Hi, Quoting Santiago Vila (2024-04-04 12:17:14) > While trying to use the unshare backend I found this error: > > tar: dev/full: Cannot mknod: Operation not permitted > tar: dev/urandom: Cannot mknod: Operation not permitted > tar: dev/console: Cannot mknod: Operation not permitted > tar: dev/ptmx: Cannot mknod: Operation not permitted > tar: dev/random: Cannot mknod: Operation not permitted > [...] > > The reason (as Jochen identified quickly) is that my tarball did not > include ./ entries, so the exclude patterns in lib/Sbuild/ChrootUnshare.pm > had no effect. > > Since I don't think a tarball without ./ is really "wrong" to the point > that it needs to be recreated (this is in fact the very first in my life > that a tarball without ./ causes any kind of trouble), I think it would be > desirable to support those tarballs as well.
how did you create that tarball? > So, we (Jochen and myself) wonder if any of the following patches would be > acceptable to you. > > The first patch adds --anchored option to tar invocation so that the exclude > patterns are matched from the beginning only (not anywhere in the filename), > then adds the remaining eight exclude patterns for tarballs without "./". > > I could agree that the end result is not very nice, but it's simple, > effective, and imo it's not really so much ugly. > > However, while we are at it, I wonder why it's necessary to uncompress > anything in /dev at all these days. Would it work if everything in /dev is > excluded? > > The second patch (untested) supports tarballs with or without ./ and at the > same time simplifies the exclude patterns to just two. Your addition of --anchored drops support for tarballs with members that start with ././ or with ./././ and so on. Your second patch is described as "Do not extract anything in /dev" but what it actually excludes is the directory itself and not just everything in it. Maybe a better solution would be to pipe the tarballs through mmtarfilter and just remove all the device nodes from them. This avoids requiring any --exclude options for tar. Thanks! cheers, josch
signature.asc
Description: signature