On Sat, Mar 13 2010, Santiago Vila wrote:
> I'd like to hear your opinion on this as kernel-package maintainer.
Well, kernel-package has always advised people to build sources
in directories where they have write permission, and where the dir
permissions are such that dpkg-deb is not upset.
> On one hand, /usr/src has been sgid-src for ages, so make-kpkg should
> probably deal with that gracefully.
This is not make-kpkg (which does not care): this is dpkg-deb,
and the proper fix would be to make dpkg-deb not care. This will come
up with trying to build _any_ package in /usr/src.
> On the other hand, I don't really see the point in having /usr/src sgid-src
> by default.
> While we are at it, I wonder how is this different from /usr/local and
> the group staff. The only difference I see is that /usr/local is in
> policy while /usr/src is not.
Well, while I can see some merit in the argument that src
directories should be writable by people in the src group (gives some
level of nuanced protection), I can also see that in practice it adds
little, and is only a minor inconvenience for the sysadmin to set such a
directory up locally if needed. Most people probably rarely use this
feature.
I would be OK with you deciding that /usr/src is not longer sgid
src -- or with you deciding that building packages in /usr/src is not
supported.
>
> To help investigate bug 571457, I wanted to compile an openvz upstream
> kernel obtained by
>
> cd /usr/src
> git clone git://git.openvz.org/pub/linux-2.6.26-openvz openvz-git-kernel
I would suggest not using the /usr hierarchy, which is meant for
vendor stuff.
>
> For the actual kernel compile, I configured and then tried the Debian way:
>
> cd /usr/src/openvz-git-kernel
> make-kpkg --initrd kernel_image
>
> Expected result: A linux-image .deb package gets built.
> Result seen: The build fails, with an error message
>
> dpkg-deb: control directory has bad permissions 2755 (must be >=0755
> and <=0775)
>
> My analysis: base-files sets up /usr/src with the g+s permission bit,
> that bit infects my entire source directory tree, make-kpkg doesn't like
> that.
Correction: dpkg-deb does not like that. And it would not like
it not matter _what_ package one tries to build there.
> My take on this: Various Debian packages should fit together, but
> base-files and make-kpkg don't, in this respect.
Actually, I would say that building packages in the /usr/src
hierarchy is not a supported use case.
manoj
--
The questions remain the same. The answers are eternally variable.
Manoj Srivastava <[email protected]> <http://www.debian.org/~srivasta/>
4096R/C5779A1C E37E 5EC5 2A01 DA25 AD20 05B6 CF48 9438 C577 9A1C
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
