Hi josch, * Johannes Schauer Marin Rodrigues <jo...@debian.org> [2023-11-22 07:22]:
steps to reproduce:--chroot-setup-commands='ischroot && echo "is chroot" || echo "is not chroot" in contrast to mmdebstrap unshare mode, the contents of /proc/1/mountinfo and /proc/self/mountinfo are the same in sbuild. See https://sources.debian.org/src/debianutils/latest/ischroot.c/
The difference is due to mmdebstrap opening a extra namespace here: https://sources.debian.org/src/mmdebstrap/1.4.0-1/mmdebstrap/#L1707 I tried to adding an unshare --mount to sbuild here but did not manage: https://sources.debian.org/src/sbuild/0.85.4/lib/Sbuild/ChrootUnshare.pm/#L324 Maybe you have an idea where to put it? While at it I also researched a bit into ischroot: # How does ischroot work:ischroot assumes that a chroot changes the mountinfo file and that the one of PID 1 is not chrooted. This is true for a chroot set up by schroot for example. sbuild+unshare instead also mounts a new proc and thus it is becoming PID 1, or rather the runuser in ChrootUnshare.pm. So one way around this would be to mount the outside proc, as in:
- mount -t proc proc \"\$rootdir/proc\"; + mount -o rbind /proc \"\$rootdir/proc\"; in: https://sources.debian.org/src/sbuild/0.85.4/lib/Sbuild/ChrootUnshare.pm/#L323But that means that the package build in sbuild can list outside processes which seems suboptimal.
# How is ischroot used I looked at the results at: https://codesearch.debian.net/search?q=ischroot And it is used rather seldom (besides some testing code): https://codesearch.debian.net/search?q=ischroot+package%3A%5CQdebootstrap%5CE https://codesearch.debian.net/search?q=ischroot+package%3A%5CQglibc%5CE https://codesearch.debian.net/search?q=ischroot+package%3A%5CQsysvinit%5CE https://codesearch.debian.net/search?q=ischroot+package%3A%5CQcdist%5CE https://codesearch.debian.net/search?q=ischroot+package%3A%5CQmini-buildd%5CEmini-buildd btw. also uses systemd-detect-virt as an alternative (though not with --chroot). And there is at least one package that does the same as ischroot manually:
https://codesearch.debian.net/search?q=ischroot+package%3A%5CQsalt%5CE On the other hand it considered second-class in debianutils: https://sources.debian.org/src/debianutils/5.14/CONTRIBUTING/?hl=28#L28So maybe it should be replaced by systemd-detect-virt but that compares the inodes of /proc/1/root and / which seems even more brittle as /proc/1/root is not readable by everyone and seems to have the same issues as ischroot, otherwise.
# telinit behaviourFrom #debian-bootstrap I understood that this is actually an issue during cross compiling something when `libc6.postinst configure` is called resulting in an endless loop of telinit. There are two implementations of telinit in Debian. The one in sysvinit-core does not seem to trigger this behaviour, whereas the one in systemd-sysv does seems to wait forever. On the other hand telinit(8) from systemd-sysv states that it should not be used anymore.
So maybe libc6.postinst should use a different interface and/or do something else to check if PID 1 is actually an init?
Or should sbuild run some init as PID 1? Cheers Jochen
signature.asc
Description: PGP signature
