Your message dated Thu, 24 Dec 2015 09:45:01 +0100
with message-id <[email protected]>
and subject line Re: Option to add bind-mounts to sbuild
has caused the Debian Bug report #795466,
regarding Option to add bind-mounts to sbuild
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
795466: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795466
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sbuild
Version: 0.65.2-1
Severity: normal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
it would be really useful to be able to sepecify additional bind-mounts
to sbuild.
My use case is that I want to make a local repository (file:///)
available as an extra repository. I used --extra-package, but passing
that 2000 times made the builds too slow...
Thanks,
Joachim
- -- System Information:
Debian Release: stretch/sid
APT prefers buildd-unstable
APT policy: (500, 'buildd-unstable'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.0.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages sbuild depends on:
ii adduser 3.113+nmu3
ii apt-utils 1.0.9.10
ii libsbuild-perl 0.65.2-1
ii perl 5.20.2-6
Versions of packages sbuild recommends:
ii debootstrap 1.0.72
ii fakeroot 1.20.2-1
Versions of packages sbuild suggests:
pn deborphan <none>
ii wget 1.16.3-3
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlXNqv4ACgkQ9ijrk0dDIGwMPACdEzl7mfDuHxtLfJVTyuMWA7/O
OakAoJ7I+Pr1zlNSRfR0PBE2NlDSTAi4
=luM5
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Hi,
Am Donnerstag, den 24.12.2015, 09:41 +0100 schrieb Johannes Schauer:
> which will probably not happen because schroot is supposed to be run as a user
> but the decision about which mounts are allowed should be left to the
> superuser. This is currently enforced by only root having the privileges to
> edit /etc/schroot/chroot.d/*. If a normal user could bind mount whatever they
> want on demand that would be a security issue.
bummer, but true. Linux’s all-or-nothing approach to mount security is
generally a problem, but not one we will solve here...
> What I'm usually doing is to setup a local http server like this:
>
> $ cd /my/pkg/root
> $ python3 -m http.server 8000 --bind 127.0.0.1
>
> With this I can then run sbuild with:
>
> --extra-repository="deb http://127.0.0.1:8000/ ./"
I find that a hack, and one that is tricky to pull in an automated
fashion (i.e. cleanly stopping the web server afterwards). Plus it is
slow, as the files needs to be copied into the schroot this way.
> Alternatively you could use some of the directories that are already shared
> with the sbuild chroot by default like /home and /tmp
Right, that is my current approach: Use /tmp. It involves copying the
.deb’s there, but it works well enough.
Thanks for your input!
Joachim
--
Joachim "nomeata" Breitner
Debian Developer
[email protected] | ICQ# 74513189 | GPG-Keyid: F0FBF51F
JID: [email protected] | http://people.debian.org/~nomeata
signature.asc
Description: This is a digitally signed message part
--- End Message ---
