Bug#994034: (no subject)
Hi, Quoting Arturo Borrero Gonzalez (2021-09-13 11:09:07) > I do want to run sbuild with the same user inside/outside the chroot, but > sbuild > ignores it. > > The system is configured to use LDAP users. There is no reason for sbuild to > ignore that and create arbitrary local users inside the schroot (if that's > what > is happening anyway). > > Perhaps you only read the email about using sudo and not the rest of the > report? > I mean, specifically, the nsswitch.conf diff inside/outside the chroot. but this is nothing that sbuild touches. If you want your chroots to use LDAP users, then you have to set it up that way. sbuild cannot and will not start copying configuration files from outside the chroot into the chroot. If you want a configuration file from the outside to be present inside the chroot, then it's your task to do that. Thanks! cheers, josch signature.asc Description: signature
Bug#994034: (no subject)
On Sat, 11 Sep 2021 11:29:16 +0200 Johannes Schauer Marin Rodrigues wrote: If you want to use sbuild with the schroot backend, I think your easiest option is to run sbuild like everybody else does: with the same user inside and outside the chroot, running sbuild as that user. If you somehow cannot do that, feel free to supply a patch to sbuild that allows for your setup to work. I do want to run sbuild with the same user inside/outside the chroot, but sbuild ignores it. The system is configured to use LDAP users. There is no reason for sbuild to ignore that and create arbitrary local users inside the schroot (if that's what is happening anyway). Perhaps you only read the email about using sudo and not the rest of the report? I mean, specifically, the nsswitch.conf diff inside/outside the chroot. regards.
Bug#994034: (no subject)
Hi, Quoting Arturo Borrero Gonzalez (2021-09-10 13:44:16) > Another additional hint. > > If I run sbuild as root (i.e, sudo sbuild [..]) then the bug isn't triggered. > > This may be obvious, but wanted to share the info anyway. I'm not sure whether I'd classify what you are experiencing as a bug or whether you are just not using sbuild as intended. ;) So, by default, sbuild will use the schroot backend (notice, that there are more backends available than schroot) and you should *not* run sbuild as root but as a normal user. Then inside the chroot environment, the package build should also *not* be run as root but instead sbuild will use the user that sbuild was run with from the outside to build the package inside. With your setup it seems that the user outside has a different uid than the user inside and thus your build fails because of missing permissions. In general, I'd advise against you building packages as root because the build process in principle will run arbitrary code. Though it should also be noted, that this is also no protection against code from the package build escaping the chroot, see https://bugs.debian.org/661037 for details. I'd also like to point out that you can change the user that is used inside the chroot using the $build_user though this is also not without problems, see https://bugs.debian.org/920386 for details. If you want to use sbuild with the schroot backend, I think your easiest option is to run sbuild like everybody else does: with the same user inside and outside the chroot, running sbuild as that user. If you somehow cannot do that, feel free to supply a patch to sbuild that allows for your setup to work. Thanks! cheers, josch signature.asc Description: signature
Bug#994034: (no subject)
Another additional hint. If I run sbuild as root (i.e, sudo sbuild [..]) then the bug isn't triggered. This may be obvious, but wanted to share the info anyway.