Run dib-run-parts out of /tmp

The dib-run-parts element was copying our internal version of
dib-run-parts into /usr/local/bin to be used running scripts inside
the target chroot.  However, it never cleaned up after itself.  This
means all images were left with an unmanaged local install of
dib-run-parts.

This copies dib-run-parts into the hooks directory of the chroot and
runs it from there.  It is cleaned up automatically on the exit path.

The dib-run-parts element is no longer required and it has been
removed from all dependencies.  It is left with a deprecation notice
in the README.  For compatability we convert it to simply install
dib-utils.

Codesearch shows no users depending on this unintentional implicit
install.  Note os-refresh-config depends on dib-utils and thus will
have an explicitly installed version.

Partial-Bug: #1673144
Change-Id: Ia2e96c00a4246c04beb96c17f83b8aefb69219ca
This commit is contained in:
Ian Wienand 2017-03-17 09:43:45 +11:00
parent fd424757a6
commit 6802cf7100
18 changed files with 35 additions and 38 deletions

View File

@ -1,5 +1,4 @@
cache-url cache-url
dib-run-parts
redhat-common redhat-common
rpm-distro rpm-distro
yum yum

View File

@ -1,5 +1,4 @@
cache-url cache-url
dib-run-parts
redhat-common redhat-common
rpm-distro rpm-distro
source-repositories source-repositories

View File

@ -1,3 +1,2 @@
dib-run-parts
dpkg dpkg
pkg-map pkg-map

View File

@ -2,9 +2,21 @@
dib-run-parts dib-run-parts
============= =============
Install ``dib-run-parts`` into the chroot environment .. warning::
Currently this element copies the ``dib-run-parts`` used by This element is deprecated and is left only for compatability.
diskimage-builder outside the chroot to inside. However, note while Please read the notes.
the interface remains the same this element may be provided in future
with a different interface. This element install the ``dib-utils`` package to provide
``dib-run-parts``.
Previously this element was a part of most base images and copied the
internal version of ``dib-run-parts`` to ``/usr/local/bin`` during the
build. Due to a (longstanding) oversight this was never removed and
stayed in the final image. The image build process now uses a private
copy of ``dib-run-parts`` during the build, so this element has become
deprecated.
For compatability this element simply installs the ``dib-utils``
package, which will provide ``dib-run-parts``. However, this is
probably better expressed as a dependency in individual elements.

View File

@ -0,0 +1 @@
dib-utils:

View File

@ -1,19 +0,0 @@
#!/bin/bash
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
# Abort early if dib-run-parts is not found to prevent a meaningless
# error message from the subsequent install command
DIB_RUN_PARTS=${_LIB}/dib-run-parts
if [ ! -f ${DIB_RUN_PARTS} ]; then
echo "Can't find dib-run-parts script!"
fi
exec sudo install -m 0755 -o root -g root -D \
$DIB_RUN_PARTS \
$TARGET_ROOT/usr/local/bin/dib-run-parts

View File

@ -1 +0,0 @@
dib-run-parts

View File

@ -1,5 +1,4 @@
cache-url cache-url
dib-run-parts
dkms dkms
redhat-common redhat-common
rpm-distro rpm-distro

View File

@ -1,4 +1,3 @@
cache-url cache-url
dib-run-parts
install-bin install-bin
package-installs package-installs

View File

@ -1,4 +1,3 @@
cache-url cache-url
dib-run-parts
package-installs package-installs
zypper zypper

View File

@ -1,5 +1,4 @@
cache-url cache-url
dib-run-parts
rhel-common rhel-common
rpm-distro rpm-distro
yum yum

View File

@ -1,5 +1,4 @@
cache-url cache-url
dib-run-parts
redhat-common redhat-common
rhel-common rhel-common
rpm-distro rpm-distro

View File

@ -1,4 +1,3 @@
cache-url cache-url
dib-run-parts
dpkg dpkg
ubuntu-common ubuntu-common

View File

@ -1,6 +1,5 @@
cache-url cache-url
cloud-init-datasources cloud-init-datasources
dib-run-parts
dkms dkms
dpkg dpkg
ubuntu-common ubuntu-common

View File

@ -1,4 +1,3 @@
dib-run-parts
redhat-common redhat-common
rpm-distro rpm-distro
yum yum

View File

@ -1,3 +1,2 @@
dib-run-parts
package-installs package-installs
zypper zypper

View File

@ -82,13 +82,19 @@ function run_d_in_target () {
if [ -d ${TMP_HOOKS_PATH}/$1.d ] ; then if [ -d ${TMP_HOOKS_PATH}/$1.d ] ; then
sudo mkdir $TMP_MOUNT_PATH/tmp/in_target.d sudo mkdir $TMP_MOUNT_PATH/tmp/in_target.d
sudo mount --bind ${TMP_HOOKS_PATH} $TMP_MOUNT_PATH/tmp/in_target.d sudo mount --bind ${TMP_HOOKS_PATH} $TMP_MOUNT_PATH/tmp/in_target.d
# Copy in dib-run-parts to run inside chroot. Note, in the
# future, we might like to use a diffrent dib-run-parts for
# running inside the chroot that doesn't rely on bash. For now
# they're the same. Note also this gets cleaned up with the dir
# delete below.
sudo cp ${DIB_RUN_PARTS} ${TMP_MOUNT_PATH}/tmp/in_target.d
sudo mount -o remount,ro,bind ${TMP_HOOKS_PATH} $TMP_MOUNT_PATH/tmp/in_target.d sudo mount -o remount,ro,bind ${TMP_HOOKS_PATH} $TMP_MOUNT_PATH/tmp/in_target.d
check_break before-$1 run_in_target bash check_break before-$1 run_in_target bash
[ -z "$break_outside_target" ] && in_target_arg="run_in_target" || in_target_arg= [ -z "$break_outside_target" ] && in_target_arg="run_in_target" || in_target_arg=
trap "check_break after-error $in_target_arg ${break_cmd:-bash}" ERR trap "check_break after-error $in_target_arg ${break_cmd:-bash}" ERR
# NOTE: this is the dib-run-parts copied into the chroot by the # NOTE: this is the dib-run-parts copied into the chroot by the
# dib-run-parts element. # dib-run-parts element.
run_in_target dib-run-parts /tmp/in_target.d/$1.d run_in_target /tmp/in_target.d/dib-run-parts /tmp/in_target.d/$1.d
trap - ERR trap - ERR
check_break after-$1 run_in_target bash check_break after-$1 run_in_target bash
sudo umount -f $TMP_MOUNT_PATH/tmp/in_target.d sudo umount -f $TMP_MOUNT_PATH/tmp/in_target.d

View File

@ -0,0 +1,10 @@
---
deprecations:
- |
The ``dib-run-parts`` element is no longer required as
``disk-image-create`` will directly source the internal version
for running scripts within the chroot. This element was
unintentionally leaving ``/usr/local/bin/dib-run-parts`` in the
built image. From code search we do not believe anyone was
relying on the presence of this script. If you do require it, you
should source the ``dib-utils`` package to install.