[OE-core] [PATCH] rootfs-postcommands: Improve/fix rootfs_check_host_user_contaminated

Fri, 03 Jul 2020 06:18:00 -0700 

Currently if the find command finds /home it stops checking the other
files. Tweak the find expression to fix this.

Also, from Alex Kiernan <alex.kier...@gmail.com>, generate output for
each contaminated path so it's visible in the main log file.

When matches are found, dump the data from the group and passwd files
so useful debugging can be done based on the results.

Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
---
 meta/classes/rootfs-postcommands.bbclass | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/meta/classes/rootfs-postcommands.bbclass 
b/meta/classes/rootfs-postcommands.bbclass
index 2f171836fa0..c43b9a98230 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -308,12 +308,16 @@ rootfs_check_host_user_contaminated () {
        HOST_USER_UID="$(PSEUDO_UNLOAD=1 id -u)"
        HOST_USER_GID="$(PSEUDO_UNLOAD=1 id -g)"
 
-       find "${IMAGE_ROOTFS}" -wholename "${IMAGE_ROOTFS}/home" -prune \
-           -user "$HOST_USER_UID" -o -group "$HOST_USER_GID" >"$contaminated"
+       find "${IMAGE_ROOTFS}" -path "${IMAGE_ROOTFS}/home" -prune -o \
+           -user "$HOST_USER_UID" -print -o -group "$HOST_USER_GID" -print 
>"$contaminated"
+
+       sed -e "s,${IMAGE_ROOTFS},," $contaminated | while read line; do
+               bbwarn "Path in the rootfs is owned by the same user or group 
as the user running bitbake:" $line `ls -lan ${IMAGE_ROOTFS}/$line`
+       done
 
        if [ -s "$contaminated" ]; then
-               echo "WARNING: Paths in the rootfs are owned by the same user 
or group as the user running bitbake. See the logfile for the specific paths."
-               cat "$contaminated" | sed "s,^,  ,"
+               bbwarn "/etc/passwd:" `cat ${IMAGE_ROOTFS}/etc/passwd`
+               bbwarn "/etc/group:" `cat ${IMAGE_ROOTFS}/etc/group`
        fi
 }
 
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#140288): 
https://lists.openembedded.org/g/openembedded-core/message/140288
Mute This Topic: https://lists.openembedded.org/mt/75278678/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to