[Bug 1187750] [NEW] system group creation for android container device access needs to move out of the build scripts

Oliver Grawert ogra at ubuntu.com
Wed Jun 5 12:05:17 UTC 2013 

Public bug reported:

currently live-build/ubuntu-touch/hooks/02-add_user_to_groups.chroot has
a hardcoded way of creating system groups for android device access in
ubuntu-touch. since we want to build images for arches that are not
necessarily using the android layer in the future this functionality
needs to move into a postinst script of the lxc-android-config package
instead.

in android kernel, drivers and binary userspace tools are using a hardcoded GID -> groupname mapping to manage device access
http://paste.ubuntu.com/5735451/ has the full list of group mapping to GIDs

it currently seems like we have to have at least a minimal set of these
groups on the ubuntu side to have sockets and /dev entries mapped to the
hardcoded GIDs the android side expects for granting access.

when discussing this migration the foundations team had massive concerns
about using such a hardcoded mapping on the ubuntu side. while this bug
is easily fixed by moving the script to the right package, further
discussion is needed to find a conceptual solution that suits all
parties and does not break devcie access and socket communication with
android services.

** Affects: livecd-rootfs (Ubuntu)
     Importance: High
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1187750

Title:
  system group creation for android container device access needs to
  move out of the build scripts

Status in “livecd-rootfs” package in Ubuntu:
  New

Bug description:
  currently live-build/ubuntu-touch/hooks/02-add_user_to_groups.chroot
  has a hardcoded way of creating system groups for android device
  access in ubuntu-touch. since we want to build images for arches that
  are not necessarily using the android layer in the future this
  functionality needs to move into a postinst script of the lxc-android-
  config package instead.

  in android kernel, drivers and binary userspace tools are using a hardcoded GID -> groupname mapping to manage device access
  http://paste.ubuntu.com/5735451/ has the full list of group mapping to GIDs

  it currently seems like we have to have at least a minimal set of
  these groups on the ubuntu side to have sockets and /dev entries
  mapped to the hardcoded GIDs the android side expects for granting
  access.

  when discussing this migration the foundations team had massive
  concerns about using such a hardcoded mapping on the ubuntu side.
  while this bug is easily fixed by moving the script to the right
  package, further discussion is needed to find a conceptual solution
  that suits all parties and does not break devcie access and socket
  communication with android services.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1187750/+subscriptions

More information about the foundations-bugs mailing list