| Message ID | 20250310094753.1985294-1-adrian.freihofer@siemens.com |
|---|---|
| State | New |
| Headers | show |
| Series | oe-init-build-env: define umask | expand |
On Mon, Mar 10, 2025 at 10:48 AM Adrian Freihofer via lists.openembedded.org <adrian.freihofer=gmail.com@lists.openembedded.org> wrote: > If umask is not suitable for bitbake it terminates with: > ERROR: OE-core's config sanity checker detected a potential > misconfiguration. > Either fix the cause of this error or at your own risk disable > the checker (see sanity.conf). Following is the list of potential > problems / advisories: > Please use a umask which allows a+rx and u+rwx > > Set the umask flags in the oe-init-build-env script to prevent from this > error. > > Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> > --- > oe-init-build-env | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/oe-init-build-env b/oe-init-build-env > index 82382f27078..5d830455f74 100755 > --- a/oe-init-build-env > +++ b/oe-init-build-env > @@ -57,3 +57,5 @@ unset OEROOT > > [ -z "$BUILDDIR" ] || cd "$BUILDDIR" > > +# explicitly set relative umask to deal with security hardening > +umask u+rwx,g+rx,o+rx > > Hello Adrian, Could you explain what situation it is needed? Kind regards, Marta
On Thu, 2025-03-13 at 11:51 +0100, Marta Rybczynska wrote: > > > On Mon, Mar 10, 2025 at 10:48 AM Adrian Freihofer via > lists.openembedded.org > <adrian.freihofer=gmail.com@lists.openembedded.org> wrote: > > If umask is not suitable for bitbake it terminates with: > > ERROR: OE-core's config sanity checker detected a potential > > misconfiguration. > > Either fix the cause of this error or at your own risk disable > > the checker (see sanity.conf). Following is the list of > > potential > > problems / advisories: > > Please use a umask which allows a+rx and u+rwx > > > > Set the umask flags in the oe-init-build-env script to prevent from > > this > > error. > > > > Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> > > --- > > oe-init-build-env | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/oe-init-build-env b/oe-init-build-env > > index 82382f27078..5d830455f74 100755 > > --- a/oe-init-build-env > > +++ b/oe-init-build-env > > @@ -57,3 +57,5 @@ unset OEROOT > > > > [ -z "$BUILDDIR" ] || cd "$BUILDDIR" > > > > +# explicitly set relative umask to deal with security hardening > > +umask u+rwx,g+rx,o+rx > > > > > > > Hello Adrian, > Could you explain what situation it is needed? Hi Marta Some host distributions or some build machines with additional hardening policies set the system-wide umask more restrictively than usual. This is not compatible with OE/bitbake. Bitbaking requires files to be built with the umask u+rwx,g+rx,o+rx by default. We've had this patch for a while now. There is already a check that tries to protect the user from calling bitbake in such an incompatible environment. That tells me we are not alone in this, as the check is not from us, as far as I know. So why not just change the umask if a user obviously wants to use a shell to invoke bitbake? A more restrictive umask setting might make sense for other applications where sensitive data is processed and even users who are members of the group should not have access by default. But I don't see any risk if we automatically switch to an umask configuration that is useful for bitbake. Kind regards, Adrian > > Kind regards, > Marta
On Thu, Mar 13, 2025 at 1:56 PM Adrian Freihofer <adrian.freihofer@gmail.com> wrote: > On Thu, 2025-03-13 at 11:51 +0100, Marta Rybczynska wrote: > > > > > > On Mon, Mar 10, 2025 at 10:48 AM Adrian Freihofer via > > lists.openembedded.org > > <adrian.freihofer=gmail.com@lists.openembedded.org> wrote: > > > If umask is not suitable for bitbake it terminates with: > > > ERROR: OE-core's config sanity checker detected a potential > > > misconfiguration. > > > Either fix the cause of this error or at your own risk disable > > > the checker (see sanity.conf). Following is the list of > > > potential > > > problems / advisories: > > > Please use a umask which allows a+rx and u+rwx > > > > > > Set the umask flags in the oe-init-build-env script to prevent from > > > this > > > error. > > > > > > Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> > > > --- > > > oe-init-build-env | 2 ++ > > > 1 file changed, 2 insertions(+) > > > > > > diff --git a/oe-init-build-env b/oe-init-build-env > > > index 82382f27078..5d830455f74 100755 > > > --- a/oe-init-build-env > > > +++ b/oe-init-build-env > > > @@ -57,3 +57,5 @@ unset OEROOT > > > > > > [ -z "$BUILDDIR" ] || cd "$BUILDDIR" > > > > > > +# explicitly set relative umask to deal with security hardening > > > +umask u+rwx,g+rx,o+rx > > > > > > > > > > > > Hello Adrian, > > Could you explain what situation it is needed? > > Hi Marta > > Some host distributions or some build machines with additional > hardening policies set the system-wide umask more restrictively than > usual. This is not compatible with OE/bitbake. Bitbaking requires files > to be built with the umask u+rwx,g+rx,o+rx by default. > > We've had this patch for a while now. There is already a check that > tries to protect the user from calling bitbake in such an incompatible > environment. That tells me we are not alone in this, as the check is > not from us, as far as I know. So why not just change the umask if a > user obviously wants to use a shell to invoke bitbake? > > A more restrictive umask setting might make sense for other > applications where sensitive data is processed and even users who are > members of the group should not have access by default. But I don't see > any risk if we automatically switch to an umask configuration that is > useful for bitbake. > > Thanks for the explanation Adrian. The need to set up the umask for all users doesn't seem right to me in the first place. Richard et al, do you have any idea why there's such a requirement? Is it related to https://git.openembedded.org/openembedded-core/commit/?id=b07b7deeae3d519d9998d583592f3e4f8f2802b3 ? Kind regards, Marta
diff --git a/oe-init-build-env b/oe-init-build-env index 82382f27078..5d830455f74 100755 --- a/oe-init-build-env +++ b/oe-init-build-env @@ -57,3 +57,5 @@ unset OEROOT [ -z "$BUILDDIR" ] || cd "$BUILDDIR" +# explicitly set relative umask to deal with security hardening +umask u+rwx,g+rx,o+rx
If umask is not suitable for bitbake it terminates with: ERROR: OE-core's config sanity checker detected a potential misconfiguration. Either fix the cause of this error or at your own risk disable the checker (see sanity.conf). Following is the list of potential problems / advisories: Please use a umask which allows a+rx and u+rwx Set the umask flags in the oe-init-build-env script to prevent from this error. Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> --- oe-init-build-env | 2 ++ 1 file changed, 2 insertions(+)