Re: [OE-core] [PATCH v5 1/2] image.bbclass: add prohibited-paths QA test
On Fri, Apr 13, 2018 at 6:27 AM, Fabien Lahouderewrote: > This patch doesn't seem to be applied. > Is there additional comments or something blocking? I see no reason for it not being applied. -- Otavio Salvador O.S. Systems http://www.ossystems.com.brhttp://code.ossystems.com.br Mobile: +55 (53) 9981-7854Mobile: +1 (347) 903-9750 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH v5 1/2] image.bbclass: add prohibited-paths QA test
Hi This patch doesn't seem to be applied. Is there additional comments or something blocking? Thanks Fabien On Mon, 2017-11-27 at 19:28 +, Martyn Welch wrote: > Sometimes we wish to ensure that files or directories are not installed > somewhere that may prove detrimental to the operation of the system. For > example, this may be the case if files are placed in a directory that is > utilised as a mount point at run time, thus making them inaccessible once > when the mount point is being utilised. > > Implement the prohibited paths QA test, which enables such locations to be > specified in a "IMAGE_QA_PROHIBITED_PATHS" variable. This implementation > allows for a colon separated list of paths to be provided. Shell style > wildcards can be used. > > Signed-off-by: Fabien Lahoudere> Signed-off-by: Martyn Welch > --- > Changes since v1: > - Correcting author and SOB. > > Changes since v2: > - Reimplemented as image rather than package level QA test. > - Changed variable from PROHIBITED_PATH to PROHIBITED_PATHS to better > reflect its use. > > Changes since v3: > - Rename variable to IMAGE_QA_PROHIBITED_PATHS. > - Use str.startswith(). > - Simplify if statement. > > Changes since v4: > - Move QA test to new class "image-insane.bbclass". > > meta/classes/image-insane.bbclass | 20 > meta/classes/image.bbclass| 1 + > 2 files changed, 21 insertions(+) > create mode 100644 meta/classes/image-insane.bbclass > > diff --git a/meta/classes/image-insane.bbclass > b/meta/classes/image-insane.bbclass > new file mode 100644 > index 000..29935cf > --- /dev/null > +++ b/meta/classes/image-insane.bbclass > @@ -0,0 +1,20 @@ > +python image_check_prohibited_paths () { > +import glob > +from oe.utils import ImageQAFailed > + > +rootfs = d.getVar('IMAGE_ROOTFS') > + > +path = (d.getVar('IMAGE_QA_PROHIBITED_PATHS') or "") > +if path != "": > +for p in path.split(':'): > +if not p.startswith('/'): > +raise ImageQAFailed("IMAGE_QA_PROHIBITED_PATHS \"%s\" must > be an absolute path" % > p, image_check_prohibited_paths) > + > +match = glob.glob("%s%s" % (rootfs, p)) > +if match: > +loc = ", ".join(item.replace(rootfs, '') for item in match) > +raise ImageQAFailed("Match(es) for IMAGE_QA_PROHIBITED_PATHS > \"%s\": %s" % (p, > loc), image_check_prohibited_paths) > +} > + > +IMAGE_QA_COMMANDS += "image_check_prohibited_paths" > + > diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass > index d93de02..8b45abb 100644 > --- a/meta/classes/image.bbclass > +++ b/meta/classes/image.bbclass > @@ -1,4 +1,5 @@ > inherit rootfs_${IMAGE_PKGTYPE} > +inherit image-insane > > # Only Linux SDKs support populate_sdk_ext, fall back to populate_sdk_base > # in the non-Linux SDK_OS case, such as mingw32 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH v5 1/2] image.bbclass: add prohibited-paths QA test
This doesn't seem to be applied yet. Is there something else that is needed? Martyn On Mon, 2017-11-27 at 19:28 +, Martyn Welch wrote: > Sometimes we wish to ensure that files or directories are not installed > somewhere that may prove detrimental to the operation of the system. For > example, this may be the case if files are placed in a directory that is > utilised as a mount point at run time, thus making them inaccessible once > when the mount point is being utilised. > > Implement the prohibited paths QA test, which enables such locations to be > specified in a "IMAGE_QA_PROHIBITED_PATHS" variable. This implementation > allows for a colon separated list of paths to be provided. Shell style > wildcards can be used. > > Signed-off-by: Fabien Lahoudere> Signed-off-by: Martyn Welch > --- > Changes since v1: > - Correcting author and SOB. > > Changes since v2: > - Reimplemented as image rather than package level QA test. > - Changed variable from PROHIBITED_PATH to PROHIBITED_PATHS to better >reflect its use. > > Changes since v3: > - Rename variable to IMAGE_QA_PROHIBITED_PATHS. > - Use str.startswith(). > - Simplify if statement. > > Changes since v4: > - Move QA test to new class "image-insane.bbclass". > > meta/classes/image-insane.bbclass | 20 > meta/classes/image.bbclass| 1 + > 2 files changed, 21 insertions(+) > create mode 100644 meta/classes/image-insane.bbclass > > diff --git a/meta/classes/image-insane.bbclass > b/meta/classes/image-insane.bbclass > new file mode 100644 > index 000..29935cf > --- /dev/null > +++ b/meta/classes/image-insane.bbclass > @@ -0,0 +1,20 @@ > +python image_check_prohibited_paths () { > +import glob > +from oe.utils import ImageQAFailed > + > +rootfs = d.getVar('IMAGE_ROOTFS') > + > +path = (d.getVar('IMAGE_QA_PROHIBITED_PATHS') or "") > +if path != "": > +for p in path.split(':'): > +if not p.startswith('/'): > +raise ImageQAFailed("IMAGE_QA_PROHIBITED_PATHS \"%s\" must > be an absolute path" % p, image_check_prohibited_paths) > + > +match = glob.glob("%s%s" % (rootfs, p)) > +if match: > +loc = ", ".join(item.replace(rootfs, '') for item in match) > +raise ImageQAFailed("Match(es) for IMAGE_QA_PROHIBITED_PATHS > \"%s\": %s" % (p, loc), image_check_prohibited_paths) > +} > + > +IMAGE_QA_COMMANDS += "image_check_prohibited_paths" > + > diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass > index d93de02..8b45abb 100644 > --- a/meta/classes/image.bbclass > +++ b/meta/classes/image.bbclass > @@ -1,4 +1,5 @@ > inherit rootfs_${IMAGE_PKGTYPE} > +inherit image-insane > > # Only Linux SDKs support populate_sdk_ext, fall back to populate_sdk_base > # in the non-Linux SDK_OS case, such as mingw32 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH v5 1/2] image.bbclass: add prohibited-paths QA test
On Mon, Nov 27, 2017 at 5:28 PM, Martyn Welchwrote: > Sometimes we wish to ensure that files or directories are not installed > somewhere that may prove detrimental to the operation of the system. For > example, this may be the case if files are placed in a directory that is > utilised as a mount point at run time, thus making them inaccessible once > when the mount point is being utilised. > > Implement the prohibited paths QA test, which enables such locations to be > specified in a "IMAGE_QA_PROHIBITED_PATHS" variable. This implementation > allows for a colon separated list of paths to be provided. Shell style > wildcards can be used. > > Signed-off-by: Fabien Lahoudere > Signed-off-by: Martyn Welch Acked-by: Otavio Salvador -- Otavio Salvador O.S. Systems http://www.ossystems.com.brhttp://code.ossystems.com.br Mobile: +55 (53) 9981-7854Mobile: +1 (347) 903-9750 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core