The attached patch removes, during the recreation of base tgz, all files from /tmp and /var/tmp (which is also world-writable).
It is made for the git version at salsa.debian.org but can also be applied to the current (0.231) version as-is. I have also modified a comment during the creation of BUILDDIR to alert for the possibility of a user who keeps (still) in his/her configuration /tmp/buildd as the build directory. It is not essential to the issue (only the tar command is), but I thought it would be nice to have also. I can send a modified version of the patch, if deemed necessary. Cheers, Georgios
diff --git a/pbuilder-modules b/pbuilder-modules index aca876de..8d8a0c59 100644 --- a/pbuilder-modules +++ b/pbuilder-modules @@ -730,8 +730,9 @@ function extractbuildplace () { fi mountproc - # FIXME maybe add more checks here? - actually it's not even really needed, - # since it's created at chroot creation time too. + # FIXME maybe add more checks here? - Always create it, since it may be set + # in the configuration to be inside one of the excluded (at 'create_basetgz') + # directories of the chroot (for example: '/tmp/buildd'). mkdir -p "${BUILDPLACE}${BUILDDIR}" # XXX added in 0.216, to be deprecated in the future # Add a compatibility symlink from the old BUILDDIR (/tmp/buildd) to the new @@ -834,7 +835,7 @@ function create_basetgz() { if [ -h "$BUILDPLACE/tmp/buildd" ] && [ "$(readlink -f "$BUILDPLACE/tmp/buildd")" = "${BUILDPLACE}$BUILDDIR" ]; then rm "$BUILDPLACE/tmp/buildd" fi - if ! tar -c --use-compress-program "$COMPRESSPROG" -f "${BASETGZ}.tmp" --exclude ./sys/* --exclude ./proc/* ./* ; then + if ! tar -c --use-compress-program "$COMPRESSPROG" -f "${BASETGZ}.tmp" --exclude "./sys/*" --exclude "./proc/*" --exclude "./tmp/*" --exclude "./tmp/.*" --exclude "./var/tmp/*" --exclude "./var/tmp/.*" ./* ; then log.e "failed building base tarball" rm -f "${BASETGZ}.tmp" exit 1;