[buildd-tools-devel] Bug#810248: Bug#810248: sbuild: experimental sbuild breaks building in squeeze chroot due to build directory having setgid bit
Johannes Schauer
josch at debian.org
Fri Jan 8 12:12:31 UTC 2016
Hi,
Quoting Johannes Schauer (2016-01-08 13:00:04)
> This will result in build directory having permissions rwxrws---. I do not know
> why the suid bit is necessary here and funnily doing the following:
>
> $ chmod 00770 /build
>
> Will not remove the suid bit. I'm quite puzzled about this. The only way I
> found to remove the bit is to do:
>
> $ chmod ug=rwx,o=,a-s /build
>
> Though sbuild generally seems to use octal mode. Maybe using mode in chmod
> should be dropped in favour of the symbolic mode for easier readability? Also
> because apparently octal mode is not able to clear the suid bit for a weird
> reason?
it seems this has been discussed in #477358
The behaviour also seems to have changed after Wheezy. Since Jessie, octal mode
will be able to clear the suid bit. This is why I didn't stumble across this
problem yet.
Though to be compatible with older chmod implementations I guess sbuild should
switch to using symbolic mode (which is also more readable) instead of octal
mode.
I still do not understand why the suid bit is necessary in the first place but
I trust it's there for a good reason and will leave it there for now until
somebody can explain its reason for existence.
Thanks!
cheers, josch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20160108/67d24998/attachment.sig>
More information about the Buildd-tools-devel
mailing list