yocto@lists.yoctoproject.org | Fixing [host-user-contaminated] warning

Home Messages Hashtags Subgroups

Date Date 1 - 4 of 4

Fixing [host-user-contaminated] warning

Umut #58342 Hi, I am working on a project that uses some proprietary layers from a 3rd party. These layers provide tar archives that include prebuilt binaries of some packages and these archives cause host-user-contaminated warnings. Since I only have the root user in my target system, and since I changed the UID/GID of my build user I assume it is not a false-positive. So, I dug a bit to find and resolve the issue and find the function that installs binaries. The function only extracts a tar archive to the ${D} directory with the command below, nothing else. No fakeroot, no management of ownership/permissions. tar -xjvf $prebuiltdir/${TARGET}/${PN}/${PN}-binaries.tar -C ${D} I tried various options of tar to extract these files with different UID and GID with no success. How can I solve this issue? I think it would be better if I patch the script to use the install command but I am not sure how can I integrate that kind of workflow with lots of tar archives that includes lots of subdirectories. P.S. : I use an LXC-based non-privileged ubuntu container in Proxmox VE as the build host. I don't know if it may affect something but wanted to mention it just in case. Best regards, Umut Ediz
More All Messages By This Member
Chuck Wolber #58343 On Sun, Oct 16, 2022 at 12:13 PM <umut@...> wrote: %< SNIP %< I tried various options of tar to extract these files with different UID and GID with no success. How can I solve this issue? I think it would be better if I patch the script to use the install command but I am not sure how can I integrate that kind of workflow with lots of tar archives that includes lots of subdirectories. You were unclear about which tar options you tried, so it makes me wonder if you tried --no-same-owner. I use that in a number of places in my builds and it works just fine. ..Ch:W.. -- "Perfection must be reached by degrees; she requires the slow hand of time." - Voltaire
More All Messages By This Member
Martin Jansa #58344 You can also chown the files after unpacking them (like in https://github.com/webOS-ports/meta-webos-ports/commit/9fd17a67cdbed92df13a14b002a189b4c6c2d442) toggle quoted message Show quoted text On Sun, Oct 16, 2022 at 9:13 PM <umut@...> wrote: Hi, I am working on a project that uses some proprietary layers from a 3rd party. These layers provide tar archives that include prebuilt binaries of some packages and these archives cause host-user-contaminated warnings. Since I only have the root user in my target system, and since I changed the UID/GID of my build user I assume it is not a false-positive. So, I dug a bit to find and resolve the issue and find the function that installs binaries. The function only extracts a tar archive to the ${D} directory with the command below, nothing else. No fakeroot, no management of ownership/permissions. tar -xjvf $prebuiltdir/${TARGET}/${PN}/${PN}-binaries.tar -C ${D} I tried various options of tar to extract these files with different UID and GID with no success. How can I solve this issue? I think it would be better if I patch the script to use the install command but I am not sure how can I integrate that kind of workflow with lots of tar archives that includes lots of subdirectories. P.S. : I use an LXC-based non-privileged ubuntu container in Proxmox VE as the build host. I don't know if it may affect something but wanted to mention it just in case. Best regards, Umut Ediz
More All Messages By This Member
Umut Ediz #58346 I also tried chown but I am getting permission errors. But I thought this should not be the case since these commands are running under fake root… But I found out this is not the case since these operations running in a custom task rather than do_install so fakeroot usage should be explicit, afaik. I tried to add fakeroot prefix to the related function and updated the task dependency but still I get permission errors. toggle quoted message Show quoted text On 16 Oct 2022, at 22:51, Martin Jansa <martin.jansa@...> wrote: You can also chown the files after unpacking them (like in https://github.com/webOS-ports/meta-webos-ports/commit/9fd17a67cdbed92df13a14b002a189b4c6c2d442) On Sun, Oct 16, 2022 at 9:13 PM <umut@...> wrote: Hi, I am working on a project that uses some proprietary layers from a 3rd party. These layers provide tar archives that include prebuilt binaries of some packages and these archives cause host-user-contaminated warnings. Since I only have the root user in my target system, and since I changed the UID/GID of my build user I assume it is not a false-positive. So, I dug a bit to find and resolve the issue and find the function that installs binaries. The function only extracts a tar archive to the ${D} directory with the command below, nothing else. No fakeroot, no management of ownership/permissions. tar -xjvf $prebuiltdir/${TARGET}/${PN}/${PN}-binaries.tar -C ${D} I tried various options of tar to extract these files with different UID and GID with no success. How can I solve this issue? I think it would be better if I patch the script to use the install command but I am not sure how can I integrate that kind of workflow with lots of tar archives that includes lots of subdirectories. P.S. : I use an LXC-based non-privileged ubuntu container in Proxmox VE as the build host. I don't know if it may affect something but wanted to mention it just in case. Best regards, Umut Ediz
More All Messages By This Member

1 - 4 of 4

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms