Hi,
Am Freitag, den 07.05.2021, 08:23 +0200 schrieb Johannes Schauer Marin
Rodrigues:
> Control: reopen -1
>
> Quoting Benjamin Drung (2021-05-06 15:41:53)
> > Am Mittwoch, den 05.05.2021, 20:46 +0200 schrieb Jonas Smedegaard:
> > > Quoting Johannes Schauer Marin Rodrigues (2021-05-05 19:37:16)
> > >
> > > > The patch should probably look something like this:
> > > >
> > > > @@ -5461,10 +5461,8 @@ sub main() {
> > > > '-c',
> > > > '--exclude=./dev'
> > > > );
> > > > - # tar2sqfs and genext2fs do not support extended
> > > > attributes
> > > > - if ($format eq "squashfs") {
> > > > - warning "tar2sqfs does not support extended
> > > > attributes";
> > > > - } elsif ($format eq "ext2") {
> > > > + # genext2fs does not support extended attributes
> > > > + if ($format eq "ext2") {
> > > > warning "genext2fs does not support extended
> > > > attributes";
> > > > } else {
> > > > push @taropts, '--xattrs';
> > >
> > > @Benjamin: Will you have the honour? You seem more expert in
> > > using
> > > mmdebstrap and therefore more likely to catch flaws in this than
> > > me...
> >
> > Uploaded as mmdebstrap 0.7.5-2.1 and pushed changes to salsa. The
> > patch
> > can be directly applied with "git am" on the upstream project as
> > well.
>
> it seems you did not run the test suite after applying your changes.I tried to run the test suite, but it failed at a different stage regardless of my patch. To not spill this ticket, I will report the failures separately. > I have a > jenkins job that runs the testsuite daily and which now fails [1] > with: > > 00:00:00.142 E: + mmdebstrap --mode=root --variant=important unstable > /tmp/debian-chroot-root.squashfs http://127.0.0.1/debian > 00:00:00.375 E: I: chroot architecture amd64 is equal to the host's > architecture > 00:00:00.437 E: I: automatically chosen format: squashfs > 00:00:00.448 E: I: using /tmp/mmdebstrap.NSUkL7euot as tempdir > 00:00:00.546 E: I: running apt-get update... > 00:00:03.690 E: I: downloading packages with apt... > 00:00:05.096 E: I: extracting archives... > 00:00:08.166 E: I: installing essential packages... > 00:00:14.938 E: I: downloading apt... > 00:00:15.630 E: I: installing apt... > 00:00:17.774 E: I: installing remaining packages inside the chroot... > 00:00:28.442 E: I: cleaning package lists and apt cache... > 00:00:28.506 E: I: creating tarball... > 00:01:32.243 E: I: done > 00:01:32.250 E: ERROR: squashfs does not support xattr prefix of > system.posix_acl_default > 00:01:32.258 E: W: creating tarball failed: E: failed to run tar2sqfs > --quiet --no-skip --force --exportable --compressor xz --block-size > 1048576 /tmp/debian-chroot-root.squashfs > > [1] > https://jenkins.debian.net/job/fakeroot-foreign-worker/256/console > > That specific test is not run via autopkgtest because in that test we > make sure > that the squashfs image produced in root mode and unshare mode is > bit-by-bit > identical. But the unshare mode doesn't work with the current debci > setup, so > the test is skipped. > > This is where the error comes from in squashfs-tools-ng: > > https://sources.debian.org/src/squashfs-tools-ng/1.0.4-1/bin/tar2sqfs/process_tarball.c/?hl=54#L54 It took me quite some time to analyze this issues and figure out why tar2sqfs sometimes shows this error message: Debian buster uses only the security namespace of the extended attributes, but Debian bullseye/unstable also uses the system namespace: ``` $ mmdebstrap --variant=important bullseye root.tar $ tar --xattrs --xattrs-include='*' -vv -tf root.tar | grep -B 1 '^ ' -rwxr-xr-x* 0/0 77432 2021-02-02 18:49 ./bin/ping x: 20 security.capability -- drwxr-sr-x* 0/102 0 2021-05-07 15:10 ./var/log/journal/ x: 44 system.posix_acl_access x: 44 system.posix_acl_default ``` tar2sqfs from squashfs-tools-ng 1.0.4-1 supports encoding extended attributes from the namespace `user`, `trusted`, and `security` (see `include/sqfs/xattr.h`). GNU tar (version 1.34) supports these three namespaces plus the namespace `system`. So I updated my patch to exclude the `system` namespace when using tar2sqfs. This time I verified that my patch passes all tests that passed before. -- Benjamin Drung Senior DevOps Engineer and Debian & Ubuntu Developer Compute Platform Operations 1&1 IONOS SE | Greifswalder Str. 207 | 10405 Berlin | Deutschland E-Mail: benjamin.dr...@ionos.com | Web: www.ionos.de Hauptsitz Montabaur, Amtsgericht Montabaur, HRB 24498 Vorstand: Hüseyin Dogan, Dr. Martin Endreß, Claudia Frese, Henning Kettler, Arthur Mai, Matthias Steinberg, Achim Weiß Aufsichtsratsvorsitzender: Markus Kadelke Member of United Internet
signature.asc
Description: This is a digitally signed message part
