKAmcXHpPsJqRsB+VKiCbHQODFKGrlgn1vdI486x2huxMruO3CIPtAPsgcrZhTrNA4KulzwY5Pghh+UjPo/JjzlG8iKlO/gv7NPULgNffduu8KqcKBQUhHW+iNgVtxfLTqsWrni4JmlfpxHMC8L/cXrUCnADp45h93Pbu4SPD5Q3RgEkyicrpjYHtRFDeJsCBD0bZIYVl00K41DXgmGGAl2gHtPHD4OvyO7yu6fBxXst830iGVOHsOQ3gecCeaDXojwqYm5Mu4NDXk7h4Bx8Ohj/SbpHhxgHJ2+rgcAOkWWlLWAQivqzIi/apdH7WQvXym9LXAt6TE/SdvMfVVS+k3zoSp3gOVJ1P93olxN89wzmpS21J72PQF3N6QX5pCuVjMAWZsAD2rNiehPoX1Hw6Bl6V/ZuTbkAwzvTicQF9UsbeIqWjwHQ2DZ8Vxjf/OICg+VbB7XJ3p7Ss84ObEJ59hhEPgy/x9gxuD7oFUtAYjvA1e5EJ0jvfHvJFCnbsw89q6144Hr0U4BrkFJ0aI9wIOlAXfOUBqrb6CDhIDJcICZka8kpyKTogWcMq77UyRIHRiq9SdL+DriikUHLK/L8Nq6GvI8zwqn1BspfAG2z1bt5+sMxL+MyBR9RkJ7t0/jUQuKElQ8dzDea6ZxMNvNg13TYXLlTMxj/SuhLYyehUFz7EG5XPy8shMnQB12EX727F7tB5bMyDxYzLMH4n4PKfnVnIzHqJGHy9jiUBS7ejVaH2GE5a+K5gB66TXynGv/Zv/ny7LTXqoNSGcDrE43ZPhV12Jvd0BQw+0O9dyEPxIu3ofAjdIV91vxzSLnxmm2vVvW7mUFjscs1MAfQmcGQR3nPGzzZU1hxVkaIXYQt4CR0lVTaoQgvH71J2jI/7KqSzZjD+hFpIsd6vMbbTURGf8y16uqSfWYsZ84n5d9RZAWOWHBpNslBba5CxvJHjA1qHAcT03j9/tRuhgewUJIOJxcVWqGBAzCUmzFtzrsyQAoGFMC2YGlH1clerVcSQsjbTrUiS8WXqnAqZGQDvDm8uCLxr0fY87RcWvea7Ljn31w2hiu+nZpYC9wdDeDmhH6ka/+uoIHzQuuebI38xm0cyr4cpr+kd1KOkoaDYoX8Ab8r6Az/o6I/bXmF4tdURw8myMUTUkmDnKYute1gNpqAN3pCgKqpNHedbgq845fuj3UugWgFG3nCw+Bbejpea4wJe3BbM4hxc1If9UXycV0c= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: PD/tNpK36rURGL4C7vfXUunCPYA9dGtbSqrBpChtV5O9ZhTvsJI4RfUbyLQKOAVWtcM+Ac5XcEPqroT/APg71uYuk+5SZ+euaduEX28nJ4pvWhdE/dFTOl4Gh8OKyc30nhl/nmAOVkjUdDR9nKu1DmiHPG4c7cKySJUXOE1Qa7zSi1MevKOIl5g0qosNKUjErCHftrhVmxL9YrJSiQzSZeB/TZEA7L5LDPBsif6mdkwKOPyMzARLybIXAzPI+RubEPN2sPmUa89emIbFPNTIVmiAV7D7hL7g34gVHI9ktcUrgvWum3nPtccnqEqpV1RemAXpQP8BVWdPp5Lls9osDvVvxeUjzIVFKVOSY+nciWunrRkMijYv7p//WDuaQILpuMlTUBbuwEKpqzYCuQgVPytWlbnsYSIxIpxyFbewHN9KeQ6RP4sEVKq3/9nBxhSJfwa24nkIxrPbsWnZHn7+wVFv2gauN8HII6DLgJOV+WGTaZCPaJaku6u9qCrfTSZxILhKlb8PeLMcv5Bs77HqbeeyFN36uKb1jX50FWz+cTmb9RkvmLm8bVG54V5VGV8OPJ4Vv+3fVzUhBAzgtVqL/pilRKi3RcN6ZHwEBjp8uluwKY25gbftOoTmlqg5TFs5c5Qrhlu5aU+DKPA+isory+2gm7ZYN7kWC9SvK3Nj6YPoBHOfIaStX+c+Le/Toi8/KeTEdW4NzjmahFqU1OZJTZXAEEL1om9YosNXCwrWN2liqMkYzg9L3qBO/NNK8z383NeFr5E0NzqZc93rEt4GEj9GE5KLe6smdQX4JA6bDQL75/r9vSd1kr3wpZzKcCtVt0b9dAahVD3BGN8dWvX3Z0FDS4bBW8LXMQlY4+rQXseFIlwRUsu/b4b8PsII7nyqYC3u+dG7GYbdQng8xj+21g/1nE57eoE8+cEv1FXXeRPhYFKQWtuYHVTEqEebYwdNUZrijBttWkDu4jvinMO/Y1qcACDU9E77trRP6ps2w5veExfEGGP+W5OEEVFFKOHc1+nYJ/BmM5I3bxgte1w3zGuxPb0aP2gbk7Ho9BdEHprHqtE4YIfyUfWL7kSTTH55VteHJkOmQ6yOPpxBfqqZ19n2x7nt4a3H2oCn4Yd0gJ7r8fQju5mQya8gkdQ5VY3sqYl1bbx5E6j/P/GVnA46M3+pNO4mn8WDDxQJJCjayY7Jv9WR+kylFAVADCsLMJKmWgC63ql0qevIwiC/zs54XSp1D5fj7/vPVD5meQ2JKfL79GMRcp0x/weD48dIHuYWdJ1/N0foJ4lLw0mwIPaqGcOofJbkLecbeA89oeYbvjdiaOtLVAHXxl4z0XjDsi2hfUJa7xqhVteqZdzl8g+ck5cqwm/wHvsp00+mKtdxcVTnwfxWFAPsRUXBrWBUf/LP+xvYv18UQdvWCAkKdN3/wTI9XErBQTMY3AG/VUzT7yurCRXu+MutTQBrRwxy8poJXHVoCN7z9/wnPh1ksqgLgSjRMNhF0jXvWnkeUlx3Svf3Bs4glogWiA6K9CyBuc1O/URoYEY158Pu7m5nspZh8L31Em4yHN1VitcwyFLczyXjdtOuRBTz9w8QDdmn8inpL76/2qAmRDpN5TDyQz8k5bphSoO8lsbqRxqVgF1DfHQ7aqg5ILHP4wONU33pvsWbxsSDkO8hltW6+fW1K2izICBe15O/iGmfnKcA+bukKlnf12w43Ral7wu8irS+gOR8n1ovYszDxa7IyQDUYzlUir/19FA5dVCVw5T/I95hRzU= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 37985cec-bdcb-4813-f0fe-08de70a3c11d X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:15.6543 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: +p4E5PsGtec+P/5Qz6b/x+uM99kxbULtSYtrWlXlKrdwuGqjZTLSSdnZThHzry88hWw18xsLSms2Pu3J8ObwosmfGMESNsahXmxlG3id5Hc= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Z84VTRn3; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Previously the initrd was deployed as root and later chowned in the deploy dir. This involves privileged operations which will no longer be possible when running rootless. To prepare for that, we deploy via a stdout and create the target file by the correct user. While doing this, we also remove a useless sudo invocation when listing the ROOTFS/boot dir, as this can be listed by all users. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/rootfs.bbclass | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 33fc3cf6..ac50156c 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -620,18 +620,16 @@ python do_generate_initramfs_setscene () { rootfs_generate_initramfs[progress] = "custom:rootfs_progress.InitrdProgressHandler" rootfs_generate_initramfs() { - if [ -n "$(sudo find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then + if [ -n "$(find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then for kernel in ${ROOTFSDIR}/boot/vmlinu[xz]-*; do export kernel_version=$(basename $kernel | cut -d'-' -f2-) mods_total="$(find ${ROOTFSDIR}/usr/lib/modules/$kernel_version -type f -name '*.ko*' | wc -l)" echo "Total number of modules: $mods_total" echo "Generating initrd for kernel version: $kernel_version" - run_in_chroot "${ROOTFSDIR}" sh -ec ' \ - ${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}; \ - find /boot -name "initrd.img-$kernel_version*" -exec install --mode 0644 {} /isar-work/initrd.img \; \ - ' + run_in_chroot "${ROOTFSDIR}" sh -ec '${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}' + find ${ROOTFSDIR}/boot -name "initrd.img-$kernel_version*" -exec cat {} \; \ + > ${DEPLOYDIR}/${INITRD_DEPLOY_FILE} done - install --owner $(id -u) --group $(id -g) ${WORKDIR}/initrd.img ${DEPLOYDIR}/${INITRD_DEPLOY_FILE} else echo "no kernel in this rootfs, do not generate initrd" fi From patchwork Fri Feb 20 17:15:50 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4890 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:30 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f58.google.com (mail-oa1-f58.google.com [209.85.160.58]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGRAn006033 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:27 +0100 Received: by mail-oa1-f58.google.com with SMTP id 586e51a60fabf-40efa542b8asf22256249fac.2 for ; Fri, 20 Feb 2026 09:16:27 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607781; cv=pass; d=google.com; s=arc-20240605; b=cr3g9C6/zjnm5M7sdEeRVtF8j8YMjKmP5oWL9gmL4WruG6eCTpfp7dEIH40UWEnFWy 9BP6MuHv2GkwH2ikcLqDdcV2sBoHJ+DsFqlcvYahVm7caOrqofS/2OYDeLTru+ywUUgL ppx6wxyuvKQJVthFY1f0FDpu1R/p1an9otxVbDwDtFFUsaQRwvXcWp4KIKCqvH0r8geI vKbu/xlXle33cZrLhaYQp7eg44LUctc/ZIFGpVa5yTC+AZ8TrEdRO94ZmZ7up6i268qC 10n2aQ+cnkfqvEvWaJRco+wjYjvf9JIeRoMGDTuvCE3aTBOxCrnDH0rW8HfQA6CmEWWe 7I/A== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=+QgOm8RhoSmUPN5AzDqlOaYWugZF22bsY0b8Iogjgg4=; fh=2yoo6WO4yZtUvAi57PdwgkuD0e3/vgOYET2/2ffrqMc=; b=jLMsT8HA9ONvI/CyFUqwOCzjXJiPiaN7kVSXwiopjVzvFb3ZqxY3IrR6bqWFK3VLf1 qhXOehUgkMDQOrWp6xzFpIFJvrKU3Dg+KUgKNsysLmWZmRCcAbGG5ArSqYGjChv7InaK l9TBLLntQSpgvGXkCJkrYGOhVjEerraFWtqOaemlVCPIpflC2EXbkYYOj5s/joLYPJLA R5Tsu5bnMrhgBvA/C60ytfdwJn7bsPg39EgfzVgaEYHN6+ukKs4sBIBzTQBH4OrNMCWn D1S/lxh20A+uqr8vNgYABb78kJ5x8pCTM9nFjyUPpN5qDaEaAVfJLh8PjMg1sRK0gB7o L24Q==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="Da3ri/fv"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607781; x=1772212581; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=+QgOm8RhoSmUPN5AzDqlOaYWugZF22bsY0b8Iogjgg4=; b=KNP3gUivLAdwbxBbiIRJlscg5GIbnKt5U+aY6ZI11hzPbc56y47iNNM913yRdog6rY 8vNlgTlOeSziUvq7ls/TR7ZrWaGbaNXDNn7x+Ii5vYbFOeaSS3qiXA5ZSOm5PbY/WZQ+ oEdc7xXssxi2rzWvyHj+p1qGJk6xsAWVnWjO8HVdUk8uEphct46qqRkFYN0v/WKnxjbF +Loa1M/EiN2sOY5h6O1e2q8qK+V7kheWlGSwTgpkNEe3eJ/H+N0o2GYT7hwd2FaFVTm5 FhtyAMvkYBwVWHgWVnUlH4UifMlp9reZw2nP842C8y5Weqy5TrCmwqSSQC/wcV1exsGL IbQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607781; x=1772212581; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+QgOm8RhoSmUPN5AzDqlOaYWugZF22bsY0b8Iogjgg4=; b=vocu+9pKBeqNntLM6WS/BkwajiemCzh+8CTG3QvHQGJG5ni3i9Hgq+m3695X3Y6+U+ jFPpg9Ee/wvrFJ/6aJ94R/VnjSgqatvtdMyJ8yovsG6cG+Xm3fEqqqYPmSMYThW3LbtF bDducM8E/fQrM656p2lcuv86vTNGaFZEZ4CL1C1NeiGqpaYuE6P3naz4IOUIRw8hrDFr EaFbdVzOaoVRoNJO5y2ecKkDMRbb4kNx9CIv4nPXaOQUCxsLZ0ss3z1NbZHzbScn1ZNU G3PODuj01u+tTYd9K7Ju1Dbyo3t0rop/49wV5pjsT2X0OMaXKulnhB3L4ns7/1niRILf ZsHQ== X-Forwarded-Encrypted: i=3; AJvYcCXvlkPvxmOZiJQPjoxjJCR8qEIHyUvVvuZ2PZACK36baHonZpCViAAlrPltmNboU9fa/wlpzMA=@isar-build.org X-Gm-Message-State: AOJu0YzClhMTPfu1e/wpl1Cd/SrK5oBjRgILxtKaK+MRzwtr9u4moJP3 CyKQC8E3Rx/ZMoSf1PXqcT9Axl/9bzT1lCuL2t8MPj0K3b1kneAuX36d X-Received: by 2002:a05:6870:8922:b0:349:de3c:bfc5 with SMTP id 586e51a60fabf-4157abcaf0emr207886fac.7.1771607781355; Fri, 20 Feb 2026 09:16:21 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+HNE88qmnEDogFvSVKtfxBJr5mIAQw1Ws5r9k9robqmYw==" Received: by 2002:a05:6870:420c:b0:40e:f703:9195 with SMTP id 586e51a60fabf-40ef703caf4ls5836748fac.0.-pod-prod-01-us; Fri, 20 Feb 2026 09:16:20 -0800 (PST) X-Received: by 2002:a05:6808:c1bb:b0:45f:13fe:4a3d with SMTP id 5614622812f47-4644612e148mr371849b6e.7.1771607780457; Fri, 20 Feb 2026 09:16:20 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607780; cv=pass; d=google.com; s=arc-20240605; b=LlcBI/Q6SsygEZiNUXtpv/in0/CvyGdeJn4BOq0NoHRm5SLd6VTrJuBM89rpBB40+Z 2cEfeeHB/rjUJNNXxIWrGLnqwIclp9StusLAdam262iKNZgJeinuofLkq+MVKF9dTlNW BNudAu06km44ybb7wCxuM2SeLY7C3bzmItQwdYKqbjgONNv8Nj+V582x4NKsK78dj8lB orSHuvu37kKpsc7pzqchTfPZaLid7w4uoUnS+c4H0KJ5cPI6P7VZWeOnJJRLx+awR0DU 1YBkfMSFEwv2y02+YR0WNEEQ9rN0EVB+zaD4GEErZn0ileagdqiYyhYzpa1rZwLFl/2X 6sbw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=8ldsHLsmrJkXrm3UG+5tekzysSBq5w557SlIlRuxZAY=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=JjOOGHYfbbD9EnkEP3cXcN6JxWtgSTHsW62FM4KWmt/2fm30Gqs9wcYectL/3/eI/k nAaI9+9qrgQe7CG/r1o/v3CiF9cptOQL58m8vep+JFQNtE8FKudomiAAz8f3t006YED8 Rf5iex4/8O2WVT/feBGPQMvGCoX7Y5Ru+BL4IDqO8RRTq2wER8PpZylEp72gkuijm24/ tpaLWnQxKgxowGcKANiAhkwy9XCsSXp/5wKddEqwcDqbqT6iPUklanbXdZOlCh3ZR1x1 hOGeaOc5Xtx8fd5CcWMiPlN8gCyz6lhif4jiu5rW9/6ymcuf0vKyTFpO3S3Hof6E4h/G pFGw==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="Da3ri/fv"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4636ae55f7bsi1149069b6e.2.2026.02.20.09.16.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:20 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=nxP07+3aeZ9z1/3c4jO80SKl8BdRDg4SjXWpW+kfCCVanycGALQkFGlotMGYxg1guf9l7DdYqSMtawhOgn/CxGOaUv8J0NYRHo8fEOg58okMh/82Fbe8L3xIFB0mkiveLIJCz7hx+a9RJ6LHbrfWGVQe2EWOawNwqBNcp+zPWk0oLJzTfXMD96tHd5h30CStKJf2pk0i/gVuXuXPTONh1v1c32CiZypZ14f2lOPcNZGP1UshhBygGHmzjFUHnZSBumUM3tFSOihAghiGXcppKWsD9/s/9SljkqB4oRIycnjxux6H94qcfASCzbGJxAi3ZASDcTwnFFA2HBJyIbUTlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8ldsHLsmrJkXrm3UG+5tekzysSBq5w557SlIlRuxZAY=; b=ag0MxysB5/dMKvxqAKz3br4kZE4XqzkU6ESFeYsEpIWoBh+T+9Sdvgi2OGOHCWgmFA8SlLVGDoNeoOxJIyn5iWxS8EVAgabQ8Qyyh/tHPExHYG5RC5DErqgsqCmctYJ1lnOqcAI/UaRO5B8RvoHjFjYZxe2iqHDXxtBZf1VZEqpFwV/0zXaFo9aXbBY6bepWQbdlqogJMz7ztqA2q00kJT7CVJkBHqnqooin8XjJ/82/S58VQGudVh8CrcfEkrt5TzV1PLGjwK9m/hpWy6NSWNWfMWWkvOfOih6dPSm/4OVw1otg6Y5HyI0c/tgpRLNmiDBCi2mtHiu8cd25eAinkA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:16 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:16 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 08/19] wic: rework image deploy logic to deploy under correct user Date: Fri, 20 Feb 2026 18:15:50 +0100 Message-ID: <20260220171601.3845113-9-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 94e66097-eea0-40b9-79fa-08de70a3c192 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: tXmGONxuWQ+XQxZMLDC+wq7e5Y/WsnCRKJjB3g4m9B63S0s0NBC9b6W9U7UFKkRUZxqcMlHNS984NLIX10wPB06JK2QnvPx3bjqR3EISSJqHKi+urjlubj2heXcjK38EKkZ8oq4+C6Jhp4sLDQQX711Yu7beXaDCgoNnIX2Q9/+7it9ykNt9997adro+//P4lMSnYxeNi1nGEKwRlTNUpJOnM1cukM+MOmC5ZLqR3/aBR62yZPBl1zbY/ATOroDnS8c9mDOzt8AKSj9GHR4MditRGDQFYW2N6b4XnZZ8L9Wfy8A18RPbwOZeQO+sUUEUqw5/5aBUnXH4Sq/4gtkTy8PjCES/Opu0ZW7gOQ68GVogYnRhozLTyIQnxWvVApr7qhyGevdCjX7aGh/3kMsm+ggu6ez3OWbHctRsFDj32xQuViBN415j8tLJCm2ZBayLJIK0TdaWyPuCmfL2OfUHeSJ52R56j9ncyRRElvmu1arCCwJjhjgYFmK3+bdqEg/7gwuEquczn2/5e99XCzGiGbgQfRTv3E1tk98CjG11ZyBcaTDwcLlDQIkNNgqvtJWF0vvX166wiBl+fPMQrgUc12NYk/QSsOtD4dcX5FZjBlyDQ7M+6QeK0YxsEJFLbt3eOUS/vj+iOQx5h8CReD72Qvq7KUm7qgnHod9XjAUgNeGniOEc+zmXraufSbbxXKThkhRCFvrwEbnY94CiZp7mgg+3sS+DKb6jYVglLEYSjOzJ6EukaPC6XDxjXPN+SnX6oh/REaMugTvuP3E5l4v5Xa2+7/TmQG6UTlPLwJvB3iAxnxah1lO8di+i7K+6sEt6ZoMfH5T7EZizqrBu3Wf7X9Xt99+8/OMVsONTNg+QTfn6nEXwNjRkhghjsjH898qDE8+PQWptTKlPBvyQkMU83FMtLPUfcXKnE2NcnaJ8h9G33RUqgOW/vDpamdv4ZFuqPtIEqk7qh1KHmO/xGnDIGytx6uwqaBSamMca3r+qg3And9ZKkWRGIsh7+qHrvswpa7GJ4ePIXsO+Kxtis6PjsMCuuHrvQgvlM6Oquljhtti2mZjvDJSkgpnqZdky6boY5cvhoZzEs15CIW5+m19J/DjBIL1Eb7Ht0ba281HLNPreTZBl2mOsgR1oi59M6bP/2SegzSodvL8AtGu9WIi59JqbjwCDNSC6KL0lct9aWuMaUhQaBMGQw1Sb+IkgH01zTCgWmRHs6Uslu29fZ7Ub3mjP8Mc+42JQJy7nIon93O6Rgj6NK0owAFpaCaXUsNxVVgTpWANLvEo884jTDepTYQr2YkdSNSMqjhau05wPCKSNTjiD9towtaocKaL+Q40hSd9lK+5eADHCxP3PrnlxLjx2+NyqTr91V98OaeMq6UeErz8TGTYKyMfliQqI7xBa9gfLEGXM4DOqUxiNQB0k4dVjfwgtoejMHeGKD612z30dhaSEjDZ2aLrpEBsXNm8VPJkLZdNZQDrMqgRMrUuHfyQfrRxhPBjWArzBCiKE45cl1ETkoLm1Km9VeHQbm8eue9es5f+INghHJOsbg3LuOvPB2IuopS0gWFCvtjDr3Ew= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: GA1uZpqkaM30pvRj6o8lDCcZsl4VdqSiMykU8bmeG8Bx6zr3XxSvS9mhtkOfKylOQN8/9E6LoiqrUhg1ZB9OLvi7vNFt47L024//nY+hS5SYUiqUS8flbPH0N69+w1ksP6OG6j8aEHqjafFBOxe8x80QC3bE8A2r79RsuwTTTGm/D2GseWxyR+s6Yj/9LNeOCl/dGWkCnUufGrRTAmauFRuUQV3OUzbkeYtz6UUWp98JshtxEZc+bvAniyRapptf7eeQymzLW0yJprxffpWJEXQWiLR5BGH4uGnXQaKzWV+0/XRxlS0X3xl83MLy5/DxIpJ8Nx8dmuBe8a5b0Q7R5vikowBFeOnPMZSg3xgPvkHEO0GR31+ZSjhxtEJgPLGcAugAj15lhQxQwW1w0XN2WLj+YZRASUNOer3foFRSDE0bA+7FcXh+lu9cCvErGwEzHRm6bU8xg/mNsGIe0TJAnibpn7+6JfbqBU2iY5lOegsd3VsJuimMU+1JlbcHuVMfl+gJUhTDrfxIw9RmkzWQF1IQL1PggYP5JLqeZxHmy/GAW3FfFVFSR+yHNVDFgHueeAGSPxvDqicJa1jbT2R1Wxomt9aFkFtRUpWHa6towTVR03r+PqTAUuFC/GquoQLH7kl2Ky9bTUcOoTYhA0spqGkPA8+yZW2g0AW3b7A7ML1mHo6oblyuE2ymsBKjSj1jKrR7bZP5/43/Ow0RVXohDEGFhQS53bu6Zu6IgiI4zgqo8AremfGE+WjdnewLiC0yjB2MNyuzTL7n5mGjzHcZjU17onxNLa9mTKIQ/y1j931N153bRHU0bjRs/HVIqFQmxAahykgSQfPMZn3bZEusROVsbCCnqcQtydOzmYvAmByghrtkaNlz3t428/fkeX+uF8p6inHXMzwWB+25mem2VJexnb1cOARL7v85BZhiaPZlQdnbUS+QP5wvSzYRNbZii3Fksvk3WJ8mHBHahVdWsnMDela6n3MRuzHHiT0YTWhlD4qcMwBD8/TxfrFDvrFBi8N/jZtttE+RRAosOyJTT5E0SI4q5jr0cTq+azahroGuklaqk0GenKv96PsRPSqhJtR+LiaasLk3a+h/0FLMWlf5hh9iVuhPsev1g4MQGqeTyrqT7IIP+FINkwGqooWa7D+UFDBMfr4MVeW18YQF4ioIuv/vuHDKhdXCa8o9n+qhupFMtzPnGQ5ccwypW0tDPBNkydBAklcGnnUbeqKmVZnaKlZnkQXhuab19eGp+cvuads48yvjRm4lgsEyWJ7P+n1gV/iHFwdFWikSLXivNIyBnRejvRuL5Rq0wZwYLyb/CVsLeX7YyiNXy1Q5xdRhMtp6BgkshdKIR7j14cUhJ2R9wxEhW0l+mTN7gFyfe1du5f9R2dNf5WZeSn3QGc0e0ij4r56AcirT6QrRYUseBCBYiSpd1okRkOB2kNG7ZpSxZtGNdvdJANe34E2VLc3CEnwPQ569cwghjdVgwbgXlliLpwxylCSCLpMXqNnQU8LErhgM5m6Y+RNBCnN1qU8ApZxBBpB3ZQvWi6gSMAsHIdFhSrjiCuPCHqr+JTq3LD4da3luNavU3CI5PP7RfzknqVDHVepWc3mERSPu856U6EP/ssbul1XkWVaE4yevSc4h/Ln0EffLq25r6Y7cECntMohKC0Je3gf3ejMJ1jI8GcVanKET0L2pJU2O0kzvRqQdIWnO49CBpU1iyj6haJHRuoR4tTSTKH3PYcLqWzj7k2Mtqz4O20BWVI1D3K1ApGk= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 94e66097-eea0-40b9-79fa-08de70a3c192 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:16.4299 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rW55JLqP3e3K3HdigmtkHanlA4VfFq7OsJSJ5b413QKCUY6p19T1SQIY6bv+UMtCmQr1Rcfl+VCcwpPMeCae4UWLK+X3G0YIeCWyoo86z00= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="Da3ri/fv"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= We previously deployed the image file as root and then chowned the deployed files to the calling user. Hereby the chown command itself requires to be run under root, which is not possible on rootless. As a preparation for rootless, we rework the deploy logic to deploy the files under the calling user. For that, we deploy to a temporary directory within workdir that is writeable from inside the chroot and then copy out under the calling user. Signed-off-by: Felix Moessbauer --- RECIPE-API-CHANGELOG.md | 12 +++++ .../image-tools-extension.bbclass | 11 +++++ meta/classes-recipe/image.bbclass | 10 +++- meta/classes-recipe/imagetypes.bbclass | 47 +++++++++++-------- meta/classes-recipe/imagetypes_wic.bbclass | 10 ++-- meta/classes-recipe/squashfs.bbclass | 2 +- 6 files changed, 66 insertions(+), 26 deletions(-) diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index ad03ed68..31c61789 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -978,3 +978,15 @@ specifies the rootfs path. Using these helpers instead of direct `sudo` invocations centralizes platform-specific privileged execution logic in `base.bbclass`. Direct use of `sudo` is discouraged in downstream layers. + +### Changes to image types + +The way different image types are handled has changed to be be compatible with +rootless builds. For that, the deployment of images happens in two steps: + +1. generate the image in the `${IMAGE_STAGE_CHROOT}` +2. the `imager_run` or `${SUDO_CHROOT}` command takes care of deploying the image + into the `${DEPLOY_DIR_IMAGE}` + +Conversion commands need to follow this strategy as well, but can read the image +(prior to conversion) from `${IMAGE_FILE_CHROOT}`. diff --git a/meta/classes-recipe/image-tools-extension.bbclass b/meta/classes-recipe/image-tools-extension.bbclass index e88557f6..2eac3619 100644 --- a/meta/classes-recipe/image-tools-extension.bbclass +++ b/meta/classes-recipe/image-tools-extension.bbclass @@ -17,6 +17,17 @@ SCHROOT_MOUNTS = "${WORKDIR}:${PP_WORK} ${IMAGE_ROOTFS}:${PP_ROOTFS} ${DEPLOY_DI SCHROOT_MOUNTS += "${REPO_ISAR_DIR}/${DISTRO}:/isar-apt" imager_run() { + IMAGE_STAGE_DIR=$(dirname $IMAGE_STAGE_HOST) + create_chroot_parent_dir $IMAGE_STAGE_DIR + imager_run_${ISAR_CHROOT_MODE} "$@" + + # copy locally deployed files with correct permissions to deploy dir + find $IMAGE_STAGE_DIR -type f -exec cp {} ${DEPLOY_DIR_IMAGE} \; + # on error keep the files for investigation + run_privileged rm -rf $IMAGE_STAGE_DIR +} + +imager_run_schroot() { local_install="${@(d.getVar("INSTALL_%s" % d.getVar("BB_CURRENTTASK")) or '').strip()}" local_bom="${@(d.getVar("BOM_%s" % d.getVar("BB_CURRENTTASK")) or '').strip()}" diff --git a/meta/classes-recipe/image.bbclass b/meta/classes-recipe/image.bbclass index 4a250964..2049d80b 100644 --- a/meta/classes-recipe/image.bbclass +++ b/meta/classes-recipe/image.bbclass @@ -180,8 +180,14 @@ IMGCLASSES += "${IMAGE_CLASSES}" inherit ${IMGCLASSES} # convenience variables to be used by CMDs +# Note, that the variables are only valid within the type specific task itself +# but not in transitively called shell functions IMAGE_FILE_HOST = "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.${type}" +# view (only for reading) the image in the deploy dir (useful for conversion commands) IMAGE_FILE_CHROOT = "${PP_DEPLOY}/${IMAGE_FULLNAME}.${type}" +# staging location for copy-out (should only be written to from chroot) +IMAGE_STAGE_HOST = "${WORKDIR}/deploy-image-${type}/${IMAGE_FULLNAME}.${type}" +IMAGE_STAGE_CHROOT = "${PP_WORK}/deploy-image-${type}/${IMAGE_FULLNAME}.${type}" SUDO_CHROOT = "imager_run -d ${PP_ROOTFS} -u root --" # hook up IMAGE_CMD_* @@ -262,8 +268,8 @@ python() { image_cmd = localdata.getVar('IMAGE_CMD:' + bt_clean) if image_cmd: localdata.setVar('type', bt) + cmds.append(localdata.expand('\tIMAGE_STAGE_HOST="${IMAGE_STAGE_HOST}"')) cmds.append(localdata.expand(image_cmd)) - cmds.append(localdata.expand('\tsudo chown $(id -u):$(id -g) ${IMAGE_FILE_HOST}')) else: bb.fatal("No IMAGE_CMD for %s" % bt) vardeps.add('IMAGE_CMD:' + bt_clean) @@ -292,8 +298,8 @@ python() { localdata.setVar('type', t) cmd = '\t' + localdata.getVar('CONVERSION_CMD:' + c) if cmd not in cmds: + cmds.append(localdata.expand('\tIMAGE_STAGE_HOST="${IMAGE_STAGE_HOST}"')) cmds.append(cmd) - cmds.append(localdata.expand('\tsudo chown $(id -u):$(id -g) ${IMAGE_FILE_HOST}.%s' % c)) vardeps.add('CONVERSION_CMD:' + c) for dep in (localdata.getVar('CONVERSION_DEPS:' + c) or '').split(): conversion_install.add(dep) diff --git a/meta/classes-recipe/imagetypes.bbclass b/meta/classes-recipe/imagetypes.bbclass index f802c11c..78b89393 100644 --- a/meta/classes-recipe/imagetypes.bbclass +++ b/meta/classes-recipe/imagetypes.bbclass @@ -9,7 +9,7 @@ TAR_TRANSFORM = "--transform='s|rootfs|.|'" TAR_OPTIONS:append = " ${TAR_TRANSFORM}" IMAGE_CMD:tar() { ${SUDO_CHROOT} tar ${TAR_OPTIONS} -cvSf \ - ${IMAGE_FILE_CHROOT} --one-file-system -C ${PP} rootfs + ${IMAGE_STAGE_CHROOT} --one-file-system -C ${PP} rootfs } # image type: ext4 @@ -38,10 +38,11 @@ do_image_ext4[prefuncs] = "set_mke2fs_args" IMAGE_CMD:ext4() { export E2FSPROGS_FAKE_TIME="${SOURCE_DATE_EPOCH}" - truncate -s ${ROOTFS_SIZE}K '${IMAGE_FILE_HOST}' - - ${SUDO_CHROOT} /sbin/mke2fs ${MKE2FS_ARGS} \ - -F -d '${PP_ROOTFS}' '${IMAGE_FILE_CHROOT}' + ${SUDO_CHROOT} /bin/bash -s <<'EOF' + set -e + truncate -s ${ROOTFS_SIZE}K '${IMAGE_STAGE_CHROOT}' + /sbin/mke2fs ${MKE2FS_ARGS} -F -d '${PP_ROOTFS}' '${IMAGE_STAGE_CHROOT}' +EOF } # image type: cpio @@ -49,10 +50,12 @@ IMAGER_INSTALL:cpio += "cpio" CPIO_IMAGE_FORMAT ?= "newc" IMAGE_CMD:cpio() { - ${SUDO_CHROOT} \ - sh -c "cd ${PP_ROOTFS}; /usr/bin/find . | \ - /usr/bin/cpio -H ${CPIO_IMAGE_FORMAT} -o > \ - ${IMAGE_FILE_CHROOT}" + imager_run -p -d ${PP_WORK} -u root <<'EOIMAGER' + set -e + cd '${PP_ROOTFS}'; /usr/bin/find . | \ + /usr/bin/cpio -H ${CPIO_IMAGE_FORMAT} -o > \ + '${IMAGE_STAGE_CHROOT}' +EOIMAGER } # image type: fit @@ -72,8 +75,9 @@ IMAGE_CMD:fit() { die "FIT_IMAGE_SOURCE does not contain fitimage source file" fi - ${SUDO_CHROOT} /usr/bin/mkimage ${MKIMAGE_ARGS} \ - -f '${PP_WORK}/${FIT_IMAGE_SOURCE}' '${IMAGE_FILE_CHROOT}' + ${SUDO_CHROOT} /usr/bin/mkimage \ + ${MKIMAGE_ARGS} -f '${PP_WORK}/${FIT_IMAGE_SOURCE}' \ + '${IMAGE_STAGE_CHROOT}' } IMAGE_CMD:fit[depends] = "${PN}:do_transform_template" @@ -90,8 +94,9 @@ THIS_ISAR_CROSS_COMPILE := "${ISAR_CROSS_COMPILE}" ISAR_CROSS_COMPILE:armhf = "${@bb.utils.contains('IMAGE_BASETYPES', 'ubifs', '1', '${THIS_ISAR_CROSS_COMPILE}', d)}" IMAGE_CMD:ubifs() { - ${SUDO_CHROOT} /usr/sbin/mkfs.ubifs ${MKUBIFS_ARGS} \ - -r '${PP_ROOTFS}' '${IMAGE_FILE_CHROOT}' + ${SUDO_CHROOT} /usr/sbin/mkfs.ubifs \ + ${MKUBIFS_ARGS} -r '${PP_ROOTFS}' \ + '${IMAGE_FILE_CHROOT}' } # image type: ubi @@ -108,22 +113,26 @@ IMAGE_CMD:ubi() { die "UBINIZE_CFG does not contain ubinize config file." fi - ${SUDO_CHROOT} /usr/sbin/ubinize ${UBINIZE_ARGS} \ - -o '${IMAGE_FILE_CHROOT}' '${PP_WORK}/${UBINIZE_CFG}' + ${SUDO_CHROOT} /usr/sbin/ubinize \ + ${UBINIZE_ARGS} -o '${IMAGE_STAGE_CHROOT}' \ + '${PP_WORK}/${UBINIZE_CFG}' } IMAGE_CMD:ubi[depends] = "${PN}:do_transform_template" # image conversions IMAGE_CONVERSIONS = "gz xz zst zck" -CONVERSION_CMD:gz = "${SUDO_CHROOT} sh -c 'gzip -f -9 -n -c --rsyncable ${IMAGE_FILE_CHROOT} > ${IMAGE_FILE_CHROOT}.gz'" +# image conversions +IMAGE_CONVERSIONS = "gz xz zst zck" + +CONVERSION_CMD:gz = "${SUDO_CHROOT} sh -c 'gzip -f -9 -n -c --rsyncable ${IMAGE_FILE_CHROOT} > ${IMAGE_STAGE_CHROOT}.gz'" CONVERSION_DEPS:gz = "gzip" -CONVERSION_CMD:xz = "${SUDO_CHROOT} sh -c 'xz -c ${XZ_DEFAULTS} ${IMAGE_FILE_CHROOT} > ${IMAGE_FILE_CHROOT}.xz'" +CONVERSION_CMD:xz = "${SUDO_CHROOT} sh -c 'xz -c ${XZ_DEFAULTS} ${IMAGE_FILE_CHROOT} > ${IMAGE_STAGE_CHROOT}.xz'" CONVERSION_DEPS:xz = "xz-utils" -CONVERSION_CMD:zst = "${SUDO_CHROOT} sh -c 'zstd -c --sparse ${ZSTD_DEFAULTS} ${IMAGE_FILE_CHROOT} > ${IMAGE_FILE_CHROOT}.zst'" +CONVERSION_CMD:zst = "${SUDO_CHROOT} sh -c 'zstd -c --sparse ${ZSTD_DEFAULTS} ${IMAGE_FILE_CHROOT} > ${IMAGE_STAGE_CHROOT}.zst'" CONVERSION_DEPS:zst = "zstd" -CONVERSION_CMD:zck = "${SUDO_CHROOT} sh -c 'cd $(dirname ${IMAGE_FILE_CHROOT}); zck ${ZCK_DEFAULTS} ${IMAGE_FILE_CHROOT}'" +CONVERSION_CMD:zck = "${SUDO_CHROOT} sh -c 'cd $(dirname ${IMAGE_FILE_CHROOT}); zck ${ZCK_DEFAULTS} ${IMAGE_STAGE_CHROOT}'" CONVERSION_DEPS:zck = "zchunk" diff --git a/meta/classes-recipe/imagetypes_wic.bbclass b/meta/classes-recipe/imagetypes_wic.bbclass index 63974a3e..ebf3ce8e 100644 --- a/meta/classes-recipe/imagetypes_wic.bbclass +++ b/meta/classes-recipe/imagetypes_wic.bbclass @@ -145,6 +145,9 @@ check_for_wic_warnings() { do_image_wic[file-checksums] += "${WKS_FILE_CHECKSUM}" IMAGE_CMD:wic() { + # variable is type specific, hence capture here and + # forward to functions via export + export IMAGE_STAGE_CHROOT="${IMAGE_STAGE_CHROOT}" generate_wic_image check_for_wic_warnings } @@ -181,20 +184,19 @@ generate_wic_image() { -e "${IMAGE_BASENAME}" ${WIC_CREATE_EXTRA_ARGS} WIC_DIRECT=$(ls -t -1 /tmp/${IMAGE_FULLNAME}.wic/*.direct | head -1) - mv -f ${WIC_DIRECT} ${PP_DEPLOY}/${IMAGE_FULLNAME}.wic - mv -f ${WIC_DIRECT}.bmap ${PP_DEPLOY}/${IMAGE_FULLNAME}.wic.bmap + mv -f ${WIC_DIRECT} $IMAGE_STAGE_CHROOT + mv -f ${WIC_DIRECT}.bmap $IMAGE_STAGE_CHROOT.bmap # deploy partition files if requested (ending with .p) if [ "${WIC_DEPLOY_PARTITIONS}" -eq "1" ]; then # locate *.direct.p partition files find "/tmp/${IMAGE_FULLNAME}.wic/" -type f -regextype sed -regex ".*\.direct.*\.p[0-9]\{1,\}" | while read f; do suffix=$(basename $f | sed 's/.*\.direct\(.*\)/\1/') - mv -f ${f} ${PP_DEPLOY}/${IMAGE_FULLNAME}.wic${suffix} + mv -f ${f} $IMAGE_STAGE_CHROOT${suffix} done fi EOIMAGER run_privileged chown -R $(stat -c "%U" ${LAYERDIR_core}) ${LAYERDIR_core} ${LAYERDIR_isar} ${SCRIPTSDIR} || true - run_privileged chown -R $(id -u):$(id -g) "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic"* rm -rf ${IMAGE_ROOTFS}/../pseudo cat ${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.manifest \ diff --git a/meta/classes-recipe/squashfs.bbclass b/meta/classes-recipe/squashfs.bbclass index 9cd7ed3d..8330ffb5 100644 --- a/meta/classes-recipe/squashfs.bbclass +++ b/meta/classes-recipe/squashfs.bbclass @@ -42,6 +42,6 @@ IMAGE_CMD:squashfs[depends] = "${PN}:do_transform_template" IMAGE_CMD:squashfs[vardepsexclude] += "SQUASHFS_CREATION_LIMITS" IMAGE_CMD:squashfs() { ${SUDO_CHROOT} /bin/mksquashfs \ - '${SQUASHFS_CONTENT}' '${IMAGE_FILE_CHROOT}' \ + '${SQUASHFS_CONTENT}' '${IMAGE_STAGE_CHROOT}' \ -noappend ${SQUASHFS_CREATION_LIMITS} ${SQUASHFS_CREATION_ARGS} } From patchwork Fri Feb 20 17:15:51 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4892 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:31 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-ot1-f56.google.com (mail-ot1-f56.google.com [209.85.210.56]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGTSG006245 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:30 +0100 Received: by mail-ot1-f56.google.com with SMTP id 46e09a7af769-7d4cc9c8302sf3261468a34.1 for ; Fri, 20 Feb 2026 09:16:30 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607784; cv=pass; d=google.com; s=arc-20240605; b=KAuUW1SPnBkYUROmfTRHqFn56baP7oytGSYTzyVaVnE4OqUSJFbowVxqg4lTBu+6mF FBsKKmhAUQN5cdwRTyEr4cseE5OcrFPEc+9Wpg//BdhtFctk3dJSpiavj9GlofkKk/NV MIhQdG4qQGFqNw8gzUw5Ny70riYF37Bl/uIFqUOjw58l9eaUUsYBuPx3pqA5DAkgzvGZ lci5Jku2/UqPJ05w+Ro1TaOoGSziXgU32OSOaiRbF+8uGy8b6XIhtbac4vHL8lplzvY0 060dgP3+0cvOa8AbXr4fqe9fnH/L5hrYX/3aT8da5idewXvyZw+GXHqln4jjHFh4xPZF Nz8Q== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=HNBh5njd8v1rTdZKUoKg/ysKtzABTQul76k5gSr05VY=; fh=ai9cJgRbJXZWpnMzQFKRCYRLmdHOOAnq4AMSo7RCL5c=; b=K4eNmgvEqd2b9Sc0I8dSiSA3LfaGQrm7dpzDP+PozPSnrF8is/cUMSKI8eGtlLYACt NWgeze8/K32/GpMzrZiJdXYHiwef+Qw0Ke7ATZevuX0fVcj3KtXoTgV3Dc6YCvE4Aj2a QrZ66/jj5FK+N0ATbXfWytfjsXqQeJsicTCeN3GZOlOYPBlStWja8Ub+liHKHXiOQgyl 0tEkRhQbRTZ4EB/BdEC4BVa8r5b8Rynvc8axv3tzfC5h06SrA+oiQc1HlemPoAOn3HuA rll2OggboX2V6qT8mFRZsBexzZ1Dbmpw93LQSA/uzhEQq7FPzPeFHrS5Ll7tiJyGfXum wtmg==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=X7s0JPOQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607784; x=1772212584; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=HNBh5njd8v1rTdZKUoKg/ysKtzABTQul76k5gSr05VY=; b=rG7CwB9Oqwpw7MqzDBvY7FfamTr9zvCHb8v2eKwDpyiK79ZFhVIY9zcSUsybrN1Gcd GH+I3y3q/CcnkdapF+hfuOqp5193/f3AfaTuC1MGPUOY2c2Iz6PXyxRm+GWTV8zan++A iAoWaMgiwodz1xMkCftHjHDW6asOyOddbDxBDjcXFvkeLCaAffFEyXzH+bukQ01MSrsD 7OcvSwrAMXoMVQeYUHT48Mv/JCzf/UyIINKQvCgoiVm46mU47i6a5ryEZ1GzxUzylJG3 yvjVFpsgtGqrm7qIzWgvtDZS8uDs6NXMN5KzaRVPO/8V3upbXdLcdwKlVQTcRFGbEpEs q+9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607784; x=1772212584; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HNBh5njd8v1rTdZKUoKg/ysKtzABTQul76k5gSr05VY=; b=GT4eyxh5zCg0x2/4m/NouyYVMiKT/fHFhtaAu0sm9ioWNSv2c99vSn+JVgoznQNJW/ 2yuV83r8algMIRMLyzyEZE9vLgtzompQHy1fDnQFYKA/TkUA/qaPbrP6oKZREnd5rwbA 2TyiSXxvTthq6XVm+Wi4KMRFACvnPWoBAP6FlpaF5D3YB5v7APEkxmRhPGg9HbjZLvqz /G27CN7M7ONH93ANXsVbBkz/ASXXpbnxg2WFMfoYkx5+R+BLVHAuA9Ul6yrw4/Tb4USn SfcWsqGyzTU0jFFhZ9yD/lDgfsAt5ckiQAaJf6vbS9wuYStj5ggwF6+zAEmQlbTxeRzT 75Kg== X-Forwarded-Encrypted: i=3; AJvYcCUwkc8Bj7wYoBE5LQVnS6vq0mlrxKO8SKu+XL2QuxoLVeDLYvZyqaj5SvuNpRLa3rAB8PJOrPY=@isar-build.org X-Gm-Message-State: AOJu0Yw5/x+YIbc22nNxBKmZF4ZyV+UFqnQKR4ftlNy0Oe38ZAp6tOng 7cAt8sp6lAujBQ5JxI0OymHzRcon3z0J+7piazN6w3kDlKitxKxRZjV8 X-Received: by 2002:a05:6830:4107:b0:7cf:da7d:607d with SMTP id 46e09a7af769-7d52bf37422mr261788a34.5.1771607783581; Fri, 20 Feb 2026 09:16:23 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+G46KHah1bdLwVeJM9SUbBYxEYM5QcOCGvpwqY+DW8iig==" Received: by 2002:a05:6870:d153:b0:40e:e4dd:d0b0 with SMTP id 586e51a60fabf-40ee4ddd79fls5050345fac.1.-pod-prod-06-us; Fri, 20 Feb 2026 09:16:22 -0800 (PST) X-Received: by 2002:a05:6808:1488:b0:450:aa96:3c13 with SMTP id 5614622812f47-464461122f2mr457664b6e.3.1771607782543; Fri, 20 Feb 2026 09:16:22 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607782; cv=pass; d=google.com; s=arc-20240605; b=WoktzN3zAkZSyJsNAJpYQV/tknLqeLd07s6txEFgZnwM/lpQVraeSyGIYKPG5rd+cF kKA+BjKjmZ+MASXthvZ916ammwwGc0PUUreW0+o4PVv4GJRGsCiZRFdlZUcB2q4SMHcO pNMNMD9Dr7x8GijgRwwoxbGm8q0Am1fU0JrKuPtMn4IV++wRHmL6xhEn5759f30y0oqz iq1FlvfSm/kpxQBJJ7xVvaU3fBMRiq0gVx7VlIS2I1iPnTuvUvd6zQ/HD3fNPxr3wZPy XHoFf1ha3j0+QxtiNfJNIPNxXnID6Ys5f9IILBIXXaMHCxEPYqEwjA/Fr2fAfMNyEPdM 4DgA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Ol+r36iJFi/DEvNUM0nVR7ezBMcSMI3O8dVW5qhuYDQ=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=a2T7v7jx55xRqF0aReYmaD0U2ywBztGN2gnW5VJ9qXRwcotCZsXEFEUmNIAq2pjJ1y ncz5y2Y2Q8qBYXGLnGgN1YgoNtCOrE6SqtiQNuvB2jUdCmEXlTYHPjdlopA/phIRbeDh XX6B9UzpvFO5BpmUNr9wms1l8ig77GGaHRK0nqNttNRUI4kRqtc6ndu8eHurlntoqiFR XDYC6D+ZqnTUsV7zVs3dR5PWyzARJbvqYg7iLvjyPX+rYQjzq0PynyzUFJwrVsusYNVa iYz8AZH+tVNuW7hDMCaUTkZxEW9w5N4y9YNWBQ5DeTtK18LddO/oX6tCWw2Em+ZSRRKw 9e9g==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=X7s0JPOQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4636ae55f7bsi1149069b6e.2.2026.02.20.09.16.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:22 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=tDVRrlCUrchOteB/16UVidHXBxbS+UzmBLgSxPsv1+gMir+jez5L6sfNcF+nlTx23SyyUEfXeO5xI+XqQs8kmw3wgl/exgoIc1nv33sPF6GKuAUGqC2S0qnhCh9akKqRE6l3uZQE/cBd2Nlg6QaB8xrbqBn2e4sVx0RVXwPLcRaVLuvZu6sXXWTKTSc1T18BV7P2FCsnhJ/wqALa3KpS84yxvZl0JTpj/PFPpjBGR0eg5ypRsXzYGyWd9e4ni7XBTri4KDIceTbQmjUmqFjLZb0xq+menXMitvkUOGiCFWyZNgLGST+MW0X8koUolkEHOEFx+Yz0aWD+1++1hlj8eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ol+r36iJFi/DEvNUM0nVR7ezBMcSMI3O8dVW5qhuYDQ=; b=rf3RfFONOrg8v3YtzJhWSK3HrOJG0xLpJgFfJdd+HNvIAvH9SIPE4MkJkH+KkJVTn/S7bOslboZCVBsldH/+iss4Bnoi+Z9tyeF8K92a9n0HtwRIkJCoQiN8QpF7Tzgrrbbs2sb6aZheRhxaBtxhs1wKJnGOinA3uXXBdjpMsp3it4btfIjdK30ClvlsI5lR2LFRKXvf7rf4seKAi26/n97ogWa7pQPUuAAhvMfH2Td/WtEG2MmdW8arorZ4ctAuz0JJFLK0OxIsv2vgIOr5M3eb1X1j2335h1jetFzycKnshJKEp28AMTivXQC/AKFDGad85tbEi82gVbmgdBRchg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:17 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:17 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 09/19] use bitbake function to generate mounting scripts Date: Fri, 20 Feb 2026 18:15:51 +0100 Message-ID: <20260220171601.3845113-10-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 2eaff351-b9c6-46f8-7efc-08de70a3c1e8 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: YQae3TJWgkIAtuPThzEcoWBz61zFNFowfYI2wA8WrZ5dlnaLM1dEp1ETPj7vkbKIJDpY/cU0nGhItrwSh9iiSPbiB1iETUL+ZdPHxgrTYKMaqnpUZ0ZazwKBJVT2zZvwyxaOoclSoT+7p2ngQkSkGuC3XzpXA7j1xHcsCALlxXdSZSyZHirBtoKqNGs9K5qD9Yka11DXAgFxOnkiKzWsW7jrneN3SJhXBBJM6PqNf9xZDwSffwJTIMcg06kxPrwmPtbP8OJOgr4j8zwnGLymsh1DRaMjgGomaQnIPvQewY2YCsJp9/A0MUGgVqXlNnCc7leShiJWJBQj7JxN5EAqq88itbNeCEdz3hhsuYKuSX0ca1xLwar2JSQ+ryaiBGrBsjB4/4nJbJU36QZFTR6JVZBA+kklTeiVxtnE8xu7vboVs2UXxoPTwrf8s2QFCoo7//bPCytwFixy8lf4Rq/COBuHXt5BMP+anM+UyCMz/ISB/xIZrTeZmGMFhJKj9mWjy4o0HzlOGY4DXMwyPMXGUExvV6ZHhAh10tyWHAxaUwJqc+ypuBBRqDhvYCM01RGxY02Xi7yuasA7xd1GN/Xhq+BodNwV8OjQR9waaZ+42smZqRIZshvwI5OHU+6ouZnWg9oGkHdB6HcoDaZW36ZqiXwEGsGuZx4BKdO4xVOsRAiI/OzXbb74Hvf3sGquExKCLs6ez6LRXL2G2xiRyjpjxlb9JT4oa/mRZOzHnn8s2CYmn8mebYVY2iYZpB/+b0aqHOarmYsMYHEHa1u03QIFbYqetCSI+JA7ySMCqiFgYAAg3ZVx58VqCGBho4SVKxRQxbTD3D0+bjGrAm53aEuSyDU0UXBR5weu0SlentC9HSBRrpCCMjn3lEcl5x78p2n/NJklDFoX703o8gfkIhKIpL0xxGnW7nKHWUysuUDrRoOdGslyu2oaQbFbLgzyQjipQowE2FjrpuEErrvgF4kwl53WlhCYzz+5wScqfc5KC9vorH/BebTzU0KMK0Eu5dbn7xLpDxsWPwLfrKTu2wLezVgqNdaAbAIt2sIGDFkcH3kEckjGUScioICntoBoPm1OEgAEx5eLr/G7jJPESw97Z0tU5MAnDNywb2yY8fSsldDluL0CxWW6/dV0RCP8thElMF8zCLeN3qSLQNyPdwNULty4devcoQ5hGYWisD+hyftNNuY8elN6rR1Hsrg59NCSBbLtUVXcH5V4dKWKxkzVebvAewurLVGjLNs+YQKt5WNkZBgcOtOX9UrEhy8tirY4bC1ofrQ0UDqPADjTTX8bFdw7HJMrn7IA6WYrDXc7HISeH8c9no4yTM8dX8FTsmVXNwU0ykEpEG17VRsefc4WpnLvm9fP9JsIA7fsSAJF4Xljk1AunfwmjcK3x6VTdjLVdU7ZjVK2UFy+FVbzxYiFsj3Du/Ywalw6cL4BSGX8+BMgOr6zFfKXSGsQ9MCeCd01zB3b7+aN4CesSrg22UYY0EdcXfjbGN2X/CCCG53Tx+uD/RnZJ7YlFqY+DRL28HHK+4X6Z3JNIhVZ6vG0mur395pGFbN8c8TtBzLG4FY4COc= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 9iCvl/gfpT6DrOGk+p6SbkobpJia8aYZACh2NKvylyVmbrbow6ZvR/cgySriASCd7cSyjbBm5hGDneEp3CIVCjAjtu1ZKxN0a2ABJgbNN5qc31K9AiUJ3Ihp695KmatsTk0bGXnk30vJ0KssdFaD0d5nlOdctdLE9pGLb3c8VFM9DM/3hu5gF/GXKIdWnFSv/2hqpGGM4cmcgsSG89cj9i1YcF/H2ojcrlcTGJIsVf7a5FYuSMuVkZoQQeoTORvdKs0UCbtCJ3nNy27PKS6mE+up2KZh4mGuKYh5H8FtYgWjRhaF/vgj7QXD4/DUHzIQvk3URzZ1Bjf6NDmUtjieEPbzlun19jM6oFfm4gVcmpH2J/leJxlIvlcp8LMRJ0My5fswVd4/CoMu8ZgW6zxOj9ZE08Se1z+KqNfKzc5m/TBtZaF/Q25327bLL1cvXMsOBBz+b/GDnCtH4Ogtm7F3eJc6kE+kabgTOzXTsN0qaSZFI+iTv/jK0/k/SLZx3kExRHLMlELpFEh2cYhN5SFIP4Qi4zVZGjDN4UPXQhS8unNUzy2a00xg7M5OA5lEi31u/dcBjAR/wmRqY4WZjvSfygzstmT0GDHMcDsUeM9ojgq8g2Jn39VxYRa/9WcNZprqtXkEEuRtn3+QYcxnbfG9LdyJ+VCzwF0fcDVL/rSZIteeNPKTkMq2S5hGvt1CrJ9hhCynQIAQ0/NP7HGwYMmxKQxFtjsvb3J8gie/b2sFuFuqrTRwpEYZNUfG2BLClVaqNVW4wwhlko+G88OdTl7BVcfZOBJUV0PEM/tMu3lYEIsmxHO0Aoh01SCHMq9kMFuS031zRt/8Uhs27Y8q+8jUvt8lQgdGEgXv5oVvRH/O7Vs2OlDOSzWH1NSW1WspF7qWO4kS5BfjtU8q75bLrTipb5l/V156mzBbFLyVnF+WjsqUwXxEfghsDCzR+TlQBt7FXhMlMTxh0RaZOMXrmMuD5gDjVosAt2dq6A/NxWW/THIfvT+Zu3sMT7wc6i2wZNygwhXhZM/+rZxwG4pOOKWNCmphgu3Eq567uZHy8jYmvCthmG1d21eTziJemlcHAYllW1EHjP4lcz83g0Yr8beMjsIWGZA83KEljsT17kdnWjLEaHuLqfaTXeVyJ8YKiVU/197VEIasWtvcow2ujd+VarpyknOUq8YR0/YemPWC8skgJ5/e+OoNP0M4tC5M5hcyVu982STFSVTevG9HI49j8XY7QhUhB7RcbyWhq1wLPK9Ec6ilLp13QvRFXRDghEBMalOjyBt7HQa7XOUuA8Aoa4+1svzwdb1bK+8fnot/HiaBKh+WYFXrJRToRqekP2auWZvEmtU1Xcy+kzZHGdSnqZmhzpdE9QomnpsyXXPp2ir/YzsYxYR7fNBAw/r9O+cvVboUfAev2XTx1NYN2pRGtr1tyYdMWzy6s8e0RFSUj5YUB3Nv7QIS8Jss+/4fyot70vRr3PMF92lnfRdLkQQVCV4dnbPfFzdondP5FtQRwJJMR86Uk+DXxWSFeA/4pTYHKfVfpQrF7rhIx+AkxCQY1y7qh84wTHHEvl8jRPHtGoFG5mKWOQ4LW2Nz7ZsfpiMkFF5hY0sqGi06Mdw6f3dDn2MsbnpwDBQJVeYqbqiI35ISPrQgUUJrmES39pHV6nivGvOEdsbeG/M8z/1Mp8eyihtrk/yewOP59WXNs9mRMYCqr746Dc75J7sD59AqZpRFyb6lHwoHsTpOJ2bRtpxdaRlIqmvVcGkENJlmO94wC5Y= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2eaff351-b9c6-46f8-7efc-08de70a3c1e8 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:17.0023 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: CWjh1jOJ1Bs0OAmU/444en3Qm16YsS+5TPCil1w+PmfLiT/K91mj8b87ycoFd5oGtjuGE88Xphw6dqcMIXfiKwygCPjT6WOfYVTB/XmMkwA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=X7s0JPOQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= By introducing a bitbake python function (a code generator) to generate the mount shell code, we make it reusable within here documents where external shell functions cannot be called. Signed-off-by: Felix Moessbauer --- meta/classes-global/base.bbclass | 18 +++++++++++ meta/classes-recipe/rootfs.bbclass | 49 ++++++++---------------------- 2 files changed, 30 insertions(+), 37 deletions(-) diff --git a/meta/classes-global/base.bbclass b/meta/classes-global/base.bbclass index ad3b616e..730fd0b4 100644 --- a/meta/classes-global/base.bbclass +++ b/meta/classes-global/base.bbclass @@ -388,6 +388,24 @@ do_unpack[prefuncs] += "deprecation_checking" # Helpers for privileged execution. Only the non-underscore functions # shall be used outside of this class. +def insert_isar_mounts(d, rootfs, mounts): + lines = [] + for m in mounts.split(): + host, inner = m.split(':') if ':' in m else (m, m) + inner_full = os.path.join(rootfs, inner[1:]) + lines.append('mkdir -p {}'.format(inner_full)) + lines.append('mount -o bind,private {} {}'.format(host, inner_full)) + return '\n'.join(lines) + +def insert_isar_umounts(d, rootfs, mounts): + lines = [] + for m in mounts.split(): + host, inner = m.split(':') if ':' in m else (m, m) + mp = '{}/{}'.format(rootfs, inner) + lines.append('mountpoint -q {} && umount {}'.format(mp, mp)) + lines.append('[ -d {} ] && rmdir --ignore-fail-on-non-empty {}'.format(mp, mp)) + return '\n'.join(lines) + def run_privileged_cmd(d): cmd = 'sudo -E' bb.debug(1, "privileged cmd: %s" % cmd) diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index ac50156c..1cd492c6 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -49,6 +49,16 @@ ROOTFS_PACKAGE_SUFFIX ?= "${PN}-${DISTRO}-${DISTRO_ARCH}" # path to deploy stubbed versions of initrd update scripts during do_rootfs_install ROOTFS_STUBS_DIR = "/usr/local/isar-sbin" +# list of : or mount entries +ROOTFS_MOUNTS ??= "${REPO_ISAR_DIR}/${DISTRO}:/isar-apt ${WORKDIR}:/isar-work" + +python () { + mounts = d.getVar('ROOTFS_MOUNTS', False) + if d.getVar('ISAR_USE_CACHED_BASE_REPO') and not '/base-apt' in mounts: + base_apt = '{}/base-apt:/base-apt'.format(d.getVar('REPO_BASE_DIR')) + mounts.append(' {}'.format(base_apt)) +} + # helper to compute the rootfs distro also under cross building def get_rootfs_distro(d): host_arch = d.getVar('HOST_ARCH') @@ -154,50 +164,15 @@ rootfs_do_mounts() { mount -t tmpfs -o size=1m,nosuid,nodev none '${ROOTFSDIR}/sys/firmware' fi - # Mount isar-apt if the directory does not exist or if it is empty - # This prevents overwriting something that was copied there - if [ ! -e '${ROOTFSDIR}/isar-apt' ] || \ - [ "$(find '${ROOTFSDIR}/isar-apt' -maxdepth 1 -mindepth 1 | wc -l)" = "0" ] - then - mkdir -p '${ROOTFSDIR}/isar-apt' - mountpoint -q '${ROOTFSDIR}/isar-apt' || \ - mount -o bind,private '${REPO_ISAR_DIR}/${DISTRO}' '${ROOTFSDIR}/isar-apt' - fi - - if [ ! -e '$ROOTFSDIR'/isar-work ]; then - mkdir -p '${ROOTFSDIR}/isar-work' - mountpoint -q '${ROOTFSDIR}/isar-work' || \ - mount -o bind,private '${WORKDIR}' '${ROOTFSDIR}/isar-work' - fi - - # Mount base-apt if 'ISAR_USE_CACHED_BASE_REPO' is set - if [ "${@repr(bb.utils.to_boolean(d.getVar('ISAR_USE_CACHED_BASE_REPO')))}" = 'True' ] - then - mkdir -p '${ROOTFSDIR}/base-apt' - mountpoint -q '${ROOTFSDIR}/base-apt' || \ - mount -o bind,private '${REPO_BASE_DIR}' '${ROOTFSDIR}/base-apt' - fi - + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS'))} EOSUDO } rootfs_do_umounts() { run_privileged_heredoc <<'EOSUDO' set -e - if mountpoint -q '${ROOTFSDIR}/isar-apt'; then - umount '${ROOTFSDIR}/isar-apt' - rmdir --ignore-fail-on-non-empty ${ROOTFSDIR}/isar-apt - fi - if mountpoint -q '${ROOTFSDIR}/base-apt'; then - umount '${ROOTFSDIR}/base-apt' - rmdir --ignore-fail-on-non-empty ${ROOTFSDIR}/base-apt - fi - - if mountpoint -q '${ROOTFSDIR}/isar-work'; then - umount '${ROOTFSDIR}/isar-work' - rmdir --ignore-fail-on-non-empty ${ROOTFSDIR}/isar-work - fi + ${@insert_isar_umounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS'))} if mountpoint -q '${ROOTFSDIR}/dev/pts'; then umount '${ROOTFSDIR}/dev/pts' From patchwork Fri Feb 20 17:15:52 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4896 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:35 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f61.google.com (mail-oa1-f61.google.com [209.85.160.61]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGWL2006479 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:33 +0100 Received: by mail-oa1-f61.google.com with SMTP id 586e51a60fabf-40f10a92fbcsf8692212fac.2 for ; Fri, 20 Feb 2026 09:16:33 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607787; cv=pass; d=google.com; s=arc-20240605; b=PYEh5iDFg1AThIcZetnxTxP1LzNfNG4kqlygt6vPPHceeVo8k2KWKnINITP653RN/7 ONGdbCMphoMvqz2leqU8IfI1+CRAfKaGkFxot6EklBhUXBhor13lekIwQt8a4Uo/Mop2 TAiDAXjMEge7psYJ4TTM0yWALIb7tPbUbscTQDY46jjXDSxCUkmB/rBJbCXrcX75FZNg 8GbpF3yFEihYtPVoWmwZsLJX6qsPVal6i8Uohz/fSNjPyueS0KMuzcTBlZtXBG2ycrRT sGoeY5ghHdqmrrO6KEZPLWa56mgV3quNyTwp+zWfI/UibLTbAAGoxNVHuJMtY9t1yIG+ Hk0A== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=Zws3JIBx3lTg9b0+NMqomSDRPKyVmL13gh5ZuHrxpFo=; fh=r4SXwbM1pWyWffO4oA1YzQM/WHNavc0o/qYfHj/9NiM=; b=ZY/NLPqDhsi6xd2bf0iedf2PGtnu6t5X3Umuy8CwzXcWzhvmJHt7+nl3RefzRTTNHY zePaZ2HRw42sPO0vQo3XM5NHgXWWBCcOA67KNwp8dmvaizXvBYGA7NVwScYSkSbKpGEo yPvHhBRCaJdshi8GLZXuCTq36/gjlxVLQgXmGjYnhu8VAZawYLvlx59I9ypTsN75je2K WjQbhteplV6H7NxMdUvVJO9q/grONNcp8aP9M8CFw+tUnXXthIqLfufIjZ8UYSxI/o9U AS85Zci4T8PHLkIDTpxD0Zejjldw6TR+3ziDF2wmvhY/I7eQ6LqIzsQZnxGSPhzJiXSy CWbQ==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ouCy4d1x; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607787; x=1772212587; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=Zws3JIBx3lTg9b0+NMqomSDRPKyVmL13gh5ZuHrxpFo=; b=tK/4JNM75yboDWkCWdhz2dQV+Io6GVIAqHwVDTfk/WESNHgPafa/V2J0zpklwD1a9x dQwvJ2HliNYx9PCEVUX6NlN3Cd9nXL52QuS1W/7U2zSuw1lgvlYyf2e2GSpvjy945LwB 0FE7SPTEyx5OWbXMXoy78CceCQiQY0VvGPha0S9AqLloLw06wlLlop7N+6iQtWlYJIv2 jEDtEBHoZxpxyJjSLGb2IJeumuCAeoDlg1JxnVH75+zIvdtCdD7JJyMbTBLIAct30Zrb PLtN9LEVN+OaRZvitJDOatv5VIMGYfUjlWza9ej/TpoMxTcmwrayp05a2Uy836oGtZlo w8+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607787; x=1772212587; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Zws3JIBx3lTg9b0+NMqomSDRPKyVmL13gh5ZuHrxpFo=; b=O9IDvSiR1Y2BlKLCNbDKHFIPsKkRDPlnnmq21crotlHIddKMZfB/ZfyqBfWjTx5i+b bEGNg5z/FnqjpEYO/sK/BaaWttsMLY9yTRO6QZkCm2fH8fLbnACepGY71ko8iz3UcMtJ 9XM4s0OMvqxQODFHSabX5eg2hVtMdUoi/ZqDnGL42roVFCVigS8EAAcolkpQn+qHxQrV WajZ6jQiRX6QIBxic4EKwJw/w/Bs936toGZgnr+LgIxkBxkuN8CEWAH3jEJhJyEGo/4o 1JCNGoL59ikZSVQldZbe9YWOaJcoYPdrUFo5Gcoh/usRw6yLe6etaUAQfISJTsS4ge8K Q7dQ== X-Forwarded-Encrypted: i=3; AJvYcCWBiagiMvlCHK5s8b0bBvWjp0DDS5FfNV78iGlnapOkfkX7ATQXxZ1fBF+lMFhDMjaFo6YfDm4=@isar-build.org X-Gm-Message-State: AOJu0YxMJtwyjIN56Xc6wOzA+HEJmNiDKxDqc+rWvWvSGpZFKTVND9hq esoXCgrWpmgqYdcvH6kHQy71ltFI4xVQacdloTb7IIIMZwG5OdlIB4eF X-Received: by 2002:a05:6820:d0e:b0:66d:f051:e91f with SMTP id 006d021491bc7-679c4693e9cmr288808eaf.23.1771607787135; Fri, 20 Feb 2026 09:16:27 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+F+WXt+pWa62F6iK2fDd8zPFWlIJLzK8+gJeX7dlTO+aA==" Received: by 2002:a05:6820:1a81:b0:679:c40a:9447 with SMTP id 006d021491bc7-679c40a9674ls127133eaf.2.-pod-prod-02-us; Fri, 20 Feb 2026 09:16:25 -0800 (PST) X-Received: by 2002:a05:6808:5086:b0:45e:bb86:d005 with SMTP id 5614622812f47-464463953dfmr385050b6e.48.1771607785138; Fri, 20 Feb 2026 09:16:25 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607785; cv=pass; d=google.com; s=arc-20240605; b=S7E+kI5CR3SeWEkWX1R6E+OFM6fo/Y96HH23kWGjCuWzs0qOnq97F7iQwR2lF0Gu+T 6nkedu1m2cHDst1y9ie9IfIj8ChrJ0PRJbaipN08uqoyIeSTDlA/z+5UoI1CllKyy9VI hoLWzEmWiiNZhu4pyZFJQYf5nd4V7ZhJZ4qFLvwO6M0Gd2s9b1KaSFTxmRG3sox9Z8iw o/YBecDuD40EgayqZ2Qj4pQoVuDKsS38B27wLizR7VVrJCRvGb8QGKKepXod9859XvjN 3ZxQd6Bi/mOxG3VBypB/xs3KvcjAx5T8V1Ab7oXczBnsPgvT1XsI/wZXhnk/CqROysuK b01A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=vHMcnRJGMRM69n+6ju9bR3UXoRqTbwq3xNs7orrU1Gs=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=UtqlohY1uNf7ucK9C7LpNpPicE4y+75Hux8PRmhtP2c/sm+W3hp3pbRW2kabjqGkP6 mfxgex4EwMExZH55O3/hMQMGqTGlYUnIvZqh+vV0PG4Onx1eUs1okqfUIflYslXsa/ez qICK2JSNzsOE+ymGX0vZJVtQYHFARqZB398D2uljwpeLVFxO0G9FII1BJUcZf2+mxALN Hq7IhrwVJEtouyXxXS03rzAb4sFdpvQGVm2SEvE5rxVClyw4f4880LQ/qEyey9/AYllT y1tom7YXK15ck89TVtJLvgnXa3sb0rDtioXtsvfJM6VxYeR9jKwZIpRpT2ivMxwXybSd AWAA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ouCy4d1x; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from DU2PR03CU002.outbound.protection.outlook.com (mail-northeuropeazlp170110003.outbound.protection.outlook.com. [2a01:111:f403:c200::3]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743986b6e.0.2026.02.20.09.16.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:25 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) client-ip=2a01:111:f403:c200::3; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=h5OorGA/kzEbWAzuYB3llrESRo50tz4Y3ToExoPil+bqNTlgEh0lU5LDODl6kqNfE3Bh8sa/GqB2GoNw3uONWjL8bhCgFygdovpzyd6QdfZ9SMtqOWuboGiSwC1tUIMXdjIaiP+aEJOycTwt9KGxOfqV80LiT+0K4P5yhCNyQGbj1ImllivgvIOvC+aAVSZyob7U0YWni3VxkQWypPMQ3z0H47fhjHC1t4IExt39uRvHZKvJGOvDYEMyoVwkzwd6jeZXdGNzBq01ZxBRb7BWtRClER1J6Vtail14IIU8HLI3k9WOyS2tYsqetgVZMEyyb9m+wwHwFeR1shi/+zrU7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vHMcnRJGMRM69n+6ju9bR3UXoRqTbwq3xNs7orrU1Gs=; b=abvQDbQm+jCFJE+pwr/D7X4epHPhZjPU4f8EHXKNrC2IxTforuCPTgP9Fr9XTKQY2yERMWFOPgvt6rBeFNIYzOKH/drb1OlZf+Vh5Jjv/USJtN8e9xY7D3+8vdNcVL4mUJJ9za5VqikzY4Ty7JqaCqwC4I3r4etBx/8vrX3lFo5Le7pwrpaDNaZc8fbCuDmMjHW8qeteGhVMIQwWxQQPPbNSqMZAQcYuN6TC/3efsjunKRm2qyKFWZTf4frbuwlx75/9t1mTOu/38d6itSGY2VlBS8iJVFC/y4EWgpv12014iDK8q4+gn2yr94pJdIhDWPBadawoQ0GlTLGq8dyVaw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:17 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:17 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 10/19] apt-fetcher: prepare for chroot specific fetching Date: Fri, 20 Feb 2026 18:15:52 +0100 Message-ID: <20260220171601.3845113-11-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 259d1746-6e93-4f36-3508-08de70a3c23e X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: Fbpgiuft7eV8Oadc2tDwVJsf+mBipybh7yMQ7H38mfEGYj6pj6GaDkCfckfKXKh5opdKQGqD7xxRDUDZW/ME039nbcxBOckkU6T+tzkswlNNTL340TTixQJehgjx70yxHKrA8EcdLaC9q2znyX07syRXCzBmrzILzvmw72z/FGB2OmB+xXX5GFc4kL3QK2Ecvzy6Td2TIZK99XwZuCLBSwDvtwdX2q3vcq5uOq7PPXTW6HzFL7t9BnQsTs2NGpzS2GrMPjAFp7nhw6d3d6jLXbWN7sK9CTtKSXDykld9oXgulQ94XxFwy31br5KEhkR4ZmKRcNaB4GLIYy4+NBID5TpgRIzAZfiAlXyNnHkQOjm8mayj/K5JQNjjGoyXO7JGfaqTw6Ifm4T+rPUexKZH6lDcJBpVDyapsShzqIiWtOolTLQupvQ3L9wXbxgTYSLKHJrNpmSKA9Ic+Msw/gYCGtoiIA4rT0Orqsk2QlvPtqyrU31ajE2+JsglikENY/hHDFk+jR/4Ya4Gm/N4gnL1kd6CDK8HC7Ckh7rkzbd506dZQC626fgsf14PDZAq8KulkB0eepqAvgTxhB1qr1w0jeTvMNG3r9YUkcs5j7SwZGecPBYPoG0wVelAAa9mhb0K7zwyBpyzW2Kt+bi9qNZUIzWGgGPZmvEUI69i5h2mz/zjrn3QmfJSPt21Cf/0VfLB1K9jgPQ4vGg+FYBBR7bIlB0bGyCFuhsjSNab6/sC/SUxvqXnSbCfWxmyx81y3oYlo+46M4odJnJlw6aaG/HRxVIeMPDwlfwnJ2tRNdealkl/zysbFlOYsa0mHjPI8ts2fZxnfet1/WjLxL/irJMcY9jH5x27eNVvXf8SQ7U5NZmLAovl7KYbVJ1ue7+60VgZtLU7hWs8FV8RkOLbDGGX8zzAUd6dJ2THgIAXxEEfhZb8z9k2+U8H1qazlho8nONXsppN+eroY7L6ewyFYYRNitbdnonCXAQSdD79qVQSkbMFUktMGWzKCCvJV3/emMtG/ujSopsqkNsxrd+TN8TQmdiMJ0vrOrbeOtMnsHcSXfDvV2GeRwDoZdMLHG8ovChx6sMRXgi14fdj3Dw7CC7uo/Wurr1IZW1RyCErp53LCh8FpIsmCb/4LiochEwhIE1r6g2jB/jS4DmnXQru65GoOZ5vIeG7iIjTONM1XHCFp7Ai/4SWHziz+60/LAggjn13Q5lGUnsqQ/Lfop620XOMi1ZIzqkdkRSgsgL+5rKybKcoIU+Ncq9xwmp2Uek8Vd8uTG+O1xh6joVRWJw1TLULpp1hJJPsGmKpl/O6iu8wqtKFMyvqXB7ifBpuQ5pABaywoTbWVfiwo0gjeD8P5SvKj4x4eV6RotzWjPrMqDMMptAmrhfIgBaXEEIi4yXeggDygMmYzyCM42UU266OCmVJW1uqDP/4s96eSSGrtFoM+Qqw1V3kmo79B72YDV3cT24ezCvUOS/KxIhylGzAw00hxAKoj0NEzBXU05FtV6ZOhIejVlhTgxAeeFoYTwYKxipYEkCf10/PY3f3NR+hsSelk5VCwu3p3dNBMWUkIpmVd/Q= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: WGKOOYgz+RHS+Hz1uN3P2v6T4EHYL2A2U2iR3cVx0cn0i94Nl6lWzgq2r2g0E5hRRyTfc1QZ4Cf1xfNuLsbmfCvDMX3kgaqjyVd2cIY/SRPlypdabQ+cZbV1tFL4vLO2xU0Z/SsJKqop2IuucgXAEYWzqVO+JTcjXeNWpVNlIoac6M9aYfEvpytcrtl6UivGftuwSUbabD0XvViK6ySI4NRHiqF4Bt107VHC2G7Z6XIs0297O+0JDOAtsL7HQajuyHkKQaVe8iplcah2kpq93VnbmJqC7t/pmGPdoKH5lwvxrTy2rquR+gFVxX0lXejzQlSLD4E5ZW69s5rMzXzb8P/x/hNM4uytIW6xMt9AKgC6xLdx1jeGm0J69JChuW1j+AT2KwyTxEpbmbXP6euq8fxa7SU7S496ELf1aJVjURO3PW6cvJs7aBnQDB7UH+mStrLSVqi4Q50DXbWCVIJMuxYvCGp01+C4mMUQZUMI/A34VPTkZUVuHi2aOF51ZiOHRdteFZK9yG+Z1Wr04YscDl47YQ9g+89/PGicvPMLzMls/UOEEXMUBhAm1M6/pjuyJ41KpAp07pwKB50KLtOWxCVyeIWjzqMLgoplvEJCXmcL2tfPcjAAK8hd2T56S/kEQyRr4fcMmwXgUi+tYCzdCpaz12Gv03e/D1zgfwdfnPPqdDph3FO/G5rsd/uZP3weP3iZ/6bSa+qZ4XntGdX0mDfo1emUTDCOae01ONH7FAt8DbGhlEz3JMKVLjgkPO+RzMLXN5eFIKwrllmxissRjj+oEHAKyU8rHKjxmfuPgbpejATmFT7MKgF+Y0z0KP2LBy3wwdnEV8s+OFySIasLDEd2wIA/DgvLdwYnR1XS/RfGWWOJhpusGberq97h9LMmex2e//PxC2i5qoBLBenG9WHtQgrMNzRAkjmfGypLPI59ihkNkEtHAR8KQ8L7xQD+cEElyLMX+5sQav5kwXcHl5vUcEi78J3DvegGY8qS5iiQYPNj3fD3RPvq3NcvsmH74Jlm7y3SHjug3skoPZ6mC1M9l/7lH+MUDddrL9FJS/jn69JO44X/J7uXeKz8Uj3BrKta8MROaHo5gxf7i/lOBU/Fs9rYs2pjSZyPwhc/sDJTH2pY8fTP59X9jC5eg9FCI2NKf5EJe4z28wJxYEbQKgqXbTbq2ymBBHXiHA1P2a4uricTAyQDoxqHLdynXxx7FxjDUC8W1O6Ooy+KdckZmD9sRbgFmuhDcw3kId7hfeCLf7fsy4qsxJ3F8YKH4UlS9jZVTsmU8W8RAoit0BhhaaP0MXn6GSOh2+Opro0Mme+eyb5K0i5L/IScz6bwDZaB6RenEEiZJ72AF0lmhHTwiiw+rKspzmfyml4DKdMeoDFIaP8i/hOWdEp2ZrQHHwNuMuRcQ6C6OdZx+ZZXAenRvz8gx1XYJVYJSsk8uTPlE6DCocyMgwxgD5ddCNyBbEViJn1l3m9t6UIFjNXUsROsMBKVbeXNW8JPqomJ0kRLcyk+6dxvdST7xqy87FNda/ghG/sJ69CQF1GLhEquScfKwMHfHs/4SH1N5+4FGRpsN02UiQoCqz1S1gLAHKFSYgSj5jo6YoLe//gJoQIZFCVw8rR6hMG2V/CLUC1CaTUwGaJOUtLYOOzAnzB1DvRor2T69bQNZep4Tq6Vmq73ddsuqPnb426F23pst7GJaS49mAL7Se1OE4chJG/Nd8THoIrICRjLBY7hwhCXKSU9HiFS0wHUFBH5Xjiew8gnghkyvxQ= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 259d1746-6e93-4f36-3508-08de70a3c23e X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:17.5073 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: cAa6+t6FoyvPvvuqZTSKVj3dkg+uVk84gnOGwknQPQltYzriSNdWIegnq+3Oouemm8GfIU/qgBVjhcP+yTNdcGeF4wwM7y/qMsFwBUMTBHg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ouCy4d1x; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= The implementation of the fetching depends on the chroot mode (e.g. schroot or unshare). As a preparation for the unshare mode, we hide the concrete fetcher implementation behind a factory, so that we will be able to dispatch based on the mode. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/dpkg-base.bbclass | 2 +- meta/lib/aptsrc_fetcher.py | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/meta/classes-recipe/dpkg-base.bbclass b/meta/classes-recipe/dpkg-base.bbclass index 03317ef2..b3f4caad 100644 --- a/meta/classes-recipe/dpkg-base.bbclass +++ b/meta/classes-recipe/dpkg-base.bbclass @@ -84,7 +84,7 @@ python() { # apt-src fetcher import aptsrc_fetcher - methods.append(aptsrc_fetcher.AptSrc()) + methods.append(aptsrc_fetcher.AptSrc.create(d)) src_uri = (d.getVar('SRC_URI', False) or "").split() for u in src_uri: diff --git a/meta/lib/aptsrc_fetcher.py b/meta/lib/aptsrc_fetcher.py index dfa784a9..37c84fa7 100644 --- a/meta/lib/aptsrc_fetcher.py +++ b/meta/lib/aptsrc_fetcher.py @@ -9,6 +9,10 @@ from bb.fetch2 import logger from bb.fetch2 import runfetchcmd class AptSrc(FetchMethod): + @classmethod + def create(cls, d): + return AptSrcSchroot() + def supports(self, ud, d): return ud.type in ['apt'] @@ -20,6 +24,11 @@ class AptSrc(FetchMethod): codename = d.getVar('BASE_DISTRO_CODENAME') ud.localfile='deb-src/' + base_distro + '-' + codename + '/' + ud.host + def clean(self, ud, d): + bb.utils.remove(ud.localpath, recurse=True) + + +class AptSrcSchroot(AptSrc): def download(self, ud, d): bb.utils.exec_flat_python_func('isar_export_proxies', d) bb.build.exec_func('schroot_create_configs', d) @@ -83,6 +92,3 @@ class AptSrc(FetchMethod): finally: runfetchcmd(f'schroot -q -f -e -c {session_id}', d) bb.build.exec_func('schroot_delete_configs', d) - - def clean(self, ud, d): - bb.utils.remove(ud.localpath, recurse=True) From patchwork Fri Feb 20 17:15:53 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4894 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:34 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f57.google.com (mail-oa1-f57.google.com [209.85.160.57]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGVoS006395 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:32 +0100 Received: by mail-oa1-f57.google.com with SMTP id 586e51a60fabf-40ad1c724dasf22661654fac.3 for ; Fri, 20 Feb 2026 09:16:32 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607786; cv=pass; d=google.com; s=arc-20240605; b=FyzvdOlBpTC7e5iSnqOWiWrV/VwVcGDgxuSLeEKmyF4scfn+MydXMzFtzJT0eA2gab tK9fPJletsK3Z5SRD2RqXucguAWGohPYnN8sgNLa3FuYNHWRoH7rfukizKc8jOKkow0k nJRo2t83lAEO7IGKMoQtVJMcL6BmLATush5zehMX07hfU/MOqK/DnZEotDYN+r9kvP2Y gjOK4YXt7DwXHEnEe3K+xDllHDrhvDbjbwJRYoeJyn01WqZ5UkDVe/K1XNPCRhYFugjR lgof7MYNtQwXtbeCylCqovKUV7SCTOCP/1q3i+w4Mo9mdobZcfrKoBgqX1UXcfLP6nUY M7ow== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=DYBcdbLQLgr7U95TZgaBjkD8skkF7fLpiDaACGqaIjE=; fh=6uGIgEhtepgWWmGuwZmPwb/nr5BDcqXcBvxtVFCAe3w=; b=OiSdtd6SjBG+2hQoKynq8AVYJ/uIohoMZyT+jZMZsIoNopsVjiXIo8UapE0QFHL++j 8GUDt+2cp7Ig9mFeTFaFu+dedrE16+bjgtnyb1HjIIN+2BelvCye4LBP6UEA5hY7t+Tn 9PhbXDJJ36UT6hWblYlPxwa09RQHbnA2T/irF8WntrhdWPFHnSgeZ0/PvkUJKmPdOa01 ZXsWIiG1UF/hEBNE1HKXPRJ+sIgAWVvEJTe8mFEmg+UH0Sun0SKHCvDx1dwDYXwS6eqw SuDKlnu9G0/e94GmSzBsFuyx+46YyVFqtLbgIEk01Mk4b93qaKQMFdUKtWRVeNSStGv9 FWKw==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=hDvKCnu+; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607786; x=1772212586; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=DYBcdbLQLgr7U95TZgaBjkD8skkF7fLpiDaACGqaIjE=; b=jLNdCPGBUor6dUptMI1Kz1OZHXXvcAxhSEtbdH2xAxcEA2cpLbse2XE1KJ227J5yh4 s8hme35NTELl7186fAftw4ZtatPiiFLtfPLfCGNLKKOs3kV4kiVT7EOiUlNL2VlWVJ14 4bEcDzPSTfoEVI5sGOKC3sCOVdS+Hl6O1G26X+1aZoGJzQPTrXt8TyATUn8Y64Z2o0ab Ymj8ptHDe8x+v2kd2lI+N4G0yXQNXlA8lmjBjT/oB6qbyXsKIDC905fZ2pSlKYqUt1/K DO5mfaxpXT6YrdZFCVGs5fnYEIqZzyZQy35KORrrNnBMsZAqEfnjOSNqwpkOMzRyi1bs pQZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607786; x=1772212586; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=DYBcdbLQLgr7U95TZgaBjkD8skkF7fLpiDaACGqaIjE=; b=kHHQQL9Lef7rl4OpUFeav47lNRTArl1BInYxKIvflTDQ/uZmO1pg0NSkK6PbYLQovI Bf3PlaHgMYXeOVsG8DOHoqmeavWckbUQEn+lZSXN6u0KVhTpYrnSet9lmMqb5dWrKEeF XsUsLOYLtkYi3lq6GxlcAizD5uzd1p2CYd6Whp6kf6KFaQZm9AS2VFsQ6pt/rPkrq/HO hZ4+xJQJEAoYm7gUGdDQi3vT37HxV+T/7dfYfH/h8p7danH/staYOoppqYQfMnC3QdRG ZyTIDlO6bB7v+1VGlie5dkUHlW1xeibJhvcza2GVimJLfjexfj6G+XmPPODopm9iFbHZ f/xQ== X-Forwarded-Encrypted: i=3; AJvYcCUmCyLG6H41mUQ/ewVgxVwXqQRZd5u46poNUG4ZSMFhTe0FM+UKlh3wWnrQqrHM0LcWvTFXjwU=@isar-build.org X-Gm-Message-State: AOJu0Yw/18+ztvLRJBqwWuogawu/0OZ5738V/v66i5Tl4x+ZYVFuiI3l eN+PUPdlKSwCetdP3M2F3W1JNuLj1OvikKtjYXmhPkXaapE/rLzBUj/W X-Received: by 2002:a05:6870:8594:b0:3d9:2fe2:f5c8 with SMTP id 586e51a60fabf-4157af8a4e8mr315801fac.32.1771607786060; Fri, 20 Feb 2026 09:16:26 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+EUB7rvTLMtC4iYuJnwhjB7WaPSwaQopbOeTTa4+XKYRQ==" Received: by 2002:a05:6870:e812:b0:40e:b5a8:d867 with SMTP id 586e51a60fabf-40eca6ef8bels5557895fac.2.-pod-prod-01-us; Fri, 20 Feb 2026 09:16:24 -0800 (PST) X-Received: by 2002:a05:6808:2390:b0:463:4fc5:4829 with SMTP id 5614622812f47-464463e29aemr353167b6e.63.1771607784619; Fri, 20 Feb 2026 09:16:24 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607784; cv=pass; d=google.com; s=arc-20240605; b=Few976coA7/TPTKkLseN2TL8Og6NvSfbzzUBXBwx6n7Rebpvy8POQYPOwXMfAxj9Ul Arh+Nrdtq1EAkrT2P97yrwwY3IKFDq5thC/Gt5Y+VdqppkTIOINi7y4yDD1w8nOmxFT9 FsUq2TK/ovHURFVpV2X7u8sHsq/M7rIooSxDcBeisw97eLHX5UHeDuUwSqootHLffLbj QAdPQJWb+5CNgiwCYLkfvExMkl+fO2ZlUQ5lEQQqxedryLqtbdkirUPRa6ZYdHLRM0FX XPlmq0qJKmBj4L0c0jDAeI76k6aYrXcufzS2BiSeM7jq6qZS43EOAD/+Mz1D7zWN2er8 FNyQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=uE7YoYS7m7HMmgl6XICaldCtl/ZZf0LxijLNc0ReNzE=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=KbH9SfXW5LsyHjbde4eYNcBjuukG3ROJ49ZOB3xEt1m9tajRgfC1kMHRA8Z4CYbF/6 5WCF23HbuQ/eO+eBnYX2P33zEQH1qkRXrUWQtUGOu6GbuYra4mSXHXozDoHf0DqDdb3x zcnbR2Tf4xj1Pkm5nsc3qTg988nJGcsteagtMNqar6qBRzx43oKsPtRDu47l9dH5dNkQ /ghjd5V0ZwwSjRha3Vq2cOUuVn2TD6DIai3Oxid9AgHzzHKnMLhK6VPfR5jbzu/S7jSo M/pZw852hFhraoDSZPU+fRn8YwCxmyW4543XKBof/VbSU+BcgPS+rHl+PgqWwIznDaTN jERw==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=hDvKCnu+; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from DU2PR03CU002.outbound.protection.outlook.com (mail-northeuropeazlp170110003.outbound.protection.outlook.com. [2a01:111:f403:c200::3]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743986b6e.0.2026.02.20.09.16.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:24 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) client-ip=2a01:111:f403:c200::3; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=PQGHwIkiYUAx4eA8gWGtcJ1UUXsI2qZG8IAtaf5opdEI4B419QLAQonbs2gtVHsJf4O8Jjj55uoDp9VZ6EPbLn2JBqrYFBOrCGGcNmPlEpYEiL14FJbQQgdkm3VVO2+3oHpRFa2AKxzikOwC6p/vGNPt08n0YD7lpGka69kA7O5WrVou+4GqYEt+RZVz2P8B2RidU2X8dIo8OF7+MCIYwZGvxrqIhlnqefHhURyLHNhT1q2/2sfi3XfaTzlIG2sKdjRUh1Pk2iUg0MstthxzRwyHsR1mFj86j+DBA8+DB/v314R6YNbsh6484Vz7V1FB68Lz6cX0wq8bNQ2xMtlMzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uE7YoYS7m7HMmgl6XICaldCtl/ZZf0LxijLNc0ReNzE=; b=an5Y3Vd/84FIrGTzw0LW7LEo9KbX/7qf9dOjNo7dxKuZGCAqaVv+H2t9ENC+qsnresuwB9N9N9uitFXF3L0icRCajCz553Jfb/tFVCFFQYVoNRzzXsLKyZJGigy6a69LXkuYEbC3RmItJttsfOcL78Qm/mq17itIl9ufEOUKmmOM34/mraTPjcyFk2Xfy6b5nwBPcI+2DbsftoyvOdL/mWbyCr4/zB723aRJdnNElPeJF7lPBYZBslgInJG5VqUD/V2Z3aNezZM22wxEdzrGZWhuGag3neLHY1r3UUuz6UmgqQoDih4aASlMlvfnnncWZpg13XXa6MNkNXeXZze/1g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:18 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:18 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 11/19] add support for fully rootless builds Date: Fri, 20 Feb 2026 18:15:53 +0100 Message-ID: <20260220171601.3845113-12-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 74a3b491-a181-49ee-b49e-08de70a3c2ab X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: 1jfc2gnnOwQ/x5NI1LZeY2OmW+wF1xSpCplK3FY2vjjssBpMnato39Ajl9hd+rD/Lez1rVINLu8J0W5kh6jTMlz2JuwGudzmfSzmfKxcX5KzqTLiNJTynWSMJbgMj1dJHqsQpVVSwM7fSMRZQQUAO8xZnY0IMqf6tetc7CFVZSkfjh6YoS0WapxW2pzIa4cqKwbZyNks7YaC99WhTCZazoeKu0/tdV0AFj0RSrjNrJ+uDA2eAbbThq4kVh2o4Iry+uOSkSCfZsExNRNV+ioiWLrz3zxdCQGeT7BSQGPKE+6tr2fkBmy0J7DyoA0bbPuTgpp2qY3HN4G30DPT1Qm8hi0FieRA2Hbp3UN/oZAx3cJqgHQi9F1HuSTRiCo2EoJMOF+wKeyH7kaQyi6lKzqLJSs2/JXApV97p9Obqmo+vLUcRP32CA2qyZ0y5p5lGEab1MMD/GBe4xPt+UYDAtL8ZgxtBqyeqzKwTWHaJtMZeLlTBfsNL5r8YV538KOkqAInPHS+HZ1ADLvLjUV9Ftz87NssDM6yWmaaRDZNwdFTW3wjnmR3Ncfxwh5HE5La/2DJWuZBKnn0kN3VXUmyNVKtynytzNItIsue+uzprjmoWv3oY+iZXknQ2hLVHt7RfsZ6YG9FGumDDjB6Op3VTsGxw7f8fmGro5F1xM3TpI3JWufW0Ocs68Bu8s/6BwlLba8wPVty5DcPYEr2V7tSdhzIJSGxiWT8k3b44x+GeqPGDUHG1D67XWtGdTmsSvpHoU/HFEVRXZfgtfhQNttdnHn9r6Eq8ZQaH1cEjJeOkBZeQVAHcZGmvZQa/B8xpNOihSsGKryfpmMVgfMY8HYdNQWAtAHAzumOBZe3bfZdqzLKkLWd7dULREGP+FbQmWuuQgm2otHGsvlcndJC0mfwYCSjfehyB+UTxCYyup6ZRQjXUecRtGnXN7YOCeXobUB0IQRbzrHN95Ha6RkN8dm5DqR/XNmLrXkDhCroF6886GYkDOb9EN/pVhn8A3LOU6msmKZyEIJtwYUWbxlyn1J4fvCnsvJYNiV/VZp1HHEKG55gIHiapkF7K/AWX2v07PMuHb4T2KJSGj/ml8O3iH1FVhzjuWGAQ1FPEzogbUvd6etrogjEKjN+Cf+9YubtO/bkS3V6+eXppQ1ApuZGrfcaAM3cIcT5dwDc4m/uKg4pVqY1voD+c4PI5oWWPzFT6GQoV01gVLarL2xkC3S2FzpoxdcV87X6DDVk6fHckSOvLx8ciDBROTa5TZCAFFEN4YXXaJT0md4j9MU9Wu92aWrdSHJR38e1VFE/8wcBkiq52U2yPV1BBfLUdp+TEHngZpFCUanEQB7brv6+WwSCKW4WMpiJ/rVzqNknjmWe5h9+nKpAfSZ4DUaZyk1CRi594wyIJOP+/5fuYc1w6A4K4UJSVSiuivmhAZ3r56fpO5R8R+GxUIO9CRyv/Y1aJi64vf8M3eGVg+0GT6C1UO9zn75Zust8BBQ3w4eSjNoZ4VWB3k5TFQqNI3andv9SuxtbSGmr+coE X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: EefxBjL7mYdSGGpy4XpF24f0nSPSFUv60dsu3Qwg54Qchfb6Z8e2W6cAOy0vXpDLTJG4Fp2fsiN7ny0h+uUp4eQe2E4diqqd7C1L8o8Ost/t/beS5FvL6Kt62nUte0JnapJi5/TXOYU74FESA/TUZZ7J453Rvu7oZ1ONbKXLS/ZpRnbtJSTLeHQsOLeNQovRK7P3mEsmW9UmWpcKJ0nvUDbNOM2SwdGKG+xKQoX9HA+4olLZqs80ywDMwYOncwd07NQHF0yQfXHRxtKSniTT8KYfbNSCkS5GsslzC/tzDxLpBuLf8mMTCL7+qrwl5cr1FKhEPoXQ8AAcMUihuKltcfBHoObvZsAtCjHymz7GxD+iRaW0wOpWDkg3L0GwboMXzMPuamiLWh3nhBhU4BvSGJ4vaUSVaiftMMypFksd3FsncB9qTTFsbAw4A1luHo9OmA4VMDer92kf63GJybEzY9YPrhPVCkrSogFaf/Eptr+FhYkQ6s9SsiyS7568VpNBYiJbqWNte+PQBWEKSekhhpoXAGfJYmMoieJi13rjC0VBBCY9FO4W618qE8pQYrYUgDgsGud6Ws8yU24/uHTXXwFy42MEL38O89UyG9XSiWmHdxOeoI+G9zhMQ/BSBW2/I9I84ECHruBueny2YT4onSoPVfrbNyBPUMZbjoTATI3tP8PBqS7eSL3+Y4t0lMQqNQPJZSvKZY53AqbCGv3r7Axe8bOouzV2ZaFgQyxbXsF7api8QDc4kO6U+G/PBv5bET7SpV52qhx50ch9Fph/H7/VJ3E7b2flyU5XVXr5N2eXk3j+VbDq/6CLWOeiEDA+L3wQZgMuMYIGGN8aO20YQn2h532PZ8AdS2eN4O3zNykk+PZNPnypXwF82ypE8G56Qyuc7luMayBfrwWTrsPrO+wjLRpz0p2hKJZPBLTnVf+LfsPoC4Zwi4aJQio6NySzkpg0xTMTDCHw+QUD6a6jPS/2vKa6WM8rE4JeZh0LtUY4hw+mRe1aPbhQjxuGVJn+iXO4bBtUg+W/rn7WxmvCmGuq1h4GhvsMJZW0/P6tUi2g68s6eBSKgvM+EsiyyayQ3J0OdQUFAxVEqXuNqmx40Jm94YA0AIy7rwQ92ZU/omBX9F0nlK5oj/Cw/nuAZyT8WhgwNXFLVHJ1a6FkIf06DSHSV30TWfaci1GOLOokvjBQ3/uL5AKXuQhBBcpf/YXDX1LFYM49rFAROC3AP/5cJeGzpBYd1D5+HDcSOeOldmiPID5ALjoXUtgXzCP3UDOyQo6ZXxMoUzEh1zPgYlVKuBeRwztpXzfjr5mfML6seaFbKIYRi8JFmKC3PI6zmhXmPSVHh5p4suSW80w7R2Q/c+1L1CHxUquFqHNcoNgeNHmdfHAWtDrvl5PGw2V0rZaozzzWlb1VvSL8FZ5vKYz2wNENirWcHTttnY3WkpOkS0eO66WcsaXjXUkuMncnGOp8XD/Tge/OwZ3ydSk+2boSLRnSgm2TugHsFx9CgKVB32dVOeVk5XJDlGJ18lwAPHMXXZaWJ3DCE7af70QCgU78KPtGYUw4SdC/d6g7paLrs/GNVl4gf46sC67IDf5L2I4cutyoV38qRvVAA8gT5GE0nHRKc4KydbRdwO26CnhXpt4H487SmPGC2zqtl+I7ayEXYXcuHeuy72TDdk+z+HbFrC6tnjxBaU+OAAxuE5vgzz9bBs0l3IK6Dy0hZKwoD5I5+/sBuIkDPatOpStu45PAFXXvQRdQ91uk0oj/g+KKykQ= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 74a3b491-a181-49ee-b49e-08de70a3c2ab X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:18.3213 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 3T0CVRDTP7MMvWAyQCM9LMKLO6NQnEBmNPMhRfzUpCC/Enkui2Cb6CEdIPGqZuNLu0zg094iM2+tlb09cX8P4k5S/JCoZaFuf7kMdX17X+I= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=hDvKCnu+; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Currently isar requires passwordless sudo and an environment where mounting file systems is possible. This has proven problematic for security reasons, both when running in a privileged container or locally. To solve this, we implement fully rootless builds that rely on the unshare syscall which allows us to avoid sudo and instead operate in temporary kernel namespaces as a user that is just privileged within that namespace. This comes with some challenges regarding the handling of mounts (they are cleared when leaving the namespace), as well as cross namespace deployments (the outer user might not be able to access the inner data). For that, we rework the handling of mounts and artifact passing to make it compatible with both chroot modes (schroot and unshare). Signed-off-by: Felix Moessbauer --- Kconfig | 2 +- RECIPE-API-CHANGELOG.md | 25 ++++++ doc/user_manual.md | 2 + kas/isar.yaml | 2 +- meta/classes-global/base.bbclass | 90 ++++++++++++++++++- meta/classes-recipe/deb-dl-dir.bbclass | 9 +- meta/classes-recipe/dpkg-base.bbclass | 16 +++- meta/classes-recipe/dpkg.bbclass | 14 ++- .../image-locales-extension.bbclass | 9 +- .../image-tools-extension.bbclass | 82 +++++++++++++++++ meta/classes-recipe/rootfs.bbclass | 56 +++++++++--- meta/classes-recipe/sbuild.bbclass | 26 +++++- meta/classes-recipe/sdk.bbclass | 10 ++- meta/conf/bitbake.conf | 7 +- .../isar-mmdebstrap/isar-mmdebstrap.inc | 12 ++- .../sbuild-chroot/sbuild-chroot.inc | 24 ++++- 16 files changed, 350 insertions(+), 36 deletions(-) diff --git a/Kconfig b/Kconfig index 683c0da5..5ef2bfcb 100644 --- a/Kconfig +++ b/Kconfig @@ -14,7 +14,7 @@ config KAS_INCLUDE_MAIN config KAS_BUILD_SYSTEM string - default "isar" + default "isar-rootless" source "kas/machine/Kconfig" source "kas/distro/Kconfig" diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index 31c61789..59ea3110 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -990,3 +990,28 @@ rootless builds. For that, the deployment of images happens in two steps: Conversion commands need to follow this strategy as well, but can read the image (prior to conversion) from `${IMAGE_FILE_CHROOT}`. + +### Rootless isar execution + +Isar is able to run without the need for `sudo` in an environment that +allows unprivileged users to unshare the kernels `user namespace`. Further, +a sufficiently large set of sub ids needs to be configured in `/etc/subuid` / `etc/subgid`. +This range should be `> 65536`, but smaller ranges might work as well, depending on the +ids used in the rootfs. + +A simple check if rootless is supported can be done by running: + +```bash +mmdebstrap --unshare-helper /bin/echo "rootless supported" || echo "rootless not supported" +``` + +To enable rootless builds, set the bitbake variable `ISAR_ROOTLESS = "1"`. +This internally switches the chroot mode from `schroot` to `unshare`. + +When using kas, the `build_system` needs to be set to `isar-rootless`, but the final +interfaces still need to be clarified. Further, kas patches are needed (for details, +check the kas mailing list). + +Note, that the following features are not supported yet in rootless mode: + +- devshell diff --git a/doc/user_manual.md b/doc/user_manual.md index 7520854b..77a37e9b 100644 --- a/doc/user_manual.md +++ b/doc/user_manual.md @@ -74,6 +74,7 @@ Building `debian-trixie` requires host system >= bookworm. Install the following packages: ``` apt install \ + acl \ binfmt-support \ bubblewrap \ bzip2 \ @@ -88,6 +89,7 @@ apt install \ qemu-user-static \ reprepro \ sudo \ + uidmap \ unzip \ xz-utils \ git-buildpackage \ diff --git a/kas/isar.yaml b/kas/isar.yaml index 16ce8b42..3cfc4f96 100644 --- a/kas/isar.yaml +++ b/kas/isar.yaml @@ -4,7 +4,7 @@ header: version: 14 -build_system: isar +build_system: isar-rootless repos: isar: diff --git a/meta/classes-global/base.bbclass b/meta/classes-global/base.bbclass index 730fd0b4..3806542b 100644 --- a/meta/classes-global/base.bbclass +++ b/meta/classes-global/base.bbclass @@ -389,7 +389,28 @@ do_unpack[prefuncs] += "deprecation_checking" # shall be used outside of this class. def insert_isar_mounts(d, rootfs, mounts): + """ + In unshare mode, all mounts must be created after unsharing the + mount namespace. As needs to happen within the unshared session, + we implement it as a code generator. Note, that the random and urandom + mounts are needed for DDI images. + """ lines = [] + to_touch = ['/dev/null', '/dev/random', '/dev/urandom'] + to_mkdir = ['/dev/pts', '/dev/shm'] + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + lines.append('touch ' + ' '.join(['{}/{}'.format(rootfs, f) for f in to_touch])) + lines.append('mkdir -p ' + ' '.join(['{}/{}'.format(rootfs, f) for f in to_mkdir])) + lines.append('mount -o bind,private,mode=666 /dev/null {}/dev/null'.format(rootfs)) + lines.append('mount -t devpts -o noexec,nosuid,uid=5,mode=620,ptmxmode=666 none {}/dev/pts'.format(rootfs)) + lines.append('( cd {}/dev; ln -sf pts/ptmx . )'.format(rootfs)) + lines.append('mount -t tmpfs none {}/dev/shm'.format(rootfs)) + lines.append('mount -o bind /dev/random {}/dev/random'.format(rootfs)) + lines.append('mount -o bind /dev/urandom {}/dev/urandom'.format(rootfs)) + lines.append('mount -t proc none {}/proc'.format(rootfs)) + # we do not unshare the network namespace, so we cannot create a sysfs, hence bind-mount + lines.append('mount -o rbind /sys {}/sys'.format(rootfs)) + for m in mounts.split(): host, inner = m.split(':') if ':' in m else (m, m) inner_full = os.path.join(rootfs, inner[1:]) @@ -398,7 +419,18 @@ def insert_isar_mounts(d, rootfs, mounts): return '\n'.join(lines) def insert_isar_umounts(d, rootfs, mounts): + """ + In unshare mount we don't unmount the system mounts but just + remove the mountpoints. + """ lines = [] + to_unlink = ['/dev/null', '/dev/random', '/dev/urandom', '/dev/ptmx'] + to_rmdir = ['/dev/pts', '/dev/shm'] + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + lines.append('rm -f ' + ' '.join(['{}/{}'.format(rootfs, f) for f in to_unlink])) + for d in ['{}/{}'.format(rootfs, _d) for _d in to_rmdir]: + lines.append('[ -d {} ] && rmdir {}'.format(d, d)) + for m in mounts.split(): host, inner = m.split(':') if ':' in m else (m, m) mp = '{}/{}'.format(rootfs, inner) @@ -406,11 +438,52 @@ def insert_isar_umounts(d, rootfs, mounts): lines.append('[ -d {} ] && rmdir --ignore-fail-on-non-empty {}'.format(mp, mp)) return '\n'.join(lines) +def get_subid_range(idmap, d): + with open(idmap, 'r') as f: + entries = f.readlines() + for e in entries: + user, base, cnt = e.split(':') + if user == os.getuid() or user == os.getlogin(): + return int(base), int(cnt) + bb.error("No sub-id range specified in %s" % idmap) + def run_privileged_cmd(d): - cmd = 'sudo -E' + """ + In unshare mode we need to map the rootfs uid/gid range into the + subuid/subgid range of the parent namespace. As we usually only + get 65534 ids, we cannot map the whole range, as two ids are already + used by the calling environment (root and builder user). Hence, map + as much as we can but also map the highest id (nobody / nogroup) as + these are used within the rootfs. It would be easier to use + mmdebstrap --unshare-helper as command (which is also internally used + by sbuild), but this only maps linear ranges, hence it cannot map the + nobody / nogroup on the default subid range. By that, we have to avoid + the nobody / nogroup when building packages in this case. + """ + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + nobody_id = 65534 + uid_base, uid_cnt = get_subid_range('/etc/subuid', d) + uid_cnt -= 2 + nobody_subid = uid_base + uid_cnt + gid_base, gid_cnt = get_subid_range('/etc/subgid', d) + gid_cnt -= 2 + nogroup_subid = gid_base + gid_cnt + cmd = 'unshare --mount --mount-proc --user --pid' \ + ' --kill-child' \ + ' --setuid 0 --setgid 0 --fork' \ + f' --map-users 0:{uid_base}:{uid_cnt}' \ + f' --map-groups 0:{gid_base}:{gid_cnt}' + if uid_cnt < nobody_id: + cmd += f' --map-users {nobody_id}:{nobody_subid}:1' + if gid_cnt < nobody_id: + cmd += f' --map-groups {nobody_id}:{nogroup_subid}:1' + else: + cmd = 'sudo -E' bb.debug(1, "privileged cmd: %s" % cmd) return cmd +UNSHARE_SUBUID_BASE := "${@get_subid_range('/etc/subuid', d)[0] if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else '0'}" +# store in variable to only compute once and make available to fetcher RUN_PRIVILEGED_CMD := "${@run_privileged_cmd(d)}" run_privileged() { @@ -422,13 +495,24 @@ run_privileged_heredoc() { } # create a directory that is suitable to be the -# parent of a rootfs +# parent of a rootfs. In unshare mode, we further need to +# give the inner user the right to create a directory there. +# This is needed, as the inner user needs to extract the +# rootfs tarball and owns the '.' dir. create_chroot_parent_dir() { mkdir -p "$@" + if [ "${ISAR_CHROOT_MODE}" = "unshare" ]; then + setfacl -m u:${UNSHARE_SUBUID_BASE}:rwX "$@" + fi } run_in_chroot() { rootfs="$1" shift - ${RUN_PRIVILEGED_CMD} chroot "$rootfs" "$@" + + rootfs=$rootfs run_privileged_heredoc <<'EORIC' "$@" + set -e + ${@insert_isar_mounts(d, '$rootfs', '')} + chroot "$rootfs" "$@" +EORIC } diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 05a16585..dc83edad 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -121,8 +121,13 @@ deb_dl_dir_import() { # let our unprivileged user place downloaded packages in /var/cache/apt/archives/ run_privileged_heredoc << ' EOSUDO' - mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ - chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ + if [ "${ISAR_CHROOT_MODE}" = "unshare" ]; then + mkdir -p "${rootfs}"/var/cache/apt/archives + chmod 777 "${rootfs}"/var/cache/apt/archives + else + mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ + chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ + fi EOSUDO # nothing to copy if download directory does not exist just yet diff --git a/meta/classes-recipe/dpkg-base.bbclass b/meta/classes-recipe/dpkg-base.bbclass index b3f4caad..0b8c6fba 100644 --- a/meta/classes-recipe/dpkg-base.bbclass +++ b/meta/classes-recipe/dpkg-base.bbclass @@ -168,12 +168,24 @@ dpkg_schroot_create_configs() { EOSUDO } +dpkg_chroot_prepare() { + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + dpkg_schroot_create_configs + fi +} + +dpkg_chroot_finalize() { + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + schroot_delete_configs + fi +} + python do_dpkg_build() { - bb.build.exec_func('dpkg_schroot_create_configs', d) + bb.build.exec_func('dpkg_chroot_prepare', d) try: bb.build.exec_func("dpkg_runbuild", d) finally: - bb.build.exec_func('schroot_delete_configs', d) + bb.build.exec_func('dpkg_chroot_finalize', d) } do_dpkg_build[network] = "${TASK_USE_NETWORK_AND_SUDO}" diff --git a/meta/classes-recipe/dpkg.bbclass b/meta/classes-recipe/dpkg.bbclass index 8d7ff092..9fda58af 100644 --- a/meta/classes-recipe/dpkg.bbclass +++ b/meta/classes-recipe/dpkg.bbclass @@ -78,6 +78,7 @@ dpkg_runbuild() { distro="${HOST_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" fi + create_chroot_parent_dir ${WORKDIR} deb_dl_dir_import "${WORKDIR}/rootfs" "${distro}" deb_dir="/var/cache/apt/archives" @@ -85,7 +86,10 @@ dpkg_runbuild() { ext_deb_dir="${ext_root}${deb_dir}" if [ ${USE_CCACHE} -eq 1 ]; then - schroot_configure_ccache + ${ISAR_CHROOT_MODE}_configure_ccache + fi + if [ "${ISAR_CHROOT_MODE}" = "unshare" ]; then + sbuild_add_unshare_mounts fi profiles="${@ isar_deb_build_profiles(d)}" @@ -110,12 +114,13 @@ dpkg_runbuild() { DSC_FILE=$(find ${WORKDIR} -maxdepth 1 -name "${DEBIAN_SOURCE}_*.dsc" -print) sbuild -A -n -c ${SBUILD_CHROOT} \ + --chroot-mode=${ISAR_CHROOT_MODE} \ --host=${PACKAGE_ARCH} --build=${BUILD_ARCH} ${profiles} \ --no-run-lintian --no-run-piuparts --no-run-autopkgtest --resolve-alternatives \ --bd-uninstallable-explainer=apt \ --no-apt-update --apt-distupgrade \ --chroot-setup-commands="echo \"Package: *\nPin: release n=${DEBDISTRONAME}\nPin-Priority: 1000\" > /etc/apt/preferences.d/isar-apt" \ - --chroot-setup-commands="echo \"APT::Get::allow-downgrades 1;\" > /etc/apt/apt.conf.d/50isar-apt" \ + --chroot-setup-commands="echo \"APT::Get::allow-downgrades 1;${@'\nAPT::Sandbox::User root;' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''}\" > /etc/apt/apt.conf.d/50isar-apt" \ --chroot-setup-commands="rm -f /var/log/dpkg.log" \ --chroot-setup-commands="mkdir -p ${deb_dir}" \ --chroot-setup-commands="find ${ext_deb_dir} -maxdepth 1 -name '*.deb' -exec ln -t ${deb_dir}/ -sf {} +" \ @@ -125,7 +130,10 @@ dpkg_runbuild() { --finished-build-commands="cp /var/log/dpkg.log ${ext_root}/dpkg_partial.log" \ --build-path="" --build-dir=${WORKDIR} --dist="${DEBDISTRONAME}" ${DSC_FILE} - sbuild_dpkg_log_export "${WORKDIR}/rootfs/dpkg_partial.log" + # TODO: unclear if needed under unshare + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + sbuild_dpkg_log_export "${WORKDIR}/rootfs/dpkg_partial.log" + fi deb_dl_dir_export "${WORKDIR}/rootfs" "${distro}" # Cleanup apt artifacts diff --git a/meta/classes-recipe/image-locales-extension.bbclass b/meta/classes-recipe/image-locales-extension.bbclass index c1e8c175..bdaa55fb 100644 --- a/meta/classes-recipe/image-locales-extension.bbclass +++ b/meta/classes-recipe/image-locales-extension.bbclass @@ -29,8 +29,12 @@ ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT += "image_install_localepurge_download" image_install_localepurge_download[weight] = "40" image_install_localepurge_download[network] = "${TASK_USE_NETWORK_AND_SUDO}" image_install_localepurge_download() { - run_in_chroot '${ROOTFSDIR}' \ + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS') if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else '')} + chroot ${ROOTFSDIR} \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only localepurge +EOF } ROOTFS_INSTALL_COMMAND += "image_install_localepurge_install" @@ -62,6 +66,9 @@ __EOF__ # Install configuration into image: run_privileged_heredoc <<'EOSUDO' set -e + + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), '')} + localepurge_state='i' if chroot '${ROOTFSDIR}' dpkg -s localepurge 2>/dev/null >&2 then diff --git a/meta/classes-recipe/image-tools-extension.bbclass b/meta/classes-recipe/image-tools-extension.bbclass index 2eac3619..bae5c31e 100644 --- a/meta/classes-recipe/image-tools-extension.bbclass +++ b/meta/classes-recipe/image-tools-extension.bbclass @@ -16,6 +16,9 @@ do_image_tools[depends] += " \ SCHROOT_MOUNTS = "${WORKDIR}:${PP_WORK} ${IMAGE_ROOTFS}:${PP_ROOTFS} ${DEPLOY_DIR_IMAGE}:${PP_DEPLOY}" SCHROOT_MOUNTS += "${REPO_ISAR_DIR}/${DISTRO}:/isar-apt" +# only used on unshare +ROOTFS_IMAGETOOLS ?= "${WORKDIR}/rootfs-imgtools-${BB_CURRENTTASK}" + imager_run() { IMAGE_STAGE_DIR=$(dirname $IMAGE_STAGE_HOST) create_chroot_parent_dir $IMAGE_STAGE_DIR @@ -114,3 +117,82 @@ generate_imager_sbom() { --timestamp $TIMESTAMP ${SBOM_DEBSBOM_EXTRA_ARGS} \ < ${WORKDIR}/imager.manifest } + +imager_run_unshare() { + exec 3<&0 + + # ignore everything before '--'. If the remaining list is empty, + # assume a here document is passed via stdin + while [ "$#" -gt 0 ]; do + case "$1" in + --) shift 1; break ;; + *) shift 1 ;; + esac + done + + if [ "$#" -eq 0 ]; then + set -- "$@" '/bin/bash' '-s' + fi + + local_install="${@(d.getVar("INSTALL_%s" % d.getVar("BB_CURRENTTASK")) or '').strip()}" + + create_chroot_parent_dir $(realpath -m "${ROOTFS_IMAGETOOLS}/..") + + run_privileged_heredoc <<'EOF' + set -e + mkdir -p ${ROOTFS_IMAGETOOLS} + tar -xf "${SBUILD_CHROOT}" -C "${ROOTFS_IMAGETOOLS}" + mkdir -p ${ROOTFS_IMAGETOOLS}/isar-apt + cp -rL /etc/resolv.conf "${ROOTFS_IMAGETOOLS}/etc" +EOF + + # setting up error handler + imager_cleanup() { + run_privileged rm -rf ${ROOTFS_IMAGETOOLS} + } + trap 'exit 1' INT HUP QUIT TERM ALRM USR1 + trap 'imager_cleanup' EXIT + + if [ -n "${local_install}" ]; then + echo "Installing imager deps: ${local_install}" + + distro="${BASE_DISTRO}-${BASE_DISTRO_CODENAME}" + if [ ${ISAR_CROSS_COMPILE} -eq 1 ]; then + distro="${HOST_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" + fi + + E="${@ isar_export_proxies(d)}" + deb_dl_dir_import ${ROOTFS_IMAGETOOLS} ${distro} + ${SCRIPTSDIR}/lockrun.py -r -f "${REPO_ISAR_DIR}/isar.lock" -s <<'EOAPT' + local_install=$local_install ${@run_privileged_cmd(d)} /bin/bash -s <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFS_IMAGETOOLS'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${ROOTFS_IMAGETOOLS} apt-get update \ + -o Dir::Etc::SourceList='sources.list.d/isar-apt.list' \ + -o Dir::Etc::SourceParts='-' \ + -o APT::Get::List-Cleanup='0' + chroot ${ROOTFS_IMAGETOOLS} apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y \ + --allow-unauthenticated --allow-downgrades --download-only install \ + $local_install +EOF +EOAPT + + deb_dl_dir_export ${ROOTFS_IMAGETOOLS} ${distro} + local_install=$local_install run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFS_IMAGETOOLS'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${ROOTFS_IMAGETOOLS} apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y \ + --allow-unauthenticated --allow-downgrades install \ + $local_install +EOF + fi + + run_privileged_heredoc <<'EOF' "$@" + set -e + mkdir -p ${ROOTFS_IMAGETOOLS}/${SCRIPTSDIR} + ${@insert_isar_mounts(d, d.getVar('ROOTFS_IMAGETOOLS'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${ROOTFS_IMAGETOOLS} "$@" <&3 +EOF + + run_privileged rm -rf ${ROOTFS_IMAGETOOLS} +} diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 1cd492c6..7570942a 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -145,7 +145,12 @@ rootfs_cmd() { } rootfs_do_mounts[weight] = "3" -rootfs_do_mounts() { +python rootfs_do_mounts() { + if d.getVar('ISAR_CHROOT_MODE') == 'schroot': + bb.build.exec_func('rootfs_do_mounts_priv', d) +} + +rootfs_do_mounts_priv() { run_privileged_heredoc <<'EOSUDO' set -e mountpoint -q '${ROOTFSDIR}/dev' || \ @@ -168,7 +173,13 @@ rootfs_do_mounts() { EOSUDO } -rootfs_do_umounts() { +python rootfs_do_umounts() { + # unconditionally run the unmount code as this ignores missing + # mountpoints but also does the cleanup of the directories + bb.build.exec_func('rootfs_do_umounts_priv', d) +} + +rootfs_do_umounts_priv() { run_privileged_heredoc <<'EOSUDO' set -e @@ -215,7 +226,12 @@ ROOTFS_EXTRA_IMPORTED := "${@rootfs_extra_import(d)}" rootfs_prepare[weight] = "25" rootfs_prepare(){ - run_privileged tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" + create_chroot_parent_dir $(realpath "${ROOTFSDIR}/..") + rm -rf ${ROOTFSDIR} + run_privileged_heredoc << 'EOF' + mkdir -p ${ROOTFSDIR} + tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" +EOF # setup chroot run_privileged "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}" @@ -285,10 +301,14 @@ rootfs_install_pkgs_update[weight] = "5" rootfs_install_pkgs_update[isar-apt-lock] = "acquire-before" rootfs_install_pkgs_update[network] = "${TASK_USE_NETWORK_AND_SUDO}" rootfs_install_pkgs_update() { - run_in_chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ - -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ - -o Dir::Etc::SourceParts="-" \ - -o APT::Get::List-Cleanup="0" + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ + -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ + -o Dir::Etc::SourceParts="-" \ + -o APT::Get::List-Cleanup="0" +EOF } ROOTFS_INSTALL_COMMAND += "rootfs_install_resolvconf" @@ -316,9 +336,12 @@ rootfs_install_pkgs_download[isar-apt-lock] = "release-after" rootfs_install_pkgs_download[network] = "${TASK_USE_NETWORK}" rootfs_install_pkgs_download() { # download packages using apt in a non-privileged namespace - rootfs_cmd --bind "${ROOTFSDIR}/var/cache/apt/archives" /var/cache/apt/archives \ - ${ROOTFSDIR} \ - -- /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only ${ROOTFS_PACKAGES} + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + chroot ${ROOTFSDIR} \ + /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only ${ROOTFS_PACKAGES} +EOF } ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT ??= "" @@ -345,8 +368,12 @@ rootfs_install_pkgs_install[weight] = "8000" rootfs_install_pkgs_install[progress] = "custom:rootfs_progress.PkgsInstallProgressHandler" rootfs_install_pkgs_install[network] = "${TASK_USE_SUDO}" rootfs_install_pkgs_install() { - run_in_chroot "${ROOTFSDIR}" \ + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + chroot "${ROOTFSDIR}" \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} ${ROOTFS_PACKAGES} +EOF } ROOTFS_INSTALL_COMMAND += "rootfs_restore_initrd_tooling" @@ -636,7 +663,7 @@ rootfs_install_sstate_prepare() { # tar --one-file-system will cross bind-mounts to the same filesystem, # so we use some mount magic to prevent that mkdir -p ${WORKDIR}/mnt/rootfs - run_privileged_here <<'EOF' 3> rootfs.tar + run_privileged_heredoc <<'EOF' 3> rootfs.tar mount -o bind,private '${ROOTFSDIR}' '${WORKDIR}/mnt/rootfs' -o ro lopts="--one-file-system --exclude=var/cache/apt/archives" tar -C ${WORKDIR}/mnt/rootfs -cpS $lopts ${SSTATE_TAR_ATTR_FLAGS} . >&3 @@ -650,8 +677,11 @@ rootfs_install_sstate_finalize() { # - after building the rootfs, the tar won't be there, but we also don't need to unpack # - after restoring from cache, there will be a tar which we unpack and then delete if [ -f rootfs.tar ]; then + create_chroot_parent_dir $(realpath -m "${ROOTFSDIR}/..") + run_privileged_heredoc <<'EOF' mkdir -p ${ROOTFSDIR} - run_privileged tar -C ${ROOTFSDIR} -xp ${SSTATE_TAR_ATTR_FLAGS} < rootfs.tar + tar -C ${ROOTFSDIR} -xp ${SSTATE_TAR_ATTR_FLAGS} -f rootfs.tar +EOF rm rootfs.tar fi } diff --git a/meta/classes-recipe/sbuild.bbclass b/meta/classes-recipe/sbuild.bbclass index ea0c5841..ded311da 100644 --- a/meta/classes-recipe/sbuild.bbclass +++ b/meta/classes-recipe/sbuild.bbclass @@ -7,7 +7,8 @@ SCHROOT_MOUNTS ?= "" inherit crossvars -SBUILD_CHROOT ?= "${DEBDISTRONAME}-${SCHROOT_USER}-${ISAR_BUILD_UUID}-${@os.getpid()}" +SBUILD_CHROOT:unshare ?= "${SCHROOT_DIR}.tar.zst" +SBUILD_CHROOT:schroot ?= "${DEBDISTRONAME}-${SCHROOT_USER}-${ISAR_BUILD_UUID}-${@os.getpid()}" SBUILD_CONF_DIR ?= "${SCHROOT_CONF}/${SBUILD_CHROOT}" SCHROOT_CONF_FILE ?= "${SCHROOT_CONF}/chroot.d/${SBUILD_CHROOT}" @@ -144,6 +145,13 @@ END EOSUDO } +unshare_configure_ccache() { + # ccache must be below /build for file permissions to work properly + cat <<'EOF' >> ${SBUILD_CONFIG} +$path = "/usr/lib/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"; +EOF +} + sbuild_dpkg_log_export() { export dpkg_partial_log="${1}" @@ -152,3 +160,19 @@ sbuild_dpkg_log_export() { cat ${dpkg_partial_log} >> ${SCHROOT_DIR}/tmp/dpkg_common.log ) 9>"${SCHROOT_DIR}/tmp/dpkg_common.log.lock" } + +# additional mounts managed by sbuild +sbuild_add_unshare_mounts() { + mkdir -p "${CCACHE_DIR}" + # sbuild id from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110942 + setfacl -m u:${UNSHARE_SUBUID_BASE}:rwX -m u:${@int(d.getVar('UNSHARE_SUBUID_BASE')) + 999}:rwx "${CCACHE_DIR}" + + cat <<'EOF' >> ${SBUILD_CONFIG} +$unshare_bind_mounts = [ + { directory => '${WORKDIR}/rootfs', mountpoint => '${PP}/rootfs' }, + { directory => '${WORKDIR}/isar-apt/${DISTRO}-${DISTRO_ARCH}/apt/${DISTRO}', mountpoint => '/isar-apt' }, + { directory => '${REPO_BASE_DIR}', mountpoint => '/base-apt' }, + { directory => "${CCACHE_DIR}", mountpoint => "/ccache" } +]; +EOF +} diff --git a/meta/classes-recipe/sdk.bbclass b/meta/classes-recipe/sdk.bbclass index 074f5ef8..6086e9ce 100644 --- a/meta/classes-recipe/sdk.bbclass +++ b/meta/classes-recipe/sdk.bbclass @@ -74,13 +74,17 @@ rootfs_configure_isar_apt_dir() { ROOTFS_POSTPROCESS_COMMAND:prepend:class-sdk = "sdkchroot_configscript " sdkchroot_configscript () { - run_in_chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + cp -rL /etc/resolv.conf '${ROOTFSDIR}/etc' + chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} +EOF } ROOTFS_POSTPROCESS_COMMAND:append:class-sdk = " sdkchroot_finalize" sdkchroot_finalize() { - - rootfs_do_umounts + rootfs_do_umounts_priv # Remove setup scripts run_privileged rm -f ${ROOTFSDIR}/chroot-setup.sh ${ROOTFSDIR}/configscript.sh diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf index 0f84e715..1c3a6f4a 100644 --- a/meta/conf/bitbake.conf +++ b/meta/conf/bitbake.conf @@ -72,7 +72,7 @@ KERNEL_FILE:arm64 ?= "vmlinux" MACHINEOVERRIDES ?= "${MACHINE}" DISTROOVERRIDES ?= "${DISTRO}" -OVERRIDES = "${PACKAGE_ARCH}:${MACHINEOVERRIDES}:${DISTROOVERRIDES}:${BASE_DISTRO_CODENAME}:forcevariable" +OVERRIDES = "${PACKAGE_ARCH}:${MACHINEOVERRIDES}:${DISTROOVERRIDES}:${BASE_DISTRO_CODENAME}:${ISAR_CHROOT_MODE}:forcevariable" FILESOVERRIDES = "${PACKAGE_ARCH}:${MACHINE}" # Setting default QEMU_ARCH variables for different DISTRO_ARCH: @@ -151,6 +151,10 @@ ISAR_APT_RETRIES ??= "${@'10' if bb.utils.to_boolean(d.getVar('ISAR_USE_APT_SNAP ISAR_APT_DELAY_MAX ??= "${@'600' if bb.utils.to_boolean(d.getVar('ISAR_USE_APT_SNAPSHOT')) else ''}" ISAR_APT_SNAPSHOT_TIMESTAMP ??= "${SOURCE_DATE_EPOCH}" +# Rootless build execution +ISAR_ROOTLESS ??= "0" +ISAR_CHROOT_MODE ??= "${@'unshare' if bb.utils.to_boolean(d.getVar('ISAR_ROOTLESS')) else 'schroot'}" + # Default parallelism and resource usage for xz XZ_MEMLIMIT ?= "50%" XZ_THREADS ?= "${@oe.utils.cpu_count(at_least=2)}" @@ -206,6 +210,7 @@ CCACHE_DEBUG ?= "0" # Variables for tasks marking # Long term TODO: get rid of sudo marked tasks TASK_USE_NETWORK = "1" +# nested namespacing requires this as well TASK_USE_SUDO = "1" TASK_USE_NETWORK_AND_SUDO = "1" diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index 8ca295b7..c90bc59c 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -178,6 +178,8 @@ do_bootstrap() { umount \$1/$base_apt_tmp && rm ${WORKDIR}/mmtmpdir && \ umount $base_apt_tmp && rm -rf --one-file-system $base_apt_tmp" else + # prepare dl_dir for access from both sides (local and rootfs) + create_chroot_parent_dir ${WORKDIR}/dl_dir deb_dl_dir_import "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" bootstrap_list="${WORKDIR}/sources.list.d/bootstrap.list" @@ -197,6 +199,7 @@ do_bootstrap() { -o Dir::State="$1/var/lib/apt" \ -o Dir::Etc="$1/etc/apt" \ -o Dir::Cache="$1/var/cache/apt" \ + ${@'-o APT::Sandbox::User=root' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} \ -o Apt::Architecture="${BOOTSTRAP_DISTRO_ARCH}" \ ${@get_apt_opts(d, '-o')}' extra_essential="$extra_essential && $syncout" @@ -214,13 +217,14 @@ do_bootstrap() { # Cleanup mounts if fails trap 'exit 1' INT HUP QUIT TERM ALRM USR1 - trap 'bootstrap_cleanup' EXIT + trap ${@'true' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else 'bootstrap_cleanup'} EXIT # Create lock file so that it is owned by the user running the build (not root) mkdir -p ${DEBDIR} touch ${DEB_DL_LOCK} - run_privileged TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ + ${@'' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else 'run_privileged'} \ + TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ $arch_param \ --mode=unshare \ ${MMHOOKS} \ @@ -239,6 +243,7 @@ do_bootstrap() { --customize-hook='sed -i "/en_US.UTF-8 UTF-8/s/^#//g" "$1/etc/locale.gen"' \ --customize-hook='chroot "$1" /usr/sbin/locale-gen' \ --customize-hook='chroot "$1" /usr/bin/apt-get -y clean' \ + ${@'--skip=output/dev' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} \ --skip=cleanup/apt \ --skip=download/empty \ ${@get_apt_opts(d, '--aptopt')} \ @@ -252,7 +257,8 @@ do_bootstrap() { if [ "${ISAR_USE_CACHED_BASE_REPO}" != "1" ]; then deb_dl_dir_export "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" - run_privileged rm -rf --one-file-system "${WORKDIR}/dl_dir" + run_privileged find ${WORKDIR}/dl_dir -maxdepth 1 -mindepth 1 -exec rm -rf --one-file-system "{}" \; + rmdir ${WORKDIR}/dl_dir fi } addtask bootstrap before do_build after do_generate_keyrings diff --git a/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc b/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc index 61d37760..7a778d8c 100644 --- a/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc +++ b/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc @@ -66,8 +66,28 @@ ROOTFS_POSTPROCESS_COMMAND:remove = "rootfs_cleanup_base_apt" DEPLOY_SCHROOT = "${@d.getVar('SCHROOT_' + d.getVar('SBUILD_VARIANT').upper() + '_DIR')}${SBUILD_SCHROOT_SUFFIX}" -do_sbuildchroot_deploy[dirs] = "${DEPLOY_DIR}/schroot-${SBUILD_VARIANT}" -do_sbuildchroot_deploy() { +sbuildchroot_deploy_tree() { ln -Tfsr "${ROOTFSDIR}" "${DEPLOY_SCHROOT}" } +sbuildchroot_deploy_tar() { + lopts="--one-file-system --exclude=var/cache/apt/archives --exclude=isar-apt" + # we cannot use pzstd, as this results in a different magic + # (zstd skippable frame) which is not detected by sbuild + # https://salsa.debian.org/debian/sbuild/-/blob/d975d388a98627a0d7d112791e441c27a6d529df/lib/Sbuild/ChrootUnshare.pm#L608 + ZSTD="zstd -${SSTATE_ZSTD_CLEVEL} -T${ZSTD_THREADS}" + run_privileged \ + tar -C ${ROOTFSDIR} -cpS $lopts ${ROOTFS_TAR_ATTR_FLAGS} . \ + | $ZSTD > ${DEPLOY_SCHROOT}.tar.zst + # cleanup extracted rootfs + run_privileged rm -rf ${ROOTFSDIR} +} + +do_sbuildchroot_deploy[network] = "${TASK_USE_SUDO}" +do_sbuildchroot_deploy[dirs] += "${DEPLOY_DIR}/schroot-${SBUILD_VARIANT}" +python do_sbuildchroot_deploy() { + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + bb.build.exec_func('sbuildchroot_deploy_tar', d) + else: + bb.build.exec_func('sbuildchroot_deploy_tree', d) +} addtask sbuildchroot_deploy before do_build after do_rootfs From patchwork Fri Feb 20 17:15:54 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4893 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:32 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f55.google.com (mail-oa1-f55.google.com [209.85.160.55]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGUBg006314 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:31 +0100 Received: by mail-oa1-f55.google.com with SMTP id 586e51a60fabf-40f192cf4b6sf8787732fac.1 for ; Fri, 20 Feb 2026 09:16:31 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607785; cv=pass; d=google.com; s=arc-20240605; b=Z0ZnhLh3TRjdCS963rU7bskrIkaL47JjSvNOZFVLvvVvJKnJMxSPtwUuFYa0w8iaCp bFUmQ/uSSCu/wnaLhD8P7dKTBgBvdk2YdK2L00lvfahLOC36B/hPeaeAfertcik8ysT0 1OCgyl+IwjTbrUZw2CPiR1OyIZXpZE71SbKqO8QQvAwHd3RPk24TUTP2z4lKjE0SIpo8 RxxQh7zfpv82EhHgVp0O0H4fsOR7jymV+JRCwhWqLJrHbapRXxDADtGvFDUTOA+/34Ne f/z0DuZAXRjnYkwNrQjgbtP0ALSl/ZMzjMJRQ8WZ+87ouGAks683Y0GoOErJLxbWPcBt tlXg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=2ZTmOHtlgowxY4g9FVxz2PnzxHoClRdZeJbeb15XrU4=; fh=EGI054jFq8/ff6YR/Fsm29q988GtBY+ksHKtJTv9j7Y=; b=BMwTVXPCIX9c8qG/nxHn+d1oxIIfvUljOtCmBh5Dn9U1SywKdJi6hyTaFK0pBA+6aA skfYfdEEY7PXESqYpl1RLlEcmE76Qqao7HjX/H9u9QwfP8QxXvYr9eLjR7MmdpyHyZYZ tarEzRwQrosVKLRNhHGKLALgPzeDwlRjvH6qrYyLRezQyW1yMGc9GJQwY2+LBOkq5XfB ZWw2p6VPLvK7LaDOJ3Mewo9GnsMk7tL8/Z2r9PGG669yUQxo2+ED0rAbU8XPt9ORq4zK jhaP3CPAaCV/uW14PKAQxB0qB8Vkpu6aZXUiG3xc8G2O9TYr9N5gy/mli0tMfi0g3oKC wieg==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=IapRLqX0; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607785; x=1772212585; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=2ZTmOHtlgowxY4g9FVxz2PnzxHoClRdZeJbeb15XrU4=; b=paCMC88kpXFA/2wZl98IlpNQ/x6LXlhJlgf5cIOe+ud33kh8MME7BV2kLSLNHT0AEo +45m0Y9mmSoQLlQni6L96FWfeoqYfiAZkO7Nk5jGh/Ddq//i80MnXDRASuR7mYkDL56o uPMW0201LpO3sfL7ICROI9bPbnIT/0K1m15BOJDVI4mcOlm1qf11wkNtycFO9+C5xkqY KoWBlSEG5N0d4qB1WsPjC5Ui3IWInBlddw8nyOmCAZAktuXo5amR16k0/mxLk6KfdirP AvJ7FuDQhzIhKmoWxT+BdYoV8k4ZyvqcArYSd6abmx7o3MP44nl+E4eVMpHPnJpA8ccI Io8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607785; x=1772212585; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2ZTmOHtlgowxY4g9FVxz2PnzxHoClRdZeJbeb15XrU4=; b=QIHv/sHQmadceI6RKQxvLEYH/AEMaxsj4XovQrvaWq8szVRp21i0w5CkQPpIkSsxEO ynyZ4RrNE6T8i1gxoVJOxnYNj3UF/tZnyeixs0DRU3KUg/D5tK2YvprbHq/D/yMS1hL3 m/pNYvaOC4Qrv5KfLSBhIFT/mLVf43Vx3zHwB0pX+0SpaeN/6DpAO60MdT/NqjqVggEa nZGynexiCrPu//d4golBL3qjWHtEr2vW21CNaOEWL2zNNmGd/bfCGeJGJl7gvHTJT5Ca cqiL2vqOEEbpcl6M5R//u6YuKJETpliVx8UNebdNVZOPqys/u9lGPqn88xNJczmho1cI /cTg== X-Forwarded-Encrypted: i=3; AJvYcCWP/yqOroeAnekq9/3rpzkLC4zSSwilH5YekQ8ojAmdn+voS9MKCcIJfsxUxM+zbEgayp7d3as=@isar-build.org X-Gm-Message-State: AOJu0YxXC18+2IjLJws8L79mXcJcUWiSdUCmDJByyasSWWt17/je9lj3 D2Ng8A+f9ZbajiyaJJfcNtbbYA5RfkIzx6Btw7Asa/Wrgca0AuHD50qY X-Received: by 2002:a05:6871:c8c6:b0:40e:e3f6:bc9e with SMTP id 586e51a60fabf-4157abbd8ddmr238392fac.7.1771607784925; Fri, 20 Feb 2026 09:16:24 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+G6vC6JU0cChmGnFzraWw7ME+dszgpVPzF138qu9UfXwA==" Received: by 2002:a05:6870:148c:b0:40f:17a9:2919 with SMTP id 586e51a60fabf-40f17a92af4ls3995186fac.0.-pod-prod-06-us; Fri, 20 Feb 2026 09:16:24 -0800 (PST) X-Received: by 2002:a05:6808:10d5:b0:45c:8afc:2dc9 with SMTP id 5614622812f47-46446377cc4mr293645b6e.54.1771607783937; Fri, 20 Feb 2026 09:16:23 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607783; cv=pass; d=google.com; s=arc-20240605; b=VDHILBj9Qa7pWfgxKxg4kP8Aq0ZWrkUX7R4uIbsI9/empVBv9Gtpd9vsbnZDywdyGq 2ONFBi8V01i1GMK8zJO2qI8EjG4YKt9fckmey81Nvq8jEj0/NKfMgJ4i4hvOneBZS+WL OuAwyc6Rgo9jtMjLU8WS/GFVDTIL6rYE42ubuOdVzSnK8+buo2StO0V2GMFJA7euQ0Vi omFM4zH5yqi/0yYxitQ1QTdWK+Qmo7k8U9WME27+6B7CdsEfITySRbn5dJdDXRpoja3y ipALGRRMJZ7bQZDSGQ3und6JsyVLIJVdgt9s+7X6B5PFC2TMyW6XHjDurq8JAsPLKN4e T3oA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=tu5Ag/6Kcx7ePx9LgvsXvOKNn+//c5kfllz2gVqeJDo=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=NmDrCWBsAfQtIm+AFBphNujQW0ml27F8SAJjJeSdrCvv/QNWSl2JKlJtNFpU8/nuPt SwumVU06nc6UdNxkLrTm/R5dTkzCDzwcAX1uOVxFECj9Ys1VwGdo/Di8TyD0jSEo02nB NXPmTm5EeR0eQVY1qEVayDSBpzWdhPe33UTaXIyayHMpJFgerXcsoyN5Jdep6vm7ijJq VHRJQaBSXd8iIYcuKzmznXQXxzeWR9wmgO8cWRIB0dl6emWTLh1glSgnpdndNqeV6pvp SGggj8FK4fxQ+d2qalFQQwsODhMhs3iPSjoygzZLSDsbTxuLykP0qi3VQk7Z2oCy92YH Im8A==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=IapRLqX0; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from DU2PR03CU002.outbound.protection.outlook.com (mail-northeuropeazlp170110003.outbound.protection.outlook.com. [2a01:111:f403:c200::3]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743986b6e.0.2026.02.20.09.16.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:23 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) client-ip=2a01:111:f403:c200::3; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=keKmHUD2Ozv7Alb9j27CmVTJTwzUv/6o0rlPHiuwq+nIljU+waZcnQqW0OK+7fzBm+1CvjDray8SfIf6yrT7rnUkozhz+nuzSiRFprG1Hq68UUAxpTGjv+2zi+y0YXYZFhYG8Q11+anTmoq0JmehxAm323DeLxqAzgC2Dhn7sf1HSuF8d3wNyY+1gIWQOEUjfIfrLulnOJEtaA/SutGEupEmMrjVeErvbwuHPsiNHO09xb0y/zpe6REEKPj7a3LHUv3PPhoGOg626aBjjwHcHcmEXSbxDCKCte+ZoGJu7SsLLNyhmkItH6Zmlc4gUhAoLIzKGyAatmVJGo1gH8jZhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tu5Ag/6Kcx7ePx9LgvsXvOKNn+//c5kfllz2gVqeJDo=; b=WTAr/HANV8+FKxbsanbha0WXI1BSh70U2zG54J/JcqFNSO+GF5QXjpWuJs7y+OPw9FWCwsSg4AfVArFd0O7zcYXPSIsgW397noGP7hsVSCrx+etoZmRUK2wSqS18x4J1FK7iP0ClEp0OdceHr8+68KkT9cbmkpJtdxxx+ZfRFnGuXShR+CoDYnETFsqs7Qp1vfhqKH5+Xv/tnxTXQl8PjfsTxx6JWSiQn3K8IoogGHZ0bGZP62LJ0WbxEJeEf3C8SXQdUu0GaHyegMnOr3FXhNQtNnvwtWqMEYgozgGgW5uQCx//TY4CPGIAtJcMa1vO+XbibigawlcBuDkkzzFrCA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:19 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:19 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 12/19] add helper script to clean artifacts in build dir Date: Fri, 20 Feb 2026 18:15:54 +0100 Message-ID: <20260220171601.3845113-13-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: e2df22a8-0e93-46c2-3a44-08de70a3c328 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: NMTj/0oOc8HiZL0HfVAk+JRXc1IigJIdAWpinOrZxXFMj3gTuVCQaGqUqIMt10H/an4p1N1b1on449YRkhx3UvuBwSHVrwHw0Yu5Vr0cnSc4CNJdzTugIAhkYHPJBtjduOFsr1/5WlpE2F/k057DMfPppfJWHH7vCnRHFIcf6eVrocNm65GgQwTwGi7FGUTutXPW+i4dl6qoxQxaaEyI7YDubGGnFkxgAPm2O+4iTU0Q0tSWuDAdDatl7bKUH7YDTM6y23UzzUSI4Jwj30+m73ld3k+AnjQPSI7WznnHegwUbgHhDHjsDdjFLRWudV+fLUAaaf2GESV9t+VpD1NtFkY2KS2QGGfSy0OYJoIQ8E0W90Z3o5cW//uaUl4DpcZ3NAlfK3oqk2dQMK0g4vyIEnFIELv7h9Hk3nOOJ3HUo7Yi79sqZ1wFAtkbKlCII1SWE95dM3AzwZWW8G1dsevqdQXB2kTQYCf9AnOt9tGcMYqku1YWtfX5K+iktATaY+Tqd+vE0dbCaQkTNQRs1W4wsjb/6ZUE6a7RdBD5/xmqWoEC5icvBIpWUokVhuTJRvxorbRMmiJ8VKdKKQ7D25Kb1tJ94muBPt577BxX095sjzh4y4CXGFC3oivUzT/Vs2D/Jddel1UoBQFmeatDyD7t6ImoYi5nP1Ves/wIt9HHqzs16cSG/4gvWzniodmGMABfTS73/FndDLwHlZfTxs+zGy4cpPb0xuuUGCLjWwtzDloFBgnNIe5mAkELj0J+xZufkYvXz4H2Rd0AkA+0jHEQxtPJRFVL9gnBmCvyXlAFlWjKpJw1Kj4zIjDshry2Bj9hBq8uN9MOIYJV84H2ZXXdV+pNdTelRmo2NWGt+dIrghRPCGMKkKnqH8XsQB9o09qiBHATjEwVzLyEfxP/VkclquCC2/Gfey/OMzGlDAOKZlXJ6KOksRmsdLhPTGKLRvJ2lA4hkwL9mxpv9jrur5cIItR7y15XrVGEMkbwfWX4qonS5ER1QiiiiufTgop3HJIkoz0FGikQ7m65zxAgNWWp+YzGgXT63sZzopuDHUPvN9cjwY2WxAADUuZJNr2A1lNgAmEuCl8Dria8TfFNK18766iV9nqr9nNDZSvcbZFW+0/64D82461bN17NhfaGBZSSSh4zPk+V97QYmaBNgokE+Z8+aNzsbu2yZ6i/y576rzUdUKyY35C8tQEB5IbFmsiLW9Ys85wBOMI+0549yhZQabtc+4VJ99tDvUxukSN2wF6bHviJ/9rq3bXRxLp0T5n6GdMJ701o1QHdj16w5KFQZUG3Ga88FxrmsMDEjiYPBV+JM6q/ieRYhSCSTkNj1KAn3S0QbJr+VBrknAkKkDvminnd9lH77TKUzjdjtRAJws2rwdUkM00vcjEDkuX1kn8dZmFFXQoYS97BYhxRBgIkts1ZKMdNF2/hxwWQsxaYkFbNlJLtgjdma1WeV1sIP6n9T6LdpYyjdW9OLmtUU8JcxcTpuCSMxNKChoEJAUTuihiZrUHpx81fyMdQi8jIVbtnAyAJtNPs5omliqnKFYuSCq5qTZzdkuGNSB/v/uHUdRY= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: R1D2Ia0gwVEp5IOo0o/0HEWCAtP8UZT8AAWegEB027k2qBxhiS7h9/gfVDPdTXzTrwCmEhMf01ZohMPq+5//s4eNGeUX15AZk7RrMozulUJgzK5HwrDIfNotpP3RH6nGJ3u48ZrKKN0eNxUFcp0cvwWXUIaNsGuibMnhiuBK4TIU4AW5evMDO9QJ+iXu/eiXBcn3s9ukc4uqsq3D1AA+rN1x3lm61qefqBDdtaIiVq93zo5qnSF+Zhu+ceEB4y0ugpPKU7aPieQ+vppFPsuyvLE1Db/RlRVWciG2+1leSuzVXSDk2sQOAFmp8DXGk0vHcurRiOhuQYo/WaM0NcntPKjQ6K+lKNLF4WNWVJa9Bw9f2mm+Y4oOIxTjOGmv3LCQkh3OL7QZOjr3LF+jTozYj6sOX2CBSruVRJwBcf71PsC/K4CvJj2I0w8Su8IcXhiLQdtygDo2wLmibJi9STczwoRR98H3JRixDlVENHy2iww1DGw0312QxnVKE6mcg+eDdpdYiA0ED0+Y4WLL2MPV8imPAxx8pkp132wQDRXOR5DGDy4GHXEqb5Pzwh2IY6xex4RyqjJeX0zNM7ArLUAJiBhb8XOl1rQvXkZlI0yBRhBgRf/JjygADNTiCkcZfCJgiJZCPR27VFTu8fmcsI76OTqFzKMLLa3SIxhMXkKY7FEVE5aPhRK/C5OuKg/4Fk054Ff9VDdsFJvcVjlhLLwLbKFbDaaW5Y7oeM45VNkJ8zFRcW6m88ZmARCjJrEcqlnJHiL5md9HtOPumUPsrcaTwz/7ZWhTQN9npo6umElzf89dqd4qQj1pHwhWQCZWXfB/+y6RvfyW1HBEVwkq9z4IY/k5DuZ2EO2zJuk0fQ+TsaCJElAvjbewt4zZFJz325Z3j4mHJbry7WkqU/+DdGiI5BQmhQhbO9HOENYhWyD49G645jMExwsSe5MN9y6fm79WGtFEeBsFaI7wMZWrthPETTZyPHx3mHHpx0miQav1UVyGd92Q18EhS60Q+uEJ1DFUJJkY9N3M/xYIUVAtYMY8rPJU1zcEY0xhx98l/jWZ34ZkqGYcIhym8IG3e269wLANx0k7Fb1UEzla/T5KHl8mtIGxFuo/14zfwmXXv1zUa4ZdJTbc9rn24g1PNky1hgrjXSc/grHiu/3QpdcKuqGkWRcetvGXZW1jxeAwuyAeCzb+JycGQgjlYsivJijKYrp5OGEa8eOdUzEDaFDmyJqDdrQadm5cSg/p97uHS15gI+6+HHA53CiWQfHujFTdjGvEbn33ARYQxvAsJ4n1Cf4j/ptxc4QGdqgE9bMivWZE/hHuQIszVqZDe4pyC3AncbukeSNM7+O5yRKmi052jHqOe4dq+yyhKhVS+5zGqpubUteKvL9RjlT5qIEtSnKCtU6FRco6BmJdHR/3xCy7upGyNWD8DeIychhYJBMlcUJiTBjW5yyUFlq5tMSwor52eel3RHdcjz+R7DyMq2qTVFb7mpnCyQ4g2nGHxeodVEFJXH9V0S5mOZP525Rw8ijSm+fNBP6/+0gbWy4+Vkq+rVbIp/odPHGyHZhHxCKih3ZS9K8FgHq1OVozPwXNjvjUyVldgyjWtW7/WKgJaIHn3WWWTnu5yC8A4c2gWJLaWvvbAXnbaKc2Go7hkwPznT8OZwFidl3iF/x1hT3tFek0UeUdu6Ah8bD62vJSfUPNNSBZJKnQfjjaXsIcK7d4AqT7dSwBJwXxfdjgBvW92UhaeMW75opu6ztjv07dvoV5+PEbOy8= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: e2df22a8-0e93-46c2-3a44-08de70a3c328 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:19.0786 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bETDBtsa/o5pTbYaOa0f4EV1DKj//pNaks9PIiVgrJP4/EkBA8K0XA38iXoNpjFVzh5WRUbnjwpB5seOnHoIWcA/9kz6LCLpai8opGPoIdA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=IapRLqX0; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= When running in rootless mode, cleaning the build directory from outside the build environment is a non trivial task due to mixed file ownerships. To simplify this, we introduce the isar-clean-builddir script that can perform the cleanup without requiring root privileges. Signed-off-by: Felix Moessbauer --- RECIPE-API-CHANGELOG.md | 5 +++ scripts/isar-clean-builddir | 73 +++++++++++++++++++++++++++++++++++++ 2 files changed, 78 insertions(+) create mode 100755 scripts/isar-clean-builddir diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index 59ea3110..8cbafbba 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -1015,3 +1015,8 @@ check the kas mailing list). Note, that the following features are not supported yet in rootless mode: - devshell + +Note, that the build dir may contain files that were generated within the rootless +environment and cannot be deleted from the outside by the calling user. To simplify +the cleanup, we provide the `isar-clean-builddir` script that helps purging +directories with mixed ownerships (without requiring root privileges). diff --git a/scripts/isar-clean-builddir b/scripts/isar-clean-builddir new file mode 100755 index 00000000..81b52561 --- /dev/null +++ b/scripts/isar-clean-builddir @@ -0,0 +1,73 @@ +#!/bin/sh +# isar-clean-builddir - Clean the build/tmp directory +# +# This script removes all files from the specified directory, including those +# owned by other users (which requires elevated privileges). +# +# Rootless Mode: +# When --rootless is specified, no privileged commands are executed. This +# requires that the UID namespace where files were generated matches the +# cleanup environment. When running from a container, this script must be +# called from within the same container. +# +# Part of the Isar API. External tools may call this script for cleanup. +# +# Copyright (c) Siemens AG, 2026 +# SPDX-License-Identifier: MIT + +DRY_RUN=0 +ROOTLESS=0 + +usage() +{ + EXIT_CODE="$1" + SELF="isar-clean-builddir" + printf "%b" "Usage: ${SELF} [--rootless] [--dry-run] [dir]\n" + + exit "${EXIT_CODE:-1}" +} + +while [ $# -gt 0 ]; do + case "$1" in + --dry-run) + DRY_RUN=1 + shift 1 + ;; + -h | --help) + usage 0 + ;; + --rootless) + ROOTLESS=1 + shift 1 + ;; + --*) + usage 1 + ;; + *) + break + ;; + esac +done + +[ $# -eq 1 ] || usage 1 +if ! [ -d "$1" ]; then + echo "error: \"$1\" is not a directory" + exit 1 +fi + +if [ $ROOTLESS -eq 1 ]; then + PRIVILEGED_CMD="mmdebstrap --unshare-helper" +else + PRIVILEGED_CMD="sudo" +fi + +if [ $DRY_RUN -eq 1 ]; then + echo "dry-run, not executing" + DRY_RUN_PREFIX="/bin/echo" +fi + +# clean all files that do not belong to us +# shellcheck disable=2086 +find "$1" \( ! -user "$(whoami)" -type d -prune \) -exec $DRY_RUN_PREFIX $PRIVILEGED_CMD rm -rf {} \; +# clean remaining files +$DRY_RUN_PREFIX rm -rf "$1" From patchwork Fri Feb 20 17:15:55 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4895 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:35 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f60.google.com (mail-oa1-f60.google.com [209.85.160.60]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGWwe006432 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:33 +0100 Received: by mail-oa1-f60.google.com with SMTP id 586e51a60fabf-40eee5d10c5sf23928864fac.0 for ; Fri, 20 Feb 2026 09:16:33 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607787; cv=pass; d=google.com; s=arc-20240605; b=EcQQKR1gHrLUr1Sr7GuvLuqlrugq5b21ag8hJY6LOevdkoNh7xxZJimXjC45nrLOmO O0akJb0RW8eUc9bIUx/baXyO/rW4xrxgDK59GTb8eO+LWABJErLtopaQxafUs50+cfRH fqOdsQydSPWDMXV4nRhhEkaxJ6E0hgmUm9QaV8TMVgLL9WWV2VX1k9faXj5vxFdtu9oM xqqfHjYpRBifSm1AHdTxMCqyi1/FoTKll1rekzrZuevDyhYmQ8nhKlGxkRBv3cGMR0bn fkh7ucgQVvQiGZO/jHhnZWI5xAGwhmmR1ND+PGj1b/drA8LA3w8a75vMwyhXJdixWBv1 M0Gg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=mt2CU3OLiZSmgHXHZGG8KIz11t0JJspClgYEJ/ZKIWU=; fh=522MbDIsooLc84BpZU0QeUoN8uvsZVAqIqhXjbnXM7A=; b=PNmQ9NBagzlSvmbH7O4uQP8/D9ixD7L6/Xugk7M36TYjyNqP/pQ5DTN+nZcIqd9xdj NV+yQryvGVA7ea2oXVQoYbAYYOj89dXU3f0aG1Xeww0TKhyg22piVORD6qpE2or32dZy i5VaQ/T+MKDc5WLL02DUZg+m3sgXkTbIDztS30BETuEB8dv5mAkjfDmcQmUHOopN0qeM sYi7/hv4yGy2P9Fq14WigAkRnTwvRpmMF+EQjzKoXNX1ZexlZZA53juvkEKX1Nw7BMl8 jfCjwcQvgYJdM+X5SXR7JCAIqnwQ8mww4aRqSge7gp8sK9xS71Rmmat0Tmo9RpCsyF+J HS8w==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=qzjdqyYQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607787; x=1772212587; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=mt2CU3OLiZSmgHXHZGG8KIz11t0JJspClgYEJ/ZKIWU=; b=j4oTIamz9RhJZUzibYiHgXq6YSCkfc9/quqCEA6s2J+LN8PH3Lv2M6xuvJ0oXA1WPv pwr0QqS6/iN+h7vcvAPOhDj8dDx3uTKhXM7mheYSYVMpDKSbztnIjxknvo5JLmLF9imX 8r4hpEZM1PTm3T0uNPe763YjZF17ARpnLfX4UBG9Lj1d251u0r3YttG8UJTIBWnmuywb NiokhLSxhBWcBHz6z6mzPtg8qwoIcT65lb87I0EzvUVKOZH6mQmXos+b1FpWa4vywR7m UzunjurERLP9XweaeWnrz0KPcUAxhfnsUio0VUcg8RYxebYtgSlHmG6alx8DzeKZONbz 1VyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607787; x=1772212587; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=mt2CU3OLiZSmgHXHZGG8KIz11t0JJspClgYEJ/ZKIWU=; b=ARlzo/SFa3dv7D64NpgRKY+ICkoCbtFuinlVA89krJ3QtqgCbvgupN86Oq50EGi3PD UT9xF6ZAb+WdMSp0+iwfiJ1HdkRcdPQErzctCsWKT6jFWhvafWoHH9xIOZL1+t6bhRuR etw5D34X/kJxbdzsKPvh1egdI5UjAdGUuBDC8fzscNEvc+Obu7pK8ocBv0pWK+OhjVBQ +K7h9AFVKoYICxk09DZu0hkHKkB9e2b9R1oEIWobt5Up6+bkOCvaVpBG+JLuMqCK0NWt 1Xr1szOz7KzVKT2t7TstH9OEYqfTxwYfurNo+qysMOHWMtJsCoG+ZRf3IRmxszykzGFO R7Yg== X-Forwarded-Encrypted: i=3; AJvYcCWnmyZUILhIvcLFV8Pz49fGC9hsFg+dsGG0kbXKlG4GbeIt7Hzi+rzuMEVx9Azl1p/qSfjWdJk=@isar-build.org X-Gm-Message-State: AOJu0YzHM+YX4cEyfFa9cqNflLs0bVIEUFAyoTutAqj5vc+jQPzYEkcV JH4Yfg1texM/W9NQFclyb3CPYLnc3koxdvyCiXLJqldDctHh/BRxLNNH X-Received: by 2002:a05:6871:2212:b0:3e0:fd27:2623 with SMTP id 586e51a60fabf-4157ac00713mr305959fac.4.1771607786711; Fri, 20 Feb 2026 09:16:26 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+GeABDBNBmKAHUjTKwiUg0xLLAle6DdA/i2soJD+XQtig==" Received: by 2002:a05:6870:1582:b0:3ff:9f0a:cf52 with SMTP id 586e51a60fabf-40eefe9b9e2ls6476772fac.2.-pod-prod-07-us; Fri, 20 Feb 2026 09:16:25 -0800 (PST) X-Received: by 2002:a05:6808:158f:b0:463:ab56:9ed1 with SMTP id 5614622812f47-46446142794mr389474b6e.6.1771607785645; Fri, 20 Feb 2026 09:16:25 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607785; cv=pass; d=google.com; s=arc-20240605; b=fJdz/Kq4O4a7bGqYH16WfiFkOP1tIGltJfxk8BuQl0iCXWZak98aCD0kspGsvsOKdf AOX3FphPvsJX75XmjQv6ZFnkygjkBCCn5Ie5drckSFmfNaZ2zwfleGH70PhVqmaQSIZk 3JZLmKcnGNaacIrxDF68EiCmXRi9Y7va8+AreoRoVcPAqWL/Z4+2GjvftXD3ivMcWfY9 qp5QsfVxxaR8erJEECaC4h3nBmbvzi3r8GrPqgfcaYeyhg6r9eI0sNoz+ZsccLF5cmro +wuauPHGviRkhmMfrliHog32peCT1+s2zhakY2hLTLk9lkETz+v7eAtUUmSThLKJoIkx KrJA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=KCUgEh6l0DI+UCCQxAvkGAfQeEE8soSn54tvfc5H114=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=b8uGBELj9wYIQ1hebkA5qtctukrcdjYGDuYFzPD6+8jvZwqgsgVZMjcPON++qnrDTB MT7nBoTmwonIXxNpuNe4Rcfi3guVqtnm84Izsr7OD6QjF2wnH9z+FZe20zaTBJuoYX9Q REzTwO9YTrfvfs5iVjyFAD+axbPURAr0XKwnDm5WCnIfouUU7jN3k2lSzWci4TRepEty l4aQXKEepY6FdhXaIEsXTH50itUx8u9WZnDnHieJwIpvUlZNGo3zk1XvKVX4xPyHFTn2 64n7bq3rI0G1Z6Qy9r6GGwa0TbZs+KtBany7isdbvAu0wgfoX6XG46YqCqrZD4K7o3RL zKWg==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=qzjdqyYQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from DU2PR03CU002.outbound.protection.outlook.com (mail-northeuropeazlp170110003.outbound.protection.outlook.com. [2a01:111:f403:c200::3]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743986b6e.0.2026.02.20.09.16.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:25 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) client-ip=2a01:111:f403:c200::3; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=crlLZcGR5wDdLGXsAuEDyEgEeYa7sXSouxej44nrA9w3FQ6SFUMqUAYbFeqx9QkQjjCkG4Zb6Y+p9ckzxtNTesxEQB42GwB4GhrVfyDunicCs+qzMSPxGVi9uT3jNyfMOBtSaNMcb8V0/OVUKV6TJv57auxc+NA3iMoBoVr7KQl1gnmCnLI21xCYwk1WS/sXkHMl+tmmdRF/5Z2PHkEUx/KywbfnZwTATkHKMexqVBSk8I1b+5HDUNzDXywl7Qw47UjuHTPwDwxjJt2Kfg7M94QBvicZiBVjTHRRAJ+d9O5N5fEB2OZgdGopFG8XeoZe/RUHSDjVNHqOFp4EVqhq8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KCUgEh6l0DI+UCCQxAvkGAfQeEE8soSn54tvfc5H114=; b=ZWXoqDvYqFe70WKA74svHK1KClO/RnmRboHvxGQuLOiNqB4u5wsIn5/RtlG5S4FCYne5UHCHLQKFrGCCwRicIZQGn/x2JPeG5oar6As790fzmJkJNc8td1Z1UZ72uuFoYo19ISvilTyo8KjMfKbxu2rUFYfHJUfJy5NWeMilyysYUSJNb8zXdIAOj2RLA8yg9vukbjcQ/Ov5LiJv2sRdmCENKMhnFuOpQH/lTOiZuRs/NsPDj2oGuJqUcfwFwOTcOi/JYCbr5lWQmwU9Hpfq6Et4BKIJGoe6ZiF1WSZ+MVJieGv+FuaRLJBQL83pK3FznUD89O4/JqEC4w7YoHvXeQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:20 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:19 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 13/19] apt-fetcher: implement support for unshare backend Date: Fri, 20 Feb 2026 18:15:55 +0100 Message-ID: <20260220171601.3845113-14-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: b547e51a-12da-44a7-c0a6-08de70a3c3a4 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: XjVtqw22WzNKhKKU3G6zH42bKgKwRmqJ2CNkXUxjAht8NVlm+JAoPA0FB2uXKNj582h4LWMrSgkNkd3amoM+PV6QrxMcEoNCP2KTsU0VP8OP2HU1Im2PSt+GcqcF9Qee39DMDrPfgTUg0hv9qaQRFuxILiw3PmP599p8bBQN1gVO4dl316ZB3Keut3dWOyyNDEWU1eEyR4B87sMpv5drBRMJc/8vl+Ptq2sqXeMWQvxR6Aenu/WIIgwm6Iq2/OgKClh3l526lZdOeWFq9XCg5APPpZvNDf7Q1Q/OlB9O7vFqgLA1RjgkbzoAJicF+MBjh4nxE2fgCFNxG4m7DEaCsAk9YyXRYata82ZpW9rjGWIMRoq2bmLHQxYsw/6Zuy7GX240Z1ojmEi8PU926sxPmF0VG7IENhSDf3XXG9r+3NrV5b/3/WeHcM9dyrHT/EjODZmpMVlL7vt0wrsCGhiCgJ7wauiijXZZSG4xW7mStqC8cRtfi+coVGQ8RVVhkX3wOM4PcSERfqJFOTmZYNJJYI2uyVahMegMFKrNXvDCws/3xmjfclafFS0wOmFzauzZlZ98IYYRRpW/dIpjq7LydiMMQUGB7k0AMCEdAPq3maxyWqmVCWz3WtfFYkTLw3JWxPhB8R0p+iM7UhEcLSihdhiIRjBIbVw5f20038AVnhX/PLhsNR9HXYAFITs4OjDx5n7eWDxZl5wWDmHZ0EU530pR7O2iMpsL+fGA/XknJ9QCbagatpkAUcPTbzeiAkVbe0YmtoPNva+zweymIMycvkLlzKI3utMVd6ll3OpL4SaJHPcEFGIWXEh+WUMw7ghfMMvB8Mi/njgMXgQu6qqtUym/ski5dYSBaqSTlSdJ0seZnej8TQtTrvBz2IwZNSHEckKnLUcSs8MwU5HSgqZFL9PjeYf4sFehLP04mT3YP098M7xcXTTwnL/JB5oxVh5OL4uJOGu9IwkXfDgQBi54Y52fcTDT3mhH9gynLsN62XRudsIXubg7G3Zn7p6pqB/2ujSSe5FfguqLjQDDI5C1okAPoLzMXfypQ9ierpTQHjjSclribkgPPauJ/7EEzTq+qh93yOVqPn0raaNYrtsUg44wQ0MPtPkkxm2RBTlxZmTeH6tH8Y63E3iZYdk5lEPXyy+bT9lSdmUsR+1dB7DtvLgorot5CJiHE2I/NOeUXjRpnYwreNpo43Xdo3HUVRWG7mLv3sojriAg3UOi1M8D1N+Xz7dYPCG7XC2CzlLu7GyUoyMahMd9w/0b21Pd0s/KkSyoIomTTKTUci7KrMHtVYj62WRSK2J0h/k5Mp3WMLgJmGcdVIo84/jToHd82b3knX2XiyvBzUCJmgZ0ixLBXRW2zMjq9whDnuJ69Rek0klZywwVrS9ukw/nuZtmGHlyHU0aVnj6XY/f5Bg+Q1VTo1KTGOeKQlAsoWTN2wYGQoe3sbm0T5i8pHRfU0HixJ5KeqTpPADJ2RB2r6fgT8Qb2/47RlYqNmVrB6vtdEsLSi+l+FPVdeEVg2emATqlSmPZ/8KIBo/Bdojtfz6+WkrIfxUmfeM98edpM4TneH55GLY= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Q9RnogtZ3DvZfMHu5kIomlnlxeG+fsIJ4Y/ovVgMCljMJrAghfAHCBy3OHIqVz6AH29A0HVCVUrDlLktyDhLBYCPqmtUNc9/kghkNuHStnUYGD2fxceWGkMOrHaF17Zt85AG0Wiwlonz0acqentj5TNDejycUifF0DMeBHoTF1BYb55SMnC628S8lX56iwrV9cb3sNs5yywJAHffHbA80novPQf00f9BlxNvr/AEUQ1kqg9imksRPmreZCUK/3cB5PRWmsAtXFU/JBp5iDY81ijLsUSpwoKHlus/XM+fSBTV2M0pP1UgUttytmxqE17uQJl4G1CmhL6LQEhZty1SV75MEbDajWJ9mk60wCLFHUzo1EYsK+HPx+TPxqyAJuG+4/tZizWZaT/9IhaA7+ejMlNl7BGp4Pu6/8HxdjvVzwjETCTLR4MiFfMAhXMRIpE2JLIvBuFb9in3wB0XLgz6wdftbwD67Z7+J2HoAV5c3JckX9n7XPbFRFpl8Al5SDYPPYj82Gx4YcSFalReQW+r56DlhuVLqsI3IT7wV4C3CVFF8VuFydLeQncYTHSXVE7RY2dq/PUNRVDRcivL7hKDfTp4x1iH2MnjylGhTD5O2hQf5myOfoc90Len8J+meVmg9S+vh2YA+S1LgLIlfaycbXgVBb/+xYX6vIeS2fp5uqdc/aJpwHHmcJPYDN8Go499l6zcJYoLosyoYI7z5x3QHVblo4scTAZgplKYF8XYK3Yla8Eyk2LaIYkmc4G+ZGjaBbmVZHi8+EjxL0ZbHcpjsOiAEuL77dKbKInAtlxuq13gT8+/erSv26nCNAhj7ZxeID8OwbG0A4iglydQHwre1j9ZM9QAD/QEls33XTTc1/8Wzj7ClyUjUSSmjZ01FpKGIF1z507EM1pA90kib+Wq1BVR9gRQIDNLdOY2NrJ9IaejHMyNDdVvZWWeldQo0miqFSUXl3VI+IpZ/HGF1LKKdSq1mXaOcLJQf2TkpsAccwQSnteztwyKEx8aZwtvHkzIYk3pvxW/BSNU6JAWFrWjWHH7d7xjT8ovsTcerT2dNhOSCEgbuaUsfaZCl/juQzJNqtf2+wnWNkAvhvS6+p9/7suE0vx5Q5/+gRg717KUjT+5pg+lly91kXQTESxm3ap36wA1hnITy7bP370KGAD3LZdD63Ml4UwQPUnLh++VMG9nV+aaJeYM/WiOK+/WO3EMlgJOYcOueCC3nEQP9/D6VVuqQt4NvSwzY2/rBW7FgwseZAi59+KwGA4Hy+QaWJFTGYjCkmRQCOf5ZjueSMZ+PxY0m8IjnQttUeZm4flK9pTRbZV5osQuG7YwW6I9KpgubcHL821rmdLRCsO+tvqGziJnD54HBqkX+ogrHINFg7udOCZaYPU6iOJ5b4PU23zoSN2he+b3cL3yosHmDFUpFL5AhtcWPSDJthBTEtwqUyufOo3fvQ+djqbsK2/5nzey8w0jouoxbEOaTT3dRbx0c8/IBt5uakxdjrgFI9BZiqXtcW5XCICUjnT5NrjmEeZQ7AYpsCuWqsBYWXF6HpUUWg3lwyDf1UUShb9kgwDuE/imyPrYtaXaIy5/htWt0Upy8f9punHj/usRmEqt3A08jEnguuboYxpIDPCKVaxXp2XKHt1WEQ0H8Mqv6pMdzcmL4xAsrM40MHJSDWUCkXgxPkqO5JQs4LlRzGiLC4IDm0wzdjbi/7uJ9QjFmdzfr00YCbF0nd5QshFgFiVjLVNNYnTqSJejujgMBv7CPoaAKLQ= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: b547e51a-12da-44a7-c0a6-08de70a3c3a4 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:19.8429 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 6b98InFKJgSFU6d1Mx2NDrzP3tzDM+8r5FgvqCy8vcnbOpsMP9VWVUKaB/FPP01xMfbbLtAEva1rZR0pK/rPrdRmvVDP4HIne038Co1xTXo= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=qzjdqyYQ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Signed-off-by: Felix Moessbauer --- meta/lib/aptsrc_fetcher.py | 78 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) diff --git a/meta/lib/aptsrc_fetcher.py b/meta/lib/aptsrc_fetcher.py index 37c84fa7..5cacbec2 100644 --- a/meta/lib/aptsrc_fetcher.py +++ b/meta/lib/aptsrc_fetcher.py @@ -7,10 +7,13 @@ from bb.fetch2 import FetchError from bb.fetch2 import FetchMethod from bb.fetch2 import logger from bb.fetch2 import runfetchcmd +import os class AptSrc(FetchMethod): @classmethod def create(cls, d): + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + return AptSrcUnshare() return AptSrcSchroot() def supports(self, ud, d): @@ -92,3 +95,78 @@ class AptSrcSchroot(AptSrc): finally: runfetchcmd(f'schroot -q -f -e -c {session_id}', d) bb.build.exec_func('schroot_delete_configs', d) + + +class AptSrcUnshare(AptSrc): + def _setup_chroot(self, rootfsdir, d): + sbuild_chroot = d.getVar('SBUILD_CHROOT') + workdir = d.getVar('WORKDIR') + uid_base = d.getVar('UNSHARE_SUBUID_BASE') + unshare_cmd = d.getVar('RUN_PRIVILEGED_CMD') + + runfetchcmd( + f''' +setfacl -m u:{uid_base}:rwX {workdir} +{unshare_cmd} /bin/bash -s </dev/null; + tar -c --owner=0 --group=0 --numeric-owner . + ' +EOF + ''', d) + except (OSError, FetchError): + raise + finally: + bb.utils.unlockfile(lockfile) + self._teardown_chroot(rootfsdir, d) + + def unpack(self, ud, rootdir, d): + workdir = d.getVar('WORKDIR') + rootfsdir = os.path.join(workdir, 'rootfs-fetcher') + extractto = f'{d.getVar("S")}.dpkg' + bb.utils.remove(extractto, recurse=True) + + try: + runfetchcmd(f''' + set -e + find {self.localpath(ud, d)} -print -type f -name '*.dsc' -exec dpkg-source -su -x {{}} {extractto} \\; + find {extractto} -mindepth 1 -maxdepth 1 -exec mv {{}} {d.getVar('S')}/ \\; + ''', d) + except (OSError, FetchError): + raise + finally: + bb.utils.remove(extractto, recurse=True) + self._teardown_chroot(rootfsdir, d) From patchwork Fri Feb 20 17:15:56 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4897 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:16:36 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-oa1-f58.google.com (mail-oa1-f58.google.com [209.85.160.58]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHGXbR006506 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:16:33 +0100 Received: by mail-oa1-f58.google.com with SMTP id 586e51a60fabf-40f04a08234sf8682273fac.0 for ; Fri, 20 Feb 2026 09:16:33 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607787; cv=pass; d=google.com; s=arc-20240605; b=BU3Or7SS3x2CytT1FHHSmGA+Q55LauiP7ejYQFvbJUaAjzUhpw5gFbODz6IPF01Vyx nz5esgtHT5qhoTIwnKg+YtIkS06swHHQiiITtuzCdKHrw3Jkhc9ENsEBDCZj0DTokQWu 7SUEvvc03G169qqNe7yi2GDsSw5oaMpqNuBviTxRLk+7P6NZE98LuhcSP6R1uglfUU30 9XvhZNYFscdbcN2Xre0qWBqfqivOE/TngCf0B/IpzbU8jhfsV2qJSuw2P+qkamCxcK4E Std7+/RMceJxSIJEaImaMlMySUoMJh5+15sfMeVBkCxDLAeN973DC4n+4Dcewx+XRP8J H2/g== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=+AuT4BsKZ25wPhCczDWtuuhrIkHBw12JXsbhtp+XgD8=; fh=tFDKPnAMWMSG81Jt+N5YS5hiLQN/DzHe2Yq+uVODxUI=; b=a7lilpQ4WLCtw0sA6/KtUxGncIWZTO1KeEA5JHzqniTJ5ME07QoJ81QqcdBagCIeJb BfUUZWhUtNMLt6wvSBoOP7nFNV5dDnIGfciFDWxjfRjVO9Fi5E4vqhhXiGdxksrhYVlk H0d2NSRCs2ZayjtFyKzrSEI9STiwZDR2FrxjiHzAchLJinuDdl9mJ/NtWT1ON8/ygND4 OwfJKWKRN8DRseznzX7avZpdA6rCrU0Ae89YimHD3clZw1Do2sHq03O7ghEn7V1cRaJ2 hJMLW7I0g5YH5Axvo1cMnaVDyOcxuBiUVBok6PgU7HHN3OqCMezzY+0VhvlubuU/yOp4 Ls5A==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=r4PfVhC1; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607787; x=1772212587; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=+AuT4BsKZ25wPhCczDWtuuhrIkHBw12JXsbhtp+XgD8=; b=aitYBh+1D35oETNhHdi1vaTu597z8PC+war5E3ekXtC8/uK1XLLMVdrTOTIdoggH1Z KsY00hZplscfkynnr+oDsL3eNnnhhef9s91EeyTmJhk3DOP9IK9p/8PHRNchh5aYJOgF uVo48nxhyiDtOhn0jR8B+vxjCwSqwtQxngyNH/srZNaOmqHo+BcSR4+IVpULsBGwozYb YffLJdBIloi/EuPhZ7KYP/ZDlP51li3VORL6BOeY5NsTN9TG2Hy46kDyGsht/n7Z8JXt z0AzCEo8u34eW5EFR6rR+WXItv8kjOWAr3iSp9P8royXao8/c9oDfw+/VTABjQG40fzC GtRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607787; x=1772212587; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+AuT4BsKZ25wPhCczDWtuuhrIkHBw12JXsbhtp+XgD8=; b=V6wDT0K011k9jy5dj8bIKFjIOygmrKeOydt4q3baAkZHtvyPGTtsoBIborDi9c/3y/ TnO2DWy+PthleeTTIIaDJnK6YQeB31PIn8JgrOCXC04aPJbThC3Q5oOL6GxSOMj2SNl9 247BHaxYDgB+EIMrMY7UIXmBjtOXC+sxk/JzrlR72N8H6HUhkBUqtNl184HEJBd1Nqup X3v31D3LNOUzbzaD7ka/5QW4nDEmFUHfRloZbO46wGQi+w+nQIRcjtR1/NrAjL853H9h GsoFywe0sW0tZre7e4e17r05O/pCVc0gPKNwvBfO+kb190Pw0VLA4Cvi9dsSjdF+tUaA TpDg== X-Forwarded-Encrypted: i=3; AJvYcCWZgHZc1RnOgz925et7VT02jOUIPOW8uTPt4vS1LcqQZ2U5vbtzn+6uVLAZ2RjcRcu25tVaF90=@isar-build.org X-Gm-Message-State: AOJu0YyqJLCIU05rCG/IcYiV6CyNwDr530Rv5ADHXmp+xj0/6agjvkJm 7i8qbrT3oD+4+KrceCdNAKmyex5t99b8LSyPz/WNIWDIC9ysw9iDDh7Q X-Received: by 2002:a05:6871:ec:b0:409:4e12:cb44 with SMTP id 586e51a60fabf-4157b0b6906mr263333fac.31.1771607787393; Fri, 20 Feb 2026 09:16:27 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+H7FH2ZDadIRLz+Ek39X8sGX0XSKFd9+YjaG/kR4N9LSQ==" Received: by 2002:a05:6871:3301:b0:409:6328:a767 with SMTP id 586e51a60fabf-40eca620de7ls5912586fac.1.-pod-prod-04-us; Fri, 20 Feb 2026 09:16:26 -0800 (PST) X-Received: by 2002:a05:6808:bd0:b0:45a:5584:9bf6 with SMTP id 5614622812f47-46446340ff3mr356863b6e.39.1771607786167; Fri, 20 Feb 2026 09:16:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607786; cv=pass; d=google.com; s=arc-20240605; b=ToSRkgK4Y+T786BIle4bDNEu7rlRuPqcml84AjI0hxcndNWmYY7ARLKPMP5iVLqApX MnDoyGKOTrTKk1HrGi2J+fB+vE2vcUyG0PwlqkJSHDm75M/D2To/KMw6m8WjVoZ6ExfF iTlm0vwEKjtlCp2a4Lj27ZTwFgoRwbM9cEH+Q42nQbRc5fUGkp5+nWFPddQMkJ3aSrXx HCbnTtWTqTigp258D1DzONEPh58D5tyZtDfOwgLIV73/JYtw50Gyj6NVoB+yWjUgEoQ0 YaPnLdw7KnnZWS1Sr9gzRcK4R0j5aec+G9WXpzWCi2ts792UQowwsLDdA/nZb9wYbbo2 uHIg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=xj6SP4XqkPLd9eNj5WeG/xUw+MO6EJDGYmmMWtHruD4=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=bHp1J9wmz/eawuo3zCewmClhohlZZM8EC6yJSZrLqEII3SGW0KzoVJRRuveb5+0/4i wg1mWG3V7yeZLtEpfehj9AOsmfYmmr1NIAAKrEfGhy1eRsykSUeOx7vf9iY1EpMajj61 HId3FOP+bfodgqOSl3v0QG0kUJL9K6VpXC85OjV1NoXE5n0PD3JHWoPGBjEIRYemmlEr fiAd2pfsrrYkjaIxlie7O/hW0k16oo9N4Q2ycJycZasD5hHE6s+FfRxqp1jc5x48FQn2 FEMwVpuckY2fFSoa/8pIIAsoeqmeehbPd8S5MoqMRYsdXUUgoF8P/85eafDrSnwD6tGO wmoQ==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=r4PfVhC1; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from DU2PR03CU002.outbound.protection.outlook.com (mail-northeuropeazlp170110003.outbound.protection.outlook.com. [2a01:111:f403:c200::3]) by gmr-mx.google.com with ESMTPS id 5614622812f47-4638c55a742si743986b6e.0.2026.02.20.09.16.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:16:26 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) client-ip=2a01:111:f403:c200::3; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IVJ5w+mee9JbJXPkKb+S8UK7w02IBNlSOidDFM0fqcdbxQa67l57DjKek0cd3eQhw4EocrGgxjDd5RYXg9Z8dMayluHkKpy8si2IztwgToMPcfNZrNoMVPzihb8X7TWBPOaR0MH5HsXQQg6LRKDe10PyBkpgoLQ73wSoiRH0sfXCsghra4xHOmRxgC1A3X0KQa4lJinyG18D53FXeZNfGKd26TzQ4Wv3028biA+lM69R3LBT4abqp5iqE4EGlfYI8po6lVWNTeLigvn+zpVWnBj6lsQizPwsw6IsPacXp3o3Ppb55Lp0fB8a4i1lBgMfYY7dOVaC5JxewFgui+SMIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xj6SP4XqkPLd9eNj5WeG/xUw+MO6EJDGYmmMWtHruD4=; b=cPxVvEPTYwM7w1bGM7RJ4BivRLd4CvBzlotesgRmS7KCovTlXgtFnLrjMrYNB0jUs0XryT9S2EFJbqQL1DFDfZE+O11C6PKTfpJhPTJ8eVmuKnDz12h40nLc7vzT71AYHL/YSLaIh9gHKU7dzx7phrP2mM0CdbA6lB5JLSe62BKE0/XU22ABrw0mYmDis3gD5AAjF3yuEiR8iXf+2ckYCBZn4S+h+56mAYk+BwyVoU4Zr8tAjXbZu61RXfeYEW10KCkzPJw7klRxnxEGUusLUooX8IwBCbaZKkRPER8VwmIKuA0LABdY/Tkw9z9HA/+/ExIjLAMET0zfcFhV6i3wcg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GVXPR10MB6007.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:17::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:16:22 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:16:20 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 14/19] vm images: make compatible with rootless build Date: Fri, 20 Feb 2026 18:15:56 +0100 Message-ID: <20260220171601.3845113-15-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR3P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1f::22) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GVXPR10MB6007:EE_ X-MS-Office365-Filtering-Correlation-Id: 80a55d69-962c-4ced-5917-08de70a3c403 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: TdXdj9fc+rwrB29bl3Aq1VjBkGIGxO97SclOkBRmshuDaJxMH5BT1NmRtEIiW+EXClSA3YUjLlPycTGMQwLvE0MuMR9t9c0U9ZpxN/B3zahBCHoc5hQBKjjB3p6AI20PET7du6g3UFu8U6cnDw69OndE7eQ1lrwnTmf1KxumN2NmgpuhzQAQQ+59jaUUNsnrznmH1gpg8ydFZT7ionzJNokNLlBHSZoCjTGyovOozjVR3aSH30irMbIfvWO3AZxWxooWBgvSqTbo2bluhn+Z41yv7r9JE69unpQhrGKeS4e8ErxxZafJ2jix6DgZ/unhyRo1GR3EL9j/RYQMy/BtsrvjUGk3fEVp641/A7mXqj0FDCT014k+W73MhgkKBCFwtrEsetoi2EDO59RRlL325XRd8AUzR4vzLRHQ+ZIcMK4FP3utEy4Zh7f636LB72cIMq/z9BnFwXpGtsIanDtxcWG/Ig+ytkRFMyTvItPWbUUWBQE+Tq9pmq+urv5bAeDXd4YtIBUofXPtexZ+1f9T5hWKc+Pv7K6/JgsSuwSTrgfCqhJJMV5/4wppSCgoWG2NOfl1H8ducYtkg3bSP9CK0DSxQcfwDhqohmtPHDMyoJn+kUP1uW2lGXK1qeH8ZYgwYAZg/u+VxUtAi40WBUNvBaUlXgePWjSq9ZbbejgevjWIwHQpMcyFsmirZpVCInChrlRr52F7FwGaApcJdHP252f9GI/pO9A+3/i2zcbxusTpC/K44f5djv8oHIEPsP0kiyFF2Z71ahCC7+6q57sUiAMb+tYSmdINWzNFYCbdIVCHZ9LWVYmF8q0WInYLtL+LtN6jLLNRVQEPXmn+nOS0M8qi6QDL8Jj3AVy4cXK+3aFuQROLp9NP1n9uG8oe1yzoi3+CV42ZtY11976dJUzXY99ReNBV13j3s7uvoN3a7WAeKh1+d5VAxGwiEhmxdyDg++Y4lJP2iH53y8tIOPSPg0dmho7vF3byxnjmI3AvogEgt3Fue1a6DBxRDDg8NN2+hfY1Vbd5RTV1jEjyN+jK0q5PTkIRJSZgGvEo2xO5aQAzYU5XEHA7lLzGMmgdUPquzxUDIZrOxU0iOWupwd+cVT/FGzbjkZ5HAWUhf/LXx9iFn0NdpufEEXDclpI0PpVcdMreUeqv0LcOpU4UKRNvN+1ZbSpZJzMDnTDRqD1dUmk7BMec2yjakYdgJEkI0SQb7hyT2KkNf6ma3DPk0WEvakBMwAUCvsBuarxYFdWsBXnNKw13OMnxJHJPQc5Sg81/OtzZ04ExBbEAREQ+oTzENP9zGIUCjVNMEBSpoAGfbcCu0kuJ9dbJRpBqjWihLsvxE5QcnLxtWWhPSx9tB7WpTeipcEe/lTv1ztzozm23Q2Hf6fz8S3VzDaLquE0u7K3F7oZbpnT430fiWGUdX/1qqJMYXe+Q2ejAib5DAztc4VCEyrQgOw/OakpdhsVaWcPz1fk7NKOHQqaMsTpdePDJEK/Ig3m/ogJvrt60FYLKLsfpok8snD8zGpBzumD49fM8YIvV/wrujxt36LDlkRUNMZSJwXrGz6bI3ZjESaoW8Po= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: UUE+FacebCotYZhcuC7USl7FzWIca0HPvco2aJy1P+2SDcsmm1a6Fmd8AF66cD9vCIieymzqgqkgXc0TdxnHFHkz/Q088/49cHI+zg+M19WEu8X/KHGHR3S3ypg2fDWCYl8SlIWiBmNC+S37FuZXmvs+0NrxAyz8RKk1q1+guU9PiyEip9UWRr1+NsunociUmvwAbhvQOzXkQEDoPsgTo4HLm0H50UBIcBdYkcyrBfKa7+3wnJOcUXO2yJBLa0u+W+mHr/hh2cwhXxaVYBavsrzqzIcvd4nMWjZsLuBzl2fwqQMb4HX2CYD/BRR3fcUvZDh4sotKT+Ogfzfazfor3bBL9L8FMUp8H4HMW0/NDIEcJjgPjQW6dEO7pvnpAicrHJeI10bES1NNDLcP5nB6rswOjQYxkCryxlKLe9j9giz95FaOu+pgMCJXYtJ+HAY5lhw4e1Ui6fqbRQnXcu/k0KTlyx7PE8D7Ub/fdqXofROUpSWaJwvEe1DrWdKb+pRLOIf/7UU43B28Kq+z5Oj5T8BxBXxTw9NnW2aeK2uF2ZrkTs58N7uLw9Sh8h0ZrpnMO4/a69tY8JFMmPAVZjATA5024x1P4RTve0vD1//S1TqxMRMhZz7q+4a/gB8YXh2nyEBjQKTiG/BUjdwTO/xM1T+xWoAWEjeJXcqbOchRLDPvMzFaNtJKdoluji/0f6isaq5Ge23+yawX56D175iAuUS9J3eIIBwqyASWcktbokd31QGIyFbAiOykhjDM3il7H29DF5YhMWdm8v1WswfWIBLSTVZDpaZWVANSthZhQsW2ig0L091SZOtv4J+awP7i2295A5UYl6n49R0JLCFbqTEJ6VvI+KdR5LufUmEBltsc+zfZoYaXrmuqvH55ZV8gjj5/mKYS9c6yovcUNMSLL0FXuXjnSOOg9W0Z3+HYYsG1nxiaIrZYjTZj+JBwgFtZViSDDopBAyXQIo7rs3JDVcU7gG63HRJejR5TKBKpJsK4aMy7LcT6kMGbGQNuJRxJPBBrc33nFvJ5uavphGGyQNYjUqvx3VIb2xkzIbqGaz9Od5m2pJChB6mbMmqvgRp7F4qiH7ujLMY8l2ipdLjCCgKiULQX5OAKqN+aM5NUSAMvdcUoTaAQr01T4XxkotAI3EOnTkE9mHHKuj+09CO7pi50uCWkBROW6P6HEP7xbcVQThat1wfZIlS7fvSZRszvVH68LLuplhQ90c9WLewLIxKbsIXrN8bhDhxQCYhwg9CtONt8Ab6NorLLcbLfK4OqPG62Rqlm95OothVIZ3/xcbMcoYIwc1B8/SAg8RWHu/A59WtMjWIEjA9xgHq6EBXigYTcnNKDLzAaa9uABes3yQaPdYfh8FzY8psFWHiORPDBvEX0fr9BrukACpysofDgSKJIUcNxuC0ng/iBysNX3dhMRRtX6mlLSJf6ewguK75Rr0ohHhVJLtMRHKNWddJFtbuBTqfmF6s5bDykaydiGaNnwqnJvMFNt25jrOg+2rTyMnyC9qeSlh5u4jGXzRjYa1EOHYe3cLMH8jbJEMQkmfEI6ySf5u7pyoMJRir5smxYFzsaM7dRLzjMzWRs4iPiPRqx7peb6LRq3TepmNxKoOrESx+VI2/Nl4KXDTNdvF+zSUtKyz6bC0kniYe78QDIhSWNr7L6fTa95C+tRqU9GxdmnK7cXTIsacQVWcO4yj0F9BSjmuIBTcxSZyHltO1qGdPfSqcGTvsQLq0AnzOsgZq5gLD6g7inOlTP6XRCVNY= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 80a55d69-962c-4ced-5917-08de70a3c403 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:16:20.4735 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: y5d5wuAdJIFT2YP3FZCMs9XldWO6RtknPGji+Z4HnQzxtX1FZ7mMfOMok1w2PRLc81htERHUBI7kpnR459FYJ2Abg4NSeiHdt4Ds2UXN2ak= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR10MB6007 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=r4PfVhC1; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c200::3 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.1 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS, UPPERCASE_50_75 autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= We rework the conversion of the VM images to be compatible with the two-stage deploy. By that, they can be generated under rootless as well. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/imagetypes_vm.bbclass | 29 +++++++++++++---------- 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/meta/classes-recipe/imagetypes_vm.bbclass b/meta/classes-recipe/imagetypes_vm.bbclass index 4057361e..3f914e4d 100644 --- a/meta/classes-recipe/imagetypes_vm.bbclass +++ b/meta/classes-recipe/imagetypes_vm.bbclass @@ -19,8 +19,11 @@ SOURCE_IMAGE_FILE ?= "${IMAGE_FULLNAME}.wic" VMDK_SUBFORMAT ?= "monolithicSparse" VIRTUAL_MACHINE_IMAGE_TYPE ?= "vmdk" + +PP_STAGE = "${PP_WORK}/deploy-image-ova" VIRTUAL_MACHINE_IMAGE_FILE = "${IMAGE_FULLNAME}-disk001.${VIRTUAL_MACHINE_IMAGE_TYPE}" -VIRTUAL_MACHINE_DISK = "${PP_DEPLOY}/${VIRTUAL_MACHINE_IMAGE_FILE}" +VIRTUAL_MACHINE_DISK_DEPLOY = "${PP_DEPLOY}/${VIRTUAL_MACHINE_IMAGE_FILE}" +VIRTUAL_MACHINE_DISK_STAGE = "${PP_STAGE}/${VIRTUAL_MACHINE_IMAGE_FILE}" def set_convert_options(d): format = d.getVar("VIRTUAL_MACHINE_IMAGE_TYPE") @@ -35,9 +38,10 @@ CONVERSION_OPTIONS = "${@set_convert_options(d)}" convert_wic() { rm -f '${DEPLOY_DIR_IMAGE}/${VIRTUAL_MACHINE_IMAGE_FILE}' bbnote "Creating ${VIRTUAL_MACHINE_IMAGE_FILE} from ${SOURCE_IMAGE_FILE}" - imager_run -p -d ${PP_WORK} -- \ - /usr/bin/qemu-img convert -f raw -O ${VIRTUAL_MACHINE_IMAGE_TYPE} ${CONVERSION_OPTIONS} \ - '${PP_DEPLOY}/${SOURCE_IMAGE_FILE}' '${VIRTUAL_MACHINE_DISK}' + export IMAGE_STAGE_HOST=${WORKDIR}/deploy-image-ova/${VIRTUAL_MACHINE_IMAGE_FILE} + ${SUDO_CHROOT} \ + /usr/bin/qemu-img convert -f raw -O ${VIRTUAL_MACHINE_IMAGE_TYPE} ${CONVERSION_OPTIONS} \ + '${PP_DEPLOY}/${SOURCE_IMAGE_FILE}' '${VIRTUAL_MACHINE_DISK_STAGE}' } # User settings for OVA @@ -78,23 +82,24 @@ IMAGE_CMD:ova() { export LAST_CHANGE=$(date -u "+%Y-%m-%dT%H:%M:%SZ") export OVA_FIRMWARE_UPPERCASE=$(echo ${OVA_FIRMWARE} | tr '[a-z]' '[A-Z]') export OVF_TEMPLATE_STAGE2=$(echo ${OVF_TEMPLATE_FILE} | sed 's/.tmpl$//' ) - imager_run -p -d ${PP_WORK} <<'EOIMAGER' + ${SUDO_CHROOT} /bin/bash -s <<'EOIMAGER' set -e - export DISK_SIZE_BYTES=$(qemu-img info -f vmdk "${VIRTUAL_MACHINE_DISK}" \ + export DISK_SIZE_BYTES=$(qemu-img info -f vmdk "${PP_DEPLOY}/${VIRTUAL_MACHINE_IMAGE_FILE}" \ | gawk 'match($0, /^virtual size:.*\(([0-9]+) bytes\)/, a) {print a[1]}') export DISK_UUID=$(uuidgen) export VM_UUID=$(uuidgen) # create ovf - cat ${PP_WORK}/${OVF_TEMPLATE_STAGE2} | envsubst > ${PP_DEPLOY}/${IMAGE_FULLNAME}.ovf - tar -cvf ${PP_DEPLOY}/${IMAGE_FULLNAME}.ova -C ${PP_DEPLOY} ${IMAGE_FULLNAME}.ovf + cat ${PP_WORK}/${OVF_TEMPLATE_STAGE2} | envsubst > ${PP_STAGE}/${IMAGE_FULLNAME}.ovf + tar -cvf ${PP_STAGE}/${IMAGE_FULLNAME}.ova -C ${PP_STAGE} ${IMAGE_FULLNAME}.ovf # VirtualBox needs here a manifest file. VMware does accept that format. if [ "${VMDK_SUBFORMAT}" = "monolithicSparse" ]; then - echo "SHA${OVA_SHA_ALG}(${VIRTUAL_MACHINE_IMAGE_FILE})=$(sha${OVA_SHA_ALG}sum ${PP_DEPLOY}/${VIRTUAL_MACHINE_IMAGE_FILE} | cut -d' ' -f1)" >> ${PP_DEPLOY}/${IMAGE_FULLNAME}.mf - echo "SHA${OVA_SHA_ALG}(${IMAGE_FULLNAME}.ovf)=$(sha${OVA_SHA_ALG}sum ${PP_DEPLOY}/${IMAGE_FULLNAME}.ovf | cut -d' ' -f1)" >> ${PP_DEPLOY}/${IMAGE_FULLNAME}.mf - tar -uvf ${PP_DEPLOY}/${IMAGE_FULLNAME}.ova -C ${PP_DEPLOY} ${IMAGE_FULLNAME}.mf + echo "SHA${OVA_SHA_ALG}(${VIRTUAL_MACHINE_IMAGE_FILE})=$(sha${OVA_SHA_ALG}sum ${PP_DEPLOY}/${VIRTUAL_MACHINE_IMAGE_FILE} | cut -d' ' -f1)" >> ${PP_STAGE}/${IMAGE_FULLNAME}.mf + echo "SHA${OVA_SHA_ALG}(${IMAGE_FULLNAME}.ovf)=$(sha${OVA_SHA_ALG}sum ${PP_STAGE}/${IMAGE_FULLNAME}.ovf | cut -d' ' -f1)" >> ${PP_STAGE}/${IMAGE_FULLNAME}.mf + tar -uvf ${PP_STAGE}/${IMAGE_FULLNAME}.ova -C ${PP_STAGE} ${IMAGE_FULLNAME}.mf fi - tar -uvf ${PP_DEPLOY}/${IMAGE_FULLNAME}.ova -C ${PP_DEPLOY} ${VIRTUAL_MACHINE_IMAGE_FILE} + tar -uvf ${PP_STAGE}/${IMAGE_FULLNAME}.ova --owner=0 --group=0 --numeric-owner -C ${PP_DEPLOY} ${VIRTUAL_MACHINE_IMAGE_FILE} EOIMAGER + rm -f ${DEPLOY_DIR_IMAGE}/${VIRTUAL_MACHINE_IMAGE_FILE} } IMAGE_CMD:ova[depends] = "${PN}:do_transform_template" From patchwork Fri Feb 20 17:15:57 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4899 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:17:41 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-dy1-f191.google.com (mail-dy1-f191.google.com [74.125.82.191]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHHdLw007020 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:17:40 +0100 Received: by mail-dy1-f191.google.com with SMTP id 5a478bee46e88-2ba8a461dd9sf40780555eec.1 for ; Fri, 20 Feb 2026 09:17:40 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607853; cv=pass; d=google.com; s=arc-20240605; b=ZjOVtyrIxOoVhF1t67YQWPhekJ3CUPcRlug3loGJvAlXhffHo7gDq/Phgm/rZd+uqp QjKe0uh/RASY9DBfw+zTMzTbbzRha0DNECEalFRZocHc/T+kIYi9PMNNmDSumw+Iu408 RQxu47ktxLbzVu9jskgP0npcPo/aIrWzfd0cPRYDriPXsFzptRcErUzxLsZ14cioijJY u81lpltvHHCQ5pIjKu/11do+/JxPmhsZ7j3VB/CU6byvkZGqIWntJSW4o0F2qTBHEp/L LBJ4gTOhGBdCS3OnYCRknPMDHqtFIIeWHbs1Wv4XJ2Ub5SdlEDkx2qXXdCDGiEQOCo01 ZEzg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=HRvtRZ36IS23o6Qw6gTo8AgUv1qJODvDBrxI0860VfY=; fh=/RV7ZtFB7yicmiyvbcbU7RutrS1mWa3n+mShp2w3leI=; b=NdGg3F6fF8+zu66v9rUPaPTpJvyHRszSLGCOTm+AY0Y83KNptxqQWOKe0+NRBIPFAZ YepWfRP6cFP1IxPJGQG+XA8E6OZr445DE4fjcM9WheHjvzJKwFCc6poaqEylHqyh2IhW 8lEdq21ydPJHPNMlAmI77xDAWoEj8ebunA6TqQUAdb1ph6IU5kBfj6cwoyMeaQ0NpT7C knTkyfYVWdL+RneU5bsoYw4uS2JEf3Sda0ikydNsFbu8E/7nQ8XyuYdis2sT+FWa/fuO KNsC2D3c1jhGQ+MRyNGnXCTOKZNAwWcp2wy1Wd/+WAZ+Hwpg6D+B9NUeZx+AP2Dqr+EV aViw==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=vwk2Feok; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607853; x=1772212653; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=HRvtRZ36IS23o6Qw6gTo8AgUv1qJODvDBrxI0860VfY=; b=UZvFDQNGE5hvG4ScPOx0m+r7L7M8245pIpGR97OFqd91TRlHXeqwvhR2WNJ8ZiNnPQ kPuXytW8lH1GEDFj9WSQWghLY541ozCRpgDKJ1kiQsmMiTHr11FgfYRADelHQ286H13w 8lbrQRACA71RtfIsHkv9WGMg5OHUTSJhrS6Y8coAA+Hf8YsRlE7UMm3RuVo5pd2Rd68/ W6gbTIkgZPHsbjYhjbNESvxzln66tz+6cv/Gw1vXxCFMEEQdfM+/+uMQrJkESyup9zIB C8aZW9oJH5fuBINSWX1dZvwHQmsV+2fxTlx637QqLwYolno1azIyBex6uD6zwjDtO43D Z3FA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607853; x=1772212653; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HRvtRZ36IS23o6Qw6gTo8AgUv1qJODvDBrxI0860VfY=; b=KrGAA+lePTLwgmK19r1r9WV/CRGRRv40WIkhkSQ5SGybDKCQxG0iObazjbos5v6p0x dtodJk/vo3oLB1j/GEDVc9f/NCnsG1CqOHSfZgdJV5vzXFW+smiN/4IIC2cSAI4wSL7J JM2ddriHSkQcdKMyUIWGDtsdqW2FdcOA79c73UY4/kJPqtvvoas3PmKP/xtTb3CYAj+O +JPk2QdnvjhnJAouBpKsAdWHE8zHTfXSD8YfnHqByuyMX+Z40G+u5nGi6C+jWUNYesBG 1MQG4p/ZnF215T7YJpKa2MsODfR5x5YPbv/ZR+9605RxJjJe2zRSQTREEtTtUa/dGQHQ NFAA== X-Forwarded-Encrypted: i=3; AJvYcCWCNns9qfpt5yxPuGgIGWW61b56xMwCkoT4Yscsf8hpVRE0hZd3UhKl81RRGK2QLrYIT7kUgZk=@isar-build.org X-Gm-Message-State: AOJu0YwXVzxiLPZx/HFIC47q40SuEVtlJw84P7/ssa6s3dK9QmV1AT59 a10U4y3Xuv25pqCCZqQCkTEVeFZmvXSOKnDmrwF7FntZMsYJYaCOOqQq X-Received: by 2002:a05:693c:3002:b0:2b7:ee0e:e9ba with SMTP id 5a478bee46e88-2bd7bae8d5bmr193219eec.10.1771607853180; Fri, 20 Feb 2026 09:17:33 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+EuCNvq6gZw13+C/7PvucaECSmy5bEG+BvszOEuq7d9CA==" Received: by 2002:a05:7022:781:b0:124:a8dc:e516 with SMTP id a92af1059eb24-127307d9005ls8704335c88.2.-pod-prod-08-us; Fri, 20 Feb 2026 09:17:31 -0800 (PST) X-Received: by 2002:a05:7022:1601:b0:124:11af:7b75 with SMTP id a92af1059eb24-1276ad41597mr145107c88.34.1771607850780; Fri, 20 Feb 2026 09:17:30 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607850; cv=pass; d=google.com; s=arc-20240605; b=VM2L0owd6b5s/YTLroJxZYD9eyBFz67syhxIT6Ogx5qPhcWEt8wPaffy5LhkTalhPW o+SZak4204OrQ3h+fh+vD/HkPxGG2pF3fcHX2Ojpn/Zz8wAg9D7WyqumDLJv6VKAI6Ci lPfI6FLRTwnfO/mzP9/tSSh7JpsKcsdDDMJpi4yZpCbKHVj/FlFpOi8kYLWClpvWUSQT QqdrRCKG8OeQ1oIApW6YT8vC/dOuwkzVRtg8Yri4WVGFnubQ3TqxwX0omB/x8bWqp6v1 9ypgJMAA4Ayekq77L/fT3dCmpKxi+VY9j+oExAjYf9rxypncZn0bCvZjzAxYyPcdDDYG xnWQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=CcF0lyT2gOaPpkPV6Wk06vKYicTKgIcdyfJuQMzpIpg=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=lCr92dAyXrTfFo+57u54I/TNuD1d02vGTP9C4YOwnVbXutQhFkWx1al9iUoZxP9kDT DU1EEglRbxxjs+WvRDgO7wzvZqMRg3wKHvJ/H9JzQjKu4xKx8pbv/9epV6q8wl3TnzlW 0qSjIEOvwVtDRW3maCEX5QKklIg5MN+btcs7SneowPS7T4ZbIgQztsN1oOgVLakN9/85 twxZLi8DlqSxAaA7fNchNsEoA89PcVIEbBkiFttdwT0QELt/fE3LcadgUGsru8t96PCl 5FPMTzB+4YyfWP+Nbt62C0I2kdGzuFbLNzwkkIY8C0lk9Da7pXaYUyQ1naCmgSqWbfVL tpNQ==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=vwk2Feok; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id a92af1059eb24-1276af6c2b0si1646c88.7.2026.02.20.09.17.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:17:30 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=orFdgA8IDiMryFep0YYnW9HZjckSuoeR7aaTB9u7FUVhDY4+kU7zqnhCUL6PHhfAcLkgX+420Sja8ZJniGIPzR4106vce7Sh5RZZM4T1YulW6W4DjA7X3sl1AlMCkVaU3c3T8RvngC9jV9A7VguBPuTc9cHedFfIp6bxL6r7QRBt6//JBkYm8IxwP1JcfG4plr79mURhWTroQgTYME54w5I6gRZPNVErnEXPRNjyROcxVR4QQ31VTqzGUVzG1v3Q2qGHsP14VHLkgLh+f/pabOlOOnXPZ+kuO52NreQ/4iGYNqvTRBtfGII+Cg+y0KrkkzdS10OjOfT0/racIG87Eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CcF0lyT2gOaPpkPV6Wk06vKYicTKgIcdyfJuQMzpIpg=; b=KzxmbyJu+veu5IP7SfjobtabCAS9WMqGs7fCDCDn2fxfBlvx9DsqZ1mRM5ZSr5ppSHykVsOeE5H/zNbhcZdrsgzWigmHBcQfnafRmwXNF+tdSlYTkxciSP0ovZMz+m5Qg9Nm6P8KHP/BwNw0WzHu7J0Wcj+D5A8zjOJbXJxj+yXLEgaSNgmcIYs7vthQPc+/CTjWPOMf0Zdv/BVVBG0/mAp1v18zwiMkGSQHpJWt7753CDsYikmPPLqU6OtNJwLdF3FRC1L7LqPk5EPnKp9jU94itLvoyrGl/Skd+4A70tPIwknwjeiOpHAeQP60G10qBNH9pbwqGWsYvsHQHwfAmA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by VI0PR10MB8381.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:800:216::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:17:27 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:17:27 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 15/19] ddi image: convert to two stage deploy Date: Fri, 20 Feb 2026 18:15:57 +0100 Message-ID: <20260220171601.3845113-16-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0161.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:ba::13) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|VI0PR10MB8381:EE_ X-MS-Office365-Filtering-Correlation-Id: 8252f188-646c-426a-2e80-08de70a3ebed X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: dxSZfJl/3hmxi7ub2UMrw6M0simoFbdDTiQiLizb61Vfy98kgxdBePqVXP1XeLZEgDZfN2nR+tDYK/bLJfsUkKlCCR4LEZWZhgHIvsp+mOXbIJzYj+r6cpUw6X8qX/QL0c6CeDp3opWSXes7ZxVCZZvXj64EbfH49wPz1BJFSgdvXXFxdzJEiJSTWzGKdZThsx4cu0RLRUuSVCIv9uIMK24Ayc65LP1BDtCFz+pRJbUq3+qX1eC69hIpJy8pBOx9fiFTeZH9cCtxu2/PTFUGz4xSX7Knwr58lgnECjt+V57Jvssz1bursUjtsBUo3fF1QbA+Cu6IJA8KNLQvVU+EyFrilV1B/HXLSAwNo4z2ZR2WluKtvNoea1G8kbVHjGCWRximN7Q659A1rq0+VPlCtlNQW/K7EbH2yzp9SgxeLzp+O8nXrAYclvY63UtignP1MhLEA7i9UuFHZH3kC+aGqD3WmlWPd5A2Vfu2D0szVI7BfhxB63VhxGi+Ec/xWqFK7o/ku9Jy0put3NB1Tk9BeFm7eiPCyQjIdmvIOlGBQFMFderwqudmcUTUQXZdjNs0/hMoQaRBxCnfks0MCTqrU9yxvo1dUPOwTxFwogEXtkO6OgOcT62X62TYomQrWSQexQgk5v+d/QhxB30mTLhwfhUpx+qI4WNIJrpBboAy/ZACpsq7EGzcQCBjGN8W0MZvfvfrB9BnWWgBLxXZM3mlLjMR40ZUgWDhK1PqFXqfscmOl5Sj/Ei7rwHjzpE/9T4L+/6/BazjNuUhMHAyQeiOy470Yiy4SH4D6mhI/D00BVSygk8BIo0t0oRbO4wyLHx2ODcyPj1CyMA+WpRAh+TXBgtglWQhqC7uVBiRS3FyIY5QustZctPjBgIkI+S9ZxNaWlh0o7H8RyTe0OtqHCRpLqTGVgAfXY8hNYFDXsK2qL8IUJhszxmd+wTjcdDkUHx38ow9IRF4B9hm0CB4KhsI4aq6/cCRYzvRSsFa5/DC0bXOBss9HeTBOUmH86vTXfe4bWweCra/Rq7ozWIg4SfZmg5djAtHlsj33HVJEEHE+qRLk4MwQ7RI3r+dcZkfwagHTmX2BmiVACuMmWx6fXUbv4i8htL2m9xQKI4Fm6D0mKbavcbO9cfc4BtCdOyXiqNqGYKR2WbRFDD/6Iu6lXOMzCe3bVaPulGPfD7XidKmhyyg364iyjBaeKgjwVNX8h38uzzJnbFE6ShzvhpK+ISVJDdnZhskQS4ewud4JCjQxrBEpifObOzrXQvZAPLokrLhcXpYZ8VIx4IMI1shQssMDnDV9G9T9JRET7D0kcdn080FW3zYNgFpRh/4ziplaBt1Q6rhRP8nl5gvI9CnOPsRdIGyY1J/p1hUf8T5mV59rem4lhRfisf0pa7TiTsA15vlEnVFq14+xRcaafhtCjcBEEst62KaP2vY7U4Ga7EFRhqMeEl/TSb35cqibsa95n/yp3NphIeHLt8rggS8mrbVA5QlNqusxPcCQVwI8NJxYOJn21RAXnwUtj6wNPidTH3Jo/BhCWgAE9GIwEcCT579EPfq/RdsynX/CTWVOFE/BXw= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: wdzRgCHBtL/gmzbHNMZMF1BXAq+lo3btvAAy5DFyC1PGywxjQBUrP75UNKGpQQahMNBc8FyxqI3PQ35s65yHGOwe47MERR32eb1VEHL/5GK1SfL0S1N0TBBzatcA9ao3VfdGL9uDE8IU1l/gKCSRGbyvxJ3a1TRrUoDNFQL4Xl71bK2aCrySll4UPy52wcXBBlTfEDapPi0UUtRJtxZltq97zSzuOQ+DUn96Q4PQZwMMVKXiOApMyTHvKDWkwk+noYtHnnnKTlDYPjwRj/ZtzwboeMT0DdLeg05tHZxVTzJJD/NX4EuIfE5EdobBS9wxU9Yt1eEu4OErfy3iOZ4+rGil++EVVE0h2PAOTbkAsluo8TuTHtWwNVfzykoRtncgenYoGf1wvBvRvgmdjya9JVHliztb2qnRiiRaqzuvoJ/SDqL7EdiJnuZcxEjb2sf7D/rBGHC1vnO+bTGI+dkNSqXVpXOmaXjFrpfj1m3a6SnOwhrwlYpdj6W0f8HIy3ZLR6UjcVPujnRlKMWpN0j5FH/4Os13LpQGSEEHF2f8Xo/Pc1QEZmJEWBGIdhjltIrvYO0p56fNeX0z3GN4Jlxx1/IVHc3tx7W0m1ezbFAozb9bKDta8nifNW5DvIIwFQNsvBue8R9drdAFwwPvBiLARuifyC0vQEinbbiBZU2aNrjGX3mj7OVjrrj+RvrDDEv/HNrx/pcOMbdiH1E8O1viU8sMBpYl7gthD6Cmqk4JLUZJrsgPv7irpX+Bw+B9jiQajx0yj596bHYgJ1trUA1FK9CzSNyZltiMYk3kkJhcelmRdYhIjVIvCF3YLPs86UkoSeZIW+xzJynfscJweWFDZgQRm/Fs+WklF6c90/KX0wfWhxCaVB4YJJKEIj8fpY5yBUrgNjBcodWakwkmLs/HmfBXtTtjujJqm049Fr3JkWrjIjFOLslQQKPvODKm7txcZnLfq6uPp+6EUFeIuUMX9zwPN+xEQsPAOOPK32GD1qK/a0Kd3jiRbGGBeCru0EstdVBCuUpKzzHl+cpeHi6k2CPx48enfFpG43Q7zd1+Cpck7yJan8Sd0HWxIqsX179I4Pz8UCjqmdEEYQREuizu8Q33rIf/5lSC6oKSKjLUn2crT4z0cgDwvWA1vXU45Ly1TrqBI12WGISeUv62h7LpRHuETtzpFpr9qaeB0uR0OFNcfZvmTEmcQjdGRfJ128UFTdEGcHs3nFyKRJRW9nJJzfNeilWNz8hWDtTw3hPkYC7xIqq+85Ae9OJhwFPdwhIMGFXZiBgGr2cxLP7hUB0JtcUmmCyOEb+QF/sQizfRm3+0ftKhau4z1jtmf72dzComseZFyA6EKpgxZaf3U1t39Cv/LVIT5uxEkramY5+A1JhSypSXZBikLTDjCIF+QHGPoWtz6K3zbMVyQpe8Y7Sy1omcF7zKodHqk2XhEVFiO1jyfnMdJonhzgzn3yiNVj/8bidwCwBysSWPnEkLv2Zpl3o5NdOdHsxHMDe+zUsTiSk222aX/LI1lfkrbFYzkeS4+jGlPd4+Q1zGfHVK+OsyqPOvprrHW1wKNjCR77J6LiwuNrwxOsq0fHAM/z7eCtHpCvSq4KLCJL0j728uxwskNK3hjZniIE2zzCxScuJ7l0tAeiUXYwSFgLHuyaAhu2RRS7TNPdO/eI89nwLllqOi9YQtJrUinJedr9WHiYC04pbOMhF46BNQHdVD6hoc8BZ5vT9n64N6fXtaXVaqKV9UeLSq0wXzAThLE16BV9SEH98= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8252f188-646c-426a-2e80-08de70a3ebed X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:17:27.4396 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: sjnaOPeu07HdjnkfZOiibXKkfimYZ4+IObiK1lKKNwQQ6Rve4sz9QCuMM/OunEfNaQYP+1/9ltUbC7+Ba/hHHcR3omYH/Yi1rudxz8wRqyQ= X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI0PR10MB8381 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=vwk2Feok; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= By that it is compatible with the unshare chroot mode. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/imagetypes_ddi.bbclass | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/meta/classes-recipe/imagetypes_ddi.bbclass b/meta/classes-recipe/imagetypes_ddi.bbclass index 0e45fb8a..7ffd24db 100644 --- a/meta/classes-recipe/imagetypes_ddi.bbclass +++ b/meta/classes-recipe/imagetypes_ddi.bbclass @@ -11,13 +11,12 @@ DDI_SIGNING_KEY_PATH ?= "" DDI_SIGNING_CERTIFICATE_PATH ?= "" DDI_TYPE ?= "sysext" DDI_DEFINITION_PATH ?= "/usr/share/isar-ddi-definitions/${DDI_TYPE}.repart.d" -DDI_OUTPUT_IMAGE ?= "${IMAGE_FULLNAME}.ddi" ddi_not_supported() { bberror "IMAGE TYPE DDI is not supported in distribution Release '${BASE_DISTRO_CODENAME}'" } -create_ddi_image() { +IMAGE_CMD:ddi() { local_extra_arguments="" if [ -n "${DDI_SIGNING_KEY_PATH}" ]; then local_extra_arguments="${local_extra_arguments} --private-key=${DDI_SIGNING_KEY_PATH}" @@ -26,7 +25,7 @@ create_ddi_image() { local_extra_arguments="${local_extra_arguments} --certificate=${DDI_SIGNING_CERTIFICATE_PATH}" fi - rm -rf ${DEPLOY_DIR_IMAGE}/${DDI_OUTPUT_IMAGE} + rm -f ${IMAGE_FILE_HOST} ${SUDO_CHROOT} << EOF if [ -z ${DDI_SIGNING_KEY_PATH} ]; then @@ -37,11 +36,10 @@ create_ddi_image() { --copy-source=${PP_ROOTFS} \ --empty=create --size=auto --dry-run=no \ --no-pager $local_extra_arguments \ - ${PP_DEPLOY}/${DDI_OUTPUT_IMAGE} + ${IMAGE_STAGE_CHROOT} EOF } IMAGE_CMD:ddi:buster = "ddi_not_supported" IMAGE_CMD:ddi:bullseye = "ddi_not_supported" IMAGE_CMD:ddi:bookworm = "ddi_not_supported" -IMAGE_CMD:ddi = "create_ddi_image" From patchwork Fri Feb 20 17:15:58 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4898 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:17:41 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-dl1-f56.google.com (mail-dl1-f56.google.com [74.125.82.56]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHHdZr007016 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:17:40 +0100 Received: by mail-dl1-f56.google.com with SMTP id a92af1059eb24-12711ec96fbsf62779549c88.0 for ; Fri, 20 Feb 2026 09:17:40 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607853; cv=pass; d=google.com; s=arc-20240605; b=dCGb8Cil+c+49D8+JRdCdCCEtX5AC28sGl0bZ39sVslOCpl/UbfNuO5nL+HcDWzUgQ vfZCYFxdx30IOgWB30h9+8tlPZGUBrbVc25PZs56TnVwHwrLGTAu4v39B2uUazo5uiwF 7euZcWCGrP1QjXgySVHRiJtAn25T3adltK+R65t1X0CFk6reyw2y4M7S7eR4jisGqkLz lBjGoTlWy9XBMLstBbNGhQVbCXia0llF0PNyb8JKtPjR8fUzUcApGzLTXbmHnnZXnzwF XWDXYrEwE03P4PnQdaCA4mNF64gWvfIJyxxc1jFTrMq53+rru4eP8iEaYGGzE7nLVk7A 6iww== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=kFUmmJ6Oxbct/GJKDWs8K6Lgx020J3y1Aw7nHtK7wA4=; fh=4j6KVxWjY9Mhnzlanr0xQILkuQTvX9fDQqhaSBYv+oU=; b=CRZizT8xjv6TznGzFVwLXHWq5PIvNykJWEcj7rT+QBNZq5faOAw342hXzS/wpIYnOF 9sabS+X84OM0BNi/y923oxWE+fyY0zb7WNnvarr+hkkXVtQCTX+Out3HO8Hy822qRyO2 XPBZfBEoFDcBXNX/sAfbxdJU3nn7k3aUgTve5bjCvSgTuEOFfbM4Qzyc3Sq/Pa2mhl/O lFLnl2XCdExkKVlZrdk5kXknUmIvDpOV/1/Rbq3ojxTmeewDB1TC67eyFNJQJavF6fzD JCyCD7ZObO7JP27gkjNl4a96yBsP99dFHcD9WWM2UpigWPaBLZvOL7y79fJRbFpLPrX5 8unQ==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=cJ8YuqBZ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607853; x=1772212653; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=kFUmmJ6Oxbct/GJKDWs8K6Lgx020J3y1Aw7nHtK7wA4=; b=ISz7EbYY3TUwTjdMBK+8Ov06XzDoLjpcTsnGYSfYjl1CZFwQgy92mxfNyapBt6vwWH /mbbV+KyeIGlP634/BScHeQt2W79DKFKdXMI4uCeecrlmDzFpA905U0L8RQo+XpLEF5X 8FjJrErVmvr6S1/ADyY70h7Hk8SCXXxPiIqqg+fepwqr5Fx5CK6l6YYTsz0TEGTBEQ24 8cnNpbRZA1ABv04XpgD9nPLVl9xpjNFUF4Wvcuq8pnYWWo5Xb9j2eIHat5iEnRByKsx1 AS5hKkygSKZGTB2MWLZtW5GoH4DXO81YUhQEUgnExq7yTXHt+NS8yDh1QIGZLlCD5aeO naPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607853; x=1772212653; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=kFUmmJ6Oxbct/GJKDWs8K6Lgx020J3y1Aw7nHtK7wA4=; b=jQ/YrXWdcGm/kSykrtceMovNStScECHIpbZGsGOscXREGmk+af3h4V40f/5ilhVhtv BD1kFRUJOegjiBzRGsyPCbTr8DmLQOr2iwgPBQ2gYcF3WfqMJVR11fZ+1yBEaYv65SHe rL/kgt7ia2+O74TKkpwdun3UrILFL95BIsQlVMtDltvbgmJR4bjdhEpplpHhSD3FcWFw t2SP9OQMfYdX/JpX1XeMtnUvaCccdXnAz1w3aq2ad2+akx9go8pvsKrR4W4R+dDBZFnF bZ/3rCi03/1A9Hd6aWq+SJrA8TPsvpzV+/OyWhs4LGgYj9ix7VwC4PekhC5lP64Q5IFX vUyw== X-Forwarded-Encrypted: i=3; AJvYcCXf4Vrq0UYXfMBlpHYHfKQe6IvNMHszmUObL2x/Oe67luiaJbrGI6nQw8AQLFHzhUDMHheQhE4=@isar-build.org X-Gm-Message-State: AOJu0Yw6z76qifNgfvPPD0aqP4bnXciHmH2f6i8YBaY72Mi4LXXVBghc +YitPkrliM7uJWi+gQ2bLFz98d0PLfIeav1zeI0O4lXWY9VE10Qun8Su X-Received: by 2002:a05:7022:62a0:b0:127:3816:50c6 with SMTP id a92af1059eb24-1276acb31d9mr142207c88.8.1771607853436; Fri, 20 Feb 2026 09:17:33 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+GmMrsJCYaeHZCpYrJZtBZnupBrRpX3WmIN3zHzTPszaw==" Received: by 2002:a05:7022:6291:b0:127:3c00:dbc5 with SMTP id a92af1059eb24-1273c00dea4ls5532470c88.1.-pod-prod-05-us; Fri, 20 Feb 2026 09:17:31 -0800 (PST) X-Received: by 2002:a05:7022:48d:b0:11a:4ffb:9825 with SMTP id a92af1059eb24-1276acb31f5mr172930c88.6.1771607851506; Fri, 20 Feb 2026 09:17:31 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607851; cv=pass; d=google.com; s=arc-20240605; b=X/iIblqFrk2+UiWKpep5yoM4NrgAkO1bRoojmxRTLF+9c5DatWMnsq1i5e6KNKZzDx X+QMkzuBYWZC32gdYYVmYwIp59RB+otTo1VOGAhnNCR8+30zoBV39Bf5yUk+MfNoMn+N HPEqACP+x0U3dCJ6Zs+z8trnKsB7Bzlx3ECp1ua7cFfkWJgTVoE5mBC/bjdWJxSn0j2q SLTUopEbIvJ+ZJ/RcSxKrpAjyX3cWUElxFwRVQb2/CwVTvw8ij8l8x3jpH+VgORFrf9N w57N7C2BfxRFDdMXxT4SkSr2tg/4fWbAKxciNBwgbkWp4QxCWdBTprtgo1czYmC5VYN+ N9wQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Fj3rGQgsAQF9ECdBW1kqKsrSZn1XST2sIWRJfegENVY=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=YkPALPUAQmheWixqIor7eYSLTpJUZ/PXTyLT1yZWOZgyReDOuPBgRLsmkDV8sGjzqm 2LvmrJcMMBevJtxP2w3ieYaKk0T/vz2oPo3dCunWWM53JlCNhQ73vM5IIfKRKqwLx9F6 bXYdPysB0Hokr4TfJPsP+I8h5lKsV9nLndEq4j4A0pEEQ9Bg8qMEu6Ev85kwR6Xbd/Js PwK/YM8paQEK6O7iBhmanrjLHZ0Lrt/hIxBq5OIMae4LySQeCwgw2rCz4JzzM9T5DZcq qx5ocI5Ik5GTi6g58ujMKcXj9w2wGpmqpVMN+z4bifkaUq6R6O/LYGKeNWfxlPlcLW9P WqFA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=cJ8YuqBZ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id a92af1059eb24-1276af6c2b0si1646c88.7.2026.02.20.09.17.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:17:31 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Gkc8LhM1Pa1YaxKQn0KOmJWU1xfoMnw5sBaNzIN/11RdL610l1Vv+0oj4/KRDKQZJEdLcn6NxrUvpjWWReO2P/CwpbS0/16vskBMD4OAUwMy93T/noFC1O/rOnf9fecsYO4upnTciYFvmxoDBFlTmQAbrSUiHB/ZkD5UkSn74jEL+JjRhV12MhcuD7Nzm4hwBB1VPVz6cqg9hLSqWSb0b8EEsy9CsMw8E1koHfzKW/Up+oumM4OpVireGrDouK8PYi/QdQOaXqx3DKXDuUKwatwHT1CXxRdxpVUG2NSyYHwkHsbrwI0lsysOP8Fup37fgny++3zfimlAbweWKJzuew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Fj3rGQgsAQF9ECdBW1kqKsrSZn1XST2sIWRJfegENVY=; b=YbsoAjVz6FYXiaB9Uqar6JlYVOnsKJYj1r3FfzxRIM1CQF2wAv3fJDAtAUmFowh+RHSqYU1mUtxKiGJUzUDFSmliLni9EXQ53QBx7sjHm0LZlaLQ8ojQKTFK7yi545rHf19B8ce8016EdIjJPwO6SB6TgeGk3AQCGCpeaxy2uWqQRl/Xga9eU7uveNQDuCd9GRuTmRvoAjueyY751BaXFmZmDRqTgBzhQpD9zCy4VmhurBrmsFzBpLg7kyjMrvCQBNC1TnigKqCwzXeVWC0Hpt0DC9F428q+RvYM5c81niy0dE2Y1hNugvrWR2c4IHHlAcipJlfmlR7btWNbh0PnIQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by VI0PR10MB8381.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:800:216::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:17:28 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:17:28 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 16/19] container images: make compatible with rootless build Date: Fri, 20 Feb 2026 18:15:58 +0100 Message-ID: <20260220171601.3845113-17-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0161.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:ba::13) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|VI0PR10MB8381:EE_ X-MS-Office365-Filtering-Correlation-Id: fa58f191-caad-41f3-1436-08de70a3ec38 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: wheuGgrcDFb7SjFfyrxdw+Wtd217jqBH8c9ookkySxqi/JfPHQP3SLVB4VHPWvz2kB7cgFOTn2QKVekfP3rEHp4cYIegIy7gUmcPf9xu1ag8pjDKTXMuRfwNaobdHBYZLaOmr5VrrcmbEkBMEtuwqzfcjWCRduYfIUSbxOWlJGurJ8ycleJfn5n+ARrQsl4PmwD6vusE9ygsrynxeWlTlgBVJ6Jl2sZVx2MNZbfOE1fpxp4BdkXOwcoccA8jzGbQp/Gs7J/LBbc+S+bUPXdGwGCBeSHon5auKIVcV7avy54HFd9WbBTF1PEePQbglM3iiYunio4ywXmyFfJ1YmOS1vG84GYMlLeiYy510EMORpMP7Rm0sPFsgheP4wSRSmrN/M8pqWlUQmph+Lf0vPyNYhxFgeH+GdmwKioT2l3QcN0x4jGR4RFFXdLxWz1ErDjb5wExzQymhaCxI0onecDKAzQMuUyaPuQTD/1ihRMwyekPJ3r2W2Z8ubdoLBe2vpfUyqKl8hVOBQJOAKJxfzvJfEGeM6AZsnI+h8lN9R5HI1XePQXUqGvd/7eYvEAqAGyo0GgVvSVfWhnKvNP/Ioy6SWOkHyjibhhER/j8ri0Drew/3II0yVNvbP611qMt4uqpDkEUIeHpeoHKqLYWe2v2LkcuwTox5W5ju1XZXHEeOYMA72qdgw4UiQJMxp8jeL8I0k2IlB7idh8PUGlnZFqfejhkiyKeuPPZqW8ht2oNXNe8KIFQbYBK4Tpfota1Q4RKpxm/xfIVawbZQBAtRpiOKHRrAXuHBr/nFAHce0576WRc6bXH9/REN0nKCHKPLdfrrSgdSdaXLXphkxh9TBNLJAN3Of1V7ux+67Pr4h4w1B7FoIRlYTYAI0Zi7ejE51Fem1zo+TjkL0HBTVm8vidVEUHQwHuwjZfH3JmXEpSt7WEN3UoXNKpyndykvuNGw1iVgdwbalwVq3lam1pmNLUMm5Q8mURrwusLAbIMGcYhGE+6D6GGKH1MVZICMVW38T23ipw/JAFqTD1hN1g/Z6RoIsvGadYUiDAX5KHTngOkBTj2vlCBWYCHCcmu+5j/0ukeOaSnOFMkZ6dA7PgAF0PWzlpW3rDZQdd9bP3f/xrfF1Hg3zIh9k9taeNVoAuLdta7yxeBQGIgOeB8he8+awd4iOjdCmf3w0FS0vCeFa9OxI+6/2+0eCQv6aJQduR5hBHov9k72Qp8UugfVYXS1gb8OszenxSiNzi+/55qlmLWM3bB+Kbtr7Q2IeqTeVJautdK9upnQX3Ur0XUTFyj9U1XyzfT7QdzKIAMpNNtqNd7ywFkSX364dfMt1pibDqY/fqNRtNLcV6CO6mQiVl/fwneQqF9MpgWC33/qKKB3d8BLFdCoFKbO0Lj8VLEPPzHGuMQnZDh1emtUCnb9cq6eC1xJoY/1SX1BtFHD/trQ7V7jfxnLfVvoOS9dYJbfZvAZoKxvxRmLzXInCmZ/PjN48MacxsgzEGJ42Dr6K5TF78shWHCx3k1QP9f8jV/FNMlCcyUDLqSek4NvqCwwIS4fJWtr0/OuZK1KqnTnGD3R/wrDKI= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: uZOyHAC3tA1CUx/YNhU08ZkFBu28FfDKFH3PP/7Sy0VIE2xuwVrWN4k1dZh9AL5Pk+U4/5wu0rM9lANH6vqkpuj0CYZqLDFfdNem0ySAwJg+qnk7laTpEfAcp/6rpJlVq9UpBD32vWGSr1cnDdUNMaR3GEcKnRcQyWsYElWoZlSumXismI7E8oPI/5utcb4alG1DriME0qpOu76EA29b9m8w6iV3XGnEIRCsmVR3yNniEqgl5rBkkjs3jIt5apv/ftA/5Fd0VigVJ1zB/SVFCcmRJw27skgiewq8APdhz4bF3uz7u09ocrXxl08hs8q9RzzPG7cchRFgmpmnDroliLT9n811qqKNs3Kh0mTwYoRo2U+Qgs/SJUz9dJHe1OnP3vxou/z38Crfl5qTsQ82+PO+gk0RBcxzPc7aOwmQOTgKZ93Togfzt+uCX8oh4xu1R+GjCHfvO/b+8m8ms/XETFwkJz0hDWMFRG3C4nrEU3NQU/9vMxMY5AeguxjWjYBkEoToOjdMpP5nj1eTopJOx9BGGPhmwZ/sehxjR5awfFpfqDVrNCdnIZTeZ7qw09xhGh7aHn7dMxi5hgXSG6CgKlqapoRm8jZsxGnnd4ZovkV3neFyDvF/hh7N6HIGST2XkdPcGUxJxcO3rih3si5ncw/0L+cRaxflyeDvYevvEtW9ELP39wl2X6fJnH3/KMh8D47yq+7/nMzLmLAQAf/yhwbtNFKWawdLYt1OPuPvc6MKWJR8VsO4D4VkulpW68kSh4UNTUlS2RY0+lMQj7NvK+Zq4Aq6BDYAorkT5fOgTiwKfrVsTlMXWs7dUtYN+umCLt9h/3vlnJR03422FbiNUwQoQu5DXfmYSPwYIsljzRkYcilQeMtgKnJxNI7F5XL1zupno31MV5tSLKngljlCbGhv4Ri1+SOIz1tOU1VLUS9Yy6mX44DEIqIUWD9j3W05l3jWkOhEdqjW8usBfcuA0B7xOg+Xxv6Hf2L37ZHByZ1olUyvAT7xBhxD/Gf/ULCs6Z+SEAjrKpe20v0NoB89pBfYmijm3JwAaSB3fOmoY344Ii59qdho6g31w9aaeIk4ZcktsfcKSd9hn+AsrkjLWTQeIhDh6d/hLlM0caEO8ret04LsiHHFDXGnh6N8UliHU9VOAxGzxFotLq0PLRnccCrgI1YgjZRqLv/txJnZuPSqAqXvlPMfsbT26xSQiQAr4OfxVraAvRz2kv7RO2J4TQ4r98DVtlflf2ZJ+VYhFJE9vygXqNVDbB+gPNnDyZadYRGgPeov7BScLrtIpRLTMob/ZTOa4eenHrwWJfx2WjS/ehcg896Zfy4i4Gsqt0OwPuaXRW6+RilahqzAbh5uXNn4VXJPYomN+svlZ62eR2ZpUY6GUnN45ROb6fJNrBheTJSxgqhdmN2HjcflAY8sm5QItozD4eK6DRtN+mErfZJXAap0RxuzdcNkHeGgsgPcn8u3aSM8UAeY+OiQec/YWr8oP925XfGTd6MycZrYOmMtH1fJtxativCqVpYB3V16KhvwQs9dQegDfN/Gm9f+qvOeZMyLjhp3g/fCWhPX8DpYwbh+tbEcApDcVGNEBKAFlmgv3qbea681ynssunP5mwu9/8HyiqEvr7oEq0DWKBoE52h8GFX72lYHpS9tTdFB1nLHZloUKjj3pBENawKb2vBle1Lnzp4Ct9T+8GXbkxrbRgL59cWTcdTTx4p45OOoQV0DBbLl83h4IYOlEwEcCwn9Yu9BwNCtiyey5JkPXBY= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: fa58f191-caad-41f3-1436-08de70a3ec38 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:17:27.9771 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 4xzF9/caEzAqcQjzvQabjy2Jtf3QFCpI1kZh8BMhgFIfxAoB7SzsgqQGUtQewXnOe0Vg+CetmQ8W4aBy6ri2na+p65Ez+IiGxGoJiQx/0pc= X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI0PR10MB8381 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=cJ8YuqBZ; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Signed-off-by: Felix Moessbauer --- meta/classes-recipe/imagetypes_container.bbclass | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/meta/classes-recipe/imagetypes_container.bbclass b/meta/classes-recipe/imagetypes_container.bbclass index b6cc4a14..615aa428 100644 --- a/meta/classes-recipe/imagetypes_container.bbclass +++ b/meta/classes-recipe/imagetypes_container.bbclass @@ -67,8 +67,11 @@ do_containerize() { run_privileged umoci remove --image "${oci_img_dir}:${empty_tag}" run_privileged rm -rf "${oci_img_dir}_unpacked" - # no root needed anymore - run_privileged chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + run_privileged tar -c --owner=0 --group=0 --numeric-owner -C ${oci_img_dir} . > \ + ${WORKDIR}/container-image.tar + + # on success clean + run_privileged rm -rf "$oci_img_dir" } convert_container() { @@ -78,6 +81,9 @@ convert_container() { local image_name="$2" local image_archive="$3" + mkdir -p $oci_img_dir + tar -xf ${WORKDIR}/container-image.tar -C $oci_img_dir + # convert the OCI container image to the desired format bbdebug 1 "Creating container image type: ${container_type}" case "${container_type}" in @@ -106,4 +112,7 @@ convert_container() { die "Unsupported format for convert_container: ${container_type}" ;; esac + + # on success clean + rm -rf $oci_img_dir } From patchwork Fri Feb 20 17:15:59 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4900 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:17:42 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-dl1-f56.google.com (mail-dl1-f56.google.com [74.125.82.56]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHHeJZ007034 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:17:41 +0100 Received: by mail-dl1-f56.google.com with SMTP id a92af1059eb24-12733e595e5sf2235098c88.1 for ; Fri, 20 Feb 2026 09:17:41 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607854; cv=pass; d=google.com; s=arc-20240605; b=df4bubmPeogs8qe8IjU+6TuaY7Jm/cS9XSo0gnk5IuFkzXWfCPwtpBmt5e1cRowqsa EOo6XMN3e3wxHGinVCvQOqjmMhUWOKxcP/ppiuv96coEuRGJbQvV76Lwz2bxR1bruhhU X2++B5xeIh1yxxmbENFtqM2C/DwltwisYPAjjQWBZXxCTpWY/BcWH1BnEoHp1wuoXhsy SYrx51+swdrnQPZYlb6qhvYd34JWnW3ckKFOtXIzIvy5BN6PwyW4WdW8ffHgLSSswhv2 FSNt2JUVKdClQyJM90zY6Yiwi+tZy6N2tZ407Hb7NKC8SKG9q4DRzYQAVquhmTMqqZrR XZAw== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=RyyPKI3j7AVge63TBjF4ZDrfV1GquLGa4NaAkJOyvQ8=; fh=eLweTbVqBND+JHAlnY9mUw0HfIGPHHGEpovR/QANKFc=; b=Qn1YbX1oP8Q8Y9AcRvah0az2OqAlqiQMDmqxzHu81VOZrpbtHED/v4sDzUDGGQ85kR BYGUfGUvqsJ3HoLvNcUBde+gMg4kN5K+xazUdjmLegTMUuAKq2Td5uBtNYn3lCWo8UH0 wSyrqTngcFcdEKsYpduQD0V7j+i0UJUWm3iBual29pihROsdEIm0J5maAqnREnvJiORs J6fAMeNNM8dQEWFECLw3M6aqHpPHuw/wTQ6N/RqkkhdINlNXlzRco7t1se6/NZ5Cxjoe CuR4jk3WlQ/uFA+xuSpv/7DocumjIP3ieQ2Qk/98aEhTjlSRpOwPPBOYFTqP4j/TOkG7 CCow==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="T/hfPyd+"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607854; x=1772212654; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=RyyPKI3j7AVge63TBjF4ZDrfV1GquLGa4NaAkJOyvQ8=; b=QmW7U3gcUCjowsdrCqvx0eQQ1LRPEXs6D7bueBc6f1bJpzWAkM5t3ItmVZAZ2dtIz9 BfzNh+RrWwVQkKncnl0KYvg4dI8xDyeNg2vLPNyktw377hpPzmZv0VHou2es6E/qMqd2 9VnRUmOUt/ta4qN993w8Tm9DjOuxgTUo878AIZn8S918vR3sNCeVMHsjI4FOBc9qiz8g AsuYpqgxF3Qxmy+n3ZcNqeM+QaBb2eAzskMaOaUQDSOb//Tv+pLpGdG5uv1KrjMOfLWw kUSvuHcGSV2x8f+gZ0tpTREPI8Um8pabZPSm3Fp3jg4ui2WqFRv10LZPGRDNZwKvBMK6 AnOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607854; x=1772212654; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RyyPKI3j7AVge63TBjF4ZDrfV1GquLGa4NaAkJOyvQ8=; b=dVwsfd7rc2o2+P0VIMLPinZKrIVzGHjKC8xjzr+5G9M2ihidrpezYArRh6iultBHoU Q8V3AyAN4PpY9aiTLUyCWC8dECkLjmq7OM+3q45t1aP0ysqXR6RX3ACbExafNfInEPDJ jUe5CQ5cYU46ZSFjsLX2O/8joAe+YNDRjkgbDGIwpCV/ijloLyRY9cGY3LNjupp1+kcy bdRWUNEg4aEX6+spgvDJSrIepqZikhoEmZN2eiQytRdbxVpqMf9Wl0s/mlW4UrwGSXAt gYSrwrW56+baQVFzAgu8Bj+KMo0BbZoOrxYowrp9OGFF7mJs1gMwgvZ4hROCkhCO1GwZ yBHw== X-Forwarded-Encrypted: i=3; AJvYcCXCC5ppVoS//y9qtjM33tUlerVcWFe1gxa6HWLHaqYHnys4BrtA1TMdUnLf3VfRufjl6Tu0SXU=@isar-build.org X-Gm-Message-State: AOJu0YwFfJnw/GzFsv9fVuMUVf9yfyoyaHn8MhHWsCvBX4oOplcos//C rlcfy3W3wVB3VEojYG092amP7p/t2bnYiZnWB8acn8IFZouLgME0gca9 X-Received: by 2002:a05:7022:6607:b0:123:35a4:e8be with SMTP id a92af1059eb24-1276acc047amr119813c88.13.1771607854293; Fri, 20 Feb 2026 09:17:34 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+Fw1NBfsUi2aEdPbt+r45mzoKwHMSntb6DLxe3GrAbLPg==" Received: by 2002:a05:701b:4190:20b0:127:5c6e:d9af with SMTP id a92af1059eb24-1275c6ed9dals73299c88.0.-pod-prod-04-us; Fri, 20 Feb 2026 09:17:32 -0800 (PST) X-Received: by 2002:a05:7022:60a5:b0:119:e56b:91ec with SMTP id a92af1059eb24-1276ad33b04mr125385c88.29.1771607852198; Fri, 20 Feb 2026 09:17:32 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607852; cv=pass; d=google.com; s=arc-20240605; b=e9tlLZlmoSKTN2C0WluVUrjIVXei2rcpAxk9IvE2Q10DK/YIQWerPg4HAifdCqoAgp YYRWxMuKXwzI1KF1HP1UxdwkXgI7S4BtGoAoUCrD27K2Q3/8mIr/nTfF6UNzE7PriOnb Pxb7mM1QJqgQUeboH8+vpGsRs8U71FNGb8FqjGI5gIhQjraBLrNGttdOJoA6U3k0tv5r SVqR+5vl4OO3MTc/wXD/lOFo2vtacTNLE/bXTXjgQnivs6xMxwKE94H4fZYxU8TR4Zyr V2xs4EqmcsR++V1Y+sYRjUByTKi5idw734SQpvOw8b27f0HPILlbzaFxCVAI2/ap4RdI RmdA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=K7u0GQfQ5cQtY8Lx7p9uCU+7mbvWZ/k6Nj0O6TdkHEs=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=YSZsH0KMwVy8xFLGA0YPSgJnOjzyDAbHsKQyFEvVp83CyGZncx50esTTcAW4wst/ax D6r6VBg49IRYpBY25DIskc/v9Mre7g6vP/2tPensQPzcuQTV6MNVLjP5Oy+ZIIEOyy0k JQ+7OfpuJKmPHUzWArwcHbWzhJdijG10Y0WpY2dgOMWff+hO//dMS+NdUH6Hzcp5tgaK Eo4NX/O4hpUjFnVfDXr9SPVzywg82Zq1/uOO+p93YWM45BtpUmFDW5GvPMSPycMVuFsG zzQzL440wx1RiqVgChNsmMw8sKII8+eABzt4xrezbU464IxGC58p5o7yNO2LtGgOr0jp /N2w==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="T/hfPyd+"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id a92af1059eb24-1276af6c2b0si1646c88.7.2026.02.20.09.17.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:17:32 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Fk+fqPISnH/dbMsl78eK/q2X5SxGgmfZx4ZUpUzEj091+Iu4h+MgDPc+erF66KQ0mIrBhmaTOP67TEYMZnt5lv6nQCLnk2IVmXYZL1o/Vmbs3r8/hsxRoOXrVopPy5FnXqR8aTDWmes+ohKN9GhcwH7JifuLaeB0fS+058dzZc4g+X1zhTBPuZxxM1cALyKB8Isr+XL1juX3wX/cWXhYjfUu78fiCPhGDqCUEcEJEpVQpFsI3hgOPgtaKJImL8IVy6KyKG+CmlJCt6YSg3HgQDDmMSI+XFDc0kX1HeEGZoyLa9BLvSEDm7WV64ZiwIFzk01YqpoeMMhwKFg0Fiiopw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=K7u0GQfQ5cQtY8Lx7p9uCU+7mbvWZ/k6Nj0O6TdkHEs=; b=GzPAnoGLeraHpFhzfXw0U6qjtZCFEHTY9Ks8ViHnI77RFQrvNRDvc2C8gCTmMgrnoRorePEAZ6H8E0NTDlIBJqHVIZckKLH93XA13SHmkRlh4MjBK1KkGx1AvjyYxkcxykhTuvzLCUXynTXy0Sv63/o9l8zcBY6DztcT9d/YJ0Ud3b2SLhbBBFoZBP+OoP70/S4WRlGjGb2F6UhkWq8akxnexQE3/Nt+jcGI9WMwxWibNtLOmTOB+dCiqjfGixo+lFT4dric0Vf5V31EXMKlwuAW0/IlmIx/UpMW+v/FBfbtTuWbFPsHYbtZKACFUkf2f+hSh0H4/C/vIWNqH1z96Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by VI0PR10MB8381.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:800:216::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:17:28 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:17:28 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 17/19] dpkg-source: implement multiarch support for unshare backend Date: Fri, 20 Feb 2026 18:15:59 +0100 Message-ID: <20260220171601.3845113-18-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0161.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:ba::13) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|VI0PR10MB8381:EE_ X-MS-Office365-Filtering-Correlation-Id: 7bdedad4-e527-437d-c189-08de70a3ec8b X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: 8NBvptEXxg3mmVS2LEM/ZBNV4Km4ziUTDs1AShXoVaRGYYEVpeVzTI0o9DxdiiOVc/oP2o6oz3eTVXNbChLFQriXsLnlFyGEPd6pklsF0JoE8A6cpQo+G3BEIs0IvdIgtiTF7zaufV3612i4hcJ2eQry1p4hqQE3tGe36W7JuaylU1+JDpi2DnJuXqogwjAjkluVyILbuRFhv++JxXauEz6kHNX0MEbjjAL9/PbzALHFcqe8jYHoD/XZ35D3Cxy/GJvsR5I8gxVLY0hU7XDnMviVdynSyuMz9Qop+Lg4keS2X0NLzsxB9YI5odYwCOLfx9+WVgk/7tZoqQuA5guM2pLdeRxD8HX6qdt2pBU80/bnfdHl2INEjqqqAqZH0Ti8mtjk1tEa5q1qqyi9lPj72bkbuqaoMjrefBp6q++qyqhwhd2IEobyeK4bIPbwBk8cnzolOrEzHIbnjww4loG0uNt0zhx6r1DICfO5AjCz4zk9YiypxZUFkemJKMp5ObtZfNVbouXv1MlXvVRLU9elngsYncx7s/9lGne2O3oaYChz4e0vIE5OFScVrj5Myzq3RJ6lOKMNAjN51USc0P1H7x84O9y6B2kXbuA+94wp9YaB5YD9hN7L8qjsAL7Ro9LvKZsFjOGda9AJ7qM77rZyd+dDpPvEn9Q34ZuBSuuWQdSwqLZtNkKsWNsIWNozDSh4ppIrhokEUIS+mJuNU+U79XyZcj46fhst0y6KMYz05RCEltP6kw6k/Y99kpI35+MavtIh8oBbr6F7/MuWyZPNVZTtvTwbxH2B40VBiT84DKUQB7xZ4ZJX/gt9uYkrpZDYG3NgCzhuYOLMj7HyxKglsQn+P+UIeP4Yc7xsQBvRGslYqtOcCI/PQl2Ivwj0FOtSUWCyk+J9nVeUQTAiyc91TnQkUmceMi8GDaibROhQk8iUGKekjqtqXhyEo39igk2YDRvqbofgbMLoqkcCeHgw2wCgVujv876OEUBA7o0kAXL3lsYfimnLtovWSLfruEd18bZcJdqx3cU9Isk4L5JSxw5TanmPJkc6QBWAOR72bPvGU/C7bBp3XwdUeOReN+9mz5jbuPukAiBrmhDHdI8OMqLJSOzk5A9XgK3DHjdp0SUPg0KR2JZFc+pvHdX4+HbnKlVR016Dw15/DUthIRSAq4AlZkjBcnsFh9dR4m4aLYQoPEg7K4K3+ZkV9oVXjZvrqXZKWsRKG5PZEGpYxhIcO7JGvMHvhkePadZFzP14F19HuGQrqNDsAppabh4ZVHP3cgCLI47aujyxs81DnP54YzIXYDELmlGaHbyHsRVijvDIEoCXYi0tbB90Wl3Yd8hbkByQpkGdpwZSXDmWb7x7B8+ah66jr3OQRbXZ5T7O96WYgqkUCb4pMZrUqASzNwbyZzwYwLGhrMwXdaL6ufdVHMzuudijrYBYr57dF0TlpYustLQ1gmMzJZuibfD26VR89SQ/Z5NYOr+V6T1q+5JmmtonA36ZL9BQrd6axv5NkxSfYWBZEK3dHsGLq+HCdAEwWQ/0PXD1hWV2IYlriR0FYfKSjmBecqcqKC9e+dPRhFQ= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: UsN7IgAKyfoBxLIDpOgUmfRccK/m1ny44d2gWTG0FufTgQ7Sr+75iIuVfUPw1vmbjxrdsMbbdlLz+3NCO/FbWJEH98FHi1sTQ9YbHnDQdROmBT910qGNQ6ZC0P9MYxLnGV2WB/ge+xNGei5PKABZ63mR4q0WcNEnHzgLuyxzSPDsRkEaUDbqZFZveFJtWtmnYtNxzWVhVci+qkQZLqVOWx+58WiKWdtS+BjfwhoAxOkjK+safLNEhtDGDN0fDj6t6u/5wHgpYx6uF7lDFZw2C6Hps1OG1mTbj5BoVFvQj8DD+/sFjzcO6xDl24/lYHTy/0Y9+koBh6XaFx7y2/z6Sb1oDUw8YgToILjuggwVqRS95N7B1+o6FFkG6jJuwk1hyqTAa7fMEhHttmNQlhALEihN/gJQT+1kxwKkxtW/mV0gvdJbKjsRS0l0moSHyCT48GM1BiLG6+Q4owZu6GAck3qVlJhzTQY73aiZSoJ3wVfNYRGlKKZ44IVuA7QB+GJTXSs/VyOVEuqBuoVZz8NR3dfJ2GSCymEb38qethrk23i6wmhp8scoyyhY2bujRlT+PMWU31aOYefuiXPAtezdjl5SHnjl5nWH7CTXrFA9isoSWwVpFHlTF7oCWEhB2+6MrrktxnBpLyymx0vm20j6kTW+TgTsPLZRZL6zkyo846skaBjeX/1waPnLqKuR0es4hE4zr+Vhj9kopzPuCAvgGuM70/6p0OUvZf/S5Ln21CSTcE46B/pcqh6c2lSXwUR1mdwFHRbN8lZTUEslUVnz9qxKegmYRS8RxYT4+5aWZVt+YQP/8LTcMGEfi7dfINUr2GsLo6FPkCe+4Rbg2wC8YvxeJCrtjFAmeUtp/emL7GhzhpAXxDsQ+4TLDxsOz2rhUfn3ut+gTrgl+bHKc/SEpJP3XbePx+NyeV+ZA8QlDyzFjapH9yl5xfbgptmLZ0HlLuUK07BiDLfhRxGYR/WK0ZKYQbH8uNHibh1JYtZSwy1dtGzxF07cqN9tvoAYsfhypJyP16t14XlwZPqhiluKJe0W32AV7A7CmL7utEmss+MqFY8pll9kUiJsH1X1iS7u1GYoziyejw0qM1+Br928bHrttdOr+fNIx9KeSXYmXopW2XJ3cBxGrRVRjm0jYLJqZHQXI25c1a0YZnxBY22SaDrTMyqPZ4UWgzGlnGbDTweQlnGg9avqdi7lkPzDDkz50PZt0A0N1uHuLO4xsogHvV5f1JeldiK67y2QAacz/zy5F15jJp0Pmtnwqx7PnwihFZNfH8pn3aytoRI2Sov1EggGfiZh0qvYtIwQcezEDwvDC8tVJyQBie04ObUa+HSVWKpyqz8pl+85NYrL7hnQfa4xokWr2f1POBaSuC5C4BVX3OXe3Q4o8wWwM2xHI/Wsw2pyY/fz5z67h2NrqdeEwQ928vKD722cOtj8hbBFznzTbVSNyZbQoO3Uz8UalAawN9/8s04Ga6DpJPMDmGH71eY8qjS3qS1B5ct8XdeJvPQ5QdHvwIarLjOss5gKHELJfq79iu/lBNox2t1I/jU0R0z7Rq8abAMhCSV2RjG/Kzg4HdtaUQTgoOgAIzbolKE0pMKCiUk3dqbLP/URqhpzL1ySqYDPoe4HzL+S97OnpGtQb+SAaaCe1EtOW1UdVRfsvLV0IirfttHsqBbxWKALLXW0AI924+/U2x3c9x+xZgEwxp17Un3jCvyzTKaO1jD8m7AwNEOTvbu74wAxgYP+GQrsgIQslxYRJ2RaFpwW55w= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7bdedad4-e527-437d-c189-08de70a3ec8b X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:17:28.5022 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 8Yy9Z1GAYV1Ym2vVf21Xe5j4ruFn//raVvMazWCHDwSmv08Rot7zdX1tyjo130zbZ3AMVnA0vKcTCPN+0JvVPXs+qG9ji8XSFJXhSZnVmac= X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI0PR10MB8381 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="T/hfPyd+"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= The fetching of a common source package needs to happen in the chroot. Previously we only had an implementation for the schroot backend, but we also need one for unshare, which is added here. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/dpkg-source.bbclass | 40 ++++++++++++++++++++++--- 1 file changed, 36 insertions(+), 4 deletions(-) diff --git a/meta/classes-recipe/dpkg-source.bbclass b/meta/classes-recipe/dpkg-source.bbclass index d0809477..5272fc39 100644 --- a/meta/classes-recipe/dpkg-source.bbclass +++ b/meta/classes-recipe/dpkg-source.bbclass @@ -52,10 +52,7 @@ do_dpkg_build[depends] += "${BPN}:do_deploy_source" SCHROOT_MOUNTS = "${WORKDIR}:/work ${REPO_ISAR_DIR}/${DISTRO}:/isar-apt" -do_fetch_common_source[depends] += "${SCHROOT_DEP} ${BPN}:do_deploy_source" -do_fetch_common_source[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" -do_fetch_common_source[network] = "${TASK_USE_SUDO}" -do_fetch_common_source() { +fetch_common_source_schroot() { schroot_create_configs insert_mounts @@ -83,6 +80,41 @@ do_fetch_common_source() { remove_mounts schroot_delete_configs } + +UNSHARE_DPKG_SOURCE_CHROOT = "${WORKDIR}/dpkg-source-chroot" +fetch_common_source_unshare() { + create_chroot_parent_dir $(realpath -m "${UNSHARE_DPKG_SOURCE_CHROOT}/..") + + run_privileged_heredoc <<'EOF' + set -e + mkdir -p ${UNSHARE_DPKG_SOURCE_CHROOT} + tar -xf "${SBUILD_CHROOT}" -C ${UNSHARE_DPKG_SOURCE_CHROOT} + + ${@insert_isar_mounts(d, d.getVar('UNSHARE_DPKG_SOURCE_CHROOT'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${UNSHARE_DPKG_SOURCE_CHROOT} /bin/bash -s <<'EOAPT' + set -e + apt-get update \ + -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ + -o Dir::Etc::SourceParts="-" \ + -o APT::Get::List-Cleanup="0" + + cd /work + apt-get -y --download-only --only-source \ + -o Debug::NoLocking=1 -o Acquire::Source-Symlinks="false" \ + source ${DEBIAN_SOURCE} +EOAPT +EOF + + # run cleanup in separate session to ensure nothing is mounted + run_privileged rm -rf ${UNSHARE_DPKG_SOURCE_CHROOT} +} + +do_fetch_common_source[depends] += "${SCHROOT_DEP} ${BPN}:do_deploy_source" +do_fetch_common_source[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" +do_fetch_common_source[network] = "${TASK_USE_SUDO}" +do_fetch_common_source() { + fetch_common_source_${ISAR_CHROOT_MODE} +} addtask fetch_common_source do_dpkg_build[depends] += "${@'${PN}:do_dpkg_source' if '${PN}' == '${BPN}' else '${PN}:do_fetch_common_source'}" From patchwork Fri Feb 20 17:16:00 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4901 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:17:44 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-dy1-f186.google.com (mail-dy1-f186.google.com [74.125.82.186]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHHhLW007040 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:17:44 +0100 Received: by mail-dy1-f186.google.com with SMTP id 5a478bee46e88-2bd2a2028c5sf3422149eec.0 for ; Fri, 20 Feb 2026 09:17:44 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607857; cv=pass; d=google.com; s=arc-20240605; b=ETseJP0WlIbwNU9QwGT2rpkFbdzhdhAw36G+viFL9H42zkIuJRtnW366ShFecMluzy 1qBkxf54s3Zbqh8mRAKaPV5coIpb/Alev4Rs9p0T8YdI0Dk0O5RkeXBr4uBKyEjY8o0N HgYmKTxWOWxU5bEF7b+tAlDbh99lknByyLxCBY5H8UN+/F9kg8ZKz2rf3+N0VXx1p3F4 ww/63Rg0iI8A0o5wl39V5Vx7A6H682f4g3CUre+Wg8vypWd8ibZdwfs8RhOG+VwOPTA0 2GqWnNQhXuYflXfQDCuGC0E/B7cMigrYgMHPerYHJRbL2VmpbrP48z7yf2OZe1RrLi5z zzrA== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=tDvDRwCMIMA1fbRm5l84BFytjT4sx6TzRGs00Ew0wMs=; fh=ixQWwuFzKVDu2GfkoXkp68adK3XO3Fp9wmrzH4SQbcs=; b=YIL56GuNFZrW1oe62eYN2Un9STokp0c3aw34qNy8ODHgLMw7BqJltnRDF41Qh/FXbQ GF3bWxacc0un8UMHghuGMl/+giGX5GDlBgMC7EQrdYFOpdVLAAu2w2iOjIkWFzwMaP8i am0vyqHoQT88iRDIwCuaOB7zzYb/1sebLBqQUAW1KxdB5ClEQ7MkJPOTaEcBd8NtRA5t rxb/kVw/l4sW+VbzORiTyVkZS0wvhvcg9ivW7brOAvIexEMWnO9jtJfovqFMdCv8XTA8 8DpaGIffQRvU4RF36jU9d4/18IJ78bPB7t1In5u0Hjly3vnRWVyObDmVl0875dyMxxBm OR3g==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=PPBGBpk6; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607857; x=1772212657; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=tDvDRwCMIMA1fbRm5l84BFytjT4sx6TzRGs00Ew0wMs=; b=YDKlADbS+9srWywelXIamWsi7BqX8mOCsh+FfuOndOAJcfgZG1t+Bv+g6G/YIyTu7+ nQe/MQSzfvcY1ZGAQp1Da9z0fEcrWLYQE8gX/2F4DOb7baTdNU5gfqREiPOdJEJteqnM jjnkv9cVwSk9B5xWsi2vn+0dKJIsRHkm6mh0uOFsHpgiGDyCU2CxusT50vo18SbjYfEP sJuCN60cC3mWs0vxVYuwvyJh6WToXpLpsXZvTu7N2x/kVa/7+IQXolwTU4ngsBK+leaN P3uKQCLfpFCJvOuAOSJjjdZO2S3RcuBONJU/lURoG+k67QxUtXkj4kUffnrcfp6G58VR 9VLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607857; x=1772212657; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=tDvDRwCMIMA1fbRm5l84BFytjT4sx6TzRGs00Ew0wMs=; b=Fm+wmra19qnzwFSA0ZiaIWav1Tb1kKHbq2NzALXGN1ECIhoM+mMvUTpP1IwoKeH19+ +ccJYRWfVVXtRqCL2qx80AmQUBzYf9CLz71XFO9H0foScuv1owKfKAhu7QVUC/NA4nkN SfgWI8Z4fjzsiddPd+DK+Kw/fFWhpjLW2MXTy8p7BfXjstmiuqTZ18BxOBlBPaVbHcoO Ydy3ls2JG9M68msBPdDK+BPvZQ74yADuwWnsnMmjfScMEDJpBkt5TbLuEr0REMIqZqgG x2DzZK14dQHbnJUvmwBn2UJVVzfOQWqmt2ljF8U7+tftXLAmSF+PxWXo7qS/cgd2f5rF HoDg== X-Forwarded-Encrypted: i=3; AJvYcCVFnCQkvoOYa0zMX650x2edIUQaRpCuYoHSvP49Xz4jYbVIgkgAcVLmy/FOGtgQTCShvfjH/50=@isar-build.org X-Gm-Message-State: AOJu0YwgOMRzzTVbyiePFUwxVXODfur8kz+9e5JRiLNr3vN7Mgra0yNc oKfz1yp2JYIcw5h+tGtOIuIRjdbMRy4ExM0ndnmtzrQZAt82eCujusVO X-Received: by 2002:a05:7301:9bc5:b0:2ba:6aef:6959 with SMTP id 5a478bee46e88-2bd7bd28200mr143474eec.27.1771607857385; Fri, 20 Feb 2026 09:17:37 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+HwmJ+Ee6kumCWTB8ussK7SVQktYbwUcLQnALSHITXEpg==" Received: by 2002:a05:7022:41aa:b0:11b:50a:6265 with SMTP id a92af1059eb24-1273076bb8fls4300538c88.1.-pod-prod-06-us; Fri, 20 Feb 2026 09:17:35 -0800 (PST) X-Received: by 2002:a05:7022:6889:b0:123:3424:eb5b with SMTP id a92af1059eb24-1276acc2866mr146701c88.18.1771607854924; Fri, 20 Feb 2026 09:17:34 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607854; cv=pass; d=google.com; s=arc-20240605; b=gHf2qd2Vidv01Aq3J2lLJVvx8RmKPes0xIY2E6+fKquBLMfBTMM81XuEXdlFowXzY3 x6fJDnOchIZBj3a0JCNG94OBIg8F7ch4mh6/3gm1eBNAoGLL5wozWcOraYyPObvkU6jy JjrJoDjhA26m47HA2JRovPd/0QvCM62+Zn+EwQuuqrNmpaoyOcJ6SOmLUu0dgA5uPyw1 lNj+pGUTgUJjkgYPDi9f3fneYBSakryQdlG6zaa8MtNBpf0+BmJdklhIZCEeTpeaLvHG 0RYqMEiiFzVN7A69+IgEjvbR5hZEUY+eRQOavnl12ybGZXLF9HSpfLRWyMB4XphDOMuQ MAMA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Rwix1EV9MFpWWdvHOjBjX9oWP2HYwIDXDs5OKWKV9gI=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=Jw62PLez1+/yioZIOu1kvrZxXM2MDjVneRhv1Djt60IUaraRFEvUO4qzaEx4gOQ0me UR2ShF4ZGzDeLuCzscgFVOBUeNbCiUbXo/ibkCwRGvdSWZ+6vg3u0VJhNjRacIkbqW44 cPNbnPNAluSSEOvnz2fgmHyzlipMwWCNu+J7tXQUREf3/wAbtoYncYrfiQxBF/XxxlxP UXr5VNqMKcFMHye2wkkjMTnkZjkHOi7O5KhzVcoRUy56z/4ATP4XXGc/x/yTLr0E3Hpy lQo8RDgTyyKepHhYEZD5Acmlazo+yBl3qSgBB1pYeZB6e/QNneT35faV7aA2MtrMXfdD lQgg==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=PPBGBpk6; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id a92af1059eb24-1276af6c2b0si1646c88.7.2026.02.20.09.17.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:17:34 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=WVyFfXczu/9X0EgV9D25oILhpKFFi9Ite7l+ciIzO8i+e60xt7nCE8lsb7/LJIajOgPwdWjlSUHkvo+TEay4al8qpQQxgpUjOS0hIlfxDQCsGUJrbLBR3FqXRDSTHJKqMx5zBzi8an4Teap+4yROop7w5h0iOrjyd1vcfuWm6bUAYGEzNBJrwMsh4WwnRLOH43bqftwb1V1RdT8T6dcYG/fvwiUh731Bve4HaSjR3jsk3ztn5QMz+wlw7zsS5MNDIvQcAe4YXn5F3ApRkJc5krKh0f7KYIQJMXQjdU2yEOYwSzqyoO1tyjlc7k8LSbdEqHdpIvWu8OIZyxDBI0S3PQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Rwix1EV9MFpWWdvHOjBjX9oWP2HYwIDXDs5OKWKV9gI=; b=zHUla4gkjVaritWhooPG5IAf/MjRCxwO2EjIZJ3juwmh3iwORaJrqae51/K6Yo5EbRCc6JmZ7Ts3J9yJcN51ikjVnKuUDake7KWOBdC3DKISrRSVZzRJsfFNuCR1z2uYxR9LOTNstyQtsaB3rRN9TfhysWFHoNgXEx4hUVM9OFHf0j4FYwBVqDGbd3KDn1jwwcpTKwSnvLjlNaC+G1BdxulefU1rLR/rfGDoF9vANvZXw8qWUVOmr89HeI3/CRcHy8vw0r8LQtKLzvNT6EhjLV4of6zD4ri6Dj0y8CNxOL/aTLukFNmUxIPZxB7nyYHMXue/0b8lq+cabKFomh4wHw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by VI0PR10MB8381.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:800:216::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:17:29 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:17:29 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 18/19] rootfs: remove temporary sstate deploy directory after task execution Date: Fri, 20 Feb 2026 18:16:00 +0100 Message-ID: <20260220171601.3845113-19-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0161.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:ba::13) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|VI0PR10MB8381:EE_ X-MS-Office365-Filtering-Correlation-Id: 755e463e-6ea7-48a1-3424-08de70a3ecd7 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: dsZdwbkHSCzi723P6LVPFVh2Z7KodJlZcu8MpnPWB90j90uqqQ3dn9IOygpfXMHsPDxPdnL5kccWGEKbby8ZOynpWbXODTKWfMGQT8f+SiXuADFipZr+IVzK0CrBC5b6wvFdqN0QDjoKnIkdEXoYCjgdf0u0koFgrlkD9GcBp+tf7M8wtnRL3nYpVTZcrLQCYLCPlmhZ1Ogg3SSkmVxh1g3uV8Ptmr0+I6fjkvcnfyxe47NqXF79Per6v82YOeBG3LlQ/2mrnOMk/E5Ilnrz3rz6WpUz10YGQ4FysIisQ58tntpineaRAXY0U1Bpbd8bHRuuBHl85tn7Y4ByG1yK2BSc0ADO90PoUqQQHiugN6ay9xpDx98jDVQIV18fnaXuSTKrnofFkvJ0y1jsFhW2Ote1nptE9/vVWC0z6sybHMjhtO/Ia8TgMzl5pNkE+xjpzkEunCa0b1fK/lRXSLlE60c5VTsTOCscDnEFZAeoi27OPwWCqxiSMUXIgxbKjkygG0fPQWIIwn8TIbufYrhDWF9cvAM6r2fTSi1f7O+kVn4+nBf1CzPTvaVWxi/vwrBhMQDaTbN7xZf1YwwQ3Wa2aCA9IWwTLPoz+/Sau+YO3ZCXrgoOmAu/R+FtpTaW3/tT6JiOwudqpU5KF5iKH4jDkO+4Lsu49ffgax7ODuvr4QNuFp1QC65lNvSibsf6sCwNbiGLYmWeOLglkZEynKHF6zEB5QarPws0GChMZn0/9iqdDG2k6Qu4WwCEajGJ2QeI6xmBD0enxdBOA7Ad3z8IAzv9X6diKGHST0MmOYZ3WBqMQIEqBU365fW+HxiFvY+c63x3yUMCRJHT/G/GRU+KfuHQCc1rBy95oBcKHNOnUOMh0B8Gs9Tzxi6nbzTO5HVcNW/xDwScIfev8YTIY8xo5ggnNjqO1SDhetrk18idQzbr39dp66oZ3pxW8BHwEqhqKz9s8J3Y6ZbbPcOMZWwbdkoanGPkooitAaF5XxwjjNjpkdsaCK4DYqyLp+6O+0Q/1ZSa/kbR9a5fgw7m3Rxj85j/7inlOISlodg1JaBSvW8aKs9e/Cx45i9s0pXBpKIBMrx8Y6o9z9Q2oOkbHftBgahmVepaoeIzeoh66rn4/rq9gW8M/UG85DPGMa4GEze/GCLfKK6tgJffXCxzU4IynEIIhy24rerjBUYQqHaRVjJ43+41kA1KMkvsN9DWz6rFvxoTPHcbwa9K3XqVqR4seEoOWxn6B+8T+Vp3BXfBub6fHr1x2fIriNtjjAuBooO9QSNKbt4GGj6jwFl4oF4fJYrGDofqd8pGxkUCDJdMkzj1rdfArQ73y8lA3uDt2WZCvnIW7QtLAlAFU6sMyvAl9O1/cTLm9wPjhEoYhlWxPHQ2KEODngMfhuHcQ4tt/IwPorw3a9oz5Wjp7dr04EQak9csuHswQEJi36D0ln1GPIscnO+pz6jPsvGq/g8mJTH7cSpiYXfcHvwj0Rf/fbEN4RTA/1EB+iU3ltMqYDZnHpcfXH6oWEhF2tTmQYtLHrKMzSFNxtRXoWbIoAA8Kyyw9765Q4FOrphCVcqWXCVk5Nc= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: viR9MGVbWQP3fF7RqbvmjUilyeUEXs3iPWyZLGDHvyPRbSD38fQSRUNwfifLx7iIwNreNBSVSkebBB6NYxwVn/EKCgNEUX0qKBsWMYcfqk9dqOGURJj2QvuJdmoX8HJ3/i2ZOO1KXXukKMnK98U87vfVJF3e8gvMoibWlzNdbHPxZMbSlOnat6Sx6QZ7YS8cf25dVQeAPBv8KPeSxbNbMoq7vbtcCm+qkUy2cJ9x3kLrLsYnQ99+2WW+1SHQ3YC/2/8rSAi4No7ngb94xwSmV+YDxmtVv/q5iIkqs+hppivT2//Y434WRuIWoZa6HPt74EtV1UIYpd4FpCDjSiI7lkrRmOP7oVTEwPab5vci4CPgE572n1rUdZDyBQAABoINUs8LNc/XXkMLfS2me4JGrJEQZBaii9NoV1xOQPsKwMWdnaJCD8ODXEm6ngk2A0F2P2WvZjTAI9OIWrdvcVh8K95xzd4SPsPiAgrsL8+KbPVnKXOJs4aKyyUKCztUwr/QBU0ACTO5Pj7xAPHWJZkjW/d/xk3wA6C8U/gOIEtFEbxt7rDb0ZrJWIPV0Hfxr7XDxAfEIYg2KQ6WNcHRsHyCaf4LtkaWJvaXzSM/ezYhGRR+W5+4Pn4Ycwh2kEdsqA/DZWHvjbXh8WLJHQFpgjhOkq1H7G9QuofbZX0uDt8Hsz0GSzpkFz+gJewASGNMcHbX3DXba6ek+dlH3yTiZXdQ8qpvQQzb9NWmAVKubN84sp3nlyYOrWMnKDwkXt7i0KyvRRkFOHkwcqVy3cKUhIaogVquElVhrt0Z+84VEGOBGhag8kA4TgJqRf6uMQwYX2QakTBnmgcSlP6St4QsK+P2Ktn6LT7gMmPZLaazmA1yjCqUD0VRPmbaur1DfZbb3t/vZcpyzQnsbsSjbQJnCDmkQOBSn2subDcFSLxxQX0OpFnoFJeeq5PaAF20vpRSegzH95GTj7LF71FLLZQZJYMgWDhf68KpZRMKUoS2a8j8jEk17fZxQyVaaAOmbPQaiDm7+DDcP2tKOpivmFKaW3C0ECZH0GQV2t9iHAO7DV3V+kGtsaZkpRh23wnPeGa3EbY86nHiMAYdDyznatom5KW2GdvaXPe68xvr4XSGcE74k75V6WlezvAG3/KHnBx1+muadqn74fBHnCJW2H7OAz1P5UfFvF84iPy3bmFmHwIAH4bIXA0N7h8Ry9YTusBEUtEPLtlc+vhXDOgQoYSnztdjAzPtCbQ5NViXE5NzBR3eHSFmHUGthnorSr8FlI4NuAH0JDSC8nNh531HJ3k2ZqEjQ5vFoSSsiDR9kQl6aoDeqAAKWw93G9VKZIlGaRtOV2Bbo90vHCdKThzoMzcIMqlkJxICVEnlsjeAaCjFk/xp+RZTk/emLu9UQkc/PlrAwO+2UY8bl25J0mV8OyXcok+CzOfSXigbjlJom12sN2mYLlyc4HpRoEVAZYOXT/w+kFCsoaog5sFIqNlJ8ashVUQekOITnY0QVBywLmvMZDDRlDVf85K8ArPfdD6up3NtwamNmZ1mOXJnD5se+XhFEIvJj2t1+qlyVgN6QJlk5xHfJJIuD2918oNIONBYN9wPSodR026KBDZRUlElBkYPUs9TMDXfmzccE4BJkoNXtxT6PHx3RoFCYbcq85Lz4DcHmkU00ZO1EESYXcDAUfKkaySVIdeJJWC16OTXkGmzzP8JZWBxfSbgL3Jw9bVZPh64zaFAuj/PFy5a9YkeDTPj1Mnhmb49kCDHQqjaanluGT+hLdc= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 755e463e-6ea7-48a1-3424-08de70a3ecd7 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:17:29.0515 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: LHqY1pDObvTLqZq0Uuz9tYsgEIzjqmlvjQ7ZDOdJuYybPhUxioRc/qI7GK/3FtWuqUdqe4xBSDLZsHf7ECcRWePxRNEHWHlnh7Qhsz6801g= X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI0PR10MB8381 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=PPBGBpk6; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= The rootfs_install_sstate_prepare currently leaves an empty directory skeleton behind. As this does not have any value for debugging, we remove it. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/rootfs.bbclass | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 7570942a..07dd415c 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -663,6 +663,8 @@ rootfs_install_sstate_prepare() { # tar --one-file-system will cross bind-mounts to the same filesystem, # so we use some mount magic to prevent that mkdir -p ${WORKDIR}/mnt/rootfs + trap 'rmdir ${WORKDIR}/mnt/rootfs ${WORKDIR}/mnt' EXIT + run_privileged_heredoc <<'EOF' 3> rootfs.tar mount -o bind,private '${ROOTFSDIR}' '${WORKDIR}/mnt/rootfs' -o ro lopts="--one-file-system --exclude=var/cache/apt/archives" From patchwork Fri Feb 20 17:16:01 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4902 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 20 Feb 2026 18:17:46 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-dl1-f64.google.com (mail-dl1-f64.google.com [74.125.82.64]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61KHHi6r007064 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 20 Feb 2026 18:17:45 +0100 Received: by mail-dl1-f64.google.com with SMTP id a92af1059eb24-1275c2ae713sf88822241c88.0 for ; Fri, 20 Feb 2026 09:17:45 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1771607858; cv=pass; d=google.com; s=arc-20240605; b=Hl/+uNrH1DNEhjLB/ilVdgoTdyBSx7Aj5QvmKVEwxj2CrisBKs3uIdyPn107MUOlTI ad3wXOLtKoojaQEZSnCLg1iqA/yMg6Y63JcXgbxhk0x8rWx6DPyyunmn/OJmlaKiuHjx aOGMXwaRzIxo0pxLrvWaH8GkgbacpNbOaxsRlWuCv10Qeg1B+tmskA9WGk+lytdrIoT1 ePb+dox6hJgZYOAohj9346wO+3hdzyCZc7+6FbVLoCH0+J3zcxROFivIIjWrSGfRb1f+ lYf+cNznaUL9OhsgW4nNu6Oba2x1AzOjQymxmq/3Ly/rynLJx0eW2SzcK2TnnwE5RJLQ IW9g== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=SWjzrM3GOQ4ixDMUGUriAlF4kSGzZYfhJerJutZ2jIg=; fh=G/Uefw9yWfZ45wA/eFQoVCqOHJhRzCdtLYjT8axyuWg=; b=gFH5Dp2OlzslNP/fVnrOmKGckQ6AUlVouNkABfvTpVKcYJ6uu9KnysQ1YROyxFThDZ gO7mv5+R+dTSi9/JasaNT1WfxeZb7VrH8JbyWCKjhNJJtigylFb8np0B8SN1qow8jtKP XpjN9LhbtB3Jc9/K6BgANeV2Ir3FHtqtP+MsTjtJrX+b4I42/KPRRZRl20qvLTobx+Ho xvzEUdSgBREPrG7uuzkHZgCMzQPf3DGeeC1VBdCcRstlL168rRwdPz6ISjtUvTaojFf3 e8RFia8dd/f6YEzKBDeVKCnzHsWgqrkZUhQT1DLhRcKcLEoFFJkM9VFh720f5unP7J/M N83A==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=JIg62T1k; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1771607858; x=1772212658; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=SWjzrM3GOQ4ixDMUGUriAlF4kSGzZYfhJerJutZ2jIg=; b=G/ql9ra8pbQofcwsKehjGBIvvwQvvWsine7U9k3XuXgPq2ii3KOl3O+I9Vx7PopKpT O7Xm4jGyemeiifMgNrWZGj5AOld26/wzRYPfFfJL3degmS8PqrNpqWvjodHtDEQAMduJ H4OqO8HkJxIG7oVfu6UD/ew12hWYFvfgQlt4H1253dsAgWxiVU0nHV6FhWNJwRjjcbHR ZerZ8Xfe0Eaxypo63L6KjweZA/OFPvdBeiZkNAyh36Y4RZSzYAJDzIiGQ2zGWNAkZFJ/ KhSOK65Nq/zS01W9CSvN2+O+geMrjk5kKc10FXYwI6PmfRcV1Ndp5ptbpZT3BE6AIiIT 6uLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771607858; x=1772212658; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=SWjzrM3GOQ4ixDMUGUriAlF4kSGzZYfhJerJutZ2jIg=; b=e9+xD+rtNN+SV16qgu7rk++yIm5ieOKezexVBABVaKPAeuKRJ4YDwO/O9AjNMevrPy zBhTnZD+qhFMvXpE7od9RKHXct/cRbDIBAZuRSQobFnhsfnp+yHZYslipZxIY24xx+2N oUaI/+gpT9VmGopVVYNq0HjDlvZVSKdaiHXoEIBiScRFM8vU2qjv3rxWShlCjIztW9bc YVKdjKu+fhrzkEUTq7ZIsDFwua2MKJLvpSRDSLJPsqyEEZR+JXYv+cB6zwYxM++6E5KJ YhZWGzJxTybn0jYNm9lQ0ycSbiu/vdON4bXpAKKGhMi4EERXJy7/k0NRy/Xvl6p7kxdk tPjw== X-Forwarded-Encrypted: i=3; AJvYcCW4Br0V8vo0PPYZzZzjQpADeej3dCWS4lMHczlGepWjPbOTasEZltuSkKsbwVUgEFHo7YVO52Q=@isar-build.org X-Gm-Message-State: AOJu0YyqMtK7DhGvMn7NOjFrNo+qDlfLwfo4ONI6SD4mRw/dbnf8w02A TzyylfwtnS0sF/B6x15SPOGwQGQE91+E7cAxbrTorbdRuvR2ICaCFcW+ X-Received: by 2002:a05:7022:660c:b0:11b:b179:6e17 with SMTP id a92af1059eb24-1276ad37a67mr151424c88.34.1771607857752; Fri, 20 Feb 2026 09:17:37 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+GqP7zc3LIAcrP74jYBrp5AXgj9Kj5F7MdwgwXJ+hHOYQ==" Received: by 2002:a05:7022:20e:b0:11b:519:d7f6 with SMTP id a92af1059eb24-1273067042dls8069725c88.1.-pod-prod-02-us; Fri, 20 Feb 2026 09:17:36 -0800 (PST) X-Received: by 2002:a05:7022:662a:b0:119:e56b:957c with SMTP id a92af1059eb24-1276acb153emr138351c88.1.1771607855759; Fri, 20 Feb 2026 09:17:35 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1771607855; cv=pass; d=google.com; s=arc-20240605; b=K0Gf9DWMCvXVQG8NheLdYTIBjinZozuBCviNbtBz/NTxyIFOngRzoigKpYwxQUNMYM 2YRNXkRjM95wb7FbgN1ibVtVIDmLb4DQHj1x81JakGgh88TLTW5TDHUFOPRSAST0YoaD orA4zsWIR3sUijZA2ecGKiJbO8WAPd9dSvL3qIbisSh9r89cWaX5NA3O65us16NuxVt6 TFPjv0bCv6Ney9szeUMvFrcpaWTqBiaCeOhT8/aN5kack4/uXxb9/5iOdEuERM6Y3Z0+ ii6R9ty0A0IK5z7cm5ilFE4TnrouDURorUydQUyQkKtME5vEzZU25ckJdsEY1cVuc/ca 5+DA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=En+6a6yKgT8sskUWNX0kI4v/OoyI0ok1H843VcpCf2Q=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=LGsLSQlVBo6sNyWUTHyWzq3bj2Fw6uJnbxl8w5WH88LNywWY+1wONohcSYo0iKOq5h JOxuhNG+ddaR67rK6i8mv9fkklSSMmkiSNueYsL4JJ6u5LNmzvCfu5N01Syo7FMOG5U3 JOaL2/IsojR7s6A4mH+VU2mMhCLMkpjYHrpG+LkCurnkM4ErX6oSkBQEDCloeuxBr7dr Us0WZ9pXYO/z9xjdNoWZnyZtq67CrrdwT5cF/HjgyXk9uvYjNm5tEljmXXgRcBKpbp6s DByc6O1yMYHhiAGUKSfS/aOmMOLDj93RVkC8fEt2I8Y3VuQTNBRySO1EpN/9X1cJj8EG XZkQ==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=JIg62T1k; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id a92af1059eb24-1276af6c2b0si1646c88.7.2026.02.20.09.17.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Feb 2026 09:17:35 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=U/wOer1L0Q0pMyr1nSvfOvEq5dCwcLSPZFFv6GVYGnPq4pKxgeS/W3K6AGuhu1djeN0SPO7QDnhJZ4bwCJ04uVXN9M1PTZkjDrfKORRoGRNyfIptGpYEHjQX5feXhh96TJXU7DYcdEUlJ2tSamJKvvMCC5N3wumZumaTwtOxzDmlgzaKhco+AlGb8ZK3MwqPFl4LG/puk7a48KNUt/FrIXOxsTd8tf3tC6YtihMnDT9loC/yDGSqt4sEMKKM2QE6Jl7FzDmqWaGm8wPciGLK7bZ0h+0URDFVR546aOybWQhortlZA9wljp0+IxgJVj4NXPAhsGnlrWdrVUgrxunVuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=En+6a6yKgT8sskUWNX0kI4v/OoyI0ok1H843VcpCf2Q=; b=ozgRzq/R7FDuXthwxpWRaVFXyEL0rv9uaqjOp6gxBnWVN+2FhYkjzp9L2vP0LzfWbUwI+6ZewobsAp9zpx+2I1OX5qw3yVXwUbiaXUrA6SHD9+ELIs/k0JOz/OyIK6Un5XeL2PtrQd+OgocQzzYzuVo6QJob0Jwt5Ywb5fMu1Tz5zn8aEBs4BZ160iuf5sH/0FdoNRjmxh+CwOQR7lITbNtfQeU/tfaOfp0zN8QGa2yewQMENSCpQ/42qk2SY4SeQ3qLn8BZBoHUKAQ7gMfKu8u34v22KWtWyPqzPYZzVrsGyG0Y3yWrip1PySEcfGec0oUXUj67FO8iOdjwayOidw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by VI0PR10MB8381.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:800:216::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9632.16; Fri, 20 Feb 2026 17:17:29 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9632.015; Fri, 20 Feb 2026 17:17:29 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [RFC v2 19/19] use copy of sbom-chroot for sbom creation Date: Fri, 20 Feb 2026 18:16:01 +0100 Message-ID: <20260220171601.3845113-20-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260220171601.3845113-1-felix.moessbauer@siemens.com> References: <20260220171601.3845113-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0161.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:ba::13) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|VI0PR10MB8381:EE_ X-MS-Office365-Filtering-Correlation-Id: b14d1c5b-48f7-436b-1c80-08de70a3ed2e X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: vP0XI/WnvovfCxE3cseh3CjUzEpjxy+2/+4RdVs8TUr/b0aLwRJgNJcrHvKZ8lEuJY3xhH4dHfADNrrdXd4eHQ0b9b9zBmKVPu4MnQbxpoV6hhNDLwbsr8JoYG+GW+s7cp51BkiaFKDkCQG2XX+hQLhkaMcTmH1daTsfcZ0IBlakBW6bomaoBAQkhGJ5DUC956Gq2hCY7DTu5gz2n+uEWhEakEwqyLz0xHIdreNfCiokZ/ewKqpXXNC2SepQNm8GQTu5p92Jk6PwnOIbBkSuDMvsCHDTIRgPDC9/mFLQ/2EdXDdNhDIzHK/p+hZfr9GnKDgPK1MmkTHjaaBn+3k8ldCwzSgPUFMv2H7Lyo4LLPUVOBrBUFloXjLbdGtPsmbiSUJ0QWR0HHKgxywdUwYjo+dMFLuSfstCc603FIH1MOUj0w5c/GHhCZAWrf9grMOBzpt7wk8Io9/5WOuc8dOV1EZKDYudEF1cejeVE0llKYDM/xwEpyJhwRAwsLyNkor6+94WLumalj5T2gNgUPeZX28xcdluuz0Lr1vU4VABOcY8Xi2GxylCllYMY86G02UndxU6dCkUtIdZQdGsbXHqKqCYN58nhQ8P7u+DML0U5hpYvXu5ygi1HDDUDkopjFos4trZ4WBCQackuaoMUCdFIPZP+8LlwbRdpOiQC5CMtND18ktrB0cDTbnSfIY3qHFrkxtW1gTbttV7BO8ByohZ5YyLDoOz6+R+ZZvc0Ge7NWDzGQRXIOgx1YSLoPA7f+8BfK975+cON0G5xMtbXk6w9cZc620ry1yBal+4JsXdDFSt8N1I+QHZy/d+tMa/PTorKdMtwi3+Hp+vva8Fr9zTL3C6th5NaRR45ymQKHWqMMoF+iTnr+ApnK62d4kgso21PPWmK28oG3YBMj+NY8gA5U0r9LoVPQ5TGYhWK+PvAR3Lsgk381Ez90RV4ncgSuABq4ezu1rYmrb2CfRfLug8d3wd1r/VAzcNuEtbhuuP99kASlaP7UOIsYlwiq7AU5gGJ03jt6MJxLN6vQijejRaY85uT2p76SjkxarJsDWjvxb+ycHJXJ55YBHvSVkBoPdbZh9MJG5tYfIoodEnt1aadr4qgD8A94eUD0Q/yq7jylWxb92s4HjdrGX0M5Bm3vZ+j32pcqjTHV8v/e7Ok2nAdCEp9MAF2OwnFN7+EYeNsoLrGZH/P8c+kPI9haFXGEmh8024NrD7xQFNm8Svd+XKYtTcoUXG+VS099g12jHLHm62kh4FUEyX1VJntwpk/9t5q0ZCUfc4J3UIa8PogjNKVDjUBdcTXuvthwtwwp/6iNo1nys//+SDMKldL1RX0CujiacYu3oxsV48KWYWDEzHj9M/fFCSyEthNrvffhYdlpV2VN99kpvm8iIw996oXRWlZILWaARvpUmPHCM7Rrh0vMF0CddMcIXlTTnrECzlovdFhfJMQqF9GXG2uIRP4Qx5jPJ7F7S6PBTmLmnu7Z+F4LuwLUnkrQPtx0ypjJGjiuP/llxGVqbpVJ9ubrbm78wIgcPvnl0yvX3Z8D5cqfplFKqrBHumfovpvQ/gVgbuiJ0= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: tuckYjA6lCJuWjezMreaR9KGuyLKPpiWQZdzUclPlMFjK1hlpB8pHF1HL1dWn5bcszYU/39OBb5ztlIuIMBbvR3gw8ExDk3WlVd0X0RALcES956CC4kN+TaluKdg6PFGKsevt1UkFcjUFKubxnSdp9WilX9nnEahJWR1z9hZyC9X92WbqT7xNmegE42kqid5RyZ3k4HnD9+pO4zPQ9ED8Lmtg5AQc4mKzQLZmEwP0gLPpL79JqyydJh45ataeQRJFjBO0eBbqdIHM5/5TZ4i5+ajMio9s0m8XwmjQfHufEhy2wbwTfzQ0BEiXMathm2ADGlB+vDs4AlNg3jN4Am7b/Ly/8QJvGopWpYxeSPfn3iTrymOky4FMqrUzzm9/qPQES3T71bgJJJL6khSVnwlhRJO8moE7g5i/3fz2BLtnP8muLSYcQsh4qk4SpyQYCshrZX7iqgTnlPFydf4WGRfR/pGWGf0L+QQjaPkuxmh9M1g4C8/FIxvB7uGOJsr8W92Cmzi+8r+Rv/4rXF2PGddpsz+wiH0HN531CT6bNi33PdHg3cMbierQBTJ/XWI1oj+W4k41m14O7UV+WyFAGoWCP1asOElXRYVlEhz7Ryx8+R6Kp3Dcjpdt9vnWmxSG27S403mn1659VwoeJQEzPR7zEF19GHRrsmwzUxF5UZVmEvMMabEyy5XSesXrYW1hyz7M21534G4zlHU8STI8jXKCkyE+sqrsAtixTgo0BaBpol+yXK3LrMqpCqWZkbRzU+ZBqpOebnaVGMT2JTo8eZJlENQqXx473AXmXbvZVHVqW4dgGMJf/0MnOnSIAjlqHaOfgEtHqBXK3qcpTebdg3gI4Z2+/fb5ppJ+Qt10ifxIQsIH0jz5fdyVqiXRwGl3wd6Xhfgrc5ZgHCHp8IYby2H9okkrDrhp7kakjD2Zhonyr+sxah2HE3IR1YjyBRcA6IOV64deJYUF4K9bGB3C/dj7DRqFDrqy6EbBsVyjJFczqZnjmFhjzjG24pbr/kPsPzeHTaGq6bSHVm8Ect/VmZlhg3FEDIg1O17Gl9lcpsgsiY6qJzs82DLGopY5ERYF4VublwtfpNba4QCWuaINX9MkM6C4xG+5BQMQmryMP4Vk+DTS50+K7t5zVPPrPnaXYVofYx4rZyMeqoVtQt+1ASgAaCp34dQirz6TLbQajgKhTFMQFcAgerDXV7NaAOt7zfIlHFg7de8PiD9swgY3YQmxsbz/qztTjXMCBsRMJEy/evZVUXwBI8gWlVEiJjqtUj1j+XlS7fk7/WfTOX2J4Q4ABjdl1ROBmPJiBlPQkSLGXrSZmQEMDz/jlH3R2d3uhZtrdNSsJG/SLUxAiUGfPPSGgwKdLMynZ6m20UP4ZZquC0xjLhBn3G5N3g7UwlrjVp22n0TLi3R4oX2IGoLfpYQs2g1N4WbZqtJN7BB/HZB2fRtY/j4n0bcTtnS/wSjtcYUPjwjW2PWWQrxC+aE7rWDS3OlythTht9GD3Knp6DyrnZYk8Bxg43NNBvwqDMYF0fLV0Ooz249RZsyIu9jufUoCiByKQXo9eHWyEVXnyFcW2OPbsGegiwHtA8CWfINWDBOVzI9Gm6piWiiKwJJ/TSnrLz3wrDhvUtnIu+dVIQAyuP7vyPsD66MB2GkXPbDA5hPlHBPkRrHOvloEPtN2yTxKdbYKFV75pLdLQ/r77RAZs8XpzluWya17rC/b0v30gJ3CfxHy2/sgodBiYQRKBEZsdCLlyIx4XP4Zp4OHyw0jRc= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: b14d1c5b-48f7-436b-1c80-08de70a3ed2e X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2026 17:17:29.5611 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: vZO3Kbb+na2XWxaG1uO0yaCW/V43voQ5S+nIqQp7OUfmHU2wF4SyFEhc+y1e1rO2J3mumwSH/7ssWU/lcFvQbtaw6nL0rVleOJIDyhP22Ms= X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI0PR10MB8381 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=JIg62T1k; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= We previously used the same sbom-chroot for generating the sbom of different root filesystems. This required to have a live copy of the sbom-chroot in the deploy dir, on which also was operated on. Further, this copy was left behind in the deploy dir. We improve this by just storing a minimized tarball of the sbom-chroot in the deploy dir and extract that into the workdir of the rootfs. Signed-off-by: Felix Moessbauer --- meta/classes/sbom.bbclass | 29 ++++++++++++++++--- .../sbom-chroot/sbom-chroot.bb | 11 ++++++- 2 files changed, 35 insertions(+), 5 deletions(-) diff --git a/meta/classes/sbom.bbclass b/meta/classes/sbom.bbclass index e3d0e702..69c5d1b0 100644 --- a/meta/classes/sbom.bbclass +++ b/meta/classes/sbom.bbclass @@ -23,7 +23,8 @@ SBOM_SPDX_NAMESPACE_PREFIX ?= "https://spdx.org/spdxdocs" DEPLOY_DIR_SBOM = "${DEPLOY_DIR_IMAGE}" SBOM_DIR = "${DEPLOY_DIR}/sbom" -SBOM_CHROOT = "${SBOM_DIR}/sbom-chroot" +SBOM_CHROOT = "${SBOM_DIR}/sbom-chroot.tar.zst" +SBOM_CHROOT_LOCAL = "${WORKDIR}/sbom-chroot" # adapted from the isar-cip-core image_uuid.bbclass def generate_document_uuid(d, warn_not_repr=True): @@ -40,14 +41,25 @@ def sbom_doc_uuid(d): if not d.getVar("SBOM_DOCUMENT_UUID"): d.setVar("SBOM_DOCUMENT_UUID", generate_document_uuid(d)) +prepare_sbom_chroot() { + create_chroot_parent_dir ${WORKDIR} + run_privileged_heredoc <<'EOF' + set -e + mkdir -p ${SBOM_CHROOT_LOCAL} + tar -xf ${SBOM_CHROOT} -C ${SBOM_CHROOT_LOCAL} +EOF +} + generate_sbom() { - run_privileged mkdir -p ${SBOM_CHROOT}/mnt/rootfs ${SBOM_CHROOT}/mnt/deploy-dir + run_privileged mkdir -p \ + ${SBOM_CHROOT_LOCAL}/mnt/rootfs \ + ${SBOM_CHROOT_LOCAL}/mnt/deploy-dir TIMESTAMP=$(date --iso-8601=s -d @${SOURCE_DATE_EPOCH}) bwrap \ --unshare-user \ --unshare-pid \ - --bind ${SBOM_CHROOT} / \ + --bind ${SBOM_CHROOT_LOCAL} / \ --bind ${ROOTFSDIR} /mnt/rootfs \ --bind ${DEPLOY_DIR_SBOM} /mnt/deploy-dir \ -- debsbom -v generate ${SBOM_DEBSBOM_TYPE_ARGS} -r /mnt/rootfs -o /mnt/deploy-dir/'${PN}-${DISTRO}-${MACHINE}' \ @@ -59,8 +71,17 @@ generate_sbom() { --timestamp $TIMESTAMP ${SBOM_DEBSBOM_EXTRA_ARGS} } +cleanup_sbom_chroot() { + run_privileged rm -rf ${SBOM_CHROOT_LOCAL} +} + do_generate_sbom[dirs] += "${DEPLOY_DIR_SBOM}" +do_generate_sbom[network] = "${TASK_USE_SUDO}" python do_generate_sbom() { sbom_doc_uuid(d) - bb.build.exec_func("generate_sbom", d) + try: + bb.build.exec_func("prepare_sbom_chroot", d) + bb.build.exec_func("generate_sbom", d) + finally: + bb.build.exec_func("cleanup_sbom_chroot", d) } diff --git a/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb b/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb index bf6d6683..fec1f502 100644 --- a/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb +++ b/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb @@ -27,7 +27,16 @@ ROOTFSDIR = "${WORKDIR}/rootfs" ROOTFS_PACKAGES = "${SBOM_IMAGE_INSTALL}" do_sbomchroot_deploy[dirs] = "${SBOM_DIR}" +do_sbomchroot_deploy[network] = "${TASK_USE_SUDO}" do_sbomchroot_deploy() { - ln -Tfsr "${ROOTFSDIR}" "${SBOM_CHROOT}" + # deploy with empty var to make it smaller + lopts="--one-file-system --exclude=var/*" + ZSTD="zstd -${SSTATE_ZSTD_CLEVEL} -T${ZSTD_THREADS}" + + run_privileged \ + tar -C ${ROOTFSDIR} -cpS $lopts ${ROOTFS_TAR_ATTR_FLAGS} . \ + | $ZSTD > ${SBOM_CHROOT} + # cleanup extracted rootfs + run_privileged rm -rf ${ROOTFSDIR} } addtask do_sbomchroot_deploy before do_build after do_rootfs