[Buildd-tools-devel] schroot question
Roger Leigh
rleigh at codelibre.net
Tue Jan 27 20:37:45 UTC 2009
On Sun, Jan 18, 2009 at 01:53:35PM -0500, Steven Hirsch wrote:
> --- sbuild-session.cc.orig 2008-07-05 06:12:48.000000000 -0400
> +++ sbuild-session.cc 2009-01-18 13:15:44.000000000 -0500
Many thanks for the patch. I've looked it over, and I don't have any
strong objections to it in terms of the code in it, which looks sane.
I've attached an updated copy of the patch, rediffed against the
main git repository. You can find this at
git://git.debian.org/git/buildd-tools/schroot
There are a few main things to be done before I'll be able to include
this:
1) Check that the error status in the "grandchild" process is correctly
propagated back and is seen as the schroot exit status. This is
required for schroot to work correctly.
2) There must be a clean way of getting scripts into the chroot to run.
This shouldn't require manual setup inside the chroot, seeing as it's
being driven by schroot from the outside. I outlined a possible
approach in two of my previous mails.
3) I haven't yet seen a reasoned rationale for why this patch is truly
needed. I'm aware of what isn't working for you, and that that this
fixes things. However, I'm reluctant to make changes without fully
understanding *why*. I don't understand why the automounter has
this requirement, and want to fully comprehend what's going on here.
Since schroot is a setuid root executable, which has been carefully
(and conservatively) written with security in mind from the start,
I don't want to apply this without a full appreciation of the
consequences.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sbuild-session2.patch
Type: text/x-diff
Size: 4885 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20090127/aeb19bc4/attachment.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20090127/aeb19bc4/attachment.pgp
More information about the Buildd-tools-devel
mailing list