diskimage-builder

  1. Bug #1671842
  2. Comment #9

Comment 9 for bug 1671842

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to diskimage-builder (master)

Reviewed: https://review.openstack.org/466593
Committed: https://git.openstack.org/cgit/openstack/diskimage-builder/commit/?id=f1369a1add9552ec2f11cc97ee5e9e09f02b49ff
Submitter: Jenkins
Branch: master

commit f1369a1add9552ec2f11cc97ee5e9e09f02b49ff
Author: Noam Angel <email address hidden>
Date: Mon May 22 05:13:34 2017 +0000

    Set manifest permissions in the image

    This is a follow-on to 57ef187632c97eb7c2f27207c19f11336b28d97c.

    There's two things going on here; DIB_MANIFEST_IMAGE_DIR is *outside*
    the chroot on the build host. We copy the files here for posterity, I
    guess. MANIFEST_IMAGE_PATH is *inside* the chroot and are the files
    we want to ensure are locked to root.

    The prior change modified the permissions on DIB_MANIFEST_IMAGE_DIR.
    So the first time you build, it works -- then the second time,
    assuming you're using the same output filename, it hits the root-owned
    manifest directories and causes a build failure.

    I have built with this and checked that the manifest files in the
    image are locked to root:

     $ virt-ls -a ./test.qcow2 -l /etc/dib-manifests
     total 32
     drwxr-xr-x 2 0 0 4096 May 24 03:39 .
     drwxr-xr-x 53 0 0 4096 May 24 03:39 ..
     -rw------- 1 0 0 15236 May 24 03:39 dib-manifest-dpkg-test
     -rw------- 1 0 0 35 May 24 03:39 dib_arguments
     -rw------- 1 0 0 137 May 24 03:39 dib_environment

    Related-Bug: #1671842
    Change-Id: I08319d0b5fcc461d40fe0be8427dcf0e37ad21e6