[buildd-tools-devel] Bug#728422: Bug#728422: sbuild: fails to getent group sbuild when running with init=/bin/systemd

Cyril Brulebois kibi at debian.org
Fri Nov 8 21:28:57 UTC 2013 

Hi,

answering in a linear fashion, but you may want to read the comment at
the bottom first… (see arrow: →)

Roger Leigh <rleigh at codelibre.net> (2013-11-06):
> The failure is trying to run
> 
>   getent group sbuild >> ${chroot}/etc/group
> 
> However, this only works as root, and it's only used as a fallback
> in the unusual case that the passwd/group databases in the chroot
> are out of sync with the base system.  The real question here is
> why the system databases weren't copied over during the session
> setup.
> 
> I would suggest trying to run schroot without sbuild and see that
> if you start a new session with
> 
>   schroot -b -n test -c sid-amd64-sbuild -v --debug=notice

I've recreated a new chroot ("under systemd"), named
experimental-amd64-sbuild, still using sid as the distribution.
sbuild-update -udcar experimental-amd64-sbuild fails the same way.

> and see if there is anything group-related in the output.

Let's see (2>&1):
| kibi at arya:~$ grep -i group /tmp/schroot.log
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=type
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=active
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=run-setup-scripts
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=run-session-scripts
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=run-exec-scripts
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=profile
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=script-config
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=priority
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=aliases
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=environment-filter
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=description
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=users
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=groups
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=root-users
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=root-groups
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=mount-location
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=name
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=command-prefix
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=message-verbosity
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=preserve-environment
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=shell
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=directory
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=location
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=personality
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=user-modifiable-keys
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=root-modifiable-keys
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=union-type
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=union-mount-options
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=union-overlay-directory
| D(2): Getting keyfile group=experimental-amd64-sbuild, key=union-underlay-directory
| D(2): Getting keyfile group=sid-amd64-sbuild, key=type
| D(2): Getting keyfile group=sid-amd64-sbuild, key=active
| D(2): Getting keyfile group=sid-amd64-sbuild, key=run-setup-scripts
| D(2): Getting keyfile group=sid-amd64-sbuild, key=run-session-scripts
| D(2): Getting keyfile group=sid-amd64-sbuild, key=run-exec-scripts
| D(2): Getting keyfile group=sid-amd64-sbuild, key=profile
| D(2): Getting keyfile group=sid-amd64-sbuild, key=script-config
| D(2): Getting keyfile group=sid-amd64-sbuild, key=priority
| D(2): Getting keyfile group=sid-amd64-sbuild, key=aliases
| D(2): Getting keyfile group=sid-amd64-sbuild, key=environment-filter
| D(2): Getting keyfile group=sid-amd64-sbuild, key=description
| D(2): Getting keyfile group=sid-amd64-sbuild, key=users
| D(2): Getting keyfile group=sid-amd64-sbuild, key=groups
| D(2): Getting keyfile group=sid-amd64-sbuild, key=root-users
| D(2): Getting keyfile group=sid-amd64-sbuild, key=root-groups
| D(2): Getting keyfile group=sid-amd64-sbuild, key=mount-location
| D(2): Getting keyfile group=sid-amd64-sbuild, key=name
| D(2): Getting keyfile group=sid-amd64-sbuild, key=command-prefix
| D(2): Getting keyfile group=sid-amd64-sbuild, key=message-verbosity
| D(2): Getting keyfile group=sid-amd64-sbuild, key=preserve-environment
| D(2): Getting keyfile group=sid-amd64-sbuild, key=shell
| D(2): Getting keyfile group=sid-amd64-sbuild, key=directory
| D(2): Getting keyfile group=sid-amd64-sbuild, key=location
| D(2): Getting keyfile group=sid-amd64-sbuild, key=personality
| D(2): Getting keyfile group=sid-amd64-sbuild, key=user-modifiable-keys
| D(2): Getting keyfile group=sid-amd64-sbuild, key=root-modifiable-keys
| D(2): Getting keyfile group=sid-amd64-sbuild, key=union-type
| D(2): Getting keyfile group=sid-amd64-sbuild, key=union-mount-options
| D(2): Getting keyfile group=sid-amd64-sbuild, key=union-overlay-directory
| D(2): Getting keyfile group=sid-amd64-sbuild, key=union-underlay-directory
| In groups: 1
| In root-groups: 1
| In groups: 1
| In root-groups: 1
| D(1): Inserted into environment: AUTH_RGROUP=kibi
| I: 00check: AUTH_RGROUP=kibi
| I: 20nssdatabases: Copying group database to /var/lib/schroot/mount/test/etc/group

> After this completes, is there a group file in the schroot
> directory?

Yes:
-rw-r--r-- 1 root root 941 Nov  8 22:18 /var/lib/schroot/mount/test/etc/group

That's a copy of /etc/group on the host.

>  Does
> 
>   schroot -r -c test -- getent group sbuild
> 
> succeed or fail?

Fail:
| kibi at arya:~$ schroot -r -c test -- getent group sbuild
| E: Failed to change to directory ‘/home/kibi’: No such file or directory
| I: The directory does not exist inside the chroot.  Use the --directory option to run the command in a different directory.
| Hangup
| kibi at arya:~$ echo $?
| 129

> Does "getent group sbuild" work correctly on the base system when
> systemd is running?  How about "getent group"?

Both work:
| kibi at arya:~$ getent group sbuild
| sbuild:x:127:kibi
| [ longer output for getent group ]

> sbuild and schroot don't really do anything which should be
> affected by the init system in use.  Both just make use of
> standard POSIX interfaces, and if systemd causes changes in
> how these basic libc calls function, that's a bit worrying.
> The schroot db copy is as simple as
> 
>   getent $db >> $chroot/etc/$db

→ Reading the log again, and checking the initial output, the error is
EPERM, not exactly a getent failure? Something cgroup-ish could explain
some strange user/group issues, when running and storing things in the
chroot, maybe?

> Any more information you could provide regarding the above would
> be much appreciated.

Feel free to ask other questions, but I'm pretty sure I purged
everything related to schroot and sbuild, and that I never configured
anything under /etc for those (except for the file created by
sbuild-createchroot and the sid/experimental rename above).

Mraw,
KiBi.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20131108/720615f4/attachment.sig>

More information about the Buildd-tools-devel mailing list