From e621f37b63293c11e9cd240e3617c42cf2c75a0f Mon Sep 17 00:00:00 2001 From: Quentin Kaiser Date: Tue, 2 Sep 2025 11:50:30 +0200 Subject: [PATCH 1/2] chore(deps): replace e2fsprogs source from fork to upstream MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Our debugfs fix¹ is present in the debian trixie version² and in latest Ubuntu³. We can therefore go back to installing it from upstream rather than relying on our own fork. ¹: https://github.com/tytso/e2fsprogs/commit/56a444e898be418afd4bd11f2a6950dce7e4ae99 ²: https://metadata.ftp-master.debian.org/changelogs//main/e/e2fsprogs/e2fsprogs_1.47.2-3_changelog ³: https://launchpad.net/ubuntu/+source/e2fsprogs --- docs/installation.md | 14 -------------- install-deps.sh | 8 +------- 2 files changed, 1 insertion(+), 21 deletions(-) diff --git a/docs/installation.md b/docs/installation.md index 6891913ae4..a189e424e0 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -224,17 +224,3 @@ There is a handy `install-deps.sh` script included in the repository and PyPI pa curl -L -o sasquatch_1.0.deb "https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-5/sasquatch_1.0_$(dpkg --print-architecture).deb" sudo dpkg -i sasquatch_1.0.deb rm sasquatch_1.0.deb - -4. We maintain a fork of e2fsprogs based on Debian upstream, with some security fixes. You can install it this way: - - curl -L -o e2fsprogs_1.47.0-3.ok2.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok2/e2fsprogs_1.47.0-3.ok2_$(dpkg --print-architecture).deb" - curl -L -o libext2fs2_1.47.0-3.ok2.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok2/libext2fs2_1.47.0-3.ok2_$(dpkg --print-architecture).deb" - curl -L -o libss2_1.47.0-3.ok2.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok2/libss2_1.47.0-3.ok2_$(dpkg --print-architecture).deb" - sudo dpkg -i libext2fs2_1.47.0-3.ok2.deb libss2_1.47.0-3.ok2.deb - sudo dpkg -i e2fsprogs_1.47.0-3.ok2.deb - rm -f libext2fs2_1.47.0-3.ok2.deb libss2_1.47.0-3.ok2.deb e2fsprogs_1.47.0-3.ok2.de - - In case you already had e2fsprogs installed, you might need to upgrade some more packages from e2fsprogs. - You can get the names of the installed e2fsprogs binary packages this way: - - sudo dpkg-query -W -f '${db:Status-Abbrev}\t${source:Package}\t${Package}\n' | grep '^i...e2fsprogs' | cut -f3 diff --git a/install-deps.sh b/install-deps.sh index c5bb9751f2..dd5131a361 100755 --- a/install-deps.sh +++ b/install-deps.sh @@ -5,6 +5,7 @@ apt-get update apt-get install --no-install-recommends -y \ android-sdk-libsparse-utils \ curl \ + e2fsprogs \ erofs-utils \ lz4 \ lziprecover \ @@ -19,10 +20,3 @@ apt-get install --no-install-recommends -y \ curl -L -o sasquatch_1.0.deb "https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-5/sasquatch_1.0_$(dpkg --print-architecture).deb" dpkg -i sasquatch_1.0.deb rm -f sasquatch_1.0.deb - -curl -L -o libext2fs2_1.47.0-3.ok2.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok2/libext2fs2_1.47.0-3.ok2_$(dpkg --print-architecture).deb" -curl -L -o e2fsprogs_1.47.0-3.ok2.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok2/e2fsprogs_1.47.0-3.ok2_$(dpkg --print-architecture).deb" -curl -L -o libss2_1.47.0-3.ok2.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok2/libss2_1.47.0-3.ok2_$(dpkg --print-architecture).deb" -dpkg -i libext2fs2_1.47.0-3.ok2.deb libss2_1.47.0-3.ok2.deb -dpkg -i e2fsprogs_1.47.0-3.ok2.deb -rm -f libext2fs2_1.47.0-3.ok2.deb libss2_1.47.0-3.ok2.deb e2fsprogs_1.47.0-3.ok2.deb From b59ed4afe676da210cef73020dfeab6eeba98033 Mon Sep 17 00:00:00 2001 From: Quentin Kaiser Date: Tue, 2 Sep 2025 11:58:55 +0200 Subject: [PATCH 2/2] Revert "fix(docker): pin down base image to debian bookworm" This reverts commit c13a0532cc54a3119578136ccf0c63917ea81928. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f575fe0ded..f583d644b2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.12-slim-bookworm +FROM python:3.12-slim RUN mkdir -p /data/input /data/output RUN useradd -m unblob