| Message ID | 20240212090926.193109-1-michalwsieron@gmail.com |
|---|---|
| State | Accepted, archived |
| Commit | 80396cc72ac7c03c79af7a69da926227fbac86e9 |
| Headers | show |
| Series | [v2] sanity.bbclass: raise_sanity_error if /tmp is noexec | expand |
diff --git a/meta/classes-global/sanity.bbclass b/meta/classes-global/sanity.bbclass index 1bd74e1935..bbbc41ddae 100644 --- a/meta/classes-global/sanity.bbclass +++ b/meta/classes-global/sanity.bbclass @@ -840,6 +840,10 @@ def check_sanity_everybuild(status, d): status.addresult("Please use a umask which allows a+rx and u+rwx\n") os.umask(omask) + # Ensure /tmp is NOT mounted with noexec + if os.statvfs("/tmp").f_flag & os.ST_NOEXEC: + raise_sanity_error("/tmp shouldn't be mounted with noexec.", d) + if d.getVar('TARGET_ARCH') == "arm": # This path is no longer user-readable in modern (very recent) Linux try:
Older meson versions save temporary scripts in /tmp. Similarly some recipies also do that (e.g. ccan in sbsigntool). As this can lead to unexpected build failures with no simple way to workaround, make such setup a fatal error. Signed-off-by: Michal Sieron <michalwsieron@gmail.com> --- meta/classes-global/sanity.bbclass | 4 ++++ 1 file changed, 4 insertions(+)