| Message ID | 20211026102234.3961636-11-alex.bennee@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | testing, plugins and gdbstub for 6.2 | expand |
On 10/26/21 3:22 AM, Alex Bennée wrote: > This is a bit of a band-aid against hand-built images that have been > accidentally polluted by a user build. All images pulled from the > registry shouldn't have the user defined. I believe that I've fixed the images currently uploaded. I think we ought to totally rewrite now we add users to images. I don't think we can reasonably layer one image upon another without getting the user added at an intermediate image. At present the only way to do this is NOCACHE=1 NOUSER=1, so that all of the intermediate images are also rebuilt, and also force nouser. Does this patch really help in the meantime? r~
Richard Henderson <richard.henderson@linaro.org> writes: > On 10/26/21 3:22 AM, Alex Bennée wrote: >> This is a bit of a band-aid against hand-built images that have been >> accidentally polluted by a user build. All images pulled from the >> registry shouldn't have the user defined. > > I believe that I've fixed the images currently uploaded. > > I think we ought to totally rewrite now we add users to images. I > don't think we can reasonably layer one image upon another without > getting the user added at an intermediate image. We could just force NOUSER=1 on the base images. The only images users will actually want with their IDs are the final ones anyway. I'll drop this patch from the upcoming PR and see if I can rework stuff. > At present the only > way to do this is NOCACHE=1 NOUSER=1, so that all of the intermediate > images are also rebuilt, and also force nouser. > > Does this patch really help in the meantime? > > > r~ -- Alex Bennée
diff --git a/tests/docker/docker.py b/tests/docker/docker.py index 78dd13171e..5eadf0bb7b 100755 --- a/tests/docker/docker.py +++ b/tests/docker/docker.py @@ -336,7 +336,7 @@ def build_image(self, tag, docker_dir, dockerfile, uid = os.getuid() uname = getpwuid(uid).pw_name tmp_df.write("\n") - tmp_df.write("RUN id %s 2>/dev/null || useradd -u %d -U %s" % + tmp_df.write("RUN id %s 2>/dev/null || useradd -o -u %d -U %s" % (uname, uid, uname)) tmp_df.write("\n") @@ -590,7 +590,7 @@ def run(self, args, argv): uid = os.getuid() uname = getpwuid(uid).pw_name df.write("\n") - df.write("RUN id %s 2>/dev/null || useradd -u %d -U %s" % + df.write("RUN id %s 2>/dev/null || useradd -o -u %d -U %s" % (uname, uid, uname)) df_bytes = BytesIO(bytes(df.getvalue(), "UTF-8"))
This is a bit of a band-aid against hand-built images that have been accidentally polluted by a user build. All images pulled from the registry shouldn't have the user defined. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> --- tests/docker/docker.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- 2.30.2