diff mbox series

[v2] cve-check.bbclass: Mitigate symlink related error

Message ID 20250214142756.3320169-1-niko.mauno@vaisala.com
State Accepted, archived
Commit 64bfec359bd909761ce0a6a716286d938ed162d1
Headers show
Series [v2] cve-check.bbclass: Mitigate symlink related error | expand

Commit Message

Niko Mauno Feb. 14, 2025, 2:27 p.m. UTC 
From: Niko Mauno <niko.mauno@vaisala.com>

According to Yocto reference manual, in description of the
IMAGE_LINK_NAME variable, it is said that

  It is possible to set this to "" to disable symlink creation,
  however, you also need to set :term:`IMAGE_NAME` to still have
  a reasonable value e.g.::

    IMAGE_LINK_NAME = ""
    IMAGE_NAME = "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}"

However, when using following additions in local.conf file:

  INHERIT += "cve-check"
  IMAGE_LINK_NAME = ""
  IMAGE_NAME = "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}"

the implicit symlink creation in cve_check_write_rootfs_manifest leads
to following build failure

  $ bitbake core-image-minimal core-image-base
  ...
  ERROR: core-image-base-1.0-r0 do_image_complete: Recipe core-image-base is trying to install files into a shared area when those files already exist. The files and the manifests listing them are:
    /home/poky/build/tmp/deploy/images/qemux86-64/.json
      (matched in manifest-qemux86_64-core-image-minimal.image_complete)
  Please adjust the recipes so only one recipe provides a given file.

Mitigate the issue by creating the symlink only in case IMAGE_LINK_NAME
has not been set to empty string.

Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
---
 meta/classes/cve-check.bbclass | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

Comments

Marta Rybczynska Feb. 18, 2025, 10:58 a.m. UTC | #1 
On Fri, Feb 14, 2025 at 3:28 PM Niko Mauno via lists.openembedded.org
<niko.mauno=vaisala.com@lists.openembedded.org> wrote:

> From: Niko Mauno <niko.mauno@vaisala.com>
>
> According to Yocto reference manual, in description of the
> IMAGE_LINK_NAME variable, it is said that
>
>   It is possible to set this to "" to disable symlink creation,
>   however, you also need to set :term:`IMAGE_NAME` to still have
>   a reasonable value e.g.::
>
>     IMAGE_LINK_NAME = ""
>     IMAGE_NAME =
> "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}"
>
> However, when using following additions in local.conf file:
>
>   INHERIT += "cve-check"
>   IMAGE_LINK_NAME = ""
>   IMAGE_NAME =
> "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}"
>
> the implicit symlink creation in cve_check_write_rootfs_manifest leads
> to following build failure
>
>   $ bitbake core-image-minimal core-image-base
>   ...
>   ERROR: core-image-base-1.0-r0 do_image_complete: Recipe core-image-base
> is trying to install files into a shared area when those files already
> exist. The files and the manifests listing them are:
>     /home/poky/build/tmp/deploy/images/qemux86-64/.json
>       (matched in manifest-qemux86_64-core-image-minimal.image_complete)
>   Please adjust the recipes so only one recipe provides a given file.
>
> Mitigate the issue by creating the symlink only in case IMAGE_LINK_NAME
> has not been set to empty string.
>
> Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
> ---
>  meta/classes/cve-check.bbclass | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/meta/classes/cve-check.bbclass
> b/meta/classes/cve-check.bbclass
> index 6e10dd915a..190c5b9a80 100644
> --- a/meta/classes/cve-check.bbclass
> +++ b/meta/classes/cve-check.bbclass
> @@ -244,13 +244,15 @@ python cve_check_write_rootfs_manifest () {
>
>      if enable_json:
>          manifest_name_suffix = d.getVar("CVE_CHECK_MANIFEST_JSON_SUFFIX")
> -        link_path = os.path.join(deploy_dir, "%s.%s" % (link_name,
> manifest_name_suffix))
>          manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
>
>          with open(manifest_name, "w") as f:
>              json.dump(json_data, f, indent=2)
>
> -        update_symlinks(manifest_name, link_path)
> +        if link_name:
> +            link_path = os.path.join(deploy_dir, "%s.%s" % (link_name,
> manifest_name_suffix))
> +            update_symlinks(manifest_name, link_path)
> +
>          bb.plain("Image CVE JSON report stored in: %s" % manifest_name)
>  }
>
> I'm wondering in how many places you have similar changes?

Wouldn't it be better to centralize the conditional processing in a
separate function that could be reused?
Either inside update_symlinks or in some other wrapper function.

Kind regards,
Marta
diff mbox series

Patch

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 6e10dd915a..190c5b9a80 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -244,13 +244,15 @@  python cve_check_write_rootfs_manifest () {
 
     if enable_json:
         manifest_name_suffix = d.getVar("CVE_CHECK_MANIFEST_JSON_SUFFIX")
-        link_path = os.path.join(deploy_dir, "%s.%s" % (link_name, manifest_name_suffix))
         manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
 
         with open(manifest_name, "w") as f:
             json.dump(json_data, f, indent=2)
 
-        update_symlinks(manifest_name, link_path)
+        if link_name:
+            link_path = os.path.join(deploy_dir, "%s.%s" % (link_name, manifest_name_suffix))
+            update_symlinks(manifest_name, link_path)
+
         bb.plain("Image CVE JSON report stored in: %s" % manifest_name)
 }