Since
https://github.com/rpm-software-management/rpm/commit/f3eaeeb7341085e1850e914350cf1f33d538320d
rpm does its own parsing of /etc/passwd and /etc/group instead of relying on
getpwnam() and friends.
This has an unfortunate effect of leaking build host uid/gid values for users
and groups
into the cpio header inside rpm file (where previously those were always zero).
Installation of rpm packages relies on rpm header to set files ownership, and
that
is a different structure that is build from .spec information, so we can avoid
host
contamination by setting the paths to something bogus.
Signed-off-by: Alexander Kanavin <a...@linutronix.de>
---
meta/classes-global/package_rpm.bbclass | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/classes-global/package_rpm.bbclass
b/meta/classes-global/package_rpm.bbclass
index 3ca6c5aa7b3..e0f4de42a15 100644
--- a/meta/classes-global/package_rpm.bbclass
+++ b/meta/classes-global/package_rpm.bbclass
@@ -722,6 +722,8 @@ python do_package_rpm () {
cmd = cmd + " --define 'debug_package %{nil}'"
cmd = cmd + " --define '_tmppath " + workdir + "'"
cmd = cmd + " --define '_use_weak_usergroup_deps 1'"
+ cmd = cmd + " --define '_passwd_path " + "/completely/bogus/path" + "'"
+ cmd = cmd + " --define '_group_path " + "/completely/bogus/path" + "'"
if d.getVarFlag('ARCHIVER_MODE', 'srpm') == '1' and
bb.data.inherits_class('archiver', d):
cmd = cmd + " --define '_sourcedir " + d.getVar('ARCHIVER_OUTDIR') +
"'"
cmdsrpm = cmd + " --define '_srcrpmdir " +
d.getVar('ARCHIVER_RPMOUTDIR') + "'"
--
2.39.2
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#194366):
https://lists.openembedded.org/g/openembedded-core/message/194366
Mute This Topic: https://lists.openembedded.org/mt/103975820/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
