From 6802cf7100e01527fcf88860e65f613f0af3e244 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Fri, 17 Mar 2017 09:43:45 +1100 Subject: [PATCH] Run dib-run-parts out of /tmp The dib-run-parts element was copying our internal version of dib-run-parts into /usr/local/bin to be used running scripts inside the target chroot. However, it never cleaned up after itself. This means all images were left with an unmanaged local install of dib-run-parts. This copies dib-run-parts into the hooks directory of the chroot and runs it from there. It is cleaned up automatically on the exit path. The dib-run-parts element is no longer required and it has been removed from all dependencies. It is left with a deprecation notice in the README. For compatability we convert it to simply install dib-utils. Codesearch shows no users depending on this unintentional implicit install. Note os-refresh-config depends on dib-utils and thus will have an explicitly installed version. Partial-Bug: #1673144 Change-Id: Ia2e96c00a4246c04beb96c17f83b8aefb69219ca --- .../elements/centos/element-deps | 1 - .../elements/centos7/element-deps | 1 - .../elements/debootstrap/element-deps | 1 - .../elements/dib-run-parts/README.rst | 22 ++++++++++++++----- .../dib-run-parts/package-installs.yaml | 1 + .../root.d/90-base-dib-run-parts | 19 ---------------- .../elements/docker/element-deps | 1 - .../elements/fedora/element-deps | 1 - .../elements/gentoo/element-deps | 1 - .../elements/opensuse/element-deps | 1 - diskimage_builder/elements/rhel/element-deps | 1 - diskimage_builder/elements/rhel7/element-deps | 1 - .../elements/ubuntu-core/element-deps | 1 - .../elements/ubuntu/element-deps | 1 - .../elements/yum-minimal/element-deps | 1 - .../elements/zypper-minimal/element-deps | 1 - diskimage_builder/lib/img-functions | 8 ++++++- .../notes/dib-run-parts-6f67d038aa5a4156.yaml | 10 +++++++++ 18 files changed, 35 insertions(+), 38 deletions(-) create mode 100644 diskimage_builder/elements/dib-run-parts/package-installs.yaml delete mode 100755 diskimage_builder/elements/dib-run-parts/root.d/90-base-dib-run-parts delete mode 100644 diskimage_builder/elements/docker/element-deps create mode 100644 releasenotes/notes/dib-run-parts-6f67d038aa5a4156.yaml diff --git a/diskimage_builder/elements/centos/element-deps b/diskimage_builder/elements/centos/element-deps index 57b194ac..b13647d2 100644 --- a/diskimage_builder/elements/centos/element-deps +++ b/diskimage_builder/elements/centos/element-deps @@ -1,5 +1,4 @@ cache-url -dib-run-parts redhat-common rpm-distro yum diff --git a/diskimage_builder/elements/centos7/element-deps b/diskimage_builder/elements/centos7/element-deps index c6e5925f..1bc6150a 100644 --- a/diskimage_builder/elements/centos7/element-deps +++ b/diskimage_builder/elements/centos7/element-deps @@ -1,5 +1,4 @@ cache-url -dib-run-parts redhat-common rpm-distro source-repositories diff --git a/diskimage_builder/elements/debootstrap/element-deps b/diskimage_builder/elements/debootstrap/element-deps index 594d0d35..0dd8a43b 100644 --- a/diskimage_builder/elements/debootstrap/element-deps +++ b/diskimage_builder/elements/debootstrap/element-deps @@ -1,3 +1,2 @@ -dib-run-parts dpkg pkg-map diff --git a/diskimage_builder/elements/dib-run-parts/README.rst b/diskimage_builder/elements/dib-run-parts/README.rst index d5e02599..bf3852e6 100644 --- a/diskimage_builder/elements/dib-run-parts/README.rst +++ b/diskimage_builder/elements/dib-run-parts/README.rst @@ -2,9 +2,21 @@ dib-run-parts ============= -Install ``dib-run-parts`` into the chroot environment +.. warning:: -Currently this element copies the ``dib-run-parts`` used by -diskimage-builder outside the chroot to inside. However, note while -the interface remains the same this element may be provided in future -with a different interface. + This element is deprecated and is left only for compatability. + Please read the notes. + +This element install the ``dib-utils`` package to provide +``dib-run-parts``. + +Previously this element was a part of most base images and copied the +internal version of ``dib-run-parts`` to ``/usr/local/bin`` during the +build. Due to a (longstanding) oversight this was never removed and +stayed in the final image. The image build process now uses a private +copy of ``dib-run-parts`` during the build, so this element has become +deprecated. + +For compatability this element simply installs the ``dib-utils`` +package, which will provide ``dib-run-parts``. However, this is +probably better expressed as a dependency in individual elements. diff --git a/diskimage_builder/elements/dib-run-parts/package-installs.yaml b/diskimage_builder/elements/dib-run-parts/package-installs.yaml new file mode 100644 index 00000000..fbeb930b --- /dev/null +++ b/diskimage_builder/elements/dib-run-parts/package-installs.yaml @@ -0,0 +1 @@ +dib-utils: \ No newline at end of file diff --git a/diskimage_builder/elements/dib-run-parts/root.d/90-base-dib-run-parts b/diskimage_builder/elements/dib-run-parts/root.d/90-base-dib-run-parts deleted file mode 100755 index 11586714..00000000 --- a/diskimage_builder/elements/dib-run-parts/root.d/90-base-dib-run-parts +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then - set -x -fi -set -eu -set -o pipefail - -# Abort early if dib-run-parts is not found to prevent a meaningless -# error message from the subsequent install command -DIB_RUN_PARTS=${_LIB}/dib-run-parts - -if [ ! -f ${DIB_RUN_PARTS} ]; then - echo "Can't find dib-run-parts script!" -fi - -exec sudo install -m 0755 -o root -g root -D \ - $DIB_RUN_PARTS \ - $TARGET_ROOT/usr/local/bin/dib-run-parts diff --git a/diskimage_builder/elements/docker/element-deps b/diskimage_builder/elements/docker/element-deps deleted file mode 100644 index 64b9ac34..00000000 --- a/diskimage_builder/elements/docker/element-deps +++ /dev/null @@ -1 +0,0 @@ -dib-run-parts diff --git a/diskimage_builder/elements/fedora/element-deps b/diskimage_builder/elements/fedora/element-deps index 3750f722..25c3cea4 100644 --- a/diskimage_builder/elements/fedora/element-deps +++ b/diskimage_builder/elements/fedora/element-deps @@ -1,5 +1,4 @@ cache-url -dib-run-parts dkms redhat-common rpm-distro diff --git a/diskimage_builder/elements/gentoo/element-deps b/diskimage_builder/elements/gentoo/element-deps index 15aa0f9c..8937a3c5 100644 --- a/diskimage_builder/elements/gentoo/element-deps +++ b/diskimage_builder/elements/gentoo/element-deps @@ -1,4 +1,3 @@ cache-url -dib-run-parts install-bin package-installs diff --git a/diskimage_builder/elements/opensuse/element-deps b/diskimage_builder/elements/opensuse/element-deps index 14ee0a47..89baf731 100644 --- a/diskimage_builder/elements/opensuse/element-deps +++ b/diskimage_builder/elements/opensuse/element-deps @@ -1,4 +1,3 @@ cache-url -dib-run-parts package-installs zypper diff --git a/diskimage_builder/elements/rhel/element-deps b/diskimage_builder/elements/rhel/element-deps index 66b94cc8..d8ee15ce 100644 --- a/diskimage_builder/elements/rhel/element-deps +++ b/diskimage_builder/elements/rhel/element-deps @@ -1,5 +1,4 @@ cache-url -dib-run-parts rhel-common rpm-distro yum diff --git a/diskimage_builder/elements/rhel7/element-deps b/diskimage_builder/elements/rhel7/element-deps index 4f33c20e..81585c43 100644 --- a/diskimage_builder/elements/rhel7/element-deps +++ b/diskimage_builder/elements/rhel7/element-deps @@ -1,5 +1,4 @@ cache-url -dib-run-parts redhat-common rhel-common rpm-distro diff --git a/diskimage_builder/elements/ubuntu-core/element-deps b/diskimage_builder/elements/ubuntu-core/element-deps index ca0451a0..4b609839 100644 --- a/diskimage_builder/elements/ubuntu-core/element-deps +++ b/diskimage_builder/elements/ubuntu-core/element-deps @@ -1,4 +1,3 @@ cache-url -dib-run-parts dpkg ubuntu-common diff --git a/diskimage_builder/elements/ubuntu/element-deps b/diskimage_builder/elements/ubuntu/element-deps index d57d5e7e..30890550 100644 --- a/diskimage_builder/elements/ubuntu/element-deps +++ b/diskimage_builder/elements/ubuntu/element-deps @@ -1,6 +1,5 @@ cache-url cloud-init-datasources -dib-run-parts dkms dpkg ubuntu-common diff --git a/diskimage_builder/elements/yum-minimal/element-deps b/diskimage_builder/elements/yum-minimal/element-deps index d26d0115..ba3a453f 100644 --- a/diskimage_builder/elements/yum-minimal/element-deps +++ b/diskimage_builder/elements/yum-minimal/element-deps @@ -1,4 +1,3 @@ -dib-run-parts redhat-common rpm-distro yum diff --git a/diskimage_builder/elements/zypper-minimal/element-deps b/diskimage_builder/elements/zypper-minimal/element-deps index 846428bd..1344d363 100644 --- a/diskimage_builder/elements/zypper-minimal/element-deps +++ b/diskimage_builder/elements/zypper-minimal/element-deps @@ -1,3 +1,2 @@ -dib-run-parts package-installs zypper diff --git a/diskimage_builder/lib/img-functions b/diskimage_builder/lib/img-functions index d7bee24c..d1435438 100644 --- a/diskimage_builder/lib/img-functions +++ b/diskimage_builder/lib/img-functions @@ -82,13 +82,19 @@ function run_d_in_target () { if [ -d ${TMP_HOOKS_PATH}/$1.d ] ; then sudo mkdir $TMP_MOUNT_PATH/tmp/in_target.d sudo mount --bind ${TMP_HOOKS_PATH} $TMP_MOUNT_PATH/tmp/in_target.d + # Copy in dib-run-parts to run inside chroot. Note, in the + # future, we might like to use a diffrent dib-run-parts for + # running inside the chroot that doesn't rely on bash. For now + # they're the same. Note also this gets cleaned up with the dir + # delete below. + sudo cp ${DIB_RUN_PARTS} ${TMP_MOUNT_PATH}/tmp/in_target.d sudo mount -o remount,ro,bind ${TMP_HOOKS_PATH} $TMP_MOUNT_PATH/tmp/in_target.d check_break before-$1 run_in_target bash [ -z "$break_outside_target" ] && in_target_arg="run_in_target" || in_target_arg= trap "check_break after-error $in_target_arg ${break_cmd:-bash}" ERR # NOTE: this is the dib-run-parts copied into the chroot by the # dib-run-parts element. - run_in_target dib-run-parts /tmp/in_target.d/$1.d + run_in_target /tmp/in_target.d/dib-run-parts /tmp/in_target.d/$1.d trap - ERR check_break after-$1 run_in_target bash sudo umount -f $TMP_MOUNT_PATH/tmp/in_target.d diff --git a/releasenotes/notes/dib-run-parts-6f67d038aa5a4156.yaml b/releasenotes/notes/dib-run-parts-6f67d038aa5a4156.yaml new file mode 100644 index 00000000..76016903 --- /dev/null +++ b/releasenotes/notes/dib-run-parts-6f67d038aa5a4156.yaml @@ -0,0 +1,10 @@ +--- +deprecations: + - | + The ``dib-run-parts`` element is no longer required as + ``disk-image-create`` will directly source the internal version + for running scripts within the chroot. This element was + unintentionally leaving ``/usr/local/bin/dib-run-parts`` in the + built image. From code search we do not believe anyone was + relying on the presence of this script. If you do require it, you + should source the ``dib-utils`` package to install.