scripts/mkimage.sh: non-root cleanup fixes

Hi!

This PR addresses two issues:

• even if executed under a non-root user mkimage.sh leaves several root-owned files in its workdir, and so cleaning up the workdir requires root privileges
• when it finishes, it doesn't remove mktemp created WORKDIR thus "polluting" the temporary directory (/tmp, $TMPDIR)

I'm not 100% sure that using apk instead of abuild-apk is legit there. It seems to be working fine, as the generated iso and minirootfs files work fine. abuild-apk is there since the creation of the script. So I'd highly appreciate if someone with more experience can confirm that using apk here is perfectly fine.

Thanks.

alpine01:~/aports/scripts$ id
uid=1000(stas) gid=1000(stas) groups=10(wheel),300(abuild),1000(stas)
alpine01:~/aports/scripts$ mkdir /tmp/workdir
alpine01:~/aports/scripts$ ./mkimage.sh --profile minirootfs --repository http://mirror.yandex.ru/mirrors/alpine/v3.14/main --workdir /tmp/workdir
OK: 0 MiB in 0 packages
fetch http://mirror.yandex.ru/mirrors/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
v3.14.2-83-g04ade1dae3 [http://mirror.yandex.ru/mirrors/alpine/v3.14/main]
OK: 4791 distinct packages available
>>> mkimage-x86_64: Building minirootfs
>>> mkimage-x86_64: Creating alpine-minirootfs-211008-x86_64.tar.gz
http://mirror.yandex.ru/mirrors/alpine/v3.14/main
fetch http://mirror.yandex.ru/mirrors/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
(1/14) Installing musl (1.2.2-r3)
(2/14) Installing busybox (1.33.1-r3)
(3/14) Installing alpine-baselayout (3.2.0-r16)
(4/14) Installing alpine-keys (2.3-r1)
(5/14) Installing libcrypto1.1 (1.1.1l-r0)
(6/14) Installing libssl1.1 (1.1.1l-r0)
(7/14) Installing ca-certificates-bundle (20191127-r5)
(8/14) Installing libretls (3.3.3p1-r2)
(9/14) Installing ssl_client (1.33.1-r3)
(10/14) Installing zlib (1.2.11-r3)
(11/14) Installing apk-tools (2.12.7-r0)
(12/14) Installing scanelf (1.3.2-r0)
(13/14) Installing musl-utils (1.2.2-r3)
(14/14) Installing libc-utils (0.7.2-r3)
OK: 6 MiB in 14 packages
Images generated in /home/stas/aports/scripts
alpine01:~/aports/scripts$ ls -l /tmp/workdir/
total 8
drwxr-xr-x    8 stas     stas          4096 Oct  8 17:15 apkroot-x86_64
drwxr-xr-x    2 stas     stas          4096 Oct  8 17:15 image-da39a3ee5e6b4b0d3255bfef95601890afd80709-x86_64-minirootfs
alpine01:~/aports/scripts$ rm -rf /tmp/workdir/apkroot-x86_64/
rm: can't remove '/tmp/workdir/apkroot-x86_64/var/cache/apk': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/var/cache/misc': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/dev/null': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/dev/console': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/dev/zero': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/dev/urandom': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/dev/random': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/lib/apk/db/scripts.tar': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/lib/apk/db/triggers': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/lib/apk/db/lock': Permission denied
rm: can't remove '/tmp/workdir/apkroot-x86_64/lib/apk/db/installed': Permission denied
alpine01:~/aports/scripts$ ls -l /tmp/workdir/apkroot-x86_64/dev/null 
crw-rw-rw-    1 root     root        1,   3 Oct  8 17:15 /tmp/workdir/apkroot-x86_64/dev/null
alpine01:~/aports/scripts$ 

added status:mr-stale label

Sorry to bother you @skholman,

but we've detected that this merge request hasn't seen any recent activity. If you need help or want to discuss your approach with developers you can ping @team/mentors. You can also ask on IRC on #alpine-devel on irc.oftc.net. If no further activity occurs in this MR, Alpine developers may close it in the future.

Thanks for your contribution.

removed status:mr-stale label

added 21343 commits

• 04234d0a...41651f02 - 21341 commits from branch alpine:master
• 81aa7988 - scripts/mkimage.sh: switch from abuild-apk to apk
• 3bca6409 - scripts/mkimage.sh: cleanup the workdir created with mktemp

Compare with previous version

added status:mr-stale label

Sorry to bother you @skholman,

but we've detected that this merge request hasn't seen any recent activity. If you need help or want to discuss your approach with developers you can ping @team/mentors. You can also ask on IRC on #alpine-devel on irc.oftc.net. If no further activity occurs in this MR, Alpine developers may close it in the future.

Thanks for your contribution.

added 2735 commits

• 3bca6409...4ef696c1 - 2733 commits from branch alpine:master
• b60edaee - scripts/mkimage.sh: switch from abuild-apk to apk
• 4cb57607 - scripts/mkimage.sh: cleanup the workdir created with mktemp

Compare with previous version

This is pretty nice. abuild-apk is needed when apk does chroot. None of those operations should require chroot so I believe this is fine.

approved this merge request

added 7 commits

• 4cb57607...352d91a9 - 5 commits from branch alpine:master
• 33cba646 - scripts/mkimage.sh: switch from abuild-apk to apk
• baf412d1 - scripts/mkimage.sh: cleanup the workdir created with mktemp

Compare with previous version

removed status:mr-stale label

enabled an automatic merge when the pipeline for baf412d1 succeeds

merged