On Wed, 2021-10-27 at 16:43 +0000, Peter Kjellerstedt wrote: > > -----Original Message----- > > From: Martyn Welch <martyn.we...@collabora.com> > > Sent: den 26 oktober 2021 17:32 > > To: Peter Kjellerstedt <peter.kjellerst...@axis.com>; Konrad > > Weihmann > > <kweihm...@outlook.com>; OE-core <openembedded- > > c...@lists.openembedded.org> > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add > > default > > IMAGE_QA_PROHIBIT_PATHS variable > > > > On Tue, 2021-10-26 at 14:59 +0000, Peter Kjellerstedt wrote: > > > > -----Original Message----- > > > > From: openembedded-core@lists.openembedded.orgĀ <openembedded- > > > > c...@lists.openembedded.org> On Behalf Of Konrad Weihmann > > > > Sent: den 26 oktober 2021 13:24 > > > > To: Martyn Welch <martyn.we...@collabora.com>; OE-core > > > > <openembedded- > > > > c...@lists.openembedded.org> > > > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add > > > > default > > > > IMAGE_QA_PROHIBIT_PATHS variable > > > > > > > > > > > > > > > > On 26.10.21 13:21, Martyn Welch wrote: > > > > > Note to self - remember to reply to list... > > > > > > > > > > -------- Forwarded Message -------- > > > > > From: Martyn Welch <martyn.we...@collabora.com> > > > > > To: Konrad Weihmann <kweihm...@outlook.com> > > > > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add > > > > > default > > > > > IMAGE_QA_PROHIBIT_PATHS variable > > > > > Date: Tue, 26 Oct 2021 12:12:11 +0100 > > > > > > > > > > On Tue, 2021-10-26 at 12:56 +0200, Konrad Weihmann wrote: > > > > > > > > > > > > > > > > > > On 26.10.21 12:50, Martyn Welch wrote: > > > > <snip> > > > > > > > > > +# IMAGE_QA_PROHIBITED_PATHS > > > > > > > +# Ensure images aren't including files in places that > > > > > > > will > > > > > > > be used as mount points or that are > > > > > > > +# reserved for runtime data. > > > > > > > +IMAGE_QA_PROHIBITED_PATHS ?= > > > > > > > "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/ru > > > > > > > n/*: > > > > > > > /var/tmp/*:/var/volatile/*" > > > > > > > > > > > > I like the idea, but wouldn't make more sense to do that on > > > > > > a > > > > > > package > > > > > > level, as here the user is more or less left alone in > > > > > > guessing > > > > > > where > > > > > > the file actually does come from > > > > > > > > > > I like that idea, however it would make to assumption that > > > > > there > > > > > wasn't > > > > > any tweaks being made as part of image generation that would > > > > > end > > > > > up > > > > > violating this. A quick check suggests the "build-appliance- > > > > > image_15.0.0.bb" image does this kind of thing in the core > > > > > image > > > > > types. > > > > > > > > As Alex just wrote, I might be beneficial to do both > > > > > > > > > Martyn > > > > > > We have an alternative solution that hooks into the package QA. > > > It > > > focuses on directories that are supposed to be empty. In addition > > > to > > > failing the build if there are files in such a directory, it also > > > allows to specify for each directory why it should be empty. We > > > have > > > used this, e.g., to mark common directories that have been > > > renamed > > > to give an indication of where the files were supposed to have > > > been > > > installed. > > > > > > Do you want me to generalize this and send a patch for it? > > > > Hi Peter, > > > > It would be great if we could merge these approaches, i.e. have one > > way > > to specify directories that need to be empty and test both as part > > of > > package QA and also image QA. > > > > I was just working on adding some package QA support to what I've > > had, > > but can pause that. > > > > Would you be able to provide show how you'd propose managing the > > prohibited directories? I'll try and tweak the image QA stuff > > already > > posted to fit that. > > > > Martyn > > > > > //Peter > > I have sent two patches now. The first makes systemd not install > anything in /var/log, as it otherwise conflicts with the suggested > defaults. And then one patch that adds the package QA check for > empty directories. I used the same defaults as suggested in your > patch, except I removed /mnt since it is not obvious it should be > empty. At least we use subdirectories in /mnt for our mountpoints. >
Thanks Peter, Looks good to me. I'll adapt the mine to be an image QA test that complements this. Martyn > //Peter >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#157560): https://lists.openembedded.org/g/openembedded-core/message/157560 Mute This Topic: https://lists.openembedded.org/mt/86599458/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
