Bug#506917: pbuilder does not work correctly with selinux if selinux-utils is not installed
Alexander Block
ablock at blocksoftware.net
Tue Nov 25 21:59:30 UTC 2008
Package: pbuilder
Version: 0.181
Severity: normal
Hello,
While testing my self created debian package with pbuilder, I came across
the following error message when calling "sudo pbuilder build hexec_0.1.1-1.dsc"
...
Extracting source
+ echo 'chown pbuilder:pbuilder /tmp/buildd /tmp/buildd/*'
+ chroot /home/ablock/work/pbuilder-cache/build//26610 /bin/bash
+ :
++ basename hexec_0.1.1-1.dsc
+ chroot /home/ablock/work/pbuilder-cache/build//26610 env LOGNAME=pbuilder su -p pbuilder
+ echo '( cd tmp/buildd; /usr/bin/dpkg-source -x hexec_0.1.1-1.dsc )'
Password: su: Authentication failure
+ echo 'pbuilder: Failed extracting the source'
pbuilder: Failed extracting the source
+ exit 1
+ umountproc_cleanbuildplace_trap
+ umountproc_cleanbuildplace
+ '[' 1 -ne 0 ']'
+ echo ' -> Aborting with an error'
-> Aborting with an error
...
I've done some tests with "sudo pbuilder login" to figure out what the
problem is. In the pbuilder shell, root had nearly no rights
(no su, passwd, ...) and often super user programs did give selinux
error messages (system_u:system_r:kernel_t:s0 is not authorized to XXX).
So the problem was selinux.
/usr/lib/pbuilder/pbuilder-modules is looking for /usr/sbin/selinuxenabled
to decide if mounting /selinux is required or not. The problem is, that
/usr/sbin/selinuxenabled is only available if the package selinux-utils
is installed. selinux-utils was not installed on my machine. When installing
selinux-utils, pbuilder works as expected.
Some suggested solutions:
- Set selinux-utils as dependency for pbuilder
- Mount /selinux always if it is present (ignoring /usr/sbin/selinuxenabled)
- Always try to mount /selinux (even ignoring the presence of /selinux on the real root fs)
I'm not sure what mount will do if you try to call "mount -t selinuxfs /selinux", but
I would expect it to fail if the kernel has no selinux support. I'm also not sure
about possible side effects.
- Add a hint to the documentation for users who encounter similar problems.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.27.7-c1 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages pbuilder depends on:
ii coreutils 6.10-6 The GNU core utilities
ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy
ii debianutils 2.30 Miscellaneous utilities specific t
ii debootstrap 1.0.10 Bootstrap a basic Debian system
ii gcc 4:4.3.2-2 The GNU C compiler
ii wget 1.11.4-2 retrieves files from the web
Versions of packages pbuilder recommends:
ii cowdancer 0.47 Copy-on-write directory tree utili
ii devscripts 2.10.35 scripts to make the life of a Debi
ii fakeroot 1.11 Gives a fake root environment
ii sudo 1.6.9p17-1 Provide limited super user privile
Versions of packages pbuilder suggests:
pn pbuilder-uml <none> (no description available)
-- debconf information:
pbuilder/mirrorsite: http://cdn.debian.net/debian
pbuilder/nomirror:
pbuilder/rewrite: false
More information about the Pbuilder-maint
mailing list