[buildd-tools-devel] Bug#685512: schroot: groups set by PAM are not preserved in chroot

SZABO Zsolt szazs89 at yahoo.com
Tue Aug 21 13:39:06 UTC 2012 

Package: schroot
Version: 1.4.19-1+squeeze1
Severity: normal
Tags: d-i


If a group was ordered to the user by pam (using "auth optional
pam_group.so") then this group will not be preserved in the chroot
only when the user is added explicitly to the corresponding line of
/etc/group.

We have a couple of users (students) whose primary group is stud, e.g.
However, we assign them as well as to other groups (such as fuse, math)
by pam during logging in. They can run some software in chroot only and if
only they are the member of a specific group (like math), however, the "-p"
option of schroot preserves only the env. variables but not pam_groups.

TIA,
Zsolt

-- System Information:
Debian Release: 6.0.5
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-bpo.5-vserver-686-bigmem (SMP w/8 CPU cores)
Locale: LANG=hu_HU, LC_CTYPE=hu_HU (charmap=ISO-8859-2)
Shell: /bin/sh linked to /bin/bash

Versions of packages schroot depends on:
ii  libboost-filesystem1. 1.42.0-4           filesystem operations (portable pa
ii  libboost-program-opti 1.42.0-4           program options library for C++
ii  libboost-regex1.42.0  1.42.0-4           regular expression library for C++
ii  libboost-system1.42.0 1.42.0-4           Operating system (e.g. diagnostics
ii  libc6                 2.11.3-4           Embedded GNU C Library: Shared lib
ii  libgcc1               1:4.4.5-8          GCC support library
ii  liblockdev1           1.0.3-1.4          Run-time shared library for lockin
ii  libpam0g              1.1.1-6.1+squeeze1 Pluggable Authentication Modules l
ii  libstdc++6            4.4.5-8            The GNU Standard C++ Library v3
ii  libuuid1              2.17.2-9           Universally Unique ID library
ii  schroot-common        1.4.19-1+squeeze1  common files for schroot

schroot recommends no packages.

Versions of packages schroot suggests:
pn  aufs-modules | unionfs-m <none>          (no description available)
pn  btrfs-tools              <none>          (no description available)
ii  debootstrap              1.0.26+squeeze1 Bootstrap a basic Debian system
ii  lvm2                     2.02.66-5       The Linux Logical Volume Manager
ii  unzip                    6.0-4           De-archiver for .zip files

-- Configuration Files:
/etc/schroot/default/fstab changed:
/proc		/proc		none    rw,rbind        0       0
/sys		/sys		none    rw,rbind        0       0
/dev            /dev            none    rw,rbind        0       0
/home		/home		none	rw,bind		0	0
/tmp		/tmp		none	rw,bind		0	0
/opt		/opt		none	rw,bind		0	0

/etc/schroot/schroot.conf changed:
[squeeze]
description=Debian squeeze (stable)
type=directory
directory=/home/Prog/chroot/squeeze
groups=tanszek
[etch]
description=Debian etch (stable)
type=directory
directory=/home/Prog/chroot/etch
groups=tanszek
[sarge]
description=Debian sarge (stable)
type=directory
directory=/home/Prog/chroot/sarge
groups=tanszek
[centos4]
description=CentOS 4.7 (Final)
type=directory
directory=/home/Prog/chroot/centos4.7
groups=tanszek


-- no debconf information

More information about the Buildd-tools-devel mailing list