diff mbox series

base-files: refresh patch to fix fuzz

Message ID 20250521202337.113556-1-hiagofranco@gmail.com
State New
Headers show
Series base-files: refresh patch to fix fuzz | expand

Commit Message

Hiago De Franco May 21, 2025, 8:23 p.m. UTC 
From: Hiago De Franco <hiago.franco@toradex.com>

This is due to changes to nsswitch.conf file on commit 0cb122f17cf2
("base-files: add gshadow entry in nsswitch.conf"). Fixes:

ERROR: base-files-3.0.14-r0 do_patch: QA Issue: Fuzz detected:

Applying patch 0001-add-nss-resolve-to-nsswitch.patch
patching file nsswitch.conf
Hunk #1 succeeded at 9 with fuzz 2 (offset 1 line).

The context lines in the patches can be updated with devtool:

    devtool modify base-files
    devtool finish --force-patch-refresh base-files <layer_path>

Don't forget to review changes done by devtool!

Patch log indicates that patches do not apply cleanly. [patch-fuzz]

Signed-off-by: Hiago De Franco <hiago.franco@toradex.com>
---
 .../0001-add-nss-resolve-to-nsswitch.patch           | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

Comments

Alexander Kanavin May 22, 2025, 11:01 a.m. UTC | #1 
On Wed, 21 May 2025 at 22:24, Hiago De Franco via
lists.openembedded.org <hiagofranco=gmail.com@lists.openembedded.org>
wrote:
> This is due to changes to nsswitch.conf file on commit 0cb122f17cf2
> ("base-files: add gshadow entry in nsswitch.conf"). Fixes:
>
> ERROR: base-files-3.0.14-r0 do_patch: QA Issue: Fuzz detected:
>
> Applying patch 0001-add-nss-resolve-to-nsswitch.patch
> patching file nsswitch.conf
> Hunk #1 succeeded at 9 with fuzz 2 (offset 1 line).
>
> The context lines in the patches can be updated with devtool:
>
>     devtool modify base-files
>     devtool finish --force-patch-refresh base-files <layer_path>
>
> Don't forget to review changes done by devtool!
>
> Patch log indicates that patches do not apply cleanly. [patch-fuzz]

It helps to mention that the patch is conditional, and that's why the
fuzz thingy isn't seen in default builds:

SRC_URI:append:libc-glibc = "${@bb.utils.contains('DISTRO_FEATURES',
'systemd systemd-resolved', '
file://0001-add-nss-resolve-to-nsswitch.patch', '', d)}"

Which makes me wonder, should we rather ship two versions of
nsswitch.conf in /meta/recipes-core/base-files/ and install one, or
the other?

Alex
Hiago De Franco May 22, 2025, 7:07 p.m. UTC | #2 
On Thu, May 22, 2025 at 01:01:43PM +0200, Alexander Kanavin wrote:
> On Wed, 21 May 2025 at 22:24, Hiago De Franco via
> lists.openembedded.org <hiagofranco=gmail.com@lists.openembedded.org>
> wrote:
> > This is due to changes to nsswitch.conf file on commit 0cb122f17cf2
> > ("base-files: add gshadow entry in nsswitch.conf"). Fixes:
> >
> > ERROR: base-files-3.0.14-r0 do_patch: QA Issue: Fuzz detected:
> >
> > Applying patch 0001-add-nss-resolve-to-nsswitch.patch
> > patching file nsswitch.conf
> > Hunk #1 succeeded at 9 with fuzz 2 (offset 1 line).
> >
> > The context lines in the patches can be updated with devtool:
> >
> >     devtool modify base-files
> >     devtool finish --force-patch-refresh base-files <layer_path>
> >
> > Don't forget to review changes done by devtool!
> >
> > Patch log indicates that patches do not apply cleanly. [patch-fuzz]
> 
> It helps to mention that the patch is conditional, and that's why the
> fuzz thingy isn't seen in default builds:

Ok, I can add this to the commit description in a v2. Thanks.

> 
> SRC_URI:append:libc-glibc = "${@bb.utils.contains('DISTRO_FEATURES',
> 'systemd systemd-resolved', '
> file://0001-add-nss-resolve-to-nsswitch.patch', '', d)}"
> 
> Which makes me wonder, should we rather ship two versions of
> nsswitch.conf in /meta/recipes-core/base-files/ and install one, or
> the other?

We have the benefit to not touch two files at the same time when any
modification is needed, by using this patch. However I agree that this
conditional patch is not ideal, and looking at the git history of
nsswitch.conf, it was added in 2010 it has only one modification in
2025. I think we should be good by using two versions of this file.

I will do it on a v2 patch, thanks for your suggestions.

> 
> Alex

Regards,
Hiago.
diff mbox series

Patch

diff --git a/meta/recipes-core/base-files/base-files/0001-add-nss-resolve-to-nsswitch.patch b/meta/recipes-core/base-files/base-files/0001-add-nss-resolve-to-nsswitch.patch
index a6e39e095688..de67543a2994 100644
--- a/meta/recipes-core/base-files/base-files/0001-add-nss-resolve-to-nsswitch.patch
+++ b/meta/recipes-core/base-files/base-files/0001-add-nss-resolve-to-nsswitch.patch
@@ -1,6 +1,6 @@ 
-From 830abe652428d9d31780c3ace121635ad7b64274 Mon Sep 17 00:00:00 2001
+From 1d11dc93f71dcfa88c9eec21020b5851f35c8ba7 Mon Sep 17 00:00:00 2001
 From: Eero Aaltonen <eero.aaltonen@vaisala.com>
-Date: Wed Sep 27 15:50:48 2023 +0300
+Date: Wed, Sep 27 2023 15:50:48 +0300
 Subject: [PATCH] Add nss-resolve to the Name Service Switch (NSS)
 
 Add `nss-resolve` so that `systemd-resolved` is used for name
@@ -14,12 +14,12 @@  Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com>
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/nsswitch.conf b/nsswitch.conf
-index 06f03d2..34b165c 100644
+index 53279c1..ec6ce15 100644
 --- a/nsswitch.conf
 +++ b/nsswitch.conf
-@@ -8,7 +8,7 @@ passwd:         compat
- group:          compat
+@@ -9,7 +9,7 @@ group:          compat
  shadow:         compat
+ gshadow:        files
  
 -hosts:          files dns
 +hosts:          resolve [!UNAVAIL=return] files dns
@@ -27,5 +27,3 @@  index 06f03d2..34b165c 100644
  
  protocols:      db files
 -- 
-2.25.1
-