Patrick Ohly <patrick.ohly-ral2jqcrhueavxtiumw...@public.gmane.org> writes:
> Recently the host-user-contaminated QA check triggered for the trousers > recipe in meta-security: > > WARNING: trousers-0.3.14+gitAUTOINC+4b9a70d578-r0 do_package_qa: QA Issue: > trousers: /trousers/etc/tcsd.conf is owned by uid 1000, which is the same as > the user running bitbake. This may be due to host contamination > [host-user-contaminated] > > However, that's a false positive in this case. UID 1000 got assigned to > the "tss" user in the target sysroot during the build, and tcsd.conf is > correctly and intentionally owned by that user because tcsd checks > ownership and refuses to start when owned by someone else (including > root). It just happened that the UID was the same. > > This is likely to affect all recipes with files owned by dynamically > created users, in particular when the host system assigns UIDs from the > same range as the target system (quick poll: who else has 1000 as his > UID on his main Linux box? ;-) Usually, this can not happen. There is reserved a range for dynamically created users (standard says 100-499, some distributions use 100-999). In this case, there is probably some '--system' flag missing when the 'tss' user is created (--> packaging bug). Enrico -- SIGMA Chemnitz GmbH Registergericht: Amtsgericht Chemnitz HRB 1750 Am Erlenwald 13 Geschaeftsfuehrer: Grit Freitag, Frank Pyritz 09128 Chemnitz -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
