From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mail-lj1-f173.google.com ([209.85.208.173]) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89) (envelope-from ) id 1gwTVm-0002ul-Vi for ptxdist@pengutronix.de; Wed, 20 Feb 2019 16:10:15 +0100 Received: by mail-lj1-f173.google.com with SMTP id q128so21036165ljb.11 for ; Wed, 20 Feb 2019 07:10:14 -0800 (PST) MIME-Version: 1.0 References: <28b3d3f0-8281-64e5-ae67-2b43b49348b6@mev.co.uk> <20190220144202.pilz3kgql5k3hqz5@pengutronix.de> In-Reply-To: <20190220144202.pilz3kgql5k3hqz5@pengutronix.de> From: Jon Ringle Date: Wed, 20 Feb 2019 10:10:01 -0500 Message-ID: Subject: Re: [ptxdist] strange permission behavior List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: multipart/mixed; boundary="===============1767822940==" Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: ptxdist@pengutronix.de --===============1767822940== Content-Type: multipart/alternative; boundary="0000000000002f7152058254c1bb" --0000000000002f7152058254c1bb Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, Feb 20, 2019 at 9:42 AM Michael Olbrich wrote: > On Wed, Feb 20, 2019 at 09:09:18AM -0500, Jon Ringle wrote: > > On Wed, Feb 20, 2019 at 8:22 AM Ian Abbott wrote: > > > > > On 20/02/2019 13:17, Ian Abbott wrote: > > > > On 20/02/2019 00:59, Jon Ringle wrote: > > > >> I've got a strange permission problem when I build on our build > server > > > >> that was recently updated from Ubuntu-14.04 to Ubuntu-16.04. > > > >> > > > >> On our Ubuntu-16.04 server, on most of the platform/packages/ > > > >> subdirectories the packages are getting created with other having = no > > > >> permissions at all: > > > >> > > > >> rootfs/platform-ec1c/packages$ tree -d -L 1 -p > > > >> . > > > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---] attr-2.4.47 > > > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---] avahi-0.7 > > > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---] bash-4.3.30 > > > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---] boost_1_67_0 > > > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---] busybox-1.29.3 > > > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---] coreutils-8.29 > > > >> ... > > > >> > > > >> This results in all files contained within those directories to al= so > > > >> have no perms for other, and get installed on my target in the sam= e > > > >> way. This in turn then causes permission problems to occur. > > > >> > > > >> I'm at a loss as to what to look for to resolve this problem. > > > >> > > > >> Suggestions? > > > > > > > > I think you are building with umask 0027, so files are created with > no > > > > permissions for 'other' users. This should not affect the contents > of > > > > the platform-ec1c/packages/*.ipk files, or the contents of the > > > > platform-ec1c/root/ directory, or the contents of the > > > > platform-ec1c/images/root.* images, which should all contain files > with > > > > the correct permissions for the target. > > > > > > Correction: The platform-ec1c/root/ directory contents do not have th= e > > > correct ownership for the target, but the file mode bits should be > correct. > > > > > > > > I also thought that perhaps it was a umask issue, but as you can see > below, > > umask is 0022, which should be ok. > > The permission problem that I am having on the target is that > > systemd-networkd.service won't start because it can't read the > > configuration files below. These files are installed in systemd.make vi= a: > > > > ifdef PTXCONF_SYSTEMD_NETWORK > > @$(call install_tree, systemd, 0, 0, -, /usr/lib/systemd/networ= k) > > @$(call install_alternative_tree, systemd, 0, 0, > > /usr/lib/systemd/network) > > endif > > @$(call install_alternative, systemd, 0, 0, 0644, \ > > /usr/lib/systemd/network/99-default.link) > > Right, install_alternative_tree picks the source file permissions. The > question is, why are those incorrect? > > I've come across some issues with fakeroot and permissions elsewhere. Can > you run the attached script with the fakeroot from sysroot-host/ and send > the results? > > jringle@dev-atl-bamb01:/srv/gpec-build/rootfs/platform-ec1c/sysroot-host/bi= n$ ./fakeroot ~/fake-test fakeroot: preload library `libfakeroot.so' not found, aborting. jringle@dev-atl-bamb01:/srv/gpec-build/rootfs/platform-ec1c/sysroot-host/bi= n$ cd ../../.. jringle@dev-atl-bamb01:/srv/gpec-build/rootfs$ ptxdist bash [ptx] jringle@dev-atl-bamb01:/srv/gpec-build/rootfs$ which fakeroot /srv/gpec-build/rootfs/platform-ec1k/sysroot-host/bin/fakeroot [ptx] jringle@dev-atl-bamb01:/srv/gpec-build/rootfs$ fakeroot ~/fake-test -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty-a -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty-r # file: empty # owner: 0 # group: 0 user::rw- group::r-- other::r-- # file: empty-a # owner: 0 # group: 0 user::rw- group::r-- other::r-- # file: empty-r # owner: 0 # group: 0 user::rw- group::r-- other::r-- [ptx] jringle@dev-atl-bamb01:/srv/gpec-build/rootfs$ exit exit jringle@dev-atl-bamb01:/srv/gpec-build/rootfs$ which fakeroot /usr/bin/fakeroot jringle@dev-atl-bamb01:/srv/gpec-build/rootfs$ fakeroot ~/fake-test -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty-a -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty-r # file: empty # owner: 0 # group: 0 user::rw- group::r-- other::r-- # file: empty-a # owner: 0 # group: 0 user::rw- group::r-- other::r-- # file: empty-r # owner: 0 # group: 0 user::rw- group::r-- other::r-- --0000000000002f7152058254c1bb Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Wed, Feb 20, 2019 at = 9:42 AM Michael Olbrich <m.o= lbrich@pengutronix.de> wrote:
On Wed, Feb 20, 2019 at 09:= 09:18AM -0500, Jon Ringle wrote:
> On Wed, Feb 20, 2019 at 8:22 AM Ian Abbott <abbotti@mev.co.uk> wrote:
>
> > On 20/02/2019 13:17, Ian Abbott wrote:
> > > On 20/02/2019 00:59, Jon Ringle wrote:
> > >> I've got a strange permission problem when I build o= n our build server
> > >> that was recently updated from Ubuntu-14.04 to Ubuntu-16= .04.
> > >>
> > >> On our Ubuntu-16.04 server, on most of the platform/pack= ages/
> > >> subdirectories the packages are getting created with oth= er having no
> > >> permissions at all:
> > >>
> > >> rootfs/platform-ec1c/packages$ tree -d -L 1 -p
> > >> .
> > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---]=C2=A0 attr-2.4.= 47
> > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---]=C2=A0 avahi-0.7=
> > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---]=C2=A0 bash-4.3.= 30
> > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---]=C2=A0 boost_1_6= 7_0
> > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---]=C2=A0 busybox-1= .29.3
> > >> =E2=94=9C=E2=94=80=E2=94=80 [drwxr-x---]=C2=A0 coreutils= -8.29
> > >> ...
> > >>
> > >> This results in all files contained within those directo= ries to also
> > >> have no perms for other, and get installed on my target = in the same
> > >> way. This in turn then causes permission problems to occ= ur.
> > >>
> > >> I'm at a loss as to what to look for to resolve this= problem.
> > >>
> > >> Suggestions?
> > >
> > > I think you are building with umask 0027, so files are creat= ed with no
> > > permissions for 'other' users.=C2=A0 This should not= affect the contents of
> > > the platform-ec1c/packages/*.ipk files, or the contents of t= he
> > > platform-ec1c/root/ directory, or the contents of the
> > > platform-ec1c/images/root.* images, which should all contain= files with
> > > the correct permissions for the target.
> >
> > Correction: The platform-ec1c/root/ directory contents do not hav= e the
> > correct ownership for the target, but the file mode bits should b= e correct.
> >
> >
> I also thought that perhaps it was a umask issue, but as you can see b= elow,
> umask is 0022, which should be ok.
> The permission problem that I am having on the target is that
> systemd-networkd.service won't start because it can't read the=
> configuration files below. These files are installed in systemd.make v= ia:
>
> ifdef PTXCONF_SYSTEMD_NETWORK
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0@$(call install_tree, systemd, 0, 0, = -, /usr/lib/systemd/network)
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0@$(call install_alternative_tree, sys= temd, 0, 0,
> /usr/lib/systemd/network)
> endif
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0@$(call install_alternative, systemd,= 0, 0, 0644, \
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0/usr/lib/= systemd/network/99-default.link)

Right, install_alternative_tree picks the source file permissions. The
question is, why are those incorrect?

I've come across some issues with fakeroot and permissions elsewhere. C= an
you run the attached script with the fakeroot from sysroot-host/ and send the results?


jringle@dev-atl-bamb01:/srv/gpec-= build/rootfs/platform-ec1c/sysroot-host/bin$ ./fakeroot ~/fake-test=C2=A0
fakeroot: preload library `libfakeroot.so' not found, aborting= .
jringle@dev-atl-bamb01:/srv/gpec-build/rootfs/platform-ec1c/sys= root-host/bin$ cd ../../..
jringle@dev-atl-bamb01:/srv/gpec-build= /rootfs$ ptxdist bash
[ptx] jringle@dev-atl-bamb01:/srv/gpec-buil= d/rootfs$ which fakeroot
/srv/gpec-build/rootfs/platform-ec1k= /sysroot-host/bin/fakeroot
[ptx] jringle@dev-atl-bamb01:/srv/gpec= -build/rootfs$ fakeroot ~/fake-test=C2=A0
-rw-r--r-- 1 0 0 0 Feb = 20 15:08 empty
-rw-r--r-- 1 0 0 0 Feb 20 15:08 empty-a
= -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty-r
# file: empty
#= owner: 0
# group: 0
user::rw-
group::r--
other::r--

# file: empty-a
# owne= r: 0
# group: 0
user::rw-
group::r--
other::r--

# file: empty-r
# owner: 0<= /div>
# group: 0
user::rw-
group::r--
oth= er::r--

[ptx] jringle@dev-atl-bamb01:/srv/gpec-bui= ld/rootfs$ exit
exit
jringle@dev-atl-bamb01:/srv/gpec-b= uild/rootfs$ which fakeroot
/usr/bin/fakeroot
jringle@d= ev-atl-bamb01:/srv/gpec-build/rootfs$ fakeroot ~/fake-test=C2=A0
= -rw-r--r-- 1 0 0 0 Feb 20 15:08 empty
-rw-r--r-- 1 0 0 0 Feb 20 1= 5:08 empty-a
-rw-r--r-- 1 0 0 0 Feb 20 15:08 empty-r
# = file: empty
# owner: 0
# group: 0
user::rw-
group::r--
other::r--

# file: e= mpty-a
# owner: 0
# group: 0
user::rw-
<= div>group::r--
other::r--

# file: empty-= r
# owner: 0
# group: 0
user::rw-
g= roup::r--
other::r--

--0000000000002f7152058254c1bb-- --===============1767822940== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KcHR4ZGlzdCBt YWlsaW5nIGxpc3QKcHR4ZGlzdEBwZW5ndXRyb25peC5kZQ== --===============1767822940==--