[yocto] [OE-core] [PATCH v3 1/2] image.bbclass: add prohibited-paths QA test

Otavio Salvador otavio.salvador at ossystems.com.br
Wed Nov 15 12:46:13 PST 2017 

On Wed, Nov 15, 2017 at 1:10 PM, Martyn Welch
<martyn.welch at collabora.co.uk> wrote:
> Sometimes we wish to ensure that files or directories are not installed
> somewhere that may prove detrimental to the operation of the system. For
> example, this may be the case if files are placed in a directory that is
> utilised as a mount point at run time, thus making them inaccessible once
> when the mount point is being utilised.
>
> Implement the prohibited paths QA test, which enables such locations to be
> specified in a "PROHIBITED_PATHS" variable. This implementation allows for
> a colon separated list of paths to be provided. Shell style wildcards can
> be used.
>
> Signed-off-by: Fabien Lahoudere <fabien.lahoudere at collabora.co.uk>
> Signed-off-by: Martyn Welch <martyn.welch at collabora.co.uk>
> ---
> Changes since v1:
>  - Correcting author and SOB.
>
> Changes since v2:
>  - Reimplemented as image rather than package level QA test.
>  - Changed variable from PROHIBITED_PATH to PROHIBITED_PATHS to better
>    reflect its use.
>
>  meta/classes/image.bbclass | 20 ++++++++++++++++++++
>  1 file changed, 20 insertions(+)
>
> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
> index d93de02..bebb363 100644
> --- a/meta/classes/image.bbclass
> +++ b/meta/classes/image.bbclass
> @@ -296,6 +296,26 @@ python do_image_complete_setscene () {
>  }
>  addtask do_image_complete_setscene
>
> +python image_check_prohibited_paths () {
> +    import glob
> +    from oe.utils import ImageQAFailed
> +
> +    rootfs = d.getVar('IMAGE_ROOTFS')
> +
> +    path = d.getVar('PROHIBITED_PATHS')

path = (d.getVar('PROHIBITED_PATHS') or "")

I'd use IMAGE_QA_PROHIBITED_PATHS as variable name. It makes easier to
know what it relates to.

> +    if path != None and path != "":

If can die.

> +        for p in path.split(':'):
> +            if p[0] != '/':

if not p.startswith('/'):

> +                raise ImageQAFailed("PROHIBITED_PATHS \"%s\" must be an absolute path" % p, image_check_prohibited_paths)
> +
> +            match = glob.glob("%s%s" % (rootfs, p))
> +            if match:

I'd use:

if glob.glob(...):

It is a single use so not sure it is worth the extra variable.

> +                loc = ", ".join(item.replace(rootfs, '') for item in match)
> +                raise ImageQAFailed("Match(es) for PROHIBITED_PATHS \"%s\": %s" % (p, loc), image_check_prohibited_paths)
> +}

-- 
Otavio Salvador                             O.S. Systems
http://www.ossystems.com.br        http://code.ossystems.com.br
Mobile: +55 (53) 9981-7854            Mobile: +1 (347) 903-9750

More information about the yocto mailing list