Xen project Mailing List

[PATCH] CI: Create initrd fragments explicitly as root

To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 9 Sep 2025 18:15:27 +0100

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>

Delivery-date: Tue, 09 Sep 2025 17:15:46 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

We have a mix of root and non-root containers, and are trying to become rootless. This can cause the local CPIO fragements to end up being user:user in the test environment. Nothing seems to go wrong so far, but it's a trap waiting to happen. Make everything consistently root for the initrds, irrespective of the rootness of the container the test is running in. No practical change. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- CC: Anthony PERARD <anthony.perard@xxxxxxxxxx> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx> CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx> Best reviewed with `git show --colour-words` I'm intending to backport this all trees as part of the fixes for the root vs rootless mismatch. --- automation/scripts/build | 2 +- automation/scripts/qemu-alpine-x86_64.sh | 4 ++-- automation/scripts/qemu-smoke-dom0-arm32.sh | 4 ++-- automation/scripts/qemu-smoke-dom0-arm64.sh | 4 ++-- automation/scripts/qemu-smoke-dom0less-arm32.sh | 2 +- automation/scripts/qemu-smoke-dom0less-arm64.sh | 4 ++-- automation/scripts/qubes-x86-64.sh | 6 +++--- automation/scripts/xilinx-smoke-dom0-x86_64.sh | 6 +++--- automation/scripts/xilinx-smoke-dom0less-arm64.sh | 4 ++-- 9 files changed, 18 insertions(+), 18 deletions(-) diff --git a/automation/scripts/build b/automation/scripts/build index 0e7494ff6d87..d0511843e7ea 100755 --- a/automation/scripts/build +++ b/automation/scripts/build @@ -108,6 +108,6 @@ else # Note: Some smoke tests depending on finding binaries/xen on a full build # even though dist/ contains everything, while some containers don't even # build Xen - (cd dist/install; find | cpio -o -H newc | gzip) > binaries/xen-tools.cpio.gz + (cd dist/install; find | cpio -R 0:0 -o -H newc | gzip) > binaries/xen-tools.cpio.gz collect_xen_artefacts fi diff --git a/automation/scripts/qemu-alpine-x86_64.sh b/automation/scripts/qemu-alpine-x86_64.sh index c4666b9507dc..242ffca693fe 100755 --- a/automation/scripts/qemu-alpine-x86_64.sh +++ b/automation/scripts/qemu-alpine-x86_64.sh @@ -25,7 +25,7 @@ mount -t devtmpfs devtmpfs /dev chmod +x initrd/init # DomU rootfs cd initrd -find . | cpio -H newc -o | gzip > ../domU-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip > ../domU-rootfs.cpio.gz cd .. # Dom0 rootfs @@ -57,7 +57,7 @@ xl -vvv create -c /root/domU.cfg " > etc/local.d/xen.start chmod +x etc/local.d/xen.start -find . | cpio -H newc -o | gzip >> ../dom0-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../dom0-rootfs.cpio.gz cd ../.. cat >> binaries/pxelinux.0 << EOF diff --git a/automation/scripts/qemu-smoke-dom0-arm32.sh b/automation/scripts/qemu-smoke-dom0-arm32.sh index 36c47daa4212..58797f7d30d3 100755 --- a/automation/scripts/qemu-smoke-dom0-arm32.sh +++ b/automation/scripts/qemu-smoke-dom0-arm32.sh @@ -30,13 +30,13 @@ curl --fail --silent --show-error --location --output initrd.tar.gz https://dl-c mkdir rootfs cd rootfs tar xvzf ../initrd.tar.gz -find . | cpio -H newc -o | gzip > ../root/initrd.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip > ../root/initrd.cpio.gz cd .. rm -rf rootfs rm initrd.tar.gz cp ../zImage ./root -find . | cpio -H newc -o | gzip > ../initrd.gz +find . | cpio -R 0:0 -H newc -o | gzip > ../initrd.gz cd .. # XXX QEMU looks for "efi-virtio.rom" even if it is unneeded diff --git a/automation/scripts/qemu-smoke-dom0-arm64.sh b/automation/scripts/qemu-smoke-dom0-arm64.sh index ee682015a061..05962bdc0203 100755 --- a/automation/scripts/qemu-smoke-dom0-arm64.sh +++ b/automation/scripts/qemu-smoke-dom0-arm64.sh @@ -24,7 +24,7 @@ mount -t devtmpfs devtmpfs /dev /bin/sh" > initrd/init chmod +x initrd/init cd initrd -find . | cpio -H newc -o | gzip > ../domU-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip > ../domU-rootfs.cpio.gz cd .. # Dom0 rootfs @@ -54,7 +54,7 @@ xl -vvv create -c /root/domU.cfg " > etc/local.d/xen.start chmod +x etc/local.d/xen.start -find . | cpio -H newc -o | gzip >> ../dom0-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../dom0-rootfs.cpio.gz cd ../.. # XXX QEMU looks for "efi-virtio.rom" even if it is unneeded diff --git a/automation/scripts/qemu-smoke-dom0less-arm32.sh b/automation/scripts/qemu-smoke-dom0less-arm32.sh index e27636dc9e8f..627d890a3926 100755 --- a/automation/scripts/qemu-smoke-dom0less-arm32.sh +++ b/automation/scripts/qemu-smoke-dom0less-arm32.sh @@ -75,7 +75,7 @@ mount -t devtmpfs devtmpfs /dev ${domU_check} /bin/sh" > init chmod +x init -find . | cpio -H newc -o | gzip > ../initrd.gz +find . | cpio -R 0:0 -H newc -o | gzip > ../initrd.gz cd .. # XXX QEMU looks for "efi-virtio.rom" even if it is unneeded diff --git a/automation/scripts/qemu-smoke-dom0less-arm64.sh b/automation/scripts/qemu-smoke-dom0less-arm64.sh index e660485f3a41..05c4a6acbb59 100755 --- a/automation/scripts/qemu-smoke-dom0less-arm64.sh +++ b/automation/scripts/qemu-smoke-dom0less-arm64.sh @@ -111,7 +111,7 @@ ${domU_check} /bin/sh" > initrd/init chmod +x initrd/init cd initrd -find . | cpio --create --format='newc' | gzip > ../binaries/initrd +find . | cpio -R 0:0 -o -H newc | gzip > ../binaries/initrd cd .. # Dom0 rootfs @@ -139,7 +139,7 @@ xl network-attach 1 type=vif ${dom0_check} " > etc/local.d/xen.start chmod +x etc/local.d/xen.start -find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz cd .. # ImageBuilder diff --git a/automation/scripts/qubes-x86-64.sh b/automation/scripts/qubes-x86-64.sh index bd939dc94894..7a59fa5f1116 100755 --- a/automation/scripts/qubes-x86-64.sh +++ b/automation/scripts/qubes-x86-64.sh @@ -184,7 +184,7 @@ ${domU_check} Kernel \r on an \m (\l) " > etc/issue - find . | cpio -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz + find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz cd .. rm -rf rootfs @@ -193,7 +193,7 @@ Kernel \r on an \m (\l) cd rootfs cp ../binaries/bzImage boot/vmlinuz-domU cp ../binaries/domU-rootfs.cpio.gz boot/initrd-domU - find . | cpio -H newc -o > ../binaries/domU-in-dom0.cpio + find . | cpio -R 0:0 -H newc -o > ../binaries/domU-in-dom0.cpio cd .. rm -rf rootfs @@ -252,7 +252,7 @@ mkdir -p etc/default echo "XENCONSOLED_TRACE=all" >> etc/default/xencommons echo "QEMU_XEN=/bin/false" >> etc/default/xencommons mkdir -p var/log/xen/console -find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz cd .. diff --git a/automation/scripts/xilinx-smoke-dom0-x86_64.sh b/automation/scripts/xilinx-smoke-dom0-x86_64.sh index 96f534f3aaa7..5379738019a7 100755 --- a/automation/scripts/xilinx-smoke-dom0-x86_64.sh +++ b/automation/scripts/xilinx-smoke-dom0-x86_64.sh @@ -102,7 +102,7 @@ echo "domU Welcome to Alpine Linux Kernel \r on an \m (\l) " > etc/issue -find . | cpio -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz cd .. rm -rf rootfs @@ -111,7 +111,7 @@ mkdir -p rootfs/boot cd rootfs cp ../binaries/bzImage boot/vmlinuz-domU cp ../binaries/domU-rootfs.cpio.gz boot/initrd-domU -find . | cpio -H newc -o > ../binaries/domU-in-dom0.cpio +find . | cpio -R 0:0 -H newc -o > ../binaries/domU-in-dom0.cpio cd .. rm -rf rootfs @@ -141,7 +141,7 @@ echo "${DOMU_CFG}${DOMU_CFG_EXTRA}" > etc/xen/domU.cfg echo "XENCONSOLED_TRACE=all" >> etc/default/xencommons echo "QEMU_XEN=/bin/false" >> etc/default/xencommons mkdir -p var/log/xen/console -find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz cd .. # Load software into TFTP server directory. diff --git a/automation/scripts/xilinx-smoke-dom0less-arm64.sh b/automation/scripts/xilinx-smoke-dom0less-arm64.sh index a6da7a830c35..61d6c686f745 100755 --- a/automation/scripts/xilinx-smoke-dom0less-arm64.sh +++ b/automation/scripts/xilinx-smoke-dom0less-arm64.sh @@ -50,7 +50,7 @@ echo "#!/bin/sh ${domU_check} /bin/sh" > etc/local.d/xen.start chmod +x etc/local.d/xen.start -find . | cpio -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/domU-rootfs.cpio.gz cd .. rm -rf rootfs @@ -71,7 +71,7 @@ bash /etc/init.d/xencommons start ${dom0_check} " > etc/local.d/xen.start chmod +x etc/local.d/xen.start -find . | cpio -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz +find . | cpio -R 0:0 -H newc -o | gzip >> ../binaries/dom0-rootfs.cpio.gz cd .. base-commit: 2275bf83a1db579661b27fc4b310a7d92594dbc0 -- 2.39.5

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.