Commit Graph

15 Commits

Author SHA1 Message Date
Ian Wienand
672705831f Add a best-effort sudo safety check
As motivation for this; we have had two breakouts of dib in recent
memory.  One was a failure to unmount through symlinks in the core
code (I335316019ef948758392b03e91f9869102a472b9) and the other was
removing host keys on the build-system
(Ib01d71ff9415a0ae04d963f6e380aab9ac2260ce).

For the most part, dib runs unprivileged.  Bits of the core code are
hopefully well tested (modulo bugs like the first one!).  We give free
reign inside the chroot (although there is still some potential there
for adverse external affects via bind mounts).  Where we could be a
bit safer (and could have prevented at least the second of these
breakouts) is with some better checking that the "sudo" calls
*outside* the chroot at least looked sane.

This adds a basic check that we're using chroot or image paths when
calling sudo in those parts of elements that run *outside* the chroot.
Various files are updated to accomodate this check; mostly by just
ignoring it for existing code (I have not audited these calls).

Nobody is pretending this type of checking makes dib magically safe,
or removes the issues with it needing to do things as root during the
build.  But this can help find egregious errors like the key removal.

Change-Id: I161a5aea1d29dcdc7236f70d372c53246ec73749
2016-05-09 15:41:38 +10:00
Pino Toscano
f35aace69f Use shorter temporary file names for kpartx
The loopback handling in the Linux kernel limits the filenames of
files associated to loopback devices, see also linux/loop.h.
This is reflected also on userspace, as kpartx will silently do nothing
(exiting with 0) when requesting to remove a filename longer than 64
characters, as that name will obviously not match the truncated
filename. The result of this is that, when extracting qcow2 images for
the first time, if the qcow2 filename is long enough then the loopback
device will not be removed, remaining as stale in the host.

As a workaround, use a temporary file name when convering a qcow2 image
to raw, instead of using the base name of the qcow2 file.
While this still will not fix the issue when manually using a long
temporary directory (e.g. TMP_DIR=/very/long/etc...), at least should
avoid it in other cases.

Change-Id: Ibf46cd313a9d89412c0e1068fa0993be6c5a29db
2015-04-21 10:36:33 +02:00
Ian Wienand
36b59c001c Standarise tracing for scripts
There is a wide variety of tracing options through the various shell
scripts.  Some use "set -eux", others explicity set xtrace and others
do nothing.  There is a "-x" option to bin/disk-image-create but it
doesn't flow down to the many scripts it calls.

This adds a global integer variable set by disk-image-create
DIB_DEBUG_TRACE.  All scripts have a stanza added to detect this and
turn on tracing.  Any other tracing methods are rolled into this.  So
the standard header is

---
if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
    set -x
fi
set -eu
set -o pipefail
---

Multiple -x options can be specified to dib-create-image, which
increases the value of DIB_DEBUG_TRACE.  If script authors feel their
script should only trace at higher levels, they should modify the
"-gt" value.  If they feel it should trace by default, they can modify
the default value also.

Changes to pachset 16 : scripts which currently trace themselves by
default have retained this behaviour with DIB_DEBUG_TRACE defaulting
to "1".  This was done by running [1] on patch set 15.  See the thread
beginning at [2]

dib-lint is also updated to look for the variable being matched.

[1] https://gist.github.com/ianw/71bbda9e6acc74ccd0fd
[2] http://lists.openstack.org/pipermail/openstack-dev/2014-November/051575.html

Change-Id: I6c5a962260741dcf6f89da9a33b96372a719b7b0
2015-02-12 10:41:32 +11:00
Victor Lowther
38b14df72c Make diskimage-builder work in Docker.
When running inside a Docker container, we cannot rely on devices in
/dev/mapper to be automagically created by udev, because we probably
don't have a udev at all.  To work around this, run dmsetup mknodes
after every kpartx run.

Change-Id: If7e30579224ce54c5ed26d08974d8293c144719a
2014-09-15 06:43:53 -05:00
Pino Toscano
267e96f52c Centralize handling of /lost+found
Just remove globally /lost+found after the root and install phases, so
distribution elements don't need to do that by themselves.

Change-Id: Ic783e613bd8794aefd3f40c9a7c308d14cd04b8d
2014-08-04 11:48:21 +02:00
Om Kumar
aff9b29c4d Update RHEL 6.5 Image name.
The default value points to old image name
which results in 404 error. So updating the
value to point to correct name.

Change-Id: Ia66f0cf4f4167926892a0786467412d277ebffc3
2014-07-15 14:17:06 +00:00
tanlin
ebd54b1010 Correct the wrong rename in rhel element
There is a substitution of suffix in rhel element, like
rhel-guest-image-6.5-20140121.0.x86_64.qcow2 to
rhel-guest-image-6.5-20140121.0.x86_64.raw

The convert is correct but the substitution of the suffix is wrong.

${PARAMETER#PATTERN} will match the string from the beginning and generate rhel-guest-image-6.5-20140121.0.x86_64.qcow2.raw

We should use ${PARAMETER%PATTERN} instead, which is from the end.

Change-Id: Ic45a3f800058ea9e5d746ff543c068a54632407d
2014-06-03 06:42:35 +00:00
Gonéri Le Bouder
ea3f4dd459 4 spaces indent
ensure 4 spaces indentation is used everywhere.

Change-Id: Ieb48faacb4c96b7b358771d70c17f2f22d0354f4
2014-05-10 11:17:29 +02:00
Ben Nemec
16be6d7ce0 set -u and -o pipefail everywhere
As with the previous similar changes, this is intended to catch
problems as they happen instead of ignoring them and continuing on
to potentially fail later.  Setting this on all existing scripts
will allow us to enforce use via Jenkins.

Change-Id: Iad2d490c86dceab148ea9ab08f457c49a5d5352e
2014-05-06 15:51:07 -05:00
Perry Myers
b9e77477bb Update the image name for RHEL Guest Image
The RHEL 6 Guest Image has been updated with a new release that
addresses a number of bugs.  The diskimage-builder element that
references this file needed to be updated to reference the correct
image name.  In addition, some notes to help users download the
image from RHN have been added to the README.

Change-Id: I3c9e64a1887afd9c0b370d70eff4b7f9598cebd1
Closes-bug: launchpad-bug-1286568
2014-03-01 12:23:02 -05:00
aweiteka
3dc40c925d Update default RHEL guest image
Red Hat periodically updates the qcow2 guest image available
for download. This sets the default image name to the latest.

Change-Id: Iba3075bbee3b41918d5cd3da9721fcbf98ff3bcd
2014-01-21 14:26:35 -05:00
iberezovskiy
f23babe971 Check existence of directory 'lost+found'
The command `sudo rmdir $TARGET_ROOT/lost+found` will fail
if `$TARGET_ROOT/lost+found` directory doesn't exist,
e.g. when you use non-default image.

Fixes bug #1245856

Change-Id: I48c8f2f201b29912a726249023ca7d20893cc958
2013-10-29 18:51:49 +04:00
Tim Serong
6da49c6d49 Use --numeric-owner when extracting base image
When extracting the base image without --numeric-owner, user and group
names in the tarball are mapped to uid/gid by the host.  This can cause
problems when building an image for some other distro than you're
running yourself.  For example, building an Ubuntu image on openSUSE
ends up with /var/cache/man in the image owned by 'proxy' (uid 13)
instead of 'man' (uid 6), because the host (openSUSE) uses uid 13 for
the 'man' user.  This particular man/proxy discrepancy results in
"fopen: Permission denied" errors when apt-get does its "Processing
triggers for man-db" thing in the Ubuntu system.  I wouldn't be
surprised if there were other kinks caused by this uid/gid mapping
discrepancy too, but that's the one I found so far.

The same thing can also happen with Fedora, but seems to be less likely,
or at least less obvious to me when building Fedora images on openSUSE.
But, IMO, it's better to be safe and just use --numeric-owner on all
base image untarring outside the chroot.

Change-Id: I9da5ac66dd182e7278fe4fee932093f61d35673a
2013-10-08 22:45:51 +11:00
Matthew Farrellee
1d2a85d5e4 Add DIB_IMAGE_CACHE
DIB_IMAGE_CACHE will be a user override for the location where images
are cached. Default location is ~/.cache/image-create

Change-Id: I3e9b9f970864d555c9ec9436344b53f6d3d66dfa
2013-09-19 14:34:05 -04:00
Chris Alfonso
44c3ff7ece Add rhel installation element
If you want to have the installation update packages, you'll
need to register the system log in to rhn and subscribe to an
available subscription.
export DIB_RHSM_USER to your rhn username
export DIB_RHSM_PASSWORD to your rhn password

To get the qcow2 image, log into rhn.redhat.com and download the
image from
https://rhn.redhat.com/rhn/software/channel/downloads/Download.do?cid=16952
Then export DIB_CLOUD_IMAGES to whereever you're hosting the qcow2.

Change-Id: Idb547f4ffe75514b1e3f6b34f5f347493b132925
2013-08-28 11:35:53 -04:00