Your message dated Sat, 07 Dec 2019 18:04:45 +0000
with message-id <[email protected]>
and subject line Bug#942111: fixed in debhelper 12.7.2
has caused the Debian Bug report #942111,
regarding dpkg,debhelper: please set HOME, XDG_* to a temporary location during
the build
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
942111: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942111
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: dpkg,debhelper
Severity: wishlist
I'm reporting this feature request against both dpkg and debhelper because
I don't yet know whether it's feasible to implement in debhelper, and
if it's feasible in both places, I don't know which location is where
it *should* be implemented.
Problem statement
-----------------
Debian Policy ยง4.9 requires the build process of a package (defined in
terms of the "required targets" in d/rules) to limit its write accesses
to one of a few allowed locations:
- the unpacked source package being built
- /tmp
- /var/tmp
- $TMPDIR
- (https://bugs.debian.org/942051 points out that some other locations
like /dev/shm should also be allowed)
This requirement exists as a way to "prevent source package builds
creating and depending on state outside of themselves, thus affecting
multiple independent rebuilds", which seems like a good goal.
To encourage maintainers not to violate this part of Policy, the
production sbuild instances set HOME=/nonexistent.
Many packages run general-purpose tools from their required targets,
particularly if they have build-time tests. These general-purpose tools,
or the libraries they use, frequently read and write locations such as
$HOME and the freedesktop.org (XDG) base directories[1].
The Policy requirement means that packages must either not use these
tools (which is often not feasible, particularly for packages that
*contain* these tools and wish to exercise them in build-time tests),
or set various environment variables (notably $HOME and $XDG_RUNTIME_DIR)
that have the effect of diverting those tools into a temporary directory.
glib2.0 is a good example of the boilerplate that needs to be added to
d/rules to achieve this:
> export HOME=$(CURDIR)/debian/build
> unexport XDG_CACHE_HOME
> unexport XDG_CONFIG_DIRS
> unexport XDG_CONFIG_HOME
> unexport XDG_DATA_HOME
> unexport XDG_DATA_DIRS
> export XDG_RUNTIME_DIR=$(CURDIR)/debian/tmp-xdg-runtime-dir
>
> override_dh_auto_build:
> mkdir -p debian/tmp-xdg-runtime-dir
>
> override_dh_clean:
> rm -rf $(CURDIR)/debian/build \
> $(CURDIR)/debian/tmp-xdg-runtime-dir
> dh_clean
(Even that isn't perfect. Strictly speaking, the XDG_RUNTIME_DIR ought
to be mode 0700.)
Pasting similar setup code into increasingly many packages as their
Policy violations are discovered does not seem like an ideal solution
when the problem could be solved centrally instead: instead of fighting
against these packages, we could relax the requirement to allow use of
$HOME, while ensuring that $HOME is set to a clean per-build directory.
Proposed solution
-----------------
Either dpkg-buildpackage should:
- create a fake home directory, perhaps debian/.temp-home/home, and set
$HOME to point to it
- create a fake XDG_RUNTIME_DIR, perhaps debian/.temp-home/run, and set
$XDG_RUNTIME_DIR to point to it
- delete those directories during cleaning
- either unset the other XDG_* so that their hard-coded defaults are used,
or set them to known-good values, using the fake $HOME where applicable:
- XDG_CACHE_HOME: $HOME/.cache or unset
- XDG_CONFIG_HOME: $HOME/.config or unset
- XDG_CONFIG_DIRS: /etc/xdg or unset
- XDG_DATA_HOME: $HOME/.local/share or unset
- XDG_DATA_DIRS: /usr/local/share:/usr/share or /usr/share or unset
or dh should do all of those in dh(1), and optionally in other dh_*
commands for the benefit of packages that do not use dh.
The production sbuild instances should continue to do the build as a
user whose "official" home directory (getent passwd $user | cut -d: -f6)
is /nonexistent or similar, to guard against packages that use the
home directory from the system passwd database and ignore $HOME
(such as dbus before 1.11.18 and GLib before 2.35.x).
Limitations of proposed solution
--------------------------------
If a package is built in an unclean environment that includes
variables other than those that are reset explicitly (for example with
PYTHONPATH=$HOME/.local/lib/python3), it will continue to read and/or
write the home directory. (Solved by using debuild or sbuild.)
If this is solved in dpkg-buildpackage, and a package is built by invoking
debian/rules directly, it might bypass this solution. (Solved by using
dpkg-buildpackage, or anything that wraps it, like debuild or sbuild.)
If the user specifically *wants* to write outside the build directory,
for example because they are using ccache with cached files in the
default ~/.ccache, it will no longer be sufficient to run "debuild
-ePATH=/usr/lib/ccache:$PATH"; the user will now also have to pass in
an explicit CCACHE_DIR. (Mitigation: they already need to do this for
increasingly many packages that have solved this problem locally, like
glib2.0.)
------
Where do the dpkg and debhelper maintainers think this ought to be solved?
Thanks,
smcv
--- End Message ---
--- Begin Message ---
Source: debhelper
Source-Version: 12.7.2
We believe that the bug you reported is fixed in the latest version of
debhelper, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Niels Thykier <[email protected]> (supplier of updated debhelper package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 07 Dec 2019 17:44:32 +0000
Source: debhelper
Architecture: source
Version: 12.7.2
Distribution: unstable
Urgency: medium
Maintainer: Debhelper Maintainers <[email protected]>
Changed-By: Niels Thykier <[email protected]>
Closes: 933799 942111 943705 943853 944225 945149
Changes:
debhelper (12.7.2) unstable; urgency=medium
.
[ Niels Thykier ]
* dh: Skip conditional dh sequence addons in the clean target.
This avoids FTBFS with conditional addons where the
build-dependency is not satisfied. (Closes: #944225)
* meson.pm: Fix bug where dh_auto_test would break horribly
under compat 13 due to an uninitialized variable. Thanks to
Benjamin Jacobs for reporting the issue. (Closes: #945149)
* dh_installman: Fix non-deterministic behaviour when there
multiple definitions of the same manpage in a package.
In compat 13, this is resolved by aborting with an error.
In older compat levels, dh_installman will deterministically
pick a canonical version (via sort) along with emitting a
warning. Thanks to Colin Watson for reporting the issue.
(Closes: #943705)
* dh_auto_*: In compat 13+, reset HOME and XDG_* environment
variables. Some are cleared and some are set to a writable
directory that persist until dh_clean. Thanks to
Simon McVittie for reporting the issue.
(Closes: #942111)
* dh_auto_*: As a side-effect of the above, debhelper in compat
13+ no longer trips a FTBFS in sbuild for meson packages when
ccache is installed but not configured/used explicitly.
Thanks to Simon McVittie for reporting the issue.
(Closes: #933799)
* d/control: Bump Standards-Versions to 4.4.1 - no changes
required.
.
[ Andrius Merkys ]
* debhelper.pod: Document chagnes to the gradle third-party
build system in compat 13.
.
[ Translations ]
* Update German translation (Chris Leick) (Closes: #943853)
Checksums-Sha1:
f899a9c35d96880fa86e10efd964a49ab35c71ae 1843 debhelper_12.7.2.dsc
16de18893706d2679cb3e45ecfcd834feb18b380 511800 debhelper_12.7.2.tar.xz
7b5ddaa9829e00e196c9ac22c0d2dc479a5c636b 4503 debhelper_12.7.2_source.buildinfo
Checksums-Sha256:
af438985becb7b19a5cb6794e465910bab90efab3706d49edb2700dde1dd696b 1843
debhelper_12.7.2.dsc
29f3f199c052adf7314323e3b2a5ffeb93459217437b756f129f25419686513a 511800
debhelper_12.7.2.tar.xz
e797fb2943f92f8ad3894ac4ca8950f5e6bc7d44a486a81a87848144ce400db9 4503
debhelper_12.7.2_source.buildinfo
Files:
adf1237d049b5256d145a5ff0d3fca33 1843 devel optional debhelper_12.7.2.dsc
cdabf464926b9381c32a0bde76d9b00b 511800 devel optional debhelper_12.7.2.tar.xz
401e26a00264856ee25625d0879f651f 4503 devel optional
debhelper_12.7.2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEE8f9dDX4ALfD+VfsMplt42+Z8eqwFAl3r5fQSHG5pZWxzQHRo
eWtpZXIubmV0AAoJEKZbeNvmfHqsCnIQALNsMUN3NThAcrQxv44OfkoGV4D5/FV1
3t8Pu3i1amM4k/umBoAoJ0g4UjChb+aY88EmNEw+UKHDdoY45oq2AZNhLShSxdza
NqSXQEXkGGRhi4X4cwpHWvpYpAi/qNz+PwuhV8+CMqKGdj6xLrMBovUq35VePX9z
FRHT9RQVf5TxiJbugW8h2VgNNdVTfkv9NTUKChZjdkMGxht4V2QCT+WbU64VqEhe
KiVsL0gTPQMp+n2kNjqbVU5QfvtDgID/naF5mnG5b+zblQgr30VYfMiNayH/IKrV
MytKCTSYa/FvRS4VL7zGSncfw3P3SKj2bj/yXXm8/tzCkyYFMNl2EnNxVAHt0U0W
B0yM1lq2QmBoQW4hJRTcpcVzDoZ6IVvdvxpMIQU/Tp9VXaHc1pCf00XHHvfUIdB+
CJJu05tOa4ts1bTG/9DiWQEWNExhGBmsDM6nJBFt3aAD1LzTIs9TwqiYYUDSUDTo
xFwmAtPbslx6Phyhw+0hvmulwAUNj1pLco7a3eBtwQRf7Kl0aYR0FKtwL03UCaYW
wNTJfD1cXkvtaYBVOmwhdq52x8Z0HeSMzmABhKC5/61lI259leOvzah/hCaC3+UY
ZuebabVO7+ZTSS0JqtwDNEoSyskHnk51LeJMmnbhm5vTE6ek1P1cJFJ62AeloPjw
Y0XU1fIbnRDf
=7CS1
-----END PGP SIGNATURE-----
--- End Message ---
