Jörg, Quoting Gilles Filippini (2020-04-02 23:46:11) > Johannes Schauer a écrit le 02/04/2020 à 22:57 : > > Quoting Gilles Filippini (2020-04-02 22:37:42) > >> The problem occurs in both cases: > >> > >> $ $ sudo sbuild-createchroot --make-sbuild-tarball=foo.tar.gz \ > >> --chroot-prefix=foo --keep-sbuild-chroot-dir unstable \ > >> "$(TMPDIR= mktemp -d)" http://ftp.de.debian.org/debian > >> ... > >> $ tar tvaf foo.tar.gz | head -4 > >> drwx------ pini/pini 0 2020-04-02 22:17 ./ > >> drwxrws--- sbuild/sbuild 0 2020-04-02 22:17 ./build/ > >> drwxr-xr-x root/root 0 2020-04-02 22:16 ./mnt/ > >> drwxr-xr-x root/root 0 2020-04-02 22:16 ./dev/ > >> > >> $ sudo sbuild-createchroot --make-sbuild-tarball=bar.tar.gz \ > >> --chroot-prefix=bar --keep-sbuild-chroot-dir unstable \ > >> "$(TMPDIR=~/tmp mktemp -d)" http://ftp.de.debian.org/debian > >> ... > >> $ tar tvaf bar.tar.gz | head -4 > >> drwx------ pini/pini 0 2020-04-02 22:26 ./ > >> drwxrws--- sbuild/sbuild 0 2020-04-02 22:26 ./build/ > >> drwxr-xr-x root/root 0 2020-04-02 22:25 ./mnt/ > >> drwxr-xr-x root/root 0 2020-04-02 22:25 ./dev/ > >> > >> The temporary directory has permission 700 in both cases: > >> drwx------ 22 pini pini 4096 avril 2 22:17 /tmp/tmp.wnCEvIIVxV > >> drwx------ 22 pini pini 4096 avril 2 22:26 /home/pini/tmp/tmp.5cz5ZSXoKd > >> > >> This is expected (excerpt from the mktemp man page): > >>> Files are created u+rw, and directories u+rwx, minus umask restrictions. > > > > Okay, this means that the problem does *not* occur if you operate > > sbuild-createchroot like this: > > > > mkdir ~/tmp > > sudo sbuild-createchroot --make-sbuild-tarball=foo.tar.gz unstable ~/tmp > > > > If so, then the following patch should fix your problem: > > > > --- a/bin/sbuild-createchroot > > +++ b/bin/sbuild-createchroot > > @@ -293,6 +293,7 @@ if (-e $target) { > > if (!-d $target) { > > die "$target exists and is not a directory"; > > } > > + chmod 0755, $target or die "cannot chmod $target"; > > # only check if the directory is empty if the --setup-only option is > > not > > # given because that option needs an already populated directory > > if (!$conf->get('SETUP_ONLY')) { > > > > > > Can you confirm? > > No, this is not enough. / has to be own by root for the systemd package > configuration to work. So it would be: > > mkdir ~/tmp > sudo chown root:root ~/tmp > sudo sbuild-createchroot --make-sbuild-tarball=foo.tar.gz unstable ~/tmp > > I've just tested it successfully. > > And you'll have to add this line to your patch: > > chown 0, 0, $target or die "cannot chown $target"; > > Thanks,
your original report you mention that this was about /var/log. Others have chimed in, reporting wrong permissions of /. I have a fix for the permissions and ownership of /. Could you patch your /usr/bin/sbuild-createchroot with the following patch and create a new sbuild chroot and tell me if this fixes the original bug for you? Thanks! cheers, josch diff --git a/bin/sbuild-createchroot b/bin/sbuild-createchroot index 169e6435..49e56b66 100755 --- a/bin/sbuild-createchroot +++ b/bin/sbuild-createchroot @@ -293,6 +293,7 @@ if (-e $target) { if (!-d $target) { die "$target exists and is not a directory"; } + chmod 0755, $target or die "cannot chmod $target"; # only check if the directory is empty if the --setup-only option is not # given because that option needs an already populated directory if (!$conf->get('SETUP_ONLY')) { @@ -431,6 +432,7 @@ if (!$conf->get('SETUP_ONLY')) { ); !system(@cmd) or die "E: Error running @cmd"; } else { + chown(0, 0, $target) or die "cannot chown $target"; !system($debootstrap, @args) or die "E: Error running $debootstrap_bin"; } }
signature.asc
Description: signature