Your message dated Sun, 10 May 2015 16:19:39 +0200
with message-id <[email protected]>
and subject line Re: Bug#781525: buildd.d.o: drop /usr/local/*bin from PATH
has caused the Debian Bug report #781525,
regarding buildd.d.o: drop /usr/local/*bin from PATH
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
781525: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781525
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: buildd.debian.org
severity: important
x-debbugs-cc: [email protected], [email protected]
Hi,
tl;dr;: please set the PATH on the buildds to
PATH=/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
IOW: drop /usr/local/*bin from PATH.
#780725 is the bug to clarify policy, #780729 the one to set pbuilder to the
same defaults as the buildds and #780724 is the bug which made me note this
issue.
More context:
On Donnerstag, 26. März 2015, Thorsten Glaser wrote:
> On Wed, 18 Mar 2015, Bill Allombert wrote:
> > On Wed, Mar 18, 2015 at 12:48:13PM +0100, Holger Levsen wrote:
> > > buildd.debian.org uses
> > >
> > > PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/
> > > games
[...]
> > In any case, policy currently has:
> > 10.10. File names
> > -----------------
> >
> > The name of the files installed by binary packages in the system
> > PATH (namely `/bin', `/sbin', `/usr/bin', `/usr/sbin' and
> > `/usr/games') must be encoded in ASCII.
> > though it is a strange place to define the system path.
> … but, yes, there is this.
So...
> So, both the buildds and pbuilder should be changed to use…
>
> PATH=/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
>
> … for builds, right? Where does one assigne the buildd part
> to, the buildd package? (AIUI, the Debian buildds, in contrast
> to many debian-ports buildds, do not use the buildd package
> from Debian.)
there is the buildd.debian.org pseudo-package to file bugs against.
cheers,
Holger
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
On 2015-03-30 23:28, Aurelien Jarno wrote:
> On 2015-03-30 23:08, Holger Levsen wrote:
> > On Montag, 30. März 2015, Aurelien Jarno wrote:
> > > As you said /usr/local/*bin *is* empty on the buildds, so there is no
> > > need to tweak the PATH to not load a binary from there.
> >
> > "I'm a good driver, no need to put on a safety belt."
>
> It's not about being a good driver. The point is that if one file end-up
> in /usr/local/*bin on the buildds chroots, we have much more serious
> issues than packages not building. It means either the buildd or the
> archive has been attacked, and in that case we just don't really care
> about /usr/local/*bin.
>
> I am not going to spend hours of my time, release team time, DSA time in
> fixing a more than hypothetical problem.
As explained in this mail series, only root can modify the chroots. If
it happens we have many more things to worry about.
I am therefore closing this bug.
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
[email protected] http://www.aurel32.net
signature.asc
Description: Digital signature
--- End Message ---
