| Message ID | 20230817191202.1565879-1-JPEWhacker@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [RFC,v2] sstatesig: Add ACL and XATTR data to outhash | expand |
On Thu, 2023-08-17 at 13:12 -0600, Joshua Watt wrote: > Records the ACL and (some) extended attributes in the outhash > > Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> > --- > NOTE: This requires ACL and XATTR support from bitbake > > V2: Filter ACLs to not duplicate the stat mode (since that also does > extra filtering) I put this into testing as I was curious: https://autobuilder.yoctoproject.org/typhoon/#/builders/154/builds/374/steps/12/logs/stdio and more. I've not looked into what went wrong. Cheers, Richard
On Fri, Aug 18, 2023 at 1:20 AM Richard Purdie <richard.purdie@linuxfoundation.org> wrote: > > On Thu, 2023-08-17 at 13:12 -0600, Joshua Watt wrote: > > Records the ACL and (some) extended attributes in the outhash > > > > Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> > > --- > > NOTE: This requires ACL and XATTR support from bitbake > > > > V2: Filter ACLs to not duplicate the stat mode (since that also does > > extra filtering) > > I put this into testing as I was curious: oops, sorry. That's a pretty simple fix; I'll send a V3 in a bit > > https://autobuilder.yoctoproject.org/typhoon/#/builders/154/builds/374/steps/12/logs/stdio > > and more. I've not looked into what went wrong. > > Cheers, > > Richard
diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py index 633a0fd4502..1a11c8414ef 100644 --- a/meta/lib/oe/sstatesig.py +++ b/meta/lib/oe/sstatesig.py @@ -478,6 +478,8 @@ def OEOuthashBasic(path, sigfile, task, d): import grp import re import fnmatch + import bb.xattr + import bb.acl def update_hash(s): s = s.encode('utf-8') @@ -640,6 +642,46 @@ def OEOuthashBasic(path, sigfile, task, d): update_hash("\n") + def filter_acl(entry): + # Skip owner user, owner group, and other tags. These are + # covered by the stat permissions above + if entry.tag in (bb.acl.ACL_USER_OBJ, bb.acl.ACL_GROUP_OBJ, bb.acl.ACL_OTHER): + return False + return True + + def add_acl(path, typ, name): + acl = bb.acl.ACL.from_path(path, typ) + entries = [e for e in acl.entries() if filter_acl(e)] + if entries: + update_hash(name) + update_hash(":\n") + entries.sort(key=lambda x: (x.tag, x.qualifier, x.mode)) + for e in entries: + update_hash(str(e)) + update_hash("\n") + + def filter_xattr(name): + # ACLs are handled above + if name == "system.posix_acl_access": + return False + if name == "system.posix_acl_default": + return False + return True + + # libacl always follows symlinks, so skip them + if not stat.S_ISLNK(s.st_mode): + add_acl(path, bb.acl.ACL_TYPE_ACCESS, "ACL") + if stat.S_ISDIR(s.st_mode): + add_acl(path, bb.acl.ACL_TYPE_DEFAULT, "Default ACL") + + attrs = bb.xattr.get_all_xattr(path, follow=False) + # Ignore ACLs; those are covered above + attrs = {k: v for k, v in attrs.items() if filter_xattr(k)} + if attrs: + update_hash("XATTR:\n") + for k, v in attrs: + update_hash("%s: %s\n" % (k, v)) + # Process this directory and all its child files if include_root or root != ".": process(root)
Records the ACL and (some) extended attributes in the outhash Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> --- NOTE: This requires ACL and XATTR support from bitbake V2: Filter ACLs to not duplicate the stat mode (since that also does extra filtering) meta/lib/oe/sstatesig.py | 42 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)