From patchwork Tue Dec 13 13:22:05 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 87879 Delivered-To: patch@linaro.org Received: by 10.140.20.101 with SMTP id 92csp2201275qgi; Tue, 13 Dec 2016 05:27:50 -0800 (PST) X-Received: by 10.200.42.19 with SMTP id k19mr82190896qtk.236.1481635670260; Tue, 13 Dec 2016 05:27:50 -0800 (PST) Return-Path: Received: from lists.gnu.org (lists.gnu.org. [208.118.235.17]) by mx.google.com with ESMTPS id u7si28169138qka.142.2016.12.13.05.27.49 for (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 13 Dec 2016 05:27:50 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:38438 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cGn7T-0005WQ-Si for patch@linaro.org; Tue, 13 Dec 2016 08:27:47 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39390) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cGn3U-00035c-TW for qemu-devel@nongnu.org; Tue, 13 Dec 2016 08:23:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cGn3P-0001O2-Ux for qemu-devel@nongnu.org; Tue, 13 Dec 2016 08:23:40 -0500 Received: from mail-wj0-f174.google.com ([209.85.210.174]:35884) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cGn3P-0001Fi-Om for qemu-devel@nongnu.org; Tue, 13 Dec 2016 08:23:35 -0500 Received: by mail-wj0-f174.google.com with SMTP id tk12so100416767wjb.3 for ; Tue, 13 Dec 2016 05:23:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=WuFzj9G6XvsMMAIHciDnGFfJkf9HwzGTsULsgP60nS4=; b=kC9DVgiUqbP6cBW5Qs+jWjGVP3c9kVZ/eHtCF6rcEkqT3ZYZYorsDhl4CVVYr84n7O 97jhz7BA6DlqrfWoI/ZGSS3wK/ueR0/wAAYKgpCC5wXdadeHjrv4j5SgC2yfKgEdvYgp dDnQ3UkZ8LpT+AHZ3q88kswN6zTzA4IFfxmPA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=WuFzj9G6XvsMMAIHciDnGFfJkf9HwzGTsULsgP60nS4=; b=OLKdQXzwWOGCE3HM5GS4bVnipQXHH4abcLVuJRHi/LOVlnxZtB8Ow4NIpAZUaXAmNY c6pJ8XcXZKmaQf90VCDSPQMY6RidpMOCeKY7MV/fs35m6KOWWjMPT8Em9vR2CJafatd9 rng5qWmTod7G3wtVwapT/zHLgT9CkD0ecrLnlUvtkPLrMvFY4JbF1jxN2Sxqc+FO6mzQ 2r1NQr5ZEJ4eKkY26fbbT/3aN6ZNO7urm3QEbA7lpe74PFRXcPnuYfG1tNmoVv2lGVhe lKhv3mBnNYP2up+TUotmnMGFshN6joD+XemVrnWisxhYR4Q2Sc4j4AXk19u0aF7BSmGv q0Vw== X-Gm-Message-State: AKaTC02mfvT17Z3KbE4c/wBlZihaNiN+B0f7Iz3vXldmu+DdF0xB7x9RGFKH17qJllWQ0BhW X-Received: by 10.194.37.6 with SMTP id u6mr96513440wjj.20.1481635331968; Tue, 13 Dec 2016 05:22:11 -0800 (PST) Received: from zen.linaro.local ([81.128.185.34]) by smtp.gmail.com with ESMTPSA id f67sm2605027wmd.13.2016.12.13.05.22.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Dec 2016 05:22:10 -0800 (PST) Received: from zen.linaroharston (localhost [127.0.0.1]) by zen.linaro.local (Postfix) with ESMTP id 5A0733E0C52; Tue, 13 Dec 2016 13:22:10 +0000 (GMT) From: =?UTF-8?q?Alex=20Benn=C3=A9e?= To: famz@redhat.com Date: Tue, 13 Dec 2016 13:22:05 +0000 Message-Id: <20161213132205.9114-1-alex.bennee@linaro.org> X-Mailer: git-send-email 2.11.0 MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.85.210.174 Subject: [Qemu-devel] [RFC PATCH] tests/docker: add basic user mapping support X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: bobby.prani@gmail.com, =?UTF-8?q?Alex=20Benn=C3=A9e?= , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Currently all docker builds are done by exporting a tarball to the docker container and running the build as the containers root user. Other use cases are possible however and it is possible to map a part of users file-system to the container. This is useful for example for doing cross-builds of arbitrary source trees. For this to work smoothly the container needs to have a user created that maps cleanly to the host system. This adds a -u option to the docker script so that: DEB_ARCH=armhf DEB_TYPE=stable ./tests/docker/docker.py build \ -u --include-executable=arm-linux-user/qemu-arm \ debian:armhf ./tests/docker/dockerfiles/debian-bootstrap.docker Will build a container that can then be run like: docker run --rm -it -v /home/alex/lsrc/qemu/risu.git/:/src \ --user=alex:alex -w /src/ debian:armhf \ sh -c "make clean && ./configure -s && make" Signed-off-by: Alex Bennée --- tests/docker/docker.py | 19 +++++++++++++++++++ tests/docker/dockerfiles/debian-bootstrap.docker | 3 +++ 2 files changed, 22 insertions(+) -- 2.11.0 diff --git a/tests/docker/docker.py b/tests/docker/docker.py index 37d83199e7..59baac6bae 100755 --- a/tests/docker/docker.py +++ b/tests/docker/docker.py @@ -12,6 +12,7 @@ # the top-level directory. import os +import stat import sys import subprocess import json @@ -25,6 +26,7 @@ import signal from tarfile import TarFile, TarInfo from StringIO import StringIO from shutil import copy, rmtree +from pwd import getpwuid DEVNULL = open(os.devnull, 'wb') @@ -225,6 +227,8 @@ class BuildCommand(SubCommand): help="""Specify a binary that will be copied to the container together with all its dependent libraries""") + parser.add_argument("--user", "-u", action="store_true", + help="Add the current user to images passwd") parser.add_argument("tag", help="Image Tag") parser.add_argument("dockerfile", @@ -260,6 +264,21 @@ class BuildCommand(SubCommand): _copy_binary_with_libs(args.include_executable, docker_dir) + if args.user: + uid = os.getuid() + uname = getpwuid(uid).pw_name + scriptlet = docker_dir+"/setup_user.sh" + + # write scriptlet + setup = open(scriptlet, "w") + setup.write("#!/bin/sh\n") + setup.write("useradd -u %d -U %s" % (uid, uname)) + setup.close() + + st = os.stat(scriptlet) + os.chmod(scriptlet, + st.st_mode | stat.S_IXUSR | stat.S_IXGRP | stat.S_IXOTH) + dkr.build_image(tag, docker_dir, dockerfile, quiet=args.quiet, argv=argv) diff --git a/tests/docker/dockerfiles/debian-bootstrap.docker b/tests/docker/dockerfiles/debian-bootstrap.docker index 3a9125e497..127782eedf 100644 --- a/tests/docker/dockerfiles/debian-bootstrap.docker +++ b/tests/docker/dockerfiles/debian-bootstrap.docker @@ -14,6 +14,9 @@ RUN sed -i 's/in_target mount/echo not for docker in_target mount/g' /debootstra # Run stage 2 RUN /debootstrap/debootstrap --second-stage +# Do we want to tweak the user? +RUN if test -e /setup_user.sh; then /setup_user.sh; fi + # At this point we can install additional packages if we want # Duplicate deb line as deb-src RUN cat /etc/apt/sources.list | sed "s/deb/deb-src/" >> /etc/apt/sources.list