Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Seebs
On Thu, 02 Feb 2017 20:43:49 +0100 Patrick Ohly wrote: > One could argue that an implicit "created during build -> owned by > root" follows the same logic. But as the check as it is now did find > a real issue and also others in the past (the pseudo bugs that Chris >

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Patrick Ohly
On Thu, 2017-02-02 at 13:11 -0600, Seebs wrote: > On Thu, 02 Feb 2017 18:17:29 +0100 > Patrick Ohly wrote: > > > On Thu, 2017-02-02 at 11:12 -0600, Seebs wrote: > > > > But I find mapping to root:root more attractive because it makes > > > > packaging simpler (less

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Patrick Ohly
On Thu, 2017-02-02 at 18:49 +0100, Enrico Scholz wrote: > Patrick Ohly > writes: > > > Recently the host-user-contaminated QA check triggered for the trousers > > recipe in meta-security: > > > > WARNING:

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Seebs
On Thu, 02 Feb 2017 18:17:29 +0100 Patrick Ohly wrote: > On Thu, 2017-02-02 at 11:12 -0600, Seebs wrote: > > > But I find mapping to root:root more attractive because it makes > > > packaging simpler (less worries about accidentally copying the > > > original uid) and the

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Enrico Scholz
Patrick Ohly writes: > Recently the host-user-contaminated QA check triggered for the trousers > recipe in meta-security: > > WARNING: trousers-0.3.14+gitAUTOINC+4b9a70d578-r0 do_package_qa: QA Issue: > trousers: /trousers/etc/tcsd.conf is

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Christopher Larson
It's worth noting that host-user-contaminated also triggers on pseudo bugs, which I've seen before. If we change the behavior, what user would files that pseudo loses track of entirely be owned by? Or perhaps some of pseudo's log messages should be made errors.. On Thu, Feb 2, 2017 at 10:17 AM,

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Patrick Ohly
On Thu, 2017-02-02 at 11:12 -0600, Seebs wrote: > > But I find mapping to root:root more attractive because it makes > > packaging simpler (less worries about accidentally copying the > > original uid) and the builds faster (no need to run the QA check). > > Hmm. I think I would rather have the

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Seebs
On Thu, 02 Feb 2017 17:39:07 +0100 Patrick Ohly wrote: > On Thu, 2017-02-02 at 10:21 -0600, Seebs wrote: > > On Thu, 02 Feb 2017 11:38:00 +0100 > > Patrick Ohly wrote: > > > > > Why do we make the real user ID on the build system visible at all >

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Patrick Ohly
On Thu, 2017-02-02 at 10:21 -0600, Seebs wrote: > On Thu, 02 Feb 2017 11:38:00 +0100 > Patrick Ohly wrote: > > > Why do we make the real user ID on the build system visible at all > > when running under pseudo? The uid and user name have no meaning > > there, as the user

Re: [OE-core] host-user-contaminated QA check

2017-02-02 Thread Seebs
On Thu, 02 Feb 2017 11:38:00 +0100 Patrick Ohly wrote: > Why do we make the real user ID on the build system visible at all > when running under pseudo? The uid and user name have no meaning > there, as the user won't exist on the target system. Instead we could > map the

[OE-core] host-user-contaminated QA check

2017-02-02 Thread Patrick Ohly
Hello! Recently the host-user-contaminated QA check triggered for the trousers recipe in meta-security: WARNING: trousers-0.3.14+gitAUTOINC+4b9a70d578-r0 do_package_qa: QA Issue: trousers: /trousers/etc/tcsd.conf is owned by uid 1000, which is the same as the user running bitbake. This may be