Fwd: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable
From: Martyn Welch <hidden>
Date: 2021-10-26 11:21:15
Note to self - remember to reply to list... -------- Forwarded Message -------- From: Martyn Welch <redacted> To: Konrad Weihmann <redacted> Subject: Re: [OE-core] [PATCH v6 2/2] core-image.bbclass: add default IMAGE_QA_PROHIBIT_PATHS variable Date: Tue, 26 Oct 2021 12:12:11 +0100 On Tue, 2021-10-26 at 12:56 +0200, Konrad Weihmann wrote:
On 26.10.21 12:50, Martyn Welch wrote:quoted
From: Martyn Welch <martyn.welch@collabora.co.uk> Add a default IMAGE_QA_PROHIBIT_PATHS variable containing paths known to be mounted in the default fstab, which are known mount points or directories which should be populated at runtime. Suggested-by: Alexander Kanavin <redacted>That can't be true - or the initial idea is very very old :-) pls use Alex's gmail instead
It's a very old patch series, originally posted in 2017 (as mentioned in patch 1/2). Just noticed it never got applied...
quoted
+# IMAGE_QA_PROHIBITED_PATHS +# Ensure images aren't including files in places that will be used as mount points or that are +# reserved for runtime data. +IMAGE_QA_PROHIBITED_PATHS ?= "/dev/pts/*:/media/*:/mnt/*:/proc/*:/run/*:/tmp/*:/var/run/*:/var/t mp/*:/var/volatile/*"I like the idea, but wouldn't make more sense to do that on a package level, as here the user is more or less left alone in guessing where the file actually does come from
I like that idea, however it would make to assumption that there wasn't any tweaks being made as part of image generation that would end up violating this. A quick check suggests the "build-appliance- image_15.0.0.bb" image does this kind of thing in the core image types. Martyn