[buildd-tools-devel] Bug#591010: 1.15.8.{0, 1} behaviour change: dpkg-buildpackage -r no longer supports absolute paths, breaks sbuild

Roger Leigh rleigh at codelibre.net
Thu Aug 19 13:58:50 UTC 2010


On Sat, Jul 31, 2010 at 05:05:08AM +0200, Guillem Jover wrote:
> Hi!
> 
> On Fri, 2010-07-30 at 18:30:33 -0500, Jonathan Nieder wrote:
> > Modestas Vainius wrote:
> > >                                            I do believe that dpkg-buildpackage
> > > should be changed to support absolute paths for -r again (what's the point not
> > > to, they are more secure anyway?) and thus save sbuild users (buildd admins and
> > > poor DDs) some time debugging and changing configuration.
> > 
> > I agree; that is a good reason to fix this in dpkg.
> 
> Exactly, fixed now in 1.15.8.2.
> 
> > However, I think sbuild is buggy here: it is friendlier to allow a
> > command to be overridden by putting a better version in /usr/local/bin/
> > (as policy §6.1 hints).
> > 
> > In other words, how about something vaguely like this patch? (not tested)
> 
> I agree with this. Even though I'm guessing the usage of absolute
> paths might have been to try to make the code more robust, using only
> command names makes it more future proof, as it allows those binaries
> to move on the file system if need be, in addition to what Jonathan
> said about allowing overriding.

I'll see what I can do about this when I have time.  It's currently
somewhat configurable if you're using %Sbuild::Sysconfig::programs
(you can alter programs here).

The intention was originally using absolute paths for security and
reliability, but I agree removing the paths does make sense.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20100819/07400f07/attachment.pgp>


More information about the Buildd-tools-devel mailing list