[buildd-tools-devel] [GIT] schroot branch, schroot-1.4, updated. debian/schroot-1.4.15-1-13-g04e417e

Roger Leigh rleigh at alioth.debian.org
Sun Dec 5 22:09:19 UTC 2010 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "schroot".

The branch, schroot-1.4 has been updated
       via  04e417e415f362aae04e8fcdcf1205b681ca2855 (commit)
       via  cebcbffe401b00a4d4e1142fbc893cdac75811b4 (commit)
       via  982df15108871e01f85a51c4723c08d9ab8b3795 (commit)
       via  26204d837ecf2e938143b3212050dd445f653537 (commit)
       via  8ad60366c7078a601a018d2f8f45e0bbc8663060 (commit)
       via  2b17b71552da27121d64a74402fba1d61d65d601 (commit)
       via  46de43655dc7dc16b6c11c9031c87f247cf5543b (commit)
       via  4e4399b3dc81d6a2fa8e143d7a5195cac2a5b906 (commit)
       via  cdcfb39952474a530d2f9788711d6646e14b32d4 (commit)
       via  c66221feaeacbb5e63282f9e79eb5ba68f4c41aa (commit)
       via  b44c3a1556df947b620cc202ec5a84a9877e5411 (commit)
       via  ffa796af73bd8e361f8ed4c51a39967d8c681cdb (commit)
       via  41dc2bb54ad4ac1020ac3240241f49d1c760ed93 (commit)
      from  59f77159c7623079405d745a2f5b3044e42ad5cd (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 04e417e415f362aae04e8fcdcf1205b681ca2855
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 22:03:12 2010 +0000

    debian: Document new chroot naming rules

commit cebcbffe401b00a4d4e1142fbc893cdac75811b4
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 21:55:20 2010 +0000

    debian: Close #601043 and #605939

commit 982df15108871e01f85a51c4723c08d9ab8b3795
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 21:43:29 2010 +0000

    man: Document chroot naming restrictions

commit 26204d837ecf2e938143b3212050dd445f653537
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 21:29:14 2010 +0000

    sbuild::util: Relax session name restrictions in is_valid_sessionname
    
    Use of is_valid_sessionname:
      schroot::options_base (validate user input)
       schroot::main_base (actual use of input)
       → session::set_session_id
       → chroot::clone_session
       → chroot_facet_session_clonable::clone_session_setup
       → chroot::set_name
      sbuild::chroot (set_name)
      sbuild::chroot (set_aliases)
      sbuild::chroot_config::add_config_directory (validate filename)
    
    The only function of is_valid_sessionname is to ensure we have a "safe"
    session name when writing out a session file and/or making use of that
    session name in setup scripts.  set_name is the main point of checking;
    everything else is just aborting earlier when a good diagnostic can be
    issued (e.g. validating options and filenames), but they would hit the
    set_name check ultimately if the extra checks weren't present.
    
    Validation requirements:
    • no leading dot to allow writing in parent directories
    • no slashes to allow writing in subdirectories
    • no colons (used as a namespace delimiter, and also LVM snapshot names
      can't contain a colon or else lvcreate errors out)
    • no commas (we use comma-separated lists in the config file, so alias
      names and hence session names can't contain a comma)
    
    A simple regex satisfies all these requirements:
    
      static regex file_namespace("^[^:/,.][^:/,]*$");
      static regex debian_dpkg_conffile_cruft("dpkg-(old|dist|new|tmp)$");
    
      if (regex_search(name, file_namespace) &&
          !regex_search(name, debian_dpkg_conffile_cruft)) {
        match = true;
      }
    
    dpkg cruft checks added from is_valid_filename, because these are also
    needed for avoiding conffile cruft under /etc/schroot/chroot.d
    (previously, the existing restrictions prevented this anyway).  So dots
    are allowed anywhere except the first position, and ':', '/' and ','
    are not permitted anywhere.

commit 8ad60366c7078a601a018d2f8f45e0bbc8663060
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 21:28:03 2010 +0000

    sbuild::chroot: Validate set_aliases as for set_name
    
    Use is_valid_sessionname to validate each alias name.

commit 2b17b71552da27121d64a74402fba1d61d65d601
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 19:16:11 2010 +0000

    debian: Close #587758

commit 46de43655dc7dc16b6c11c9031c87f247cf5543b
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 19:08:45 2010 +0000

    man: Document security implications of profiles in schroot.conf(5)

commit 4e4399b3dc81d6a2fa8e143d7a5195cac2a5b906
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 18:48:06 2010 +0000

    debian: Close #605950

commit cdcfb39952474a530d2f9788711d6646e14b32d4
Author: Nelson Elhage <nelhage at mit.edu>
Date:   Sun Dec 5 18:44:37 2010 +0000

    setup.d: 10mount: Make all mountable chroots respect mount options from configuration
    
    10mount, when computing mount options for some chroot types
    (e.g. loopback) overrides the mount options set in config, instead of
    using both sets.
    
    For some chroots we were setting mount options inside the script, which
    entirely overrode the ones the user passed in. Combine them instead.
    
    Signed-off-by: Roger Leigh <rleigh at debian.org>

commit c66221feaeacbb5e63282f9e79eb5ba68f4c41aa
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 18:40:41 2010 +0000

    debian: Close #599380

commit b44c3a1556df947b620cc202ec5a84a9877e5411
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 18:36:43 2010 +0000

    man: Document -- option delimiter

commit ffa796af73bd8e361f8ed4c51a39967d8c681cdb
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 18:38:24 2010 +0000

    debian: Bump version to 1.4.16-1

commit 41dc2bb54ad4ac1020ac3240241f49d1c760ed93
Author: Roger Leigh <rleigh at debian.org>
Date:   Sun Dec 5 18:37:57 2010 +0000

    NEWS: Bump version to 1.4.16

-----------------------------------------------------------------------

Summary of changes:
 NEWS                    |    6 +++++-
 debian/changelog        |   17 +++++++++++++++++
 debian/schroot.NEWS     |   24 ++++++++++++++----------
 etc/setup.d/10mount     |   10 ++++------
 man/schroot.1.in        |   10 +++++++++-
 man/schroot.conf.5.in   |   31 +++++++++++++++++++++++++++++--
 sbuild/sbuild-chroot.cc |    9 ++++++++-
 sbuild/sbuild-util.cc   |    6 ++++--
 8 files changed, 90 insertions(+), 23 deletions(-)


hooks/post-receive
-- 
schroot

More information about the Buildd-tools-devel mailing list