[Buildd-tools-devel] CVS access and other bits

Roger Leigh rleigh@whinlatter.ukfsn.org
Thu, 16 Jun 2005 21:29:08 +0100


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Francesco Paolo Lovergine <frankie@debian.org> writes:

> On Sat, Jun 04, 2005 at 03:30:42PM +0100, Roger Leigh wrote:
>> I'll have a look at implementing $chroot_mode (#310863) later this
>> week, if possible.
>> 
>
> That's nice. 

I've been working on this for about a week now, and I thought I'd post
what I'd done so you could comment on it.

I had a few design goals:

- - I don't want to give sbuild users full root access (via sudo) to the
  host system.
- - sbuild can't run setuid, so there must be a binary to chroot(2).

I've therefore written a binary which can do these tasks.  I initially
looked at dchroot, but this has a number of problems (see the bug
reports), and it doesn't allow checking of the available chroots or
changing of the UID to run stuff as root.  It also does no logging,
whereas my program uses PAM to provide decent auth logging.

The program is here:

http://people.debian.org/~rleigh/schroot.tar.bz2

Note: it's still in a primitive state (no docs, most source
uncommented, not autoconfiscation), but I intend to polish it up over
the weekend.  However, I thought it was now functional enough for some
real criticism.  If anyone is good on security, it would benefit from
a thorough review (sbuild_session_run* is where most of the action
happens).  There's a simple guide in the README.

If you don't like the choice of language, I can convert it to C++
fairly painlessly (I would just need to implement the GLib routines I
was using for convenience).  The class naming can also be changed.  If
you like it, you are welcome to have it.


Regards,
Roger

- -- 
Roger Leigh
                Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
                Debian GNU/Linux        http://www.debian.org/
                GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>

iD8DBQFCseEOVcFcaSW/uEgRAvTXAKCJWPG7tYSxArRE9EPKrzyTi7DFEwCfQvpx
9t2IVbUohGFbDU+K407Q1Ls=
=evTF
-----END PGP SIGNATURE-----