[Buildd-tools-devel] schroot question

Roger Leigh rleigh at codelibre.net
Tue Jan 27 20:37:45 UTC 2009 

On Sun, Jan 18, 2009 at 01:53:35PM -0500, Steven Hirsch wrote:
> --- sbuild-session.cc.orig	2008-07-05 06:12:48.000000000 -0400
> +++ sbuild-session.cc	2009-01-18 13:15:44.000000000 -0500

Many thanks for the patch.  I've looked it over, and I don't have any
strong objections to it in terms of the code in it, which looks sane.

I've attached an updated copy of the patch, rediffed against the
main git repository.  You can find this at

  git://git.debian.org/git/buildd-tools/schroot

There are a few main things to be done before I'll be able to include
this:

1) Check that the error status in the "grandchild" process is correctly
   propagated back and is seen as the schroot exit status.  This is
   required for schroot to work correctly.

2) There must be a clean way of getting scripts into the chroot to run.
   This shouldn't require manual setup inside the chroot, seeing as it's
   being driven by schroot from the outside.  I outlined a possible
   approach in two of my previous mails.

3) I haven't yet seen a reasoned rationale for why this patch is truly
   needed.  I'm aware of what isn't working for you, and that that this
   fixes things.  However, I'm reluctant to make changes without fully
   understanding *why*.  I don't understand why the automounter has
   this requirement, and want to fully comprehend what's going on here.
   Since schroot is a setuid root executable, which has been carefully
   (and conservatively) written with security in mind from the start,
   I don't want to apply this without a full appreciation of the
   consequences.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sbuild-session2.patch
Type: text/x-diff
Size: 4885 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20090127/aeb19bc4/attachment.patch 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20090127/aeb19bc4/attachment.pgp

More information about the Buildd-tools-devel mailing list