Bug#516625: pbuilder: pdebuild signs wrong .changes when building with --arch=i386 on amd64

Loïc Minier lool at dooz.org
Wed Dec 30 16:28:18 UTC 2009 

tags 516625 + patch
stop

        Hi

 So I poked this further and did a more complete IPC prototype in shell
 (foo.sh, attached) and integrated that into pbuilder in the attached
 hackish patch.

 It could be the way forward, but it touches many many things, and it's
 particularly fragile stuff.  I've been bitten by obscure fd issues a
 bunch of times while implementing this.

 Things which remain to be done for this patch:
 - implement support in more backends; in particular qemubuilder isn't
   supported ATM; I didn't look into it at all; I think cowbuilder works
   but didn't check whether anything is closing fds along the way
 - move the "-C 5" sudo arg which prevent the fd 4 and 5 from being
   closed to some sudo specific place
 - proper cleanup (trap) of the tmpdir which holds the fifo
 - actually save the ARCHITECTURE in some file or fifo; because it's set
   in a subshell, the main process which would use this info does not
   have it
 - handle the pdebuild-internal code path as well
 - do something for the log file which also has the architecture name

 Overall, I think I would love changing pbuilder to have a client/server
 model, I think it would allow a much more generic approach, but it is a
 quite big amount of work, even after this poc.

 I think for now I'll just add an --architecture flag to pdebuild and
 pbuilder (for create).  I hope that pbuilder profiles will help avoid
 this issue entirely.

    Bye

On Wed, Dec 30, 2009, Loïc Minier wrote:
> On Sun, Nov 29, 2009, Junichi Uekawa wrote:
> > I was thinking along the lines of running something inside the chroot
> > as part of build process, and passing the output back to pdebuild, and
> > using that to get the correct value.
> > 
> > However, that's a bit of work to implement, so I have so far deferred
> > doing this.
> 
>  Yeah it's not trivial; especially since there are two code pathes in
>  pdebuild (use-internal versus regular) and multiple builders.  Probably
>  a nicer design would be to start some kind of pbuilder server in the
>  build env and feed commands to it so that we could send a
>  "get_architecture" command independently of running the build.

-- 
Loïc Minier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: foo.sh
Type: application/x-sh
Size: 929 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pbuilder-maint/attachments/20091230/db14af52/attachment-0001.sh>

More information about the Pbuilder-maint mailing list