[buildd-tools-devel] Bug#678831: Bug#678831: sbuild: Hardly usable with interactive authentication
Johannes Schauer
josch at debian.org
Thu Dec 24 00:07:04 UTC 2015
Control: tag -1 + moreinfo
Hi,
On Sun, 24 Jun 2012 20:25:01 +0200 Julian Andres Klode <jak at debian.org> wrote:
> On Sun, Jun 24, 2012 at 05:41:42PM +0100, Roger Leigh wrote:
> > On Sun, Jun 24, 2012 at 05:08:05PM +0200, Julian Andres Klode wrote:
> > > sbuild and its tools are hardly usable on chroots where the current
> > > user is not allowed to be root (e.g. via root-groups). For example,
> > > sbuild-update requires you to enter your password 14 times just to
> > > perform one apt-get update.
> >
> > This is indeed the case. For each separate command run inside the
> > chroot requiring root access, we ask the user for their password.
> > Unlike sudo, we don't currently provide any caching of the
> > credentials for the current tty.
> >
> > The current intention is that if you want to use sbuild, you need
> > to be in root-groups. All the chroot setup, including package
> > installation and removal, all need root. It's an aspect of sbuild's
> > design I've never been happy with.
> >
> > Do you have any suggestion about how this could be improved?
> >
> > My own thoughts are:
> > 1) Only prompt the user once, when creating the session, after which
> > we retain the credentials for the session lifetime and/or a
> > configurable time period (for the current tty).
> > This strategy is at the schroot level, making it behave a bit
> > more like sudo.
>
> Yes, with added checking for the current terminal, so that the
> credentials cannot be misused from programs running in another
> terminal (that's how sudo does it nowadays).
is this feature already available in schroot?
Should this bug thus be moved to schroot?
> > 2) Don't to building using the current user; instead do it as an
> > sbuild system user which has the ability to gain root in the
> > chroots. This will completely remove any requirement for the
> > user running sbuild to have root privs at any level. However, the
> > additional level of indirection removes the ability for the user
> > to access the chroot.
My patch in [1] allows sbuild to run without the user outside the chroot to
have any direct access to the chroot. All communication is done through
schroot.
[1] http://lists.alioth.debian.org/pipermail/buildd-tools-devel/2015-December/010172.html
That patch in theory allows to build entirely without becoming root by using
Linux namespaces but because of that comes with its own set of problems. Some
because of the immaturity of this method and others are of conceptual nature.
Thanks!
cheers, josch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20151224/8e8276a1/attachment.sig>
More information about the Buildd-tools-devel
mailing list