[buildd-tools-devel] Bug#619048: Permission problems when build fails, ~/.sbuildrc ignored
Modestas Vainius
modax at debian.org
Sun Mar 20 19:54:15 UTC 2011
Package: sbuild
Version: 0.62.0-1
Hello,
sbuild fails to remove build directories whenever build fails [1]. This is probably
because it does this as my user but not sbuild user. The regression was caused
by the following change (probably):
+ Internally, building and other actions in the chroot are
performed by the 'sbuild' system user, where previously the user
invoking sbuild would be used instead. The aim of this change is
to separate privileges to increase security and reduce the chance
of accidental or deliberate tampering of the build environment.
While the latter is not addressed by these changes, this will be
taken care of during future architectural changes.
As a side note, it should not be purging build directory in the first place
because:
$ grep purge ~/.sbuildrc
$purge_build_directory="successful";
$purge_build_deps = $purge_build_directory;
I'm not sure what's going on here (maybe it's not reading my config file
anymore?, worked well in the past). Personally, I don't agree with this
"security" change and don't see any advantages it brings to the table. The
same could have been achieved by running sbuild as sbuild user for those
paranoid about security (whatever advantages you think it brings). But if
you view this issue from a mere DD POV, now you have to actually use sudo
or the su to further tweak the build directory. This is inconvenient and
pretty much redundant in my opinion.
I suppose there is a growing interest in sbuild as a good replacement
for pbuilder among developers. However, some changes really make me think
that you forget about this group of users. Incompatible changes are made
quite frequently and they are not well documented. Personally, I don't always
have time to resort to reading perl code to understand why sbuild breaks...
[1] Excerpt from the build log:
────────────────────────────────────────────────────────────────────────────────
Build finished at 20110320-2029
Finished
────────
E: Build failure (dpkg-buildpackage died)
┌──────────────────────────────────────────────────────────────────────────────┐
│ Cleanup │
└──────────────────────────────────────────────────────────────────────────────┘
Not cleaning session: cloned chroot in use
cannot chdir to child for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-
bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/gpg: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/sbuild-build-depends-core-
dummy.deb: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/sbuild-build-depends-core-dummy.deb: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/sbuild-build-depends-core-
dummy.dsc: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/sbuild-build-depends-core-dummy.dsc: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/Release: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/Release: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/sbuild-key.sec: Permission
denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/sbuild-key.sec: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line
794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/sbuild-key.pub: Permission
denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/sbuild-key.pub: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line
794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/Release.gpg: Permission
denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/Release.gpg: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/sbuild-build-depends-
qtscriptgenerator-dummy.deb: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/sbuild-build-depends-qtscriptgenerator-dummy.deb: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/sbuild-build-depends-
qtscriptgenerator-dummy.dsc: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/sbuild-build-depends-qtscriptgenerator-dummy.dsc: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/Packages.gz: Permission
denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/Packages.gz: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/Packages: Permission denied
at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/Packages: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/Sources.gz: Permission denied
at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/Sources.gz: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive/Sources: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-
MBHZHH/apt_archive/Sources: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot remove directory for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-
bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/apt_archive: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-depends-core-
dummy/DEBIAN/control: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-
depends-core-dummy/DEBIAN/control: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line
794
cannot remove directory for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-
bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-depends-core-
dummy/DEBIAN: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot remove directory for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-
bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-depends-core-dummy:
Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot unlink file for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-bf87-
b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-depends-qtscriptgenerator-
dummy/DEBIAN/control: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot restore permissions to 0100644 for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-
ce8574bb-fd1e-4826-bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-
depends-qtscriptgenerator-dummy/DEBIAN/control: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot remove directory for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-
bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-depends-
qtscriptgenerator-dummy/DEBIAN: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot remove directory for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-
bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH/sbuild-build-depends-
qtscriptgenerator-dummy: Permission denied at /usr/share/perl5/Sbuild/ResolverBase.pm line 794
cannot remove directory for /var/lib/schroot/mount/debian-unstable-amd64-sbuild-ce8574bb-fd1e-4826-
bf87-b6b0b1f5c718/build/qtscriptgenerator-qXbyHY/resolver-MBHZHH: Permission denied at
/usr/share/perl5/Sbuild/ResolverBase.pm line 794
┌──────────────────────────────────────────────────────────────────────────────┐
│ Summary │
└──────────────────────────────────────────────────────────────────────────────┘
Architecture: amd64
Build-Space: 923737
Build-Time: 1883
Distribution: unstable
Fail-Stage: build
Install-Time: 31
Job: qtscriptgenerator_0.1.0+git20101026+8b191fbc-1.dsc
Package: qtscriptgenerator
Package-Time: 1919
Source-Version: 0.1.0+git20101026+8b191fbc-1
Space: 923737
Status: attempted
Version: 0.1.0+git20101026+8b191fbc-1
────────────────────────────────────────────────────────────────────────────────
Finished at 20110320-2029
Build needed 00:31:59, 923737k disc space
$
--
Modestas Vainius <modax at debian.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20110320/6a64696b/attachment.pgp>
More information about the Buildd-tools-devel
mailing list