[Buildd-tools-devel] Bug#428808: Bug#428808: schroot: Fails if chroot's /etc/resolv.conf already points to the right resolv.conf

Raphael Hertzog hertzog at debian.org
Fri Jun 15 06:10:35 UTC 2007 

On Thu, 14 Jun 2007, Roger Leigh wrote:
> Raphael Hertzog <hertzog at debian.org> writes:
> 
> > Following my previous bug report I switched my chroot to "plain" type and
> > got this:
> > rhertzog at rivendell:~$ schroot -c sarge
> > cp: `/etc/resolv.conf' and `/var/lib/schroot/mount/sarge-dc129170-7fe7-44ad-9a5e-a7f4e67a716a/etc/resolv.conf' are the same file
> > E: sarge-dc129170-7fe7-44ad-9a5e-a7f4e67a716a: Chroot setup failed: stage=setup-start
> >
> > This is because I have <chroot>/etc/resolv.conf as a symlink pointing
> > to .host/resolv.conf and <chroot>/etc/.host/ is bind mounted to the real /etc/.
> 
> That's not recommended, in case anything trashes your host system's
> passwd/group/resolv.conf.  We deliberately copy them into the chroot
> so that bind-mounted files on the host can't be accidentally damaged
> either by the setup scripts or any action taken inside the chroot.

Yeah I know that. Actually I use this only for /etc/resolv.conf and
/etc/hosts. Anything that can be changed by packages (like passwd files)
is voluntarily kept as separate files.

> This isn't ideal; I'm willing to look into any suggestions for better
> ways of handling these files inside the chroot.  Ideally it should
> better cope with different NSS configurations in addition to files,
> but we can't be sure the necessary packages are present to cope with
> different setups.

I don't have any suggestion for this.

> > It looks like /etc/schroot/setup.d/20network could be enhanced to check
> > for this specific case at least. Or it could simply do nothing if the
> > chroot's resolv.conf is a symlink. 
> 
> We can certainly stat(1) both and check if the device and inode
> numbers are the same.  I'm not so sure about the symlink; I don't know
> how the script can be certain of correctly assuming the intent of the
> system administrator in this case.

You need to resolve (readlink -f or -e) the symlink before doing the stat
in any case. Because the symlink has its own inode number.

Another simpler solution is to copy the file only if it's needed (i.e.
when the content differs). You calculate the md5sum of each file and you
copy only when they differ. This is even better I think.

Cheers,
-- 
Raphaël Hertzog

Premier livre français sur Debian GNU/Linux :
http://www.ouaza.com/livre/admin-debian/

More information about the Buildd-tools-devel mailing list