672705831f
As motivation for this; we have had two breakouts of dib in recent memory. One was a failure to unmount through symlinks in the core code (I335316019ef948758392b03e91f9869102a472b9) and the other was removing host keys on the build-system (Ib01d71ff9415a0ae04d963f6e380aab9ac2260ce). For the most part, dib runs unprivileged. Bits of the core code are hopefully well tested (modulo bugs like the first one!). We give free reign inside the chroot (although there is still some potential there for adverse external affects via bind mounts). Where we could be a bit safer (and could have prevented at least the second of these breakouts) is with some better checking that the "sudo" calls *outside* the chroot at least looked sane. This adds a basic check that we're using chroot or image paths when calling sudo in those parts of elements that run *outside* the chroot. Various files are updated to accomodate this check; mostly by just ignoring it for existing code (I have not audited these calls). Nobody is pretending this type of checking makes dib magically safe, or removes the issues with it needing to do things as root during the build. But this can help find egregious errors like the key removal. Change-Id: I161a5aea1d29dcdc7236f70d372c53246ec73749 |
||
|---|---|---|
| bin | ||
| diskimage_builder | ||
| doc/source | ||
| elements | ||
| lib | ||
| releasenotes | ||
| tests | ||
| .gitignore | ||
| .gitreview | ||
| .testr.conf | ||
| babel.cfg | ||
| LICENSE | ||
| MANIFEST.in | ||
| README.rst | ||
| requirements.txt | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
Image building tools for OpenStack
diskimage-builder is a flexible suite of components for
building a wide-range of disk images, filesystem images and ramdisk
images for use with OpenStack.
This repository has the core functionality for building such images, both virtual and bare metal. Images are composed using elements; while fundamental elements are provided here, individual projects have the flexibility to customise the image build with their own elements.
For example:
$ DIB_RELEASE=trusty disk-image-create -o ubuntu-trusty.qcow2 vm ubuntuwill create a bootable Ubuntu Trusty based qcow2
image.
diskimage-builder is useful to anyone looking to produce
customised images for deployment into clouds. These tools are the
components of TripleO that are
responsible for building disk images. They are also used extensively to
build images for testing OpenStack itself, particularly with nodepool.
Platforms supported include Ubuntu, CentOS, RHEL and Fedora.
Full documentation, the source of which is in
doc/source/, is published at:
Copyright
Copyright 2012 Hewlett-Packard Development Company, L.P. Copyright (c) 2012 NTT DOCOMO, INC.
All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.