summaryrefslogtreecommitdiff
path: root/meta
diff options
context:
space:
mode:
Diffstat (limited to 'meta')
-rw-r--r--meta/classes/package.bbclass253
-rw-r--r--meta/files/fs-perms.txt69
2 files changed, 312 insertions, 10 deletions
diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass
index 8f91c95ca..0161c6805 100644
--- a/meta/classes/package.bbclass
+++ b/meta/classes/package.bbclass
@@ -16,24 +16,26 @@
# d) split_and_strip_files - split the files into runtime and debug and strip them.
# Debug files include debug info split, and associated sources that end up in -dbg packages
#
-# e) populate_packages - Split the files in PKGD into separate packages in PKGDEST/<pkgname>
+# e) fixup_perms - Fix up permissions in the package before we split it.
+#
+# f) populate_packages - Split the files in PKGD into separate packages in PKGDEST/<pkgname>
# Also triggers the binary stripping code to put files in -dbg packages.
#
-# f) package_do_filedeps - Collect perfile run-time dependency metadata
+# g) package_do_filedeps - Collect perfile run-time dependency metadata
# The data is stores in FILER{PROVIDES,DEPENDS}_file_pkg variables with
# a list of affected files in FILER{PROVIDES,DEPENDS}FLIST_pkg
#
-# g) package_do_shlibs - Look at the shared libraries generated and autotmatically add any
+# h) package_do_shlibs - Look at the shared libraries generated and autotmatically add any
# depenedencies found. Also stores the package name so anyone else using this library
# knows which package to depend on.
#
-# h) package_do_pkgconfig - Keep track of which packages need and provide which .pc files
+# i) package_do_pkgconfig - Keep track of which packages need and provide which .pc files
#
-# i) read_shlibdeps - Reads the stored shlibs information into the metadata
+# j) read_shlibdeps - Reads the stored shlibs information into the metadata
#
-# j) package_depchains - Adds automatic dependencies to -dbg and -dev packages
+# k) package_depchains - Adds automatic dependencies to -dbg and -dev packages
#
-# k) emit_pkgdata - saves the packaging data into PKGDATA_DIR for use in later
+# l) emit_pkgdata - saves the packaging data into PKGDATA_DIR for use in later
# packaging steps
inherit packagedata
@@ -237,7 +239,7 @@ def splitfile2(debugsrcdir, d):
# We need to ignore files that are not actually ours
# we do this by only paying attention to items from this package
processdebugsrc += "fgrep -z '%s' | "
- processdebugsrc += "(cd '%s' ; cpio -pd0mL '%s%s' 2>/dev/null)"
+ processdebugsrc += "(cd '%s' ; cpio -pd0mL --no-preserve-owner '%s%s' 2>/dev/null)"
os.system(processdebugsrc % (sourcefile, workbasedir, workparentdir, dvar, debugsrcdir))
@@ -410,10 +412,239 @@ python perform_packagecopy () {
os.system('tar -cf - -C %s -ps . | tar -xf - -C %s' % (dest, dvar))
}
+# We generate a master list of directories to process, we start by
+# seeding this list with reasonable defaults, then load from
+# the fs-perms.txt files
+python fixup_perms () {
+ import os, pwd, grp
+
+ # init using a string with the same format as a line as documented in
+ # the fs-perms.txt file
+ # <path> <mode> <uid> <gid> <walk> <fmode> <fuid> <fgid>
+ # <path> link <link target>
+ #
+ # __str__ can be used to print out an entry in the input format
+ #
+ # if fs_perms_entry.path is None:
+ # an error occured
+ # if fs_perms_entry.link, you can retrieve:
+ # fs_perms_entry.path = path
+ # fs_perms_entry.link = target of link
+ # if not fs_perms_entry.link, you can retrieve:
+ # fs_perms_entry.path = path
+ # fs_perms_entry.mode = expected dir mode or None
+ # fs_perms_entry.uid = expected uid or -1
+ # fs_perms_entry.gid = expected gid or -1
+ # fs_perms_entry.walk = 'true' or something else
+ # fs_perms_entry.fmode = expected file mode or None
+ # fs_perms_entry.fuid = expected file uid or -1
+ # fs_perms_entry_fgid = expected file gid or -1
+ class fs_perms_entry():
+ def __init__(self, line):
+ lsplit = line.split()
+ if len(lsplit) == 3 and lsplit[1].lower() == "link":
+ self._setlink(lsplit[0], lsplit[2])
+ elif len(lsplit) == 8:
+ self._setdir(lsplit[0], lsplit[1], lsplit[2], lsplit[3], lsplit[4], lsplit[5], lsplit[6], lsplit[7])
+ else:
+ bb.error("Fixup Perms: invalid config line %s" % line)
+ self.path = None
+ self.link = None
+
+ def _setdir(self, path, mode, uid, gid, walk, fmode, fuid, fgid):
+ self.path = os.path.normpath(path)
+ self.link = None
+ self.mode = self._procmode(mode)
+ self.uid = self._procuid(uid)
+ self.gid = self._procgid(gid)
+ self.walk = walk.lower()
+ self.fmode = self._procmode(fmode)
+ self.fuid = self._procuid(fuid)
+ self.fgid = self._procgid(fgid)
+
+ def _setlink(self, path, link):
+ self.path = os.path.normpath(path)
+ self.link = link
+
+ def _procmode(self, mode):
+ if not mode or (mode and mode == "-"):
+ return None
+ else:
+ return int(mode,8)
+
+ # Note uid/gid -1 has special significance in os.chown
+ def _procuid(self, uid):
+ if uid is None or uid == "-":
+ return -1
+ elif uid.isdigit():
+ return int(uid)
+ else:
+ return pwd.getpwnam(uid).pw_uid
+
+ def _procgid(self, gid):
+ if gid is None or gid == "-":
+ return -1
+ elif gid.isdigit():
+ return int(gid)
+ else:
+ return grp.getgrnam(gid).gr_gid
+
+ # Use for debugging the entries
+ def __str__(self):
+ if self.link:
+ return "%s link %s" % (self.path, self.link)
+ else:
+ mode = "-"
+ if self.mode:
+ mode = "0%o" % self.mode
+ fmode = "-"
+ if self.fmode:
+ fmode = "0%o" % self.fmode
+ uid = self._mapugid(self.uid)
+ gid = self._mapugid(self.gid)
+ fuid = self._mapugid(self.fuid)
+ fgid = self._mapugid(self.fgid)
+ return "%s %s %s %s %s %s %s %s" % (self.path, mode, uid, gid, self.walk, fmode, fuid, fgid)
+
+ def _mapugid(self, id):
+ if id is None or id == -1:
+ return "-"
+ else:
+ return "%d" % id
+
+ # Fix the permission, owner and group of path
+ def fix_perms(path, mode, uid, gid, dir):
+ if mode:
+ #bb.note("Fixup Perms: chmod 0%o %s" % (mode, dir))
+ os.chmod(path, mode)
+ # -1 is a special value that means don't change the uid/gid
+ # if they are BOTH -1, don't bother to chown
+ if not (uid == -1 and gid == -1):
+ #bb.note("Fixup Perms: chown %d:%d %s" % (uid, gid, dir))
+ os.chown(path, uid, gid)
+
+ # Return a list of configuration files based on either the default
+ # files/fs-perms.txt or the contents of FILESYSTEM_PERMS_TABLES
+ # paths are resolved via BBPATH
+ def get_fs_perms_list(d):
+ str = ""
+ fs_perms_tables = bb.data.getVar('FILESYSTEM_PERMS_TABLES', d, True)
+ if not fs_perms_tables:
+ fs_perms_tables = 'files/fs-perms.txt'
+ for conf_file in fs_perms_tables.split():
+ str += " %s" % bb.which(bb.data.getVar('BBPATH', d, True), conf_file)
+ return str
+
+
+
+ dvar = bb.data.getVar('PKGD', d, True)
+
+ fs_perms_table = {}
+
+ # By default all of the standard directories specified in
+ # bitbake.conf will get 0755 root:root.
+ target_path_vars = [ 'base_prefix',
+ 'prefix',
+ 'exec_prefix',
+ 'base_bindir',
+ 'base_sbindir',
+ 'base_libdir',
+ 'datadir',
+ 'sysconfdir',
+ 'servicedir',
+ 'sharedstatedir',
+ 'localstatedir',
+ 'infodir',
+ 'mandir',
+ 'docdir',
+ 'bindir',
+ 'sbindir',
+ 'libexecdir',
+ 'libdir',
+ 'includedir',
+ 'oldincludedir' ]
+
+ for path in target_path_vars:
+ dir = bb.data.getVar(path, d, True) or ""
+ if dir == "":
+ continue
+ fs_perms_table[dir] = fs_perms_entry(bb.data.expand("%s 0755 root root false - - -" % (dir), d))
+
+ # Now we actually load from the configuration files
+ for conf in get_fs_perms_list(d).split():
+ if os.path.exists(conf):
+ f = open(conf)
+ for line in f:
+ if line.startswith('#'):
+ continue
+ lsplit = line.split()
+ if len(lsplit) == 0:
+ continue
+ if len(lsplit) != 8 and not (len(lsplit) == 3 and lsplit[1].lower() == "link"):
+ bb.error("Fixup perms: %s invalid line: %s" % (conf, line))
+ continue
+ entry = fs_perms_entry(bb.data.expand(line, d))
+ if entry and entry.path:
+ fs_perms_table[entry.path] = entry
+ f.close()
+
+ # Debug -- list out in-memory table
+ #for dir in fs_perms_table:
+ # bb.note("Fixup Perms: %s: %s" % (dir, str(fs_perms_table[dir])))
+
+ # We process links first, so we can go back and fixup directory ownership
+ # for any newly created directories
+ for dir in fs_perms_table:
+ if not fs_perms_table[dir].link:
+ continue
+
+ origin = dvar + dir
+ if not (os.path.exists(origin) and os.path.isdir(origin) and not os.path.islink(origin)):
+ continue
+
+ link = fs_perms_table[dir].link
+ if link[0] == "/":
+ target = dvar + link
+ ptarget = link
+ else:
+ target = os.path.join(os.path.dirname(origin), link)
+ ptarget = os.path.join(os.path.dirname(dir), link)
+ if os.path.exists(target):
+ bb.error("Fixup Perms: Unable to correct directory link, target already exists: %s -> %s" % (dir, ptarget))
+ continue
+
+ # Create path to move directory to, move it, and then setup the symlink
+ bb.mkdirhier(os.path.dirname(target))
+ #bb.note("Fixup Perms: Rename %s -> %s" % (dir, ptarget))
+ os.rename(origin, target)
+ #bb.note("Fixup Perms: Link %s -> %s" % (dir, link))
+ os.symlink(link, origin)
+
+ for dir in fs_perms_table:
+ if fs_perms_table[dir].link:
+ continue
+
+ origin = dvar + dir
+ if not (os.path.exists(origin) and os.path.isdir(origin)):
+ continue
+
+ fix_perms(origin, fs_perms_table[dir].mode, fs_perms_table[dir].uid, fs_perms_table[dir].gid, dir)
+
+ if fs_perms_table[dir].walk == 'true':
+ for root, dirs, files in os.walk(origin):
+ for dr in dirs:
+ each_dir = os.path.join(root, dr)
+ fix_perms(each_dir, fs_perms_table[dir].mode, fs_perms_table[dir].uid, fs_perms_table[dir].gid, dir)
+ for f in files:
+ each_file = os.path.join(root, f)
+ fix_perms(each_file, fs_perms_table[dir].fmode, fs_perms_table[dir].fuid, fs_perms_table[dir].fgid, dir)
+}
+
python split_and_strip_files () {
import commands, stat, errno
dvar = bb.data.getVar('PKGD', d, True)
+ pn = bb.data.getVar('PN', d, True)
# We default to '.debug' style
if bb.data.getVar('PACKAGE_DEBUG_SPLIT_STYLE', d, True) == 'debug-file-directory':
@@ -551,7 +782,7 @@ python split_and_strip_files () {
if file_list[file].startswith("ELF: "):
elf_file = int(file_list[file][5:])
if elf_file & 2:
- bb.warn("File '%s' was already stripped, this will prevent future debugging!" % (src))
+ bb.warn("File '%s' from %s was already stripped, this will prevent future debugging!" % (src, pn))
continue
# Split the file...
@@ -690,7 +921,7 @@ python populate_packages () {
unshipped.append(path)
if unshipped != []:
- bb.warn("the following files were installed but not shipped in any package:")
+ bb.warn("the following files were installed but not shipped in any package: %s" % pn)
for f in unshipped:
bb.warn(" " + f)
@@ -1373,6 +1604,7 @@ PACKAGEFUNCS ?= "package_get_auto_pr \
${PACKAGE_PREPROCESS_FUNCS} \
package_do_split_locales \
split_and_strip_files \
+ fixup_perms \
populate_packages \
package_do_filedeps \
package_do_shlibs \
@@ -1400,6 +1632,7 @@ python do_package () {
for f in (bb.data.getVar('PACKAGEFUNCS', d, True) or '').split():
bb.build.exec_func(f, d)
}
+
do_package[dirs] = "${SHLIBSWORKDIR} ${PKGDESTWORK} ${D}"
addtask package before do_build after do_install
diff --git a/meta/files/fs-perms.txt b/meta/files/fs-perms.txt
new file mode 100644
index 000000000..f5a2b696e
--- /dev/null
+++ b/meta/files/fs-perms.txt
@@ -0,0 +1,69 @@
+# This file contains a list of files and directories with known permissions.
+# It is used by the packaging class to ensure that the permissions, owners and
+# group of listed files and directories are in sync across the system.
+#
+# The format of this file
+#
+#<path> <mode> <uid> <gid> <walk> <fmode> <fuid> <fgid>
+#
+# or
+#
+#<path> link <target>
+#
+# <path>: directory path
+# <mode>: mode for directory
+# <uid>: uid for directory
+# <gid>: gid for directory
+# <walk>: recursively walk the directory? true or false
+# <fmode>: if walking, new mode for files
+# <fuid>: if walking, new uid for files
+# <fgid>: if walking, new gid for files
+# <target>: turn the directory into a symlink point to target
+#
+# in mode, uid or gid, a "-" means don't change any existing values
+#
+# /usr/src 0755 root root false - - -
+# /usr/share/man 0755 root root true 0644 root root
+
+# Note: all standard config directories are automatically assigned "0755 root root false - - -"
+
+# Documentation should always be corrected
+${mandir} 0755 root root true 0644 root root
+${infodir} 0755 root root true 0644 root root
+${docdir} 0755 root root true 0644 root root
+${datadir}/gtk-doc 0755 root root true 0644 root root
+
+# Fixup locales
+${datadir}/locale 0755 root root true 0644 root root
+
+# Cleanup headers
+${includedir} 0755 root root true 0644 root root
+${oldincludedir} 0755 root root true 0644 root root
+
+# Cleanup debug src
+/usr/src/debug 0755 root root true 0644 root root
+
+# Items from base-files
+# Links
+${localstatedir}/cache link volatile/cache
+${localstatedir}/run link volatile/run
+${localstatedir}/log link volatile/log
+${localstatedir}/lock link volatile/lock
+${localstatedir}/tmp link volatile/tmp
+
+# Special permissions from base-files
+# Set 1777
+/tmp 01777 root root false - - -
+${localstatedir}/volatile/lock 01777 root root false - - -
+${localstatedir}/volatile/tmp 01777 root root false - - -
+
+# Set 2775
+/home 02755 root root false - - -
+${prefix}/src 02755 root root false - - -
+${localstatedir}/local 02755 root root false - - -
+
+# Set 3755
+/srv 0755 root root false - - -
+
+# Set 4775
+/var/mail 02755 root root false - - -