Commit Graph

14 Commits

Author SHA1 Message Date
Atharva Lele
9c449f9dd8 fs/tar: explicitly set extended header values to ensure binary reproducibility
Since we use --xattrs-include='*' to include all extended attributes,
tar creates a PAX formatted archive. The archive metadata captures atime
and ctime of files. To fix this, GNU recommends that we pass this added
argument to tar to create binary reproducible packages. Setting of mtime
is handled in fs/common.mk using touch on all files.

Diffoscope output pre-change: https://gitlab.com/snippets/1871111
Diffoscope output after change is blank i.e. binary reproducibile rootfs
is created.

GNU Recommendation: https://www.gnu.org/software/tar/manual/tar.html#SEC147

Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-07-14 12:21:11 +02:00
Yann E. MORIN
6d688e2132 fs/tar: add support for xattrs (thus capabilties)
By default, tar will not include any extended attribute (xattr) when
creating archives, and thus will not store capabilties either (as they
are stored in the xattr 'security.capability').

Using option --xattrs is enough to create a tarball with all the xattrs
attached to a file. However, extracting all xattrs from a tarball
requires that --xattrs-include='*' be used. This is not symetric (but on
purpose, as per the documentation), and so is confusing to some.

So, we use --xattrs-include='*' to create the archive, so as to be
explicit that we want all xattrs to be stored.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-20 23:28:07 +01:00
Thomas Petazzoni
e77013a3c4 package/pkg-generic: handle host-tar as an extract dependency
This moves the host-tar dependency handling from
DEPENDENCY_HOST_PREREQ to an extract dependency.

To achieve that, check-host-tar.mk fills in the
BR2_TAR_HOST_DEPENDENCY variable with host-tar if building a host-tar
is needed. The name BR2_TAR_HOST_DEPENDENCY has been chosen because it
matches the name BR2_CMAKE_HOST_DEPENDENCY already used in
check-host-cmake.mk.

The BR2_TAR_HOST_DEPENDENCY is added to all packages, except host-tar
itself (obviously) and host-skeleton, because we depend on
host-skeleton to install host-tar properly in HOST_DIR.

In addition, we modify tar.mk to explicitly build host-tar without
ccache: since ccache source code is available as a tarball, ccache
will obviously depend on host-tar if the system tar is insufficient.

Finally, to make things really clean, we also add
$(BR2_TAR_HOST_DEPENDENCY) to the dependencies of the tar filesystem
format, since it requires tar, so we'd better make sure we have a
suitable tar.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-25 17:43:20 +02:00
Yann E. MORIN
b6842c4097 fs: make it behave a bit more like the package infra
Currently, to register a filesystem, one has to call:

    $(eval $(call ROOTFS_TARGET,blabla))

This is very unlike the package infrastructure, where the name of the
package is automatically guessed by the infra.

It turns out that we can now do that for the filesystem infra too.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2018-01-03 21:58:07 +01:00
Baruch Siach
d91ce1aa08 fs/tar: make --no-recursion effective
The tar --no-recursion option is position sensitive. It only affects following
file listing options. Move --no-recursion before the -T option to make it
effective. This fixes duplication of entries in the generated rootfs.tar
archive.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-28 10:13:21 +01:00
Jérôme Pouiller
59f9c4ca9f fs/tar: make results reproducible
In order to make tar images reproducible, force files order in tarball.

This work was sponsored by `BA Robotic Systems'.

Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-11-23 22:55:34 +01:00
Frank Hunleth
6ae48ae3af fs/tar: support passing long options to tar
Move TAR_OPTS so that long options (or any option with an initial '-')
may be passed to tar. Since TAR_OPTS is at the front of the list, single
letter options still work.

Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-06-25 15:42:44 +02:00
Yann E. MORIN
66ee6dc872 fs/tar: only store numeric uid/gid
If a target user is asigned a UID (e.g. 1000) that happens to also exist
on the build machine, tar will happily store the username for that user.

This can be seen by some as potential information disclosure.

Instruct tar to just store the numeric uid/gid.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-02-19 22:02:59 +01:00
Jerzy Grzegorek
595bf30654 package: indentation cleanup
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-23 22:13:29 +02:00
Thomas De Schampheleire
e5512dfc49 fs/tar: use qstrip to clean up build output
When using the tar filesystem method, the build output shows at the end:

echo " tar -c""f <br>/output/images/rootfs.tar -C <br>/output/target ." >>
                                    <br>/output/build/_fakeroot.fs

The inner set of quotes can be easily removed by properly stripping the tar
options (coming from the buildroot configuration).

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Acked-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-05-28 21:19:58 +02:00
Jerzy Grzegorek
e0d9d33cc2 fix white spaces
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-07-20 21:13:57 +02:00
Jerzy Grzegorek
086f333f39 Normalize separator size to 80
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-07 10:54:54 +02:00
Arnout Vandecappelle (Essensium/Mind)
847895d295 fs/common.mk: delay evaluation of variables
This makes things easier to understand and more consistent with the pkg-infra.
For example, it removes the need for '$$@' in the CMD variables of fs/*/*.mk.

It also makes it possible to update the variables later, e.g. in the package
override file.

It also makes sure that the date will be recorded correctly in Yann E. Morin's
patch that logs the MESSAGE macros to a file.

The fs/*/*.mk must be updated as well because the '$@' shouldn't be quoted
anymore in the CMD variables or the hooks.

The $(eval ...) for the dependencies is redundant, because the $(ROOTFS_TARGET)
variable is already eval'd. Note that it is only redundant if the evaluation of
the uses of the variable is also delayed.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-01-20 20:53:29 +01:00
Thomas Petazzoni
3474716bff Coherent naming for .mk files in fs/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2010-04-09 11:04:36 +02:00