-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I actually built an SRPM last night, using a moderately hacked mock.py
with the new mock launcher.
After figuring out what Michael meant wrt uid/gid manipulation, I went
into mock.py and added two methods to the Root class:
elevate() - change uid to the effective uid (i.e. root)
drop() - change uid back to real uid (i.e. your user id)
I modified the startup code to save off effective and real uids and to
set the realgid to the mock group. I then bracketed calls to "do" that
require privileges (e.g. chroot, mount, etc.) to look like this:
self.elevate()
self.do(<privileged command>)
self.drop()
I had an elinks srpm hanging around and fired off a mock build of that
package, which after finding a couple of calls that needed privileges,
worked (I'm always amazed when that happens). Admittedly it's not a
complex build, but it's a start.
One thing I'm puzzled about is that the build worked on a system
running SELinux and currently the SELinux preload isn't being done.
Anyone have an example build that bombs because of SELinux when the
LD_PRELOAD isn't done?
I need to do a little tidying up of mock.py. The cache stuff is
completely broken because the actual pack/unpack logic is in the
now-defunct mock-helper. I got started moving it into mock.py, but was
overcome with sleepiness last night and didn't finish. I'll try and
send out a mock.py to the list today (or would you rather have a
patch?). Just wanted some eyeballs on it to see if it's going in the
right direction.
Clark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFEkWxuHyuj/+TTEp0RAhKNAJ0UNRD78/MRAZPe44ED/CWl8bRongCgwTbR
Cmv9TG+KS2JYplFs6R7lVG8=
=5hTr
-----END PGP SIGNATURE-----
--
Fedora-buildsys-list mailing list
Fedora-buildsys-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
