[buildd-tools-devel] Bug#718127: schroot: CHROOT_SESSION_PURGE and tar-based source chroots

Roger Leigh rleigh at codelibre.net
Thu Jul 10 20:07:57 UTC 2014 

On Wed, Jul 09, 2014 at 10:15:19PM +0200, Aurelien Jarno wrote:
> On Sun, Jul 28, 2013 at 09:52:22AM +0100, Roger Leigh wrote:
> > Package: schroot
> > Version: 1.7.0-1
> > Severity: normal
> > 
> > Check if CHROOT_SESSION_PURGE is being set for file source chroots.
> > If it is, should this be changed?
> > 
> > We are purging the chroot.  But if we're repacking, then we are
> > preserving its state.
> > 
> > We should have an additional environment variable so that setup
> > scripts can determine if they are working with a source chroot.
> 
> Indeed this buildds are using this variable to determine if the current
> chroot is a source chroot or not. Since we switched to tar based chroots
> instead of lvm one, this variable is always defined. This has broken at
> least one security update on some buildds.

What was the reason for the breakage?  Is this an issue with schroot
itself, or the assumptions being made in the 99builddsourceslist
script?  Could you provide some more detail please?  I didn't fully
see how the details you provided related to this.

> I therefore think we should get this fixed asap, either by not setting
> this variable for source tar based chroots, or by providing a new
> variable. In the meantime, is there another (even complex) way to know
> if a chroot is a source one or not?

As a really hacky temporary workaround, check for "(source chroot)"
in CHROOT_DESCRIPTION.  This will not be changed for 1.6.x, but it's
obviously not something to rely on long term since it's purely a
text string.  And it's also localised so will vary depending on the
locale, so will only be reliable for the C locale.  And there's
nothing stopping this being in the initial description so it might
cause false positives.

I think the correct solution will be to add a

  CHROOT_SESSION_SOURCE=true|false

setup environment variable, with corresponding

  SESSION_SOURCE  = 1 << 3  ///< The chroot is a source chroot.

setup flag to be set by the chroot facets.  The reason for this is that
SESSION_PURGE is indicating that the session will be purged, and
nothing more than that.  It does not make any implied statement about
whether or not it's a source chroot or not.  For most chroot types,
this is only set for non-source chroots since it uses a different
chroot type for the source chroot, but this isn't the case for file
chroots where both the source and non-source chroots are both
purged.  I'd rather not overload this flag with unwarranted meaning,
so I think adding an additional flag is the way to go here.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux    http://people.debian.org/~rleigh/
 `. `'   schroot and sbuild  http://alioth.debian.org/projects/buildd-tools
   `-    GPG Public Key      F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800

More information about the Buildd-tools-devel mailing list