Re: [OE-core] [PATCH] util-linux: fix owner and group for binaries in resulting image
Which host distributionen are you using?
On Tue, 7 May 2019, 14:47 Popov Anton, wrote:
> Hi,
>
> I don't think so. At the moment we are using rocko release and found this
> problem in util-linux-2.30 recipe.
>
> the problem is that util-linux builds with regular user permissions and
> result files are owned by user with uid 1000 in our case. for most of
> binaries in /bin and /sbin generated by util-linux this permissions issue
> is not a problem (Because all binaries has o+x set). But for those of them
> who have suid bit setted it became a real trouble.
>
> With best regards,
> Anton Popov
>
>
> От: Jacob Kroon [jacob.kr...@gmail.com]
> Отправлено: 7 мая 2019 г. 8:04
> Кому: Popov Anton
> Копия: openembedded-core@lists.openembedded.org
> Тема: Re: [OE-core] [PATCH] util-linux: fix owner and group for binaries
> in resulting image
>
> Hi,
> Are we sure this is not caused by the new glibc2.29/pseudo problems
> that has been seen previously ?
> Which distro are you building on, and which version of poky/oe are you
> using ?
> /Jacob
>
> On Mon, May 6, 2019 at 5:46 PM Popov Anton
> wrote:
> >
> > util-linux source produce some binaries with setuid bit set
> >
> > do_install function produce binaries in /sbin and /bin with uid:gid
> > of user who build image this lead to messages like this:
> > mount /dev/sdb1 /mnt/flash
> > mount: only root can do that (effective UID is 1000)
> > this patch changing owner of binaries in /bin and /sbin to 0:0
> >
> > Signed-off-by: Anton Popov
> > ---
> > meta/recipes-core/util-linux/util-linux.inc | 21 +
> > 1 file changed, 21 insertions(+)
> >
> > diff --git a/meta/recipes-core/util-linux/util-linux.inc
> b/meta/recipes-core/util-linux/util-linux.inc
> > index 34255a2dec..d75a2dd399 100644
> > --- a/meta/recipes-core/util-linux/util-linux.inc
> > +++ b/meta/recipes-core/util-linux/util-linux.inc
> > @@ -201,6 +201,27 @@ do_install () {
> > fi
> > }
> >
> > +# when building yocto image with non-root user some binaries appears in
> resulting
> > +# image with rights of user who build image. This behaviour may lead to
> misfunction
> > +# of some binaries like mount because of setuid bit on them:
> > +# mount /dev/sdb1 /mnt/flash
> > +# mount: only root can do that (effective UID is 1000)
> > +# ls -ld which mount
> > +# lrwxrwxrwx1 root root21 Jan 2 1970 /bin/mount
> -> /bin/mount.util-linux
># root@mitx-fp32:/mnt/system/initrd#
> ls -ld /bin/mount.util-linux
> #
> -rwsr-xr-x1 1000 1000 28020 Apr 23 12:49
> /bin/mount.util-linux
> > +do_install_append_class-target () {
> > +for p in $sbinprogs $sbinprogs_a; do
> > +if [ -f "${D}${base_sbindir}/$p" ]; then
> > +chown 0:0 "${D}${base_sbindir}/$p"
> > +fi
> > +done
> > +for p in $binprogs_a; do
> > +if [ -f "${D}${base_bindir}/$p" ]; then
> > +chown 0:0 "${D}${base_bindir}/$p"
> > +fi
> > +done
> > +}
> > +
> > +
> > # nologin causes a conflict with shadow-native
> > # kill causes a conflict with coreutils-native (if
> ${bindir}==${base_bindir})
> > do_install_append_class-native () {
> > --
> > 2.20.1
> > --
> > ___
> > Openembedded-core mailing list
> > Openembedded-core@lists.openembedded.org
> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH] util-linux: fix owner and group for binaries in resulting image
Hi,
Are we sure this is not caused by the new glibc2.29/pseudo problems
that has been seen previously ?
Which distro are you building on, and which version of poky/oe are you using ?
/Jacob
On Mon, May 6, 2019 at 5:46 PM Popov Anton wrote:
>
> util-linux source produce some binaries with setuid bit set
>
> do_install function produce binaries in /sbin and /bin with uid:gid
> of user who build image this lead to messages like this:
> mount /dev/sdb1 /mnt/flash
> mount: only root can do that (effective UID is 1000)
> this patch changing owner of binaries in /bin and /sbin to 0:0
>
> Signed-off-by: Anton Popov
> ---
> meta/recipes-core/util-linux/util-linux.inc | 21 +
> 1 file changed, 21 insertions(+)
>
> diff --git a/meta/recipes-core/util-linux/util-linux.inc
> b/meta/recipes-core/util-linux/util-linux.inc
> index 34255a2dec..d75a2dd399 100644
> --- a/meta/recipes-core/util-linux/util-linux.inc
> +++ b/meta/recipes-core/util-linux/util-linux.inc
> @@ -201,6 +201,27 @@ do_install () {
> fi
> }
>
> +# when building yocto image with non-root user some binaries appears in
> resulting
> +# image with rights of user who build image. This behaviour may lead to
> misfunction
> +# of some binaries like mount because of setuid bit on them:
> +# mount /dev/sdb1 /mnt/flash
> +# mount: only root can do that (effective UID is 1000)
> +# ls -ld which mount
> +# lrwxrwxrwx1 root root21 Jan 2 1970 /bin/mount ->
> /bin/mount.util-linux
> # root@mitx-fp32:/mnt/system/initrd# ls -ld
> /bin/mount.util-linux
># -rwsr-xr-x1
> 1000 1000 28020 Apr 23 12:49 /bin/mount.util-linux
> +do_install_append_class-target () {
> +for p in $sbinprogs $sbinprogs_a; do
> +if [ -f "${D}${base_sbindir}/$p" ]; then
> +chown 0:0 "${D}${base_sbindir}/$p"
> +fi
> +done
> +for p in $binprogs_a; do
> +if [ -f "${D}${base_bindir}/$p" ]; then
> +chown 0:0 "${D}${base_bindir}/$p"
> +fi
> +done
> +}
> +
> +
> # nologin causes a conflict with shadow-native
> # kill causes a conflict with coreutils-native (if ${bindir}==${base_bindir})
> do_install_append_class-native () {
> --
> 2.20.1
> --
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
[OE-core] [PATCH] util-linux: fix owner and group for binaries in resulting image
util-linux source produce some binaries with setuid bit set
do_install function produce binaries in /sbin and /bin with uid:gid
of user who build image this lead to messages like this:
mount /dev/sdb1 /mnt/flash
mount: only root can do that (effective UID is 1000)
this patch changing owner of binaries in /bin and /sbin to 0:0
Signed-off-by: Anton Popov
---
meta/recipes-core/util-linux/util-linux.inc | 21 +
1 file changed, 21 insertions(+)
diff --git a/meta/recipes-core/util-linux/util-linux.inc
b/meta/recipes-core/util-linux/util-linux.inc
index 34255a2dec..d75a2dd399 100644
--- a/meta/recipes-core/util-linux/util-linux.inc
+++ b/meta/recipes-core/util-linux/util-linux.inc
@@ -201,6 +201,27 @@ do_install () {
fi
}
+# when building yocto image with non-root user some binaries appears in
resulting
+# image with rights of user who build image. This behaviour may lead to
misfunction
+# of some binaries like mount because of setuid bit on them:
+# mount /dev/sdb1 /mnt/flash
+# mount: only root can do that (effective UID is 1000)
+# ls -ld which mount
+# lrwxrwxrwx1 root root21 Jan 2 1970 /bin/mount ->
/bin/mount.util-linux
# root@mitx-fp32:/mnt/system/initrd# ls -ld
/bin/mount.util-linux
# -rwsr-xr-x1 1000
1000 28020 Apr 23 12:49 /bin/mount.util-linux
+do_install_append_class-target () {
+for p in $sbinprogs $sbinprogs_a; do
+if [ -f "${D}${base_sbindir}/$p" ]; then
+chown 0:0 "${D}${base_sbindir}/$p"
+fi
+done
+for p in $binprogs_a; do
+if [ -f "${D}${base_bindir}/$p" ]; then
+chown 0:0 "${D}${base_bindir}/$p"
+fi
+done
+}
+
+
# nologin causes a conflict with shadow-native
# kill causes a conflict with coreutils-native (if ${bindir}==${base_bindir})
do_install_append_class-native () {
--
2.20.1
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
