From patchwork Fri Feb 27 14:57:01 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4930 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:41 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-yw1-f185.google.com (mail-yw1-f185.google.com [209.85.128.185]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REveVC015357 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:41 +0100 Received: by mail-yw1-f185.google.com with SMTP id 00721157ae682-79867befea5sf33534377b3.0 for ; Fri, 27 Feb 2026 06:57:41 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204255; cv=pass; d=google.com; s=arc-20240605; b=JQC2vnKqQZYdcME069seUr8NidfjHcCk5fbuE+Bbp7BjCRrKn2/PDZAUFW7Gm6U5iB etUZiR2ZpkBcySZKylwcn9nGo+CRv3plrBYGxhwRSlvw59ZZwkVy3iQl2isVuY+xL/wv R5FeugXF0/pMh3FqBfGs+WjFpz9F66hw0yG5AYAWR9730ymDBmIQUHnrji7Xzc67j4zY qA4rhclyJr9j5t0KqMrwntbsSYCPpdMkP4FVaUN9BDfMNBe0K5qHF2P2w7khCbFbNI8Y ps4CjtnP9CrX0Y6IZDwsaLCzWZn3DxiBdy1sE9EY8j7axLvNK4NTqf1m36V+j1/kdvtW 3esA== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=8WuwpBn/RoNy8ifmKOFJ25OmN7U+9EPyBvSwr7Az1js=; fh=Bb996RafPb4QSLlqtN8sZ9cDKQCgMZzYS8omaDYERrI=; b=I0cElQYrBR7//T0itLpZmkAAlhrljJ3zH92x+/uj0i6ynla+MIbrdxqrKKkQG5uKsX QQ0hlE0j+MmaXqlqQ+W3+rtXaTImHejxtNQsFEH0CrTJYfSgNhqMxthZtdZaU9XnNJmQ Ek0Wl2i/rN1XNwKW8/T6xj3eu3PVJaO2M30kIl9od3bGSUmQ9/mwRjaoWh8CkAVx62xy X9BrjHUSh9oOJKfvBlO2JxJKU1sOYaOztV63/8dHJsb7VIfTJ9AXMikyY7b9jx6K3uR9 Nwl/QtfPSLOANYkQffwc/1dKPfYCxGbCMMRl5+/zDXZ/yirDOBaVCsvjF6kS1kLgOQel Dq5Q==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=UIh+Krah; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204255; x=1772809055; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=8WuwpBn/RoNy8ifmKOFJ25OmN7U+9EPyBvSwr7Az1js=; b=PvcM8KxdaKawGNTV+gpVJS2qJsoPIPxqFIgo3NNa3Mj1saQLIJBAX2e1KhO0AomkkM 9zVDPwHBzLNIhNcOz/j1Qb+BL2/xNW5Cc32mASz7VxzP1IT+wEpmt1E/inrWdE8SeU1j wPyWNR83uoEpoNYw/sHEdQDlgiZ3o+i1+NImR8Gol+BX7HuKrD7br+Je8Un5elUJo5VA J6WAPJupbk1R+nDqLP0y/LTBlzj1KGirpAiDTioMlsboUo5cQ4NO7fq/flBnlKQeY66A NajMNwSrV8tMxxfsrPqqbk7I+ccFXMO9o6CVtiOTv9gcFe3srSWZxu2uKnPhZOn7Ka/D QF5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204255; x=1772809055; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=8WuwpBn/RoNy8ifmKOFJ25OmN7U+9EPyBvSwr7Az1js=; b=RQqJz4e2cxPPgGnoVMOmwN5bhDPpl3AwVOr2Y32DpIK+Hb7TzCCsp4F5DePPbBVbj0 ZGi71x5mzIrb0kWf2QNGisDQdK/nohyibGfCtk3uqi2MHdufaUSGYNa8ntNfJ5j1l5hi Qx6k9BJhXrAln2MH0wi3+4Lbb2rBE7jUfyhUhk4Slw8V73r7zQ2kkJZYkySsA9KlMU5Y xkdjcbTfLVSiPXFbOLkQgrBL1Dd35bPwyJppBv7nxnyBu0p6XXONF2YHZ7HiZSu3hoTF sRv1K6piKk2e5sP6nbxzf9llfwMyYi3bhI8Wt/5x44qVzhfiIfZoqTDekinJNC/+tYss /POA== X-Forwarded-Encrypted: i=3; AJvYcCUuJ6Dzzdcu3BbtDhnqJY/xgJ8HkZxskUKp3IktfdCYHvle/zCxs8DHchsFVdNoHBCw9WAaQSo=@isar-build.org X-Gm-Message-State: AOJu0YyZRnRW2rnFbZjITz/e5BU8jJ34Jgc9yiB3s9KXtKRgOYPyrP/3 s3fNlmADyw0cRVMdspakT8F+3A712l864hl2eTwZWVzSzr+i7pKD6lSC X-Received: by 2002:a53:c805:0:b0:64c:c00b:8a83 with SMTP id 956f58d0204a3-64cc23ed59amr2014100d50.84.1772204254552; Fri, 27 Feb 2026 06:57:34 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+HTgu77kdzec7p1Vk0T+hXUvYvxyYq0gj7ZFNYEhggajA==" Received: by 2002:a05:690e:40f:b0:64c:25b4:55f9 with SMTP id 956f58d0204a3-64caa9db122ls2336856d50.3.-pod-prod-08-us; Fri, 27 Feb 2026 06:57:33 -0800 (PST) X-Received: by 2002:a05:690c:1b:b0:796:74cf:df0c with SMTP id 00721157ae682-798855082c6mr31854727b3.24.1772204253398; Fri, 27 Feb 2026 06:57:33 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204253; cv=pass; d=google.com; s=arc-20240605; b=FZgMDMxc1nxPGLW+eqMLrwPK/MqL2ZPXsgpUKLolgbRN4zJNpR1sLF2hvPYYmKecLO 8JvHRYewOY/5mGyN1owrHfNypgO6Q+yp36Yo+hcq8T3i/CC+Q9KaN+75j6mlNtTdcxvk QXKVEpT1FbycmjIkJX3B91WsVPxVdmloq6Ng3MSWjB3oYBtRVNTt7ExhxpjhKYnwkrUq H9vrbIeSbzy3Z/e27K8LzvZ8NS/cL6hkSaie2slLdEMb/OZ5uZ0v+GDhhePM06nMJ8Lz BK8co89LMEaCeH38RuSGkV2V0XD1puCeIZT3nmTMhmNCslIcnddBKx55kIWRwWcwluti lRLg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=2x0pE8Gf8H1cPCmgqCHjkjBhcQWi+LX+1EBcc2jGAow=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=W9OzFDNvJhRlN+gHDOiwmf85bH8iOadEmE2aw4OaA/c/QSk8WnkjYg2jnb+JECBQ9E zqwcY5EUiMm3WWbmcNePtrMG5x6s4NC7qi20KPy6Lpvh3ggbmx4+8O0ojC9DPPUwXq5F zmcl6C1zr6L0qt1PYvwkz1PH84zld0MXGDs8bfdv2V8HpPvmmHcgk5qYCOBSZXQvz9V5 fMjGLgOLcNn61WKwPokOBN3iA5IP1tc8UlDmXORXFflgFz/b6gVbMnNDQHGegSMqlZc2 yFM0ac5eAi5gKOMUWW39mIMFBGDrnJCsKYkB04sEuHIgN4RaP5y4PZ8V+dXNQkJnEY/r vUSQ==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=UIh+Krah; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 00721157ae682-79876c4014bsi1762647b3.7.2026.02.27.06.57.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:33 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=UGs0BUCOKEVordf7JMXKQcevbkfDt7Pl42NQCVwc5L+JI399GFvybRuR6MxdlvgQKEJqLrf+XolYke8/KGKj0Nro7oRfCnw+Pp8l9Njqo8r8S1O+fIIoiwkKJgxJ6ngkoCLdPOl/nKVNtZDSpDB004Q6Omx+pBFhFXOkFvX1vKROLsZUawhOA+MpL1YedvX41mzVlQ5lmde+nFBwyTRgH3aXjNyadYzfynVC0NIa2/gLZ+XbmtyN+CLnXrhjw74C63Dz1JL/K0oohhPdI97VbyIm7Jyx/GrovgMnOkcKQ+l0oh+gG7Lfq0kllXXiS6FLQz/yTLIdPGOilt3OIWuogQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2x0pE8Gf8H1cPCmgqCHjkjBhcQWi+LX+1EBcc2jGAow=; b=wS4OO3Go3TJWOgh40LEarfRXAShJ+N6enzPgqA9WgKW0M+P/U+ghwu0AZx8Dr9xiBN2+yuw0KAmsDgrobKnFzwvUVyMDUGtJwv2SPQf8ClmHxrodzMKCmQU4h8GvNaJJEp4mDoH0XtRD/3kkjfBNt79PkGbQEZagYeH3tj3iVmxxGnnQgapJlYEdZiaCewTKHdrCYNZqGiJQvd/bNyqW2NfJPJS0Jh7AnUiY228F8OxlNGSH+5x9sNUdsPIjjqe1VRpSfYNlfPzwQTj9DcdKYe0oHNCZPe5uPzEwypYTg8FyunpeztIywx2Bc0ZoH2NEHj8gWYhBjO78KcSntMPbOw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:31 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:31 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 01/16] refactor bootstrap: store rootfs tar with user permissions Date: Fri, 27 Feb 2026 15:57:01 +0100 Message-ID: <20260227145716.3794146-2-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: 2e702aee-3d54-4928-36e8-08de76108824 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: TTQGJodOgueTTLAsvLmzT10KYS2JM9EWgb3PUqO32mhqq5JJPg+1QAInFeYSlfNgGY9nMW9Aooh4SHs5f09BRO4vEu+YxoYJWFuFG+zP7Nw0s/wcgAWyCP2GpUFCl1mlzdK8u9Ie4ropv2xzkanSBxQSjNAetNCqA+CWxFPGlrpMEfOgP26LkN5oGvz0b9qqEWaxfv3+io1obSQOmHV7FEX2tFK/rwiyyynni/r3N7f8Tz9Ixp5PmDDoDAom5L53eqqULKZjzxohD/2A8xLStwI3LpYE7dvp4fy7BV7BsrmoifLo81Hfq3YwHPksjjJFHmZL0juKWc6fmzg9uqGyaC0lCe1qRak0r/78q6tlFsjYrMyrdStctAWdD2MOanhMqng1SFg3ZVQQVgsWALSvd0UIJtLte+lUVJgW2SczDA/iJYTlI1BzuXQC66ssDwT+eP03aeYOhxeURpKOaOvae9yW090WCAYbXacQag4JjcCv1YCLs5Sv9kmctmju3sIOnLX6vHRNDuhUfNYSGdaB32x4nN+z3vdPaU952BJofU7CNGmtkM29drE/CAh9yo6suUF3sBZo86wjvz3ANlMbv1mz/BatA60M6oCJI+A5PiKzumSPNR7GMRpK8FmRZpReBx+KTu1yf5y1ie/satSAbHBVhErVCDFP2Ax3J4LEUUj7OQpyXzVHVqdYT6Uw8QckVy/HiSn5T8PK7Yc6m67Vz8Jxxqw8m13U4k3LZJUQ6kY= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: n1rPWN3Dyv6g6rEyGaxfP2vX0v55pQ2GFW7wGnF3h4b4LrCnHeVDmxj4KwpKwjUcW4lDET1/t4lzx7xHZtT25N4ILivjFrBx8TBXkz03ywj0RVT5NiemcFV/dvJ4upptV5rSU17IY+SluK0hqZUdAQDihGDRiTzkX1GEEd5N0updiHTuE6+MKJoccHLyyreBZ/rX8uk+Q3fzyKVojAJdwE6wY0tGM4Wmdzize8UST2Ib/p5tJmPRVVsoJDevaV0qKmmAHpZ3twAI9cdWOMCFj/EZSxhYNdpV/ykCgbKPVk9gtbEwDc2n3DSSqtsLKMInPJmq8XyKuwPyhj48mbi4uIlyIBIf58eNRJ2RybLufGCpM51AgSuKWhk9X9CaLgoyukaV1sYuJGdRTSpsO5aFIpqTaavR0yhwHlbPXbMXxXXIQsNQMNN2d5hol4v/+6cxBftLu/VMLXoWX0i0jIpXuiQGkRJybndQtnp/nJOangXPOA5KtuK0iIoKPUQP4Gu10XPSxj8aur1v1Z00cg4+Vtf6rRKLQlg8rpVhGJgTuS2Ci9tVKzA1thv39VA/OwEvJGoZJdwFL8xBzToaB15w7bYIERUJSw23vcI/WN6hqnlZChAxsuEnAikBTuEfHBVFLAH7+7D4+tCQUvB3X+MjePnKJZjN17uiq5+QdCtkjNCptBvk7TCW3ZA+CG2jKMkUG8KKJHx74Tzpx9JannyZ2SO81AjxufOs39c6xmGYa8OreXFo048JdmClx17uXvx989cIhvhwrT2Vkprwd25MVquGGir4t3rzW4LBzPDzaGJ6QuwHLgAsMbftFGkzqGtesQL0tR/nYUsdVarIXaOK8ASe+ZRw0/BcGPDWjfZObVPoiYRyNL87YUWZ7Y8XGhaGi0EMRuiPSznfIhzRFO/WPWBvU8Wt5eVMzCsjZqp2dF1E+qHLJkcqAiFuxMyl86Q66++Qyyzz/Jm0j3NSTG2RRc50l7Fw7cNA+H9O0Sb1SYTaEQGPWUPabACUZj8yvQk2lajuF2ifCPRQ282N/2sDwCbE+upVN+ka1Z3rf5pzI2vxaGaiwKXo2Sn+/W63gb9cw0Zm3esjWtOTHrP9LnsgKJNqQlCZoZOdj6p+lUjTwa8Hd2u9dw4/IurJzfQXpUqYjhprKSlpm95gkqxYSxa5q2nU3JA3p2+4KAoSMVDF7a7X7jmQJewXn5hWlu4NWjgis/hxeUnal0Kh5vvck+18EEjd1NRGHV1htD/EPU6DqB4/VCtIA+Vkmo9RmSmCIi7CRi3yddSlut4ip1COlK/oeuoGlxBQh+Fib2jiBl6hSDkXMzHY/aLtcv17jRnHFtH1J8vug7htNkqJfjc9AmKkffR0vX4PP+T/bHVujbs7kzeOc1OPAdnCqg2HfS+B3EGCG3kTJ70rMZ4cXqTweilIODJ2P1xZuG5opmRJOk64FEn3D9MMxsf314wvVYeqffshGwfXtXf5taMufyP9w6oMdG5SZacHfF7tLzHpW/ybwZvkzfw30QwSUb1Q5dDWX70/DGLH1aiT/mN/0ylAXcNSYJydiQ4eZyoTxrBlytyblPy/0b7jlbZv8+M5LFmEePutNOkdeutuIsEeW0nePXUE3YFR7EZ50nWl9Rnkscys8tkpQwHoIv2/BRNLOVT+8Y/LFiDsU9O058WAEcCrqgWJbk9BUTJ0Dzg4ijiz9gue1uiIJG3ECGMvc4WKBvdKaP9lJYmiHxREOWZoMFEOpEcG1FmHKY0g1pWPb8T07c3FrnTixLpK/itukY8YgjCDZjcdRrMdjpkM X-MS-Exchange-AntiSpam-MessageData-1: pQMZGbpKxo6cC03bw5MngL4OHZPUyvI4XZE= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2e702aee-3d54-4928-36e8-08de76108824 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:31.0120 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: PzrWlHDKlI7XB1B2DRu2QyCHAMz8cj2FQz5z5WBqTDx+7GLEW5u98HVljdTpvias9drcdM4fAbHmofeBl5PVRRUkyESzkukNnzOKT+LBnEA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=UIh+Krah; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= As the mmdebstrap itself is executed as root, the generated rootfs will also be owned by root when stored as file. To avoid this, we let mmdebstrap emit the rootfs on stdout and write it to a file outside of the sudo call. Signed-off-by: Felix Moessbauer --- .../isar-mmdebstrap/isar-mmdebstrap.inc | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index ce34245f..9b4f62df 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -239,11 +239,11 @@ do_bootstrap() { ${@get_apt_opts(d, '--aptopt')} \ ${@get_distro_components_argument(d)} \ "${@get_distro_suite(d)}" \ - "${WORKDIR}/rootfs.tar.zst" \ - "$bootstrap_list" + - \ + "$bootstrap_list" > ${WORKDIR}/rootfs.tar.zst # Finalize bootstrap by setting the link in deploy - sudo ln -Tfsr "${WORKDIR}/rootfs.tar.zst" "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" + ln -Tfsr "${WORKDIR}/rootfs.tar.zst" "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" if [ "${ISAR_USE_CACHED_BASE_REPO}" != "1" ]; then deb_dl_dir_export "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" @@ -258,8 +258,7 @@ SSTATEPOSTINSTFUNCS += "bootstrap_sstate_finalize" bootstrap_sstate_prepare() { # this runs in SSTATE_BUILDDIR, which will be deleted automatically - sudo cp -a "${WORKDIR}/rootfs.tar.zst" ./bootstrap.tar.zst - sudo chown $(id -u):$(id -g) bootstrap.tar.zst + cp -a "${WORKDIR}/rootfs.tar.zst" ./bootstrap.tar.zst } bootstrap_sstate_finalize() { @@ -267,8 +266,8 @@ bootstrap_sstate_finalize() { # we should restore symlinks after using tar if [ -f bootstrap.tar.zst ]; then mv bootstrap.tar.zst "${WORKDIR}/rootfs.tar.zst" - sudo ln -Tfsr "${WORKDIR}/rootfs.tar.zst" \ - "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" + ln -Tfsr "${WORKDIR}/rootfs.tar.zst" \ + "${DEPLOY_ISAR_BOOTSTRAP}.tar.zst" fi } From patchwork Fri Feb 27 14:57:02 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4931 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:44 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-yx1-f60.google.com (mail-yx1-f60.google.com [74.125.224.60]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvgoO015377 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:42 +0100 Received: by mail-yx1-f60.google.com with SMTP id 956f58d0204a3-64ca99235cdsf2985638d50.1 for ; Fri, 27 Feb 2026 06:57:42 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204257; cv=pass; d=google.com; s=arc-20240605; b=SkoguddL6RiD3QfjSYGqFWcHyV/Ak0ZjMOWQnQENcwOyXVmlG1i5R9IUzZQ2GYWuu8 KMCG8ikrx6IoMn79zzcO/GuhbYeC+rngowQK82E9FesQX8FgNP0rFp5flzzSDDtTDlmW LRLIkAaF2slPCGE6QnZk/ObK6ak7TTzs33w9eIyPQu/9h8xkLP2V7luOvXJGwk6CUpuY Qa3RKkDX6z6U874o0QymTwPwgT4FkEqiu49W8YYMcSf7ePIKwkpidWCZ1KdHm6kYVOSR GPWg4R5CoK0xJEUUCmBYXe5Bv1ypJrj/9GWdCZF5INTBeaTbmjrqwnKvuwJ4a6uIvTYp x4iQ== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=XsrOO3ysZPpVtBeW3ayfJUs/rDm+pn3YDXFBHg2I7+c=; fh=2rAT2H+6g7SXc6JJ7cJnWDJY8tUq1cy7zjqBZkCzrQI=; b=VRG7UEAyL3cMDD+fbwSqewF9kJUt3gCY2zgoX6mwSqfC+YiGNfep9oqR2mn4JdP44S f8z1VgcnWYxvs8zD/c3WAqc1IpnMFaP7vKOkINJsZnnbjUco/zOLH/jJ5v+Xb97PygvO q514lownvo/NIF1uEyMFX3PcEBPZ5Rk8mEt/9ZAtms/oKTfKWypDFMGGPEOSpyZD0Maj 1eo+C22qgw4WQt1kDPts48nikrdn/dL0lFS7iU6mNIc9BoAsWCd1vr6kzKUoXxcKNDUJ VCNIY/RykLTNUmebvneyhjjOytN4Xv+znDqbQEsjGEqrsqHTawxLNP67voiz5ertffLl H19Q==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ppiHAvDT; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204257; x=1772809057; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=XsrOO3ysZPpVtBeW3ayfJUs/rDm+pn3YDXFBHg2I7+c=; b=jfclqflOZl5leiVjQXSxmIyDEfdnO27fWNH/JDScfnhr+NmuE17RqE/1P2A8Ij/uL/ zOpulo+lYKuoNSniQOG2UQ3ZCD8zj3zOkQ05cTzawRYImjXDSinpV4FJHfvb4Py7TuKV J87ohXZIZTvOFlZRGH7tmjbmvxpIZ5kRUnfYS/wNNE7nmdo4HdZdF+RA8G5jemvuXAIi +DkAP8qsaCNmmAsmXgcMHeX1EU1D0PhZ1WQaQf692/dTR9xneSC/vd32sDJCQ8C2tUQW 6rJTJnrGgi5XS25tgtRlHjlci2KAcGC5lalcou3ytXMB+z9fCkYKKaYsyoe/QRzjKKna U8ZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204257; x=1772809057; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XsrOO3ysZPpVtBeW3ayfJUs/rDm+pn3YDXFBHg2I7+c=; b=L46oJ1ofDibPgquIfkAKe6hL0+sPl2oivV2r2RBjMjY9S5gMoSqAZ2a1E9N2qAgUC5 9Oj3b76nSEmD0soAl3RLdz6DGMHbAACeWcvto7Hs/E9eL+uRawroE5+Z3hA8p2Mc/0J+ o3LFydm6b08hl9ya5Ztqxg3VuqhdGeBwq94WWjcp1aU1YkJzcCLQDXse+IkqLuXuidlY 6TOJpDfeuykY9QuuufS2fLJxtCg4QLznRuXLMuwjKOloLrO8ZN+YGmjgMtrG7LTQvhvw 6Qp42V6YRZgvWVJw3Z6c4EvxvstLA8bukZIWGJOYHsK1MP+q67J0uUeacgI/T0+AazxE Bi6w== X-Forwarded-Encrypted: i=3; AJvYcCVmuo2m98wWCPWEDuZpYi1rH6A73goHYZNJf2q5Cqo6WUjP021ZNU//ZiyLXa6HNt5qJBUjT3c=@isar-build.org X-Gm-Message-State: AOJu0Yw5fsIikkKGjMolTKvulhpj7nFa+HFpWTzOZ7bktssby0alilp/ KEpdRDiF0txoHMFkYWQ1NHuWBJuc+oLtioBoK+3pOmc5JuVZRjHbh4xZ X-Received: by 2002:a05:690e:1a98:b0:64c:b242:496e with SMTP id 956f58d0204a3-64cc201e04emr2130189d50.17.1772204256521; Fri, 27 Feb 2026 06:57:36 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+FCC562PKMph/OkA9UUpxicG5zkFqw4Fi4JQlejfCnU+w==" Received: by 2002:a05:690e:206:b0:641:f6b5:e319 with SMTP id 956f58d0204a3-64caac677aels2768113d50.3.-pod-prod-01-us; Fri, 27 Feb 2026 06:57:35 -0800 (PST) X-Received: by 2002:a05:690c:1b:b0:793:b660:fbf7 with SMTP id 00721157ae682-7988547594cmr27807537b3.9.1772204255575; Fri, 27 Feb 2026 06:57:35 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204255; cv=pass; d=google.com; s=arc-20240605; b=Tawo1CeNweNarMJCRoBsZQm5Qgs6B3WklT+hjjU4hRbmjXiJzOCqZ/TtkGSCCdo/p9 xoa8yopXyFE3K33DWOyGP9YJnLOKBvUOz/qFZKRfGQ9OWP7cxilthR+eXW2pkY+AdeKk rwLG0KkQjhycln+DabgjefovNrSW5uM9WZX1Baiepm+wYvfxe2ZFxbYZVa9qVxJMPhkl LiQ1FE3DJC0Ns7591V/tj/cime+V4fDr1Rkj3fX6QLK3Jr6QHGd1C78IHl6CImEYxXG9 J+Xekllq4jt3AAqJmIrVx6rffTCw+b1cdQShtMEIsaGLFKja6S2mg27b7GShPf4r8I4+ GxNg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=+EM26EnPCs5Roie9oKdlwLvjh5KOD+Lp700ADYNBCxg=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=VldxIz/DjGmiS/HvG7OIjf0atkcNwSbp4hiMXkYJcKHYDeewUMNQvS/8Hee7D008jV ZOSzj4z4sIzSbM4DKM6L6948bE4K692ScRybDQ899QCXH/4Zn5Vic3TB8ATSaQ8xnfMs vcNUNrZex4qxKI3Cwng26bbBK9vR+Vua+KR+Tsux1IPPNA35f1fjzEDEuj3BkRFHSSzx 9bWICVgKQESjuHhCpug0b14WvEwSZ8f+P3v9kyJYY8AFzuKf8eApk5v+5myZKRGfIq8R puDi5X23HJxUqhBf3pgMU5azq9yi/M7lBtT2sH6Adk3yd7R6QDaf/isbcdjww5KET668 8aOw==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ppiHAvDT; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 00721157ae682-79876c4014bsi1762647b3.7.2026.02.27.06.57.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:35 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=jvVEnsMjwDo6Q1sfG8omwH3XBkSfO/Kpv43iNoBEhAIDeT1r/xAj3/c0NC7GRMZWW3sAB5G8YWQhgBCAwcuWT9j4CgN8jVLF2a4SSER86u2ki01bKtHzFzjw2pPjBgxsXBK5zT8J4EU1bda6IyTOgV9EJzItjfF86oXOj8lpxDWRKsCxWwp6OZq5yJfPEVUUUiaWbjTd8GH59kPUup+/9zaML78SlX24YPYDYv0ul+cAvAARIiuCnrRlzUplBerb7D3rfxGQ4oey/uo+6BPFXsbIeanJR5jqYim0n9QUsJ3VyxmKFsChoq9C522QpCY8ejmeNytmJHNJ072eWHGCtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+EM26EnPCs5Roie9oKdlwLvjh5KOD+Lp700ADYNBCxg=; b=fTTBfOBMAQk5JxHqM+IrNJBDrrmKajWNKmCkM84JCQ+4f4igTBIHeB7WmM0YO22JR0wjKwBNl2sL8/m0volJm5P3UMePetZKxg65CzlaN5aX6Gdpfus5KtKnq/tqQETMqTq9DQjENBLmSa+Svjbp+37YGuLQ8V3WuGJDBKJs4H7pGoS/fViWvAgteEuIdDW9UGffHVWmzLJW+l4mj47vU93mEx7tnkOBfKWPKA+IWEv4OkLnDQpDXS111+PwV5Q/dfbnS28utHdTrcsU50/3i6Qb9jn5Qk2dz1nMXzjOlmJJeHLT2Wmjx7IIwtXtWT1lAE95Xq/Lmia1Lxe4pGz/IA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:32 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:31 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 02/16] deb-dl-dir: export without root privileges Date: Fri, 27 Feb 2026 15:57:02 +0100 Message-ID: <20260227145716.3794146-3-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: a135d6a4-b62b-4e29-e182-08de76108882 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: ogxBr8Ip8/BGhC9OJBN4LWF4OZO1AH/sZqjkZOZb9QL7QvcukIxHYkixYGYaBqnUNiavi+u8vxttPPiiQ/D3UvIfNNlGuXDIGgoFFQLYG84gIkQCgmuVEKiXYzJW9wHWr4wkqEHrLqOIO5bWyiQymAChLmdzVRjQ3BpBPdRAQEgx0KhE4pT7WhywAJLSVAZbfCnM3JqXh5JPKEYz/Y7kEKwnK6UuPgr3Q1WlXJZujrkF7qQXBn9YcR6g2JwXEcDvBcve2W+rMMC93GwW1InuajAZXYumvd4FcutjVO4Ef7Eis7VFPBIQjxNOQfsSI0nTLSIBV+tqwYBxskmiksNrwUOc+4ptHXIkUtJ6bMdxP3QI0TKZBb+Rz9Wy4D5fAQ1evD6jeyS+7OidFMylAmnGXrec9OYVVNbk59Mtu6D+95UhIFgxDAXjva5fyStaPMsppR2nhHgugxdHpcN94tBlFz8Ha+8ujZ4/2qU+Sk33X25MqW4c3+XTPVMGoLjD4ioJwvBE2HWnxDsuM/hLdzdclvUZAeNl/VblKeIUpP87/SOG8ZyFavqzpiONOHCBclA5N1bSBu32qvzSPowfiCmkezqGGcePx8WBfvEt/C1czRuTCuSq2GJae03btebfiA+iwZa0PkLMTEO/Gu6GtnY/vKnesvYyG/dN+XNksQOr5p3CzskZaO+JplaIPJtN3ChDQud99+Kcetb1CIxXfwF/mPRXb29FWgAY3N5eLNA5a9o= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: GzcpC4XqH6+pVkngZibtk7I/n49ZVAXN1jRJpQd8AvOrz1ildGLACxE4ItsTIMqvtuFkDix0c4fbkNrDJyp/HJB5IAerEXYN7eKkki3mjVA9SgicrA3TcmL9QyeWaK8nGQqndnkSiyIjQzJl0QDsqu1po0bDtZg47jNZJsVQ8rQC7/AdfeWKSw6UEFgHQGtHocdNwr6HdH849VvIJcuoZkW+wjwfTodOitzZGxm0D+CQu8ici4joZcvXGYLBIy9ZlyuWMtD9YigiOTuA11TnD+XoC1ajbDugf05CBwSIXxUuzDVfY5GxNxERCHHJZzX4LvqfJArGR6KeBeqpmsnp1VwHuQR7yJLQW+pGT1vl+01+Y49kt7Ls2bbGcq+aZs+JzbBgUgQYRn7vGEJhDeWejhz5Z0w4SAtI6H/vvCvjVykApa7ox5NLRedbG17CRySAJnyIpZwMj6MU2aVy/6ENoTy59vSFAwQe6rLsTks5A4VQD4H3b43DPO3iuJbk927qzos9T1Q4R6ozYvxcpgBOSHO8N+nxCu8cKLYWl9qGhNMhH1M0o879yQNwucWOF67xfXlD99m5uRvv8ESrY0aQKwjLzd/jAPNtFCm+q1NJpTJVn8C5h00X4zbEYi3p/bl6I8Z9yZ0HwYXzhyDT+BW/yOsbLStXvqe2UHDFJg+VL46LEycX172RCleLK61aKQU/XBf7hHlFeYeZoBKgrJfwwmmKnsYXUgLOYiMgSYjv+KU7caeShdeKuec18fz6sn19l47PIDOMbtVvgmovTc8IKoxTDd9fR/zEgaLhNKcBNmnSljqLRRKSIzdtZg/I+NTg277LhYSAbxXATDcMTdp2/ALjuZGtmuNy1IWcTsNhfBChcXZKvFzSCDZ1wXqUi01iMcUdYhTo9d40nNZK8cNFgkPeqnK8Nz+9vPFQeaNfqo7yZkzwN04Db2WDFybyJgz+FHQ6Xk05jMlxJU9jKn4l8r7sUdlA3cK3UY5AHSHMHZOLIl3th3+tSUn7pnvBFIC398wNFBx+NiRLF4cbp2cNIpKY/YfHxzijqFaltBa6EOwkkWHZkfU1+/hFQ5fyMtyQawfXcaJPyrPR5aVUZ3itE9Egx01Y3xWchvaLY+kNsOIAf2EfYp7Y07auNfobXSVgQMLivEvmJY/oXxfaC3Vgs1MVIVcOsU0cRrmThd5qBWqJVnvSw8fWpq//WUzKZdKwBYyTEEiwOn9xOrkXEA8h3id3ldV5gXqVc6mP3KmBLaUWkB8zGO3KNeqFOqHtYrNMOk1TJoaPAwILQli4FlDA0JLwRQ6tZruLi8Gtwbye8Seut2I/IwB8WDomZneqwSzI4SdVLbh8/D8V35trrD2oXn9Zi79PQn13dGVrx+3UE2WB1W3+vdhv6OuRlkeOUjQC+Nu4ElbNxxSxrssrqi4bTB1S9td33cT22Yowk9CiHILfzRERO+9/gv1VS5pJhe6p7vX1Z1pzDXX9d8ayoWr16FtNxa4wg78zoLxKCAKTkJYlFHZ6NRhA2hYE+xH2XnxkI/fOi/guPQ7VjbWlqomTjgtY/dH7ZoaspW1f7PwS9Zz9SMyt8mL/O9B+uje5XtOa33jvHi9x2Mw5KiTEQYiJCgrycVd66XpreXpFbJr87Vfozy9dR14wf7igICG1T+DsJE+9uD9aubb9zWtFlo16ankUTw5SHJRcFVsvo3o3RQ+GC3PEsXDHIT/YmefwJi3gyUxcw8JmR4elAdopJPIz6DPp1YwRIpl2+nf/h96+FcE+VkKQwuj/mpAM7YhVzt8wN/Y2P67e X-MS-Exchange-AntiSpam-MessageData-1: JFIohxl+SdZ3jZ/VvFKgtyJKRfGFT6yKczM= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: a135d6a4-b62b-4e29-e182-08de76108882 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:31.7705 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: WUw2yUZtIlBboYsF8oudxz6r3KWdFXkFPNyJWzv7txiomNtTV2VlHdva0t4RQC1AZ45GLNbYzLUu8wbizJ8pSaYj3xWD1+AxnZOzDx1BFHY= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ppiHAvDT; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= The archive is world readable, so we can access it without root privileges. By that, the files in the download dir are also owned by the calling user, making the additional chown obsolete. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/deb-dl-dir.bbclass | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 7ebc3526..76c2435f 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -153,7 +153,7 @@ deb_dl_dir_export() { isar_debs="$(${SCRIPTSDIR}/lockrun.py -r -f '${REPO_ISAR_DIR}/isar.lock' -c \ "find '${REPO_ISAR_DIR}/${DISTRO}' -name '*.deb' -print")" - flock "${pc}".lock sudo -Es << 'EOSUDO' + flock "${pc}".lock /bin/bash -s << 'EOF' set -e printenv | grep -q BB_VERBOSE_LOGS && set -x @@ -170,6 +170,5 @@ deb_dl_dir_export() { ln -Pf "${p}" "${pc}" 2>/dev/null || cp -n "${p}" "${pc}" done - chown -R ${owner} "${pc}" -EOSUDO +EOF } From patchwork Fri Feb 27 14:57:03 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4932 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:44 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-yx1-f59.google.com (mail-yx1-f59.google.com [74.125.224.59]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvg0n015381 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:43 +0100 Received: by mail-yx1-f59.google.com with SMTP id 956f58d0204a3-64c9d15b682sf3048790d50.1 for ; Fri, 27 Feb 2026 06:57:43 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204257; cv=pass; d=google.com; s=arc-20240605; b=d2hv/hW8VfgoOpSI1i+nbTvKucYQ8bGRAF6tDdOhN7z9x4ZlIox9NNAkN9ZMQ4rpPF nybcRd+XJo7URTaxS3fSNaZUW5rRbxOG9Yn6q2NHLMGg7uUbRCGSzWqwrREBYv0W/eYB F6b2SfiNUtwaFJqD0XcTo8sB3njiefA0QAo9plki8JXuXC/2ckX6F+PTXtgZiyPTdCop fuWYwzKeAPASCuhDQSBPSAbka4WVd/GkqaBV54YvjBVY2aTRX6DWEw5HF4GkC2TtoPiT Q6e4CqjBNpsoj3lJoKzaNBPWiLyZYz0Tp/31VHB2s4JsrcgpATNKskLUP1qu8OkfFSif fT8w== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=h9fRyNMmt8ot8dbPDng80Nx/kx1BbX82q7soI0P8pgU=; fh=M+8jzu2ITevyqAlGcxEMwVZRFttAFnH3hZFg9QXt2lQ=; b=Ob133aOK7Q3s0nUHBzXvRRg1imvbagYWBXa92tW5AJuWNd+VbppwOXBixY6YObj/G2 Bg4xvsm2Sjp9mm20gPlpFEsg4XlbjEZVvGDkvUniJbeCA04u+R+UQJtcOHcgfV+xTXq8 HBnEWkliwahzcTDC/xqh4mq+ltl9D3i1twfvem73+37ZnxY1drIQXwTl6zl+o4gYJ7E8 cAKVErPklA7Qk8lhEn1FQQbl5G/XP4eRPeRAsYhgZr1C6EJejc3TWJ/p5kWLeUXyYJ8B UfeWCRh6UtSclGwdUqRSKW/56qMMDDZKfegUTlh4lIUMUc1Vbs/I3cjkyS4e1V4pS4vJ 7A0g==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ivBCOT4q; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204257; x=1772809057; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=h9fRyNMmt8ot8dbPDng80Nx/kx1BbX82q7soI0P8pgU=; b=ApMm5hM9pRf+ofa68RUs+i0BI38QkPhwLleYPeouw2hYmRZZfDaIJco2NL7yt1l568 FnIXFsDN4kvLGchoBpATfGBAgOBsWV+Ot2HmfeUp2bg38nV4pU0/i5iTG034dYOkihCG 7HUiiGe0Iiei6MCCGD6s4Skkfc9NY0lCX9kb2YfgnUJFkJb5LLsGhvODe1CWBHzEdyAS AwC+ncK4w71TT7SW+//IZ6LvNlch32DuIGeglFNREaDcdXm74BYawFkg1zQlJMQVKEXs YKMtrfcs4iiMlEip8B8MkN4YoRt7GJSZDZZS1I3UTnE75dUhR+YYi+sMFUQbaJWQM5w+ 7eSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204257; x=1772809057; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=h9fRyNMmt8ot8dbPDng80Nx/kx1BbX82q7soI0P8pgU=; b=oKQHFzotpTAjI9rLjK5XgHe51FlpnT9aTpFn+I+WU949ThhQRzJjtZIDDgy9Mz1T/T 9UOt05nBI/TRJvWBPtXaj8OX0WSrkuTQjfpdnfN/gbXmz8jBi0IqpIyKulKuP7UMelq3 WcpIau6tw+aEuIi17A/FeMD4z8eTAqQ/4ZxeX7rr62weD0D6BJrpjVvtXIgjl757ed4k 7m5HaWS6wRfTjXReG+5WAh+hDYhuU5ZyOOY0E1/7OcOrHtyDwrXjm5Vmn2+fCAzt6BS7 suQB0y4giZX8kAK3K2JbKUZgWvb+9SA+g5OOlkL3E1M2UrBsAIK09KRLh+WMNHTr9V6i hIAg== X-Forwarded-Encrypted: i=3; AJvYcCVdLs/jOpRbJPdc/EmOP4lPkbdLFNR4IWmFpkQmKXQwIFomNjZ++PW1Y6i5udAV8feGG5xZfoQ=@isar-build.org X-Gm-Message-State: AOJu0Yxb1U5eZH903CxJdwX9xMmuCSz2VMgVyUGJwxWmcFxC0NT0RsWV qNlm5mi2Cr81R/9zCWaCdEVr9UXlDvID5D7VhodDd+EeXLENgUq7fOZC X-Received: by 2002:a53:ac9c:0:b0:649:ca5c:5990 with SMTP id 956f58d0204a3-64cc22cca00mr2627237d50.66.1772204257242; Fri, 27 Feb 2026 06:57:37 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+HDJsYVKUseRaW47dzlj+sSeMHVbZkf8ZcI10J19tMojQ==" Received: by 2002:a05:690e:206:b0:647:27b0:1aa2 with SMTP id 956f58d0204a3-64caaa00932ls2737883d50.3.-pod-prod-02-us; Fri, 27 Feb 2026 06:57:36 -0800 (PST) X-Received: by 2002:a05:690c:3587:b0:796:4004:d1d5 with SMTP id 00721157ae682-79885609102mr27132677b3.59.1772204256044; Fri, 27 Feb 2026 06:57:36 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204256; cv=pass; d=google.com; s=arc-20240605; b=JLfV3X8UisRVoJ6cBzKqLb4PbZmoR/kbx7X0k+7N8lSlrWOdXmqM2TotzrhixukW4J yYXGZPxuNoghm5YYzq1edgguP+R7DcgvgGtPbxMwOesu0Wedj4pEjIS2QuvsLhuhMzC/ 4niy6n3Dcf3z3SHIwyD9pQ0kPy2qI+ESg9tptlgsMkEmSw0aBTjU6AxtTRGjGiz6AI/L Z/YqY2NTCfeJ7ZCuhFcNjUN6iDxaK2S6JRLXWk5DPr/0Au8OkV2cW9yLmHToQZQvTkFb MDALlESl2U4/BXLOLfn4pckMIQ3xCD/mg4Qtqa5rRPivzAoCyWPXYRQEZW34iMuz4Nkm VeFg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=GqQU2w+tRzwxjZYZLgu6kLTLMy8MCfkauH7kZqvNfLI=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=WGJJK6LVHuVNFhsqlF0aJggUQpBCdERyZvSFSxYX3PxxLHgSnCXhjI0YXyf+22uF82 5hEcmL3ObAIPUb3h7pnWsbLaNYZ3T20gUGHzqjriaZwcnhXA5ObYcRWmkeZNw46rXWks 3ch4zObZeLiCqEiFn/vj52iCK8cxeyQDceX2Gn53h+bJSqX73VCznn7L/W1MDRa4jVg/ Qe9yRb7SzkFNlIezeRnGFe6YYmf26iuHt+WeXUb1aC3rvV1Snzt79P+wO7UT0A8cC1bw mB6mdlJEtg77hT6YV43rGWeutZ8Uott6TALpojU7A61oRNQtUY4A/anFgLa55DwypEDT gE9w==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ivBCOT4q; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id 00721157ae682-79876c4014bsi1762647b3.7.2026.02.27.06.57.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:36 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=W23qdm2jM5ZcjLp2NJ9ERQcYCXSBK3VyL2wOLeufsfqr/dL7a0jFs4xoGy9UK+UdmE+fo7mmscjVaATqouuKooYqN6vWWQ2V0ihcRXEU2VhOgbDkYvwgwbMwgmSNMKMo/v3jkMwj50n+yhNT0t6zqHoxgut0miCxZ+Q5gfWajh4gFbao6h5rjfJf5SiCjFJmZwVUaLTQOZPrqvrzDG/YBQfI81f6qUn+xlfPVBZL24xNqngJ5xx6d11vHPV++mgQGfzg/cFIVuJb9XUGq7AaxzJL9qlOzqTlRgceka1FnMtrmbY/9ur3rayA+zuhYJozPQ1HQWWRY8GpZxiErjm3eQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GqQU2w+tRzwxjZYZLgu6kLTLMy8MCfkauH7kZqvNfLI=; b=w4d5DOB/eF5+/UlplgWXMS1RyZmXrxbuYm1qzEF0TAnOycdMbCkx/RIubimHUL0g8pthGz6Nzvh3Oo/oreExjbR6Z53azmAvjrjIgfOmN4k/9c68fjZsRrvhR4KjmzLNNXS6vsuyIvSCcPgYAHbc3nk2R1H3H5oPjIWW03OnHE4C0uVon4P3ZDAwqmGKRUuwbsNgdU6VTN6GIwKY12+s1UjJ10wV8p9yZ/kcUBAkmKkTpT2cxBO8RZUEWJmKExdZYOnXBEonaOpt0O6NrI0F4NgWqUuBCcHBLmFvQWzgoHCJ+iDGe1CdaOOp+FIKkZeCqgrqDtPQ1sBAqzGNK/+WbQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:32 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:32 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 03/16] download debs without locking Date: Fri, 27 Feb 2026 15:57:03 +0100 Message-ID: <20260227145716.3794146-4-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: 0b8019ef-3796-454f-b436-08de761088f0 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: SvDAGBh+4Lg3KWyOS7U5a9cVIXBlnAmGC1IpPuKiEJsjOxAqfzTk/sPv5vMwSwRkfWzTCU3M7M8lxW6G6jbdsvSerUVKrxeQsmi7YHYzYJKpk47cDSrlx9aJfjoIdtw11IPd2rDp27Nj+R+Y4axWYrDv9qy9AP66okYLfK+Rw45pRmipD8blEFmLpzIG9EIRpqmlg30YIujbcmJjsO1HEBNHtf6C/S/HWa+G1PtdCtQPlsVoiAh5YsyIL4hOXwW3Wt7UsGeEfFFgFjs/3UandxsdU+fUcEVNaoMe7an4EtDbNdC2KVDkneiQPPt/fKjBOzdUtD4T1B5jmZLT6mLEANbIEAzVOBzd7sWDsyusG4bSUJdb6SYDLQcHJhPrHlgmPN/yRt4nyu/W4DwDLsRvzWtcWlzQcOFACTPrbODR5bxqbKCv93BO26C7AxFlG5AmTdNXY2hko18yFRNveknoLK61OjezDwbii+VWDyNRr79bfUpLxIMOwOe7LEVzsaCWonJw6zhrxrHIrA5X+gIqvU5KAeCz7RZbr9voayunYqxSsrLiuw4VdNQilijnNmfL8qBt/OqOrjj8PFLJ/x5ZxZE/s+QV8zATkJH2mKQC+qJ6f1/snV9STHKNtgPoAZiDkMqYA0xL97r+4yAMWsT/jMVwxFbmnbI/IYK4kDSYisN6xsWrrAkOtF2NBXl+ok/je88ogNaY5rhphtSFKLz/c9fHd2zMVqs0lv0mK1sxz0k= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: zBdupUNG52YpcJVbaGOqgFUsT1U0k1sC3zJIX5boYSL8ZbYRI1Six6sbu9HP6jyoKrsu2U/0KQd6KHZLnZ4omeR9DEw9iBepZOXbEmi+sXekjZSTiQUZP6yOTGKZeuwSqYvujz1UTDVGcNkjze/a+ErPDvhmT/+5U99DTQDhlzTztrGaK4RS3md5vclowDF1ysw8pADxfOhiDlPAPb+xPfxF+v92oco4erTp1g3gtrMDweTttFs3woiu8yFEkHqh6TKda8wOVLzKCgxzKVYdHSKA2pQSR2M1Zzs1wNBo3vAzNqSncngeQCdUkYI3O+3NzeE75OaasGppX1okJYfzkOsQ5nBfo66jhKA+QFBNH1NcKPTM9hWG8TY0e2DSll7XFMX4TamZt91DQ3joij4a3Op9xMWYUCebt8AuLFrs6HivSkvLlPAGJ8oVLLCogVnB/vp78ZLpu3n3z37vT1y0SSVDd2qYUvcVIj+Jx3+qQobvnWEkwBvc3k7DvK72TUZlmcCapMcM5A7DKnEm0hPgXDDCGv3lxCkXkh5JnGnizPUem7i4fG6nG3jOMv7VVHdw9a9brKSEmtYqzaagV1+KWV5d3V747NTYjehOj3s4Zmw/UcNnZhVWu0zQqkHCe9uRYcwEHAswVQo5kcrAkB163x3WeLE+OUOY9R8A8ARcy3pJy2ic5vbOw+I7Hc5j+Xoe/HjY2JZykkeM7BakvpnCyLzdXgeo9LAwPjplKtxZYbEoXoZfRepfNa2FX8tqpXXx6GLBecyEm6SI1Z7gofvWjrAOANPMdHRDj6n3ABBldpDybT6skxyF9LiisIFJ5Xp+Rm5spjLrtxdI0jv1cVvB8yXfg+D+fHGscEHZ4ElYjPA2HEiKY1+8syOdfi8VkRBw5GrAnmqX8zHEfoqY+Q1/h9Nhv1DgNnJ3Pmiv9PPm9RQXEKHhi26CHdABTPAW2lnNQjIEBplLevCmG3/5rZo2dmPjjiCX5TvuQ9N7wVrRwL7xWpZeU7XDK/8m4ro+pRegspvuQV+N2sO/6FcwCTbxUFUFY1sHgxh9FkvO17G5QwB4nOJvGVtzI7wKoT7HiO0wFt4HSH8eUoHmhPYnoe1jClG+y15GIfoghyqS0XsSPbFxOiYTPbRga+4oxp6HCJQhwh7LlozSbygz5SuAYNi8iSrXHavEKdGB/5Yp20cXY++YvcwAxPJGsxjex7YJVD67jnC7jgTFLkGKX7pJI4Tj9f9Yy82/whNsBrtppMhU0A5z87p1/ZcY7IpB3iMbcVE4i/unmCA5LvSyHNVQWy4lSJn3i71uQwnpVdCBanM5ARg90mA0YzQTgH7/rXViJd2bpJ/L09+9SNh7ED04GpKEWWRTLk98txmGUl7TBvtMQNE5uJwooATkIkl0kxaweJeRQXsVeYiOMBeavCuCdXsZGmX4wYMxCbzK87vSRBiigfdRPBfZtHZx3UQHMy2txV+GEq0ak1HeUuLzrv9Poh+TNvQyBqCfVxmjdhlMi3B9qEVw5sVQw5NODF4B5qocVO+X19juvEudkeNWAhYW507LvRDmUtVXSIY0FtBzQzF8EaZPL1H2/H2L1kp+Lail/jtYLDHdF+TuJxhJX9qGJt50NfOR2uGudV2ZfcXQOujdtygTOuLSYEYqRG5SvpS3KSt2zgJHuvoYFIauz4M1obtw5P343Bqm+AETDmbp9hyHjAq+cSf3U2SYJ6bAo8c3kJO9QN89Xrk7F9m5oAKk+sOS3+P68ve7FbZyTIfZ1eLd9xDcEKq4rqGHsoksszy43vBoATsn+YbQ X-MS-Exchange-AntiSpam-MessageData-1: E4aX+L69YZag6TtUt7xPgr/4L2sHAI1kisI= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0b8019ef-3796-454f-b436-08de761088f0 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:32.4135 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: v7OQTL9EKsA+bR35IfoKdc2i9Jr+4/oR+TeRfHpoDhTDm2MF7YcagTVJbNkjtkpZnL9ZhQjR4itxNFcL69IMlo24EnpHk+zZTuZRiYZiLQg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=ivBCOT4q; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= As we are only downloading and we are the only one acting on the rootfs, it is safe to not lock the apt cache. By that, we can avoid complex file ownerships in the tree. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/deb-dl-dir.bbclass | 2 +- meta/classes-recipe/dpkg-source.bbclass | 2 +- meta/classes-recipe/image-locales-extension.bbclass | 2 +- meta/classes-recipe/image-tools-extension.bbclass | 3 ++- meta/classes-recipe/rootfs.bbclass | 10 +--------- meta/lib/aptsrc_fetcher.py | 2 +- 6 files changed, 7 insertions(+), 14 deletions(-) diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 76c2435f..6675d48d 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -80,6 +80,7 @@ debsrc_download() { --chdir "/deb-src/${rootfs_distro}/${src}" \ -- \ apt-get -o APT::Architecture=${DISTRO_ARCH} \ + -oDebug::NoLocking=1 \ -o Dir="${rootfs}" -y --download-only \ --only-source source "${src}=${version}" \ || echo "${src} ${version}" >> ${missing} @@ -121,7 +122,6 @@ deb_dl_dir_import() { # let our unprivileged user place downloaded packages in /var/cache/apt/archives/ sudo -Es << ' EOSUDO' mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ - touch "${rootfs}"/var/cache/apt/archives/lock chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ EOSUDO diff --git a/meta/classes-recipe/dpkg-source.bbclass b/meta/classes-recipe/dpkg-source.bbclass index 1227da36..d0809477 100644 --- a/meta/classes-recipe/dpkg-source.bbclass +++ b/meta/classes-recipe/dpkg-source.bbclass @@ -77,7 +77,7 @@ do_fetch_common_source() { schroot -r -c ${session_id} -d / -- \ sh -c ' cd /work - apt-get -y --download-only --only-source -o Acquire::Source-Symlinks="false" source ${DEBIAN_SOURCE}' + apt-get -y --download-only --only-source -o Debug::NoLocking=1 -o Acquire::Source-Symlinks="false" source ${DEBIAN_SOURCE}' schroot -e -c ${session_id} remove_mounts diff --git a/meta/classes-recipe/image-locales-extension.bbclass b/meta/classes-recipe/image-locales-extension.bbclass index b6b07dba..9bff36ff 100644 --- a/meta/classes-recipe/image-locales-extension.bbclass +++ b/meta/classes-recipe/image-locales-extension.bbclass @@ -30,7 +30,7 @@ image_install_localepurge_download[weight] = "40" image_install_localepurge_download[network] = "${TASK_USE_NETWORK_AND_SUDO}" image_install_localepurge_download() { sudo -E chroot '${ROOTFSDIR}' \ - /usr/bin/apt-get ${ROOTFS_APT_ARGS} --download-only localepurge + /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only localepurge } ROOTFS_INSTALL_COMMAND += "image_install_localepurge_install" diff --git a/meta/classes-recipe/image-tools-extension.bbclass b/meta/classes-recipe/image-tools-extension.bbclass index b0f25a69..e88557f6 100644 --- a/meta/classes-recipe/image-tools-extension.bbclass +++ b/meta/classes-recipe/image-tools-extension.bbclass @@ -54,7 +54,8 @@ imager_run() { apt-get update \ -o Dir::Etc::SourceList='sources.list.d/isar-apt.list' \ -o Dir::Etc::SourceParts='-' \ - -o APT::Get::List-Cleanup='0' + -o APT::Get::List-Cleanup='0' \ + -o Debug::NoLocking=1 apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y \ --allow-unauthenticated --allow-downgrades --download-only install \ ${local_install}" diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index b04bd154..a4e1df4f 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -340,18 +340,10 @@ rootfs_install_pkgs_download[progress] = "custom:rootfs_progress.PkgsDownloadPro rootfs_install_pkgs_download[isar-apt-lock] = "release-after" rootfs_install_pkgs_download[network] = "${TASK_USE_NETWORK}" rootfs_install_pkgs_download() { - mkdir -p "${WORKDIR}/dpkg" - - # Use our own dpkg lock files rather than those in the rootfs since we are not root - # (this is safe as there are no concurrent apt/dpkg operations for that rootfs) - touch "${WORKDIR}/dpkg/lock" "${WORKDIR}/dpkg/lock-frontend" - # download packages using apt in a non-privileged namespace rootfs_cmd --bind "${ROOTFSDIR}/var/cache/apt/archives" /var/cache/apt/archives \ - --bind "${WORKDIR}/dpkg/lock" /var/lib/dpkg/lock \ - --bind "${WORKDIR}/dpkg/lock-frontend" /var/lib/dpkg/lock-frontend \ ${ROOTFSDIR} \ - -- /usr/bin/apt-get ${ROOTFS_APT_ARGS} --download-only ${ROOTFS_PACKAGES} + -- /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only ${ROOTFS_PACKAGES} } ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT ??= "" diff --git a/meta/lib/aptsrc_fetcher.py b/meta/lib/aptsrc_fetcher.py index 041f5445..dfa784a9 100644 --- a/meta/lib/aptsrc_fetcher.py +++ b/meta/lib/aptsrc_fetcher.py @@ -41,7 +41,7 @@ class AptSrc(FetchMethod): set -e mkdir -p /downloads/{ud.localfile} cd /downloads/{ud.localfile} - apt-get -y --download-only --only-source source {ud.src_package} + apt-get -y -oDebug::NoLocking=1 --download-only --only-source source {ud.src_package} ' ''', d) except (OSError, FetchError): From patchwork Fri Feb 27 14:57:04 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4936 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:49 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-qt1-f190.google.com (mail-qt1-f190.google.com [209.85.160.190]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvk57015471 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:47 +0100 Received: by mail-qt1-f190.google.com with SMTP id d75a77b69052e-506bf83258bsf207927861cf.3 for ; Fri, 27 Feb 2026 06:57:47 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204260; cv=pass; d=google.com; s=arc-20240605; b=NJWMplZZQzu+ZSEpGAWSYHqgvHX4Xt/4oE376Qok5w3KVsCO4bKKc55Yxk+5VAwnAo j3HBMN1AIGtovTYGOS2QqFrbcsZRmkMBTgDTtc1hWw/YAjIJMCW9JCiOlBAJy3TsU4uX PqWRzCrDUiUvN7zeiroIy0PLWeYD9Y//F5VY8NPBIV55Xct1hpKDePfEcFGiiz59tk88 LtRjkewmTP4yAWhH9Lnis6QWPcVrQYjCU9pQFc7/vTse9sUruGmm9bGw4+nB7K62xLnJ P4f4QT9MO1L4kYoiUD/9Au6unazW1AWx/dwNoQ+QT+loNRfHwPnUZGOvmPZDmeijFB4i 3big== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=LbYeO0Cq0ueazly1tCWOz+ce5Txb6HcIMgIvkKkXDBI=; fh=zABQYJkBn7+HxXezqtOyBBK77cfzZxM5UbvEFSj6zt8=; b=QX107q3ROYzIWB65XbHihPgFV0wKSJ+u8A2swznzcOmU702y/cxaJ8ABGfptIw0rMk AYggI7BP+Jz6FBMt7yzLM/eElGc37u8h+yMt+kR6VJyG5a4qZCmKwDQRVG/WEG4W2ll+ w92UWtxQMZynzRYILPppwZNvLbaX/k4G1qJ8oz54QbTjSpGkRntZ9v8oVdBQ/D3UJ03B nsSSoA2BxOQKzhaVFJe9oHkK8ErG2/tRnZ3xg132dfyVhTE90Mob2K0UmJiweX1R+koe zZkqf4RmT7U7bN02+chLBzqVBzkeyE+VhVwzERI8YCF/eHg3inKh+R98Fpdzvhlf0ACX pT6A==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=QWB+zqLV; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204260; x=1772809060; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=LbYeO0Cq0ueazly1tCWOz+ce5Txb6HcIMgIvkKkXDBI=; b=mVlcI+wWD3+ocY7KJnBILONMj0zu3VcPn0FBee6l1eoUvHVLJLgYHFDTKCwu7mi63J W1RFFd2ciljhNpbMvEwD7s9LXiwmWOeRKzQsFMaSZaDta4WAjm4cya/xDDJPg3Xodl0T W02OPjF7R1id0k2SJp0CF+Z23EeNXPIohR12HSoHLPHMDST/UyzJGJ+X7bw2PkiAqp2U Cl82hzRghPej9EwSQUi6cYAt5FC5RlE6o2l8xAPGThtY4meIkaLLACXhVoIvfGA9MJop KTW8xipZzzfFkRuj66hiG7EuQEkLyUceIAsb/G1l2Oq+25ZBG6w8C0zlPhlTMWjqE40R VT5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204260; x=1772809060; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LbYeO0Cq0ueazly1tCWOz+ce5Txb6HcIMgIvkKkXDBI=; b=N/tU4piYNmfbbyUTx/VjYBRq63aXmGZ/nA8MySG3OuHNDphncSHMTM39X1m20K4JfQ J3Sps/fI8WAwRv8fVRmBa+rX4IU1ctIy+kHD2T0oSKfL8tFjHLwPC7Ol7DPmLqcmL3xz tBRSrSIKQ07blOBwpwLIKQU3WOr4JvlQApcHcB4/tXtGtUPJtrysGgx8VnFPmHGSaWcz bvseT3Y1DQ0l9I8NDAWHC6Ohvm2pVXrWlBYGkSV1pVmBL2pSu3Vm8h9RpmY2cg063v+k yYtPnhlnDsEa1q+useJBEVUbjRHuuC1qsu97QGQzNpLYrFVgBnn/uL9whcOMLQNnvI7N 4GBw== X-Forwarded-Encrypted: i=3; AJvYcCUOxAhRHTZCxSDGWr1UjxqXR08YfwYJI5gSUFGE9RzA+sGm6ycvQQw2nU4dwLXsuoHb3qqwOPk=@isar-build.org X-Gm-Message-State: AOJu0YyMsRcTLTfDEKXv6LaRrJYR1hjp3CCXC8yDLzXgxdzplxROIgx2 tHtEFtwgomoVAf96PYGh9jPEboKZuRhPDK0oZRmoiiSGeshxqBiZbF19 X-Received: by 2002:a05:622a:30e:b0:4ff:c04c:3d75 with SMTP id d75a77b69052e-507527cc0a7mr33010711cf.43.1772204259784; Fri, 27 Feb 2026 06:57:39 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+GhovWZZcR89YthLnk5O9ohQcj468G7S1Cb8qK0+hNRDw==" Received: by 2002:a05:622a:15c2:b0:503:3af0:4231 with SMTP id d75a77b69052e-5073bc2295dls61206881cf.1.-pod-prod-02-us; Fri, 27 Feb 2026 06:57:38 -0800 (PST) X-Received: by 2002:a05:622a:2d2:b0:505:ec73:822f with SMTP id d75a77b69052e-5075287bb15mr38564191cf.70.1772204258168; Fri, 27 Feb 2026 06:57:38 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204258; cv=pass; d=google.com; s=arc-20240605; b=VEayn2D7zGs6LVmlujiwz1ZmH9WfcAzRHq39n2FhcE4kxhsiOzdPBK8Z7Obhw3qLcS DuRpscOqWPa1zS1Pib0V/lTFzZde6M7Th27MknNr2hiEYJoqFWD8amGiZlF/n8MxjdQQ f77UEJPxBqikTG/PYVrUzRzKEwyWgL+IAZVnNXf3JFkw2GTy+pWIeodos0rhasOC8ZZ0 gxCvkCLYRIJhvuPq3SShPhvOg9CmXmwhQ5uGkqbOSBt7PzOA7Chixg0c6qOQ9LqV0be5 tY1xOTKAtRCNH/AEJZ5bPAba0qAKfQmiFB+IIuH2EQ7ds5czrgx+q8etL6VTzPTfecT7 eRUg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=99qa2XIzMrozR303i7ROwhOct4S50c4eOducuRFqLZ4=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=EvXzvxHwOH0i553F37Isz9cJzTTkeBAMUUnRfClqDYTceHZpFMVMuGQoDToG+ovOXl vobWpRO8t2W7d1t3/df3bG5oUhgLTXoCcDQ1MTODre8ffyxCIgrToScZbutJLDXfb1gE l+b/575OykNmuvwMsQqqHL03EJErCy8brikTiXGWSdcwKfrrisZGoUwvZwixH0xsMt6G 23PqNujemXZoV+j93m2tEsujvvwfSyu3kUjNUUy60oswjXNTeqUyVEdRoNI5tW1H0BAq OEN0ylK1qQpnESzr9p0vuyaBdb/q2oMAm9o48BDMso+N537pCzrWZ3GXWtRBZDdguM8t gAfg==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=QWB+zqLV; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id d75a77b69052e-50744aa1c73si2131551cf.6.2026.02.27.06.57.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:38 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=sdLrLgzCsFNpzIStMFN/34kl1UFGGMRMtvUfZAryG8mr6oT2IFx3cN65q5IJKODZj+05mtvBFqxmIz22cWGWmVCpvsindQR3o5FHPEfoXP6JkK71x6ck2WtWSDwhAwQxELSfp90v5d5O33Y4xvhS7l3yP6xOknUNb6V543gxOLzvLuC86bouyQO266dFMSUmO0emHZbm4P6RE0Xt6yCI4A2UiLzXuqooB1/K9kqwlE3w3rMZqO96VEKkuiKpKuECooGsrPZd2piJIaA4ieczOnUgz4nvClkET/RA/pS/yT8Js57/Sa5nP1/6jCo1VKHOnN6woiTJs+f6ynYobZkAHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=99qa2XIzMrozR303i7ROwhOct4S50c4eOducuRFqLZ4=; b=QxkHLHw8AhdW823hF/lBLRZRxCseldfZvgxyx/YuzGh5imQlah17NNj/x1Fb9aogxl33Sd6ebLYnxqlAQEm4hcqqLu8j3OtYqRKTEz7EM5hk42Y5BPC2kqNmlmB2TpEEQJ3KSJ9jVOEznKsS9QXy/OXqFNQq9LSsJj4mCAjmA9CktwnGy7/Jp8SaJtAXJkwszV8kvSY06q34dotTz7RulJZ/yJGrc6ugzUhQUACHlNrHkuUub5lVw9a7X+FXJwUoItalxQ/Pusle3ppXk1Ef0je995JqE/eTBuxTgPmFWQ7oGfsWQvd6QHss121nWELttGKZeLRi1ySz7T4a2QxZ2g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:33 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:33 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 04/16] introduce wrappers for privileged execution Date: Fri, 27 Feb 2026 15:57:04 +0100 Message-ID: <20260227145716.3794146-5-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: 0fa362e1-26b9-4630-59ed-08de76108960 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: /sHOEhoUkilb8nB5siidD68+hyWp9T1DUydRIXLJrfJe94lRml7Yl/84WFNMBotAaXNu7r3+YnR2GLFE4O5N5Az3bkP1CeTAEOSR2m9iSMFJOUBKvaFS0QU5wLew7Hfy8P29QncWrcEObTb39C6Hx8Ez19Smu9NK4vnkHzgqcl6bI3DSqcDH076m9kbKRiGppdr8ZTEwWLZ8Q37H5adxsGDW/Kod9JqPSberhg6FQW+6qEDis0QU1raDJOc5xnMAZYlN7+7JpBkIl43rqHbggXP0gyzY6BxCJ2XpWwjlLeEbcegpO81yQOTyiajZf2tE2bOGfaZ5xkT9PHEsDfNoaOU705Oz1tFZgcfG2ejZGob5VSwlHekpjQixhYULeLjaBWvW5m9ojimrEWsjAvB09muSjR2krqwEiCSPogWHsez6Rb1wxImoA1rskuCEKKn91qU0y43wmg453XiCIIvMac7lefgezKOsOEl3GeRoNdCO/Do5bq6tyhLtLPVa4tS4bPNkDhCb6PTbEP0AhDQl96qXzaXwRVDQysW1CvkjRRr4eBgGTPbb6Xu4rKheyOplATi3Xa+daT+vDoZpiUAv2ReISadfwjd871FM81Lt3s1n0StNcVtS8MlrxSVIhaSr7TxgXQXcrDyAIaDbUXDabGqVC8g8yxZ8IQhPatS5+nj7f1G2CxxdUvu1kdA9e+FdNYVPdBf3si7oBbNOKIJuYyUgMefyP2XpyXb3+iX8eOA= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: yaoACGdXtuZyp1JTBZ1KcBlm8YSW7D0JUKgZDD5FjM/5qFcyoOsUkZWIspbcABPv49somYPCYKj+ncg6WnvW1FOtIU1PAtwAxDtPA7SZk9o/DvBvi/au6QvwHjxq5lRdAzndqunqYcgo8D5Q68w388rPtHDNnpYmgWldFiQO9GfmZEKAFKurz6jHAx7nvgX4/dMVTI8CUdv44B6WFlNMLX4Gz3aHH5Vx+fScxvErPfaCWESygLJ2IdU5OzB788GJ5wpyf5Fgap42eAmzq1cC8Y3Ue8HQvMLKQuXEqAspX0fmxZ7eo2MphiXJsXc4HJUzMJBQgksVbxCBjxmgSaNsNbOtAQJe4vQd3+7aXHLE2fmtrjeH3aCtFW0kQI7cLaI7LdjAL4PtYLDZ4bJBjtxqwgpLR+Gj37mMzS1pEJlufHPdPVZrMJTiZYC7w13PxLIMlhSy//9cRZ1WW8S3XeEqYYMsLSypBdG1iR8LpJLf9ojekFqTqQXhL+AMlP7dcxKA8iJPAXCIY0ht/nbgPrF8rLMww//LHNx6LbO1JE2Hlt/eq8ZVlB1QOWLRHLr0GSWGRbbNbO+Efh+rlqakKWtC267h3vbaowgoIaCBQfI7nkJ2o1q/stqHc3z8KnxxpdOkKCyjsjVCdhm88uNYpgz0LAZLoazYE/wYVQky5b9HTBgz6K7QUAyrmta9JSQAl/+WwUyNuZ4zr80v0vJ/SRBGvYhAQepFxajHIwPMDwoTPWO6sU+UAJnAiHsD50zs9OJ+3/stDl5znkTi7D0qps16GLYpgDJcUPBecXXNvlNTqcLqi20FFjC80QbbXYfGDOtc4RZZlB4le+rw4F+77MIv3BYamMtGs7xyiTqBMo9LUnJY7NSuQOV2YJzlBH375XXY2xlkGBvkUP0DQtw5VbuVlxuUfD00nI7k+kZ3E2WJSSaug+UvRQJGcuZ8CsBYGhfLopSyutBkgRfb5fBwig5JTpwvFm+tCvmKTtxEonPIN3d2uMDPOH6xSC02XkT020DmawIGJdNkjxtfRJK5KQxBh1z6C4XZaTHPXSU+vYiQdYWMqf+TBqq39yGUw+wPrA2MNPQZK9K9W9ISOfEeSdOAWQ49krM7RUaw1EzpwXTbSEycZ5cOX8T3L7yCSaXRhBEpNLRYfea0lTDOOKzou69QFP0OkkNmkbTe72UCOuXYCda2xDWyEKkYzFDkbKdd3QViYY2ERWfiFz7/I5AbSvo19zv0vWZXAI4Qec1wi6o/EiF/PxbNqIC09HLwTL9yoHTWW9v3v8sMbY92X73BNCRiAkckuAvuPm6q6ZKAFpE4T6gg0R4fGZuVP24bi3jXmLiEaiChvVGl9j7uzgdMZLjcKNXBdZ5O/QC8H6tUFr4AwGq+YlT762X1MsQYfXwa8P6I67/qy2iuh47DGjtiEcskoMc45e5OcbYQKy0utn4GV41ykhz2expgXV/u3RIxTm7jbtibxtd+oFph5fYvysOykTUjOQ08ixic9U1gcE3ycdLmL/TEnVvIogn2hvOifF2nATHI2ZIRAXPPY+ulhOgiIG5zf3Qz5ZooyYBRYfvUgofF6s0/zAZb/J3S460CfmUExmIlVEfsyUmdGFSntAon1jHzj8iSnYim58gpPXvIT+XAzwIaKAzHKvBxeeSin9kDdBs2yvcMU8K8hjJ2B2ksSBcVotLRn8z0NikjyrFJCkeBzMDDTPrga++M+zDlqaZbmAwMixfCHJHYPVl3JzL0mu7igG9+okZmI3wUfLVNov/i/5G+nf1mEq6NWTlR7j7peGM0rBpH X-MS-Exchange-AntiSpam-MessageData-1: 1XyzcI+hHfvbj2hSG9xW9jksqRpLrt4/zrw= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0fa362e1-26b9-4630-59ed-08de76108960 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:33.2002 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: C05Uctww6Ym4FT9teM9g/AXzG4N7M0Q8OzT/7aM6fuT8w5h3lF7g9J1MyCHsS8e0TYxiGzMVQ6hXxKk2ogbF6A+39PD+1DzM0nS7ssxFR4U= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=QWB+zqLV; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-2.2 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_PSBL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= As a preparation to enable rootless builds, we introduce wrappers for common cases of privileged command execution. The wrappers are defined in the base class where later on the executor dispatching will be implemented as well. The wrappers are introduced throughout the whole codebase and downstream layers are also encouraged to use them to increase compatibility with upcoming API changes. Signed-off-by: Felix Moessbauer --- RECIPE-API-CHANGELOG.md | 16 ++++ meta/classes-global/base.bbclass | 26 +++++- meta/classes-recipe/deb-dl-dir.bbclass | 4 +- meta/classes-recipe/dpkg-base.bbclass | 2 +- meta/classes-recipe/dpkg.bbclass | 2 +- .../image-account-extension.bbclass | 4 +- .../image-locales-extension.bbclass | 4 +- .../image-postproc-extension.bbclass | 30 +++---- meta/classes-recipe/image.bbclass | 14 +-- .../imagetypes_container.bbclass | 26 +++--- meta/classes-recipe/imagetypes_wic.bbclass | 4 +- meta/classes-recipe/rootfs.bbclass | 89 ++++++++++--------- meta/classes-recipe/sbuild.bbclass | 10 +-- meta/classes-recipe/sdk.bbclass | 14 +-- meta/classes/sbom.bbclass | 2 +- .../isar-mmdebstrap/isar-mmdebstrap.inc | 12 +-- .../unittests/test_image_account_extension.py | 9 +- 17 files changed, 153 insertions(+), 115 deletions(-) diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index 0bad8a44..ad03ed68 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -962,3 +962,19 @@ INSTALLER_UNATTENDED_ABORT_ENABLE = "1" # Optional: set countdown timeout in seconds (default 5) INSTALLER_UNATTENDED_ABORT_TIMEOUT = "5" ``` + +### Execution of privileged commands + +When operations require higher privileges than those available to the build user, +the following helper functions shall be used: + +**run_privileged**: Run a command as root while preserving the environment. + +**run_privileged_heredoc**: Execute commands provided via stdin in a root shell. + +**run_in_chroot**: Run a command within a chroot environment. The first argument +specifies the rootfs path. + +Using these helpers instead of direct `sudo` invocations centralizes platform-specific +privileged execution logic in `base.bbclass`. Direct use of `sudo` is discouraged +in downstream layers. diff --git a/meta/classes-global/base.bbclass b/meta/classes-global/base.bbclass index f923622b..9a00fb83 100644 --- a/meta/classes-global/base.bbclass +++ b/meta/classes-global/base.bbclass @@ -141,7 +141,7 @@ root_cleandirs() { die "Could not remove $i, because subdir is mounted" done for i in $ROOT_CLEANDIRS_DIRS; do - sudo rm -rf --one-file-system "$TMPDIR$i" + run_privileged rm -rf --one-file-system "$TMPDIR$i" mkdir -p "$TMPDIR$i" done } @@ -375,3 +375,27 @@ def deb_list_beautify(d, varname): if stripped: var_list.append(stripped) return ', '.join(var_list) + +# Helpers for privileged execution. Only the non-underscore functions +# shall be used outside of this class. + +def run_privileged_cmd(d): + cmd = 'sudo -E' + bb.debug(1, "privileged cmd: %s" % cmd) + return cmd + +RUN_PRIVILEGED_CMD := "${@run_privileged_cmd(d)}" + +run_privileged() { + ${RUN_PRIVILEGED_CMD} "$@" +} + +run_privileged_heredoc() { + ${RUN_PRIVILEGED_CMD} /bin/bash -s "$@" +} + +run_in_chroot() { + rootfs="$1" + shift + ${RUN_PRIVILEGED_CMD} chroot "$rootfs" "$@" +} diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 6675d48d..05a16585 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -110,7 +110,7 @@ dbg_pkgs_download() { | grep "${DISTRO_ARCH}" \ | awk '!/Binary:/ {print $1}' \ | sort -u - done | xargs -r sudo -E chroot ${rootfs} sh -c '/usr/bin/apt-get -y --download-only install "$@"' -- + done | xargs -r run_in_chroot ${rootfs} sh -c '/usr/bin/apt-get -y --download-only install "$@"' -- } deb_dl_dir_import() { @@ -120,7 +120,7 @@ deb_dl_dir_import() { export gid=$(id -g) # let our unprivileged user place downloaded packages in /var/cache/apt/archives/ - sudo -Es << ' EOSUDO' + run_privileged_heredoc << ' EOSUDO' mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ EOSUDO diff --git a/meta/classes-recipe/dpkg-base.bbclass b/meta/classes-recipe/dpkg-base.bbclass index d8287e8d..03317ef2 100644 --- a/meta/classes-recipe/dpkg-base.bbclass +++ b/meta/classes-recipe/dpkg-base.bbclass @@ -161,7 +161,7 @@ def isar_export_build_settings(d): dpkg_schroot_create_configs() { schroot_create_configs - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' sbuild_fstab="${SBUILD_CONF_DIR}/fstab" fstab_isarapt="${WORKDIR}/isar-apt/${DISTRO}-${DISTRO_ARCH}/apt/${DISTRO} /isar-apt none rw,bind 0 0" grep -qxF "${fstab_isarapt}" ${sbuild_fstab} || echo "${fstab_isarapt}" >> ${sbuild_fstab} diff --git a/meta/classes-recipe/dpkg.bbclass b/meta/classes-recipe/dpkg.bbclass index 8bb5adeb..8d7ff092 100644 --- a/meta/classes-recipe/dpkg.bbclass +++ b/meta/classes-recipe/dpkg.bbclass @@ -129,5 +129,5 @@ dpkg_runbuild() { deb_dl_dir_export "${WORKDIR}/rootfs" "${distro}" # Cleanup apt artifacts - sudo rm -rf ${WORKDIR}/rootfs + run_privileged rm -rf ${WORKDIR}/rootfs } diff --git a/meta/classes-recipe/image-account-extension.bbclass b/meta/classes-recipe/image-account-extension.bbclass index a8a3c7ff..bd721130 100644 --- a/meta/classes-recipe/image-account-extension.bbclass +++ b/meta/classes-recipe/image-account-extension.bbclass @@ -34,7 +34,7 @@ def image_create_groups(d: "DataSmart") -> None: """ entries = (d.getVar("GROUPS") or "").split() rootfsdir = d.getVar("ROOTFSDIR") - chroot = ["sudo", "-E", "chroot", rootfsdir] + chroot = run_privileged_cmd(d).split() + ["chroot", rootfsdir] for entry in entries: args = [] @@ -72,7 +72,7 @@ def image_create_users(d: "DataSmart") -> None: entries = (d.getVar("USERS") or "").split() rootfsdir = d.getVar("ROOTFSDIR") - chroot = ["sudo", "-E", "chroot", rootfsdir] + chroot = run_privileged_cmd(d).split() + ["chroot", rootfsdir] for entry in entries: args = [] diff --git a/meta/classes-recipe/image-locales-extension.bbclass b/meta/classes-recipe/image-locales-extension.bbclass index 9bff36ff..c1e8c175 100644 --- a/meta/classes-recipe/image-locales-extension.bbclass +++ b/meta/classes-recipe/image-locales-extension.bbclass @@ -29,7 +29,7 @@ ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT += "image_install_localepurge_download" image_install_localepurge_download[weight] = "40" image_install_localepurge_download[network] = "${TASK_USE_NETWORK_AND_SUDO}" image_install_localepurge_download() { - sudo -E chroot '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only localepurge } @@ -60,7 +60,7 @@ ${@get_nopurge(d)} __EOF__ # Install configuration into image: - sudo -E -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e localepurge_state='i' if chroot '${ROOTFSDIR}' dpkg -s localepurge 2>/dev/null >&2 diff --git a/meta/classes-recipe/image-postproc-extension.bbclass b/meta/classes-recipe/image-postproc-extension.bbclass index 1aba2ec5..86db0f7b 100644 --- a/meta/classes-recipe/image-postproc-extension.bbclass +++ b/meta/classes-recipe/image-postproc-extension.bbclass @@ -17,19 +17,19 @@ update_etc_os_release() { done if [ -n "${OS_RELEASE_BUILD_ID}" ]; then - sudo sed -i '/^BUILD_ID=.*/d' '${IMAGE_ROOTFS}/etc/os-release' + run_privileged sed -i '/^BUILD_ID=.*/d' '${IMAGE_ROOTFS}/etc/os-release' echo "BUILD_ID=\"${OS_RELEASE_BUILD_ID}\"" | \ - sudo tee -a '${IMAGE_ROOTFS}/etc/os-release' + run_privileged tee -a '${IMAGE_ROOTFS}/etc/os-release' fi if [ -n "${OS_RELEASE_VARIANT}" ]; then - sudo sed -i '/^VARIANT=.*/d' '${IMAGE_ROOTFS}/etc/os-release' + run_privileged sed -i '/^VARIANT=.*/d' '${IMAGE_ROOTFS}/etc/os-release' echo "VARIANT=\"${OS_RELEASE_VARIANT}\"" | \ - sudo tee -a '${IMAGE_ROOTFS}/etc/os-release' + run_privileged tee -a '${IMAGE_ROOTFS}/etc/os-release' fi if [ -n "${OS_RELEASE_VARIANT_VERSION}" ]; then - sudo sed -i '/^VARIANT_VERSION=.*/d' '${IMAGE_ROOTFS}/etc/os-release' + run_privileged sed -i '/^VARIANT_VERSION=.*/d' '${IMAGE_ROOTFS}/etc/os-release' echo "VARIANT_VERSION=\"${OS_RELEASE_VARIANT_VERSION}\"" | \ - sudo tee -a '${IMAGE_ROOTFS}/etc/os-release' + run_privileged tee -a '${IMAGE_ROOTFS}/etc/os-release' fi } @@ -37,11 +37,11 @@ ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_configure" image_postprocess_configure() { # Configure root filesystem if [ -n "${DISTRO_CONFIG_SCRIPT}" ]; then - sudo install -m 755 "${WORKDIR}/${DISTRO_CONFIG_SCRIPT}" "${IMAGE_ROOTFS}" + run_privileged install -m 755 "${WORKDIR}/${DISTRO_CONFIG_SCRIPT}" "${IMAGE_ROOTFS}" TARGET_DISTRO_CONFIG_SCRIPT="$(basename ${DISTRO_CONFIG_SCRIPT})" - sudo chroot ${IMAGE_ROOTFS} "/$TARGET_DISTRO_CONFIG_SCRIPT" \ + run_in_chroot ${IMAGE_ROOTFS} "/$TARGET_DISTRO_CONFIG_SCRIPT" \ "${MACHINE_SERIAL}" "${BAUDRATE_TTY}" - sudo rm "${IMAGE_ROOTFS}/$TARGET_DISTRO_CONFIG_SCRIPT" + run_privileged rm "${IMAGE_ROOTFS}/$TARGET_DISTRO_CONFIG_SCRIPT" fi } @@ -58,13 +58,13 @@ image_postprocess_machine_id() { # systemd(1) takes care of recreating the machine-id on first boot # for systemd < v247, set to empty string, else set to uninitialized # (required if initramfs with ro root is used) - SYSTEMD_VERSION=$( sudo chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" ) + SYSTEMD_VERSION=$( run_in_chroot ${IMAGE_ROOTFS} dpkg-query --showformat='${source:Upstream-Version}' --show systemd || echo "0" ) MACHINE_ID="uninitialized" if dpkg --compare-versions "$SYSTEMD_VERSION" "lt" "247"; then MACHINE_ID="" fi - echo "$MACHINE_ID" | sudo chroot ${IMAGE_ROOTFS} tee /etc/machine-id - sudo rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id' + echo "$MACHINE_ID" | run_in_chroot ${IMAGE_ROOTFS} tee /etc/machine-id + run_privileged rm -f '${IMAGE_ROOTFS}/var/lib/dbus/machine-id' } ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_sshd_key_regen" @@ -82,13 +82,13 @@ image_postprocess_sshd_key_regen() { ROOTFS_POSTPROCESS_COMMAND =+ "image_postprocess_disable_systemd_firstboot" image_postprocess_disable_systemd_firstboot() { - SYSTEMD_VERSION=$(sudo chroot '${ROOTFSDIR}' dpkg-query \ + SYSTEMD_VERSION=$(run_in_chroot '${ROOTFSDIR}' dpkg-query \ --showformat='${source:Upstream-Version}' \ --show systemd || echo "0" ) if dpkg --compare-versions "$SYSTEMD_VERSION" "ge" "251"; then - sudo chroot '${ROOTFSDIR}' systemctl mask systemd-firstboot - if ! cmd_output=$(sudo chroot '${ROOTFSDIR}' systemd-firstboot \ + run_in_chroot '${ROOTFSDIR}' systemctl mask systemd-firstboot + if ! cmd_output=$(run_in_chroot '${ROOTFSDIR}' systemd-firstboot \ --prompt --welcome=false /dev/null); then bbwarn "Your image is not configured completely according to systemd-firstboot." bbwarn "It prompted: \"${cmd_output}\"" diff --git a/meta/classes-recipe/image.bbclass b/meta/classes-recipe/image.bbclass index afe6906e..4a250964 100644 --- a/meta/classes-recipe/image.bbclass +++ b/meta/classes-recipe/image.bbclass @@ -363,7 +363,7 @@ get_build_id() { ROOTFS_CONFIGURE_COMMAND += "image_configure_fstab" image_configure_fstab[weight] = "2" image_configure_fstab() { - sudo tee '${IMAGE_ROOTFS}/etc/fstab' << EOF + run_privileged tee '${IMAGE_ROOTFS}/etc/fstab' << EOF # Begin /etc/fstab proc /proc proc nosuid,noexec,nodev 0 0 sysfs /sys sysfs nosuid,noexec,nodev 0 0 @@ -391,7 +391,7 @@ do_copy_boot_files() { kernel="$(realpath -q '${IMAGE_ROOTFS}'/boot/vmlinu[xz])" fi if [ -f "$kernel" ]; then - sudo cat "$kernel" > "${DEPLOYDIR}/${KERNEL_IMAGE}" + run_privileged cat "$kernel" > "${DEPLOYDIR}/${KERNEL_IMAGE}" fi for file in ${DTB_FILES}; do @@ -447,7 +447,7 @@ def apt_list_files(d): IMAGE_LISTS = "${@ ' '.join(apt_list_files(d)) }" do_rootfs_finalize() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e if [ -e "${ROOTFSDIR}/chroot-setup.sh" ]; then @@ -473,14 +473,14 @@ EOSUDO # Sometimes qemu-user-static generates coredumps in chroot, move them # to work temporary directory and inform user about it. - for f in $(sudo find ${ROOTFSDIR} -type f -name *.core -exec file --mime-type {} \; | grep 'application/x-coredump' | cut -d: -f1); do - sudo mv "${f}" "${WORKDIR}/temp/" + for f in $(run_privileged find ${ROOTFSDIR} -type f -name *.core -exec file --mime-type {} \; | grep 'application/x-coredump' | cut -d: -f1); do + run_privileged mv "${f}" "${WORKDIR}/temp/" bbwarn "found core dump in rootfs, check it in ${WORKDIR}/temp/${f##*/}" done # Set same time-stamps to the newly generated file/folders in the # rootfs image for the purpose of reproducible builds. - sudo find ${ROOTFSDIR} -newermt "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ + run_privileged find ${ROOTFSDIR} -newermt "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' } do_rootfs_finalize[network] = "${TASK_USE_SUDO}" @@ -517,7 +517,7 @@ do_rootfs_quality_check() { ;; esac done - found=$( sudo find ${ROOTFSDIR} -type f -newer $rootfs_install_stamp $args ) + found=$( run_privileged find ${ROOTFSDIR} -type f -newer $rootfs_install_stamp $args ) if [ -n "$found" ]; then bbwarn "Files changed after package install. The following files seem" bbwarn "to have changed where they probably should not have." diff --git a/meta/classes-recipe/imagetypes_container.bbclass b/meta/classes-recipe/imagetypes_container.bbclass index ea15decf..b6cc4a14 100644 --- a/meta/classes-recipe/imagetypes_container.bbclass +++ b/meta/classes-recipe/imagetypes_container.bbclass @@ -37,38 +37,38 @@ do_containerize() { # prepare OCI container image skeleton bbdebug 1 "prepare OCI container image skeleton" - sudo rm -rf "${oci_img_dir}" "${oci_img_dir}_unpacked" - sudo umoci init --layout "${oci_img_dir}" - sudo umoci new --image "${oci_img_dir}:${empty_tag}" + run_privileged rm -rf "${oci_img_dir}" "${oci_img_dir}_unpacked" + run_privileged umoci init --layout "${oci_img_dir}" + run_privileged umoci new --image "${oci_img_dir}:${empty_tag}" if [ -n "${cmd}" ]; then - sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci config --image "${oci_img_dir}:${empty_tag}" \ --config.cmd="${cmd}" fi if [ -n "${entrypoint}" ]; then - sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci config --image "${oci_img_dir}:${empty_tag}" \ --config.entrypoint="${entrypoint}" fi if [ -n "${path}" ]; then - sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci config --image "${oci_img_dir}:${empty_tag}" \ --config.env="PATH=${path}" fi - sudo umoci unpack --image "${oci_img_dir}:${empty_tag}" \ + run_privileged umoci unpack --image "${oci_img_dir}:${empty_tag}" \ "${oci_img_dir}_unpacked" # add root filesystem as the flesh of the skeleton - sudo cp --reflink=auto -a "${rootfs}"/* "${oci_img_dir}_unpacked/rootfs/" + run_privileged cp --reflink=auto -a "${rootfs}"/* "${oci_img_dir}_unpacked/rootfs/" # clean-up temporary files - sudo find "${oci_img_dir}_unpacked/rootfs/tmp" -mindepth 1 -delete + run_privileged find "${oci_img_dir}_unpacked/rootfs/tmp" -mindepth 1 -delete # pack container image bbdebug 1 "pack container image" - sudo umoci repack --image "${oci_img_dir}:${tag}" \ + run_privileged umoci repack --image "${oci_img_dir}:${tag}" \ "${oci_img_dir}_unpacked" - sudo umoci remove --image "${oci_img_dir}:${empty_tag}" - sudo rm -rf "${oci_img_dir}_unpacked" + run_privileged umoci remove --image "${oci_img_dir}:${empty_tag}" + run_privileged rm -rf "${oci_img_dir}_unpacked" # no root needed anymore - sudo chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + run_privileged chown --recursive $(id -u):$(id -g) "${oci_img_dir}" } convert_container() { diff --git a/meta/classes-recipe/imagetypes_wic.bbclass b/meta/classes-recipe/imagetypes_wic.bbclass index 6b82add3..63974a3e 100644 --- a/meta/classes-recipe/imagetypes_wic.bbclass +++ b/meta/classes-recipe/imagetypes_wic.bbclass @@ -193,8 +193,8 @@ generate_wic_image() { fi EOIMAGER - sudo chown -R $(stat -c "%U" ${LAYERDIR_core}) ${LAYERDIR_core} ${LAYERDIR_isar} ${SCRIPTSDIR} || true - sudo chown -R $(id -u):$(id -g) "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic"* + run_privileged chown -R $(stat -c "%U" ${LAYERDIR_core}) ${LAYERDIR_core} ${LAYERDIR_isar} ${SCRIPTSDIR} || true + run_privileged chown -R $(id -u):$(id -g) "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic"* rm -rf ${IMAGE_ROOTFS}/../pseudo cat ${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.manifest \ diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index a4e1df4f..883c3335 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -136,7 +136,7 @@ rootfs_cmd() { rootfs_do_mounts[weight] = "3" rootfs_do_mounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mountpoint -q '${ROOTFSDIR}/dev' || \ ( mount -o bind,private /dev '${ROOTFSDIR}/dev' && @@ -182,7 +182,7 @@ EOSUDO } rootfs_do_umounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e if mountpoint -q '${ROOTFSDIR}/isar-apt'; then umount '${ROOTFSDIR}/isar-apt' @@ -225,7 +225,7 @@ rootfs_do_qemu() { if [ '${@repr(d.getVar('ROOTFS_ARCH') == d.getVar('HOST_ARCH'))}' = 'False' ] then test -e '${ROOTFSDIR}/usr/bin/qemu-${QEMU_ARCH}-static' || \ - sudo cp '/usr/bin/qemu-${QEMU_ARCH}-static' '${ROOTFSDIR}/usr/bin/qemu-${QEMU_ARCH}-static' + run_privileged cp '/usr/bin/qemu-${QEMU_ARCH}-static' '${ROOTFSDIR}/usr/bin/qemu-${QEMU_ARCH}-static' fi } @@ -240,16 +240,16 @@ ROOTFS_EXTRA_IMPORTED := "${@rootfs_extra_import(d)}" rootfs_prepare[weight] = "25" rootfs_prepare(){ - sudo tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" + run_privileged tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" # setup chroot - sudo "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}" + run_privileged "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}" } ROOTFS_CONFIGURE_COMMAND += "rootfs_configure_isar_apt" rootfs_configure_isar_apt[weight] = "2" rootfs_configure_isar_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mkdir -p '${ROOTFSDIR}/etc/apt/sources.list.d' @@ -270,7 +270,7 @@ EOSUDO ROOTFS_CONFIGURE_COMMAND += "rootfs_configure_apt" rootfs_configure_apt[weight] = "2" rootfs_configure_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mkdir -p '${ROOTFSDIR}/etc/apt/apt.conf.d' @@ -293,7 +293,7 @@ ROOTFS_CONFIGURE_COMMAND += "rootfs_disable_initrd_generation" rootfs_disable_initrd_generation[weight] = "1" rootfs_disable_initrd_generation() { # fully disable initrd generation - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e mkdir -p "${ROOTFSDIR}${ROOTFS_STUBS_DIR}" @@ -310,7 +310,7 @@ rootfs_install_pkgs_update[weight] = "5" rootfs_install_pkgs_update[isar-apt-lock] = "acquire-before" rootfs_install_pkgs_update[network] = "${TASK_USE_NETWORK_AND_SUDO}" rootfs_install_pkgs_update() { - sudo -E chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ + run_in_chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ -o Dir::Etc::SourceParts="-" \ -o APT::Get::List-Cleanup="0" @@ -322,9 +322,9 @@ rootfs_install_resolvconf() { if [ "${@repr(bb.utils.to_boolean(d.getVar('BB_NO_NETWORK')))}" != "True" ] then if [ -L "${ROOTFSDIR}/etc/resolv.conf" ]; then - sudo unlink "${ROOTFSDIR}/etc/resolv.conf" + run_privileged unlink "${ROOTFSDIR}/etc/resolv.conf" fi - sudo cp -rL /etc/resolv.conf '${ROOTFSDIR}/etc' + run_privileged cp -rL /etc/resolv.conf '${ROOTFSDIR}/etc' fi } @@ -358,7 +358,7 @@ rootfs_export_package_cache() { ROOTFS_INSTALL_COMMAND += "${@ 'rootfs_install_clean_files' if (d.getVar('ROOTFS_CLEAN_FILES') or '').strip() else ''}" rootfs_install_clean_files[weight] = "2" rootfs_install_clean_files() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' for clean_file in ${ROOTFS_CLEAN_FILES}; do rm -f "${ROOTFSDIR}/$clean_file" done @@ -370,14 +370,14 @@ rootfs_install_pkgs_install[weight] = "8000" rootfs_install_pkgs_install[progress] = "custom:rootfs_progress.PkgsInstallProgressHandler" rootfs_install_pkgs_install[network] = "${TASK_USE_SUDO}" rootfs_install_pkgs_install() { - sudo -E chroot "${ROOTFSDIR}" \ + run_in_chroot "${ROOTFSDIR}" \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} ${ROOTFS_PACKAGES} } ROOTFS_INSTALL_COMMAND += "rootfs_restore_initrd_tooling" rootfs_restore_initrd_tooling[weight] = "1" rootfs_restore_initrd_tooling() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e rm -f "${ROOTFSDIR}/etc/apt/apt.conf.d/50isar-stubs" rm -rf "${ROOTFSDIR}${ROOTFS_STUBS_DIR}" @@ -386,8 +386,8 @@ EOSUDO ROOTFS_INSTALL_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'generate-initrd', '', 'rootfs_clear_initrd_symlinks', d)}" rootfs_clear_initrd_symlinks() { - sudo rm -f ${ROOTFSDIR}/initrd.img - sudo rm -f ${ROOTFSDIR}/initrd.img.old + run_privileged rm -f ${ROOTFSDIR}/initrd.img + run_privileged rm -f ${ROOTFSDIR}/initrd.img.old } do_rootfs_install[root_cleandirs] = "${ROOTFSDIR}" @@ -437,21 +437,21 @@ do_cache_deb_src[network] = "${TASK_USE_SUDO}" do_cache_deb_src() { if [ -e "${ROOTFSDIR}"/etc/resolv.conf ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar fi rootfs_install_resolvconf # Note: ISAR updates the apt state information(apt-get update) only once during bootstrap and # relies on that through out the build. Copy that state information instead of apt-get update # which generates a new state from upstream. - sudo tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" + run_privileged tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" deb_dl_dir_import ${ROOTFSDIR} ${ROOTFS_BASE_DISTRO}-${BASE_DISTRO_CODENAME} debsrc_download ${ROOTFSDIR} ${ROOTFS_BASE_DISTRO}-${BASE_DISTRO_CODENAME} - sudo rm -f "${ROOTFSDIR}"/etc/resolv.conf + run_privileged rm -f "${ROOTFSDIR}"/etc/resolv.conf if [ -e "${ROOTFSDIR}"/etc/resolv.conf.isar ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf.isar ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf fi } @@ -459,21 +459,21 @@ ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('BASE_REPO_FEATURES', 'cache cache_dbg_pkgs() { if [ -e "${ROOTFSDIR}"/etc/resolv.conf ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf "${ROOTFSDIR}"/etc/resolv.conf.isar fi rootfs_install_resolvconf # Note: ISAR updates the apt state information(apt-get update) only once during bootstrap and # relies on that through out the build. Copy that state information instead of apt-get update # which generates a new state from upstream. - sudo tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" + run_privileged tar -xf "${BOOTSTRAP_SRC}" ./var/lib/apt/lists --one-top-level="${ROOTFSDIR}" deb_dl_dir_import ${ROOTFSDIR} ${ROOTFS_BASE_DISTRO}-${BASE_DISTRO_CODENAME} dbg_pkgs_download ${ROOTFSDIR} - sudo rm -f "${ROOTFSDIR}"/etc/resolv.conf + run_privileged rm -f "${ROOTFSDIR}"/etc/resolv.conf if [ -e "${ROOTFSDIR}"/etc/resolv.conf.isar ] || [ -h "${ROOTFSDIR}"/etc/resolv.conf.isar ]; then - sudo mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf + run_privileged mv "${ROOTFSDIR}"/etc/resolv.conf.isar "${ROOTFSDIR}"/etc/resolv.conf fi } @@ -482,17 +482,17 @@ ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'generate ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-package-cache', 'rootfs_postprocess_clean_package_cache', '', d)}" rootfs_postprocess_clean_package_cache() { - sudo -E chroot '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ /usr/bin/apt-get clean - sudo rm -rf "${ROOTFSDIR}/var/lib/apt/lists/"* + run_privileged rm -rf "${ROOTFSDIR}/var/lib/apt/lists/"* # remove apt-cache folder itself (required in case rootfs is provided by sstate cache) - sudo rm -rf "${ROOTFSDIR}/var/cache/apt/archives" + run_privileged rm -rf "${ROOTFSDIR}/var/cache/apt/archives" } ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-log-files', 'rootfs_postprocess_clean_log_files', '', d)}" rootfs_postprocess_clean_log_files() { # Delete log files that are not owned by packages - sudo -E chroot '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ /usr/bin/find /var/log/ -type f \ -exec sh -c '! dpkg -S {} > /dev/null 2>&1' ';' \ -exec rm -f {} ';' @@ -501,32 +501,32 @@ rootfs_postprocess_clean_log_files() { ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-debconf-cache', 'rootfs_postprocess_clean_debconf_cache', '', d)}" rootfs_postprocess_clean_debconf_cache() { # Delete debconf cache files - sudo rm -rf "${ROOTFSDIR}/var/cache/debconf/"* + run_privileged rm -rf "${ROOTFSDIR}/var/cache/debconf/"* } ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'clean-pycache', 'rootfs_postprocess_clean_pycache', '', d)}" rootfs_postprocess_clean_pycache() { - sudo find ${ROOTFSDIR}/usr -type f -name '*.pyc' -delete -print - sudo find ${ROOTFSDIR}/usr -type d -name '__pycache__' -delete -print + run_privileged find ${ROOTFSDIR}/usr -type f -name '*.pyc' -delete -print + run_privileged find ${ROOTFSDIR}/usr -type d -name '__pycache__' -delete -print } ROOTFS_POSTPROCESS_COMMAND += "rootfs_postprocess_clean_ldconfig_cache" rootfs_postprocess_clean_ldconfig_cache() { # the ldconfig aux-cache is not portable and breaks reproducability # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845034#49 - sudo rm -f ${ROOTFSDIR}/var/cache/ldconfig/aux-cache + run_privileged rm -f ${ROOTFSDIR}/var/cache/ldconfig/aux-cache } ROOTFS_POSTPROCESS_COMMAND += "rootfs_postprocess_clean_tmp" rootfs_postprocess_clean_tmp() { # /tmp is by definition non persistent across boots - sudo rm -rf "${ROOTFSDIR}/tmp/"* + run_privileged rm -rf "${ROOTFSDIR}/tmp/"* } ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'generate-manifest', 'rootfs_generate_manifest', '', d)}" rootfs_generate_manifest () { mkdir -p ${ROOTFS_MANIFEST_DEPLOY_DIR} - sudo -E chroot --userspec=$(id -u):$(id -g) '${ROOTFSDIR}' \ + run_in_chroot '${ROOTFSDIR}' \ dpkg-query -W -f \ '${source:Package}|${source:Version}|${Package}:${Architecture}|${Version}\n' > \ '${ROOTFS_MANIFEST_DEPLOY_DIR}'/'${ROOTFS_PACKAGE_SUFFIX}'.manifest @@ -542,7 +542,7 @@ rootfs_export_dpkg_status() { ROOTFS_POSTPROCESS_COMMAND += "rootfs_cleanup_isar_apt" rootfs_cleanup_isar_apt[weight] = "2" rootfs_cleanup_isar_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e rm -f "${ROOTFSDIR}/etc/apt/sources.list.d/isar-apt.list" rm -f "${ROOTFSDIR}/etc/apt/preferences.d/isar-apt" @@ -553,7 +553,7 @@ EOSUDO ROOTFS_POSTPROCESS_COMMAND += "${@'rootfs_cleanup_base_apt' if bb.utils.to_boolean(d.getVar('ISAR_USE_CACHED_BASE_REPO')) else ''}" rootfs_cleanup_base_apt[weight] = "2" rootfs_cleanup_base_apt() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e rm -f "${ROOTFSDIR}/etc/apt/sources.list.d/"*base-apt.list EOSUDO @@ -561,12 +561,12 @@ EOSUDO ROOTFS_POSTPROCESS_COMMAND += "${@bb.utils.contains('ROOTFS_FEATURES', 'populate-systemd-preset', 'image_postprocess_populate_systemd_preset', '', d)}" image_postprocess_populate_systemd_preset() { - SYSTEMD_INSTALLED=$(sudo chroot '${ROOTFSDIR}' dpkg-query \ + SYSTEMD_INSTALLED=$(run_in_chroot '${ROOTFSDIR}' dpkg-query \ --showformat='${db:Status-Status}' \ --show systemd || echo "" ) if (test "$SYSTEMD_INSTALLED" = "installed"); then - sudo chroot '${ROOTFSDIR}' systemctl preset-all --preset-mode="enable-only" + run_in_chroot '${ROOTFSDIR}' systemctl preset-all --preset-mode="enable-only" fi } @@ -626,7 +626,7 @@ rootfs_generate_initramfs() { mods_total="$(find ${ROOTFSDIR}/usr/lib/modules/$kernel_version -type f -name '*.ko*' | wc -l)" echo "Total number of modules: $mods_total" echo "Generating initrd for kernel version: $kernel_version" - sudo -E chroot "${ROOTFSDIR}" sh -ec ' \ + run_in_chroot "${ROOTFSDIR}" sh -ec ' \ ${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}; \ find /boot -name "initrd.img-$kernel_version*" -exec install --mode 0644 {} /isar-work/initrd.img \; \ ' @@ -664,11 +664,12 @@ rootfs_install_sstate_prepare() { # so we use some mount magic to prevent that mkdir -p ${WORKDIR}/mnt/rootfs trap 'rmdir ${WORKDIR}/mnt/rootfs ${WORKDIR}/mnt' EXIT - sudo mount -o bind,private '${WORKDIR}/rootfs' '${WORKDIR}/mnt/rootfs' -o ro + + run_privileged mount -o bind,private '${WORKDIR}/rootfs' '${WORKDIR}/mnt/rootfs' -o ro lopts="--one-file-system --exclude=var/cache/apt/archives" - sudo tar -C ${WORKDIR}/mnt -cpSf rootfs.tar $lopts ${SSTATE_TAR_ATTR_FLAGS} rootfs - sudo umount ${WORKDIR}/mnt/rootfs - sudo chown $(id -u):$(id -g) rootfs.tar + run_privileged tar -C ${WORKDIR}/mnt -cpSf rootfs.tar $lopts ${SSTATE_TAR_ATTR_FLAGS} rootfs + run_privileged umount ${WORKDIR}/mnt/rootfs + run_privileged chown $(id -u):$(id -g) rootfs.tar } do_rootfs_install_sstate_prepare[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" @@ -677,7 +678,7 @@ rootfs_install_sstate_finalize() { # - after building the rootfs, the tar won't be there, but we also don't need to unpack # - after restoring from cache, there will be a tar which we unpack and then delete if [ -f rootfs.tar ]; then - sudo tar -C ${WORKDIR} -xpf rootfs.tar ${SSTATE_TAR_ATTR_FLAGS} + run_privileged tar -C ${WORKDIR} -xpf rootfs.tar ${SSTATE_TAR_ATTR_FLAGS} rm rootfs.tar fi } diff --git a/meta/classes-recipe/sbuild.bbclass b/meta/classes-recipe/sbuild.bbclass index 1ab72aad..ea0c5841 100644 --- a/meta/classes-recipe/sbuild.bbclass +++ b/meta/classes-recipe/sbuild.bbclass @@ -20,7 +20,7 @@ SCHROOT_LOCKFILE = "/tmp/schroot.lock" schroot_create_configs() { mkdir -p "${TMPDIR}/schroot-overlay" echo "Creating ${SCHROOT_CONF_FILE}" - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e cat << EOF > "${SCHROOT_CONF_FILE}" @@ -59,7 +59,7 @@ EOSUDO schroot_delete_configs() { (flock -x 9 set -e - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e if [ -d "${SBUILD_CONF_DIR}" ]; then echo "Removing ${SBUILD_CONF_DIR}" @@ -101,7 +101,7 @@ sbuild_export() { } insert_mounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e for mp in ${SCHROOT_MOUNTS}; do FSTAB_LINE="${mp%%:*} ${mp#*:} none rw,bind,private 0 0" @@ -112,7 +112,7 @@ EOSUDO } remove_mounts() { - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e for mp in ${SCHROOT_MOUNTS}; do FSTAB_LINE="${mp%%:*} ${mp#*:} none rw,bind,private 0 0" @@ -123,7 +123,7 @@ EOSUDO schroot_configure_ccache() { mkdir -p "${CCACHE_DIR}" - sudo -s <<'EOSUDO' + run_privileged_heredoc <<'EOSUDO' set -e sbuild_fstab="${SBUILD_CONF_DIR}/fstab" diff --git a/meta/classes-recipe/sdk.bbclass b/meta/classes-recipe/sdk.bbclass index 17b56bcf..074f5ef8 100644 --- a/meta/classes-recipe/sdk.bbclass +++ b/meta/classes-recipe/sdk.bbclass @@ -69,12 +69,12 @@ ROOTFS_POSTPROCESS_COMMAND:remove = "${@'rootfs_cleanup_isar_apt' if bb.utils.to ROOTFS_CONFIGURE_COMMAND:append:class-sdk = " ${@'rootfs_configure_isar_apt_dir' if bb.utils.to_boolean(d.getVar('SDK_INCLUDE_ISAR_APT')) else ''}" rootfs_configure_isar_apt_dir() { # Copy isar-apt instead of mounting: - sudo cp -Trpfx --reflink=auto ${REPO_ISAR_DIR}/${DISTRO} ${ROOTFSDIR}/isar-apt + run_privileged cp -Trpfx --reflink=auto ${REPO_ISAR_DIR}/${DISTRO} ${ROOTFSDIR}/isar-apt } ROOTFS_POSTPROCESS_COMMAND:prepend:class-sdk = "sdkchroot_configscript " sdkchroot_configscript () { - sudo chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} + run_in_chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} } ROOTFS_POSTPROCESS_COMMAND:append:class-sdk = " sdkchroot_finalize" @@ -83,7 +83,7 @@ sdkchroot_finalize() { rootfs_do_umounts # Remove setup scripts - sudo rm -f ${ROOTFSDIR}/chroot-setup.sh ${ROOTFSDIR}/configscript.sh + run_privileged rm -f ${ROOTFSDIR}/chroot-setup.sh ${ROOTFSDIR}/configscript.sh # Make all links relative for link in $(find ${ROOTFSDIR}/ -type l); do @@ -95,16 +95,16 @@ sdkchroot_finalize() { new_target=$(realpath --no-symlinks -m --relative-to=$basedir ${ROOTFSDIR}${target}) # remove first to allow rewriting directory links - sudo rm $link - sudo ln -s $new_target $link + run_privileged rm $link + run_privileged ln -s $new_target $link fi done # Set up sysroot wrapper for tool_pattern in "gcc-[0-9]*" "g++-[0-9]*" "cpp-[0-9]*" "ld.bfd" "ld.gold"; do for tool in $(find ${ROOTFSDIR}/usr/bin -type f -name "*-linux-gnu*-${tool_pattern}"); do - sudo mv "${tool}" "${tool}.bin" - sudo ln -sf gcc-sysroot-wrapper.sh ${tool} + run_privileged mv "${tool}" "${tool}.bin" + run_privileged ln -sf gcc-sysroot-wrapper.sh ${tool} done done } diff --git a/meta/classes/sbom.bbclass b/meta/classes/sbom.bbclass index a16f6ea0..e3d0e702 100644 --- a/meta/classes/sbom.bbclass +++ b/meta/classes/sbom.bbclass @@ -41,7 +41,7 @@ def sbom_doc_uuid(d): d.setVar("SBOM_DOCUMENT_UUID", generate_document_uuid(d)) generate_sbom() { - sudo mkdir -p ${SBOM_CHROOT}/mnt/rootfs ${SBOM_CHROOT}/mnt/deploy-dir + run_privileged mkdir -p ${SBOM_CHROOT}/mnt/rootfs ${SBOM_CHROOT}/mnt/deploy-dir TIMESTAMP=$(date --iso-8601=s -d @${SOURCE_DATE_EPOCH}) bwrap \ diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index 9b4f62df..bb254199 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -203,19 +203,19 @@ do_bootstrap() { trap '[ -r "${WORKDIR}/mmtmpdir" ] && tmpdir=$(cat "${WORKDIR}/mmtmpdir") \ && rm "${WORKDIR}/mmtmpdir"; \ [ -d "$tmpdir" ] && mountpoint -q $tmpdir/$base_apt_tmp \ - && sudo umount $tmpdir/$base_apt_tmp; \ + && run_privileged umount $tmpdir/$base_apt_tmp; \ [ -d "$tmpdir" ] && mountpoint -q $tmpdir/base-apt \ - && sudo umount $tmpdir/base-apt; \ - [ -d "$tmpdir" ] && sudo rm -rf --one-file-system $tmpdir; \ + && run_privileged umount $tmpdir/base-apt; \ + [ -d "$tmpdir" ] && run_privileged rm -rf --one-file-system $tmpdir; \ [ -n "$base_apt_tmp" ] && mountpoint -q $base_apt_tmp \ - && sudo umount $base_apt_tmp \ + && run_privileged umount $base_apt_tmp \ && rm -rf --one-file-system $base_apt_tmp' EXIT # Create lock file so that it is owned by the user running the build (not root) mkdir -p ${DEBDIR} touch ${DEB_DL_LOCK} - sudo TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ + run_privileged TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ $arch_param \ --mode=unshare \ ${MMHOOKS} \ @@ -247,7 +247,7 @@ do_bootstrap() { if [ "${ISAR_USE_CACHED_BASE_REPO}" != "1" ]; then deb_dl_dir_export "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" - sudo rm -rf --one-file-system "${WORKDIR}/dl_dir" + run_privileged rm -rf --one-file-system "${WORKDIR}/dl_dir" fi } addtask bootstrap before do_build after do_generate_keyrings diff --git a/testsuite/unittests/test_image_account_extension.py b/testsuite/unittests/test_image_account_extension.py index 97d221fd..e2ff4a5a 100644 --- a/testsuite/unittests/test_image_account_extension.py +++ b/testsuite/unittests/test_image_account_extension.py @@ -54,9 +54,8 @@ class TestImageAccountExtensionImageCreateUsers( image_create_users(d) run_mock.assert_called_once_with( + run_privileged_cmd(d).split() + [ - 'sudo', - '-E', 'chroot', rootfs.path(), '/usr/sbin/useradd', @@ -136,9 +135,8 @@ class TestImageAccountExtensionImageCreateGroups( image_create_groups(d) run_mock.assert_called_once_with( + run_privileged_cmd(d).split() + [ - 'sudo', - '-E', 'chroot', rootfs.path(), '/usr/sbin/groupadd', @@ -164,9 +162,8 @@ class TestImageAccountExtensionImageCreateGroups( image_create_groups(d) run_mock.assert_called_once_with( + run_privileged_cmd(d).split() + [ - 'sudo', - '-E', 'chroot', rootfs.path(), '/usr/sbin/groupmod', From patchwork Fri Feb 27 14:57:05 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4933 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:46 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-qt1-f183.google.com (mail-qt1-f183.google.com [209.85.160.183]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REviwY015391 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:45 +0100 Received: by mail-qt1-f183.google.com with SMTP id d75a77b69052e-50335bd75bdsf220709041cf.0 for ; Fri, 27 Feb 2026 06:57:45 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204259; cv=pass; d=google.com; s=arc-20240605; b=W8T6Lt6SoLerbzP1MoqMCWMsLIYYSHg5GNct2d3/rcQvBRW2fugmNeXgMoYrjvOtV6 5LUeEGHM5jdsUs4KYAO7LeRlJakBSycK/kOFvot0GlFvdAHCWmXi/9r1SqtQ4+48J4an spce1TVGU1rdxnBk3xzW78WCUB0Xv6EwFfaivyE2qdyH//SpcXOhcNSFWKJ4GzKBAUFL B4VAawI31BMWpnfplOUsfYEDHeUniWD46lRejImLoC5t+GmCsqDaWlvbiVCU+qXiu7ux XUrLDtDyV3jgOMJez6yNqvKVpW3rj5D0owq/9VO1L0+jcrnzq9EvXRZpIXNIFiSCqo9u 8yGw== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=zlLTj0y7Y2UDiHZJN3yQ83CVzgr6tgOutiukjeniWzU=; fh=ZwVDmfzkd0GVlaRW9zZhdkWtD8CnNoODb/Ld1mlyzTU=; b=QvYhHwc6nlviJynbPHOqYvNDxbl7IpJdPj4vaIDXCUsFAiZCrk5GYS5WVzoQ4xHSyB KTOVU1V2a3aOHwJXgzaQFQdG1k4AxLcTlVLSAckoc5jLr110KIErmLAKkZDqKjLGCBAN 5AfeE8mbEKDsMneTvI/6D6BFcVxeheP1cj0kfqn9wYp+Pyph5HEfjhk36dWMP+SCBs2F oVU4geVm8UkY/oZ0FOWWv0xYnMiPPDF/RDN4CdolzjPS3wHj0SYwCDqTfr+qQBn1Stsg CypEiwYk9B81VssyAIBXAxqUX95Ip4Mm7JGqif3WGhAPoIDCUOSSD72RHILd6TSF/nka qEwg==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Iz776jIw; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204259; x=1772809059; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=zlLTj0y7Y2UDiHZJN3yQ83CVzgr6tgOutiukjeniWzU=; b=UH5eHKhWtZB9Gj0zQ/Eueh10H+5+Jeepdier/DP0p/2TheC8oTXfbktnUrlalhfLxM PRZ/H3Qdpnqtjrt35WMXexI6qvaWDgoZrpM0MVmpbuNLRmZDJNSfdhFh3TcZeZU0zU4m UrsdIKW2qI+3zJfI3oFNtv2qbDVB8b4JgAqk6VlrMtdYHcWX8Ko2Krs3ydJCZcJEgvUA NItPCnwYVpuAqnD+v5ogWd+hFOAInPb5buyxO5DgnN0lQQcKBA6NZxwg8i2WmLAyBSfu nUcGYlt2GWtqnEVJEUHaeJCBLuJ8KNCn/0of1uge37uW9gElQqWad+FCIkv+8KVUbGF2 /DTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204259; x=1772809059; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zlLTj0y7Y2UDiHZJN3yQ83CVzgr6tgOutiukjeniWzU=; b=u8S0sW2zMQiuEONjysLr/Iomz0uVCShsOHx1Tkq5yqCXCIMhsPWQWUtGsF0WOyLGua xCfulUeptzUH8SC1MKyDQwdx5hj3drbe1DRPCQkObP6MaNTvbrc7uHwyDueL386SpYDw vZb4zKxHgkEqZ1dsOcpcEIwPg07RHmIhSOJG4LRJlWYWVdmZs/lQrhBMk1pZuwO0FKdm XmiTFsYJnZO62gxm//24WOH++8OfXCas5O7zmeeNW29p2ahav7tuJP0mNKGn/3ZWu0WC t2fC/jRnu8qQ5z118FoLcIqi0XTK4EUHxhfeBIgZchgrttYQlvktlXZiH+ejovURdZpO QQfA== X-Forwarded-Encrypted: i=3; AJvYcCXlcH1JachjCvyQ/zfcU6yz/lyC+62nROVLSgKos4/pWI70akzF11sFxH7IAzi/lRTsVh+6vpw=@isar-build.org X-Gm-Message-State: AOJu0Yyr36utwxDmdIrIx5DJg5nX7ZBRh0V9O9OCYuxYiY2NtMfWDJCV qiFHLTXiqJMrbvM6+4NUdQsqrHIGjNPBCc7LhSr5zXdukgvCNOYxVktj X-Received: by 2002:ac8:7f51:0:b0:502:f26f:1368 with SMTP id d75a77b69052e-507528a8360mr37976381cf.63.1772204259081; Fri, 27 Feb 2026 06:57:39 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+HNkRatFE7gMvPxTLTZyRonbtSzkRDF4NWbMbYXOCH8OQ==" Received: by 2002:ac8:5d15:0:b0:501:47f4:eaf7 with SMTP id d75a77b69052e-5073c12fa28ls48407431cf.2.-pod-prod-05-us; Fri, 27 Feb 2026 06:57:37 -0800 (PST) X-Received: by 2002:ac8:5d56:0:b0:501:4bb5:51a2 with SMTP id d75a77b69052e-50752892229mr36755771cf.53.1772204257526; Fri, 27 Feb 2026 06:57:37 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204257; cv=pass; d=google.com; s=arc-20240605; b=OVkBBA0r11Mj9wM9cDDzrb+r4MjNAAgOFD36V9R98PqdG5gSkknvmbtlJ5YWTBIKBi oLiJCH15g4WkCCzLRvIhu2BMRIQC5Nf7YbMYWlHzzh7LmTzD/lDSBLq9ll7D831vvJIY Ty/HxdLbTxR6kTIDwLlpQtN7f9MarLtxY+k66alMwNCY3+Gcu33LoU7mWRJQJBTRwjX8 N34Z/XrmGuqW96+KYhBeR5iiHXDk8gsiz2OTs71qFQJ6HWgjnwlc8JhVyAhSrFGdOnJA RYIIVTBlgsAfd6wLHuRzqs3xFwEQh1MaH2FeUbnB2G8YQnADti4/5DcyVvWNoUJDAIVQ AyoA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=TFHtb3gsbUvXv7obkhpOjd6JYveHs1eMiD2C8XHOwcQ=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=I2PT7U8xUoG08yvQRTWyXyIdHY1i3T2j4RWtdsVgVDNSlCbhEn6fHpY06RolAvHVeF e/IddQQBPX7+dZNMFOph8hasEEXfSmWX9oUVtiWtm7kxfmiyrZLS6M+hxCqKzRnflHFT AC0mtnqHTIKMpn5NC0mHGo0c8/nHxF7EVnS8JWveAIk4GxpZlYMwn5OKebN9FpAlbTGc D5WC0KvpDvK+eyXBMWf3F20Z+gUO+gPk6RWU4zkN1xoYogbJcMAa3yRJM7+KSYJBVQVe EoNmOYqwoqXAOOC4oIVX5udhrP0r7SGr/5HqpHj0ZGiNqGAkNfcZ2Pp2biwfbuICdmVR c0MA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Iz776jIw; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id d75a77b69052e-50744aa1c73si2131551cf.6.2026.02.27.06.57.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:37 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Y7l+iNFLLhjbzg4XYNvfCdsQ60fZ/OhK94p9rLwNAwxLSmueGwb95j7PkaeazPd5pGv8t8p9fqN4bsccQlK7BJzXGAAWLIj9fjlsfQrZRf5utrlsQVLsGHK+go/3ImoOKqX42CBFS7G5j1rTmxjQf+n7AojrXO1ss0fPW4k11mS6M/fpTZD+XCi/rxULnWkR92joFmhRujxJx4Wkj0puFcoHmIB9hPNGIZLzAZWUqmLFLsXuL3m8eOIBF6BfMR7ob2ZnnNWw2wAq4dZg1eqBXqP4BU1NKXw72SJX8ySI7or3gfJDa5rdJ60z3W5ny46/lTxjxF4oLbpljG/jpGAnzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TFHtb3gsbUvXv7obkhpOjd6JYveHs1eMiD2C8XHOwcQ=; b=mKxxmwa5Ah4gO7AVEKwCA1rtcYK/da/uxQy+jkbdNzA5gvt/V96QfBtR/Xn1Fg4pNw/zbbkTNK7V3mOZQGbT3A13oX/0PDyvqA0Zmo/z/soDHvp1Eb1QUGvVV0rlhyYT73WtrE6fvVCDWW0YNEE7OnyYYU0WYmKp19pBgaC22CQvC6jFZJUQOpNE5JkBXw0BroQ7M8dol/45oKiYxCe0yKe2HHKW2PKMYOUFgDF1+vVkVyWlMkElCru40CHp/ibYpvYwVCoQBaT0fmmuWbkbY7bG4NWyfEwHmLf80Xrd1K92CWeCuJHCkEAmYr0j1VYh+CUoBIdKl0MYlkm3Y1KpYQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:35 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:33 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 05/16] bootstrap: move cleanup trap to function Date: Fri, 27 Feb 2026 15:57:05 +0100 Message-ID: <20260227145716.3794146-6-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: 1371b42f-f9c0-4174-5e81-08de761089da X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: pLhbucUmcGriEMPdAkU5UEfVfiRckB837EstIHDA6BdYfm4AyP5IVKiI2L5FoAUcqpHDdditsO6/L+roZ3SSkaMncG7pyLGmCtEM7eBJATsP2T7FUAUKzS/hJjqPy7An1rturJZSx3mrtlB5LHavR0R8eym0quJ3J3PDVXKtr51ZoxgLweDTkNbVRq/43HvKYTJGZGpm/9EYbPYq0IrpzeT//bSC/59/TrrxJHDshfWRgSShCb68lnN+IVHQpZSG19VpHNSIQTY+fu+17++2VbsuAjmzTcLGVoV1yCnjzAOsk2Y5L5kg4f5Wlv9pINsVMEemYEAofkcQFk317kZ8Pr+H22HTRT9dhkAgK5eA9z0F+8IISjSGp81eWLVkjAeDN42Rhc8ozJ5TuyvhaROVpfYJrImeq6xlCNvXYOyE64EphK5Ams50zBeWSWIt+wo32mosrrXUVmDRkeOT2AjkfJEk/dSRRA8qReqwK+zniHCVSnE82H8/LbCj3o3rh+BBIpdHIHLhxxvUnTR+XveBu8rulTluwXXkTvQPOkryHA7mnb6p51iRpQHLZ2a4NKHazZEA21RIEkUTh/MlbjeyiQbTDz7P7owW8icF1pBpYeFXc47bjl1sVhn9Z7+sd7IFCIVbRe1qdKL3v4/ujHN+U3X6Fh4yPFThE3HSyxHOJUa9gxz1s6U7GcIkAnGI+RIsZeh3RTv0zc1Stg+WhlUJHqAyH4DRGl4zduiNAbLCqQg= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: /sGc47JHe6EOl/BwOuhIV5KlYzvntta9keNzs5ony+xULprXq15FgFnJvVI+7bIza26PXLaTZcVZ3Vx5sj466IjMTNMXoBMjbxIwORINQNWajdBkwj4HH1MKIO5+08IdLw5G5/AKmwcWh34RfpCSO+Xcw6XJG2RtJOhIfKZ+RGRxQMDTM8ofFcfTl1dRLsP4Mpp2P35peRjZGFMVxgTRcrQHEgNay+T8evcViasVl3f6Bn/8R7rMIzMFO0dTt553DHIu+R/PaPBRPDXD7vcAK1iSPteE9AHAHLzxKz1Xagr1XtbrhfeFn2RHgaDGIcfoFwKzJeeJcuPiwco8qQYAdUl1efmnZGa3IB+/YXINazwpIEV001VN+MLCI5yLNQrbG40NT3tBNiH6UoM02IP93Nvuwes2N4CzNPW0jg4OV1YAO4ejeh0QoparHWiCFxM45Um/0x3V7fYOB9Ql5mVY2OizfeP8wrNxlAeK2K01iF20RZj+I8Q/GzcOZw7zmCS9HqtmAzwP9smnRnDk81OOTgn5GyW9wL4JV/xPu9zznFzYpREeXMDR4AMsbrO5O+jQksfR0HEQk+AULEbfEjZBamzE4SCnpA2CY2iaEXY8BYBDIeeIywCzTqJLYqO3u3QTgng1nwpBuMdyp3Uk2Rzpjm/zM6bik9wyVl2/t6owH+Jnp1Mu3rZlAV0hoIR9PRhSGzFTD9ATrVz/k9p4DJpcG5dQXY7Hm8YIUjP5wdRlSlsLWuVrZLbpWFQov4mMU/Y3VebSemC+lUhOCnpZHogciRERxHmYOm3T/dRlqDhn7fA3vz6euwpAjMaxiJpY6aHCj4mVd8CQ6nefxZ1To+KbldKk/IqWM2BlLwKaejEUW+77/pt9XOptENIagvXITWYtcRt/8SNgffqwCh4MXEenm4AzC9Y1LALdI9KrZip0pDPzWkHCeABFkK3SXvQlHj+tN7DXoB7vkCx47QZtQVjgAZ4cjlRiIgoFudMhancjqUlL5DjrLRR5LICZmDMPUcm4kvtN+E4WN474rQyGMOUrPWFYLkeLB3/KBiXYXb1TLeG/0hqna15/mWZxbRzUnxnJTtwN/JBTTpYQUehua4gnAUro5fT79D8e0yomGtEipadI2ldSCXCoBSrV4OUD14kKpMlmLK3nAE2u/1gwCW+5/UkJ2FDf6QXdzO1oVJviat/MSXkccMf/iGlLIsUWbdMsnequG01R2oKHd6r69DJ5JzPCvb7FF0020l70lnCfU3gOzJG94Dnm/2taLu9U9cTIGSjW2uqmCCLv2BUlO4hBslwn5dc4q5aDRByqLP6QM8YB04Bi8isC+ZcKm1VZYvL2OQr9hIpefmtlfPPqjE4u6WcQRdZ2I3twEiX+KG8bqoSIMJZINbou5bCQh4TMW5+S2jDVK8M+pYDNGVtUrl+KRN2W9ORWugauFDXq65Pi1TVwIzLiPuPGak1lyhFV7361Lh/kJrgyj9Wj0EmOXGiClKGi2ulXeSFv2rIq951iifzNSxZY7aLdlQO6vpG0nKT2v5zDX1T6xdEAQ3ywNxX7iCu2g8TLBdyHkMv1r6x6tOF1AxzfpFp8+2h7VTY0EPF1ou/UQE25ruy4Vjm0pDT8w+s4+Ft6Ir/8dBx9uuTN8f1nwTdMQ9ykmOxaB4kl2vs79vqCRGDjnGDanY3d3U5Rr24ZF2VoNJKXMOkkH4L0c5FgumawTji2gsMf2gAMiFXebE6GPZt0SmPvsqVTD0p/ZvvjlxQsaV0fFJpjoSnBXBgCCDFrBO45XGArIYd0efA/w6kqqR+z X-MS-Exchange-AntiSpam-MessageData-1: yI9u6cP8NJMv9Nswnozfh3ZY+tMiJ/wX1pI= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1371b42f-f9c0-4174-5e81-08de761089da X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:33.8948 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: hsI7+cW9k2B3vS7UoztM5zO2nq8MUzHyLiBDElL1XlTTkzcV7b2Z+I0LNGlxogezLzF/y8Rr/JM65tSsFXQMsc0/Jcy2EOJdtEkm19+Jlmg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Iz776jIw; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-2.2 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_PSBL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= By that, we can make the trap more easily conditional. Signed-off-by: Felix Moessbauer --- .../isar-mmdebstrap/isar-mmdebstrap.inc | 24 +++++++++++-------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index bb254199..ea63ec79 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -104,6 +104,19 @@ def get_apt_auth_opts(d): f"--setup-hook='upload \"{workdir}/apt-auth\" /etc/apt/auth.conf.d/isar.conf'" return '' +bootstrap_cleanup() { + [ -r "${WORKDIR}/mmtmpdir" ] && tmpdir=$(cat "${WORKDIR}/mmtmpdir") \ + && rm "${WORKDIR}/mmtmpdir" + [ -d "$tmpdir" ] && mountpoint -q $tmpdir/$base_apt_tmp \ + && run_privileged umount $tmpdir/$base_apt_tmp + [ -d "$tmpdir" ] && mountpoint -q $tmpdir/base-apt \ + && run_privileged umount $tmpdir/base-apt + [ -d "$tmpdir" ] && run_privileged rm -rf --one-file-system $tmpdir + [ -n "$base_apt_tmp" ] && mountpoint -q $base_apt_tmp \ + && run_privileged umount $base_apt_tmp \ + && rm -rf --one-file-system $base_apt_tmp +} + do_bootstrap[vardeps] += " \ DISTRO_APT_PREMIRRORS \ ISAR_ENABLE_COMPAT_ARCH \ @@ -200,16 +213,7 @@ do_bootstrap() { # Cleanup mounts if fails trap 'exit 1' INT HUP QUIT TERM ALRM USR1 - trap '[ -r "${WORKDIR}/mmtmpdir" ] && tmpdir=$(cat "${WORKDIR}/mmtmpdir") \ - && rm "${WORKDIR}/mmtmpdir"; \ - [ -d "$tmpdir" ] && mountpoint -q $tmpdir/$base_apt_tmp \ - && run_privileged umount $tmpdir/$base_apt_tmp; \ - [ -d "$tmpdir" ] && mountpoint -q $tmpdir/base-apt \ - && run_privileged umount $tmpdir/base-apt; \ - [ -d "$tmpdir" ] && run_privileged rm -rf --one-file-system $tmpdir; \ - [ -n "$base_apt_tmp" ] && mountpoint -q $base_apt_tmp \ - && run_privileged umount $base_apt_tmp \ - && rm -rf --one-file-system $base_apt_tmp' EXIT + trap 'bootstrap_cleanup' EXIT # Create lock file so that it is owned by the user running the build (not root) mkdir -p ${DEBDIR} From patchwork Fri Feb 27 14:57:06 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4934 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:46 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-qt1-f184.google.com (mail-qt1-f184.google.com [209.85.160.184]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvjS7015414 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:46 +0100 Received: by mail-qt1-f184.google.com with SMTP id d75a77b69052e-506bac14430sf410482901cf.2 for ; Fri, 27 Feb 2026 06:57:46 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204260; cv=pass; d=google.com; s=arc-20240605; b=kjfesesEuPmUtKWKSK8L2n3Z7J9fkA2tSqZRrUcZbAuijGEfKOFUaC8thq2l07aB+U HBY0v55I1739z9SWAo07ZxRPQl2e0w8e2orzE7Tjikc8wUGeVE1brpe0M3pZKEKEz8WN 7nheneNK4GCvPxXA3rP+HZ7yxVjsf2qgueOKRAnJXfPvrBCS2qVq6Zr97AV17iABsUMw ZRRyHEqSPBvhdVzDc4iuYp2GHh5DyBTV8a5Soq6OQEGoNvZ6lewQCCwue4Z/EuiqdrVA 8f6FwnsExvsVmuesFC3E+XdQfelcJtmcdG8021FKJCYokqUq4MehcWwsjYj79F3KAGz8 2NIA== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=2tHCnRnN1kFtAo5OgNV1PF/Ki4ONL6+X4fzQP0UCTcQ=; fh=RCIUytgTv1uGV0IdtBA6OOOWb66wMc4ETT9ZZSgiFXE=; b=ZwhJPyhR3nIfbBX2kyQpv1akXYoH6O3Bd+O3ldyFFI5Mhpig0s1vPRFyNfl5stFw4y RxyY6ZF4ToDjdyMIeUWDgqjhDVRHD6dsECYfwzZ5xYJPfRIOL7FYz8aI3E1rnztER4JK nqusnwHziYtv9nAW1KXJbXpUCM5bcsPbmcZqkSBqj712tOGMCG1k2uufRkt/Al/lwBtj 2NjGkUo6gAUgJVoW9IxkHjUf3QqF25Oyq3G8FF1Fd/0c/42ZiQFqx97lYS/Cm/xbnwrw PPonxR0rQZwqsfA2UkZSZTOP0n7caiSROELGauw7pthZvs/Oo0kd5Su6fHR+vi/G9ywF d8lw==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=qYzO5s2C; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204260; x=1772809060; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=2tHCnRnN1kFtAo5OgNV1PF/Ki4ONL6+X4fzQP0UCTcQ=; b=qNLIGXv6r9TF3aRgm1gGZobMNxmQg2/UX4kMCVPP4gDEaariqMtu07a8z9p0IMj6fN QPIJjot8R3Chfx0RdKGADS8FXWI1CFyxoU1IcHF4grmEPhcZdAeDBTxdHyqFTLDD8WS5 VJkXqmrmNGr3SJYlfU4kJpNK8jrtK8A5CGh16c8onioto3zfn3Ua+ScFfUWzTgSZa9R2 LuIW3qpCsfJ/JSsRLuQ/XuhiZezH4nBgq9Pp1hITk/hgdXsz4Tv22DhI/DhoOKSC50VZ CczPd/4oNaHibwE+LQv6UOONO8MqSbAVLEgCEjooz9y/4XDGQl0KO3aan9NCFYDFdyhD XGGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204260; x=1772809060; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2tHCnRnN1kFtAo5OgNV1PF/Ki4ONL6+X4fzQP0UCTcQ=; b=QMy6JUdyL6gbfDYFD5ddtghA4iN7g4VAqB5j4xhxUHWZNGY4ulkULISSPKRxZWB9/b mo/STg2rs5bM70zxZthagbtIQrCigGCC0iL7u2lf8Z9+MJg/EvBqw41dut1a6qfE21uQ Q56sdHE51iCUND47sHIEZ/X6lsNhPuPxzZK1KQ63mDSufdiWZFYy0HtRJf1B+KpVnsHL zF98MBCTMZD6Dum+gWZ01FuV2G4Xo+zRmuWV2BkBeynD+l9vZAChUQQXZDHt6YuxefTN BMbwJXUqqnLufl56r4ZNmmE27m1g0S1mzJsWYS2uJjCkV+UMg8sA/pcgMgz+j8Hy5YoG HpnA== X-Forwarded-Encrypted: i=3; AJvYcCXwBBeUzcDCWQ5Q2oMRDn16o+s7+UuBwMwQRrdAV4i6b1Hkd02G8xFnpP9oqztnT8fp+9uxj/8=@isar-build.org X-Gm-Message-State: AOJu0YyYoDdU/vJahAkdm/tOaZIuE9FfpDfOUy2QdAhaM7gIzG9jqyvQ vo9VEBPTuqe5dG2ZrQ8DhO0nXYNk0XWWH15a/v87cyp952k/gZw3thw/ X-Received: by 2002:ac8:5aca:0:b0:4ff:971b:4cba with SMTP id d75a77b69052e-5075273a6e0mr32914131cf.14.1772204259916; Fri, 27 Feb 2026 06:57:39 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+Fx5pVoH7HTN3MsKgMBEvIzsvX0qfFJ/Ke7nHAVvdcZiA==" Received: by 2002:a05:6214:20ea:b0:888:1f20:6a87 with SMTP id 6a1803df08f44-899b9c9a3c8ls81402946d6.0.-pod-prod-04-us; Fri, 27 Feb 2026 06:57:38 -0800 (PST) X-Received: by 2002:a05:6214:3010:b0:899:abf8:2821 with SMTP id 6a1803df08f44-899d1e752ebmr41392966d6.53.1772204258722; Fri, 27 Feb 2026 06:57:38 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204258; cv=pass; d=google.com; s=arc-20240605; b=IpXt7DJzhbir4IvzVxHxsKBVNhpZjunuBhMLOpH4d2+O6cw9h5PNKxiP4ma5hfd46r ExQJ7HB9iNW2URZMJ2zIw3v3Yq1e0foIRRlQxRS6O0KYdoTEJKVOJiNM3pBT29CqMHWH Yo8GC2dqpfiqyRN/YBHGcZrVbX6VjsgQDWfsLDizpx7poVKV/hMJ3xgy/URXlYLQbEqP r1sqqEulWrNd8tEzkhETbmZwmKUf6NC/jbEj+294dAssEAVGYKv8agzsz0ZEYyEoEL3Z +tmzEaDxIPy5dTwGYMsWQzukJE4Z4LwZ8hcbGGdS6An8t9O3SGNXqJqroJ8udbNAcKAu b8ig== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=sycGoAIw73uRBZpzqAOG6xQTHkwPazBatX9yS9p4nDs=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=NHEnipiJcEwLxkgV2xmpgjx6tDYjS+XLX1drIyU11/5u9xXikdf+qd9MBql4o118e3 okdPkChrKZ1sUMp+rkjjN9f0hsdPNPdaJHVXp9cLlVLGpyQd4hXTmSfsd5AG2pNZC5PV TAXidsc2KbMGZY/YkAgxHFfLt5YNFrjRsxvXKcKmVaHYUu3g2mIpIyj34z2pfNEv68UR pBf67OTpsVKodT57CT0iHeTflCjlDjaGrwrfOEcDSMWJhWrdLH9hb3oE5RL+uyAmoPjC AHQns0V7MON2zsNe68pHr2hUK5v1Or5WPvOeuiEfY8coLmolySHCUfP+1qwMq18eWzWS WM6A==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=qYzO5s2C; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id d75a77b69052e-50744aa1c73si2131551cf.6.2026.02.27.06.57.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:38 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=cSiY+04bdX0vlhlEnO5EtxwS6ZyqCFExUGfRQkC9Mp1UZSnHG4afJ67AmPMrZL3PNauhcV2KAbFUDdG+EL+ia8wZT839fG45RExadfF6Jt9EHK0YtAXPHGuT4CxjD3w1hlbjO46g44TxaijF1MkWrtB8i/frt0SbF8mL7Af0W0KWPrlD0BPl5zatxAl6jTVMy5Nc4Dpv7647nnDG0Ja1ww/ZG0bfc1DXr/zo9dGbvCFXUEAxCZP4/L529GuMSZomJwzALngvaJTEWIhJscVOba73B4kNf3DwJfafXIzcrf3AsG1UBVuVK004JHepGOjbKEgAyzca2nPDOCviVKEZFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sycGoAIw73uRBZpzqAOG6xQTHkwPazBatX9yS9p4nDs=; b=LlIyUjcVpxmVtaDE9qCXOJY9gzUWtv8laATf3MSIO0jbh0iWll4Vq9WkPc242wXqXWyyvuLPQZAKK2JBtqWrikM4fi14YgSmOWH0bi4FdruutKWLq7o1Llj1Q9jag12pD+xymd/oJZafPje+STRMxF63F3SybeY+tcLfCrxoKQStMWNbZ9xVFevydchlfmnZfZ9n/pOczYgALgBSWxfFfKGfbYZSqoQUy7MQQuBgYMm9NPEC0l72uXoH7vp7LY7pUcrayw/vvNchMLHdBPwLLcJrOZUDhlHka0YPDpecg8pEslWVIcFGAFyBCEBiUN2QpaXnZ4++zXTraQiTyGCDSA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:35 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:35 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 06/16] rootfs: rework sstate caching of rootfs artifact Date: Fri, 27 Feb 2026 15:57:06 +0100 Message-ID: <20260227145716.3794146-7-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: 202ffd77-9461-4dda-1b64-08de76108a39 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: KQwJNUKvZaY/iVAIPcFNYfu7vbvCt6XGQgZvl6L/sdhfIJE6KGjqDSLgdA+IQbGGwGBbHbm+wObh76ExlMLWYNqZaEbUzXiAahZYNummQ7wbXpxCrK3IhcV+QbvSkEyWbkkTqplEAhLV81KR3k3r7gG2KGZKv9DkaAnmz4k2xU1eoRireFvgMzXoANg53rbRAFq4HdXpYRC/trBG3rgv3VtYEnH/M/vrRS544vlrjDblvI3oegnYxJsPPNI9xzMaAohCop+JXGVyhfdrcaLMPQBosmkWRVe1lNzC4hi+PLe1blh2p9FTLtp6OUI+HQN2mUeH9fXzQFLs44cptihmymQAofips+8sHf820f47g/Sy1Prdq4uwCtMtFQRCRcP0RdQskdCiIbBH6ZlGExbDhLs91VQ0rdsSDejCoTqEoJUlMhiwBabQ2zIeJFmZN5lHBY+FeXHnCqY5uZ32fXO0qU15+G8edCJDBGx4yaA3SfNzuUgWoWjN9K7j8kecZJaShD1++icgOpH/sYLRfoyxfJwathLf+dYAiuEixjPQuBjhskbgTQ9KyVTt+UIuBLdpsZ71Oi/TZ2MQ52SzKtq3PU5/1X1sU+mE2jt1zdklDIkx8iLA1aqxMV02fC+uTiakTUuqGy4KbmgNFuW4UNgcPFk3KQmRxHQEqZoijvjvuoNKFFDHMacJCtR+4XmmkUtidH/l/seme9pmNKNIHyoZUV2RaAWEgoAOjv8LMgtCTNo= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: CbVVGhgqHtpNdp24LD5mzWy3cLKtWlmlZW5zsvqQG3XQehGLvjn2Y05tX/9XLnSk0ULI6IrXY8jmFXfqHp7Xfa3xAh0MA7Y2HoykAdqxVKTfMHqMR3g24fMSt/Gm5XxwCND7qjpHRm8fZQK93xa5pA/Tjqa+AGCRDljtRwu1RCKDf23WmJZ9a3AY/mS7XEkXfYCSLAcELFIEZ/IMUCujfBgZGU8fdPJZsQgoPDkjEb7SlxtX5qDQ6u/MO4+LwUzUkQqfO1YippjJj2/G2eLtqWTs9VqlS/Wrf4vY7Akr1HE0ZtIbnvH16u2snBDbfXH4XK9HC1vkWx3lg2uiJaifIcpYfBvLHQfhAu2+ciVKETECC5M+EICWok136pB1e8tLH+VHOL6ZTnR/XSuxsQBiz8KOqnBSHGXLm0u/3wROh8HnuimCr6d7cpYHh4fSr2I5uXp8l80GZ701LZr9SRgeFHZn1iqlS0wen+VENUuiwsBu0dGD3v8CzEnXbKpcS0iPVfhxqRqFzKY59Yz+0aGArGG/RYclTPPOQB+6ykSbQzRyIrgR/hfmtQ038jIH7sRYrb/PNoUj0CogRUKS9xCjmm0k4kimp0HmtPAwltMZ1YGMG0cBc+vYnLklBDbZzebAw5bYj/nwtO0/XTJSCCHWPdKGESzbczZkZEKmGonlsIUUC35fDyxdhX52BRzm2LIoqvXzx/46CrJi/8Q9i7Dh9je15fFResPGIoGvVtvRK+GMQPspilsM9rLzhm6ZcsJTqYFb+cRl2UnuEu04KvW6KHR/Qqy1Ox7AB+GIE7SWgnM7UuP9AqMb/YT06jHMcgOcL6Nxv8lmk4Gwou7XvyzmsZ256puNeNuGJ/bzFCiSNUh1tHoobHRHVTUlmxyqFNLrSimr/yZkFsVsIj5EcwnQ9XbIlL/lCM7k2Ro+di2Zfxf1otFRj6oYtKjqdita1L+2AKvG/O5hS0MC3NjmpXcqAx2y551PovjO3yX7VCrQrgJquVfCmFQhKzeJ8Wyz9TMqLfOI0YWvhke5nOkIvibJqEfZNqM26f5Ssiv3cJN6KRzhe4a7BmVyvLKm0b7/Kkub96w90/siYvFV6HX2FLd/nGs0sCU4pRqSSssSfPI1H5xX9cmAxdLdzwzkAVE1AsIO864j8gNqKbaawGi9U/eBiCQaNeEovm80nHfp8jnF+zu9SIAjeiQoBuS73HPPMh1VpAZWLBo2BBKsUUIAVU5DcAu+LGkBDWgtKvCBU+TXEhaYihWE7wFzOwX1uecG5/XlhlxDi8Ck7+1+hD5+ICh6KaKzr/nCXAXTeO6KVIHbXS6U4CyP5JN1lweZFVX4lenePcO5wNfl9wtN2FDR2Ba5g4CjZEZaVFTb3emLvSWtuqiLfY8V1YJVcwsD1VM7Oi9G5twYtclg24kYFTPWgxx/pqaskvcBge/kwTOIdu5ew5Lx+1DrnyHNvi/+5GHYNHyq6E3xS9kRm5hlJqKHuPKhFX84XaX6rzUyGJEXqMHguXVtGzgqer/skkGi7gIVwtEw/bCEyGdys2bOpdks9L07xA68UuFsbFmLEWUkfXD3fK3XBwKzvtV/I8B0ddMtUB6PoVVJa9hmViYHHuBzKDKZx6s9Z/DkzxyO633Z5RxpafQjsiHql69NQFaCXWhFZLmxEsb3BO2uH7sO439rtz1mAxzNitQ4Tvnc3wJpq7O4+f59iJszQPKwvBGvmx46GMrdY5tU8loHWqusjU99h7yEodtJN27cMUNJgArBEDLJyOW8TeG7MIPWg80FuX3iah18Sca0MbuS X-MS-Exchange-AntiSpam-MessageData-1: Ek63oPeMmdG03wO4U2ukPO0qCmH8lPwwlNo= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 202ffd77-9461-4dda-1b64-08de76108a39 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:34.5313 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: xS0bxMrTYXPbVxV2K5Zn+z6mc6ajlb4786hZyhCD8a/zliFdgCY8sMVUMHLcWH5qWfNIS4cx26QOuj3e03jRMlcLV6zDUA3+pkPGK0RtN28= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=qYzO5s2C; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-2.2 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_PSBL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= We ensure that the sstate artifact is always generated for the correct rootfs directory by using the ROOTFSDIR variable instead of the assumption that it is in "rootfs". Further, we avoid file permission cleanup by using stdout to pass the artifact from the privileged space to the caller. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/rootfs.bbclass | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 883c3335..81cc26f6 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -665,11 +665,12 @@ rootfs_install_sstate_prepare() { mkdir -p ${WORKDIR}/mnt/rootfs trap 'rmdir ${WORKDIR}/mnt/rootfs ${WORKDIR}/mnt' EXIT - run_privileged mount -o bind,private '${WORKDIR}/rootfs' '${WORKDIR}/mnt/rootfs' -o ro - lopts="--one-file-system --exclude=var/cache/apt/archives" - run_privileged tar -C ${WORKDIR}/mnt -cpSf rootfs.tar $lopts ${SSTATE_TAR_ATTR_FLAGS} rootfs - run_privileged umount ${WORKDIR}/mnt/rootfs - run_privileged chown $(id -u):$(id -g) rootfs.tar + run_privileged_heredoc <<'EOF' 3> rootfs.tar + mount -o bind,private '${ROOTFSDIR}' '${WORKDIR}/mnt/rootfs' -o ro + lopts="--one-file-system --exclude=var/cache/apt/archives" + tar -C ${WORKDIR}/mnt/rootfs -cpS $lopts ${SSTATE_TAR_ATTR_FLAGS} . >&3 + umount -q ${WORKDIR}/mnt/rootfs +EOF } do_rootfs_install_sstate_prepare[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" @@ -678,7 +679,8 @@ rootfs_install_sstate_finalize() { # - after building the rootfs, the tar won't be there, but we also don't need to unpack # - after restoring from cache, there will be a tar which we unpack and then delete if [ -f rootfs.tar ]; then - run_privileged tar -C ${WORKDIR} -xpf rootfs.tar ${SSTATE_TAR_ATTR_FLAGS} + mkdir -p ${ROOTFSDIR} + run_privileged tar -C ${ROOTFSDIR} -xp ${SSTATE_TAR_ATTR_FLAGS} < rootfs.tar rm rootfs.tar fi } From patchwork Fri Feb 27 14:57:07 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4935 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:48 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-qt1-f183.google.com (mail-qt1-f183.google.com [209.85.160.183]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvkth015477 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:47 +0100 Received: by mail-qt1-f183.google.com with SMTP id d75a77b69052e-506c0da79c5sf209972911cf.1 for ; Fri, 27 Feb 2026 06:57:47 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204260; cv=pass; d=google.com; s=arc-20240605; b=SCWdqywQJ7otH2nF2Ukwaa5WGKn4ZeWNAyZlY9JdeBXNwYxOWXnKiX3j6OIlIWK3PS nV4nVmziLJNkKgGekPFsW9oDMB9Oam0Lto1E6leIMVo9UAk4+fM1NBJBvY93WkymnEKy /NwcsH52kama5y3Tp00zfSJPIINXM/M5Waj2HuYEld/QQA529xyULRU0R1SUBllXVT1r hcGaS18Ng4oF2s2KFFnWVWc395Pr6mILXG2BXC6xTy1AILqNlu1l0gNYJehUuPhKT2Ui HSqPTLbJZ7aH58+knTKkFqu6TUXUa8/ICw5bzUmVg/VbCzv4ehfHIIfVPI2iXBbbOESY j53g== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=oqELujrWY5QvK+/48GXSRKiwWk5XtRxs84eScrQGdNY=; fh=1hfBBCYt6Y4JI0uHUM8kIDcnbxlOtXS1cxPdOc6YVGc=; b=Dq3nqTlaFpfPGwpp/ESCDCi/xYfM2mRkWG8cvd2+X+Swuw+UfPpK8ZUoUZR9vcmZUN pM+8k5JDI2HbXqlwE/5wKUhCRbCQSj2VBIpCgJlKo5H4R4gWUNWoA6Wv+T/dn+Fo5vBu wY4oeaO4K7ZDzl4EaEvuHbMr0I1FcnCdB3HHANaDRdhy5///j0ap7IlqS3JEVnZi8z/r JsU9eUFnxMyZVyd8u+dHlNur/yoS1moQxNlvg+ezQCgr+BriaXPNjGDJHGwZ7vi4L36b 4R5DvTnGrRd1+83nX+X1uOVKqUBadpszFFAlTJhaF8R7T+SQXDk+/o7jaeohTI3tzLpv GLlQ==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Cwn2ojvb; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204260; x=1772809060; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=oqELujrWY5QvK+/48GXSRKiwWk5XtRxs84eScrQGdNY=; b=S3slT172ToP/HGKsueorUkqR1UbqWwcnnxmcqv7R8QV/xjGYw93b2zIAwWELxMwyiA JIcoEj4WREwv5/j99TRt3RAGzgtGXzOP671cNS1iKkYLg7Y9NMa/OkFUkqDwKmAwuqhO H0+mtQ0092b/C1bp25olhtQy9YqOtEtOTDk40A53J/Bg82SHdAznUHCy7TW0ZlUMKm6m H5xLIuw3U67jvpKYIqPn0/jJ6+8BXB1D4rCLJZ7ljDYl+Dy5d6t9NmTjvB8E+XOhh2+O y2wy41xbx8W5odtYxPkD2W1dkmnWDt1ChmOQMPdUxP2XDx8BW9Ymmlzeo4KsG1anKYx0 toaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204260; x=1772809060; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=oqELujrWY5QvK+/48GXSRKiwWk5XtRxs84eScrQGdNY=; b=Ckj4KrEvtx28x0jz5F0qXXj0ClT7ID1UBLxfKhAts1cZYeKGRbPFcv7oFeSM+Gg8Lk VWmKSj8xjl53iB6v9eXWLqFcuMS7IetO1vkI1CTQFUxOBMSg6v/34ZBwxKuJTWTJp0XP ZBmEO0ENfU+JR68mZ4cCml3y+aa9GtxM6VKCjESCPdYFUp8p1Pi9mleLy9lAte3k6K9W 4bgADv69DPdoWqje17F6QaNS2N1QcrPOQ4CsbykrRMJ3IEWWJX69cNLGRqEHg9MU8NaV Wl22rRuX0Ug4jZiwo9pv/WG+unAxUBn5UMPS3dPfKtcEkUKyoOhNfyRBhSdkP01OgrWS 6paw== X-Forwarded-Encrypted: i=3; AJvYcCUyMNQoB+N76zae1oJ639mg/iNPcZ30ocB836Zqk1aKTEhX8ykQ6+7BW6bsu7CqGsZ1SumyrzE=@isar-build.org X-Gm-Message-State: AOJu0Yx7QEshQDm2mE7rtVsky1fVSWytmuvnzAocEFvGlkpOyLz9Sttk GhCrHddBtVDe252TJOpzxKOb+iZ0XruOu64klRArLquewHFyr6IEIVXM X-Received: by 2002:ac8:7f96:0:b0:501:52c9:f19e with SMTP id d75a77b69052e-507528277b3mr37011261cf.41.1772204260333; Fri, 27 Feb 2026 06:57:40 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+EikQLU6N5lMIGBTMwMDf8tOWR7pl6MsUdjSpLe0PuPxQ==" Received: by 2002:ac8:5f54:0:b0:503:3c42:894e with SMTP id d75a77b69052e-5073c10dc5als48970051cf.1.-pod-prod-05-us; Fri, 27 Feb 2026 06:57:39 -0800 (PST) X-Received: by 2002:a05:622a:410:b0:503:2f21:6355 with SMTP id d75a77b69052e-507527a2487mr36165031cf.34.1772204259187; Fri, 27 Feb 2026 06:57:39 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204259; cv=pass; d=google.com; s=arc-20240605; b=OI1E2f38Vz/3VuIuya35uG095qOH+oxp38LGAfPloiamBp4qAjkn+vImVTbRbAfKP9 x8QhaEssaKCjxNGJjflZAjB2hOjrxKCTIsvegYgkJcoKFzWzLFfs2P0vI89LqGK4/ZMq uCsjCmEJ5NfClM1gpNajRo6QtBBKaoM5Uxo1kN5Zed7LvTd21hjSkrkiCEdMiho5iZL8 OU4ibIgFa/nARmcRvz+Yi0fQ0o11+z0/nYqTAounpJbBPBW4keWKi7/EAlFTOceJj+fw 3jFBuVWK3SYEnMrkJDrPAL46Ucr5+scdo0KXiWwEMo004QbA4f9V7mmxsFI7jemdGKrm LutA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=xHSs20pUEYD0HcbEjEEIPWIEPobizfdcm4nmhMT2nWQ=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=aA3tJagVR91IDPLW0SFztKmiwziDHUlNbIq5HeWLjduUkQZ5Hkek/RtVCrrjalMjss QoxHfG/htfXQK5JJnns6uUL25A6gZ3h4jBiH2h4h6AoN144xCaqaU9poaNha5ycmwwra Dgkp1vYqhN4S8Jfcp8DKf4Xz6eJg9i5cgHpbo9QYW73n8dC/OOUx3z2pp/xtAv8O61M3 X/ZuJHUXj/20JY3R9u5EA2iFM08WqucGw1x519P2ZGdQQGwy1iPktGDmCadxJ+xkwU0v Mph58eieOU6mqh7zqWUqmejwbz5Hxnyyd+usz/BL/IXLYBisZpCqoqPs+7fZdvWFtpqK Z4JA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Cwn2ojvb; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id d75a77b69052e-50744aa1c73si2131551cf.6.2026.02.27.06.57.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:39 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=iEeLWfAj1A0XRDDDd5MNuWCDL/9Is1lZe/qBeBkOZ7TXlHcwhunorNADsBc/hdPIR6XCqQXUc+UXpblrMaUa+V+09LlhsgRw6wCmqdKapNhnsOSAoF7k7ZJWiKF/PSgS4lt/NKdVlG03UKFX21ol02puBXwx3lXCBMaXepBJ2THULLTSf801nq1H8pftMPkkjmYk8Lm2SZNh9Zv8dCab9QYzBofUeptAW/K/wePDQrt4jQM9i81lXQw2LmFAluPN8kWGVARwtZxveXDBlD2skk+ESyu06CAyRvI8fFifgl1iHDA43naTVJbGaNC2yEoVsbYahsfRYWxsA8ePzx/Ulw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xHSs20pUEYD0HcbEjEEIPWIEPobizfdcm4nmhMT2nWQ=; b=fr66amkmnlg/BbmJP/sp2TnmEwVdzyNAaNWYc+bQ2NLVhUNXRlD+bHEwmAZXHyVEKEQBBWOTDjb/Zw1hFQ12zOlSt2WgjNitnLBlEET25uNxEAawX5CZZYSjGoIZMsSGZIWpsCcXqJDaMX1M26NNAzNLTcsX2gffp/t15HCQuOA9SaTVzoRrDX8Vc2u+IbACC7XfIdchMDn3grjLiTNEr1hKMpIL0gKOcuVG3rJ0wx6gQNy1cOPrRejqOFzdv74ZwDopJyJlhUyfaamW1uuVxey4z0byYsApjzBsglVT3nRKB/MhugsDy/zjz+7cl3icifOQey7JNqs0SllVNDLdTQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:36 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:36 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 07/16] rootfs_generate_initramfs: rework deployment to avoid chowning Date: Fri, 27 Feb 2026 15:57:07 +0100 Message-ID: <20260227145716.3794146-8-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: 1d11316a-8c7d-435a-643a-08de76108aa5 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: Mhr33kZGoAQguNvgCb4QUez2Yv79ynx+pzUUBcYlrAuXJuMMauiaIHDqMkFSQUqberDzjVVNagqzNS3qMEHeBobfufrJMTXZQ50Fyd65Bmap7mWijZ+Gz1jYnRp+yov+olU17gNccYxs9w/Em8L0sbMA1pbW23x4ysXZsUXpvEMwGM+tRxSTIuindBp/Si7TzEPWJ8dkhoGsz5c3MDc0tSkv3NnnwdFTV88JVh3h59gX8n1fz5Rep4WiOcdpGNXtVdIYeLeCIfRKXaz9dQBvlEI4JAH9u2Z+eoRkVXqfQU2MhtCg+LhJfHNsbirr+cirsI26mdWkIxBluouw3RuRVZVeZqzxQa2jxxQQOVNLNrncXiGgC1PDiMMq4xYO/XoOWDsQ5yLnhYg+VBgOlQmpxQtykokF0gtsIvGr7fU8CGmi1GQkMW39l9Wht9cqYsjej3cqy6dTn48w2jXq7FVCv9vHc4HwW3Lud5odQdp76NetttSl1Nck+hqTOo7WVsyobPQC49TpEbqpgNZwIgMSfFm6nEv4vv8aBZHV0cmepse4q/rliM0akxS/77Hjhu3CdmJMmRCgax3mHYgwAWKb1o6Tmvd8eGaRrcl50GztipN7vpg2DFLUfL2MEdNT7YEKa5hsFJ1bCgzvnQsUHCfoPDzkviwKrvYA8jx5dVOP5jcEXfVKq+Wp3iRyze6pPl10CHBTGUofnbGGAzP+uJ7L9XzMlzUhjbKmya6wNo5AnSE= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: BvI2oAhw5XqQ0MUyzu5kNkUGa4OfjORoD8L2PJkAdUTkJDjY/okMqgn3QhvFi7BL17d86wDcNHkV/2eujENRVjF20sMJT2o/euzecZ2UotKrxhiibq8n0v2eSXK1zpBjctwUd88LTi2MVDntdpw/ap5uGcJNKZBMC8R3F2Y9yGEuaF1+AyBwX94aC+pTv9PIF4aJYLrZ5H3RL73HxMFhyrGEU555coHlcGnM1DTZlys9zthnL6zbl5QBdZFNv3hCnZVg53mPXNIsTLLlXv3skC0yu2yzIv0tU/M9ZjFhzITLXWFTnF69vJwlPrBTG3g1wdH2sdgson9yvyxKtSsa6f6mdD4py9bHyvbIWGB1eAb8YXE/A5/MoH9IVofH/RtvllVy5YJg6hWdXhu0Sv9qAXCx63lzRj/BFs3FxR7It8gDhdV+4pJae+KJNSmHZCFCWZq+yciPvrR1/pvjQbGccVfJtA/CxAPLjjH5P69S3JH0bjs9SQSPldwL7KyzZ5W9CFRJt807weZoAWd77SgvGnfsbG45RVtewWTuyt3u5HqrrZAOTXPCcw8Xy90ZotglM93eH8ObqkD9Gq0D2tEnIuDqyzzeRv0whwjWErBHkbb87rBdB0owcmHOaKGaqV1bjN7qOew2y1Gt6WVgDH7dDCBmshh8zXKuIpT7RBCxBMkQk59s02cj6ptHlcR4wBCp2CGsNGklezJ87OIoPIsf3sLFQ8GbnONnWvDYmBLoZ7S3kubDbR8uobddEUyZ7DhRZ30P5L7DoGoLmCHNez6+3A9fmMEWW8f6jLmHPRYZ2X0FGSfH8wdFOhekEhd4Ht4ZFslFdFT0EkZkGPjpT2Co/CgHT13oBQOonOIPkJD2EMJONsMaZLI/RL1ZJMiMa6NiV/gZh8vxyyx18ykm4xYWYF5wAic1J1XrfTsBXpQZIqcumd2DywHQSg2hnvOTJywwtxKKK7t4j6pfboMoKy+SW8gGQwJgYidVZXYMiaAnl6LeF7ZtXycoaYFJUfRw+4i1h1/yaTdAwyF208jNEjRcITUDWdDIefEf4Yk8LO12+C1TqIC4pIf36Lc1DkgoROcVrdwdiPCQFkK6JVZhFeeGOEydc0h3TJNOFJYgShyUE6Rr4J3Byhn4qTX+ulElN7XQXSUeKKOOdGBslLHPAtvGXk0jQI10qzrPcvBWzglRoSEO/oGKrxMc5OVM5rMRU9X8wkrPomQhb/fSUlzd1A35pNq+yD3nepFl30/O/YOfzdpkMy6rbvfbGqL9qaCXc88DXPDgFhsCNOIB3Icp+HUBgxlFuhOHE6SGKgdMs9G8Sj6UNMc4Fo83+kH5mjYPg8Ygv7G9lYBUiZTEAD0fpZmeS8Loqv/Prkonj71Qy3MTbjjOw8z6xrVU1uUku/2ADicxj+BU1dzoLZlmAeH6znUvRWbLjA6ZKEyQzBhxC9b+3p0yS6nAmarQXOiNJNm8r0Ebk81VZWjV9Fz56AniJrwMM1jZ4ORvH7ykkfoXPLPLE2BOBzN6fiS7v2sf03YRUS1Gue5QK4tT7jSvUuIK4eP0Y92gYX1HXnVxbFgag2tAtEegwKgHXUZyQKo0VmLXRpz38XeskXavu5ZGgMassyC0n1TqZNGtDWP5Pho8Ili05d/VxrK5dOpbduhCd9SMd2kmfLD+Tu3PQ2Xk8g0pdip57BUu82dPP8sHTZwbnqm5wCyGWYlfIHmBR6BHqLgLu4ZJ2hsIvz/52qUaXkyeefZ8TUheuEmayliBkORr1vgouSl2eMCj5goOOVcwKm+dGWjj8mcNWbsy X-MS-Exchange-AntiSpam-MessageData-1: KAfsF3UB3xy1EAVPGxdm/Q820QRJXoDhbvI= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1d11316a-8c7d-435a-643a-08de76108aa5 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:35.2435 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: UGiBCHzDNH5+B6fMc85c6ecvpKQOqwFN3h0ooijZ0q/vVf3m+aOI6MoBHncETPl/xOVsTIOJ256+D0kz2BG11PD+xWaOEH77EeeDePC5Fu0= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Cwn2ojvb; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-2.2 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_PSBL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Previously the initrd was deployed as root and later chowned in the deploy dir. This involves privileged operations which will no longer be possible when running rootless. To prepare for that, we deploy via a stdout and create the target file by the correct user. While doing this, we also remove a useless sudo invocation when listing the ROOTFS/boot dir, as this can be listed by all users. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/rootfs.bbclass | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 81cc26f6..c74f4b8c 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -620,18 +620,16 @@ python do_generate_initramfs_setscene () { rootfs_generate_initramfs[progress] = "custom:rootfs_progress.InitrdProgressHandler" rootfs_generate_initramfs() { - if [ -n "$(sudo find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then + if [ -n "$(find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then for kernel in ${ROOTFSDIR}/boot/vmlinu[xz]-*; do export kernel_version=$(basename $kernel | cut -d'-' -f2-) mods_total="$(find ${ROOTFSDIR}/usr/lib/modules/$kernel_version -type f -name '*.ko*' | wc -l)" echo "Total number of modules: $mods_total" echo "Generating initrd for kernel version: $kernel_version" - run_in_chroot "${ROOTFSDIR}" sh -ec ' \ - ${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}; \ - find /boot -name "initrd.img-$kernel_version*" -exec install --mode 0644 {} /isar-work/initrd.img \; \ - ' + run_in_chroot "${ROOTFSDIR}" sh -ec '${ROOTFS_INITRAMFS_GENERATOR_CMDLINE}' + find ${ROOTFSDIR}/boot -name "initrd.img-$kernel_version*" -exec cat {} \; \ + > ${DEPLOYDIR}/${INITRD_DEPLOY_FILE} done - install --owner $(id -u) --group $(id -g) ${WORKDIR}/initrd.img ${DEPLOYDIR}/${INITRD_DEPLOY_FILE} else echo "no kernel in this rootfs, do not generate initrd" fi From patchwork Fri Feb 27 14:57:08 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4937 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:50 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-qv1-f62.google.com (mail-qv1-f62.google.com [209.85.219.62]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvles015535 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:48 +0100 Received: by mail-qv1-f62.google.com with SMTP id 6a1803df08f44-899b6a1a557sf221802826d6.1 for ; Fri, 27 Feb 2026 06:57:48 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204261; cv=pass; d=google.com; s=arc-20240605; b=AwArgp7jD5972SZMtCb2hAvbvvoytcatp+DDRZOzxUs0YDbSPxZxE/2DuGh8+Kx9LJ +RNsAekMHGjBWM3MD6CICVCnj0R1m1mUTKCZM2vpK8ZVm4fnZrpevyYg6STC0ju4pprz Sbx8kCdqJLoQVdoK83BdBlLcHy7lN/NhbPiwi7Ec12+AAiqeW307d7TDQCwceOri87bW GUdY+YfTJtr5qOGiebnvn9N78GcyF/NabGOi6WlsxIUhstgkVZcl0x0Zz3DWJ/YOYwY+ ryyOg3LKeG6uXmycmJpbnbefMBNRAxH2GYHTpCt9xsXS2eSlAt14dERyiWe1AhtpvKpz M9lQ== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=v1TDX4mhvK/xRF6lxxAJ+Fx5AX4houLt414hrri08Mk=; fh=NxXQeH3+Sy3vA5keX/Rq0I3Z00f0tsJik7Wx3EjJ04k=; b=DmKepVajH9hxzR8ZNT7HSueEjCaPEqxLlAfmv/TtdO2qHwexM/K08A0ArmK/05U1gD r2Q4VoEchmaqB0pyk3Sa6z3bkprVTCGJNPXm3IBdk9/Qz40R+zg7z5fY3NlDbbvvEU75 XFK1UNIaWyPurNCe9RVz48fmSTBduSnl4iP5WqKO+Ei1TMGkb8Fcb7WG98ibVnCB6Lla +7U6IwN0WRmYdSAigFDJUxTqIvb7f+RRgEpl88tiroeEz3kE89s7582pi3z7huvk5Mzp Y9WhP1Jl8+6LWIuIiWgpvU3LqAFKe48Adw8CpsTpR3QfszUQf54uMtkjMnFOpB+gLUIE jG5Q==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=NxlVXAvB; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204261; x=1772809061; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=v1TDX4mhvK/xRF6lxxAJ+Fx5AX4houLt414hrri08Mk=; b=QcnSCCXIBkaSeuh9tO/2CswXyOo19H6GA7DOLR4tCIQwYQE6N8Iiyo2cUugIBYRHs0 /qbYLGZNvEQFUJEOdssXoNKk8ugAEVSOI2q/XfRirT3ZFvAl0P0iWAcI7MCsQ0P/1QCz U0YqLcGjbaiVOw88m9zr0NhI+WQb69o5O9Yt8ANb5704GQg/7Z6EcEJDSW7YR7B+fAvi ikOpxTCTQ/V2fe59OHZMUSQX8PlOUxa+PsCPuyX8kMLpjlOwQ0PVga7oObs6fowrMQhK 2eGpeTi/qCQD6hxWeS/9z3NAhf0AZ2IcT5upW8sPe7GmJBDveHh67ua56lc+Ua5U4Ln5 Qe/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204261; x=1772809061; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=v1TDX4mhvK/xRF6lxxAJ+Fx5AX4houLt414hrri08Mk=; b=tjkeHnBIHg2ErICAY0TorVSexkqNmym4lmrbE5F3EFIaGbqU84W/MkQOVYVgNmeMyZ uAJUypvt5Q91PjnQqkOoK4rNM48tEMjlY6QxXfGV8n6IWLnv65+CqFpln6StqbfN1Zo+ EPxdg8mA+H2GCEZ2b0sgkazeJtIiSVCdzjIGm3+A/FcgWaSYTX2HZUiV8hqqnBbMuQqn Wm71CITA+xP96zKbxkOQW/EwQbxyjJNCJTXhGgbpB0mlHt7DfCQFiLaGMildWGrxofHu 3ukARq9NDYKDL/qMMyXfPXBxiPm46A8j1kYgpca0LTPWNRmn2+uCQseUm4Zjh0ooUoJa N5ZA== X-Forwarded-Encrypted: i=3; AJvYcCUJ6CDJBfSJtO9/FqCvF8IBtYpi6dP1/Qw+BNCncOy5B5dqhphl5SVEqdLRrrDbLWbQf88O23w=@isar-build.org X-Gm-Message-State: AOJu0Yzk8jxKtDTi+CkI54/QS6t9lOXqjTi8cr5C1gHsDV1U1FhRHqgT 2WZnW7ASrM6JUY9ct0qJXJPacB48bKX5CxoSjlHkxrm3J2AonY1x6I70 X-Received: by 2002:a05:6214:19cd:b0:899:b566:64b1 with SMTP id 6a1803df08f44-899d1e3b426mr42801126d6.38.1772204260835; Fri, 27 Feb 2026 06:57:40 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+GsXEnRVVFRRCpxHfTEm3dHveUvB9oV8DLN6UOHuZfZvg==" Received: by 2002:a05:6214:19e6:b0:882:3ab0:1d82 with SMTP id 6a1803df08f44-899bedd0ce2ls46133816d6.0.-pod-prod-03-us; Fri, 27 Feb 2026 06:57:39 -0800 (PST) X-Received: by 2002:a05:6214:492:b0:895:4b25:4a18 with SMTP id 6a1803df08f44-899d1e3bcefmr43171986d6.34.1772204259676; Fri, 27 Feb 2026 06:57:39 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204259; cv=pass; d=google.com; s=arc-20240605; b=PCpUPRKZMgzEfuLtGe3Rg9UjGafWegWNohZs+1eSwJElNZa0cilzEvtQttRCecbJf5 pD7UglKcSwqzK4j+a3fVHGs2jryo0V7We7kT7FgLXcml/zwSs75WGgZLdy3zum95RkWC FBOzdqO62GCS9yHXjpHKOQ0xhAyYt8ItOXpq9m9mR8/CqdPS84jI42scyxxOUs6Gb3EM oQ48Sn00idOYFX170EDK9vfoOIveFE4dRdELSEc4w2rna54yJdt26s9zuxa8/XPYwyUU +hlDMeQnDkgvSE2mIzNY6ebJC37BOohI6L+Lht62geKfSl+TF10nuPznPiHu7xo0wEu7 SRaQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=gR+dArd9YD/TQEe5YzSAF7lH3fOXbPslmV7rfuL7boY=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=YAwwxX/yAliuyb/L3ezTCmdXVHRbTpGBPePgAA/5kzC4R7BZK5cpdckXTDQBIcTeZN EewwmkFfGm07XVM5WvlFkpJPbsQ6WW79tADMYewOxZjF9D3YixvqGtpgnldZXQ5H69Pa sRI3v/Zvw0skeZpYELPLULO4amg6ZKmkLXbhZ2OxRUhhRNYYRVMRTdqdVPLl5uxQFx1d p6QCPw8lkVHRRF7R7NwMnrqQx4XLFL9zeDPPDuqMM9mZWQNE+0LGdO5IdpGvmujM8F2M bsOxIIxuyS8r9vjJZSN+pvMrA6hMJE/6AfqvxaTjMZgT2cYviG+kGdFPit79mn5US0x5 TXyA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=NxlVXAvB; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from OSPPR02CU001.outbound.protection.outlook.com (mail-norwayeastazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20f::7]) by gmr-mx.google.com with ESMTPS id d75a77b69052e-50744aa1c73si2131551cf.6.2026.02.27.06.57.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:39 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) client-ip=2a01:111:f403:c20f::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=oVsCEQy4el9uFcYZPNH5FzjT4xufPgLZVkHRYpFoZjbkZOPdXfbkggnNnGz6MybX+gKATCh3NajGyj7ujpiSQtMKDZGop5FoDNh4yhoEJUz7Xla5RY6J7zxxbASZjjZI0F72aDHuODG8tth92lEl2W1Y2//xc3OPmApfJ9gq+GpkUTOLVDCIYvgO96r/K32OvvKuKT4wOvtBb0vwQZ8VfUJwKy/Z4hqScLusgjSdsuOq+7FbyOSjbJWW5RQA9U2Jl/Whi2sSiPmIfn5UjFPJ65HJKm4FfcxJvJJ/W4/wmozNO9gh/bDqYFiFjTBE7iFlxZCw2XnW5gwcBirvRIl3fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gR+dArd9YD/TQEe5YzSAF7lH3fOXbPslmV7rfuL7boY=; b=m+g/0oI9Wgz4orG15KxQiF/pHG0PKxv/6TaIv4sCDXMF2z2ZNx4Km14fLfFiuDK3Q3JohzsU0iGUMM6sYgRyQ9uV0KAuFTwtTeXzO95+0HGGozjU+pzohNVIVxv3zi0y4Znt9N0HAHpp9xHVoMTIsWYNT8kBvgDfy6fNsBn4BKWX+iYikSISgEmHYdK4XRi84SZos3WKEboSLHih8J98BU7oYKJmoKoQqYK1V5Fb8rsMMIMfxLsPsuJjYb5gGMtPHKBxjIyZcR3DuN8UZ1/05wnirkyT27/+iBfkT5PLkItdcmQQke5WPlwLHy3Eduuf6jrAIFw94Bb6Cz8X5DIhoA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by FRZPR10MB9889.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:d10:1ca::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.13; Fri, 27 Feb 2026 14:57:36 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:36 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 08/16] use bitbake function to generate mounting scripts Date: Fri, 27 Feb 2026 15:57:08 +0100 Message-ID: <20260227145716.3794146-9-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|FRZPR10MB9889:EE_ X-MS-Office365-Filtering-Correlation-Id: 974b2f60-7032-4ef9-ed07-08de76108b03 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|10070799003|366016|376014; X-Microsoft-Antispam-Message-Info: ggBq1DyOKiCMREFxkWtxY8LQI6FdBkRhmSKD9q7gmJSTum9fV+X19snohSgZhSoiEAVb223ZnCkHjeuD3HNWrUcjF3ZDh7okor3yuyCCtlc8ubdPPwYkWShHDjgH8y29UEUr2ZArWnnU2pGx7hoVl774RjlwCV/zv8Y2nOLlCPlJOQnYuZAL7Kx1XBRRhZQrUNYhwKBy5926CHBkyZ/TXuo6eqtVT3CvDDH0lPsLgjFFupDo1kiZxra8JjjURZ7jCKe3SOMP/H/iQ7fifQdL+Wns6NPCl2RZcUfDQ80ceuj3nv8qMOpRDRknNSM22D+5MvxyyBDEiDhhBCA0GiRh/VGrsJo+22WXOA0LKZ4yzyCvUaDjGZ5Sq+Qn8Pye/8mz4Mq8Pa+PSsN4p6YTaHh0u5vql/b6oUA2oyHTis1ZG7zELd90KkBttmbbx5wSDLD83JxC16cv8eRI2gWkS4GfXDLZP0m0HgXphkDzbGcHRoejaaUanDIzgFubSCOzDSe2k3hljSRP89GlmDQI6LdNBmSyxiQsdhZFxz+FxixdnQvmqccohOdRo9pPwl1Ne8veA57m5CnDj82HaTN81EiMQ7LXV46N5FCfoBzJvL+BYiGbwo0bHj66hWX7xVVWUo0RX37gBhGArL4dNjOxLpR1ZWCxIJeZNXIR3xO8R6aWlKifqttSams53vWjBvLUCBY9lkcfyHyDabNmKMPbqjcwFirhwz+7p1Dcmokgysehsjc= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(10070799003)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: /vu+th4s0M9a8qC+XPeOcg1O5Nlha9U4WzWAZNDMwfP7cMqEiTK8EZl9N6yk3RKlTvh4RMq2rs3RQspX9bTEiVZvWCABKBtYCXHfaUiHwx8XkI8YDBf3LAuyaqRYWOREKP/5540hrVistmDsySpEclnxeM6UBn58Y/unZP88QOsuGncyDlbEbjo2jAEUReVqaiXFWd/jWSKZ5Bg5aaUTE219aCLlsvo4A4bUAv5Zjik2inYAm6gknHQOUyPO4Z8WC/r4uvrO0L69jDBB/8UktHLPe6uSX80mKhpeQPIZ5YvA6nwhSe+YazrIKoRvr3O3gwK0b9L/iiVI2aM9GPi10l2Vm2fEkjpjtDm/fzOThEGgv/oC3vQNcbdHg5xmy/3adkoUQnfz4+tzn1iS76amSLq1/4eU7G83nwAnh3HgvBrUeXf1R9lJravkolgD/D2Syq6oSsdXDmK9Ckdvh505HPbx/xS0yEromfmvnpkdaofmoA4Pc7rnsXAJGMHTENP8fg3IL4V3oWgswc4Hf6ZtodOIpVVhE7y3pWyKZPQHOJ7agrwTRCfXEcOKprRuCFb4m8Wmsfg7TwM9l1NaUo/+pbdWrkO0lMugTSHMBbhUlOAFDuGzac+9/FwyAZX1glOKoueKsYilInkUB48giG6z/Xik0P6Fwo06/G73vkCqzlh763n6TKUkJsDPLeAnzP9W4wyRB34M7G/YL8vL/dbxZAMSqJqJlQz28LFxnYzFxl2iqUuhVCe9YBRkjgHGA9U2gWdzbFmG5rQ3RKZeWdRg23KRCxJviRyU1bMvfZIpyPgPeo8h5JuYTOx0q0s6Ju97U1KfBCIbca0rmSuud2mDOYaX+3TQ5LHIivMyi/Z5gEAnmFKjgsJ/pNaWdiGms6IZb6/dQqQFKU1Tt4sOhV4CH7neB0kp/4a43VAJ7PdNIM4nqoX3250CIuMN6EsNMUDNVEkHdH2xSvLa033dvD51cKq6hgDlHIR4oSFjuloUqkNsfZHpi6bcxiGc1LLfGxHRakbpUG08hMY52Q5i/yHQxwKXqL9k0/Sac69YGzVdsTrUx5FUoxitHq3Y+31NgOR5H0Cd0dHp2BL3WqqlYtZrvVSLmGr4Ln7+9wU9s/dYy4tjAJ5tFVGJS7jbvoy6QSPdO7+BS6TrgJ7YLMqOJAcEKVB5YWILqiJtarq9lm0RxXIhW4DxOxbt4VUhcbkHN1TQ/9dNyWx5p7m8dZBFL8G2qlLKZ2AEidhL5GyR3CFMp83ZjvcLHaHz2ZfIb1hM9GHlyHX6o0Ic6d5m4RkSonnvLmCNAMyZP7PBcAEMoxvt/2cGkC7J1SkKFGId/vwSQL0FUEUyiF27fxif3RAvruSHmRMRwoZcXi4MLEKQpuhvz99sTJCjrDpERxEWUE4QaXHZSNXhRJpJO68I/ggyhc55cLQt2Zh00XdS3vbh9l3IYflLjwlE45AUbnIg/HRF+2fw0CXmMAhfL1Eb7NeEeULoVbxrdTyorRj5dHWuXaqMzdASBdsZnFoznH4Piv0T/s7lLxBQY02mybQsa+/IJys6JXrHL3sVevVQd3gfob08MAuBR/+sZvuNEXpLgw6hiawEjJRtSw0hhb8IEehtjdo3Pgp2FuPEwi6vxjnIymXXE1lADpGd87eBXGwpRr4elS1wXhmNvOaNic77KNVxMvGO2jXLf/sjJ6FBXvB/SfIB2H382c2LLAaXe/XNeDgzhK+AqkxZS/IAmbnWOB9t0OWu9ij53cFRZmDhIzBrvEdFT0o183J7KAbWXm7Rwspe5tO3Ucbi0DVG X-MS-Exchange-AntiSpam-MessageData-1: nQHolxqjZ+2xqvBF1fNCHJWrukSSdyup01k= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 974b2f60-7032-4ef9-ed07-08de76108b03 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:35.8720 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: /PFt1ePnwSMlmsuIyJ5RBmf5eZuyfZULDOpJg2NOYqE6DRxZltQvxAgNCdSVLJ6LsGU9pTT7QN2Ctkr74QSTKabI+5wZkUx9GPI792T7Rl8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: FRZPR10MB9889 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=NxlVXAvB; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20f::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,RCVD_IN_RP_CERTIFIED, RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= By introducing a bitbake python function (a code generator) to generate the mount shell code, we make it reusable within here documents where external shell functions cannot be called. Signed-off-by: Felix Moessbauer --- meta/classes-global/base.bbclass | 18 +++++++++++ meta/classes-recipe/rootfs.bbclass | 49 ++++++++---------------------- 2 files changed, 30 insertions(+), 37 deletions(-) diff --git a/meta/classes-global/base.bbclass b/meta/classes-global/base.bbclass index 9a00fb83..5f82b241 100644 --- a/meta/classes-global/base.bbclass +++ b/meta/classes-global/base.bbclass @@ -379,6 +379,24 @@ def deb_list_beautify(d, varname): # Helpers for privileged execution. Only the non-underscore functions # shall be used outside of this class. +def insert_isar_mounts(d, rootfs, mounts): + lines = [] + for m in mounts.split(): + host, inner = m.split(':') if ':' in m else (m, m) + inner_full = os.path.join(rootfs, inner[1:]) + lines.append('mkdir -p {}'.format(inner_full)) + lines.append('mount -o bind,private {} {}'.format(host, inner_full)) + return '\n'.join(lines) + +def insert_isar_umounts(d, rootfs, mounts): + lines = [] + for m in mounts.split(): + host, inner = m.split(':') if ':' in m else (m, m) + mp = '{}/{}'.format(rootfs, inner) + lines.append('mountpoint -q {} && umount {}'.format(mp, mp)) + lines.append('[ -d {} ] && rmdir --ignore-fail-on-non-empty {}'.format(mp, mp)) + return '\n'.join(lines) + def run_privileged_cmd(d): cmd = 'sudo -E' bb.debug(1, "privileged cmd: %s" % cmd) diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index c74f4b8c..6823c610 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -49,6 +49,16 @@ ROOTFS_PACKAGE_SUFFIX ?= "${PN}-${DISTRO}-${DISTRO_ARCH}" # path to deploy stubbed versions of initrd update scripts during do_rootfs_install ROOTFS_STUBS_DIR = "/usr/local/isar-sbin" +# list of : or mount entries +ROOTFS_MOUNTS ??= "${REPO_ISAR_DIR}/${DISTRO}:/isar-apt ${WORKDIR}:/isar-work" + +python () { + mounts = d.getVar('ROOTFS_MOUNTS', False) + if d.getVar('ISAR_USE_CACHED_BASE_REPO') and not '/base-apt' in mounts: + base_apt = '{}/base-apt:/base-apt'.format(d.getVar('REPO_BASE_DIR')) + mounts.append(' {}'.format(base_apt)) +} + # helper to compute the rootfs distro also under cross building def get_rootfs_distro(d): host_arch = d.getVar('HOST_ARCH') @@ -154,50 +164,15 @@ rootfs_do_mounts() { mount -t tmpfs -o size=1m,nosuid,nodev none '${ROOTFSDIR}/sys/firmware' fi - # Mount isar-apt if the directory does not exist or if it is empty - # This prevents overwriting something that was copied there - if [ ! -e '${ROOTFSDIR}/isar-apt' ] || \ - [ "$(find '${ROOTFSDIR}/isar-apt' -maxdepth 1 -mindepth 1 | wc -l)" = "0" ] - then - mkdir -p '${ROOTFSDIR}/isar-apt' - mountpoint -q '${ROOTFSDIR}/isar-apt' || \ - mount -o bind,private '${REPO_ISAR_DIR}/${DISTRO}' '${ROOTFSDIR}/isar-apt' - fi - - if [ ! -e '$ROOTFSDIR'/isar-work ]; then - mkdir -p '${ROOTFSDIR}/isar-work' - mountpoint -q '${ROOTFSDIR}/isar-work' || \ - mount -o bind,private '${WORKDIR}' '${ROOTFSDIR}/isar-work' - fi - - # Mount base-apt if 'ISAR_USE_CACHED_BASE_REPO' is set - if [ "${@repr(bb.utils.to_boolean(d.getVar('ISAR_USE_CACHED_BASE_REPO')))}" = 'True' ] - then - mkdir -p '${ROOTFSDIR}/base-apt' - mountpoint -q '${ROOTFSDIR}/base-apt' || \ - mount -o bind,private '${REPO_BASE_DIR}' '${ROOTFSDIR}/base-apt' - fi - + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS'))} EOSUDO } rootfs_do_umounts() { run_privileged_heredoc <<'EOSUDO' set -e - if mountpoint -q '${ROOTFSDIR}/isar-apt'; then - umount '${ROOTFSDIR}/isar-apt' - rmdir --ignore-fail-on-non-empty ${ROOTFSDIR}/isar-apt - fi - if mountpoint -q '${ROOTFSDIR}/base-apt'; then - umount '${ROOTFSDIR}/base-apt' - rmdir --ignore-fail-on-non-empty ${ROOTFSDIR}/base-apt - fi - - if mountpoint -q '${ROOTFSDIR}/isar-work'; then - umount '${ROOTFSDIR}/isar-work' - rmdir --ignore-fail-on-non-empty ${ROOTFSDIR}/isar-work - fi + ${@insert_isar_umounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS'))} if mountpoint -q '${ROOTFSDIR}/dev/pts'; then umount '${ROOTFSDIR}/dev/pts' From patchwork Fri Feb 27 14:57:09 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4938 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:51 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-pl1-f190.google.com (mail-pl1-f190.google.com [209.85.214.190]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvnTF015693 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:50 +0100 Received: by mail-pl1-f190.google.com with SMTP id d9443c01a7336-2aae3810558sf23392525ad.0 for ; Fri, 27 Feb 2026 06:57:50 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204264; cv=pass; d=google.com; s=arc-20240605; b=hw3MhpFiT/WuaZvKyFNJPzYdaEeTy9+Q9iKW/l33r04hwkl3prdEMrrQRpAhHhvhsr MJDrofs+CLCscCcU2tWkhg8U9LaqEzhcB+6nQ3kacLn+v1T0h3FKUM/F/PEDrneXX/4G 3AqOvS/Xwqy0RRBfw905k68tdxe5OSm3Ls87FwgKEgMcL0vHN+n7B/eB+VlIwzEuOWS5 kMzC05duYIzhSRhyUEX3TvHnWvsWXUKhe3XI8PVUYyBMAcGJSUT/bQDblDzWuxcpHrrN SNO9ipjRsqwsOuB5UpORAlNpLImwscYwI/eETsWuBlleJfYCKHs7dqA2kezLaeo1WiGF gaOg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=cZNzdwomaOTS5lg8GCS+Zdx8F8MqIzxqLy0qg4wVWDk=; fh=3xNROwuc5GB+YETpnwwoeSkI/RrHsJh2A879YtEAOrk=; b=SszZU3IkvF9VVlNgYDTr6Wdqte3bEM1q3Btf5vX+WVXUar2B1BP8NeHLuSdNRWnXy7 8NnFIdyU+IcXiDqvKOKIRMxJLA582jMpm1hsWf223ssdJkfFHq9Xr/rYv8IXJ+LaUIaG JQSi70PMJm9ft43D3Vmvqb/2mD+3Z3Z1J3Yz33wh3GEKRLIzhh/k9FDdHBrgJIFMpEMD 7pbaTpCmQ8mf3hkAdR1iHCLQ95d/OwZiKps3CoLjf4fHASZUpqTGD4nJ2Rl3wD/mtNi0 Ij1eYoi/bng4d2TSo9CmP+3fyFB2mWj5pa4gJM8hn1evtvdWDs4Y8S84l5jqOGc3VKW7 JpmA==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=F1m0hDhv; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204264; x=1772809064; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=cZNzdwomaOTS5lg8GCS+Zdx8F8MqIzxqLy0qg4wVWDk=; b=jWus5sKWOGu8DQpZbh2JpWi7ziWLhAlCv4zRv5mnCc0rH6M8D2ocwM7AA4ekPl0zja nSM3V6dmHGvCm/y4yzM6Ou9ym8xZSWyk5DW85MbxzzMUBEZS3UlXh5PjCjxeH8R7v+90 1YPCVeLZpclKIx0apDOqlF0Erl76xMxzSiCllvOcvPb/7/7+uL1VORHiPMcidM69wFhc thkKacupb88WbVVC8+y790MXgRyxGKexaAkpdRrKzwBtwXy8VOvhEUrxKT837k44c+TZ isn83GLl+9vgnPnSK3A3INU8Lpzt2dQ/wVccRH82UIsnEoyDmmlbnlfgMKmWW6ko6gdZ H+6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204264; x=1772809064; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cZNzdwomaOTS5lg8GCS+Zdx8F8MqIzxqLy0qg4wVWDk=; b=NcTRVnS3L1xVUwVHfQCcLgzravZCZHR4Cg7trdhB4cmjxISi11Tc9K2j35l7f9qFfY +Th3YalX+yNLZCTzpKhanTOm9pnPKvJQAEZBadiCZYbdfa2VGpm7+AAUMkMCf7DQhEsC G2enYFApPd/WvzOtc4JioYSgqMAWpg5asSxMeiMNj00LLNCBvH/UhtRrN5nQs1NP/7ct I0QwmnX4r9fHwiTBMDdePNBZSHSjFZ1Wwey6Jrg/wpLnmduWS/P1O2ExsajBHS1xuDV6 k/DfyurGXCTQ9g2ZTzTPbeqhFOxvDgTBufioEtMTE8Dh8XCxldTcVEJmEO75+9dTyoip DSuQ== X-Forwarded-Encrypted: i=3; AJvYcCVYMWwxwaYhf5ehas3xUK2tDvuh1Dv8exlqCK2tip61LTODZP3Ktj25AMRzaygPk6PEjo/B6zQ=@isar-build.org X-Gm-Message-State: AOJu0Yy2sbt5zvlC3RrbtuI9u42Rd3sNH2Vls7Vg3bt30SLAFlnM/lbi NOdqP1AWnQNsTxgJPi1qqvRm/K5wCFrqwMYUE6CVOGXesOnEkBUfDaQ4 X-Received: by 2002:a17:902:ea06:b0:2a7:c340:4c3d with SMTP id d9443c01a7336-2ae2e407f78mr26350445ad.13.1772204264146; Fri, 27 Feb 2026 06:57:44 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+Gf4tGACbAL5KSIQ+Hruzlj8pmHzzXsJhLM4arDUYVrgA==" Received: by 2002:a17:903:283:b0:2ad:9f2a:8a71 with SMTP id d9443c01a7336-2add77d1370ls48966095ad.2.-pod-prod-01-us; Fri, 27 Feb 2026 06:57:42 -0800 (PST) X-Received: by 2002:a17:903:2ac3:b0:2a9:4bd9:bba1 with SMTP id d9443c01a7336-2ae2e4e2052mr22808285ad.52.1772204262663; Fri, 27 Feb 2026 06:57:42 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204262; cv=pass; d=google.com; s=arc-20240605; b=PNkHZKBLRr1sNPjPTDPf00OZ8M+bTSWP+WHSNBjkc9u8XhNmlWUx0bq2zt9TXb+eqt AziWsvNYOPLWGxPBcFq7CY1XamMvbLssF2Y+t5Ikga1RGEmYdxhqO2IHpcPjy7OReVSk rB1D4El69txWn4KH9bDQoAHhPfjELvJGs0hqqLIpmTZgytwoS9yKgO6NJWDWSNQF76hE W+W2xxyZIOFZ3C7IGnJSsReI5Ba0xtLi+N4p1VfCQWP5mx7rU3+FFuxp6VEy3RPqa+Be zw8GAxE50BkMi4c8ceI2sd0A8A9OqnDxs+J9K2cUEfZ1mz/ckEkOqHfN2NOfi51as2O3 U2RA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=vHMcnRJGMRM69n+6ju9bR3UXoRqTbwq3xNs7orrU1Gs=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=JXKx7yb8QD0ZvwrqJYjTiZytDEFQYcIQ5xEdXZCwJUMy298Q0O68KttbLzY91t5wxj Dya39/IknwkKU9xZ34I0i3sUIThWQdfGuEwS3l8U8Ntxd2Q14WIo7ICV9j9NI6ZfxDiQ rH8uFXAQiL/i3vxrHSbrTGTv/qPX0Qm8Ra7FVIdZX/XXwShbN9bh+MflsbKrdh7ck6Mw umVtzIZaLWgZOsFuqV4ft8ubxjFGdi529akPMNKoe2sfTjLMTSlFKd/4+8bVGn9298jy vZH3c7/nTISnKvYDo5LovwRyoz/prAHtEIoaTN6dp07WZ2eRqpuRhcIP2A4jQL7S0Izy ub0g==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=F1m0hDhv; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id d9443c01a7336-2adfb65d3b8si1703605ad.9.2026.02.27.06.57.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:42 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dxqS+5IGmmTuR6RsIsKItZNmHiJbUIw7i792Z+wHM7TyPs+b3eyway8XiCIusxzaSzO8HA88F2nSVuaoxFEWNtwc2+A4M69xSbFQx8laARIqQKIZ7GHlMOO7tI39YkayCsF4mW52IVbUN2T6AaTLMpevk0fruQ0sM1sXKr1PmMP/YCBY9+jtO1JGj8ZjGQrYTNZHihzmWkzAY2soqx4Kqx0S8Etkhm0Xp0qZX2JfcUFDT5h49lBguJK4cyTF8THx4Awh5pdrAVJK+y7IiMNGmUDM9Hm9tgMsN1xFbr7ojo41amSpn+I7TRF+pdm7migEFRo+VtwLpKNW119uIedWWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vHMcnRJGMRM69n+6ju9bR3UXoRqTbwq3xNs7orrU1Gs=; b=gm9vOATZYa0rkhjdJ8wQTZ9cl2P0BuPvYv+YoLg9v/AFMWmjuy5YnzqSKqCSfKLnjo18Ur7Rj1fFtXVKfbOplsmbhrkk78ebT/MzNw3njtmGdLnUg2BOqlhorZJiPEjd+P+ltKgeS/Ocg8lrVALL3GmcvXb8pLd9qkovYYovK8CTX6D5yMCFECTshoR/lq3Eqq0OsArznYEj0YHZPU0PF7E6OqdQj01op8mT1mcD+UQZaVVasTAx5h7poEdworQ8eAAdpM0DrqMgamTTGKYI4i6nZLELowfCJazUZKEPpIjVfSAqT9yr9QHIOu2cvxqtJ4wZKxVde9hV4N6BX52XXQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:57:37 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:36 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 09/16] apt-fetcher: prepare for chroot specific fetching Date: Fri, 27 Feb 2026 15:57:09 +0100 Message-ID: <20260227145716.3794146-10-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: a39a190f-fab9-4336-4842-08de76108b72 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: 0BOEt7Pk1CE+MHDDEK4epmrdnIewIftvxXhqnDSaQ/XFUF58DwiOiTSNsW0Na90RhjxnNU0zLOW/uJagRvSiHxvmvAXVHtJ9bjNb9jZSMwLkEYR00KhLP2bIK+/4BpkBKfCaPqndPtD20NcEn7rd8hEwBJ74hfK8MsfXa7OayGSTK0KdSh7bITKen9+borclB2HGipX8cLJ2RhaKTaMr4Al6BfmY2KepLNQ7fINoIxm4Wy8mC6ruZ1f9rCR1h9dpltENAvCLDIhsrH6rdDrk7V7SsE1mN7DL2wwwmEYZW71AwevS/ScOIOodpxYZKuudKt5rsl0yk8D4cP8YsVB6s8zLtOmgrQskZd0sXyvWFiS+gNYwyuLlCSmpllnJE33QZVt7BlNORSTSiefqueB3cyk/cVQwKLlCvYG55zXMr0TQixFxHphhC/+8JH3II4FiGdtauniIc92U6gPeAZx7vSdnRcW5KHyKY4S8EKXbdvn/c2n5mXOFsoBFNqhnUTrzvWHDapk3qLyMqPJb6yPNZsXd+DV+DlB14dUPkirXv6gtNrmS8622ZNELC5wAai8Tlv2pFuVMH5r7hH+oHAr2Zz+Az3N/JO6C2lzE1cIGsIg3J8OVoc79afLHSeYYZZmPOHf8DNFVv52mbmJV4Qk0KLfCFaOwcSnISzNsPE7DSTBhYwA+crSNfe7hwVhDdXpwRFsbSVJ0PybH1aDlD862Zy2TeJ96uNiBAxbIa94+01Y= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: bVx8KSb9SpENbDAJtjqpXMQI0Yh1t1UDW37aPA6azOSuSzdhTQRfTuGkhOiSIZ+YWIOFpXzK9FVOid7GAlqUj91UrynH5KnlpHHLMcQkG5jP7uHW23qsQm6EDmgVs4Q15Na0jGVMDJ8Z5EH+xLqRcPGSD698WvBog841xxmx0j+lBVfwNP8oHpLnpSrGX7oOQscbDjHw8HpoaxKWom08vOVpXDmZBmGQDyuy2yN017WZRBxIVGQDPjyID/JK3O7CZto6vuYhUIf+KrOhWzZA6zrtp7e7TeFaIcJqnCxj8+K0MTotZ/D5JoUR28kTcxcrbLjXHDp+0baWi3mEeVRYx7n/sJUJDVgt5kh30CtcsMticgTHll4neQzCHEb1vPMFUITXVT860H7b14Ds2Jbw59GW6Xy60dOfYNkIrdn9LA/Kb7nZil/OAkfACGR3KSUbY62x5qmFHOS41kiC+T5QMJ8/brMOOZSsDTjMveNpg0OfaNEOj2xAdHdtweQfIg12Jlg+4rRxBO8iFdboO+VnSZn0qd/BY9zF2oKbTTynDXKQkymnXQGhMgUEnEJnMCunC7iIEzYAlYvFyGE/ulN1BEB3wzcVYd0xJ8PZpDKhbmd60dcEd0bpr9A9ADHVr5rFSH/ajbPYkmwIZU5sn+vyNDV4zjqfetokG2jQXrtiejfbU8HcHpHlvbNb6ft+TsxKEZGRqYZjmd0NV+3KDBUTV5za6HfKX6qGqqORqVC8m6kedj7vrb/Y9uq8JHs8DKoLzqDCafoi2764wgQqmTliwvZCVZ/yPKOgTbCbcgtmn8y/gqMpRcokUqM0XFWnYEn04Ru3FIlMBe5NIZpza9m7fWvn9kuBkwNVwe8/dGqBSPKdAgdpff03he2JDI0ExeDGpY7fboy0XMrd1B4d5EQHPHaQZ5a7sfXsfVH4ne8JmumDqIa2rYWwtCEwpkDhvBW2cAL/OYfyhF5rklhX7IuwvDJUzjbiZt0aJs7d91lZYU8lX9goZmRV4YnJXnzI2/JCyHKja3aPHpgleIK+fKkNlmRCz6netGGavMr3Q2fz1XMret2n1iEdPE1kwlAcjPZUJ8MC436SePDeXQnOmDXkNjubHKNnMY9tisXTyB9ccvz8HeAmHieyrpBjUzzkliKt0PTkKyXqTwUgBvFv/iSVtr71tJU4o6yE3rB6RYhvn/mD3YWy9624eJMhG+rFBSE7Q4uMl3eykM2C5vHa0cIeoEAvdh+JxDBpzrORYLzpB+s/0wOdeBIQWzmFNzLgMkRkmdLg4o9POl1srqGjQ4v+hEjXZA2VYMLmHd/lCRaYY3o2wKYKiQ26zwB983zdS0hnti1bJk9ANXtutrkB8N9EdC/NA3LGlUug+QR+hd+MRfnR8EIWP5y7QkyqZKuatrjlKmwaO+aLBL5YiabjlbMN3Cml4JHzlCDHVh5rt8hCvr3JKYj0/7/HmIkYzoC7kpktu6+HjXI7e8abyDrZhcqy4TRwFhK0dUM524M4RqTm2Z+ueBWbdqQBcqAAfQ566oXMukrCWg5fEZnZwjhhhw1Mb+XumaAM6ye7hMLLRV4BfVcc8LlPqO0uhba7fL7g+h+JY2ndHQtTWhx/HTKdC3yUn4CTN+kVPO18709lFrckCJwbB9BcmbwvLbWyAfaGhBA63kRkH6RFm2fuh57OlCYHctO6+BJ+F/CHF92nLZ8+s8RuXIJiMlUD2vKkmRtFfm5eoYrNgZRRWfyz506kSRgFVK0/GGdSvl6uK8f3bImPLsJ/qZh5ICBpqtPZpssADPpFWO5F4m6O X-MS-Exchange-AntiSpam-MessageData-1: RcOHTUjYpftiUuSirpvUf853JXgvR53j4Zw= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: a39a190f-fab9-4336-4842-08de76108b72 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:36.5649 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: RmePH1DnZOs2r3yesWeYF71K+JMLeIRa4FvQs8d0lHn2oqksgHldLmcS09osu8+tZYkpLCYBjG6G9qZiQNozfKoOv+60/wFnq2EDQYqnw+8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=F1m0hDhv; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= The implementation of the fetching depends on the chroot mode (e.g. schroot or unshare). As a preparation for the unshare mode, we hide the concrete fetcher implementation behind a factory, so that we will be able to dispatch based on the mode. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/dpkg-base.bbclass | 2 +- meta/lib/aptsrc_fetcher.py | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/meta/classes-recipe/dpkg-base.bbclass b/meta/classes-recipe/dpkg-base.bbclass index 03317ef2..b3f4caad 100644 --- a/meta/classes-recipe/dpkg-base.bbclass +++ b/meta/classes-recipe/dpkg-base.bbclass @@ -84,7 +84,7 @@ python() { # apt-src fetcher import aptsrc_fetcher - methods.append(aptsrc_fetcher.AptSrc()) + methods.append(aptsrc_fetcher.AptSrc.create(d)) src_uri = (d.getVar('SRC_URI', False) or "").split() for u in src_uri: diff --git a/meta/lib/aptsrc_fetcher.py b/meta/lib/aptsrc_fetcher.py index dfa784a9..37c84fa7 100644 --- a/meta/lib/aptsrc_fetcher.py +++ b/meta/lib/aptsrc_fetcher.py @@ -9,6 +9,10 @@ from bb.fetch2 import logger from bb.fetch2 import runfetchcmd class AptSrc(FetchMethod): + @classmethod + def create(cls, d): + return AptSrcSchroot() + def supports(self, ud, d): return ud.type in ['apt'] @@ -20,6 +24,11 @@ class AptSrc(FetchMethod): codename = d.getVar('BASE_DISTRO_CODENAME') ud.localfile='deb-src/' + base_distro + '-' + codename + '/' + ud.host + def clean(self, ud, d): + bb.utils.remove(ud.localpath, recurse=True) + + +class AptSrcSchroot(AptSrc): def download(self, ud, d): bb.utils.exec_flat_python_func('isar_export_proxies', d) bb.build.exec_func('schroot_create_configs', d) @@ -83,6 +92,3 @@ class AptSrc(FetchMethod): finally: runfetchcmd(f'schroot -q -f -e -c {session_id}', d) bb.build.exec_func('schroot_delete_configs', d) - - def clean(self, ud, d): - bb.utils.remove(ud.localpath, recurse=True) From patchwork Fri Feb 27 14:57:10 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4943 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:56 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-pl1-f188.google.com (mail-pl1-f188.google.com [209.85.214.188]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvqvI015905 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:53 +0100 Received: by mail-pl1-f188.google.com with SMTP id d9443c01a7336-2aadeb3dee4sf122555795ad.2 for ; Fri, 27 Feb 2026 06:57:53 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204267; cv=pass; d=google.com; s=arc-20240605; b=MX0HDrVU7QWSfRIio92yTOGYfQI8W/3XTq6ghXvpdFjTHglTMAW1dvC3xEbFACQK5j Xqhcg7p8Lp5pKRUJ+9Jh0gZgCMgjpzhNxMnNH6xOlxMEndSZ8lATXMiCt5NHE+kMSraM 94VEd4caMYE/cxG3Z1QbPf2F1Dm34EvROtJp7Jz+2OnyW0xB/txEKeNTGNg/mWim3M7O pDqxhZfHXZohvyRaX0OJFJ2IM9x/r/WtlNTytkriO+pqLA1o6YjUrm+t+8jhKLDK+s4U 85Hudzv8m+29/MWYi2O53B7CtWBsibohzitfL8qjAMe8zd7+7/EbLTMuG2X6n24cSEXf UzNg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=bzmEA10Q08L9/107WHzePY5hHN41x4mVx0vCrWCQAZ8=; fh=+YepFkw7RDBZSS1BIzMhWWffceQ0VUoRnCb4VWLuczU=; b=NKtFYDoJBn7pgLgybRFOE5A82ayuN//nYD1C3mYdoYrZcPjqdtJpP2CGw/Cx/Mol7x cO5f+AVihyBbSneduQrvlfuZuQXUEpK8MlEyRoyNXts2OJ5KPD+dp95E6u1cOjO+KTQv oyQWM+U5QetWghRCmvin2wJXF1gHdr4PSyxf+uBom+Y5uIF9kD07hm1xzJG0dTqlUOLy x40JrD93ey/3h3DyrG/FnxZ9nxGWDYHaw7jeqCqBmJYTD+vPhEieTeNvrfoi5ZPpKlhD hqjOf5/hVmQJlvNNJX9VdgFv96DUpbautB/Q8Ld3gH1S3xmfqkeWj01Uz1Xupw0es5hi nugw==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=OgFbgGVd; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204267; x=1772809067; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=bzmEA10Q08L9/107WHzePY5hHN41x4mVx0vCrWCQAZ8=; b=JOv5oC/y+WHbAHHkOkjlZEs4sG7OUPZfMtDx9MWbfVFjoDW2rThzuyAfxsa6U5WTwv uc1kpQSF74ezv2Y5RsoSpo1cDVBmD7pC+zd7B8zII10QHi3dH4dW6MLpnI7gQ9pv1WDl JlN0yeIS/smr6CUi3cse+c/+ALJIOZOphK2CEzsDkBvafcfg6QX/bKJpjNSIj6PWziYY HLuvlU6rvcTCaDp6IHingXBwzEqPvujTn7bJnCsOke7bRG78idnXLbJrtSziliGdY/03 bdCQyIWXPBVpGz0Re5d5Yuajz8HUPzSR0XkC+C0WBFxVldGnxNWU7ZAaRJSJHNMoqI0P 2caQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204267; x=1772809067; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=bzmEA10Q08L9/107WHzePY5hHN41x4mVx0vCrWCQAZ8=; b=inEoPTj7hQfE/dARvBb/sFhT3ynIhR4x9eD4atE3+GhP5Eil4TK03s/FtdF8SZeUHQ afc5rcVGzdBX+nMi2yB7+NJX1a97nssRLMSH5yH1ZsqTqj4xyjttooSXJVIfKNFBXypd pBnORv+RA7n5SRjfuieTwfdtN+utMT5tpLxibuIDyTmiEITG8RU7lo5FzCuiauTsQo+V nTStqHYV5Tg9RoriPaHCjb5HujUEco2HxcfqzInKq2YMy/vi/DoK7mhazHbWf+mtZ91p Hr+E5Uied7sQoTaR8ZQA8ygdvP9m0HIIHVO9Sat7VG5c6ypXATPGue4aD8JimQrlWR0N PiYA== X-Forwarded-Encrypted: i=3; AJvYcCVZF42Qi/XT6ekhzI/A+sCCbd8XgPnk+MUyr2TRdq4c1579/Uy8LOqmoHoGzKo+mGuyYpjiTe4=@isar-build.org X-Gm-Message-State: AOJu0YybEYAg+zYD90pHg0yaF6QxLfjAfy0K5oJDUK5NCpJSWZeQ+ReB 3CpO1agJmQ/cpM6fZ/aDlIFz/moI8uove3QkfMMbwni74ML2kPtLP1yA X-Received: by 2002:a17:903:32c7:b0:295:745a:8016 with SMTP id d9443c01a7336-2ae2e3e720amr33816335ad.11.1772204266414; Fri, 27 Feb 2026 06:57:46 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+GR7IoJoZ7PzVxDQYlE+W3qbKh8b9SeJO9XWPXBwEsLQg==" Received: by 2002:a17:902:f9cf:b0:298:f12:862a with SMTP id d9443c01a7336-2add60219bbls19550125ad.0.-pod-prod-03-us; Fri, 27 Feb 2026 06:57:44 -0800 (PST) X-Received: by 2002:a17:902:e550:b0:2aa:d287:693d with SMTP id d9443c01a7336-2ae2e402022mr28665055ad.20.1772204264565; Fri, 27 Feb 2026 06:57:44 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204264; cv=pass; d=google.com; s=arc-20240605; b=AQy3djlk2y3jv3VhJitoH7xZ5/1BKcp3QNbSlVH/owFxHTKB3ovSLIU6Fij8r4Jnad pibVi8JflxpWRB+0lR1HHKqZ8Tw6n1FVClVMLKQYlvzV0j3d6hry2U6o6EvRKV0VBCkP eYaTYm80731xcTY8EnOcLjq0s3LZMlKX/yOdnHpRx5HLZF6vKnNU1PMk6QrHiGXIDhXB ZBqU6d0cfIx/fPBQ83ZFWS3/mlPnXZRQV3ley8jTsyi/1DUrGj/Z93wDF/QAD+xYMGF/ ekwYEHerxR2EHLJQfCCJ8KWFeqepkksXULfKW8CNhgk61OcctZoi2etETiehDo6TzJf8 3hwA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=soTRcTHMBYa7tlUElylZSX0Ca7UkctyAi/94AQ04OE0=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=L/SKQsQeawmBVoiAZ0UFvExpBDdYMYLw4JykbtfgxHS9CM1Y442dSX8HVauB05T6xf /5FO5ruNORHENB3c3IBIAFqSf+YffYFtmO1KHnnhYTEMFmD2EaKDiOrRxagZsn5m1Pii t05xA24lqalC3hGboTWQfVVabnsLfeCKDEVITrP3ABkv02k5UT9wPtW4XYTbuC0qZ7dV 3Nals8SfbaBibkPk3ObdwRz0hzVPY9ErRS1048H7n50r9SSZ1BRgEKZn4oHYpWKPKclK iXWIqMPvSYbdJdMXIbW+X+kgHLtzd/forP+3rHeCjlsFG4/fHVHI0VluYojrQE9HWkhO cK6Q==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=OgFbgGVd; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id d9443c01a7336-2adfb65d3b8si1703605ad.9.2026.02.27.06.57.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:44 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=v4m3BI3IAFS8htguOrSMWY/3m4a4e1bmauQmiSVdw9V9s/kRxNuZZ9dgDCvo0JHi7s0xfNhIrR06/Gcaj+FWwVAoReWKJuwsYspV2lNcZmzgovlpDfFsxU4RMYU//aVos6PvlCMBfU+A+CLZu5CCb+w1g2p4pQc0BF7YLekqOFzqlNlBCtl37nYaw6iAwd2XbZJx+E2HzdrPKYhjxKUHC23PMJp+J5XfC24Kx5tKqHASMPpuQHg/ss0jfNd+yXKBjbfDTea8J3E/1wCZc1fdmwtXd7FMwqTjwuPAR2+DUoCe5UgDSDSoooQG4xonUPnWduMSQiwwzWobLEJGaTErBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=soTRcTHMBYa7tlUElylZSX0Ca7UkctyAi/94AQ04OE0=; b=SqfdSRf4dud0KcMrjoRGKnw59yfZXs4jRinLrqMKH0DAYalPEPOZEaYK4O6pFnV9iKyM+bY18Ig/kPDQMqPMbqfdMeNVDUuo8GF336w17mgpxdMwzqQ4NVmFVAQ9I1BvzBjeK0Gg/Y/xrcwYOz8SkhkmXSBTEjvmZYmSx38MHMS+bC1eyrDBnfMMuMoSKN2+ZU2cLewGGpRj72c7WnCWyLxmdAz4u+1EJ/2rqomIyeITAgF0wkK0nCxV4n0GHQYQ2BwNhxXLIWk1JCkzpAlnwImGqbhUuIF5y3FC8m9IlnSUTbynxJXBogbFDNbLXgktLTLzGTSwOVj8hTYHtrBYcQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:57:37 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:37 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 10/16] add support for fully rootless builds Date: Fri, 27 Feb 2026 15:57:10 +0100 Message-ID: <20260227145716.3794146-11-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: 1763077c-a6b3-4de7-7ac3-08de76108bca X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: J9cwTdkCugiXX9XK+mjNA6RG/zRmgMkiPjfbOnNF1N7tor8BLyFRpNI65GE0jKiU1mkAHZgJo7zuOUlN88v2PUq20Yf7tMls1MLza1uPVS8XGo22nFy7uuc6cCXo8LC2N50ISXz5pTLhrcDhbPmgBzLhQEf/mY+mjD0r1jahdwMouDOb+mqmN+DgZhrgbx9CF6KwkKV40crzb6hB/Etk+t4Jf+SgUBz6Q9iDO71ZgIr304ObDueBTtah1gt8NoD0RGrnyCFcusm21+SQqNTQB/pFZcCFyJ26BUBiEG6E7iSsDU4G7y7nA8drN/LH2f23pu2rloev3wUbxxUcOf3+tD800xBrXKQaCVFbr7xQoT3llu2YTJhWPid13EgT4RChVsxdBYVj5cpwNwpgwsAAtcy0JiOQaL94NklsWSLAntTYAJKinlcEimvi+uzcX8p49crMMS2cY/smksrDavd+6Mu8n0upOWjNdLmpHZIb6eoYXA5XdGvPzwadhxOhtyNSF+jgVuhdGt4VxSWYVxi0bFQZIQFxo84D5H6YNtq9Lz7AIQIo2uY747bV6wGa7TMcqbiTOl9Cwm855JmtCYRZg4+VAmwry6ZH+/SBvRdJWux2XhyTqP+rmPCzJ+DQ2zyYaYTxMdHqCpQh4LbVmGMMdb2GHp25A0YS8l6b/JVnbHIA6qRZ/U1ljjLpfkXHo3wD X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: qorH38xkOJNDZE+mGj2yAhjpS3KagmuQPibgH/zrJikJT4z8seqGN8a0l+kJD3Ma0pzyGClOiO1eDl9OtuHWrdpuf7citkd2CZV5yHoxDIMmuO3HVW9ISacw9QbrDsZjX/SpZgRUiMNbHTkz2PHe8K2BjfrZUln19ACy9SI1TqojpwVvRKGtlVTS9UWz1tHQXZ0kKaxQOQIvb6tDhp8z7XWJH+XPmnJ+B2/mD65TQpT5cwCUk2THovTndiJWplY9EdhKf6bBPpNyRTluUF5tgTvUWINLezpIvsMUFQSF5E+enw9T+a/F/4hXPyEe2Iof6GRuOj16nJ09KuVpWL1Eam5BO4zToUfu5FX7QIobi6NxdcllT4gX1XZgY2+AVg9F7eJOa4I1oAmk9djEBHe4XiMaR6eKaktSqc1lhzcObsm5oG9VkrvGujBXRxKbkFx0ocBNBODE+T07z2ccjUopvyo6UD+UTuqvs8ed+wt+WmlfDcj/YkwTCGJ+NwkMViq7N0QAZ/HllWvLhqMk63WMSUUMuggF0dVfp21c+a8fC4XVrFG9c9X/L9Mv2pkMdX30eaQryo54i8VLY8/8q8g7nPJSqStKXMJfKGC/CurKSCKEq3vPRt5l+uvRKeIP9nrkmSMkUxZWyCwFp1uZyXzEWqZWDgm2PkExlel9eaHHQbS/VkJ6lWs90E6QJrsrUpma0WM8dcb1nnbNL1WQ1pWHGoKma7jM0wXXucWrodcf62iclhWd5qMtaf/0LFs5qRE+TLnSrqGza3nKg47tWczVRQAYEb8+P6u9cMLIMmbqgHV6I/mf/gH5faxoITOHCQzi1YBHTTda0evG6QI79w+PRyrd4rWxywr2RJuDrsuhGOGQpXGGwzYOeoJUsGH5Wb7mlCDzIk2sn7HZUVi/w5RFSEUv2H+H4e/1cbhVKflmMAK8ma3tyJiqRzyiLc36buLuxmbDdl1drMZYdTjwUgIhdCSt2AXJhQWNeM7wAkzwXUzRicI+/dIFIUWFylsKF0KQopPQMmVdbJ93TpvBsDan/NHTU86mE77J7HQqUE8uIaWOpf1Dd1jgtuExI/11vAhT80eaeGTUjnJnH/yQk05yj5lpe7yojKpE/1IuY39OVTuj9IolG/5mrqdz8mg9hgeQQS+LQlnS+o0D4yaLB6QLj/Ngc9kXK5lKSZl+Bdu4PhhKqqa9tbjnJ5kfBoH4MciKdf3Z17aG+UST4ky5ruZwwApVVe5R2jedhj0rXLUGMoCcUz9A8JpfUJQPoTxiYhRDDZJeV73Ral8SSbYQXeNKYTfS4kntyGKXmSg9bYTmcCgloYso97MncJzo/q3QcC+uIS6x1jx9VAp8KEvfAo0hzYIqGEbXnU74Ea4f+ERlEtZWqKeGIc+ds7Y5pJPxqQ/Hl2j/blA3yuicp91meiQKsuNH2TIK7f6aVG4wgNPBIo3pvCJ4uXSBONYeKwI5avk2RAptE1AkS+0rT7zefaxnNSeqgxK3ed38qe586p75wY3DyaIOVwGHFvno7uHkFQ44NjMN22G2VTiXxSPTpjTwyuC0d+xrHZjbFIhgC2sXQGp9CpyGICRqgwfplLN2g8x4r8qCEb0HxiB+a/BM0osww7PAdjUCMqAi+IMOz8n1u+OKBN7CcTPq2rCFU79g09sz5rh2UEMxnosqf6eNwN48Y8C/JkrtfkAb4XSyWc+l6Wyh6aQ95KtdGip5AJKlYoVwt3RtX8GMShQKt8p8woAD5V3ItDkhUKL4zBR2vRwSsJMilDvf74/pvUQOaFypocHRKFib6soS X-MS-Exchange-AntiSpam-MessageData-1: SDBHnHlZ4pO9gH6aKx8D2JnA+LrYu7Y+ZuA= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1763077c-a6b3-4de7-7ac3-08de76108bca X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:37.2127 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ffqsJaAKe/X5XTCgE6EeUcvtrzyl5WepExQd2vdtVBj7bfIK4BahtHYqxnzhq3v3adPzkH2af03e3PBAxHxgDzLX0OgNZjk9kLcLGOTTQRU= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=OgFbgGVd; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Currently isar requires passwordless sudo and an environment where mounting file systems is possible. This has proven problematic for security reasons, both when running in a privileged container or locally. To solve this, we implement fully rootless builds that rely on the unshare syscall which allows us to avoid sudo and instead operate in temporary kernel namespaces as a user that is just privileged within that namespace. This comes with some challenges regarding the handling of mounts (they are cleared when leaving the namespace), as well as cross namespace deployments (the outer user might not be able to access the inner data). For that, we rework the handling of mounts and artifact passing to make it compatible with both chroot modes (schroot and unshare). Signed-off-by: Felix Moessbauer --- Kconfig | 2 +- RECIPE-API-CHANGELOG.md | 21 +++++ doc/user_manual.md | 2 + kas/isar.yaml | 2 +- meta/classes-global/base.bbclass | 86 ++++++++++++++++++- meta/classes-recipe/deb-dl-dir.bbclass | 9 +- meta/classes-recipe/dpkg-base.bbclass | 22 ++++- meta/classes-recipe/dpkg.bbclass | 15 +++- .../image-locales-extension.bbclass | 9 +- .../image-tools-extension.bbclass | 84 ++++++++++++++++++ meta/classes-recipe/image.bbclass | 7 +- .../imagetypes_container.bbclass | 4 +- meta/classes-recipe/imagetypes_wic.bbclass | 6 +- meta/classes-recipe/rootfs.bbclass | 52 ++++++++--- meta/classes-recipe/sbuild.bbclass | 24 +++++- meta/classes-recipe/sdk.bbclass | 10 ++- meta/conf/bitbake.conf | 7 +- .../isar-mmdebstrap/isar-mmdebstrap.inc | 11 ++- .../sbuild-chroot/sbuild-chroot.inc | 24 +++++- 19 files changed, 356 insertions(+), 41 deletions(-) diff --git a/Kconfig b/Kconfig index 683c0da5..5ef2bfcb 100644 --- a/Kconfig +++ b/Kconfig @@ -14,7 +14,7 @@ config KAS_INCLUDE_MAIN config KAS_BUILD_SYSTEM string - default "isar" + default "isar-rootless" source "kas/machine/Kconfig" source "kas/distro/Kconfig" diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index ad03ed68..7640d87d 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -978,3 +978,24 @@ specifies the rootfs path. Using these helpers instead of direct `sudo` invocations centralizes platform-specific privileged execution logic in `base.bbclass`. Direct use of `sudo` is discouraged in downstream layers. + +### Rootless isar execution + +Isar is able to run without the need for `sudo` in an environment that +allows unprivileged users to unshare the kernels `user namespace`. Further, +a sufficiently large set of sub ids needs to be configured in `/etc/subuid` / `etc/subgid`. +This range should be `> 65536`, but smaller ranges might work as well, depending on the +ids used in the rootfs. + +A simple check if rootless is supported can be done by running: + +```bash +mmdebstrap --unshare-helper /bin/echo "rootless supported" || echo "rootless not supported" +``` + +To enable rootless builds, set the bitbake variable `ISAR_ROOTLESS = "1"`. +This internally switches the chroot mode from `schroot` to `unshare`. + +When using kas, the `build_system` needs to be set to `isar-rootless`, but the final +interfaces still need to be clarified. Further, kas patches are needed (for details, +check the kas mailing list). diff --git a/doc/user_manual.md b/doc/user_manual.md index 7520854b..77a37e9b 100644 --- a/doc/user_manual.md +++ b/doc/user_manual.md @@ -74,6 +74,7 @@ Building `debian-trixie` requires host system >= bookworm. Install the following packages: ``` apt install \ + acl \ binfmt-support \ bubblewrap \ bzip2 \ @@ -88,6 +89,7 @@ apt install \ qemu-user-static \ reprepro \ sudo \ + uidmap \ unzip \ xz-utils \ git-buildpackage \ diff --git a/kas/isar.yaml b/kas/isar.yaml index 16ce8b42..3cfc4f96 100644 --- a/kas/isar.yaml +++ b/kas/isar.yaml @@ -4,7 +4,7 @@ header: version: 14 -build_system: isar +build_system: isar-rootless repos: isar: diff --git a/meta/classes-global/base.bbclass b/meta/classes-global/base.bbclass index 5f82b241..dacea372 100644 --- a/meta/classes-global/base.bbclass +++ b/meta/classes-global/base.bbclass @@ -141,7 +141,9 @@ root_cleandirs() { die "Could not remove $i, because subdir is mounted" done for i in $ROOT_CLEANDIRS_DIRS; do - run_privileged rm -rf --one-file-system "$TMPDIR$i" + [ -d "$TMPDIR$i" ] || continue + find "$TMPDIR$i" \( ! -user "$(whoami)" -type d -prune \) -exec ${RUN_PRIVILEGED_CMD} rm -rf --one-file-system {} \; + rm -rf --one-file-system "$TMPDIR$i" mkdir -p "$TMPDIR$i" done } @@ -380,7 +382,28 @@ def deb_list_beautify(d, varname): # shall be used outside of this class. def insert_isar_mounts(d, rootfs, mounts): + """ + In unshare mode, all mounts must be created after unsharing the + mount namespace. As needs to happen within the unshared session, + we implement it as a code generator. Note, that the random and urandom + mounts are needed for DDI images. + """ lines = [] + to_touch = ['/dev/null', '/dev/random', '/dev/urandom'] + to_mkdir = ['/dev/pts', '/dev/shm'] + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + lines.append('touch ' + ' '.join(['{}/{}'.format(rootfs, f) for f in to_touch])) + lines.append('mkdir -p ' + ' '.join(['{}/{}'.format(rootfs, f) for f in to_mkdir])) + lines.append('mount -o bind,private,mode=666 /dev/null {}/dev/null'.format(rootfs)) + lines.append('mount -t devpts -o noexec,nosuid,uid=5,mode=620,ptmxmode=666 none {}/dev/pts'.format(rootfs)) + lines.append('( cd {}/dev; ln -sf pts/ptmx . )'.format(rootfs)) + lines.append('mount -t tmpfs none {}/dev/shm'.format(rootfs)) + lines.append('mount -o bind /dev/random {}/dev/random'.format(rootfs)) + lines.append('mount -o bind /dev/urandom {}/dev/urandom'.format(rootfs)) + lines.append('mount -t proc none {}/proc'.format(rootfs)) + # we do not unshare the network namespace, so we cannot create a sysfs, hence bind-mount + lines.append('mount -o rbind /sys {}/sys'.format(rootfs)) + for m in mounts.split(): host, inner = m.split(':') if ':' in m else (m, m) inner_full = os.path.join(rootfs, inner[1:]) @@ -389,7 +412,18 @@ def insert_isar_mounts(d, rootfs, mounts): return '\n'.join(lines) def insert_isar_umounts(d, rootfs, mounts): + """ + In unshare mount we don't unmount the system mounts but just + remove the mountpoints. + """ lines = [] + to_unlink = ['/dev/null', '/dev/random', '/dev/urandom', '/dev/ptmx'] + to_rmdir = ['/dev/pts', '/dev/shm'] + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + lines.append('rm -f ' + ' '.join(['{}/{}'.format(rootfs, f) for f in to_unlink])) + for d in ['{}/{}'.format(rootfs, _d) for _d in to_rmdir]: + lines.append('[ -d {} ] && rmdir {}'.format(d, d)) + for m in mounts.split(): host, inner = m.split(':') if ':' in m else (m, m) mp = '{}/{}'.format(rootfs, inner) @@ -397,11 +431,52 @@ def insert_isar_umounts(d, rootfs, mounts): lines.append('[ -d {} ] && rmdir --ignore-fail-on-non-empty {}'.format(mp, mp)) return '\n'.join(lines) +def get_subid_range(idmap, d): + import getpass + with open(idmap, 'r') as f: + entries = f.readlines() + for e in entries: + user, base, cnt = e.split(':') + if user == os.getuid() or user == getpass.getuser(): + return int(base), int(cnt) + bb.error("No sub-id range specified in %s" % idmap) + def run_privileged_cmd(d): - cmd = 'sudo -E' + """ + In unshare mode we need to map the rootfs uid/gid range into the + subuid/subgid range of the parent namespace. As we usually only + get 65534 ids, we cannot map the whole range, as two ids are already + used by the calling environment (root and builder user). Hence, map + as much as we can but also map the highest id (nobody / nogroup) as + these are used within the rootfs. It would be easier to use + mmdebstrap --unshare-helper as command (which is also internally used + by sbuild), but this only maps linear ranges, hence it cannot map the + nobody / nogroup on the default subid range. By that, we have to avoid + the nobody / nogroup when building packages in this case. + """ + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + nobody_id = 65534 + uid_base, uid_cnt = get_subid_range('/etc/subuid', d) + nobody_subid = uid_base + uid_cnt - 1 + gid_base, gid_cnt = get_subid_range('/etc/subgid', d) + nogroup_subid = gid_base + gid_cnt - 1 + cmd = 'unshare --mount --pid --uts --ipc --user' \ + ' --kill-child' \ + ' --setuid 0 --setgid 0 --fork' \ + f' --map-users 1:{uid_base+1}:{uid_cnt-2}' \ + f' --map-groups 1:{gid_base+1}:{gid_cnt-2}' + if uid_cnt < nobody_id: + cmd += f' --map-users {nobody_id}:{nobody_subid}:1' + if gid_cnt < nobody_id: + cmd += f' --map-groups {nobody_id}:{nogroup_subid}:1' + cmd += " --map-root-user" + else: + cmd = 'sudo -E' bb.debug(1, "privileged cmd: %s" % cmd) return cmd +UNSHARE_SUBUID_BASE := "${@get_subid_range('/etc/subuid', d)[0] if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else '0'}" +# store in variable to only compute once and make available to fetcher RUN_PRIVILEGED_CMD := "${@run_privileged_cmd(d)}" run_privileged() { @@ -415,5 +490,10 @@ run_privileged_heredoc() { run_in_chroot() { rootfs="$1" shift - ${RUN_PRIVILEGED_CMD} chroot "$rootfs" "$@" + + rootfs=$rootfs run_privileged_heredoc <<'EORIC' "$@" + set -e + ${@insert_isar_mounts(d, '$rootfs', '')} + chroot "$rootfs" "$@" +EORIC } diff --git a/meta/classes-recipe/deb-dl-dir.bbclass b/meta/classes-recipe/deb-dl-dir.bbclass index 05a16585..dc83edad 100644 --- a/meta/classes-recipe/deb-dl-dir.bbclass +++ b/meta/classes-recipe/deb-dl-dir.bbclass @@ -121,8 +121,13 @@ deb_dl_dir_import() { # let our unprivileged user place downloaded packages in /var/cache/apt/archives/ run_privileged_heredoc << ' EOSUDO' - mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ - chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ + if [ "${ISAR_CHROOT_MODE}" = "unshare" ]; then + mkdir -p "${rootfs}"/var/cache/apt/archives + chmod 777 "${rootfs}"/var/cache/apt/archives + else + mkdir -p "${rootfs}"/var/cache/apt/archives/partial/ + chown -R ${uid}:${gid} "${rootfs}"/var/cache/apt/archives/ + fi EOSUDO # nothing to copy if download directory does not exist just yet diff --git a/meta/classes-recipe/dpkg-base.bbclass b/meta/classes-recipe/dpkg-base.bbclass index b3f4caad..c34c96bf 100644 --- a/meta/classes-recipe/dpkg-base.bbclass +++ b/meta/classes-recipe/dpkg-base.bbclass @@ -168,12 +168,30 @@ dpkg_schroot_create_configs() { EOSUDO } +dpkg_chroot_prepare() { + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + dpkg_schroot_create_configs + fi +} + +dpkg_chroot_finalize() { + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + schroot_delete_configs + fi +} + +dpkg_prepare_unshare_ccache() { + mkdir -p "${CCACHE_DIR}" + # sbuild id from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110942 + setfacl -m u:${UNSHARE_SUBUID_BASE}:rwX -m u:${@int(d.getVar('UNSHARE_SUBUID_BASE')) + 999}:rwx "${CCACHE_DIR}" +} + python do_dpkg_build() { - bb.build.exec_func('dpkg_schroot_create_configs', d) + bb.build.exec_func('dpkg_chroot_prepare', d) try: bb.build.exec_func("dpkg_runbuild", d) finally: - bb.build.exec_func('schroot_delete_configs', d) + bb.build.exec_func('dpkg_chroot_finalize', d) } do_dpkg_build[network] = "${TASK_USE_NETWORK_AND_SUDO}" diff --git a/meta/classes-recipe/dpkg.bbclass b/meta/classes-recipe/dpkg.bbclass index 8d7ff092..09dfab7e 100644 --- a/meta/classes-recipe/dpkg.bbclass +++ b/meta/classes-recipe/dpkg.bbclass @@ -85,7 +85,10 @@ dpkg_runbuild() { ext_deb_dir="${ext_root}${deb_dir}" if [ ${USE_CCACHE} -eq 1 ]; then - schroot_configure_ccache + ${ISAR_CHROOT_MODE}_configure_ccache + fi + if [ "${ISAR_CHROOT_MODE}" = "unshare" ]; then + sbuild_add_unshare_mounts fi profiles="${@ isar_deb_build_profiles(d)}" @@ -110,22 +113,26 @@ dpkg_runbuild() { DSC_FILE=$(find ${WORKDIR} -maxdepth 1 -name "${DEBIAN_SOURCE}_*.dsc" -print) sbuild -A -n -c ${SBUILD_CHROOT} \ + --chroot-mode=${ISAR_CHROOT_MODE} \ --host=${PACKAGE_ARCH} --build=${BUILD_ARCH} ${profiles} \ --no-run-lintian --no-run-piuparts --no-run-autopkgtest --resolve-alternatives \ --bd-uninstallable-explainer=apt \ --no-apt-update --apt-distupgrade \ --chroot-setup-commands="echo \"Package: *\nPin: release n=${DEBDISTRONAME}\nPin-Priority: 1000\" > /etc/apt/preferences.d/isar-apt" \ - --chroot-setup-commands="echo \"APT::Get::allow-downgrades 1;\" > /etc/apt/apt.conf.d/50isar-apt" \ + --chroot-setup-commands="echo \"APT::Get::allow-downgrades 1;${@'\nAPT::Sandbox::User root;' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''}\" > /etc/apt/apt.conf.d/50isar-apt" \ --chroot-setup-commands="rm -f /var/log/dpkg.log" \ --chroot-setup-commands="mkdir -p ${deb_dir}" \ --chroot-setup-commands="find ${ext_deb_dir} -maxdepth 1 -name '*.deb' -exec ln -t ${deb_dir}/ -sf {} +" \ --chroot-setup-commands="apt-get update -o Dir::Etc::SourceList=\"sources.list.d/isar-apt.list\" -o Dir::Etc::SourceParts=\"-\" -o APT::Get::List-Cleanup=\"0\"" \ --finished-build-commands="rm -f ${deb_dir}/sbuild-build-depends-*-dummy_*.deb" \ --finished-build-commands="find ${deb_dir} -maxdepth 1 -type f -name '*.deb' -print -exec cp ${CP_FLAGS} -t ${ext_deb_dir}/ {} +" \ - --finished-build-commands="cp /var/log/dpkg.log ${ext_root}/dpkg_partial.log" \ + ${@ '--finished-build-commands="cp /var/log/dpkg.log $ext_root/dpkg_partial.log"' if d.getVar('ISAR_CHROOT_MODE') == 'schroot' else '' } \ --build-path="" --build-dir=${WORKDIR} --dist="${DEBDISTRONAME}" ${DSC_FILE} - sbuild_dpkg_log_export "${WORKDIR}/rootfs/dpkg_partial.log" + # TODO: port to unshare backend + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + sbuild_dpkg_log_export "${WORKDIR}/rootfs/dpkg_partial.log" + fi deb_dl_dir_export "${WORKDIR}/rootfs" "${distro}" # Cleanup apt artifacts diff --git a/meta/classes-recipe/image-locales-extension.bbclass b/meta/classes-recipe/image-locales-extension.bbclass index c1e8c175..bdaa55fb 100644 --- a/meta/classes-recipe/image-locales-extension.bbclass +++ b/meta/classes-recipe/image-locales-extension.bbclass @@ -29,8 +29,12 @@ ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT += "image_install_localepurge_download" image_install_localepurge_download[weight] = "40" image_install_localepurge_download[network] = "${TASK_USE_NETWORK_AND_SUDO}" image_install_localepurge_download() { - run_in_chroot '${ROOTFSDIR}' \ + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS') if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else '')} + chroot ${ROOTFSDIR} \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only localepurge +EOF } ROOTFS_INSTALL_COMMAND += "image_install_localepurge_install" @@ -62,6 +66,9 @@ __EOF__ # Install configuration into image: run_privileged_heredoc <<'EOSUDO' set -e + + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), '')} + localepurge_state='i' if chroot '${ROOTFSDIR}' dpkg -s localepurge 2>/dev/null >&2 then diff --git a/meta/classes-recipe/image-tools-extension.bbclass b/meta/classes-recipe/image-tools-extension.bbclass index e88557f6..3fff4972 100644 --- a/meta/classes-recipe/image-tools-extension.bbclass +++ b/meta/classes-recipe/image-tools-extension.bbclass @@ -16,7 +16,14 @@ do_image_tools[depends] += " \ SCHROOT_MOUNTS = "${WORKDIR}:${PP_WORK} ${IMAGE_ROOTFS}:${PP_ROOTFS} ${DEPLOY_DIR_IMAGE}:${PP_DEPLOY}" SCHROOT_MOUNTS += "${REPO_ISAR_DIR}/${DISTRO}:/isar-apt" +# only used on unshare +ROOTFS_IMAGETOOLS ?= "${WORKDIR}/rootfs-imgtools-${BB_CURRENTTASK}" + imager_run() { + imager_run_${ISAR_CHROOT_MODE} "$@" +} + +imager_run_schroot() { local_install="${@(d.getVar("INSTALL_%s" % d.getVar("BB_CURRENTTASK")) or '').strip()}" local_bom="${@(d.getVar("BOM_%s" % d.getVar("BB_CURRENTTASK")) or '').strip()}" @@ -103,3 +110,80 @@ generate_imager_sbom() { --timestamp $TIMESTAMP ${SBOM_DEBSBOM_EXTRA_ARGS} \ < ${WORKDIR}/imager.manifest } + +imager_run_unshare() { + exec 3<&0 + + # ignore everything before '--'. If the remaining list is empty, + # assume a here document is passed via stdin + while [ "$#" -gt 0 ]; do + case "$1" in + --) shift 1; break ;; + *) shift 1 ;; + esac + done + + if [ "$#" -eq 0 ]; then + set -- "$@" '/bin/bash' '-s' + fi + + local_install="${@(d.getVar("INSTALL_%s" % d.getVar("BB_CURRENTTASK")) or '').strip()}" + + run_privileged_heredoc <<'EOF' + set -e + mkdir -p ${ROOTFS_IMAGETOOLS} + tar -xf "${SBUILD_CHROOT}" -C "${ROOTFS_IMAGETOOLS}" + mkdir -p ${ROOTFS_IMAGETOOLS}/isar-apt + cp -rL /etc/resolv.conf "${ROOTFS_IMAGETOOLS}/etc" +EOF + + # setting up error handler + imager_cleanup() { + run_privileged rm -rf ${ROOTFS_IMAGETOOLS} + } + trap 'exit 1' INT HUP QUIT TERM ALRM USR1 + trap 'imager_cleanup' EXIT + + if [ -n "${local_install}" ]; then + echo "Installing imager deps: ${local_install}" + + distro="${BASE_DISTRO}-${BASE_DISTRO_CODENAME}" + if [ ${ISAR_CROSS_COMPILE} -eq 1 ]; then + distro="${HOST_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" + fi + + E="${@ isar_export_proxies(d)}" + deb_dl_dir_import ${ROOTFS_IMAGETOOLS} ${distro} + ${SCRIPTSDIR}/lockrun.py -r -f "${REPO_ISAR_DIR}/isar.lock" -s <<'EOAPT' + local_install=$local_install ${@run_privileged_cmd(d)} /bin/bash -s <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFS_IMAGETOOLS'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${ROOTFS_IMAGETOOLS} apt-get update \ + -o Dir::Etc::SourceList='sources.list.d/isar-apt.list' \ + -o Dir::Etc::SourceParts='-' \ + -o APT::Get::List-Cleanup='0' + chroot ${ROOTFS_IMAGETOOLS} apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y \ + --allow-unauthenticated --allow-downgrades --download-only install \ + $local_install +EOF +EOAPT + + deb_dl_dir_export ${ROOTFS_IMAGETOOLS} ${distro} + local_install=$local_install run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFS_IMAGETOOLS'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${ROOTFS_IMAGETOOLS} apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends -y \ + --allow-unauthenticated --allow-downgrades install \ + $local_install +EOF + fi + + run_privileged_heredoc <<'EOF' "$@" + set -e + mkdir -p ${ROOTFS_IMAGETOOLS}/${SCRIPTSDIR} + ${@insert_isar_mounts(d, d.getVar('ROOTFS_IMAGETOOLS'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${ROOTFS_IMAGETOOLS} "$@" <&3 +EOF + + run_privileged rm -rf ${ROOTFS_IMAGETOOLS} +} diff --git a/meta/classes-recipe/image.bbclass b/meta/classes-recipe/image.bbclass index 4a250964..48a96a9e 100644 --- a/meta/classes-recipe/image.bbclass +++ b/meta/classes-recipe/image.bbclass @@ -188,6 +188,7 @@ SUDO_CHROOT = "imager_run -d ${PP_ROOTFS} -u root --" python() { image_types = (d.getVar('IMAGE_FSTYPES') or '').split() conversions = set(d.getVar('IMAGE_CONVERSIONS').split()) + chroot_mode = d.getVar('ISAR_CHROOT_MODE') basetypes = {} typedeps = {} @@ -263,7 +264,8 @@ python() { if image_cmd: localdata.setVar('type', bt) cmds.append(localdata.expand(image_cmd)) - cmds.append(localdata.expand('\tsudo chown $(id -u):$(id -g) ${IMAGE_FILE_HOST}')) + if chroot_mode == 'schroot': + cmds.append(localdata.expand('\tsudo chown $(id -u):$(id -g) ${IMAGE_FILE_HOST}')) else: bb.fatal("No IMAGE_CMD for %s" % bt) vardeps.add('IMAGE_CMD:' + bt_clean) @@ -293,7 +295,8 @@ python() { cmd = '\t' + localdata.getVar('CONVERSION_CMD:' + c) if cmd not in cmds: cmds.append(cmd) - cmds.append(localdata.expand('\tsudo chown $(id -u):$(id -g) ${IMAGE_FILE_HOST}.%s' % c)) + if chroot_mode == 'schroot': + cmds.append(localdata.expand('\tsudo chown $(id -u):$(id -g) ${IMAGE_FILE_HOST}.%s' % c)) vardeps.add('CONVERSION_CMD:' + c) for dep in (localdata.getVar('CONVERSION_DEPS:' + c) or '').split(): conversion_install.add(dep) diff --git a/meta/classes-recipe/imagetypes_container.bbclass b/meta/classes-recipe/imagetypes_container.bbclass index b6cc4a14..09f13a17 100644 --- a/meta/classes-recipe/imagetypes_container.bbclass +++ b/meta/classes-recipe/imagetypes_container.bbclass @@ -68,7 +68,9 @@ do_containerize() { run_privileged rm -rf "${oci_img_dir}_unpacked" # no root needed anymore - run_privileged chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + run_privileged chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + fi } convert_container() { diff --git a/meta/classes-recipe/imagetypes_wic.bbclass b/meta/classes-recipe/imagetypes_wic.bbclass index 63974a3e..9f1e3de4 100644 --- a/meta/classes-recipe/imagetypes_wic.bbclass +++ b/meta/classes-recipe/imagetypes_wic.bbclass @@ -193,8 +193,10 @@ generate_wic_image() { fi EOIMAGER - run_privileged chown -R $(stat -c "%U" ${LAYERDIR_core}) ${LAYERDIR_core} ${LAYERDIR_isar} ${SCRIPTSDIR} || true - run_privileged chown -R $(id -u):$(id -g) "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic"* + if [ "${ISAR_CHROOT_MODE}" = "schroot" ]; then + run_privileged chown -R $(stat -c "%U" ${LAYERDIR_core}) ${LAYERDIR_core} ${LAYERDIR_isar} ${SCRIPTSDIR} || true + run_privileged chown -R $(id -u):$(id -g) "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic"* + fi rm -rf ${IMAGE_ROOTFS}/../pseudo cat ${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.manifest \ diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass index 6823c610..9044bf93 100644 --- a/meta/classes-recipe/rootfs.bbclass +++ b/meta/classes-recipe/rootfs.bbclass @@ -145,7 +145,12 @@ rootfs_cmd() { } rootfs_do_mounts[weight] = "3" -rootfs_do_mounts() { +python rootfs_do_mounts() { + if d.getVar('ISAR_CHROOT_MODE') == 'schroot': + bb.build.exec_func('rootfs_do_mounts_priv', d) +} + +rootfs_do_mounts_priv() { run_privileged_heredoc <<'EOSUDO' set -e mountpoint -q '${ROOTFSDIR}/dev' || \ @@ -168,7 +173,13 @@ rootfs_do_mounts() { EOSUDO } -rootfs_do_umounts() { +python rootfs_do_umounts() { + # unconditionally run the unmount code as this ignores missing + # mountpoints but also does the cleanup of the directories + bb.build.exec_func('rootfs_do_umounts_priv', d) +} + +rootfs_do_umounts_priv() { run_privileged_heredoc <<'EOSUDO' set -e @@ -215,7 +226,11 @@ ROOTFS_EXTRA_IMPORTED := "${@rootfs_extra_import(d)}" rootfs_prepare[weight] = "25" rootfs_prepare(){ - run_privileged tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" + rm -rf ${ROOTFSDIR} + run_privileged_heredoc << 'EOF' + mkdir -p ${ROOTFSDIR} + tar -xf "${BOOTSTRAP_SRC}" -C "${ROOTFSDIR}" --exclude="./dev/console" +EOF # setup chroot run_privileged "${ROOTFSDIR}/chroot-setup.sh" "setup" "${ROOTFSDIR}" @@ -285,10 +300,14 @@ rootfs_install_pkgs_update[weight] = "5" rootfs_install_pkgs_update[isar-apt-lock] = "acquire-before" rootfs_install_pkgs_update[network] = "${TASK_USE_NETWORK_AND_SUDO}" rootfs_install_pkgs_update() { - run_in_chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ - -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ - -o Dir::Etc::SourceParts="-" \ - -o APT::Get::List-Cleanup="0" + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + chroot '${ROOTFSDIR}' /usr/bin/apt-get update \ + -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ + -o Dir::Etc::SourceParts="-" \ + -o APT::Get::List-Cleanup="0" +EOF } ROOTFS_INSTALL_COMMAND += "rootfs_install_resolvconf" @@ -316,9 +335,12 @@ rootfs_install_pkgs_download[isar-apt-lock] = "release-after" rootfs_install_pkgs_download[network] = "${TASK_USE_NETWORK}" rootfs_install_pkgs_download() { # download packages using apt in a non-privileged namespace - rootfs_cmd --bind "${ROOTFSDIR}/var/cache/apt/archives" /var/cache/apt/archives \ - ${ROOTFSDIR} \ - -- /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only ${ROOTFS_PACKAGES} + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + chroot ${ROOTFSDIR} \ + /usr/bin/apt-get ${ROOTFS_APT_ARGS} -oDebug::NoLocking=1 --download-only ${ROOTFS_PACKAGES} +EOF } ROOTFS_INSTALL_COMMAND_BEFORE_EXPORT ??= "" @@ -345,8 +367,12 @@ rootfs_install_pkgs_install[weight] = "8000" rootfs_install_pkgs_install[progress] = "custom:rootfs_progress.PkgsInstallProgressHandler" rootfs_install_pkgs_install[network] = "${TASK_USE_SUDO}" rootfs_install_pkgs_install() { - run_in_chroot "${ROOTFSDIR}" \ + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + chroot "${ROOTFSDIR}" \ /usr/bin/apt-get ${ROOTFS_APT_ARGS} ${ROOTFS_PACKAGES} +EOF } ROOTFS_INSTALL_COMMAND += "rootfs_restore_initrd_tooling" @@ -652,8 +678,10 @@ rootfs_install_sstate_finalize() { # - after building the rootfs, the tar won't be there, but we also don't need to unpack # - after restoring from cache, there will be a tar which we unpack and then delete if [ -f rootfs.tar ]; then + run_privileged_heredoc <<'EOF' mkdir -p ${ROOTFSDIR} - run_privileged tar -C ${ROOTFSDIR} -xp ${SSTATE_TAR_ATTR_FLAGS} < rootfs.tar + tar -C ${ROOTFSDIR} -xp ${SSTATE_TAR_ATTR_FLAGS} -f rootfs.tar +EOF rm rootfs.tar fi } diff --git a/meta/classes-recipe/sbuild.bbclass b/meta/classes-recipe/sbuild.bbclass index ea0c5841..1fa70bd8 100644 --- a/meta/classes-recipe/sbuild.bbclass +++ b/meta/classes-recipe/sbuild.bbclass @@ -7,7 +7,8 @@ SCHROOT_MOUNTS ?= "" inherit crossvars -SBUILD_CHROOT ?= "${DEBDISTRONAME}-${SCHROOT_USER}-${ISAR_BUILD_UUID}-${@os.getpid()}" +SBUILD_CHROOT:unshare ?= "${SCHROOT_DIR}.tar.zst" +SBUILD_CHROOT:schroot ?= "${DEBDISTRONAME}-${SCHROOT_USER}-${ISAR_BUILD_UUID}-${@os.getpid()}" SBUILD_CONF_DIR ?= "${SCHROOT_CONF}/${SBUILD_CHROOT}" SCHROOT_CONF_FILE ?= "${SCHROOT_CONF}/chroot.d/${SBUILD_CHROOT}" @@ -144,6 +145,13 @@ END EOSUDO } +unshare_configure_ccache() { + # ccache must be below /build for file permissions to work properly + cat <<'EOF' >> ${SBUILD_CONFIG} +$path = "/usr/lib/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"; +EOF +} + sbuild_dpkg_log_export() { export dpkg_partial_log="${1}" @@ -152,3 +160,17 @@ sbuild_dpkg_log_export() { cat ${dpkg_partial_log} >> ${SCHROOT_DIR}/tmp/dpkg_common.log ) 9>"${SCHROOT_DIR}/tmp/dpkg_common.log.lock" } + +# additional mounts managed by sbuild +sbuild_add_unshare_mounts() { + dpkg_prepare_unshare_ccache + + cat <<'EOF' >> ${SBUILD_CONFIG} +$unshare_bind_mounts = [ + { directory => '${WORKDIR}/rootfs', mountpoint => '${PP}/rootfs' }, + { directory => '${WORKDIR}/isar-apt/${DISTRO}-${DISTRO_ARCH}/apt/${DISTRO}', mountpoint => '/isar-apt' }, + { directory => '${REPO_BASE_DIR}', mountpoint => '/base-apt' }, + { directory => "${CCACHE_DIR}", mountpoint => "/ccache" } +]; +EOF +} diff --git a/meta/classes-recipe/sdk.bbclass b/meta/classes-recipe/sdk.bbclass index 074f5ef8..6086e9ce 100644 --- a/meta/classes-recipe/sdk.bbclass +++ b/meta/classes-recipe/sdk.bbclass @@ -74,13 +74,17 @@ rootfs_configure_isar_apt_dir() { ROOTFS_POSTPROCESS_COMMAND:prepend:class-sdk = "sdkchroot_configscript " sdkchroot_configscript () { - run_in_chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} + run_privileged_heredoc <<'EOF' + set -e + ${@insert_isar_mounts(d, d.getVar('ROOTFSDIR'), d.getVar('ROOTFS_MOUNTS')) if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} + cp -rL /etc/resolv.conf '${ROOTFSDIR}/etc' + chroot ${ROOTFSDIR} /configscript.sh ${DISTRO_ARCH} +EOF } ROOTFS_POSTPROCESS_COMMAND:append:class-sdk = " sdkchroot_finalize" sdkchroot_finalize() { - - rootfs_do_umounts + rootfs_do_umounts_priv # Remove setup scripts run_privileged rm -f ${ROOTFSDIR}/chroot-setup.sh ${ROOTFSDIR}/configscript.sh diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf index 0f84e715..1c3a6f4a 100644 --- a/meta/conf/bitbake.conf +++ b/meta/conf/bitbake.conf @@ -72,7 +72,7 @@ KERNEL_FILE:arm64 ?= "vmlinux" MACHINEOVERRIDES ?= "${MACHINE}" DISTROOVERRIDES ?= "${DISTRO}" -OVERRIDES = "${PACKAGE_ARCH}:${MACHINEOVERRIDES}:${DISTROOVERRIDES}:${BASE_DISTRO_CODENAME}:forcevariable" +OVERRIDES = "${PACKAGE_ARCH}:${MACHINEOVERRIDES}:${DISTROOVERRIDES}:${BASE_DISTRO_CODENAME}:${ISAR_CHROOT_MODE}:forcevariable" FILESOVERRIDES = "${PACKAGE_ARCH}:${MACHINE}" # Setting default QEMU_ARCH variables for different DISTRO_ARCH: @@ -151,6 +151,10 @@ ISAR_APT_RETRIES ??= "${@'10' if bb.utils.to_boolean(d.getVar('ISAR_USE_APT_SNAP ISAR_APT_DELAY_MAX ??= "${@'600' if bb.utils.to_boolean(d.getVar('ISAR_USE_APT_SNAPSHOT')) else ''}" ISAR_APT_SNAPSHOT_TIMESTAMP ??= "${SOURCE_DATE_EPOCH}" +# Rootless build execution +ISAR_ROOTLESS ??= "0" +ISAR_CHROOT_MODE ??= "${@'unshare' if bb.utils.to_boolean(d.getVar('ISAR_ROOTLESS')) else 'schroot'}" + # Default parallelism and resource usage for xz XZ_MEMLIMIT ?= "50%" XZ_THREADS ?= "${@oe.utils.cpu_count(at_least=2)}" @@ -206,6 +210,7 @@ CCACHE_DEBUG ?= "0" # Variables for tasks marking # Long term TODO: get rid of sudo marked tasks TASK_USE_NETWORK = "1" +# nested namespacing requires this as well TASK_USE_SUDO = "1" TASK_USE_NETWORK_AND_SUDO = "1" diff --git a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc index ea63ec79..de6c43bf 100644 --- a/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc +++ b/meta/recipes-core/isar-mmdebstrap/isar-mmdebstrap.inc @@ -177,6 +177,7 @@ do_bootstrap() { umount \$1/$base_apt_tmp && rm ${WORKDIR}/mmtmpdir && \ umount $base_apt_tmp && rm -rf --one-file-system $base_apt_tmp" else + # prepare dl_dir for access from both sides (local and rootfs) deb_dl_dir_import "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" bootstrap_list="${WORKDIR}/sources.list.d/bootstrap.list" @@ -196,6 +197,7 @@ do_bootstrap() { -o Dir::State="$1/var/lib/apt" \ -o Dir::Etc="$1/etc/apt" \ -o Dir::Cache="$1/var/cache/apt" \ + ${@'-o APT::Sandbox::User=root' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} \ -o Apt::Architecture="${BOOTSTRAP_DISTRO_ARCH}" \ ${@get_apt_opts(d, '-o')}' extra_essential="$extra_essential && $syncout" @@ -213,13 +215,14 @@ do_bootstrap() { # Cleanup mounts if fails trap 'exit 1' INT HUP QUIT TERM ALRM USR1 - trap 'bootstrap_cleanup' EXIT + trap ${@'true' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else 'bootstrap_cleanup'} EXIT # Create lock file so that it is owned by the user running the build (not root) mkdir -p ${DEBDIR} touch ${DEB_DL_LOCK} - run_privileged TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ + ${@'' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else 'run_privileged'} \ + TMPDIR="${BOOTSTRAP_TMPDIR}" mmdebstrap $bootstrap_args \ $arch_param \ --mode=unshare \ ${MMHOOKS} \ @@ -238,6 +241,7 @@ do_bootstrap() { --customize-hook='sed -i "/en_US.UTF-8 UTF-8/s/^#//g" "$1/etc/locale.gen"' \ --customize-hook='chroot "$1" /usr/sbin/locale-gen' \ --customize-hook='chroot "$1" /usr/bin/apt-get -y clean' \ + ${@'--skip=output/dev' if d.getVar('ISAR_CHROOT_MODE') == 'unshare' else ''} \ --skip=cleanup/apt \ --skip=download/empty \ ${@get_apt_opts(d, '--aptopt')} \ @@ -251,7 +255,8 @@ do_bootstrap() { if [ "${ISAR_USE_CACHED_BASE_REPO}" != "1" ]; then deb_dl_dir_export "${WORKDIR}/dl_dir" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" - run_privileged rm -rf --one-file-system "${WORKDIR}/dl_dir" + run_privileged find ${WORKDIR}/dl_dir -maxdepth 1 -mindepth 1 -exec rm -rf --one-file-system "{}" \; + rmdir ${WORKDIR}/dl_dir fi } addtask bootstrap before do_build after do_generate_keyrings diff --git a/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc b/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc index 61d37760..7a778d8c 100644 --- a/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc +++ b/meta/recipes-devtools/sbuild-chroot/sbuild-chroot.inc @@ -66,8 +66,28 @@ ROOTFS_POSTPROCESS_COMMAND:remove = "rootfs_cleanup_base_apt" DEPLOY_SCHROOT = "${@d.getVar('SCHROOT_' + d.getVar('SBUILD_VARIANT').upper() + '_DIR')}${SBUILD_SCHROOT_SUFFIX}" -do_sbuildchroot_deploy[dirs] = "${DEPLOY_DIR}/schroot-${SBUILD_VARIANT}" -do_sbuildchroot_deploy() { +sbuildchroot_deploy_tree() { ln -Tfsr "${ROOTFSDIR}" "${DEPLOY_SCHROOT}" } +sbuildchroot_deploy_tar() { + lopts="--one-file-system --exclude=var/cache/apt/archives --exclude=isar-apt" + # we cannot use pzstd, as this results in a different magic + # (zstd skippable frame) which is not detected by sbuild + # https://salsa.debian.org/debian/sbuild/-/blob/d975d388a98627a0d7d112791e441c27a6d529df/lib/Sbuild/ChrootUnshare.pm#L608 + ZSTD="zstd -${SSTATE_ZSTD_CLEVEL} -T${ZSTD_THREADS}" + run_privileged \ + tar -C ${ROOTFSDIR} -cpS $lopts ${ROOTFS_TAR_ATTR_FLAGS} . \ + | $ZSTD > ${DEPLOY_SCHROOT}.tar.zst + # cleanup extracted rootfs + run_privileged rm -rf ${ROOTFSDIR} +} + +do_sbuildchroot_deploy[network] = "${TASK_USE_SUDO}" +do_sbuildchroot_deploy[dirs] += "${DEPLOY_DIR}/schroot-${SBUILD_VARIANT}" +python do_sbuildchroot_deploy() { + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + bb.build.exec_func('sbuildchroot_deploy_tar', d) + else: + bb.build.exec_func('sbuildchroot_deploy_tree', d) +} addtask sbuildchroot_deploy before do_build after do_rootfs From patchwork Fri Feb 27 14:57:11 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4940 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:53 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-pl1-f188.google.com (mail-pl1-f188.google.com [209.85.214.188]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvp90015808 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:52 +0100 Received: by mail-pl1-f188.google.com with SMTP id d9443c01a7336-2adb085735bsf24183745ad.1 for ; Fri, 27 Feb 2026 06:57:52 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204266; cv=pass; d=google.com; s=arc-20240605; b=ZIs52vbUy3NJCybTlcxvYlJFwMiYAQtFLukVBRYl/VU8wbDqpBrRE5F3oOJgiwT7r9 THwQktH4z9Xd7HGR4qfIKzz77S9pukJa/OgYEs4byHVh4ELOK3q5gqOVNYA9Cmi3XW8T KSwk9LbLjjOU5/W8vdb90LFZbL7pKBV8MW+Qie5S6DcdME9XpE1UoTzUDe7e1Mqe90Da vmWOn0iw/gMasBHrT8IkShZaQaj1pxm1ppYpc3C3uvc0RZuW7nO86sIsMwQD9N0dLu9X T7Rlpcc1HyQbmKJ9y6n46Js5QhOliEoidc8aUYpbJSV4IzuWlV4AKMkejVGIrXg+yVWY w+gg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=QTdNOQop74fV58lccFaQrjlBOZz95YsGNYhiBYtPBBk=; fh=tKEBrGlQT5/Yv6+wk4NldJa1kF8+L/9t1wQ22uR8PeY=; b=JE6NcUzGblO/WSoLK6cZpA3qL3OWmNph1ppcPd18ZHFEh+cQmvbGuBHxZhPQP9uZEV Puwga5nhZdJlZki9ojfqJwL5y6a6gbM53GgTMHBsHtnRsp4A5aGLNKl3f+9j/M9fyoiU e4yPFtY2TNDb4f7PlPpe3utZN4GW7KodZrCgQ5a83vPkYQnCLws0Ems82x1UwST5+ZvD pmHHHvcUjOzB2ldVkH6RB+xMn2CSHOwlUQdOCymGhB7kAHAz+Pl9h6p7RJwAL62xa32J xWa08ZMqqDYrYO6gLxHZIXjMyzPh6AnjDmdPR0ipSDMHbnRmWBIm55iBopLFQJuPEqtm JXEA==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Oh2csAA0; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204266; x=1772809066; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=QTdNOQop74fV58lccFaQrjlBOZz95YsGNYhiBYtPBBk=; b=mutbhlTud/Pv7fE4bQV8EcC7xfl6+xEzQIQloveKKeonejISFYo84z80mG6hFeroPd zRX8AV8VHPWq36lgCURVDU3p7od3S0eLX+aMKEeuXU+X1aFiLzkzXmVjkCHdUyPxLKbO a3SonC+Ds6hF7lOjXfdI3vUope570cb9vP10dk7TR5a2Ok6Hd2lc17j0xs6W7+4T+L/C CGCM3gikiggdNZAyj9rfa0oaErPD8lovHjiKQKyE9KULlMJ3ah9Y0m+nzM0XJIQU8xDJ UCW6VJuzSAe+lmG634NPTTBtLPYLR/9mstDu3OfhR4MSohwtO2xcVKY34+EoB65LKKY9 +D5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204266; x=1772809066; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=QTdNOQop74fV58lccFaQrjlBOZz95YsGNYhiBYtPBBk=; b=BA78i/xAARsQJjwOBBpI1UuIvknSVTiK1ntrCj7zhXnqVvDxULlESH1A036/QXiCUy C16UJKa8Zu/PgQZWaXyoJOYDgC2eua5kP4w2tACkg61FsVTh81X+/NctdC3syFbyVJt6 OHlHsFaoogb3K4YPEbQEWubVT9Bod7bsH5yW6XrXbK2yXMqEjkVwFsnEuxX5oHRNVPjQ riDka/Xe+yu7l3A+rGw+jDYoLSHmTsg8HKmUpBROxJ9tEJyU4tn2yLsA3iIOUwg/Um6H 4h1/mHWptfc1OdZN6+2mBHS+8obCAim4wWurI+yEFRasVbZQ2PuQbwjILA8obndOVcJF CAPg== X-Forwarded-Encrypted: i=3; AJvYcCVUs9+5aEusYxzdg15x0C6YOycrjnRbQQtjDbth0SpdwHoehwIIlQqN4iQh8LGx0BEGEgBCQzk=@isar-build.org X-Gm-Message-State: AOJu0YzQ++MijgypX8rqC19IoHEDUJmEiyPp5WnBiRaWDhTD7LMzZV7g PQ7pTCTImjopv4TqmAaHuDWwLWKdZ4HWvraOhuabfokkAGY7SyzsSx93 X-Received: by 2002:a17:902:e743:b0:2a0:ba6d:d101 with SMTP id d9443c01a7336-2ae2e40b84emr26127925ad.21.1772204265749; Fri, 27 Feb 2026 06:57:45 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+G9DHyFoymIAs0q/xbP1AtpkqZffckY1baP7AJclGi2wA==" Received: by 2002:a17:903:283:b0:2ad:9f2a:8a71 with SMTP id d9443c01a7336-2add77d1370ls48965995ad.2.-pod-prod-01-us; Fri, 27 Feb 2026 06:57:42 -0800 (PST) X-Received: by 2002:a17:903:3c4b:b0:2aa:d630:cd5d with SMTP id d9443c01a7336-2ae2e4bb332mr28923605ad.44.1772204262041; Fri, 27 Feb 2026 06:57:42 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204262; cv=pass; d=google.com; s=arc-20240605; b=MdfW4fxPV68A+xfLvl6qgrCe1oQpZEVIs3sBA2Qz4YNJhJuGgmQJ1X9x+rUBXHkFMT tG9ZK0DhIlRknMZrSbrLmEooju4K3QvqGaPzSap2aHVRN3pv1fapHpQ6Bp5DbSGqRZ/S wq1GiAKSEgkKtnsa1VFZribLBTqVDm+ziuYjnKtOECNbdRlSFP/h3bFZiRp9MkMaMg1H QJB0G3QU3/17Ry0WJt5SYQ1y3XzIRKxTSbUP8+o1NsPO7KfjcbQPaj3EvQma3xmRT/UN +9kN4kM6Jk/yrlxmTAMQM2UdmW5hQF52rCHSZUHsXyopufHcdIm0T58HwT3eYxWFGVyo WT+A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=mBzruSkq8ny6nWZ7BpQ89FNZu4yjSW3SOvb/S5hmdZc=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=MYUq4mFHnndFg5orKEq5bHQnn+SDkaIe9KWFoPZ4vM9GJzriakfRdi/cdutBLyrYZy pWBJBDwI2X72dDNwsAmItG7mmNe/vkuwPCEhl3qLc7jrScvaZdJ8pU7mQ9IJOXG6YaQE HlMLNMFIBmzvYgGN1xlhRFK6T4rRF7J8ar/OWTlxbGa1ZB+Mf9nT4dkFa1LGOjFDZ+4u 7AJcByXwWRvb0lWMN1FRitNLQO4xZEi/rW+TGbsnnkiihY7TwAwqDi14yBjkolMZH9GR PDOCC+FJSsjjRJPxGfXfs/HH97k1xwyQqXd4ZNHYXlMNMJfU7LPT8UGeRmzcr/xQt38Y O91g==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Oh2csAA0; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id d9443c01a7336-2adfb65d3b8si1703605ad.9.2026.02.27.06.57.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:42 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Jro5nAFCp0IYOzvbQByYhooSeIK8KtdCjATJj+9zYzufiENkzcrUWEY5v5T5e52Ptn6zwE/ZYNU0km9kHw6WbeO6j1Ow1ZPuqLw2f3/Irak1mWi4J1zm7xT0/d9W92dSi9NLuC1Ylfb/poWe1WbH1xtdyBXc2JAJxJEhZRnr9cYxEqVZHpm7kYoxacggBrJYdTlyeMJPqYGzQOoeVj9uw30620NAeHaUu+SDxRI00nfvn4czioED1lMo0T0BNrnzSNyPxjbcyZo45YYrNOkWN2BynAdF/MMZCvbLVup1KpkqcnlVIEiYWPUL+sIGiNnjDV9UyBWnM+0Wk14qv3O8eQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mBzruSkq8ny6nWZ7BpQ89FNZu4yjSW3SOvb/S5hmdZc=; b=PrRH9AJLsXR7BUG6Agm0NiterabEi9AvGFqN2sj8qP+2cn+nOBUjN4KHybdg4blSyneltXI+UVo/OX3O6vnOm9xeX5CGnRROgm7hMtM8/wbX9xwUXAQaQNrGrn9psrt9ZFryv5+gumYCAOF1h1TvHiF2vZtm+dbXv8N1PkiHmbI+/ZvgnK3DPdkH5sL5eoHgVI59Kesgm+waO/rJ7MZ6QmTytlhg7F4iI0IeKNenVCRdiyi6hzLEI8kdc3SyoR9TF39J7/zCzEWW2oA7uewT7WanQHuINnJtVKVsz50DKNTjlAX40s6YB94U0gh0pdG4RF5KfhKaiuX5FUxVYov62A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:57:38 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:38 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 11/16] add helper script to clean artifacts in build dir Date: Fri, 27 Feb 2026 15:57:11 +0100 Message-ID: <20260227145716.3794146-12-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: 807b9502-3188-4876-4d59-08de76108c3c X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: 7fkl397+jL5NYyUAXLHn26oY/gfiydtGPENklihj/U0OUPcYdBomzlpznvP31nYdVljOi54PWC4FtCcUkEJMrJM2pPg+eNrKpNLnj8Gz2Cu2IVZys4W5nbGVNYhgVH33zAxeJFhM/p90cKYkd06B+hAPW20tM1+Iujq4dv82PKy9enKbG5wJ0iawroHflrzBScBs5+LuvShRkfmcrATT9dTk/BqaPj9tEJdfEnjuzQd1BqHflrh7srdSlrWGt0c5wCpLQEqaCvu8fmRLsxIIVz8OEoR2bAjFlrgCOip1VBYOGgDyuApBLhS57wtMHogTGIGVSfTBo2wyGi++LujdUhH+e1/LA5KxK+0+ewJr2OQexSmkbIYYjbEiZqlEzfcqVmOcP/RSt3IDe0VJeEQUSvGAV5I6OB1uAO9zLHHmFa11vpFClrx/sNkVUWjBUS59EwZSKpBg7xvc25P6XmsMSWV+PLUM6QwcM1LdEZFe+Zw/I12tTM47zpkUjCtbrUQLC3sxX9G5t9ehFuxe6PCJ8C5ZTn90695OAwLYell+eKkEz3Ddb0vVZ52iud0z2Zp8spbB0xZhzIywmXkEh9G8WypZLm8yh5H1bwYeYXcjNiDjRWgpNLiK55cg2759qdpWRphMzT2K+u6ApK+2jOPp/b9Gt+CeWPMEwHzmsxyb3Eam800xE2o0RfxrxWFzeeR4Z9k+a7/xERg1OzygkJI1OSUKW0WVlksBW79zo3aAxXk= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: 2Fc/cCRRTbmfag1Rx2JCriQMitz5g3fnMHHGqSdW6J7ynn6CgZ61i63hS8wVcihPgxRmyXylpdGlr0FuTowdeAVIhu+UG5U3PdJYW7qNXz6qo9CVi1BmBgteIHxwzkx/fstb7QNfscOEhzkUWnjDeqMDiO0j0xOcJ2Xk8XwS5w2f6Jji1lROf8KCL8mjO/Z2eOc8reWgmAUdgaWjAFEeyBR4EPkcdkGUYry3C4zJGtskUPeWDe+GScW3M/R+fa1MwSTJVOmNzkxSuyRjoa+2uzGilTPddwgQVWlb8BsgQon1YxWY9lyJZQDtHjfm+fiLBrwR1feVnmd4Hnl3kRkrr/Fbx5gwhz7yyxur9TtplrTPXQq1bclh94KM7n4UkBu16fn1+k7SM0nqbsfWRw8OmdRAPHSrPZj1fhTwuLwK8CftLAfCkIK70412E0AHuA5q4UZdm8Wcfa9GI3UuudV8i9ubEc3o6XUY6JVCCs7pEDB6bQZz2aV/t7BM4gr5CvHbdm/JMMIVc2Fkd/aByxAzDPo9bSs77JrmYiUkFqve9ViV8dqBqAQKVHbhZOiX3eyGyKbLq1rReu5+hG/Zj33p4CzftfL6I3XpgSyhOuZzGu2z+ZpYD84pgXQ3JJ88WER4cg8bxAYzNB4p/t5mFLomvAtygid2BygZxm+8OJHLjWyj4ISxIkxL7BJCOdtpR2aylsbqoCX0WoxBqhMaJEKzZ8kLMPR2+fL0uBGygoES2frktkNGks4VR0Mj8Vxss2avnXS0jPx+xLUL30lv29/yxO+Qwid7WqcWXrGPSc+AsO8eKnKf510A4bpamahCO6hQwaDwak8E2Wru1xqtZRHgzy+NMpThDPmofkFpOaQ4eXzbIX7XudoE5I1t7i2lOUTk5KqgmvEpIUrR5QCyUsME+6xjY5DKBaZJ9bTDcLcrj1YwOBpn1XYo3Avo6NxdnKib1xXirXBgWA52vVxocyh5ESXBb3TH4/rsfifANh2qbLlj+5YK09GeIBJA2zBshPJN6anWbiphv4AR2LOP0MQifyG9aArWyAuXmawId37vwstcR8jrWpULCruKkn/BWtCLtMf7A5Y4QNW9GEZtO2SqwSlVlYHA2Imqp3PitVGndcIRXMnVcITbp1etb1A+QAX4BxDY8Ft22+CCtSavLGIc9WML7VUGMmGvsdsiMPKN9MXn9j+Cny7WW0kJ34aYudzL8KPF9q+AAawT/A2fmM4Q+z/3T02TxPFru/4qVYP31cupJUMny1/lwGrWIfDuI5xyCSuTW3fvGTXulu0zP757GTv0Qay6DIKeOt/k4xtDBbELlnlXOKwnhpQ5ZQmiWSqSYhuRLYoV7ecRu4nBPfl0OHtsKPbDP9KLh37rQrv7+lx5l3LlB/+LFRF4zCNPABF9GwE+DCNK9NgceIMG0mjM9atP03ZSa/WskIjJWODPx5CDtQZJNUBo1r7c2GGWErU1WrY2AynCliMWiGv0qf6LDUbJAyCy/PHCh+BbeQQoDnJS9znut4Jd+RdPtZCScuSk3Mj8tcg8uGqDuRhwaLcKw+M5sM/NUefZqmN4rYSwpZHaXowyenMvdK+gMjtyWJ3rIOfnKnR+yv2sFHavIUDDLSEM/85ldc2BBoXRANIi7q0l1jCXxKzl3UImiDaUbwaSVrObwheEcsEJbD2hGCUtZPL8dsDq9GKLZe4sSYq8DL1b3JKXOQ5Kc3FR4KlKFVB8t/BcSTfOL59bYAjdIbQ+btntLF8H6O9/cUZFkxCt8Vf5iJy6YPCP9vbNOF4t93TR+b1XamEL X-MS-Exchange-AntiSpam-MessageData-1: QBdrfz8exa76V7VJglk7BEXmqtkfGsni/2I= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 807b9502-3188-4876-4d59-08de76108c3c X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:37.9075 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Mv0kSH1Wk+VW2OJctLPDkik8WWyxNUm//A+F6IvfXBMq1F0gibhhW7jh9i9fv6biQp4e7+a8u5G+wTgx5BNrLRK1wHCHmRBXLMIaqPSTofI= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Oh2csAA0; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= When running in rootless mode, cleaning the build directory from outside the build environment is a non trivial task due to mixed file ownerships. To simplify this, we introduce the isar-clean-builddir script that can perform the cleanup without requiring root privileges. Signed-off-by: Felix Moessbauer --- RECIPE-API-CHANGELOG.md | 5 +++ scripts/isar-clean-builddir | 73 +++++++++++++++++++++++++++++++++++++ 2 files changed, 78 insertions(+) create mode 100755 scripts/isar-clean-builddir diff --git a/RECIPE-API-CHANGELOG.md b/RECIPE-API-CHANGELOG.md index 7640d87d..52af27ce 100644 --- a/RECIPE-API-CHANGELOG.md +++ b/RECIPE-API-CHANGELOG.md @@ -999,3 +999,8 @@ This internally switches the chroot mode from `schroot` to `unshare`. When using kas, the `build_system` needs to be set to `isar-rootless`, but the final interfaces still need to be clarified. Further, kas patches are needed (for details, check the kas mailing list). + +Note, that the build dir may contain files that were generated within the rootless +environment and cannot be deleted from the outside by the calling user. To simplify +the cleanup, we provide the `isar-clean-builddir` script that helps purging +directories with mixed ownerships (without requiring root privileges). diff --git a/scripts/isar-clean-builddir b/scripts/isar-clean-builddir new file mode 100755 index 00000000..6bc90b1d --- /dev/null +++ b/scripts/isar-clean-builddir @@ -0,0 +1,73 @@ +#!/bin/sh +# isar-clean-builddir - Clean the build/tmp directory +# +# This script removes all files from the specified directory, including those +# owned by other users (which requires elevated privileges). +# +# Rootless Mode: +# When --rootless is specified, no privileged commands are executed. This +# requires that the UID namespace where files were generated matches the +# cleanup environment. When running from a container, this script must be +# called from within the same container. +# +# Part of the Isar API. External tools may call this script for cleanup. +# +# Copyright (c) Siemens AG, 2026 +# SPDX-License-Identifier: MIT + +DRY_RUN=0 +ROOTLESS=0 + +usage() +{ + EXIT_CODE="$1" + SELF="isar-clean-builddir" + printf "%b" "Usage: ${SELF} [--rootless] [--dry-run] [dir]\n" + + exit "${EXIT_CODE:-1}" +} + +while [ $# -gt 0 ]; do + case "$1" in + --dry-run) + DRY_RUN=1 + shift 1 + ;; + -h | --help) + usage 0 + ;; + --rootless) + ROOTLESS=1 + shift 1 + ;; + --*) + usage 1 + ;; + *) + break + ;; + esac +done + +[ $# -eq 1 ] || usage 1 +if ! [ -d "$1" ]; then + echo "error: \"$1\" is not a directory" + exit 1 +fi + +if [ $ROOTLESS -eq 1 ]; then + PRIVILEGED_CMD="unshare --map-auto --map-root-user --keep-caps" +else + PRIVILEGED_CMD="sudo" +fi + +if [ $DRY_RUN -eq 1 ]; then + echo "dry-run, not executing" + DRY_RUN_PREFIX="/bin/echo" +fi + +# clean all files that do not belong to us +# shellcheck disable=2086 +find "$1" \( ! -user "$(whoami)" -type d -prune \) -exec $DRY_RUN_PREFIX $PRIVILEGED_CMD rm -rf {} \; +# clean remaining files +$DRY_RUN_PREFIX rm -rf "$1" From patchwork Fri Feb 27 14:57:12 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4939 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:52 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-pg1-f186.google.com (mail-pg1-f186.google.com [209.85.215.186]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvoXL015750 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:51 +0100 Received: by mail-pg1-f186.google.com with SMTP id 41be03b00d2f7-b6ce1b57b9csf1810190a12.1 for ; Fri, 27 Feb 2026 06:57:51 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204265; cv=pass; d=google.com; s=arc-20240605; b=Uq+DzVTt+c4n4gIwGYSXddNNwjhA6YQLOjk+F57f2QQNREgERvQSL5ZV2sxowzAooO qe+Uwtnjyzlvo922Bj9MD9GF+ufekQfGusinZTt4uOlMBM45/sVNnpSkBwey8UJutMIk CNdWFWTRfpV06an+gc/SrNJgZtttQT/w8tiZOn2XB7f/+aKjyWdrTv5w7WTVF1bbXWZK XBxGfv40cc1MTyjR2A0D1+KCceeohccb2uANc6f3XcxXgEFURlHky4QOoblvFX5XmAAh hoA2VwknlAyPrUeGn1RdSbsndG3oS6XiQMYFpu2NKAOGcFs0zk0LQGhfkBTruu1YzUxB GQGQ== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=XzKucR4QXcjwL9jtculQ+ic/jnsTgRyaYaUevgD+vlc=; fh=Xtp3/cS/ENY8tb8NWu5Lzs1x4ozlTxMHhSwx6IPKW3E=; b=W1oPpTQIKkOSKqHOBLtWj21y8SKqHLNaDn02iqEIN0cg4Lf9KO7u1bwNZKrSE0vRnt gYUqCMfw4L546s2s7haOYRectHArOi4cJirAZE/l2ev++CPinSRdGIEkuhD7NxDddLRq cZh8u04i/EGadGojcXmncRS+BPfuuXzDrqF7jV4E/6jJ9DA0x8ipjFaK/A5vk82oUmTK +KvPfF8vpzHeyqhSHH5PFRO5roS/Vcr7iGwUJerdkJdQPdYQcAHVUI+UHJ7njny8dx5k KjHOG6TnOeHjCAtqMt9G9y0x1uFxdJ98VlsKsfnUdSKXeeJqNKSY2OLAkdGs/fL8iwg1 1iJA==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=tSFDOCoR; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204265; x=1772809065; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=XzKucR4QXcjwL9jtculQ+ic/jnsTgRyaYaUevgD+vlc=; b=mscYY2TvXoUirSbiyK6vZ7VzpXPYz4I0qM3rrzBMzpgzd7VB7AGn8+qcdF27Zd31PE AuRKkuBUC62pH5D2NJb7Mx7Y0jdjhy10+qQgNH/iOmwOPgnoUaOJrsNtYtVWv2aouM/h NMLfV24eR9AIN7f/J+DoOZ+AIDnz4roTwbtDv3yGyDWSVECB8Fi+v3r0YqioPbpwsU4m 86ZI9b8yHz+kDd9Ndl2/+zLKFDNTTP/CRUR8JnA/mlNQNrxp9SulZvSa9KP7uQ1E/g84 vMQ51vl9v0+r5V36IdgLfuntXopdONGA3/Ogr6PtQHIKdjYkUCdZD/AhT26Gt9SuFBlM Z5AQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204265; x=1772809065; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XzKucR4QXcjwL9jtculQ+ic/jnsTgRyaYaUevgD+vlc=; b=BrMHZH73edJUaF0ZiC5gY+22BAkcymFyvIFP1ltssDlayj3HebGjbYCIp4hoK4GxRW EWDl3fektMPaVekx4q5W7MPSNsiqN2rXUl6s60tLnYpWXabsdFF8bepsrlTNGMpwUnyS 3iX6RqpBrQ/7I76//7A1G22mgzrauLPZcAVRhVd91nELnThIvryyOAeW5MbZYmffjWzM pulZ03FhBnFtgjCnmx4gHxGvq3aOvOAgANJDSfyumrtqwDdl6JTcnspkJjbFJWrIM4yc vi8Auav0kNWgVtUmrqYX0tNAhv5xj3740bHvg9o0jh6Y2RD7OoQxe0wAVyJDThh52ChU D3FA== X-Forwarded-Encrypted: i=3; AJvYcCVeTPAcwxKoZPFVo5MoXIkBkyxxd6zdL12Qgn23xbAMzm+AE0V3dO6pzBV8SiY6lxQgmUXygKI=@isar-build.org X-Gm-Message-State: AOJu0Yw0XNErJD60q7Gk3PEaOTbKBZWmcbAt1a/k+xHvlPo0EhZqvK4B DKmfT+nTT1t+9bhP+XIGIigwsKkPyLqFTnJ5INOZ8kr59H9olMyoM4JV X-Received: by 2002:a05:6a21:3a86:b0:38b:ea89:700a with SMTP id adf61e73a8af0-395c3ae7754mr3227393637.34.1772204264980; Fri, 27 Feb 2026 06:57:44 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+FDea6I8TsVkxdt5h5isGWLCRJMdY8WKiqRBC7KbXaf5Q==" Received: by 2002:a17:903:4310:b0:2a8:1917:e257 with SMTP id d9443c01a7336-2add602147als17726505ad.0.-pod-prod-04-us; Fri, 27 Feb 2026 06:57:43 -0800 (PST) X-Received: by 2002:a17:903:1aad:b0:2aa:ecec:a43d with SMTP id d9443c01a7336-2ae2e401f52mr27047685ad.21.1772204263277; Fri, 27 Feb 2026 06:57:43 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204263; cv=pass; d=google.com; s=arc-20240605; b=N5iM5ZnY/zPDT981djdDde+OUNBfqLGfsMnEz49FUwmNr4nwHMOSJBX+u/yYpIiF8k SLDMHOAthJc5hA3OW5l1e4sOBVrVdywnftXA1y9JAp5pLK7MYCerzot1+VhDXZxMNGXi y7fPXBoT3ncEXVsGVzschnKUiTxLmAr1GdEI/2r01yR0RtWCsUhIi9T4h3q0ZOFx+1ET E61ZLxBWmX4+Xteu3ZtWLzJiXtm5aTQl+oZJSPkaLR7NzvuTn8Apj3yMIsaCD1haAc8I xRI2gA4r9fDudyOdjtWTsfFr9cXMhKg107gBasauV537JiJGHMgB5nFiQWGL0TduhEfY wLqg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=dEotZVh6TP8UfsRSGuPPFv4IwLSX0xf0S1GMn33neyc=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=dds4C7lW+dAks5YnS6SNU0GjoBB03anHDNZ+ku+ODjId7rIhur6aJRuNXPR/9K9A9a hLZzHhm+RvoI6g5C0Jwbf5z2dZ+CJCVPS8uJA1cHpzCa0B1nhmrJVJ+5akCLcySD6aZI u4lMC+tnhpyK+Ao2mzGsYUxONCPSZ+XgTfUsPRgOLsr2Xjk9BLf5t4NpjZxAPOsfv7Eu Snclq41aW+RiAJP2JE24poh/HcaarIPpxaO3DbP+z2E2GKo/uaND31aH7wi/mhsh3qDs wnkrTvxHE6cwYhH/bBVKn6WdFqynd9dN7uD4jQAPWv9B3kWSarClscFA4ryL2rFmardU dJrA==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=tSFDOCoR; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id d9443c01a7336-2adfb65d3b8si1703605ad.9.2026.02.27.06.57.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:43 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=hnTztb+dYEJ4BFd3jzK9vj+/wfQZGGJhXfCasMyW1hTGhW/lqh6750SMoC1sTcFBj2JzHOVQqhs+aeMsZJ37vgj8cnI1bYSKrVqkKDnadpDYAFXWwr0fxqzhO/WX3u+y8KpxDMu9cLhxETSuKONb+wCDNU6Z1NXbppv+1HMitWODQJtXJf2gEPkEjWFsb/XB5TRhxqv12lnKZ0fLeY57JB7YpMTUyz97b67ziijz314cwqn/X1r8ykkP4S8GYtd/uBbSm2uebEgnzAPLI+8CXFtB7lSTRQeuBBjc7FsiefzPDrZDdzeJBNS3VMFvQXL6PEWjZ2V+orAusexRCwsuUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dEotZVh6TP8UfsRSGuPPFv4IwLSX0xf0S1GMn33neyc=; b=Y2IlZUDIYnW3i4lYgoAEntavWzNFV3u5enSCKp8TLwTb2hYyIrC3wwYZpq2vwGCAC07InQ/7x/SaqMNXaHWnHdu7HxhWy8nSgZjkd1qK2xgiMvICIh56chnd/2QcSn7ukKdY22rccQQbLtpDJOadUcFoY+F4sAciROd37YDyHqkJ9zXtMxkdSkNeQKEtvkcZxpL8/jdae0EkzJtjmkf08yI4H/zZVS8XlglKRoLD1nOb1oyqtNbd9QY89O0VO9FVJFS4hGOsDPSGlM+pbnDguwWflOBCrBZ/Z6QeEMEdy7ejj/0zPISLLEqkMglxwVWGmfAkDPagI/mZuj/hWbXvgA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:57:38 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:38 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 12/16] apt-fetcher: implement support for unshare backend Date: Fri, 27 Feb 2026 15:57:12 +0100 Message-ID: <20260227145716.3794146-13-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: 16549f6a-ca29-4d18-0e58-08de76108ca6 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: HlpTMJVIJ1pl4joWiQPlXF3kItUjPyHPJBp8vU8KBXrwRChRUAmbl40n1upFWYseX7Wmi9cV4zDV7c02uU25TMEyvbHtpvW1HcetgrSv05+UhtB5ja8hLESVwG67JLgDR0p5ynbKKAGutlJ0W5+EuxgbCHnWJJLe3Am/Y11w4w/qexf2E79jh/SLolYjCLZEmgUTo0LroQNXZUyBAogVFWsi6P9Cnhjr+3eMICjAjY/wngVfozhArBxNtN456fpe76eYZrl66sPIaFzFY7XiBYaX1xNBOGTtB3a82OoTqx7ekbZZ+isMYXMa1lxazWZDrFlvEugU08kSAUe/ZHB2nN/C/heso0+NmnzHwBh5+fY0+SSFOhPfV8iqW00BuJlRQG/6sXv3lWo/CBwp+zqQBVa5pyBEdlA0AkLlTnaRktt7VVWriuNoiSEuNvwBFTtGfKr1S81zgJW8++qf0wvwY7rKHdEgZ3j7VHtHw6lY7fHsuaJObZHSoegDQ4eWrG48kvzOU+um1t0AWD4u+Elfgu2OSwpCOujuAN0X4yvDqqemgP+ZvzH1Cbr42QwWtUJpP32T43AVBHbSBitAwHzB6JRMOtlZ3o7XSAxx4tn+Y6SzbMzsAXoQtwfuaCz/EOuQQnL2LHwf0Wqg4dAvYwSFsCQq69VbUG4hhUOHtYJVeJ3kqIobE1uOFVztYTKMsZQehofhwGT4IfGU3NLFB8sopKQ5Ia0tNHnYyWxsfeWdPUo= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: sP+1dDgD6b20pd6PI7tGJrvAgmnlBr4byBCnTestEp6eE6pqWVTaTdvsgoNNHf3YOTS35XEDQw+YnQ/eMkB2/kynCRJ0SOri5nbE5VI2DdW0Eytq8cKzX5T1zvCwJUTU3/wwCGYPKvo2A2dGnGlhSlgXxfGxb/GtPmhHHJeI2vkFkRC18Ip345h5hSLUTTGT5W2aHQ9hrdZ9W7NeqrdT6U6d9ozNpA9MGsYLB42E3qzus3oY6bO+qIbd7UJpmyX0OKV8mITChsJHB9/Plfpt0uP6NL1nFhuAFrYld/KZmg87Athy9+Ni6h2s23Cd0Qekkeg4WwMqNeoSGT88KXzmxxQllt6DyxziqD5ysUgmnCV21R043W6Q1Rd+65KtD8MlSYFyfBfU3Fz+wLVPBwgL9lOK2wtcq8lvLDXydZgz4qMMu2lcFXKuglzhyhByot1gfNEXrknCM/byJtEoH0f//6JytB3Y7AjVwAwM827KF9QWxwAOVouGoTMeqLefbju6Vzv9R5WwM8Psx/SQVgflz4b0BDjJcgF7SUVH34fueBUU4ZBk8irlzB/kkTCgALBLM0z09XTTh9WISahXUp7TB3I7ZWF+lClD7yKQVyzfzXXG75tdCxLpRgnhx7Q4XEY2vFrEgnAubPccBlMBUysOu6nKe33YtdkHCF0Esm4nwPr+q5OUtUvweDxjstttDFsl2DfavEfwExogbfTeV+ssq5ZrYh8d3uALz8cpQltmdCqwvO7fgfsjMnx0LCdZYXos5Hf4mfNbQS+MYUWrFGzGVN/HDLe/je+lIWQSurc6EFxqxlde5SWIX1qcOz5hMscyIRHK0xsnbUmBWyevaVokCAgfSldY5u4iKy0Fa23FAYb0iNddJQyPKI7bE7r7Q+Dz4qELGI5n8w0OZ04qC+B58PZTZXMkFYiUqDGzT5D8/zuB4+uFq4qfVabMXfuNTKhm/IR5tyw0L9ZN85psmuHuhyIDh9y8YSzcusttRkQAHmwCeBD+gCMqJPHXDIHCKMnMFyUii30g6qLyZ1foa9sMSRJJhGtFv+su1Z8b4mOQqWOUP7GQdKjWKFRnDMj9vnaNbUWQ847YGxpQImxPAXS5x1xIpFP3tzZO1IKMwr+bWnacKKxsJ8pXTF4OWxwloshKUOHZh9tcFx0LLbAIGmL46HObOnpxkmsaOquFBz/F5ndyaLIzZNC9OCicFjIzjU/9GH3dbi5tyxn0LFis4gKha7mGqUJybFFx9wg/i5Y5qlihbB1eFr9vArhSa637uLh+1kAd6vzdmMPo1CQJVE54L5M/atcD8jykh67q/SC1otebTPEzvzv5NP4riyC15s6eFKgL4tTm9kgZXm2uFqN074YXXSK9harisyVwMr1SiWliXUgXiTHpDwycL7E/fhGbMKBh8os9yIlqU8CWN90iDx2xzvku7ANaT4xa183Qujilc3NhgpcVlDj/IkPYwLnjYi3gh64/Ow3OM1hfihVb/oPO+rjjwJukQFamPmZfjoteOXmIwI/hp9fI+SutIRWXMbV7zEkIiqMB3WuK4qjkVo6s+zf8NeN0Lpy8wNwdUTSvDCwK1jagk+aC8FlaTDDtvvaiuVaxkyiK5wCIEAhtzUOrSxTllhnYgSpgZi8rTZGL1yJ4aDPleDbWvwryysGpC589CEl6hwh6AH8/QYKtbbCXUI13rcmZ/PqkmtwDCBCe55SPnBXrgWk/cRan7LAb0P7t9Ln4FxjaBtvLYUgztT/R8WxktvzOxXDS/3yuAfXbzuA+83yUgzoHjBrP0GHA9bfG79ub X-MS-Exchange-AntiSpam-MessageData-1: 4wyEBILqX5VODysPyMJ6rdnW5hf78QvyY/g= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 16549f6a-ca29-4d18-0e58-08de76108ca6 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:38.5950 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: NwiakdIdS1LxOu7on28AJMZzXS0+3O+igCixuKBswr5+6pAMbpP4Vjam0/Nh/VuusqajBNG0KRVBjTQz09+AjhGrGQlR1RVY0JdiCgDbuiM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=tSFDOCoR; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Signed-off-by: Felix Moessbauer --- meta/lib/aptsrc_fetcher.py | 75 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/meta/lib/aptsrc_fetcher.py b/meta/lib/aptsrc_fetcher.py index 37c84fa7..983531e8 100644 --- a/meta/lib/aptsrc_fetcher.py +++ b/meta/lib/aptsrc_fetcher.py @@ -7,10 +7,13 @@ from bb.fetch2 import FetchError from bb.fetch2 import FetchMethod from bb.fetch2 import logger from bb.fetch2 import runfetchcmd +import os class AptSrc(FetchMethod): @classmethod def create(cls, d): + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + return AptSrcUnshare() return AptSrcSchroot() def supports(self, ud, d): @@ -92,3 +95,75 @@ class AptSrcSchroot(AptSrc): finally: runfetchcmd(f'schroot -q -f -e -c {session_id}', d) bb.build.exec_func('schroot_delete_configs', d) + + +class AptSrcUnshare(AptSrc): + def _setup_chroot(self, rootfsdir, d): + sbuild_chroot = d.getVar('SBUILD_CHROOT') + unshare_cmd = d.getVar('RUN_PRIVILEGED_CMD') + + runfetchcmd( + f''' +{unshare_cmd} /bin/bash -s </dev/null; + tar -c --owner=0 --group=0 --numeric-owner . + ' +EOF + ''', d) + except (OSError, FetchError): + raise + finally: + bb.utils.unlockfile(lockfile) + self._teardown_chroot(rootfsdir, d) + + def unpack(self, ud, rootdir, d): + workdir = d.getVar('WORKDIR') + rootfsdir = os.path.join(workdir, 'rootfs-fetcher') + extractto = f'{d.getVar("S")}.dpkg' + bb.utils.remove(extractto, recurse=True) + + try: + runfetchcmd(f''' + set -e + find {self.localpath(ud, d)} -print -type f -name '*.dsc' -exec dpkg-source -su -x {{}} {extractto} \\; + find {extractto} -mindepth 1 -maxdepth 1 -exec mv {{}} {d.getVar('S')}/ \\; + ''', d) + except (OSError, FetchError): + raise + finally: + bb.utils.remove(extractto, recurse=True) + self._teardown_chroot(rootfsdir, d) From patchwork Fri Feb 27 14:57:13 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4941 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:54 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-pl1-f188.google.com (mail-pl1-f188.google.com [209.85.214.188]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvpJ6015859 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:52 +0100 Received: by mail-pl1-f188.google.com with SMTP id d9443c01a7336-2ae0d7f5c6bsf14471385ad.2 for ; Fri, 27 Feb 2026 06:57:52 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204266; cv=pass; d=google.com; s=arc-20240605; b=QS+yJ5QMBhylCATL0jVvj9Vdx5fEvEVaehLLCBup+e+broZgb2FoIDTsFHbQ+k62yF G4ejE73sQ3y7vSpUBd1r1Q0h9xyZvizmbAA8RvmdeaUsQQGsIb+Yv0fooet0+5pSQfCM tPcxn8UgFbvQPbb1To3MdCfxjGQR7Arhrtz8+hvRdwNNC+p7CzFWqZ6Vmv707miaHt+j EkA289EfeA9OS/PkB/75U5vi1vbh3/2kv7+6oF89NO/oHS9guzTWKIVZhqHXL8gb1Kdq QAcn1j+D+A87saH9/j0Y1n3/5O5S9aKkdimr99kmEoxIZTFlqxmeXLFXUnvtQXgx6h14 dp3A== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=amL7O34Xfs6fuDqcuClubvBQm0IbiLXUQ3AQ4bU8zrw=; fh=zjLAgp5pd7Lvx+BLlXQPozAYId/BjCidtXNdivyD4Ho=; b=e5bRgKYXFMWXn4DxckHR61tJzFRySS6ZCFxEhO5jFKtl+R0BNpcR4W09HH5v1BO7I8 GWMcM+d9gLRW7h7xKBI2LNdnKJ25xacjB5llg2dp9vB4kFRDrFc1n9Bf8+9rHoKJwwRL NYAdVUEVW1YghN/l1zeJT9xRTnMm+cUH3cg0z0w+XBZOTr848dlIpxXOw8I2y/iCD2YP Pft8uMLVWrvVzlRjj7Wu8W2jY/5St33a/ulopQX5utIK8t+P+g0vFJOw68JDryRHnas5 xB/vW0rRFFDCBk8K76g2Qkm8PM6NlY3fqs9E9ZyLf0gG77SaHpGy/oVBPDhKLQq+0LNU CAqA==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=uK7pgzs9; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204266; x=1772809066; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=amL7O34Xfs6fuDqcuClubvBQm0IbiLXUQ3AQ4bU8zrw=; b=ktwKYA9lfbN8QozFDVFTZvpXZtwq8QjC05kc/sWcZCVYdYULdPPnHRga6HS+IzDDHZ A4yX473Lpu4wTQgay0LqvGSptE42ttJumeEgLiWSFtOTfGMsDHf6otDWGqepNoGnsvFd 3YLBiyAW/MF+RRKPnafBoRwbenSWdkul/z4PfrH9egzUGex7x1kUs4tUApgXeUZrdP93 OgPBPwv9OzJE0KU8/fk0erQajFUSfRqawHQ4sfaRPh48Ef+8hbh4y6DKy+qmG0u+nt85 SuTE2lOYfpG4I35I0PgdDBgrXJeJg73q+5NV2eptzSFSdoRQ3I9RZINvX6aQ23ODQSqP AX6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204266; x=1772809066; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=amL7O34Xfs6fuDqcuClubvBQm0IbiLXUQ3AQ4bU8zrw=; b=UhtjGmL+YtIK0wqc7nbE6ibEX6rDAFfk3RWm+hWntUcw/OQUCiOcW7fH+zjEEh104w gy4jH78yxzPky/c9GZCe2OZ3B+ehN8+JK0r1CvjyyCeUIoHVxox3TnUH4xemwBlA4R/j cofuPOGQKIjQDUr6TlrVpAre5CuOHS865o3i/PmmQW7axNmuCZvhMkNx76w+snD0LVM2 NH76ahDylXQ/7dUnSkMUuVcECERuS3QNqZjrvsJGa21zQL1b2v4aBErsLwM0/MIZUF7k 2MnXdeMg1mX1yq5/DamYsF0oVtDVxa9WSV5npFGk8dX7f7jhJSvyJeM3DqPiJ/WwrkLy 8kNw== X-Forwarded-Encrypted: i=3; AJvYcCU9TNyrH1Icpe5vPriTvlb/HI/yPuNoPr0OHmtYiPCuNNeaskoIvXox1oswex48SYdSADuDgcI=@isar-build.org X-Gm-Message-State: AOJu0YwbitXZV2qFLdAwV9L0Q4YxSRlxpRsuLNX2o+TK5OUZp2gUSvww X5CpkuGgTUc19T4c3MHjtAncrKc/HwcBoKg9/s09ZebRoi/I1hrY/mbE X-Received: by 2002:a17:903:1c2:b0:2aa:df82:ed85 with SMTP id d9443c01a7336-2ae2e3e3cbdmr22812615ad.1.1772204265789; Fri, 27 Feb 2026 06:57:45 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+Hx/wAYK8Z+ubMEmV2BXFHXV9Mq/GJhtgrbZ3TJHAiWiw==" Received: by 2002:a17:902:fb88:b0:295:68e4:74d5 with SMTP id d9443c01a7336-2add72fc013ls21675805ad.1.-pod-prod-01-us; Fri, 27 Feb 2026 06:57:44 -0800 (PST) X-Received: by 2002:a17:902:f608:b0:2aa:d7a7:8091 with SMTP id d9443c01a7336-2ae2e3edbf6mr33896585ad.12.1772204263953; Fri, 27 Feb 2026 06:57:43 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204263; cv=pass; d=google.com; s=arc-20240605; b=frhzb8b0egLpbzQP3MGzJYW/UZL3x2q9ELVecBmqfZKATFYdOT3U2d2hbQsySKoeTZ el/5ges4yIN7xJP5PCtClkFPqfwC6yISVSlQs/sqgvztxJnnWaqOBIVz1ZrVpZZlSvv4 TYv2J/PmU5U6josmDNxt7AUzB638a32p8iMtafusvyrsRHr3YceZ8ItMTA6OloPXmoiN JOgeCm3Wj9QoBgSggfICAbwdUlwpbBTY868AURwRqqg0GDqQBem/uIHRFRYrlSZZ2D6Q zX6cNmzVwUM/Ygj8tXIaxWZGacblc0ho/GmW8x/55BFgyc4tYD+k+P30ZNd7h4Km5B3M cSNw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=8surgULo93BPhcNd4D94W9yOMSOwmYRfZmFqnfzN9vQ=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=gsuJwhyPOsaDFrEoDGa9Nk8Ug/mrdvMPmcLmdc1Gh8Te5v94wrjGY2YArrUnba4T43 NFptJtz8Vuwm+f+KnbR4ddunVegx4W+7gw/ugXqM5n3IT/5yApWlr/6NzSrhBrFz4gIE eYbQeaFxvsNWG2o4qn7r8tAiKvLynfHlCGWJon+SDGLX8OrRYcGYM/I7kqqggbntu8tM Hbl49WLt3H76yKhOlaMVcUaVfi66GNwx5KEnWSOTN6hfw3pE9WPHxv6N889eE813lV0J wKVvjhKzKQJ7ACueJJZtPQ1XRcBdFdJtkQFYN9jHdP9CH5cvhKesaYh/pF/361qn8zIp xL1Q==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=uK7pgzs9; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id d9443c01a7336-2adfb65d3b8si1703605ad.9.2026.02.27.06.57.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:43 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gQxoIpmzeLjcpRcvJsOiEDJnJTGRGuO1GsJm1JkCmcpO8DaUfGCuPYJiogjALtpiaI7Ln1TtPrhCRXjorK7zw3AYLCyPeCeO5BVZRqJfvmaA6e4ZY0AwCLaPwF+WTCNeHVHYE8mewVtIFckJS8e6hlINnT854cC3iD3YqS6SNs080tOkKEvrfmxkLHvIQiLDt2ovI464AtZtpt2+BWtavCnx4nstNKkQ6/DerpexfbyPH2AjbzK0PLsHAQQ8GmrC+fBMJGRDs9mTcKZDcLCh7q1uX2l/Xte0dNy0bkRuvEGK2XGwSmys6/Y5m13yPZAxVN/Z6lo1exdCRYyvykHk6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8surgULo93BPhcNd4D94W9yOMSOwmYRfZmFqnfzN9vQ=; b=cajQQaEu6huR1efqRVxuE6iVvWCqutMjbfp3oLSom8Kqrl2WyLHMtsbd+7bIGwBDMwc2zQ+xJ7QpUwJN1cagcsSdtK7ENN7+oOpjWL/srUww/Xzf6UWcqLReDHQBD3G9UYlcdwRxHi4tAkKMKs8MGJ3OGZODdf4v49BxXOhMm5DR7MymnKy5r/ch6gkMGke2/9RlYGRABMUgeS/FSWl3gUWLAwU5HiPwB6sUdOmlXUYa4ucB7pgt9m/9IS1gX1AzglugGXDlV7OtkdL8pfH6+pKx/pN2HAVDcXRIBcM7b+HqxdUazcEmbunD708/zisMWZDDJPwRRdJVK+7kc6sndw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:57:39 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:39 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 13/16] dpkg-source: implement multiarch support for unshare backend Date: Fri, 27 Feb 2026 15:57:13 +0100 Message-ID: <20260227145716.3794146-14-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: 166f74d2-533f-4741-2bb5-08de76108d07 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: J3ynYtnxslQYrjPTflkNbWarP55IiFJKrItg9U1XmYFT39Q5WAVRqGlrefEb6lWWgVpLRnZdsrpimz1GlnXezLtJm6mgXysdQ1YJEBnCQesrwlflIstGy1r3aqALedmn5bRMhUDAnlJ28dKZyPXE8oEVGlN4gdBb9rdrjIuwZTyX91KNjd+22VKuzfKnoa1+wKXCEIBIQLkELH8+BLQY6MumvPhP5ioHjCH5jsXsbujO9bioB7stsKt/Hn+XMt+aBQzMYiYXOVEh2NZBf0/f++mS97NnujR2RVPjxorOgwrErjV5jU8X16rZKeMYs0QYvIhOalLT7bzkiQhACSJaAYCeg/zDbiZ2Ocac1EhIQacYCw7fs9eiI1xzMqRx1c0w5pQqN6C/xj/ZUGhJjkNNJpBrQC3sVAai+9VJYYJzPnAD1a+C22KG3A1LQ2o6ABuc4OUkfSI6lH0bhbTuTHwQMyBAhci/dmcNAlIr0w3/Voew/g86zZPS40F+JQagC758nIJpc6mExyTSjccn88M8yT5ktQJ1MklLaZeWqizWCpzTVvR1tRaDHB13PNQnmj4TUYwYw66kXa3N0e0X7Ii9+FjnYkCr5hothJ8Vl4JbfCnoQCCxTGvQACn1/ShIjO3W8K/MedJK8cobB9XJwsqbp3mMP9D/vxZWrfCxPRnjD1gYOXg3phk7A8EjrB362v9HAq4Eh3WRUQJbSjvS+HuXMnCx5YBsIOW5u4vYaloHSRw= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: 4B52XVtPxXDRDT/9GokJHpSqc32MYS1tIbW/IJKtBncaK++B2ALZlevyw152ou3KoOnVjSx9rSSDI43mc3hDW+0SqT4ZXvEBde2WztX1gEyJbajSQRnHpqzOTx9soxJTMaYTJDkK1uo4OG/j2KLaPileAjdjCexfKr8ZIxSfA0vshK8e/KgCXYnheFFLWo0ZS2oqV5JKHQGcBPGtAAilY9n7cYiAoKYQySpj+jJgoXvkFG9uT9mDRY/34CpvoszS4lYLJuoqxPiPl9SLbKGXlAkb7OyN6C9jAKY3Ysv8Bl1IHXLpNsmPuJooAr5K5KcBLqaCDd2o1lPzoFGqTY3r4z+Fgwcw0RcmMS19VChc73W6SfzMcCeNCzydlbew47ijSTRC0UrH8aOi990zYRcC4MbJPbQzkgcTLXVYA8NL6+O6yjPKRbQWSxxH7yKjMdsCDddB9LiRN6cGhjvcwDc5MFIfuK6AjJMOwVSDblYADI3SGfPKvDG+d3guSsYiWrBUM0zDOL4LUgQg2HLA+fZD/M99jXg9gPeyp0I8CjhS0aMyelKtwn61LDaEXZ+7qwMrjnCF3vMU/gcZPmLqODrhRVjyW1y3cmk/E/9ohLFoPKkAZeqtMWcFl9ykfi4P2RysmoSlkgRq2xRZ+LCCfd2gr4KPDrpRQlsOSq7ZAxXdDuc97TTvQ7qD3R2cZg8R4LYtHSJM3UGfxs1tBeicoHo6Ut7rj3Io0ErbVuuTUepAne3MgE3wFLiol4bVVu39WWhyp9Kh1r1NDgEN8pdmgTIvMbK7tkSU4uw7TvdIactXd7qCjKTJ5y/4hHUd1RsyHa/xmZByJ7wh0tIy7qkkbmWz1DM92cRc8x36LiJ90XzMR8YRDorhwLuRD2VXJYQ0b0fR5YUexxyrkjb3205IKz7UmrggKmih+os0ElCOJePasBiyGV3AXjziu2x4y1lIODK1+s85KEN+lmo+ZwApJ982kQpvLI+ngFMUSBtRbdF2Y0bZTbO8wMjN7rzI4cG624Vpcf8SKVaDXrdkfzTo7RFEHNIwSls24bC38bFx8VL99i7JLYyhVMGybT7X7bySIpXUAiW48HfPN+1TyJNTrxB2GkRwet3EmMhhqu4g2kowpICU4h2bF/JtPwEm/IdY1uEFMTFf568jUXwJu7q0ajIy2a9F9NWz/UPYUHERJKqgeLF7Af92Y4IkPuApas/1UfF+0TOm3ru9rXBjStqRxUTsyaZXJGI61GRJRYrZhEMbBwrTgkUveedktM/CRY8nLZlG+Eh169hQQQlxo1CGB31KQi/Z04KzKQfxrW8MrtyVYQrLBh8rtdtFOFZ3CQQ2PkDfI1wnkt/XVRwQa0SwzojjtPw4/WHX+NEC/zocQPlzJJRUod/S1xvHlwFo7NLwCiO+OXVmHoYJp7OF13SbMhx8tEUYTPgcF39Imk7tCSHg6+lfZ6zUZ3NvYesQZEv89LOgXWA63JB+FAGL4KhDK4NX+nKq3rvb0a3cIaEBTEZzTOH7kUfp7LTeqx4myUfC+FOsJo1VQoh5UZVcvQGnwN63Fbmh5vyakNumJffGCDeMjT6v5o1R2x/eiJyrJb+V5zdiw18VqUcoHf4MYxc9eZqla10fNqWHNWUpjceHIx8TZgcu9nUCwIILD8ykfRv16lssdKw9sijSJvknFKD9ry+KZYY4Am/xqtyFpVcyHZojmVu8XbaC4UEma2XAYutDIWiPvTBmjRtgmh4bywTdzVpGv+S48ATRCL0Jekx1dKQq3Brs+AZhOOTsrtxIBsKWBQxBCgvX4iTV X-MS-Exchange-AntiSpam-MessageData-1: qOdNhgMors5KyHzYx3YwBpCxJAWz79xeRjs= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 166f74d2-533f-4741-2bb5-08de76108d07 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:39.2323 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: BWCrBX2FDMpPDdIFrpJAJlgTvjcD9Zf9ekR5MjEeJtAcG2jNmsLXUTEHFaSVKbK7JvdxGg5iiYSMBahFqfPd1k+RKWCtdqAEeSUpRlg0mgg= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=uK7pgzs9; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= The fetching of a common source package needs to happen in the chroot. Previously we only had an implementation for the schroot backend, but we also need one for unshare, which is added here. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/dpkg-source.bbclass | 38 ++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 4 deletions(-) diff --git a/meta/classes-recipe/dpkg-source.bbclass b/meta/classes-recipe/dpkg-source.bbclass index d0809477..539c2992 100644 --- a/meta/classes-recipe/dpkg-source.bbclass +++ b/meta/classes-recipe/dpkg-source.bbclass @@ -52,10 +52,7 @@ do_dpkg_build[depends] += "${BPN}:do_deploy_source" SCHROOT_MOUNTS = "${WORKDIR}:/work ${REPO_ISAR_DIR}/${DISTRO}:/isar-apt" -do_fetch_common_source[depends] += "${SCHROOT_DEP} ${BPN}:do_deploy_source" -do_fetch_common_source[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" -do_fetch_common_source[network] = "${TASK_USE_SUDO}" -do_fetch_common_source() { +fetch_common_source_schroot() { schroot_create_configs insert_mounts @@ -83,6 +80,39 @@ do_fetch_common_source() { remove_mounts schroot_delete_configs } + +UNSHARE_DPKG_SOURCE_CHROOT = "${WORKDIR}/dpkg-source-chroot" +fetch_common_source_unshare() { + run_privileged_heredoc <<'EOF' + set -e + mkdir -p ${UNSHARE_DPKG_SOURCE_CHROOT} + tar -xf "${SBUILD_CHROOT}" -C ${UNSHARE_DPKG_SOURCE_CHROOT} + + ${@insert_isar_mounts(d, d.getVar('UNSHARE_DPKG_SOURCE_CHROOT'), d.getVar('SCHROOT_MOUNTS'))} + chroot ${UNSHARE_DPKG_SOURCE_CHROOT} /bin/bash -s <<'EOAPT' + set -e + apt-get update \ + -o Dir::Etc::SourceList="sources.list.d/isar-apt.list" \ + -o Dir::Etc::SourceParts="-" \ + -o APT::Get::List-Cleanup="0" + + cd /work + apt-get -y --download-only --only-source \ + -o Debug::NoLocking=1 -o Acquire::Source-Symlinks="false" \ + source ${DEBIAN_SOURCE} +EOAPT +EOF + + # run cleanup in separate session to ensure nothing is mounted + run_privileged rm -rf ${UNSHARE_DPKG_SOURCE_CHROOT} +} + +do_fetch_common_source[depends] += "${SCHROOT_DEP} ${BPN}:do_deploy_source" +do_fetch_common_source[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" +do_fetch_common_source[network] = "${TASK_USE_SUDO}" +do_fetch_common_source() { + fetch_common_source_${ISAR_CHROOT_MODE} +} addtask fetch_common_source do_dpkg_build[depends] += "${@'${PN}:do_dpkg_source' if '${PN}' == '${BPN}' else '${PN}:do_fetch_common_source'}" From patchwork Fri Feb 27 14:57:14 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4942 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:57:54 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-pl1-f187.google.com (mail-pl1-f187.google.com [209.85.214.187]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REvqRl015909 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:57:53 +0100 Received: by mail-pl1-f187.google.com with SMTP id d9443c01a7336-2add1118c19sf13136085ad.2 for ; Fri, 27 Feb 2026 06:57:53 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204267; cv=pass; d=google.com; s=arc-20240605; b=F0cvCE00vuW1xZwC6oUDbRqrLohJYuKqcsYFalPamIFrNnog1wcKAFzRxbVC5MA9uh ID1O3UZk5zPdlOOCX51FlOub+VcwE3hREkKMbk6wlwezRf7bNgHKjMsxEhxANPcgZHhv /WhX7/2gd/ee3Y2Xf5oZXcAQNBUn5jPk201p49+m2g/PnrpMfv5IBLVOfQeoPPiwLGpa zURsUjo/pIN70Ubt+1LDDlRjzEIrmvUr4PryLG09nb4o2ac0aIFK9qw8um4gjhXsSlXq PE3vDMNHu3QuRQeqvEFcybK4rn7h0TeMiR2qR3yDE03/1FjPcWN77P8o7cVAtT4YHn2t R2qg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=Q4D8U16YdxSml+JRrIOf7p0a40sqA6Da1J8qH3TF03c=; fh=/xGSYblIus/bR1kg4f77eQN3+MqsD07WtW97LrV03yU=; b=cc3zF3XYc4b0eUDwi8Ps8LG1p8L3H+Kcw6u8v50lhM5MHs/MELqR51+nMiBZvXGtNQ xaaBvyNy6+JWfpjKQz+cjB5hOkzBc3N+uhpnJhIB+LQUDJqRZLNOj2rAy4bjILLEBc6/ THdqXdnt1E+sZZzQgbC0hafGch1yUdx7Zh8vyaW61lVZrLj58EiYRSTWPgnlY1pL6rNt 8huYOlizgiVoLEb60DGlGwwly+boTitpqOYUUrb/hYNLAWnbbD5gOUu3Nv0+wWlZbyml BRBUMKIsg8YvQ3rClGz5dwKc02Pv63Yd9pFy35+y9hpwhKpzJd/ukb5Jz5XVd9maXBsp yG9Q==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=KiS1wuv9; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204267; x=1772809067; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=Q4D8U16YdxSml+JRrIOf7p0a40sqA6Da1J8qH3TF03c=; b=fIUfU5TksFfAcj8tpedZn2DH2TOKrMAps9emKKP9eZl6vvCca8LVlRjDMVTvN/g8x5 lOeJDk1UAbNXa/50MnG35IuqbnePT/ZXfgsHju6ppNGsLjZgWGvSTil65QKeVwm20TVq KjMWH23Dr+pVgIW0MhmFAx0/+f1rf356emDcfXn22Joy5k6GvXq91oAkOpIknjh82qpF j+jZSF63pUIcyU2wXSrsNN/B6liYMpRQGjtVWqRaCfiFZIpqfjdVDrkFrB8M3v2XeZR8 N3+2Rr1t9WX/0dUzJS2AvNGK2GpEmFTQtlCJzn69ZgpH2puhN5fgt+hf06vZasynp3YB vAsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204267; x=1772809067; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Q4D8U16YdxSml+JRrIOf7p0a40sqA6Da1J8qH3TF03c=; b=dGMPDPAjgkil2/hRJVVpGJDkV2obbOEw57zts3L7+z/r3ugKBcc3OzOQJZAyCYU1Cb phkMs4hj6P5vaOjYcgC4rFABY6sfmD+xfPiiqhj75VdR8RTKm2HjkSzHIsF90p0zyBEV puTiwhsPWHM3rnzt4EXn0Q1vbybK2Jo98twjnv2PVhbTgoBitYPfK1S3GczZfqZmr07j ggCK/BmAiy3wsmyMSvTVXwuRPDnp98hv89Gxm6axO9J3gORgspiihGFV2g47uJEgkHiA 2LHuFoaFseCgG95cM+Yuuea6ZVIiMSHrn/LLwpI8+/Pm7Ozp6+pQA6y2/jgUGxp87mit COnQ== X-Forwarded-Encrypted: i=3; AJvYcCXKmdWNijbwx6QNvhAQRAUnaDysDouIUu+wZ5tIbUUzdYhW4tDRvLaYO7S0/stjGrebcND8vPI=@isar-build.org X-Gm-Message-State: AOJu0Yw/SQnhat8iEwGQyIoo9K0JnupHyHvJZm9ayp2/zSOKuPTlCjp4 3vybBr5Tt5O07QevbfN55sCMGmsLPe+gvGYoSW0M5NfnIH+SUj4ASW4i X-Received: by 2002:a17:903:1a6b:b0:2a1:3ee7:cc75 with SMTP id d9443c01a7336-2ae2e3f047fmr25799885ad.19.1772204266903; Fri, 27 Feb 2026 06:57:46 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+F7wMw3au19LpyMo/8AgHuaJtTM8u9tnLMj2xYdJ9VoGA==" Received: by 2002:a17:902:e805:b0:2a9:2fc5:d06e with SMTP id d9443c01a7336-2add73f29d9ls26935265ad.1.-pod-prod-02-us; Fri, 27 Feb 2026 06:57:45 -0800 (PST) X-Received: by 2002:a17:902:f693:b0:2ad:e975:4736 with SMTP id d9443c01a7336-2ae2e3d5cd7mr34258565ad.12.1772204265227; Fri, 27 Feb 2026 06:57:45 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204265; cv=pass; d=google.com; s=arc-20240605; b=anln4nwmfUYCEV8K5+/I263pJdqKBnac3Q9umIVmVhFsLQ23gO+L/wlUgAYuMF/yhf K8lXXVX2HIDBxsW++viRzBa0GQChy4jjZ/13To8CjIa4prv7qMFiihOHi6Z7ySQRzf9r in4vOT6xskFq5rQuZ60IcviWJvCIr0mHOi1keI44cCbj3JWChRvPye8hSficypjRp//w +hi0A7vCoOpqIRheD/1QPeomOhcatge8e84q7eGiqNGWXFNAXzWw8pFXsrlbPzbqPNUQ TU/dECBfGAJhB8hBpqMwdc8kffhfmYpmFl7l3ZlH4eEXu/9CLkfMftOiN8GCAdsTxKmD crEw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Dw2RN0D0ziMOY7aeC34ixEpenP+TUcaEs2QEz4g6AW0=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=h7kxgVPhtLDPa/07tSUWHu0oHJhXb3whbpOY3IQPrbabQxfJ4fUw1Rxk/Xp69IknfJ nesydesNYiN+Rhwuh2bP3S+Tb1eTe8X/DJakkDN1LiR3LFQ30meO9aFi6T2M5ARMZjej 1lcWA0Q+X/f8I0qHWVxhdXxRgLcSGQxEe6fojXNLa5ntzkHltySAp08IfcaU/o85FC3h CYErCJp2KEQW1QkKU9iDtvPhrH6MFMUhWL2wKIGjfCdnNVBO0SUwImjr+xHjacyxlXJg uHPGSs804d0K+wwIFRFcUMBXP5wvdOtR0S+tvsnsW4ATQHWTB/hcUR7bRP84ii6ACksj pf5A==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=KiS1wuv9; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from PA4PR04CU001.outbound.protection.outlook.com (mail-francecentralazlp170130007.outbound.protection.outlook.com. [2a01:111:f403:c20a::7]) by gmr-mx.google.com with ESMTPS id d9443c01a7336-2adfb65d3b8si1703605ad.9.2026.02.27.06.57.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:57:45 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) client-ip=2a01:111:f403:c20a::7; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=rzbnhDn53dZxv5PShF5FPPv+sfBICyYyCn7vrOOaenRgs4DKx/Avf6SbxuV9P/KxFlPdng58yrFY/+uUnYKuKUIuN4eivHWLEfqYpPOErLZCpGvTrqJeeReRgkKUXM8FMTolRloyCQlz8H4MagrUu+LnriX8btywRHUHC5OIMWi4ZyJuGzbVL50QdjA95ZhZKmWG8aXRcYR7W8zM51OhC55rzEiPRM1rRntzXM7a2Oqykpqy6xesAmqrpy0if/vGv5PIufn34nseEWkyh9tJWb22QIc5tQBjrB7XZiz3OBg4A5pJNh5MhLob6tBZjTyGuji+7uaReXzlAASSh6t0sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Dw2RN0D0ziMOY7aeC34ixEpenP+TUcaEs2QEz4g6AW0=; b=uoiK5Rc8FeO+4egnvBM2JW5ET7STZcPBFiOm4XgXPGIM0UOYrSnnlal5B3p2Kx21UUYlaI8eVMzyHP7z5lg34uRgqQQyBEgKTMbL9ssOT3KXwcig17K0q6bWSbIqtjF6uvAjEbR715bGRgUI7/mi1s8o5bP7T2elWy84cTTp5SsSjsADI0CToNV+eLUTKoUo0VnyFG/38stLSjR6x0xzJTFApecmIOb87Y7G+Zb4+O7U4rxKvRTGm4UuSlErhKke4M4/q0mWHAz5O+ROFupCLKuYFMmJhCHrPfIoMbES79OWvX0GevJ4TV0/i/d1jpEtmjYtmTPRrpAefAqyi5XvJQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:57:40 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:57:39 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 14/16] use copy of sbom-chroot for sbom creation Date: Fri, 27 Feb 2026 15:57:14 +0100 Message-ID: <20260227145716.3794146-15-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR4P281CA0274.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:e6::18) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: 27248f6e-eacd-4616-2206-08de76108d66 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: pQFmjah8O8Zcnj9KqiKvb8+aqg3MN2xd/QUQPH5Tr3gZVfFzA26XLKg3LTA2YdeZ4E03GYAnqLrie0NDjdEB863hgmf9TXwLnSnFRsmCxiFdC0QJC/KnmltUoArk6INxDmpBpCgzEB+a1nCs84PIbEqfVJdE3dEib/1IPoxPOTaxd98NDaODflMZ/sOuAGNZ4fs96THgLEj809vOv71s5xzDkrhiyJyd+7Pn0Lpg5nuDiNid1g1o5w0P1PhUStTVVZPOm28HpFxaRWMpxTjWb0EeTw+uG8dRuKJe3tqHF+Rgq4YMdDUtJynx/rTS0RvGzxgaNqOJc076tUlZSgx8vVnSxfGKdUvoLklIGlZX5T5o+J1jh4GMht4c/RFQtqsdptYbT6nOGNEktmNC79TPW2+/HCoOlCQYQKoz111cRLXeHEdWklJASNOMMa2flm9FzrkmnZzB1L3286oVQM9iAfdWTDjYXM95vUe4VaHnIBYnd40xkMzmYV+kaWBVLOrT9v15aoNUfYibZNKcHQ4IHq0J2HfYCwdMjmZkw8F6Tp5lrbH11CEwmuAXJxxUkNTBpaoSJCGH9u+kXgtfkQAXG/O6HdsbunvNmdGK6jmV9LDjYPFv5a2oPx6UONsmzc0iBYMG1OjffevUBzGUHvvZcThQ5aP2Iqc3XeBW/pFetL0HD7BMCGQl8IKE8224xule X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: QWFq9FKdEoAyXMiLD9m0kaQY0c9l2qTVwtOTe0pXLZmheSCkFFIzCs381po5OA+n4zR7pjzNpfTqqxtFDhmVa6+QDbqXN7h4N/MMmqkg3E3rH7VjabM+ALZvN6/RW0kPSqc+xyH/2EyIQUk3HrVx8cKPNMqFZ/AWJrKTQPsVuQ+jI6mHV0S+2/c3/giaGgp2qZ/b+DKPNUN3ZsVEPoqD8bk/rnC/+MpHyQ5YKjoc6VhDWIPEBEyyFgaiUA38f4Sj24dsYKpUkK+bVcyK140NCbHr611ggF5eMZGuQWoZHcmu2iwcg/Wj7GzKzN4l0HxziW3EzI8vbR1qSZsvMYOvegfN9h4IYTEDwSNPeXwn8VV76WVVKaJZ5UyOyyOZwrMBHeKXSnaCO7MElgyEqrnybbl1AaYTHyOnbuBqS4v0u7DZ67OABNffQzIDSAXqrLvp4u07pc1wFlxmiQXTW+jvukc6r6h/y0CG/QbNpX3P8IYIreZ/HTdXsAD3Q1CwsJWrUqoPaJ0iV2bi0s8a8eLauDYMrpbZqchBragQEiG5OiHhmRpYXGu5doXAKuUDNbfeRU80Rn4iILOScLpaGINLVId+12LiCYct6MdFaKekUKYjmytq5Pnx8Fig6DE1nAUDziqke1MwV3epsvKmxhrsnOIxWbUG4gbKzw4V2EF9UNBu7xnHLSDzTYd8bMLnkGcaAHDWn60u/5i9yMbCayDpEY1fmgfKYFBifmwt5n0nkbl6wBwF/8DdQiER3Ruik36f4kL4U0r4YIyf6DPwGn28kmSG8aoOVBuFAeFsj4y7X/XmGThyTD+rvTReOFmInFQsuSMk2dmpBlSQL6AM5EEIseiPxRLGQtyhcnEjJ//S+P3p4dC4yvG7ENVIkQ8zcIOL2iyqh0hrZ24f8JNj6yQ7ocg2iJZma1ujpmjpmI4sx8Kd/hZoh/P8MF8fMVIrreqLZJfT0cVN+WLZeqV959sCwOAJuZCSfiLUgzCaW1y5ZZmidxT7EguLvTMROoPzmu7FtWsmNSbuRJTL+sM910sNxvJHvfLBbAudRAdFaTK64KNmRcCHwlhyAeHv8HeMQ+MaALPor7QRubisuX7NZFwCsQykE1uUL1IZ6ZL82QkEzu5MwPt2LA5gjZEsd/NXuHSkHRUxlBRVD5dhPjdXengltXmKONvrqGGSkSwObdd+HN/CyOUTm1E6B+mTgi/cQEmcawGktFAtu65cVv+ZxZXihTn+01uPQ1dq8EveidR/+gPAbxswXDLqDy3N7Owx8TeXDwc7K7HUAl3GK5hAzYmaFjuLWc89ssdg3/LvI7gvjLmX6X+JNozoA9PuXIaUng3XnUKGPEX8PWEOyjLsvwNV3Wh2snv1JpmyaY/k14hbDqIgKJ5K70cviUWwVJtfmuLTwr00579clfIec8VT9iK7IuyhqBYY85jv32v4e6PASB3WGiefvOyPkXfaJGRbPTRBIbq2ctP+KtSeIszXk/KZqhSRHm9/zuhkSLkWnnoERVRR3G+jvFEa/y8GELEsCTpjCLTE1bblazjojOI1D3H7M+lJDHYop8V6HHl0s2GmeC8j+DayBM4kYbmwaEc04Mm+sdAy/9sMIaF5+VMixkYB0XSu8y3BXvqXvdbuMRz5Bdja9VBGzuoVpSN9cHvXmqIc4C5877eoXMPhXaRMa8J59MBhY3z7HcDzUZNUG3VZRHjSTNef2kwA5UPqGGMF87hHCyjomWdgN8+pOQPC/O/bTbpjJJlrHnAQpf8sPnDKxZcLNF5wH6RlHsCH7sVOCjM9J+9Tu3EU X-MS-Exchange-AntiSpam-MessageData-1: /qrd8GoDvCQJctJa1FnFhB8S80EgPu985zM= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 27248f6e-eacd-4616-2206-08de76108d66 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:57:39.8999 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: MuERVmbRskQ78hK8qzXYeTCBL0CkG79psfAKu/4vbrhh8Lyk+gyRmvTtNqQK6PMwBjTZeztaLAoBkIbcdsFtoQEL7SV47sBOWYQR0aGWGkw= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=KiS1wuv9; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c20a::7 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= We previously used the same sbom-chroot for generating the sbom of different root filesystems. This required to have a live copy of the sbom-chroot in the deploy dir, on which also was operated on. Further, this copy was left behind in the deploy dir. We improve this by just storing a minimized tarball of the sbom-chroot in the deploy dir and extract that into the workdir of the rootfs. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/imagetypes_wic.bbclass | 4 ++- meta/classes/sbom.bbclass | 28 ++++++++++++++++--- .../sbom-chroot/sbom-chroot.bb | 11 +++++++- 3 files changed, 37 insertions(+), 6 deletions(-) diff --git a/meta/classes-recipe/imagetypes_wic.bbclass b/meta/classes-recipe/imagetypes_wic.bbclass index 9f1e3de4..20afc615 100644 --- a/meta/classes-recipe/imagetypes_wic.bbclass +++ b/meta/classes-recipe/imagetypes_wic.bbclass @@ -205,9 +205,11 @@ EOIMAGER | sort | uniq > "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.wic.manifest" if ${@bb.utils.contains('ROOTFS_FEATURES', 'generate-sbom', 'true', 'false', d)} ; then + prepare_sbom_chroot for bomtype in ${SBOM_TYPES}; do merge_wic_sbom $bomtype done + cleanup_sbom_chroot fi } @@ -222,7 +224,7 @@ merge_wic_sbom() { bwrap \ --unshare-user \ --unshare-pid \ - --bind ${SBOM_CHROOT} / \ + --bind ${SBOM_CHROOT_LOCAL} / \ -- debsbom -v merge -t $BOMTYPE \ --distro-name '${SBOM_DISTRO_NAME}-Image' --distro-supplier '${SBOM_DISTRO_SUPPLIER}' \ --distro-version '${SBOM_DISTRO_VERSION}' --base-distro-vendor '${SBOM_BASE_DISTRO_VENDOR}' \ diff --git a/meta/classes/sbom.bbclass b/meta/classes/sbom.bbclass index e3d0e702..d45ae54d 100644 --- a/meta/classes/sbom.bbclass +++ b/meta/classes/sbom.bbclass @@ -23,7 +23,8 @@ SBOM_SPDX_NAMESPACE_PREFIX ?= "https://spdx.org/spdxdocs" DEPLOY_DIR_SBOM = "${DEPLOY_DIR_IMAGE}" SBOM_DIR = "${DEPLOY_DIR}/sbom" -SBOM_CHROOT = "${SBOM_DIR}/sbom-chroot" +SBOM_CHROOT = "${SBOM_DIR}/sbom-chroot.tar.zst" +SBOM_CHROOT_LOCAL = "${WORKDIR}/sbom-chroot" # adapted from the isar-cip-core image_uuid.bbclass def generate_document_uuid(d, warn_not_repr=True): @@ -40,14 +41,24 @@ def sbom_doc_uuid(d): if not d.getVar("SBOM_DOCUMENT_UUID"): d.setVar("SBOM_DOCUMENT_UUID", generate_document_uuid(d)) +prepare_sbom_chroot() { + run_privileged_heredoc <<'EOF' + set -e + mkdir -p ${SBOM_CHROOT_LOCAL} + tar -xf ${SBOM_CHROOT} -C ${SBOM_CHROOT_LOCAL} +EOF +} + generate_sbom() { - run_privileged mkdir -p ${SBOM_CHROOT}/mnt/rootfs ${SBOM_CHROOT}/mnt/deploy-dir + run_privileged mkdir -p \ + ${SBOM_CHROOT_LOCAL}/mnt/rootfs \ + ${SBOM_CHROOT_LOCAL}/mnt/deploy-dir TIMESTAMP=$(date --iso-8601=s -d @${SOURCE_DATE_EPOCH}) bwrap \ --unshare-user \ --unshare-pid \ - --bind ${SBOM_CHROOT} / \ + --bind ${SBOM_CHROOT_LOCAL} / \ --bind ${ROOTFSDIR} /mnt/rootfs \ --bind ${DEPLOY_DIR_SBOM} /mnt/deploy-dir \ -- debsbom -v generate ${SBOM_DEBSBOM_TYPE_ARGS} -r /mnt/rootfs -o /mnt/deploy-dir/'${PN}-${DISTRO}-${MACHINE}' \ @@ -59,8 +70,17 @@ generate_sbom() { --timestamp $TIMESTAMP ${SBOM_DEBSBOM_EXTRA_ARGS} } +cleanup_sbom_chroot() { + run_privileged rm -rf ${SBOM_CHROOT_LOCAL} +} + do_generate_sbom[dirs] += "${DEPLOY_DIR_SBOM}" +do_generate_sbom[network] = "${TASK_USE_SUDO}" python do_generate_sbom() { sbom_doc_uuid(d) - bb.build.exec_func("generate_sbom", d) + try: + bb.build.exec_func("prepare_sbom_chroot", d) + bb.build.exec_func("generate_sbom", d) + finally: + bb.build.exec_func("cleanup_sbom_chroot", d) } diff --git a/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb b/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb index bf6d6683..fec1f502 100644 --- a/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb +++ b/meta/recipes-devtools/sbom-chroot/sbom-chroot.bb @@ -27,7 +27,16 @@ ROOTFSDIR = "${WORKDIR}/rootfs" ROOTFS_PACKAGES = "${SBOM_IMAGE_INSTALL}" do_sbomchroot_deploy[dirs] = "${SBOM_DIR}" +do_sbomchroot_deploy[network] = "${TASK_USE_SUDO}" do_sbomchroot_deploy() { - ln -Tfsr "${ROOTFSDIR}" "${SBOM_CHROOT}" + # deploy with empty var to make it smaller + lopts="--one-file-system --exclude=var/*" + ZSTD="zstd -${SSTATE_ZSTD_CLEVEL} -T${ZSTD_THREADS}" + + run_privileged \ + tar -C ${ROOTFSDIR} -cpS $lopts ${ROOTFS_TAR_ATTR_FLAGS} . \ + | $ZSTD > ${SBOM_CHROOT} + # cleanup extracted rootfs + run_privileged rm -rf ${ROOTFSDIR} } addtask do_sbomchroot_deploy before do_build after do_rootfs From patchwork Fri Feb 27 14:57:15 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4944 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:59:02 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-dl1-f62.google.com (mail-dl1-f62.google.com [74.125.82.62]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REx0dE016463 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:59:01 +0100 Received: by mail-dl1-f62.google.com with SMTP id a92af1059eb24-12711ec96fbsf44467207c88.0 for ; Fri, 27 Feb 2026 06:59:01 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204334; cv=pass; d=google.com; s=arc-20240605; b=BY2tEzgiOD4mTDSqqf71eUQofmrUBVD0ESpPwI0tc4dlwiRmrdvo80vzIj2i58WTxH Ym3dJ5LRN1DoJ0liOC0cNb6KJPSYFqjUbpLhZ4xBx7roZcbt/6ShAk0lIL7n9g0SlCtV zHElmOKQ1VVk8AikJa4v7nszLgw1dR/1qWWbesri12qDwVijyTXw6gqdQTpMJC/b5oD/ ylzva5CyzbjvhxsFZ37D+1D8fiJzb+PZ8zgjeeXY7ZeJGoJQHdMVaXMYM5+xyh5kFaZP UW8VfB0rQsaFo50Uzl2jYKHopH8xQ0YN99lPkeQhRn4X07PLIO8sRozPbLylktf3RwUE x1zg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=mwENX54RciC1SuYAppcTxb5Apq3ld5JM1EQIuVGbYG8=; fh=Anec9SP/uAy5BJi3CD+F7EpDZYx+oO9IbhvKP0qfFJ4=; b=IMbQA/qiybhVkWzbn0OvCFW+rTYsW7qlC3ccFw7srDjpivQgSY0oF3uiwDB0i5o8sW vek3ef64840IHTxVTv24DDNGf3H00Q9KwNx+LaqlV9IHWIpyBgJk/04mZwt9qJlJSH/4 AtyyCiC+vmY+JhvzlS/xg8z7PYtYNCv/ElrP0s9PCRSmCW6D7qWU0h99HAr8c2eFzzC9 Irv5lBdtZliw5IQ8eLIwWjipLh/VENziZlNdq2M1z/TxUdlxEbErai8Nd9qqgCWaz3Nj Ni1XrEDgYXIvxKC7VlFYYQ5WGZwPwAiDyrOhTb4YyIU+1MunTcatxdnyM6AoQUR919gH PANg==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Ws8ZcrWn; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204334; x=1772809134; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=mwENX54RciC1SuYAppcTxb5Apq3ld5JM1EQIuVGbYG8=; b=tOcRkLXhabRZrW4s/ljUgJ8UGFB8jB7OC7QqRM3teZ++Q15SGimHdcAa4ZBZjl0ese MHSIh+MDlWyvxpS2+j2NjPOhd2usapeMxtVhTYGV3F6YAWN5CIPFQzapB0cwNwt4u6nV DsfvH3FCxo4KV/kffJa2XiOH0sQHAWkEkxscHdbG5mGaVaYyQV1UM5xJ4ypQIXbOT52S nfyM2uoEGSt7ysZH4jWx+9p7Tm1nODZZ4u3h+jGxKINdQ5idrW/nsIpiy0qOrMi9QgMx OokMM39KZ234A4KJHOdMG1qcDj0hO6Ngdnzcz4rXIz+CJD1afejxQH0aBELb2gKZjqkA 2Iuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204334; x=1772809134; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=mwENX54RciC1SuYAppcTxb5Apq3ld5JM1EQIuVGbYG8=; b=A0VVpEe2wb4naFsAkD5pbCR+t0LdUdc/Tfskyb1GDkB1BGCAdJkjiBJiXg/ZZP2sOT 2wgazPWMI5FnZxeboFn57qURNzzfTmyJhLnDA5sFXBOrZa7ZQbRQYOu8gdrX/lTNeNtt 80nSENH9wO11Jnbn4QY/q7rnsHKLpIDVfqXPdMU0JhYLGqXGwn0gi67HaUbBfrCRSJKl LZ9Z2oPb8KpSjnJMryeWDZ9kYdbqvbAu4bx4SrjlLVxT+eq46KDpKLbGyRfLGNGsxFv6 hDh0dMByyNE/+mhU3VN9/OU2GlIT6h1uoOiS3T+SqGbUiqKrK0fkgvIxyIUkzoQGIbM2 /HEQ== X-Forwarded-Encrypted: i=3; AJvYcCW3heRloHk3OoeRPHEjunmsRJ+gk3ezMBesfz4boxdZBBe4clZAqntpvuhSApGruIia66PwqUo=@isar-build.org X-Gm-Message-State: AOJu0YzR5U+vKl4dbIuCT8M7aNCwt2vcs0HcA6nSJZb229FUaEO2d6RK xUF5Z0objj9snI0P+x4zyYLmLAYRTHBin45r70Ou2J6tgmqq1IM5jnKF X-Received: by 2002:a05:7022:aa3:b0:124:9acd:328d with SMTP id a92af1059eb24-1278fcf4a26mr1316438c88.22.1772204334342; Fri, 27 Feb 2026 06:58:54 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+HuLF2W2eXLDz9v3WgCVLgjXo5xVqNx90n4h/bREX9HLw==" Received: by 2002:a05:7022:45a5:b0:127:3c00:dbc5 with SMTP id a92af1059eb24-127825fc9c5ls2391940c88.1.-pod-prod-05-us; Fri, 27 Feb 2026 06:58:50 -0800 (PST) X-Received: by 2002:a05:7022:611:b0:11b:9386:a3c2 with SMTP id a92af1059eb24-1278fd58445mr1137472c88.45.1772204330273; Fri, 27 Feb 2026 06:58:50 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204330; cv=pass; d=google.com; s=arc-20240605; b=S5u0NIvT+jFSfG9llxWy3VuT3ha0Ij6NMssGioyndUHrwhBKTcy+ordCGNOUtAxb0j /4PsSNfp+S/Ab4sRcYVW06C580vfohxjpgMPHjt/HyvURUVfIVD/1WOW8fj7QTj4AZ9c MweUPMHH4gVRz1Wcp5WDgOgH7v7x2/5Knd5tj+bKa22rh8V+yONlxMVlItuf6TsClnAr koJxdyzQ22b+E1lLhnhIjWlAIygLZg84Fji6apzQ0MKYVc27tBBqU0Ft2hCyqk10m1Uv PjSRRNOLgH62yRPjss8ra1BsQZ1uP8tHhJ2mZwCl0b2Q7BcE0W+p6Escj79pNW/JaW1T 5H4A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Q7Wgo9LnjkCPkHB+wZaSA7TpTM2bjXySdn0uIV9wCoY=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=V9EQVuG2Aps+Q3ION4GSHYSe5fzCte4h3MM9ECi4ypWRZXM5vIIkAQR2BwBGLFWi7v pffqxNfnbcjJqa7jcIYGGAPp+bnJGFqEk9Q+n72CmAcnCczJxPXarYNmc6EbbAiqBXU7 bE/91CguV8elBcks2y7uzkn4+zy6UxpYLjo8j3mCOZXPuAUJG0nU+mR9yBwDZ9lDWXJU Lm8+jizNRuOoahaZK12gLjm0DXMGOin6VIRUaHp/h6lvePPZ/D/UqQVC1bsColKJlUx1 9MaF2AgSkb8A9YZEqdBVhIaHYEpDYwksnJBw2Zax57hQgUphO2rH2Akf0K/rfC9KVaP5 L5/g==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Ws8ZcrWn; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from AM0PR83CU005.outbound.protection.outlook.com (mail-westeuropeazlp170100001.outbound.protection.outlook.com. [2a01:111:f403:c201::1]) by gmr-mx.google.com with ESMTPS id a92af1059eb24-12789a17464si174803c88.3.2026.02.27.06.58.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:58:49 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) client-ip=2a01:111:f403:c201::1; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=k+PnA7Hzk0kGf6ejWcziAWMPWBDZi0bmn1J67CcMF76WS3/cwL5MezogriKbL+mTKfriaVgeeVDIHxDtZZWuptdUqdRfTr9+IBG+FCLhbZ9KXrv2MBPJtGoy92ZXQFlJol6kC5sdon50hYQIBLbIdB8Prid8V7iixiZ2WvlkH1yZb0qq023hv9HTVI1mvosje972zTr6yphCTaeRl0NnaLUGk8CK//c4Vu/jDhsRtdHN9Q+UtBbo+vE2D3E3NeHSsNHPAsK/RleKoEk6JuH2qFShiP2kxbPIyCjJhG7dLBI2yYNhMkazhH4GndaTs17piKkLEb1NkU8iztjShvGWVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Q7Wgo9LnjkCPkHB+wZaSA7TpTM2bjXySdn0uIV9wCoY=; b=K9Iya7ZM4Hwc5P1RiFbG0uXkD+RbzyCeg+38fpbEbYjBdpTIi5RJw/Bd9YlB65Te6Sd6wUJBp/SgTDQShOh+qmYB7GNwG80U762pgL5p2+NjwzkaVekNRdt0p0alS190lxCio/4WyAqpJ7qOBxDJm9TKoujdSkdEpvkqO+SLOdmn+qNZ1lUKbz9rw8JGeJ9+1PKxuHaywUsHDsyAPaN9sr2juBOP2Swnozau3gvxO8i3SRubtxhomne5RJ60RQjeijrK2sf9yQZKupurtaKv0y8WaKSTPKYstINqvS2xIPRvwsckUovjekyd1JQs2c+r4QU06v1OYnpxRVsGy1R79A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:58:46 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:58:46 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 15/16] add support for devshell on unshare backend Date: Fri, 27 Feb 2026 15:57:15 +0100 Message-ID: <20260227145716.3794146-16-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR2P281CA0173.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:9f::8) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: 7779795b-5e2a-4d9a-2776-08de7610b54b X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: sTOH//ThER7iA+36OErrGRQXzOgX2XdJOKgSxKsHd6HBTyWb+CQKouao1pFre4w9l5i2GOxFv5oZ6UtTF3yKEOkDAS5SkdOxGF78ldFj4RNA6Wfxq+E6WRb0V/kWPuU1oQ4VMF/wUD4y8RsjNb8jMJ2nYFsTacLLxHA1sht9YUQlQt3yasPrpYF92VtEMGppo4z/ZJM84GZ9wwPQYzlQmHCWSlK7JRZj3uRtp7jhhzf3n/vEZqrdMPJdMD/nQACHcdg/xNqCgWdN/vOF6y2RuPanfSV8fzfUoM6+ZA3PbeiynUYQfOIQYwIwJugt+m6142QzjSZh0nb5bVHU71lCYKBwUgE0T48Ps8A9LfECl1QptjlgibCZ5Y/huBZCab0wMMhddE160lOJvej7Sxh/KpcP4n/1fa22/oZeeFVfPAtEzdfvomBcUH1v0fpseRITw0DdTBfDgTCr1TaiPAoTAH1H9Y9jOwTBCzGG+cf2uz82WKhCKOd7EyfGn8nMjU42bSz2Lv/J5bTN7iFkMJkMMgJQmVai+zNbjGhuIUkyrs5EjUV61N2UoDq0zHzqUuJgj895asapj0MpetdUUmL/TTimAVJvbGDzyWOEEZJ8O59HjoP9KmEctnKvX4mgN63ymlFtsbtMSAp30Yfoj+cnrqoglPEypZvykCG7bpiKo+sxE247ldNH3W3A5+rHM6eXRlHsu1Cc3gYSSGpbLjdeiYjDKwDt9Rw3/LyLtPKPj9I= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: X6Vl2qKb7yl8n5TRIMweJsXqLS+bXNUoX7yiIYeA8LrYdSyLXGIRxnw1ynhJNiILMyoNlTzvKiNi2SZI2WPRYgX2TNzuNabbiJQFmc2Vho8K0rX1hcVwQuSjtjYcsgyySNEV5jBq5L2wvZ5XDEWaWrRA5pb2yE9MgnQW8GVxmnBXsmj7Y2DekWvc3e61W+dWOnnOsCQZuR+YqZd5mNIBpN+O35Z/QF9UCUKD2gg6sD6WuQw4laHYfHXnnvuscQsNuUQ/Tw7/nV32ot1cNJzKldJREM9Y8Z7WTBmkgsEBPx+77nmljmP7QOpu1b0JVpdrmbqSoyrSTagUQVw8GZSIRiWQrHtOVwXlDdPhRHjoUQ6Po8LN4vHLGTCC70/aKX6tuapmLh7RsvXV3GWhQzA7bDXEYjRl6iuehpRJoxrRIVl2Xp/PvSmKK9fa27RYGkBgGQVl+2U9Uv7SZIVng05jhYAk7xz6EcqqiXaP9mzTfJ9LmoE6KkOrUMAlw79otQYw+xx45wixsrUd35fJ/qvhU3fz3KlkAFpCPLsAt4a19YoTfXdQlS1+Qk+ma1biR+xPQDWClTs9VaheN0s2odcatIYUCrMQ3PJDPRvHZ5XU70spxRgLw3JhnIuAHXLpG+K3k3iEld4Pvy4Qfig06SeNyjS3oxC7/oOzzUJd2jWwvhPou1a2M9AlRAa2IcVbNG9MuCymcPrL0uQzIybX4Vjek2V/XNhwAHB8Eq9/lO+F1NO1kt6vfc5EtDdURdUIzs1qpq01MRFt7aQkNyZ/8xuqEkAbpe6nsWrUGx77ntKlnlkKMbo4TYc1KxC/01ztSybOzJKEtsavbV2Nv/7RtNJ6HFyQ10ir7TYWG0t1Jkj5XszT7S82glZX0meoqi0LWZrLexazM3/iT94y1r0iV+8aFWSAsvD2KdTvIvMQD2uODOc+E1S2HnRcfNN0ri9SXb91U0N6OaXTD7pB3J0uK5JgX90hXNlj0xznH+p6wDsoXS8Jmrvr+EJBdD3Ag46z+boNKsktKZ/vaJP3oDfJU9nNm7E5FOGzPBpTynZesnr5kZHkA0/xa2zPal6ruz1bInHW3NZ5yRMZl2NK4Ovh0PKzlLLjRilxteire/fsFOYx0BekG3mJWTJ+ssqP/j2D7WKdRYjreUZTBtGajuIj7D8Ipcc8pheqJ/ER/EMEJsbN5llHsm402FxpQEftZIT7aA9nUaJWuxprBpQmUDoYGOWtJFqpdPgPabniAzTxO8LvYpCeibz64w9fHFqmxDGrkAJu+TvOR5R22AdpU6EhZumrk2kcuy4LfPafWUqkYvQ4ai1ukEO3++xplvZkT5Zmy6V5K25xq/ylII2AsPhqpjZn1teBoyIjwXn3+sPDhbqtI8P9I6s+frnUa67q8sGCYMwLzb6mLMWgtZmIXGicjxsNdHNRwbIgZoapW+XbuMA5S2yOdNLo3rcMjsFlK/kcy+PJeYNOwDQTidJrSx2kgv0n7PCBY3xFBiXq7xsb+4gO76Vx1F9pXSbHXR2BMN4PdaFeL6iSVD7RMIg7uZO6p0PLstwhz+MXtK8+Pkvsrbqu3w0IxPcSbzQY9DNLGUuI8sWvqj3cfHfVr7HExZuQBK4fk+QnXrJirCE3KeA5LpBwslTb22M0nn3rIbSqRpQcLq+5bUBsO9GqPsLK1cFsu9EdCZ2T4Vz+AOqdr9d9nLaKe0k84XvbApYb3rDSeI/gvhuWcXO287rEjLVRnyWxF2BvKC79/ee1zmr2zOQ96YkawAKUd2iibPFIGHXKW6N7e8dXYQwJraa6 X-MS-Exchange-AntiSpam-MessageData-1: 3o7BSQwXmHzWB3l1etNukgNNiNXXdvLrbig= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7779795b-5e2a-4d9a-2776-08de7610b54b X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:58:46.7768 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: BSGSLvg6X76DaulqGGi+QUNdW3yyAYc+hued3oU8mf1Hyx5BvZ/ypuJ2sc+dve08eXSc0zxXG/V4+7KevDmySYGHSsz/GFAgA5FCUFRq/0Q= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Ws8ZcrWn; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= Signed-off-by: Felix Moessbauer --- meta/classes-recipe/dpkg-base.bbclass | 68 ++++++++++++++++++++++----- 1 file changed, 56 insertions(+), 12 deletions(-) diff --git a/meta/classes-recipe/dpkg-base.bbclass b/meta/classes-recipe/dpkg-base.bbclass index c34c96bf..bec2580f 100644 --- a/meta/classes-recipe/dpkg-base.bbclass +++ b/meta/classes-recipe/dpkg-base.bbclass @@ -253,13 +253,11 @@ do_deploy_deb[lockfiles] = "${REPO_ISAR_DIR}/isar.lock" do_deploy_deb[dirs] = "${S}" python do_devshell() { - bb.build.exec_func('dpkg_schroot_create_configs', d) - isar_export_proxies(d) isar_export_ccache(d) isar_export_build_settings(d) - if bb.utils.to_boolean(d.getVar('USE_CCACHE')): - bb.build.exec_func('schroot_configure_ccache', d) + + bb.build.exec_func('devshell_chroot_prepare', d) schroot = d.getVar('SBUILD_CHROOT') pkg_arch = d.getVar('PACKAGE_ARCH') @@ -271,21 +269,39 @@ python do_devshell() { -t \"apt-get -y -q -o Debug::pkgProblemResolver=yes --no-install-recommends --allow-downgrades\" \ debian/control" - termcmd = "schroot -d / -c {0} -u root -- sh -c ' \ - cd {1}; \ + termcmd = "cd {0}; \ apt-get -y -q update -o Dir::Etc::SourceList=\"sources.list.d/isar-apt.list\" -o Dir::Etc::SourceParts=\"-\" -o APT::Get::List-Cleanup=\"0\"; \ apt-get -y upgrade; \ - {2}; \ + {1}; \ if [ -n \"$PATH_PREPEND\" ]; then export PATH=$PATH_PREPEND:$PATH; fi; \ - $SHELL -i \ - '" - oe_terminal(termcmd.format(schroot, pp_pps, install_deps), "Isar devshell", d) - - bb.build.exec_func('schroot_delete_configs', d) + $SHELL -i".format(pp_pps, install_deps) + + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + mounts = d.getVar('SCHROOT_MOUNTS') + mounts += ' {}:/home/builder/{}'.format(d.getVar('WORKDIR'), d.getVar('BPN')) + + if bb.utils.to_boolean(d.getVar('USE_CCACHE')): + bb.build.exec_func('dpkg_prepare_unshare_ccache', d) + mounts += ' {}:/ccache'.format(d.getVar('CCACHE_DIR')) + + termcmd = """{0} \ +sh -c "{1};cp /etc/resolv.conf {2}/etc;chroot {2} sh -c '{3}'" +""".format( + run_privileged_cmd(d), + insert_isar_mounts(d, d.getVar('DEVSHELL_UNSHARE_ROOTFS'), mounts), + d.getVar('DEVSHELL_UNSHARE_ROOTFS'), + termcmd.replace('"', "\\\"")) + else: + termcmd = "schroot -d / -c {0} -u root -- sh -c '{1}'".format(schroot, termcmd) + bb.warn(termcmd) + oe_terminal(termcmd, "Isar devshell", d) + + bb.build.exec_func('devshell_chroot_finalize', d) } addtask devshell after do_local_isarapt do_prepare_build DEVSHELL_STARTDIR ?= "${S}" +DEVSHELL_UNSHARE_ROOTFS ?= "${WORKDIR}/rootfs-devshell" do_devshell[dirs] = "${DEVSHELL_STARTDIR}" do_devshell[nostamp] = "1" do_devshell[network] = "${TASK_USE_SUDO}" @@ -299,3 +315,31 @@ addtask devshell_nodeps after do_local_isarapt do_prepare_build do_devshell_nodeps[dirs] = "${DEVSHELL_STARTDIR}" do_devshell_nodeps[nostamp] = "1" do_devshell_nodeps[network] = "${TASK_USE_SUDO}" + +devshell_prepare_unshare_chroot() { + run_privileged_heredoc <<'EOF' + set -e + mkdir -p ${DEVSHELL_UNSHARE_ROOTFS} + tar -xf ${SBUILD_CHROOT} -C ${DEVSHELL_UNSHARE_ROOTFS} +EOF +} + +devshell_cleanup_unshare_chroot() { + run_privileged rm -rf ${DEVSHELL_UNSHARE_ROOTFS} +} + +python devshell_chroot_prepare() { + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + bb.build.exec_func('devshell_prepare_unshare_chroot', d) + else: + bb.build.exec_func('dpkg_schroot_create_configs', d) + if bb.utils.to_boolean(d.getVar('USE_CCACHE')): + bb.build.exec_func('schroot_configure_ccache', d) +} + +python devshell_chroot_finalize() { + if d.getVar('ISAR_CHROOT_MODE') == 'unshare': + bb.build.exec_func('devshell_cleanup_unshare_chroot', d) + else: + bb.build.exec_func('schroot_delete_configs', d) +} From patchwork Fri Feb 27 14:57:16 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 4945 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Fri, 27 Feb 2026 15:59:03 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-dl1-f57.google.com (mail-dl1-f57.google.com [74.125.82.57]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 61REx1ln016473 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 27 Feb 2026 15:59:02 +0100 Received: by mail-dl1-f57.google.com with SMTP id a92af1059eb24-1277896014fsf60543461c88.1 for ; Fri, 27 Feb 2026 06:59:02 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1772204335; cv=pass; d=google.com; s=arc-20240605; b=IgkkwtVWIMoYYr5TTB3Bw5EJF48zlnftbCaZy1gnAxW0rp+Idr7fKyi2EvYjw2HDTx WzwEliiLOxDOdf9T1bwnz0x/Zaen7f7Ue2aDsm5d0yCo2x+lUiLDNqN19FF6tHNTNf8a dWcIUHNeIxdq4k1wCn3rs0per8Iz5snxIM7kvWn0L2zVKV/6rqBDv/4drBye5/rYKbdN fdzFFQ7P6hfuiBYITj/VVdKYc9Se6Br9by+jKahBxdBxe97rBF2Z5xhSOX8aJlrhnV5b ARvqt42ikrwmsH/IxL1HxwxAStZ12jNltfPGbcj46Dx2/HPIlDGtNDxdBMsZgyo5ligW qDRw== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature; bh=//nM6rQSwrI/UlLnyw45LZZVdOS9jE0GnLuRcKR8Mpg=; fh=cbyPp4TMPw2PqgGeTYV/KrbrDGf7NavS93r3J9PigCY=; b=GJN9AVbhl3zFhUmFUflVM1CO4LjWyhJY3njmO2/asY1PZMCrUQJ5u7I0l/jZodCZUB FBU9Wx6gLIwVoEOLr8RzQfxWGqJrbGv6n+pMQB7hAKf4yBm69yC5fwu+bVprpREnMU+T IgYTB/hNW6qlkhThMzBfRCsNGkRV7OtXY22Li8Tdzq7gVbP0JlLmEoEe0JS6mgf/S7B1 +kFa+GdNfHiytiQLy83xjc6ss4VNx3GMnV0z09RZXOs50KrKkcBxu2NEMpl2rXq1v+ig WZTRQCWjOmAsYp9pnlDo5oeb5bRqNiARtBsw4nkqeBu3h/EP5K+V6hOyQ9CiCG7S8L30 L2qw==; darn=isar-build.org ARC-Authentication-Results: i=3; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Ar9NmLgP; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1772204335; x=1772809135; darn=isar-build.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=//nM6rQSwrI/UlLnyw45LZZVdOS9jE0GnLuRcKR8Mpg=; b=bypk9I4sicCCoi4b8m8y0e4Z02gaWY1FDC7uo29y8udCD7XZCAVnP/PuuSx1oLfU4z Qr9M88KXUTEwjVyfqpqfqvi1ug9pZK4zbF1qF0e+7Rf060ynFzd+BEs21mv+RewtsFYk CThJ3WGYxdOeaStnpicUAw38B6NI0cPXJo090x38pg/U8TU70bfBZe9TCn9XEcy5vJb8 tlBmOicTZJpQaRPI2IjohcNHA1VTQL7HqT2BgzXf21sFP2bmXy9qslAipmy78oI/Lhhh QVs/Pe1Xqq56VXXw6AhGULlViHC+WS80fZ0zcsYVCYhzL2zjEXOQ4OsAHroFYsqCu1Li rciQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772204335; x=1772809135; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=//nM6rQSwrI/UlLnyw45LZZVdOS9jE0GnLuRcKR8Mpg=; b=CY3sn3x8SJbc1koSbBX8nQ9oNF+UZG6WKPeFvAI/K3VC5sA8g9HoomdTzutoGGzGob 7uM/9A9HFpxm6NiFPD9zfzZl7MfqpVmp/0I3onU1UZ5JCD3ps/bo+ymq5V9t9lKNgL2r xuYYgkP5hvcbftZ+rI/lRBqW5zjpKIB4d8doZxmk6VrkAQbSU6lUWM/EN3Qloptl5QaY P8bfCM5nDQ/4nzTdINzF53YVOk7sdOEqDfWWVFSmveL/3cPt1hasvECJISJBjxszWF24 INETDsEFsUelIUa/93Y/FECNpzFgeVHBsy4By61aBCHa9C2XkNTI1ohSHwpj6ojhRWKG fxWg== X-Forwarded-Encrypted: i=3; AJvYcCWbdVaCTvbv3CkGR5bMyAEIcz9KSd/1lAXXgue1WBIpk0mtjv8I4/LUJaravdWdcb0AyMJ1I4M=@isar-build.org X-Gm-Message-State: AOJu0Yyb8JP7SmE3AVX4vetbzUzuobEZdw+YcG6bvTAZJvG9mKcslEli bgJEujAdagMpGDvpSdgKylm5wls9WSQWSaoxtNxb6XZ77Pr6HY/Zhh14 X-Received: by 2002:a05:7022:7a5:b0:11b:ca88:c503 with SMTP id a92af1059eb24-1278fc9a69amr1523585c88.3.1772204335040; Fri, 27 Feb 2026 06:58:55 -0800 (PST) X-BeenThere: isar-users@googlegroups.com; h="AV1CL+Gs2er8W9zavCWtR+iuYHpXtFypm7a9XUIaMmEuoWKy2A==" Received: by 2002:a05:7022:e13:b0:127:4123:c172 with SMTP id a92af1059eb24-12782564fb7ls2887614c88.0.-pod-prod-01-us; Fri, 27 Feb 2026 06:58:51 -0800 (PST) X-Received: by 2002:a05:7022:4389:b0:119:e569:fba9 with SMTP id a92af1059eb24-1278fd42de2mr1189798c88.24.1772204331039; Fri, 27 Feb 2026 06:58:51 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1772204331; cv=pass; d=google.com; s=arc-20240605; b=d5AfELhIF5yovTBvKF1REqqIoYesy+7Y6KXl1TSwmv9HTq60veCz1G7PqovKChHA3I a/wxayGXheOQL1r2WsvwyjZasBhzp+rV0niyuQo43mn3YkLlCwJr/9k3TeVuPx7NiX/N 7tNN2FxsxdMa2Oid52CGBQIZ7znnfUce8LYAGuzIgUgd0iFIw8xPgmTBbjHyBmrRUuzY AACb/too3Zu2TXhEhCDM9zrgOlwMxonVZp17SmWioV9IPsZJ4Mqw2vrTgw7XkAbjZHw+ xLgtkJuWlxNkgAQbvuOpIZsP3uhrvxtQ7e06pyetSkHWcpJHqY/r0BkAWLbJF5XdPMx7 Pq5Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=+UpQXDUa6H3KTgauFJ8M4+xWoeicdEvZ24Bacz1T4sI=; fh=WkhL8kaJc+l2wQon1t06Ej3uvBGj9sVhNcE8PaS/XbI=; b=djzlc86jRPQYJI9W9fJ35EUUI3QMnmh1zyJG8aFT1ATVfj5w6vMhL6JlT+uYe2Nt+J GPN4FidWm2rBHIwKzS6yJAaa4s133K/27EIZZW7HDlSm6/eVeU7/eHKryEag7TbNxB45 FrlNlJYn90qO/svvK/IhWm2Ec4VftT4qSkf/MpPSZyfBwIy3ZkbcpfwXR5vl2vorMrzy 5KGky24H2ZYeh2RqO74H7j7IFcwZwti7lNmcWBSj92kRl70xj+zAxUzT4CF2hLNCh9dx WBgQ8IZ9X73PwQN7TE2wrBEjBNGCZHYBgyOT/eDmVA+jmrZX7vLMW+gHIA/AHZ3N4kuA q/Tw==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Ar9NmLgP; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Received: from AM0PR83CU005.outbound.protection.outlook.com (mail-westeuropeazlp170100001.outbound.protection.outlook.com. [2a01:111:f403:c201::1]) by gmr-mx.google.com with ESMTPS id a92af1059eb24-12789a17464si174803c88.3.2026.02.27.06.58.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Feb 2026 06:58:51 -0800 (PST) Received-SPF: pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) client-ip=2a01:111:f403:c201::1; ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=AaR/AAiJcJ3w2in4eNQCbJIVuVEgeRa9zMZtYBmXnELf8wMKzQ16JjBIH1SQLeZY8pq/HgtkvJ1GE7xh+aCJfzOuFlKC1RYMKhDFRECia6Cw75Dxnh619INYFQ/74Gzr/gqrEJdbuwD8lfu2AJWk1g7MgrCmy4z6GVClfrGaJ9OpzvNHdv3Yw5YkTFeB+ljukaMnxZSrwLMoe1HGqDAONz0XZnjWA2q4+cNRXdY9ngH4AW77pq/JZetxFP6+AEg/DvsTWY04bMbwW5LoCRk8xf+ZxVhYBj0vUN94ibuuN9YeqprhmSn7nRLaLWk8mTw6gFloLLpYraHkEnQO7b1jwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+UpQXDUa6H3KTgauFJ8M4+xWoeicdEvZ24Bacz1T4sI=; b=oqdl/m5W98FS+NOjrhBn0/7CGLl8rFE48orobjTG67AFpd5JfW15e1rrERacciU9azQyLN0X+Rf1bupMEoLwvh1RsQ5lniUtv6rDZs6+yynh6q/5/gcYr+vLv2DrKDJsS73SJo2CPIQP5nvkSO1HDHSpvTSuZO63XoYJEGCwbBulYnO4fNvlgl2RXNR39CGIyrU3m6EisD+Jta7Mw4geDPdW62LyQ9M4+cc9CfsSk0Qq8WKKFa3R+xv9u2tMMZiVdkPJETrBMjdhwSSZO6HiyjsIgwGzG5cQRG4wRQk8/x7NGQgIWdRg9JyJ+mhOKsMqd9mR+aaoz2cttHHqITxF2Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) by GV1PR10MB8006.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:5d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9654.14; Fri, 27 Feb 2026 14:58:47 +0000 Received: from DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab]) by DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM ([fe80::9412:cd7f:3f72:92ab%3]) with mapi id 15.20.9654.014; Fri, 27 Feb 2026 14:58:47 +0000 X-Patchwork-Original-From: "'Felix Moessbauer' via isar-users" From: Felix Moessbauer To: isar-users@googlegroups.com Cc: jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [PATCH v2 16/16] compat: handle user errors gracefully to avoid parser splat Date: Fri, 27 Feb 2026 15:57:16 +0100 Message-ID: <20260227145716.3794146-17-felix.moessbauer@siemens.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260227145716.3794146-1-felix.moessbauer@siemens.com> References: <20260227145716.3794146-1-felix.moessbauer@siemens.com> X-ClientProxiedBy: FR2P281CA0173.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:9f::8) To DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:47f::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DU0PR10MB6828:EE_|GV1PR10MB8006:EE_ X-MS-Office365-Filtering-Correlation-Id: be5a0d73-c3e3-4839-f5de-08de7610b5a0 X-MS-Exchange-AtpMessageProperties: SA X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|10070799003|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: Qw7uA5MIL+4bLksolVWyNYdqlNhEVd7DiUt6C4+1fEzQssb9xS7fAT9t/k5nzWtWrzFzf0hZhrSBGPyocze2pMs9f+TzLCVTgmT4QLODjL2VDnRDsgLdnFhed9EnVKMtNJ5q2VDU57lvzhsmKLmOMIcTAfkFwe8M5Y6fHTounQexTnypS4vRChlKeIL2gKhQ2fsB4JSIAotCsGo3xaZFbkwJZyQDOAR03oMFwkykXpkDcIxMW0R59yYMhdBLi5yWO8fguKpGiy+aT07XfbiST+9tl8FHcb1J2VBfbmapBl8jm3WxyDPf7McwbNDevJjBGT1yudBVAc3lhAmajBjXCvKiDoEm+YJcyT9PgXIRfx8X6K56vcLTwY1GH7E9pxOtYsbg8BC8hkUz0ivqW+OKfwjRfqE4IZ+OumRLG3hsoQfG+LkvQRMjYcAmh4+WP87Jpg0mZ447I7k1cuMYNg1clkRmT1+D2P1G5U8zUgKCj7x689lnsehaoW/boN1ZXFZBoOEgQf3s9xgBwoGyvqVJ21hdYnT/BHydX7+O4Taf8pIEo2Fz9W9Wm7WDzQRJEbmHGz2OlnC20vsdQLxXqh083ZOuoyohi6knFnz7odjTPSNlsMfAsKRsKrwbgn4sMwdbBF64Q/ZsxacPDby4asBVsVe3lkhHQ3rgI6m2JJJinCeCAFYoSdH7KlkJyF/zMJr7S3HNU/RD0fVZ0r52/gEMp5yRUL0/iHXot3zmhu6Hxq0= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(10070799003)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 2 X-MS-Exchange-AntiSpam-MessageData-0: 4PD2Ka5Uh+UuDFntM1ATZy6lXVliWD97svJa5yIliGzqnF4hzH3MZhX0bFiscRbXIzYVHnZBGOkoiARzEtIuX79lR1t4EYoKQbOnYIL+wD82UWy2MKMTDJN9KVzZk51Hzi8d+1twZug1y8OA2i7rchSDPVR1rS14/FuOogtiDAeRomEdoDDRskjxM4i3GdURUEhAjWLbi8SsDCZnuP2oNEboanYoMIYJDUm4TpAqv125Hi3YRM6BHovaVU4Zkz24YUlFkeLWenBphsldiUmbOsTcNckt/YDCU7ELMCnsTWp2faELnSmTYZfwRYpcluwoNHkjoco/q7BWADm0vwdxhRMPwG10Auq6FjHehnykjRqPttSWKMD865jBNhuLaCzK0C8SAi3RaFBTLA+P1C5xBDQiJFfDNYCKKJyrY5KwcEFUIFWHfB4F9BAytsqR47g+Mryd818I1iZjPpNuun8LirBy/4GDe3+uQw3zWHmNLTB8IWQtGEk9wsb/3BJgjSmykyq3n4+hwDjUQ62z4FyGVERr/pGqW7Je/AA2LpV2hUINDabPJzap6kszzkchU4oXgqjtU79U/GZ3ibgiCGcoi7brXudE3wvEbWN3Q6gwqbTWlJnSjYNHjq31GQD4amu172r4wtmirBDrF1P3NGVnjjOgpxNxSlLaSwE+6cSgR1xJqVNGVpZLsJuFu3LYRU7HK2AToGnwg5dc9whD329h3Uqx0FrwHjVdNNBlpo8Bo/WVb45S9QRNe7aGCo1cRhPi67ONSCcHzojCdPt9d/1e6HYGjtMNxQWbLi4AoZZIMYnjuf//mkUTxlYKIjfuz/pS3IT58LepMm3/wpRS6hjbYGjsmalqHURP8tsghAd8+lrkhMxbHjofHVlBCBCBiAZ2nCoofsg1djKJGkSopKs6qwf2I3e9AWkes6V7pbJdCCcqHGYv2MmefNfkLnU7aiWR/eoTkviamslCFbDMxl0y6GYrZjQ0kWKg5ENPgRoNTng/JTXwGF40c5UwuA39VbHbz/H8xhISKZ7KgOngNb4AuALkkZKJb867oZMJQCo7hdE1DcfRYJ8nrZmPcwwp78B5mc2AgEUl1iunR2akPYJn1xTeSKq8igPXynqgMGO53L7mN8qilGOvFTu9K6iGCFpigPZvdAZBjjOUVXqghk2QT/jfPlOnqtruWeZTIkb0P50iXDwFP4gdMptdHxXv85kCRfCi4yLM72VCnFqjWcXfhEvhjOqAt85s+zQ5fzEe05NyN1uAN8DhArDw29VMjcIeYeW7YypSTXwfu/x/T80NTga0EVSy9HPqAIEurD3hdk/462B0ZYw0rmGuGE3H0k9Oi2ghI0MvxBjAadMyd2mLiqY41/TY3lefbRGTyoskO8As1/k8VvZFU6dOHyyUsHFBw9B6s5CbEauYMmGO5OsNc14RhpZhMEamixidsziqQwYYGcycXRH1fnlKsNGW4/gr933uE40nTqURS7OS1INlsLzRccowmkpzMdOtB8gCQch/osstNU0m+kM4mOw+y+ActDmRZ6fns07ZL7STCLbgPRzXh66as7ab2AEgWd/i3+73VpCwMobvq9ntQUUKfpprojjdILLn3QZ1XUZkESz6LHXc1lhr2UCOtPfFyS10NuaCw1NPOkVaz+KM0mJBqxxN8N443Vs4vipnRlbG8ebfFuirHhBfpvM5WG+ze4+QCh0VVYPUBgV2v3FW/5KsP6LgTujrzYnSCYTB6eEsz2smwT0GPK95PA3S05CU4vRdd9TLW0dW4XYACLssfDgFTaLSLWV9O9dM X-MS-Exchange-AntiSpam-MessageData-1: xxJkpbAH116lPvf37xMGdial9w/clUYEuYw= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: be5a0d73-c3e3-4839-f5de-08de7610b5a0 X-MS-Exchange-CrossTenant-AuthSource: DU0PR10MB6828.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2026 14:58:47.3719 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: xinuaSYXtTA0kwWGG+HTJgNplsKZa+W3OuqPLdhUVPkjgO2LtwAEUMz9PVE2hDT/C7pAH0mXXMKsJKwPrKMLIt4Y03KuTGedzuVJqWcTaGA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB8006 X-Original-Sender: felix.moessbauer@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Ar9NmLgP; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of felix.moessbauer@siemens.com designates 2a01:111:f403:c201::1 as permitted sender) smtp.mailfrom=felix.moessbauer@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com X-Original-From: Felix Moessbauer Reply-To: Felix Moessbauer Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-4.9 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_RNBL,RCVD_IN_RP_SAFE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= A common user error is to forget to define a machine (or use one that is not defined). In this case, a huge parsing error is printed, giving no indication what the actually user error is. Instead of crashing the parser, we now report a meaningful user error. Signed-off-by: Felix Moessbauer --- meta/classes-recipe/compat.bbclass | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/classes-recipe/compat.bbclass b/meta/classes-recipe/compat.bbclass index 907c3ce2..7df55576 100644 --- a/meta/classes-recipe/compat.bbclass +++ b/meta/classes-recipe/compat.bbclass @@ -19,6 +19,9 @@ python() { package_arch = d.getVar('PACKAGE_ARCH') overrides = d.getVar('OVERRIDES').split(':') + if not distro_arch: + bb.fatal("DISTRO_ARCH is not set") + localdata = bb.data.createCopy(d) new_overrides = [distro_arch] + [o for o in overrides if not o == package_arch] localdata.setVar('OVERRIDES', ':'.join(new_overrides))