[OE-core][dunfell 22/25] rootfs-postcommands: Improve/fix rootfs_check_host_user_contaminated

Mon, 06 Jul 2020 09:12:12 -0700 

From: Richard Purdie <richard.pur...@linuxfoundation.org>

Currently if the find command finds /home it stops checking the other
files. Tweak the find expression to fix this.

Also, from Alex Kiernan <alex.kier...@gmail.com>, generate output for
each contaminated path so it's visible in the main log file.

When matches are found, dump the data from the group and passwd files
so useful debugging can be done based on the results.

Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
(cherry picked from commit 504f1d158bf7c6ad08fbce755021db2b14565231)
Signed-off-by: Steve Sakoman <st...@sakoman.com>
---
 meta/classes/rootfs-postcommands.bbclass | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/meta/classes/rootfs-postcommands.bbclass 
b/meta/classes/rootfs-postcommands.bbclass
index 2f171836fa..c43b9a9823 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -308,12 +308,16 @@ rootfs_check_host_user_contaminated () {
        HOST_USER_UID="$(PSEUDO_UNLOAD=1 id -u)"
        HOST_USER_GID="$(PSEUDO_UNLOAD=1 id -g)"
 
-       find "${IMAGE_ROOTFS}" -wholename "${IMAGE_ROOTFS}/home" -prune \
-           -user "$HOST_USER_UID" -o -group "$HOST_USER_GID" >"$contaminated"
+       find "${IMAGE_ROOTFS}" -path "${IMAGE_ROOTFS}/home" -prune -o \
+           -user "$HOST_USER_UID" -print -o -group "$HOST_USER_GID" -print 
>"$contaminated"
+
+       sed -e "s,${IMAGE_ROOTFS},," $contaminated | while read line; do
+               bbwarn "Path in the rootfs is owned by the same user or group 
as the user running bitbake:" $line `ls -lan ${IMAGE_ROOTFS}/$line`
+       done
 
        if [ -s "$contaminated" ]; then
-               echo "WARNING: Paths in the rootfs are owned by the same user 
or group as the user running bitbake. See the logfile for the specific paths."
-               cat "$contaminated" | sed "s,^,  ,"
+               bbwarn "/etc/passwd:" `cat ${IMAGE_ROOTFS}/etc/passwd`
+               bbwarn "/etc/group:" `cat ${IMAGE_ROOTFS}/etc/group`
        fi
 }
 
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#140351): 
https://lists.openembedded.org/g/openembedded-core/message/140351
Mute This Topic: https://lists.openembedded.org/mt/75336313/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to