[buildd-tools-devel] Bug#783701: sbuild: sbuild-createchroot copies /etc/passwd from host?
Roger Leigh
rleigh at codelibre.net
Wed Apr 29 10:44:37 UTC 2015
On Wed, Apr 29, 2015 at 11:25:49AM +0100, Edmund Grimley Evans wrote:
> Package: sbuild
> Version: 0.65.2-1
>
> A chroot created with sbuild-createchroot seems to inherit /etc/passwd
> and /etc/group from the host. In a couple of cases this resulted in
> packages failing to build in the chroot:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783695
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783698
>
> I think it would be better if the chroot got a fresh, minimal
> /etc/passwd and /etc/group.
>
> I can't find the code that copies /etc/passwd, so perhaps there's
> already an option to modify that behaviour that I am unaware of.
It's most likely due to schroot's setup script
/etc/schroot/setup.d/20nssdatabases
This is configurable, and while I agree that the current
behaviour is not ideal, it's actually quite difficult to make
things work for all situations; if you look at the bugs for
schroot there are a number relating to this. Some cases
require the chroot being completely in sync with the host;
others don't care. For sbuild we need to be sure that the
user+group running the build is present in the chroot and with
the same uid as on the host. There may be additional
considerations I'm not recalling offhand; I think there's a
reason why we aren't already doing just that. OTOH, I could
be mistaken, in which case the script could be customised to
do that when running sbuild, though it would only be usable
when running in a snapshot schroot with a single user; it
would break multi-user non-snapshot cases.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools
`- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800
More information about the Buildd-tools-devel
mailing list