[Pbuilder-maint] Using pbuilder in a Web frontend

Jose Parrella joseparrella at cantv.net
Fri Apr 21 11:13:12 UTC 2006 

Greetings,

A few weeks ago, David Moreno Garza (damog at d.o) started to develop an 
idea for a Web-based pbuilder/linda/lintian interface. We were excited 
with the idea, and we shortly developed a working application, which we 
called PUBuilder.

In this application, the Developer (or Maintainer, Co-Maintainer, 
non-Debian Packager, or Volunteer) provides a remote URI corresponding 
to a DSC file. PUBuilder (written in Perl and working in both Apache2 
and Cherokee) gets and checks the packages, and provides the user with a 
ticket number, based in the epoch of the time of the request. The user 
can come back later with the ticket number to check the results [4] of 
the process, which runs: pbuilder over the DSC file, in a Sid chroot; 
linda and lintian over the DSC file and piuparts over the DEB package.

You can see some screenshots here [1] and here [2], and if you're 
spanish-speaking, this [3] will give you more information. You'll wonder 
why there's no website to test the application. That's exactly the topic 
for this mail: I've seen several ways of getting pbuilder to run as 
non-root, and I would like to publicly discuss the best way to do that.

This way, more sysadmins could be convinced to run PUBuilder (and the 
whole Web-based frontend for Debian applications I'm trying to develop) 
in their servers. Someone mentioned in a list that "pbuilder does in 
fact run with fakeroot", but I've tried it unsuccesfully.

The only weird idea that succeeded in a test was running `fakeroot 
<pbuilder path>`, and pbuilder with SGID permissions. This was a 
desperate attempt, and it seems to work despite it keeps giving me 
authentication problems [5] for package inside the chroot (this was a 
Sarge system, I had to made a Sarge chroot and upgrade it to Sid later; 
I followed the original indications by Anibal to upgrade the chroot and 
the Jordi Mallach indications in debian-gtk-gnome) then, pbuilder stops.

I've also heard about pbuilder in User Mode Linux, and I'd like to 
discuss more in that topic. So basically, there are three options I've 
considered:

1) Running with plain fakeroot (didn't work, mknod problems)
2) Running with sudo and SGID (pbuilder fails because of APT problem 
inside the chroot, see [5])
3) Running pbuilder-uml
4) Web-server side measures, like chrooting and mod_securitying

I'm looking forward to hear all your suggestions. Thank you very much 
for your time and patience,

Jose

[1] http://deposito.bureado.com.ve/pubuilder-2.png
[2] http://deposito.bureado.com.ve/pubuilder-3.png
[3] http://blog.bureado.com.ve/?p=307
[4] http://g33k.com.ve/~jose/pubuilder/sample-log.txt
[5] http://g33k.com.ve/~jose/pubuilder/failed-log.txt

-- 
José Parrella > en Debian Etch con Kernel 2.6.15.2
GPG Key Fingerprint: 7C10 81B5 3C56 6C78 AC7D 3A2D 5160 2C8D 005C 3B82

More information about the Pbuilder-maint mailing list