Package: pbuilder Version: 0.215 Severity: normal As has been pointed out on debian-devel at https://lists.debian.org/debian-devel/2014/05/msg00366.html using su in things like /etc/init.d is wrong. In a similar vein, pbuilder's usage of SUTOUSER is wrong, because it creates a new session, but builds should not create sessions. Apart from that, it also breaks running pbuilder inside user namespaces:
I: Extracting source su: System error The invocation of su is a bit more verbose in auth.log: su[123]: PAM audit_log_acct_message() failed: Operation not permitted su[123]: pam_authenticate: System error su[123]: FAILED su for pbuilder by root su[123]: - ??? root:pbuilder It is not clear to me what should be used instead. A number of options were mentioned: * start-stop-daemon SUTOUSER=/sbin/start-stop-daemon --start --pidfile /dev/null --chuid pbuilder --startas /bin/sh (Thanks to Peter Palfrader for coming up with this beast.) * chpst (non-essential, package runit) * sudo (non-essential, package sudo) Helmut -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
