diff options
author | Stefan K. Berg <stefan.k.berg@ericsson.com> | 2016-04-22 12:48:25 +0200 |
---|---|---|
committer | Stefan K. Berg <stefan.k.berg@ericsson.com> | 2016-04-22 15:38:51 +0200 |
commit | 2b419db5c9325c6a87f1ea160c42235a1e8ec083 (patch) | |
tree | f7d6706aff0994fe87cfc0d6ebbd343668becc78 | |
parent | 83d1e07daff8d1b21f7ea2ef6695aa6602fc2563 (diff) |
Correction due to changed cpio behavior
As part of a security fix for cpio, its behavior has changed in terms
of how symlinks are handled.
This is affecting the Fuel build process, for which this commit is a
fix (reverting cpio back to its original behavior by adding the
argument "--extract-over-symlinks" in those instances where this is
needed).
For details, see https://jira.opnfv.org/browse/FUEL-125
Change-Id: I455b11a16ad52d8dd09165165447e4c4a661b45a
Signed-off-by: Stefan K. Berg <stefan.k.berg@ericsson.com>
-rw-r--r-- | build/Makefile | 2 | ||||
-rw-r--r-- | build/fuel-main_cpio.patch | 36 |
2 files changed, 38 insertions, 0 deletions
diff --git a/build/Makefile b/build/Makefile index a76c44ee2..ca704c0c0 100644 --- a/build/Makefile +++ b/build/Makefile @@ -109,6 +109,8 @@ $(ISOCACHE): cd /tmp/fuel-main && patch -f -p0 < $(TOPDIR)/fuel-main_5.patch # Patch for using the Czech Fuel mirror # cd /tmp/fuel-main && patch -p0 < $(TOPDIR)/fuel-main_7.patch + # Patch to counteract new cpio behavior + cd /tmp/fuel-main && patch -p0 < $(TOPDIR)/fuel-main_cpio.patch # Remove Docker optimizations, otherwise multistrap will fail during # Fuel build. sudo rm -f /etc/apt/apt.conf.d/docker* diff --git a/build/fuel-main_cpio.patch b/build/fuel-main_cpio.patch new file mode 100644 index 000000000..37bc10f39 --- /dev/null +++ b/build/fuel-main_cpio.patch @@ -0,0 +1,36 @@ +*** bootstrap/module.mk.orig 2016-04-22 15:30:34.872016256 +0200 +--- bootstrap/module.mk 2016-04-22 15:31:32.241993497 +0200 +*************** +*** 1,3 **** +--- 1,6 ---- ++ CPIOARGS = $(shell cpio --extract-over-symlinks -o </dev/null \ ++ >/dev/null 2>&1 && echo "--extract-over-symlinks") ++ + .PHONY: bootstrap clean clean-bootstrap + + bootstrap: $(ARTS_DIR)/$(BOOTSTRAP_ART_NAME) +*************** +*** 231,241 **** + + # Installing kernel modules + find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_PATTERN)' | xargs rpm2cpio | \ +! ( cd $(INITRAMROOT); sudo cpio -idm './lib/modules/*' './boot/vmlinuz*' ) + find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_FIRMWARE_PATTERN)' | xargs rpm2cpio | \ +! ( cd $(INITRAMROOT); sudo cpio -idm './lib/firmware/*' ) + find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name 'libmlx4*' | xargs rpm2cpio | \ +! ( cd $(INITRAMROOT); sudo cpio -idm './etc/*' './usr/lib64/*' ) + for version in `ls -1 $(INITRAMROOT)/lib/modules`; do \ + sudo depmod -b $(INITRAMROOT) $$version; \ + done +--- 234,244 ---- + + # Installing kernel modules + find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_PATTERN)' | xargs rpm2cpio | \ +! ( cd $(INITRAMROOT); sudo cpio $(CPIOARGS) -idm './lib/modules/*' './boot/vmlinuz*' ) + find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_FIRMWARE_PATTERN)' | xargs rpm2cpio | \ +! ( cd $(INITRAMROOT); sudo cpio $(CPIOARGS) -idm './lib/firmware/*' ) + find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name 'libmlx4*' | xargs rpm2cpio | \ +! ( cd $(INITRAMROOT); sudo cpio $(CPIOARGS) -idm './etc/*' './usr/lib64/*' ) + for version in `ls -1 $(INITRAMROOT)/lib/modules`; do \ + sudo depmod -b $(INITRAMROOT) $$version; \ + done |