[buildd-tools-devel] Bug#619128: Bug#619128: root no longer allowed to run sbuild-update
Roger Leigh
rleigh at codelibre.net
Mon Mar 21 14:55:50 UTC 2011
tags 619128 + patch fixed-upstream pending
thanks
On Mon, Mar 21, 2011 at 03:24:49PM +0100, Ansgar Burchardt wrote:
> Since the last update to 0.62.1-1, root is no longer allowed to run
> sbuild-update in the default configuration. It is now required to add
> root to the sbuild gorup.
>
> Please consider relaxing the check in the sbuild-schroot wrapper to
> allow root to run sbuild-update even when he is not a member of the
> group.
Done. Fixed in git for 0.62.2-1. Here's the patch if you want to
apply it to 0.62.1-1:
--- a/wrapper/wrapper.cc
+++ b/wrapper/wrapper.cc
@@ -150,7 +150,9 @@ main (int argc, char *argv[])
if (is_group_member(grp))
in_group = true;
- if (!in_group) {
+ // Root is allowed to skip the permissions checks, i.e. not be
+ // required to be in the sbuild group.
+ if (current_user.pw_uid != 0 && !in_group) {
std::cerr << "Permission denied: not a member of group sbuild" << std::e
exit(1);
}
Thanks,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20110321/208f063c/attachment.pgp>
More information about the Buildd-tools-devel
mailing list