Bug#832586: /usr/bin/pdebuild: pdebuild hides message from PAM until end of run

Lars Wirzenius liw at liw.fi
Wed Jul 27 09:18:49 UTC 2016 

Package: pbuilder
Version: 0.225.2
Severity: normal
File: /usr/bin/pdebuild

Dear Maintainer,

I use a U2F hardware token for two-factor authentication to my laptop.
It is integated with PAM. When I use sudo, it asks both for my
password and me to trigger the token, before accepting I am who I
claim to be. Example:

    $ sudo id
    [sudo] password for liw: 
    Please touch the device.
    uid=0(root) gid=0(root) groups=0(root)
    $ 

The "Please touch the device" message comes from the U2F PAM module,
not sudo.

When running pdebuild, the "Please touch the device." line is hidden
until the end. Here is an excerpt:

    $ pdebuild --debbuildopts -sa --buildresult ~/tmp/backports/result -- --basetgz /var/cache/pbuilder/jessie.tgz 
    W: /home/liw/.pbuilderrc does not exist
    dpkg-checkbuilddeps: error: Unmet build dependencies: python-pytest python-pytest-cov python3-cryptography python3-pytest python3-pytest-cov
    W: Unmet build-dependency in source
    [---]

pdebuild starts just fine, and outputs what it usually does, until it
gets to the point where it needs to get root access:

    [---]
    dpkg-buildpackage: info: full upload (original source is included)
    [sudo] password for liw: 

At this point, I type in my pasword, and the LED on the token starts
flashing. However, the "Please touch" message is not shown. I touch
the device and pdebuild continues:

    W: /home/liw/.pbuilderrc does not exist
    I: using fakeroot in build.
    I: pbuilder: network access will be disabled during build
    [---]

Everything workd, pdebuild builds and produces packages. At the end of
the build:

    [---]
    I: cleaning the build env 
    I: removing directory /var/cache/pbuilder/build/18306 and its subdirectories
    I: Current time: Wed Jul 27 12:07:31 EEST 2016
    I: pbuilder-time-stamp: 1469610451
    Please touch the device.
    $ 

There it is! The message is much delayed, and this is somewhat
confusing to the user. It'd be good if pdebuild didn't delay/hide the
message.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pbuilder depends on:
ii  debconf [debconf-2.0]  1.5.59
ii  debootstrap            1.0.81
ii  dpkg-dev               1.18.9
ii  wget                   1.18-2

Versions of packages pbuilder recommends:
ii  devscripts  2.16.6
ii  eatmydata   105-3
ii  fakeroot    1.21-1
ii  iproute2    4.6.0-1
ii  net-tools   1.60+git20150829.73cef8a-2
ii  sudo        1.8.17p1-2

Versions of packages pbuilder suggests:
pn  cowdancer   <none>
ii  gdebi-core  0.9.5.7

-- debconf information:
  pbuilder/rewrite: false
  pbuilder/mirrorsite: http://ftp.fi.debian.org/debian
  pbuilder/nomirror:

More information about the Pbuilder-maint mailing list