Module: check_mk
Branch: master
Commit: 5c28d0690345977fb0cafc1ba943120f4e80cd4c
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=5c28d069034597…
Author: Jukka Aro <ja(a)mathias-kettner.de>
Date: Thu Oct 19 11:46:25 2017 +0200
Build Windows agent as normal user within chroot
Change-Id: I29983ac365eb565814ff633858d954ba34332abe
---
agents/windows/Makefile.am | 11 ++++++-----
agents/windows/chroot_version | 2 +-
agents/windows/do-chroot | 11 +++++------
agents/windows/make-agent | 12 ++++--------
agents/windows/make-chroot | 7 +++++--
5 files changed, 21 insertions(+), 22 deletions(-)
diff --git a/agents/windows/Makefile.am b/agents/windows/Makefile.am
index 74dce65..4afc13e 100644
--- a/agents/windows/Makefile.am
+++ b/agents/windows/Makefile.am
@@ -25,10 +25,11 @@ check_mk_agent.res: check_mk_agent.rc $(VPATH)/check_mk_agent.ico
cp $(VPATH)/check_mk_agent.ico check_mk_agent.ico
$(WINDRES) $< -O coff -o $@
-# Wine seems to depend on X Window authorization. Quiet "No protocol
specified"
-# warning by setting the DISPLAY variable accordingly.
+# Wine depends on X Server and may produce a number of warnings at startup.
+# Using Xvfb does not work properly, either. Simply send those stderr warnings
+# to /dev/null as the test output will go to stdout (and/or xml file) anyway.
unittest: WindowsAgentTest$(EXEEXT)
- DISPLAY="$$DISPLAY xterm" wine WindowsAgentTest$(EXEEXT)
+ DISPLAY="$$DISPLAY xterm" wine WindowsAgentTest$(EXEEXT) 2>/dev/null
check_mk_agent_SOURCES = \
Configurable.cc \
@@ -92,8 +93,8 @@ wmitest_SOURCES = wmitest.cc stringutil.cc WinApi.cc wmiHelper.cc
CLEANFILES = \
*.ico *.res *.rc config.* stamp-* Makefile \
- sections/.dirstamp \
- $$(find .deps/ sections/.deps -type f) \
+ sections/.dirstamp test/.dirstamp \
+ $$(find .deps/ sections/.deps test/.deps -type f) \
$(addprefix $(bindir)/,$(bin_PROGRAMS)) \
$(patsubst %$(EXEEXT),%-64$(EXEEXT),$(addprefix $(bindir)/,$(bin_PROGRAMS))) \
$(patsubst %$(EXEEXT),%.msi,$(addprefix $(bindir)/,$(bin_PROGRAMS)))
diff --git a/agents/windows/chroot_version b/agents/windows/chroot_version
index 7ed6ff8..1e8b314 100644
--- a/agents/windows/chroot_version
+++ b/agents/windows/chroot_version
@@ -1 +1 @@
-5
+6
diff --git a/agents/windows/do-chroot b/agents/windows/do-chroot
index a7b2043..fec56fa 100755
--- a/agents/windows/do-chroot
+++ b/agents/windows/do-chroot
@@ -2,13 +2,13 @@
# $1: cmd(s) to be executed within chroot jail
# if non-existent, enter chroot jail with 'bash -l'
-CMD="$1"
+CMD="$1"
export HOSTNAME=cmk-windows-agent-chroot
unset LANG
CHROOTNAME=WinAgent
-BASE="$(dirname "$(dirname "$(cd "$(dirname
"${BASH_SOURCE[0]}")" && pwd)")")"
+BASE="$(realpath ../..)"
if [ -z $CHROOT_PATH ]; then
echo "ERROR: CHROOT_PATH not set"
@@ -41,11 +41,10 @@ if [ ! -e $CHROOT_PATH/$CHROOT_BUILD_DIR/Makefile ] ; then
fi
if [ -n "$CMD" ] ; then
- chroot $CHROOT_PATH \
- /usr/bin/env CHROOTNAME=$CHROOTNAME HOME=/root NEW_VERSION=$NEW_VERSION \
- bash -c "$CMD"
+ chroot $CHROOT_PATH /usr/bin/env CHROOTNAME=$CHROOTNAME \
+ NEW_VERSION=$NEW_VERSION bash -c "$CMD"
else
- chroot $CHROOT_PATH /usr/bin/env CHROOTNAME=$CHROOTNAME HOME=/root bash -l
+ chroot $CHROOT_PATH /usr/bin/env CHROOTNAME=$CHROOTNAME bash -l
fi
umount $CHROOT_PATH/$CHROOT_BUILD_DIR
diff --git a/agents/windows/make-agent b/agents/windows/make-agent
index 7603f03..3199353 100755
--- a/agents/windows/make-agent
+++ b/agents/windows/make-agent
@@ -16,7 +16,7 @@ parse-args "$@"
chroot_dependencies=(debootstrap debian-archive-keyring)
versionfile=chroot_version
-base="$(dirname "$(dirname "$(cd "$(dirname
"${BASH_SOURCE[0]}")" && pwd)")")"
+base="$(realpath ../..)"
# May be set from external environment. Otherwise use chroot
# directory in agents/windows
@@ -49,15 +49,11 @@ else
CHROOT_BUILD_DIR=$CHROOT_BUILD_DIR ./make-chroot
fi
-# Build the Windows agent within chroot by calling the 'build-agent' script.
+# Build the Windows agent within chroot by calling the 'build-agent' script as
+# $SUDO_USER.
CHROOT_PATH=$CHROOT_PATH CHROOT_BUILD_DIR=$CHROOT_BUILD_DIR \
NEW_VERSION=$NEW_VERSION ./do-chroot \
- "$CHROOT_BUILD_DIR/agents/windows/build-agent -j${njobs} $targets"
+ "/bin/su - $SUDO_USER -m -c '$CHROOT_BUILD_DIR/agents/windows/build-agent
-j${njobs} $targets'"
EXIT_CODE=$?
-# Some cleanup: chown build artifacts to the original user.
-find . -maxdepth 1 -regextype egrep \
--regex
'(.*\.(exe|msi|m4|cache|in))|.*\/.*build.*|.*plugins|.*Makefile.*|.*configure|.*comp.*|.*install.*|.*missing'
\
--exec chown -R $USER:$USER {} \;
-
exit $EXIT_CODE
diff --git a/agents/windows/make-chroot b/agents/windows/make-chroot
index 96f0528..dd95603 100755
--- a/agents/windows/make-chroot
+++ b/agents/windows/make-chroot
@@ -10,7 +10,7 @@
MIRROR=http://de.archive.ubuntu.com/ubuntu
export HOSTNAME=cmk-windows-agent-chroot
export LC_ALL=en_US.UTF-8 LANGUAGE=en_US.UTF-8 LANG=en_US.UTF-8
-BASE="$(dirname "$(dirname "$(cd "$(dirname
"${BASH_SOURCE[0]}")" && pwd)")")"
+BASE="$(realpath ../..)"
if [ -z $CHROOT_PATH ]; then
echo "ERROR: CHROOT_PATH not set"
@@ -78,7 +78,7 @@ package_names=(
libio-socket-ssl-perl
liblwp-mediatypes-perl
liblwp-protocol-https-perl
- libmailtools-perl
+ libmailtools-perl
libnet-http-perl
libnet-smtp-ssl-perl
libnet-ssleay-perl
@@ -144,6 +144,9 @@ if [ ! -h $CHROOT_PATH/usr/bin/python ] ; then
ln -sf python2.7 $CHROOT_PATH/usr/bin/python
fi
+# Add user for building windows agent without root privileges
+./do-chroot "useradd -lmo -u $(id -u $SUDO_USER) -s /bin/bash $SUDO_USER"
+
# "Disable" apt privilege dropping in chroot
sed -ri 's/^_apt:x:[0-9]+:/_apt:x:0:/g' $CHROOT_PATH/etc/passwd