[OE-core] host-user-contaminated QA check
Enrico Scholz
enrico.scholz at sigma-chemnitz.de
Thu Feb 2 17:49:25 UTC 2017
Patrick Ohly <patrick.ohly-ral2JQCrhuEAvxtiuMwx3w at public.gmane.org>
writes:
> Recently the host-user-contaminated QA check triggered for the trousers
> recipe in meta-security:
>
> WARNING: trousers-0.3.14+gitAUTOINC+4b9a70d578-r0 do_package_qa: QA Issue: trousers: /trousers/etc/tcsd.conf is owned by uid 1000, which is the same as the user running bitbake. This may be due to host contamination [host-user-contaminated]
>
> However, that's a false positive in this case. UID 1000 got assigned to
> the "tss" user in the target sysroot during the build, and tcsd.conf is
> correctly and intentionally owned by that user because tcsd checks
> ownership and refuses to start when owned by someone else (including
> root). It just happened that the UID was the same.
>
> This is likely to affect all recipes with files owned by dynamically
> created users, in particular when the host system assigns UIDs from the
> same range as the target system (quick poll: who else has 1000 as his
> UID on his main Linux box? ;-)
Usually, this can not happen. There is reserved a range for dynamically
created users (standard says 100-499, some distributions use 100-999).
In this case, there is probably some '--system' flag missing when the
'tss' user is created (--> packaging bug).
Enrico
--
SIGMA Chemnitz GmbH Registergericht: Amtsgericht Chemnitz HRB 1750
Am Erlenwald 13 Geschaeftsfuehrer: Grit Freitag, Frank Pyritz
09128 Chemnitz
More information about the Openembedded-core
mailing list