[yocto] Create uncompressed rootfs

Andre McCurdy armccurdy at gmail.com
Wed Nov 4 01:25:00 PST 2015 

On Tue, Nov 3, 2015 at 3:54 AM, Anders Darander <anders at chargestorm.se> wrote:
> * Andre McCurdy <armccurdy at gmail.com> [151103 11:34]:
>
>> On Mon, Nov 2, 2015 at 11:05 PM, Anders Darander <anders at chargestorm.se> wrote:
>> > * Andre McCurdy <armccurdy at gmail.com> [151102 20:35]:
>
>> >> See the "IMAGE_TYPES" variable for a list of rootfs types which are
>> >> supported. There's support for creating an uncompressed .tar file, but
>> >> I don't see any support for creating a rootfs directory under
>> >> tmp/deploy.
>
>> > No, the usual workflow here is to unpack the tar'ed rootfs at a suitable
>> > location.
>
>> Indeed. I don't think it's what Roberto was asking for though...
>
> Well, sure, that wasn't what Roberto explicitly was asking for, though
> that's a safer way to do what he's after...
>
> After all, if you never learn about best practises, you'll never know...
>
>> >> Depending on your work flow there are a few different solutions
>> >> though. You could extend
>> >> openembedded-core/meta/classes/image_types.bbclass to do what you want
>> >> (e.g. define a new image type or hack "IMAGE_CMD_tar" so that it also
>> >> untars rootfs.tar right after creating it).
>
>> > Well, there's some issues with this approach. In order to uncompress the
>> > tarball and be able to set owner, group, and permissions on all files,
>> > you need to untar the rootfs with root privileges. The same is true when
>> > it comes to creating device nodes.
>
>> Enabling CONFIG_DEVTMPFS in the kernel is pretty standard, so for most
>> people there are no device nodes in the rootfs tarfile and /dev is an
>> empty directory.
>
> Sure, devtmpfs is pretty much standard, though it could nonetheless be
> good to know about.
>
>> Extracting rootfs tarfiles as an unprivileged user has always worked
>> fine for me. Do you have a specific example where root privileges are
>> required?
>
> Well, everything that requires a specific user and permissions. When it
> comes to permissions it's likely most if you need to setuid or setgid on
> binaries / files / directories.
>
> When you unpack as an unpriviliged user, every file will belong to you.
>
> Thus, the recommended (and safe) way to do this, is to unpack as a
> priviliged user.

Yes, you're right. If you everything on the target runs as root then
losing setuid flags isn't going to matter much, but it could be a
problem if the target needs to support non-privileged users.

> Cheers,
> Anders
>
> --
> Anders Darander
> ChargeStorm AB / eStorm AB
> --
> _______________________________________________
> yocto mailing list
> yocto at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/yocto

More information about the yocto mailing list