You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by gn...@apache.org on 2022/05/03 15:58:52 UTC

[maven-mvnd] branch master updated: FIx files generated with wrong user id, fixes #627 (#632)

This is an automated email from the ASF dual-hosted git repository.

gnodet pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/maven-mvnd.git


The following commit(s) were added to refs/heads/master by this push:
     new 7c8fa21  FIx files generated with wrong user id, fixes #627 (#632)
7c8fa21 is described below

commit 7c8fa216ff5f68e807146cdb78bd29b77444e94e
Author: Guillaume Nodet <gn...@gmail.com>
AuthorDate: Tue May 3 17:58:48 2022 +0200

    FIx files generated with wrong user id, fixes #627 (#632)
---
 native/Makefile                             | 79 +++++++++++++++++++----------
 native/docker/crossbuild-uid/Dockerfile     | 11 ++++
 native/docker/crossbuild-uid/crossbuild-uid | 31 +++++++++++
 pom.xml                                     |  2 +-
 4 files changed, 95 insertions(+), 28 deletions(-)

diff --git a/native/Makefile b/native/Makefile
index 1483344..3172294 100644
--- a/native/Makefile
+++ b/native/Makefile
@@ -17,7 +17,7 @@
 
 include Makefile.common
 
-.phony: all package native native-all deploy
+.PHONY: all package native native-all deploy crossbuild crossbuild-uid ducible clean-native
 
 all: package
 
@@ -25,8 +25,10 @@ MVNDNATIVE_OUT:=target/native-$(OS_NAME)-$(OS_ARCH)
 
 CCFLAGS:= -I$(MVNDNATIVE_OUT) $(CCFLAGS)
 
-download-includes:
+target:
 	@test -d target || mkdir target
+
+download-includes: target
 	@test -d target/inc || mkdir target/inc
 	@test -d target/inc/unix || mkdir target/inc/unix
 	@test -d target/inc/windows || mkdir target/inc/windows
@@ -34,6 +36,19 @@ download-includes:
 	test -f target/inc/unix/jni_md.h || wget -O target/inc/unix/jni_md.h https://raw.githubusercontent.com/openjdk/jdk/jdk-11%2B28/src/java.base/unix/native/include/jni_md.h
 	test -f target/inc/windows/jni_md.h || wget -O target/inc/windows/jni_md.h https://raw.githubusercontent.com/openjdk/jdk/jdk-11%2B28/src/java.base/windows/native/include/jni_md.h
 
+crossbuild: target
+	@test -d target || mkdir target
+	test -d target/crossbuild || git clone https://github.com/multiarch/crossbuild.git target/crossbuild
+	git -C target/crossbuild reset --hard d06cdc31fce0c85ad78408b44794366dafd59554
+	docker build target/crossbuild -t multiarch/crossbuild
+
+crossbuild-uid: crossbuild
+	docker build docker/crossbuild-uid -t maven-mvnd/crossbuild
+
+ducible: target
+	test -d target/ducible || git clone --branch v1.2.2 https://github.com/jasonwhite/ducible.git target/ducible
+	make --directory=target/ducible ducible CROSS_PREFIX= CXX=g++ CC=gcc
+
 clean-native:
 	rm -rf $(MVNDNATIVE_OUT)
 
@@ -49,10 +64,7 @@ $(MVNDNATIVE_OUT)/$(LIBNAME): $(MVNDNATIVE_OUT)/mvndnative.o
 	@mkdir -p $(@D)
 	$(CC) $(CCFLAGS) -o $@ $(MVNDNATIVE_OUT)/mvndnative.o $(LINKFLAGS)
 ifeq ($(OS_NAME), Windows)
-	echo "running ducible on $(OS_NAME)"
 	target/ducible/ducible $(MVNDNATIVE_OUT)/$(LIBNAME)
-else
-	echo "not running ducible on $(OS_NAME)"
 endif
 
 NATIVE_DIR=src/main/resources/org/mvndaemon/mvnd/nativ/$(OS_NAME)/$(OS_ARCH)
@@ -75,23 +87,33 @@ $(NATIVE_DLL): $(MVNDNATIVE_OUT)/$(LIBNAME)
 linux-x86: download-includes
 	./docker/dockcross-linux-x86 bash -c 'make clean-native native OS_NAME=Linux OS_ARCH=x86'
 
-linux-x86_64: download-includes
-	docker run -it --rm -v $$PWD:/workdir -e CROSS_TRIPLE=x86_64-linux-gnu multiarch/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=x86_64
+linux-x86_64: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/workdir \
+		-e BUILDER_UID=$$( id -u ) -e BUILDER_GID=$$( id -g ) -e BUILDER_USER=$$( id -un ) -e BUILDER_GROUP=$$( id -gn ) \
+		-e CROSS_TRIPLE=x86_64-linux-gnu maven-mvnd/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=x86_64
 
-linux-arm: download-includes
-	docker run -it --rm -v $$PWD:/workdir -e CROSS_TRIPLE=arm-linux-gnueabi multiarch/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=arm
+linux-arm: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/workdir \
+		-e BUILDER_UID=$$( id -u ) -e BUILDER_GID=$$( id -g ) -e BUILDER_USER=$$( id -un ) -e BUILDER_GROUP=$$( id -gn ) \
+		-e CROSS_TRIPLE=arm-linux-gnueabi maven-mvnd/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=arm
 
 linux-armv6:
 	./docker/dockcross-linux-armv6 bash -c 'make clean-native native CROSS_PREFIX=armv6-unknown-linux-gnueabihf- OS_NAME=Linux OS_ARCH=armv6'
 
-linux-armv7: download-includes
-	docker run -it --rm -v $$PWD:/workdir -e CROSS_TRIPLE=arm-linux-gnueabihf multiarch/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=armv7
+linux-armv7: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/workdir \
+		-e BUILDER_UID=$$( id -u ) -e BUILDER_GID=$$( id -g ) -e BUILDER_USER=$$( id -un ) -e BUILDER_GROUP=$$( id -gn ) \
+		-e CROSS_TRIPLE=arm-linux-gnueabihf maven-mvnd/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=armv7
 
-linux-arm64: download-includes
-	docker run -it --rm -v $$PWD:/workdir -e CROSS_TRIPLE=aarch64-linux-gnu multiarch/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=arm64
+linux-arm64: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/workdir \
+		-e BUILDER_UID=$$( id -u ) -e BUILDER_GID=$$( id -g ) -e BUILDER_USER=$$( id -un ) -e BUILDER_GROUP=$$( id -gn ) \
+		-e CROSS_TRIPLE=aarch64-linux-gnu maven-mvnd/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=arm64
 
-linux-ppc64: download-includes
-	docker run -it --rm -v $$PWD:/workdir -e CROSS_TRIPLE=powerpc64le-linux-gnu multiarch/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=ppc64
+linux-ppc64: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/workdir \
+		-e BUILDER_UID=$$( id -u ) -e BUILDER_GID=$$( id -g ) -e BUILDER_USER=$$( id -un ) -e BUILDER_GROUP=$$( id -gn ) \
+		-e CROSS_TRIPLE=powerpc64le-linux-gnu maven-mvnd/crossbuild make clean-native native OS_NAME=Linux OS_ARCH=ppc64
 
 win-x86: download-includes
 	./docker/dockcross-windows-static-x86 bash -c 'make clean-native native CROSS_PREFIX=i686-w64-mingw32.static- OS_NAME=Windows OS_ARCH=x86'
@@ -99,25 +121,28 @@ win-x86: download-includes
 win-x86_64: download-includes
 	./docker/dockcross-windows-static-x64 bash -c 'make clean-native native CROSS_PREFIX=x86_64-w64-mingw32.static- OS_NAME=Windows OS_ARCH=x86_64'
 
-mac-x86: download-includes
-	docker run -it --rm -v $$PWD:/workdir -e CROSS_TRIPLE=i386-apple-darwin multiarch/crossbuild make clean-native native OS_NAME=Mac OS_ARCH=x86
+mac-x86: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/workdir \
+		-e BUILDER_UID=$$( id -u ) -e BUILDER_GID=$$( id -g ) -e BUILDER_USER=$$( id -un ) -e BUILDER_GROUP=$$( id -gn ) \
+		-e CROSS_TRIPLE=i386-apple-darwin maven-mvnd/crossbuild make clean-native native OS_NAME=Mac OS_ARCH=x86
 
-mac-x86_64: download-includes
-	docker run -it --rm -v $$PWD:/workdir -e CROSS_TRIPLE=x86_64-apple-darwin multiarch/crossbuild make clean-native native OS_NAME=Mac OS_ARCH=x86_64
+mac-x86_64: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/workdir \
+		-e BUILDER_UID=$$( id -u ) -e BUILDER_GID=$$( id -g ) -e BUILDER_USER=$$( id -un ) -e BUILDER_GROUP=$$( id -gn ) \
+		-e CROSS_TRIPLE=x86_64-apple-darwin maven-mvnd/crossbuild make clean-native native OS_NAME=Mac OS_ARCH=x86_64
 
-mac-arm64: download-includes
-	docker run -it --rm -v $$PWD:/src -e TARGET=arm64-apple-darwin mcandre/snek:darwin sh -c "make clean-native native CROSS_PREFIX=arm64-apple-darwin20.4- OS_NAME=Mac OS_ARCH=arm64"
+mac-arm64: download-includes crossbuild-uid
+	docker run -it --rm -v $$PWD:/src \
+		-e TARGET=arm64-apple-darwin mcandre/snek:darwin sh -c "make clean-native native CROSS_PREFIX=arm64-apple-darwin20.4- OS_NAME=Mac OS_ARCH=arm64"
 
 freebsd-x86: download-includes
-	docker run -it --rm -v $$PWD:/workdir empterdose/freebsd-cross-build:9.3 make clean-native native CROSS_PREFIX=i386-freebsd9- OS_NAME=FreeBSD OS_ARCH=x86
+	docker run -it --rm -v $$PWD:/workdir \
+		empterdose/freebsd-cross-build:9.3 make clean-native native CROSS_PREFIX=i386-freebsd9- OS_NAME=FreeBSD OS_ARCH=x86
 
 freebsd-x86_64: download-includes
-	docker run -it --rm -v $$PWD:/workdir empterdose/freebsd-cross-build:9.3 make clean-native native CROSS_PREFIX=x86_64-freebsd9- OS_NAME=FreeBSD OS_ARCH=x86_64
+	docker run -it --rm -v $$PWD:/workdir \
+		empterdose/freebsd-cross-build:9.3 make clean-native native CROSS_PREFIX=x86_64-freebsd9- OS_NAME=FreeBSD OS_ARCH=x86_64
 
 #sparcv9:
 #	$(MAKE) native OS_NAME=SunOS OS_ARCH=sparcv9
 
-ducible:
-	test -d target/ducible || git clone --branch v1.2.2 https://github.com/jasonwhite/ducible.git target/ducible
-	make --directory=target/ducible ducible CROSS_PREFIX= CXX=g++ CC=gcc
-
diff --git a/native/docker/crossbuild-uid/Dockerfile b/native/docker/crossbuild-uid/Dockerfile
new file mode 100644
index 0000000..ce18c9e
--- /dev/null
+++ b/native/docker/crossbuild-uid/Dockerfile
@@ -0,0 +1,11 @@
+FROM multiarch/crossbuild
+RUN cd /tmp; \
+    git clone https://github.com/ncopa/su-exec.git; \
+    cd /tmp/su-exec; \
+    make; \
+    cp su-exec /usr/bin; \
+    rm -Rf /tmp/su-exec
+ENTRYPOINT [ "/usr/bin/crossbuild-uid", "/usr/bin/crossbuild" ]
+CMD ["/bin/bash"]
+WORKDIR /workdir
+COPY crossbuild-uid /usr/bin/crossbuild-uid
diff --git a/native/docker/crossbuild-uid/crossbuild-uid b/native/docker/crossbuild-uid/crossbuild-uid
new file mode 100755
index 0000000..0fdab91
--- /dev/null
+++ b/native/docker/crossbuild-uid/crossbuild-uid
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+# This is the entrypoint script for the dockerfile. Executed in the
+# container at runtime.
+
+export PATH_ORIGIN=$PATH
+export LD_LIBRARY_PATH_ORIGIN=$LD_LIBRARY_PATH
+
+# If we are running docker natively, we want to create a user in the container
+# with the same UID and GID as the user on the host machine, so that any files
+# created are owned by that user. Without this they are all owned by root.
+# The dockcross script sets the BUILDER_UID and BUILDER_GID vars.
+if [[ -n $BUILDER_UID ]] && [[ -n $BUILDER_GID ]]; then
+
+    groupadd -o -g $BUILDER_GID $BUILDER_GROUP 2> /dev/null
+    useradd -o -m -g $BUILDER_GID -u $BUILDER_UID $BUILDER_USER 2> /dev/null
+    export HOME=/home/${BUILDER_USER}
+    shopt -s dotglob
+    cp -r /root/* $HOME/
+    chown -R $BUILDER_UID:$BUILDER_GID $HOME
+
+    # Enable passwordless sudo capabilities for the user
+    chown root:$BUILDER_GID $(which su-exec)
+    chmod +s $(which su-exec); sync
+
+    # Run the command as the specified user/group.
+    exec su-exec $BUILDER_UID:$BUILDER_GID "$@"
+else
+    # Just run the command as root.
+    exec "$@"
+fi
diff --git a/pom.xml b/pom.xml
index 021497c..e3d82ff 100644
--- a/pom.xml
+++ b/pom.xml
@@ -334,7 +334,7 @@ limitations under the License.</inlineHeader>
                             <exclude>**/*.dll</exclude>
                             <exclude>**/*.jnilib</exclude>
                             <exclude>**/Makefile*</exclude>
-                            <exclude>**/docker/*</exclude>
+                            <exclude>**/docker/**</exclude>
                             <exclude>**/*.tpl</exclude>
                         </excludes>
                         <mapping>