[buildd-tools-devel] Bug#608840: Bug#608840: --chroot-setup-commands does not run as root

Wed Jun 19 16:27:02 UTC 2013

+++ Joachim Breitner [2012-10-13 17:10 +0200]:
> Version: 0.63.2-1
> 
> Hi,
> 
> any news on this bug? I’d really like to have a way to modify the
> schroot session that sbuild starts before the build.

Here's a patch against current git/0.64.0 which does the following:
renames 'chroot-setup-commands' to 'chroot-user-setup-commands'
Adds 'chroot-system-setup-commands' which runs as soon as the chroot
is set-up, so before the 'update' phase and thus useul for adding
repos. That command is run as root.
The cleanup command is now run as root too. (I decided not to add a
matching 'system' cleanup coammnd as they'd both run at the same time
and this seemed kind of pointless: we have enough options already.

Adds some info to the sbuild man-page about which commands are run
outside the chroot, which inside, which as root, which as build user.

It also includes slightly half-arsed and not tested extra substitution
tokens for hostarch and chrootpath so that these could be passed to
commands. However I couldn't actually work out how to find the chroot
path so that bit is still 'fixme'. This part probably doesn't work, if
at all (My tests with %substitutions didn't seem to work at all even
with the existing code...)

This stuff solves my immediate problem but I'm not sure that it's the
best answer.

Is there actually a good reason for running the current
'chroot-setup-commands' ('chroot-user-setup-commands' above) and
'chroot-cleanup-commands' as the build user? Does anyone use this
functionality? Is it part of the sbuild security model?

Is it useful to have hooks both before update
(chroot-system-setup-commands) and after update/dependency install
(chroot-user-setup-commands)? I can only think of uses for
'chroot-system-setup-commands', but then I'm not a typical sbuild user.

Should we just keep it to 4 scripts setup/cleanup internal/external
all run as root and as early/late as possible?

And I've left '--setup-hook' as replaced by
--chroot-user-setup-commands, but maybe it would be better if it was
now replaced by --chroot-system-setup-commands given the complaint in
#608840 that it used to run as root?

Or, now that I've written the code, should we just have the five
commands as described on the man page:

The 'pre/post-build-' commands are run external to the chroot. The
'chroot-setup-' commands are run inside the chroot. They are all 
run as root except 'chroot-system-setup-' commands.

Here is a summary of the ordering, user, internal/external, and point
of running:
--pre-build-commands           root  ext  after chroot session setup
--chroot-system-setup-commands root  int  after chroot initialisation, before 'update'
--chroot-user-setup-commands   user  int  after update and dependency-install, before build
--chroot-cleanup-commands      root  int  after build, before session is closed
--post-build-commands          root  ext  after session is shut down

(Input on those descriptions welcome)

Patch attached. 

Wookey
-- 
Principal hats:  Linaro, Emdebian, Wookware, Balloonboard, ARM
http://wookware.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sbuild-0.64.0-chroot-system-setup-command.patch
Type: text/x-diff
Size: 9173 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20130619/2c1ee83b/attachment.patch>