[PATCH v6 1/2] image.bbclass: add prohibited-paths QA test

[PATCH v6 1/2] image.bbclass: add prohibited-paths QA test

[Martyn Welch]

Sometimes we wish to ensure that files or directories are not installed
somewhere that may prove detrimental to the operation of the system. For
example, this may be the case if files are placed in a directory that is
utilised as a mount point at run time, thus making them inaccessible once
when the mount point is being utilised.

Implement the prohibited paths QA test, which enables such locations to be
specified in a "IMAGE_QA_PROHIBITED_PATHS" variable. This implementation
allows for a colon separated list of paths to be provided. Shell style
wildcards can be used.

Signed-off-by: Fabien Lahoudere <fabien.lahoudere@collabora.co.uk>
Signed-off-by: Martyn Welch <martyn.welch@collabora.com>
---

This patch series was submitted many years ago (2017!!!), but did not at
the time get applied. Finally submitting again.

Changes since v1:
 - Correcting author and SOB.

Changes since v2:
 - Reimplemented as image rather than package level QA test.
 - Changed variable from PROHIBITED_PATH to PROHIBITED_PATHS to better
   reflect its use.

Changes since v3:
 - Rename variable to IMAGE_QA_PROHIBITED_PATHS.
 - Use str.startswith().
 - Simplify if statement.

Changes since v4:
 - Move QA test to new class "image-insane.bbclass".

Changes since v5:
 - Port to latest version

 meta/classes/image-insane.bbclass | 20 ++++++++++++++++++++
 meta/classes/image.bbclass        |  1 +
 2 files changed, 21 insertions(+)
 create mode 100644 meta/classes/image-insane.bbclass

diff --git a/meta/classes/image-insane.bbclass b/meta/classes/image-insane.bbclass
new file mode 100644
index 0000000000..29935cf24c
--- /dev/null
+++ b/meta/classes/image-insane.bbclass
@@ -0,0 +1,20 @@
+python image_check_prohibited_paths () {
+    import glob
+    from oe.utils import ImageQAFailed
+
+    rootfs = d.getVar('IMAGE_ROOTFS')
+
+    path = (d.getVar('IMAGE_QA_PROHIBITED_PATHS') or "")
+    if path != "":
+        for p in path.split(':'):
+            if not p.startswith('/'):
+                raise ImageQAFailed("IMAGE_QA_PROHIBITED_PATHS \"%s\" must be an absolute path" % p, image_check_prohibited_paths)
+
+            match = glob.glob("%s%s" % (rootfs, p))
+            if match:
+                loc = ", ".join(item.replace(rootfs, '') for item in match)
+                raise ImageQAFailed("Match(es) for IMAGE_QA_PROHIBITED_PATHS \"%s\": %s" % (p, loc), image_check_prohibited_paths)
+}
+
+IMAGE_QA_COMMANDS += "image_check_prohibited_paths"
+
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 2fa69a40d1..4cb4360f98 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -15,6 +15,7 @@ IMGCLASSES += "${@bb.utils.contains('IMAGE_FSTYPES', 'container', 'image-contain
 IMGCLASSES += "image_types_wic"
 IMGCLASSES += "rootfs-postcommands"
 IMGCLASSES += "image-postinst-intercepts"
+IMGCLASSES += "image-insane"
 inherit ${IMGCLASSES}
 
 TOOLCHAIN_TARGET_TASK += "${PACKAGE_INSTALL}"
-- 
2.33.0

[PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Martyn Welch]

From: Martyn Welch <martyn.welch@collabora.co.uk>

Add a default IMAGE_QA_PROHIBIT_PATHS variable containing paths known to
be mounted in the default fstab, which are known mount points or
directories which should be populated at runtime.

Suggested-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Martyn Welch <martyn.welch@collabora.com>
---
Changes since v3:
 - This patch added.

 meta/classes/core-image.bbclass | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass
index 84fd3eeb38..33ab1c85de 100644
--- a/meta/classes/core-image.bbclass
+++ b/meta/classes/core-image.bbclass
@@ -63,6 +63,11 @@ IMAGE_FEATURES_REPLACES_ssh-server-openssh = "ssh-server-dropbear"
 # IMAGE_FEATURES_CONFLICTS_foo = 'bar1 bar2'
 # An error exception would be raised if both image features foo and bar1(or bar2) are included
 
+# IMAGE_QA_PROHIBITED_PATHS
+# Ensure images aren't including files in places that will be used as mount points or that are
+# reserved for runtime data.
+IMAGE_QA_PROHIBITED_PATHS ?= "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/run/*:/var/tmp/*:/var/volatile/*"
+
 MACHINE_HWCODECS ??= ""
 
 CORE_IMAGE_BASE_INSTALL = '\
-- 
2.33.0

Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Konrad Weihmann]

On 26.10.21 12:50, Martyn Welch wrote:
> From: Martyn Welch <martyn.welch@collabora.co.uk>
> 
> Add a default IMAGE_QA_PROHIBIT_PATHS variable containing paths known to
> be mounted in the default fstab, which are known mount points or
> directories which should be populated at runtime.
> 
> Suggested-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>

That can't be true - or the initial idea is very very old :-) pls use 
Alex's gmail instead

> Signed-off-by: Martyn Welch <martyn.welch@collabora.com>
> ---
> Changes since v3:
>   - This patch added.
> 
>   meta/classes/core-image.bbclass | 5 +++++
>   1 file changed, 5 insertions(+)
> 
> diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass
> index 84fd3eeb38..33ab1c85de 100644
> --- a/meta/classes/core-image.bbclass
> +++ b/meta/classes/core-image.bbclass
> @@ -63,6 +63,11 @@ IMAGE_FEATURES_REPLACES_ssh-server-openssh = "ssh-server-dropbear"
>   # IMAGE_FEATURES_CONFLICTS_foo = 'bar1 bar2'
>   # An error exception would be raised if both image features foo and bar1(or bar2) are included
>   
> +# IMAGE_QA_PROHIBITED_PATHS
> +# Ensure images aren't including files in places that will be used as mount points or that are
> +# reserved for runtime data.
> +IMAGE_QA_PROHIBITED_PATHS ?= "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/run/*:/var/tmp/*:/var/volatile/*"

I like the idea, but wouldn't make more sense to do that on a package 
level, as here the user is more or less left alone in guessing where the 
file actually does come from

> +
>   MACHINE_HWCODECS ??= ""
>   
>   CORE_IMAGE_BASE_INSTALL = '\
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#157378): https://lists.openembedded.org/g/openembedded-core/message/157378
> Mute This Topic: https://lists.openembedded.org/mt/86599458/3647476
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [kweihmann@outlook.com]
> -=-=-=-=-=-=-=-=-=-=-=-
> 

Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 453 bytes --]

On Tue, 26 Oct 2021 at 12:56, Konrad Weihmann <kweihmann@outlook.com> wrote:

> > Suggested-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
>
> That can't be true - or the initial idea is very very old :-) pls use
> Alex's gmail instead
>

I don't remember anything whatsoever about this, and a search in my gmail
for IMAGE_QA_PROHIBIT_PATHS yields nothing, so unless you can point to
where this was suggested, it's best to drop this :)

Alex

[-- Attachment #2: Type: text/html, Size: 986 bytes --]

Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 365 bytes --]

On Tue, 26 Oct 2021 at 12:56, Konrad Weihmann <kweihmann@outlook.com> wrote:

> I like the idea, but wouldn't make more sense to do that on a package
> level, as here the user is more or less left alone in guessing where the
> file actually does come from
>

Perhaps both. There can be all sorts of rootfs post-processing, and files
may slip in through that.

Alex

[-- Attachment #2: Type: text/html, Size: 736 bytes --]

Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Martyn Welch]

[-- Attachment #1: Type: text/plain, Size: 738 bytes --]

On Tue, 2021-10-26 at 13:01 +0200, Alexander Kanavin wrote:
> On Tue, 26 Oct 2021 at 12:56, Konrad Weihmann <kweihmann@outlook.com>
> wrote:
> > > Suggested-by: Alexander Kanavin
> > <alexander.kanavin@linux.intel.com>
> > 
> > That can't be true - or the initial idea is very very old :-) pls
> > use 
> > Alex's gmail instead
> 
> I don't remember anything whatsoever about this, and a search in my
> gmail for IMAGE_QA_PROHIBIT_PATHS yields nothing, so unless you can
> point to where this was suggested, it's best to drop this :)


I don't blame you - it has been sitting needing some attention long
enough that it didn't surprise me the email address is now not valid...

https://patchwork.openembedded.org/patch/146237/

> 
> Alex


[-- Attachment #2: Type: text/html, Size: 1686 bytes --]

Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Martyn Welch]

On Wed, 2021-10-27 at 16:43 +0000, Peter Kjellerstedt wrote:
> > -----Original Message-----
> > From: Martyn Welch <martyn.welch@collabora.com>
> > Sent: den 26 oktober 2021 17:32
> > To: Peter Kjellerstedt <peter.kjellerstedt@axis.com>; Konrad
> > Weihmann
> > <kweihmann@outlook.com>; OE-core <openembedded-
> > core@lists.openembedded.org>
> > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add
> > default
> > IMAGE_QA_PROHIBIT_PATHS variable
> > 
> > On Tue, 2021-10-26 at 14:59 +0000, Peter Kjellerstedt wrote:
> > > > -----Original Message-----
> > > > From: openembedded-core@lists.openembedded.org <openembedded-
> > > > core@lists.openembedded.org> On Behalf Of Konrad Weihmann
> > > > Sent: den 26 oktober 2021 13:24
> > > > To: Martyn Welch <martyn.welch@collabora.com>; OE-core
> > > > <openembedded-
> > > > core@lists.openembedded.org>
> > > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add
> > > > default
> > > > IMAGE_QA_PROHIBIT_PATHS variable
> > > > 
> > > > 
> > > > 
> > > > On 26.10.21 13:21, Martyn Welch wrote:
> > > > > Note to self - remember to reply to list...
> > > > > 
> > > > > -------- Forwarded Message --------
> > > > > From: Martyn Welch <martyn.welch@collabora.com>
> > > > > To: Konrad Weihmann <kweihmann@outlook.com>
> > > > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add
> > > > > default
> > > > > IMAGE_QA_PROHIBIT_PATHS variable
> > > > > Date: Tue, 26 Oct 2021 12:12:11 +0100
> > > > > 
> > > > > On Tue, 2021-10-26 at 12:56 +0200, Konrad Weihmann wrote:
> > > > > > 
> > > > > > 
> > > > > > On 26.10.21 12:50, Martyn Welch wrote:
> > 
> > <snip>
> > 
> > > > > > > +# IMAGE_QA_PROHIBITED_PATHS
> > > > > > > +# Ensure images aren't including files in places that
> > > > > > > will
> > > > > > > be used as mount points or that are
> > > > > > > +# reserved for runtime data.
> > > > > > > +IMAGE_QA_PROHIBITED_PATHS ?=
> > > > > > > "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/ru
> > > > > > > n/*:
> > > > > > > /var/tmp/*:/var/volatile/*"
> > > > > > 
> > > > > > I like the idea, but wouldn't make more sense to do that on
> > > > > > a
> > > > > > package
> > > > > > level, as here the user is more or less left alone in
> > > > > > guessing
> > > > > > where
> > > > > > the file actually does come from
> > > > > 
> > > > > I like that idea, however it would make to assumption that
> > > > > there
> > > > > wasn't
> > > > > any tweaks being made as part of image generation that would
> > > > > end
> > > > > up
> > > > > violating this. A quick check suggests the "build-appliance-
> > > > > image_15.0.0.bb" image does this kind of thing in the core
> > > > > image
> > > > > types.
> > > > 
> > > > As Alex just wrote, I might be beneficial to do both
> > > > 
> > > > > Martyn
> > > 
> > > We have an alternative solution that hooks into the package QA.
> > > It
> > > focuses on directories that are supposed to be empty. In addition
> > > to
> > > failing the build if there are files in such a directory, it also
> > > allows to specify for each directory why it should be empty. We
> > > have
> > > used this, e.g., to mark common directories that have been
> > > renamed
> > > to give an indication of where the files were supposed to have
> > > been
> > > installed.
> > > 
> > > Do you want me to generalize this and send a patch for it?
> > 
> > Hi Peter,
> > 
> > It would be great if we could merge these approaches, i.e. have one
> > way
> > to specify directories that need to be empty and test both as part
> > of
> > package QA and also image QA.
> > 
> > I was just working on adding some package QA support to what I've
> > had,
> > but can pause that.
> > 
> > Would you be able to provide show how you'd propose managing the
> > prohibited directories? I'll try and tweak the image QA stuff
> > already
> > posted to fit that.
> > 
> > Martyn
> > 
> > > //Peter
> 
> I have sent two patches now. The first makes systemd not install 
> anything in /var/log, as it otherwise conflicts with the suggested 
> defaults. And then one patch that adds the package QA check for 
> empty directories. I used the same defaults as suggested in your 
> patch, except I removed /mnt since it is not obvious it should be 
> empty. At least we use subdirectories in /mnt for our mountpoints.
> 

Thanks Peter,

Looks good to me. I'll adapt the mine to be an image QA test that
complements this.

Martyn

> //Peter
> 

RE: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Peter Kjellerstedt]

> -----Original Message-----
> From: Martyn Welch <martyn.welch@collabora.com>
> Sent: den 26 oktober 2021 17:32
> To: Peter Kjellerstedt <peter.kjellerstedt@axis.com>; Konrad Weihmann
> <kweihmann@outlook.com>; OE-core <openembedded-
> core@lists.openembedded.org>
> Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default
> IMAGE_QA_PROHIBIT_PATHS variable
> 
> On Tue, 2021-10-26 at 14:59 +0000, Peter Kjellerstedt wrote:
> > > -----Original Message-----
> > > From: openembedded-core@lists.openembedded.org <openembedded-
> > > core@lists.openembedded.org> On Behalf Of Konrad Weihmann
> > > Sent: den 26 oktober 2021 13:24
> > > To: Martyn Welch <martyn.welch@collabora.com>; OE-core
> > > <openembedded-
> > > core@lists.openembedded.org>
> > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add
> > > default
> > > IMAGE_QA_PROHIBIT_PATHS variable
> > >
> > >
> > >
> > > On 26.10.21 13:21, Martyn Welch wrote:
> > > > Note to self - remember to reply to list...
> > > >
> > > > -------- Forwarded Message --------
> > > > From: Martyn Welch <martyn.welch@collabora.com>
> > > > To: Konrad Weihmann <kweihmann@outlook.com>
> > > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add
> > > > default
> > > > IMAGE_QA_PROHIBIT_PATHS variable
> > > > Date: Tue, 26 Oct 2021 12:12:11 +0100
> > > >
> > > > On Tue, 2021-10-26 at 12:56 +0200, Konrad Weihmann wrote:
> > > > >
> > > > >
> > > > > On 26.10.21 12:50, Martyn Welch wrote:
> 
> <snip>
> 
> > > > > > +# IMAGE_QA_PROHIBITED_PATHS
> > > > > > +# Ensure images aren't including files in places that will
> > > > > > be used as mount points or that are
> > > > > > +# reserved for runtime data.
> > > > > > +IMAGE_QA_PROHIBITED_PATHS ?=
> > > > > > "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/run/*:
> > > > > > /var/tmp/*:/var/volatile/*"
> > > > >
> > > > > I like the idea, but wouldn't make more sense to do that on a
> > > > > package
> > > > > level, as here the user is more or less left alone in guessing
> > > > > where
> > > > > the file actually does come from
> > > >
> > > > I like that idea, however it would make to assumption that there
> > > > wasn't
> > > > any tweaks being made as part of image generation that would end
> > > > up
> > > > violating this. A quick check suggests the "build-appliance-
> > > > image_15.0.0.bb" image does this kind of thing in the core image
> > > > types.
> > >
> > > As Alex just wrote, I might be beneficial to do both
> > >
> > > > Martyn
> >
> > We have an alternative solution that hooks into the package QA. It
> > focuses on directories that are supposed to be empty. In addition to
> > failing the build if there are files in such a directory, it also
> > allows to specify for each directory why it should be empty. We have
> > used this, e.g., to mark common directories that have been renamed
> > to give an indication of where the files were supposed to have been
> > installed.
> >
> > Do you want me to generalize this and send a patch for it?
> 
> Hi Peter,
> 
> It would be great if we could merge these approaches, i.e. have one way
> to specify directories that need to be empty and test both as part of
> package QA and also image QA.
> 
> I was just working on adding some package QA support to what I've had,
> but can pause that.
> 
> Would you be able to provide show how you'd propose managing the
> prohibited directories? I'll try and tweak the image QA stuff already
> posted to fit that.
> 
> Martyn
> 
> > //Peter

I have sent two patches now. The first makes systemd not install 
anything in /var/log, as it otherwise conflicts with the suggested 
defaults. And then one patch that adds the package QA check for 
empty directories. I used the same defaults as suggested in your 
patch, except I removed /mnt since it is not obvious it should be 
empty. At least we use subdirectories in /mnt for our mountpoints.

//Peter

Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Martyn Welch]

On Tue, 2021-10-26 at 14:59 +0000, Peter Kjellerstedt wrote:
> > -----Original Message-----
> > From: openembedded-core@lists.openembedded.org <openembedded-
> > core@lists.openembedded.org> On Behalf Of Konrad Weihmann
> > Sent: den 26 oktober 2021 13:24
> > To: Martyn Welch <martyn.welch@collabora.com>; OE-core
> > <openembedded-
> > core@lists.openembedded.org>
> > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add
> > default
> > IMAGE_QA_PROHIBIT_PATHS variable
> > 
> > 
> > 
> > On 26.10.21 13:21, Martyn Welch wrote:
> > > Note to self - remember to reply to list...
> > > 
> > > -------- Forwarded Message --------
> > > From: Martyn Welch <martyn.welch@collabora.com>
> > > To: Konrad Weihmann <kweihmann@outlook.com>
> > > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add
> > > default
> > > IMAGE_QA_PROHIBIT_PATHS variable
> > > Date: Tue, 26 Oct 2021 12:12:11 +0100
> > > 
> > > On Tue, 2021-10-26 at 12:56 +0200, Konrad Weihmann wrote:
> > > > 
> > > > 
> > > > On 26.10.21 12:50, Martyn Welch wrote:

<snip>

> > > > > +# IMAGE_QA_PROHIBITED_PATHS
> > > > > +# Ensure images aren't including files in places that will
> > > > > be used as mount points or that are
> > > > > +# reserved for runtime data.
> > > > > +IMAGE_QA_PROHIBITED_PATHS ?=
> > > > > "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/run/*:
> > > > > /var/tmp/*:/var/volatile/*"
> > > > 
> > > > I like the idea, but wouldn't make more sense to do that on a
> > > > package
> > > > level, as here the user is more or less left alone in guessing
> > > > where
> > > > the file actually does come from
> > > 
> > > I like that idea, however it would make to assumption that there
> > > wasn't
> > > any tweaks being made as part of image generation that would end
> > > up
> > > violating this. A quick check suggests the "build-appliance-
> > > image_15.0.0.bb" image does this kind of thing in the core image
> > > types.
> > 
> > As Alex just wrote, I might be beneficial to do both
> > 
> > > Martyn
> 
> We have an alternative solution that hooks into the package QA. It 
> focuses on directories that are supposed to be empty. In addition to 
> failing the build if there are files in such a directory, it also 
> allows to specify for each directory why it should be empty. We have 
> used this, e.g., to mark common directories that have been renamed 
> to give an indication of where the files were supposed to have been 
> installed.
> 
> Do you want me to generalize this and send a patch for it?
> 

Hi Peter,

It would be great if we could merge these approaches, i.e. have one way
to specify directories that need to be empty and test both as part of
package QA and also image QA.

I was just working on adding some package QA support to what I've had,
but can pause that.

Would you be able to provide show how you'd propose managing the
prohibited directories? I'll try and tweak the image QA stuff already
posted to fit that.

Martyn

> //Peter
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#157397):
> https://lists.openembedded.org/g/openembedded-core/message/157397
> Mute This Topic: https://lists.openembedded.org/mt/86599458/6512429
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe:
> https://lists.openembedded.org/g/openembedded-core/unsub [
> martyn.welch@collabora.com]
> -=-=-=-=-=-=-=-=-=-=-=-
> 

RE: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Peter Kjellerstedt]

> -----Original Message-----
> From: openembedded-core@lists.openembedded.org <openembedded-
> core@lists.openembedded.org> On Behalf Of Konrad Weihmann
> Sent: den 26 oktober 2021 13:24
> To: Martyn Welch <martyn.welch@collabora.com>; OE-core <openembedded-
> core@lists.openembedded.org>
> Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default
> IMAGE_QA_PROHIBIT_PATHS variable
> 
> 
> 
> On 26.10.21 13:21, Martyn Welch wrote:
> > Note to self - remember to reply to list...
> >
> > -------- Forwarded Message --------
> > From: Martyn Welch <martyn.welch@collabora.com>
> > To: Konrad Weihmann <kweihmann@outlook.com>
> > Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default
> > IMAGE_QA_PROHIBIT_PATHS variable
> > Date: Tue, 26 Oct 2021 12:12:11 +0100
> >
> > On Tue, 2021-10-26 at 12:56 +0200, Konrad Weihmann wrote:
> >>
> >>
> >> On 26.10.21 12:50, Martyn Welch wrote:
> >>> From: Martyn Welch <martyn.welch@collabora.co.uk>
> >>>
> >>> Add a default IMAGE_QA_PROHIBIT_PATHS variable containing paths
> >>> known to
> >>> be mounted in the default fstab, which are known mount points or
> >>> directories which should be populated at runtime.
> >>>
> >>> Suggested-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
> >>
> >> That can't be true - or the initial idea is very very old :-) pls use
> >> Alex's gmail instead
> >
> > It's a very old patch series, originally posted in 2017 (as mentioned
> > in patch 1/2). Just noticed it never got applied...
> >
> >>> +# IMAGE_QA_PROHIBITED_PATHS
> >>> +# Ensure images aren't including files in places that will be used as mount points or that are
> >>> +# reserved for runtime data.
> >>> +IMAGE_QA_PROHIBITED_PATHS ?= "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/run/*:/var/tmp/*:/var/volatile/*"
> >>
> >> I like the idea, but wouldn't make more sense to do that on a package
> >> level, as here the user is more or less left alone in guessing where
> >> the file actually does come from
> >
> > I like that idea, however it would make to assumption that there wasn't
> > any tweaks being made as part of image generation that would end up
> > violating this. A quick check suggests the "build-appliance-
> > image_15.0.0.bb" image does this kind of thing in the core image types.
> 
> As Alex just wrote, I might be beneficial to do both
> 
> > Martyn

We have an alternative solution that hooks into the package QA. It 
focuses on directories that are supposed to be empty. In addition to 
failing the build if there are files in such a directory, it also 
allows to specify for each directory why it should be empty. We have 
used this, e.g., to mark common directories that have been renamed 
to give an indication of where the files were supposed to have been 
installed.

Do you want me to generalize this and send a patch for it?

//Peter

Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable

[Konrad Weihmann]

On 26.10.21 13:21, Martyn Welch wrote:
> Note to self - remember to reply to list...
> 
> -------- Forwarded Message --------
> From: Martyn Welch <martyn.welch@collabora.com>
> To: Konrad Weihmann <kweihmann@outlook.com>
> Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default
> IMAGE_QA_PROHIBIT_PATHS variable
> Date: Tue, 26 Oct 2021 12:12:11 +0100
> 
> On Tue, 2021-10-26 at 12:56 +0200, Konrad Weihmann wrote:
>>
>>
>> On 26.10.21 12:50, Martyn Welch wrote:
>>> From: Martyn Welch <martyn.welch@collabora.co.uk>
>>>
>>> Add a default IMAGE_QA_PROHIBIT_PATHS variable containing paths
>>> known to
>>> be mounted in the default fstab, which are known mount points or
>>> directories which should be populated at runtime.
>>>
>>> Suggested-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
>>
>> That can't be true - or the initial idea is very very old :-) pls use
>> Alex's gmail instead
> 
> It's a very old patch series, originally posted in 2017 (as mentioned
> in patch 1/2). Just noticed it never got applied...
> 
>>> +# IMAGE_QA_PROHIBITED_PATHS
>>> +# Ensure images aren't including files in places that will be used
>>> as mount points or that are
>>> +# reserved for runtime data.
>>> +IMAGE_QA_PROHIBITED_PATHS ?=
>>> "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/run/*:/var/t
>>> mp/*:/var/volatile/*"
>>
>> I like the idea, but wouldn't make more sense to do that on a package
>> level, as here the user is more or less left alone in guessing where
>> the
>> file actually does come from
> 
> I like that idea, however it would make to assumption that there wasn't
> any tweaks being made as part of image generation that would end up
> violating this. A quick check suggests the "build-appliance-
> image_15.0.0.bb" image does this kind of thing in the core image types.
> 

As Alex just wrote, I might be beneficial to do both

> Martyn
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#157387): https://lists.openembedded.org/g/openembedded-core/message/157387
> Mute This Topic: https://lists.openembedded.org/mt/86599458/3647476
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [kweihmann@outlook.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>