openstack
/
diskimage-builder
Code Issues Proposed changes
diskimage-builder/diskimage_builder/elements/manifests
History
Noam Angel f1369a1add Set manifest permissions in the image 
This is a follow-on to 57ef187632.

There's two things going on here; DIB_MANIFEST_IMAGE_DIR is *outside*
the chroot on the build host.  We copy the files here for posterity, I
guess.  MANIFEST_IMAGE_PATH is *inside* the chroot and are the files
we want to ensure are locked to root.

The prior change modified the permissions on DIB_MANIFEST_IMAGE_DIR.
So the first time you build, it works -- then the second time,
assuming you're using the same output filename, it hits the root-owned
manifest directories and causes a build failure.

I have built with this and checked that the manifest files in the
image are locked to root:

 $ virt-ls -a ./test.qcow2 -l /etc/dib-manifests
 total 32
 drwxr-xr-x  2 0 0  4096 May 24 03:39 .
 drwxr-xr-x 53 0 0  4096 May 24 03:39 ..
 -rw-------  1 0 0 15236 May 24 03:39 dib-manifest-dpkg-test
 -rw-------  1 0 0    35 May 24 03:39 dib_arguments
 -rw-------  1 0 0   137 May 24 03:39 dib_environment

Related-Bug: #1671842
Change-Id: I08319d0b5fcc461d40fe0be8427dcf0e37ad21e6
 		2017-05-24 15:20:55 +10:00
..
cleanup.d Set manifest permissions in the image 2017-05-24 15:20:55 +10:00
environment.d Release 1.25.2 2017-02-02 11:20:00 +11:00
extra-data.d Move elements & lib relative to diskimage_builder package 2016-11-01 17:27:41 -07:00
README.rst Merge branch 'master' into merge-branch 2017-02-09 13:35:53 +11:00

README.rst

manifests

An framework for saving manifest information generated during the build for later inspection. Manifests are kept in the final image and also copied to the build area post-image creation.

Elements that wish to save any form of manifest should depend on this element and can save their data to into the DIB_MANIFEST_IMAGE_DIR ( which defaults to /etc/dib-manifests). Note this is created in extra-data.d rather than pre-install.d to allow the source-repositories element to make use of it

The manifests are copied to DIB_MANIFEST_SAVE_DIR, which defaults to ${IMAGE_NAME}.d/, resulting in the manifests being available as ${IMAGE_NAME}.d/dib-manifests by default after the build.

Extra status

This element will also add the files dib_environment and dib_arguments to the manifest recording the diskimage-builder specific environment (DIB_* variables) and command-line arguments respectively.