From patchwork Wed Dec 14 17:12:41 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 88048 Delivered-To: patch@linaro.org Received: by 10.140.20.101 with SMTP id 92csp310854qgi; Wed, 14 Dec 2016 09:20:39 -0800 (PST) X-Received: by 10.237.40.38 with SMTP id r35mr89317954qtd.0.1481736039447; Wed, 14 Dec 2016 09:20:39 -0800 (PST) Return-Path: Received: from lists.gnu.org (lists.gnu.org. [208.118.235.17]) by mx.google.com with ESMTPS id p20si30409259qki.47.2016.12.14.09.20.39 for (version=TLS1 cipher=AES128-SHA bits=128/128); Wed, 14 Dec 2016 09:20:39 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:49104 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cHDEK-0003Mv-SA for patch@linaro.org; Wed, 14 Dec 2016 12:20:36 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35142) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cHD7t-0005ws-0G for qemu-devel@nongnu.org; Wed, 14 Dec 2016 12:13:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cHD7o-0001yl-S8 for qemu-devel@nongnu.org; Wed, 14 Dec 2016 12:13:56 -0500 Received: from mail-wj0-f180.google.com ([209.85.210.180]:33519) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1cHD7o-0001yY-L9 for qemu-devel@nongnu.org; Wed, 14 Dec 2016 12:13:52 -0500 Received: by mail-wj0-f180.google.com with SMTP id xy5so42545254wjc.0 for ; Wed, 14 Dec 2016 09:13:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=WuFzj9G6XvsMMAIHciDnGFfJkf9HwzGTsULsgP60nS4=; b=GplxITHZ+TKqebmfHuNQecPkhMGfyESHvtHVkztPDV7lI87cf2mrqwhHg2dAUQyQqS lJI80eXe4j5M6p/t3BKp0v7cEc5K7WR3oTmsWmvk9k5RG3lJt5nE+qhILF+qugYt0HD6 Q/qqY8gJ2xCw21ua79vRdUlrS4RHYqinVSIy4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WuFzj9G6XvsMMAIHciDnGFfJkf9HwzGTsULsgP60nS4=; b=NbehJWXbb3/aXqjw6HV1LnXLQdY6jrfbY+Y1xjc8Mmuj3hRAd2IHJAl9w4IbLs87cy TfvebhVz6bNyayWHhnefjS/k91es0LzL5SQlKjcckjJj+uq80pfXztSbPvgDndKBZmQb Tqdve7u7Hm5oJCKVIDOpLwaDHbAEbwUqW2TnOT28lTyblmd2YCPrh373tzC/ERgXh1oQ CsDlqeMUFRK392/MBDcDzeG2D+BL8jTt8+AlVFgfqCNNTRP/4zslg4dclHCebFUtS/gV OJF1X6R9psZiMqtu3j2dbk8Dvm78cndpdHtVyxIh9k701o5/PFRcLPAU1wneLJZAe0xL nzyw== X-Gm-Message-State: AKaTC00rJCx44lQxSLn/8cMSvLoP/aEtkQr31q61rxE3wa7ACFNRd+FCAwQf1IMK3mSEcBOT X-Received: by 10.194.0.43 with SMTP id 11mr90684428wjb.218.1481735571347; Wed, 14 Dec 2016 09:12:51 -0800 (PST) Received: from zen.linaro.local ([81.128.185.34]) by smtp.gmail.com with ESMTPSA id g73sm8497931wme.16.2016.12.14.09.12.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Dec 2016 09:12:50 -0800 (PST) Received: from zen.linaroharston (localhost [127.0.0.1]) by zen.linaro.local (Postfix) with ESMTP id 769EC3E03EF; Wed, 14 Dec 2016 17:12:48 +0000 (GMT) From: =?UTF-8?q?Alex=20Benn=C3=A9e?= To: bobby.prani@gmail.com, marcandre.lureau@redhat.com Date: Wed, 14 Dec 2016 17:12:41 +0000 Message-Id: <20161214171244.26813-2-alex.bennee@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20161214171244.26813-1-alex.bennee@linaro.org> References: <20161214171244.26813-1-alex.bennee@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.85.210.180 Subject: [Qemu-devel] [RFC/POC PATCH 1/4] tests/docker: add basic user mapping support X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Fam Zheng , peter.maydell@linaro.org, =?UTF-8?q?Alex=20Benn=C3=A9e?= , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Currently all docker builds are done by exporting a tarball to the docker container and running the build as the containers root user. Other use cases are possible however and it is possible to map a part of users file-system to the container. This is useful for example for doing cross-builds of arbitrary source trees. For this to work smoothly the container needs to have a user created that maps cleanly to the host system. This adds a -u option to the docker script so that: DEB_ARCH=armhf DEB_TYPE=stable ./tests/docker/docker.py build \ -u --include-executable=arm-linux-user/qemu-arm \ debian:armhf ./tests/docker/dockerfiles/debian-bootstrap.docker Will build a container that can then be run like: docker run --rm -it -v /home/alex/lsrc/qemu/risu.git/:/src \ --user=alex:alex -w /src/ debian:armhf \ sh -c "make clean && ./configure -s && make" Signed-off-by: Alex Bennée --- tests/docker/docker.py | 19 +++++++++++++++++++ tests/docker/dockerfiles/debian-bootstrap.docker | 3 +++ 2 files changed, 22 insertions(+) -- 2.11.0 diff --git a/tests/docker/docker.py b/tests/docker/docker.py index 37d83199e7..59baac6bae 100755 --- a/tests/docker/docker.py +++ b/tests/docker/docker.py @@ -12,6 +12,7 @@ # the top-level directory. import os +import stat import sys import subprocess import json @@ -25,6 +26,7 @@ import signal from tarfile import TarFile, TarInfo from StringIO import StringIO from shutil import copy, rmtree +from pwd import getpwuid DEVNULL = open(os.devnull, 'wb') @@ -225,6 +227,8 @@ class BuildCommand(SubCommand): help="""Specify a binary that will be copied to the container together with all its dependent libraries""") + parser.add_argument("--user", "-u", action="store_true", + help="Add the current user to images passwd") parser.add_argument("tag", help="Image Tag") parser.add_argument("dockerfile", @@ -260,6 +264,21 @@ class BuildCommand(SubCommand): _copy_binary_with_libs(args.include_executable, docker_dir) + if args.user: + uid = os.getuid() + uname = getpwuid(uid).pw_name + scriptlet = docker_dir+"/setup_user.sh" + + # write scriptlet + setup = open(scriptlet, "w") + setup.write("#!/bin/sh\n") + setup.write("useradd -u %d -U %s" % (uid, uname)) + setup.close() + + st = os.stat(scriptlet) + os.chmod(scriptlet, + st.st_mode | stat.S_IXUSR | stat.S_IXGRP | stat.S_IXOTH) + dkr.build_image(tag, docker_dir, dockerfile, quiet=args.quiet, argv=argv) diff --git a/tests/docker/dockerfiles/debian-bootstrap.docker b/tests/docker/dockerfiles/debian-bootstrap.docker index 3a9125e497..127782eedf 100644 --- a/tests/docker/dockerfiles/debian-bootstrap.docker +++ b/tests/docker/dockerfiles/debian-bootstrap.docker @@ -14,6 +14,9 @@ RUN sed -i 's/in_target mount/echo not for docker in_target mount/g' /debootstra # Run stage 2 RUN /debootstrap/debootstrap --second-stage +# Do we want to tweak the user? +RUN if test -e /setup_user.sh; then /setup_user.sh; fi + # At this point we can install additional packages if we want # Duplicate deb line as deb-src RUN cat /etc/apt/sources.list | sed "s/deb/deb-src/" >> /etc/apt/sources.list