Bug#831823: cowbuilder: doesn't copy on write when using eatmydata
James Clarke
jrtc27 at jrtc27.com
Tue Jul 19 21:24:02 UTC 2016
Control: reassign -1 pbuilder 0.225
Control: affects -1 cowbuilder cowdancer
Hi Emilio,
> On 19 Jul 2016, at 21:31, Emilio Pozuelo Monfort <pochu at debian.org> wrote:
>
> Package: cowbuilder
> Version: 0.80
> Severity: grave
> Tags: security
Agreed.
> I enabled eatmydata by adding EATMYDATA=eatmydata to my ~/.pbuilderrc,
> and the result is that copy-on-write no longer works, making any modifications
> persistent:
>
> eatmydata enabled
>
> emilio at tatooine:~$ sudo cowbuilder --login
> root at tatooine:/# echo asdf > /etc/apt/sources.list
> root at tatooine:/# logout
> emilio at tatooine:~$ sudo cowbuilder --login
> root at tatooine:/# cat /etc/apt/sources.list
> asdf
Confirmed. And an echo $LD_PRELOAD will show only libeatmydata.
> Note how it has overwritten sources.list even though --save-after-login
> wasn't passed. It also overwrites files during a package build, which
> is a big problem.
>
> Now, with eatmydata disabled:
>
> First, restore sources.list:
>
> emilio at tatooine:~$ sudo cowbuilder --login --save-after-login
> root at tatooine:/# cat /etc/apt/sources.list
> asdf
> root at tatooine:/# echo "deb http://ftp.es.debian.org/debian/ unstable main" > /etc/apt/sources.list
> root at tatooine:/# logout
>
> It is restored. Now, let's try to overwrite it without --save-after-login:
>
> emilio at tatooine:~$ sudo cowbuilder --login
> root at tatooine:/# cat /etc/apt/sources.list
> deb http://ftp.es.debian.org/debian/ unstable main
> root at tatooine:/# echo asdf > /etc/apt/sources.list
> root at tatooine:/# logout
> emilio at tatooine:~$ sudo cowbuilder --login
> root at tatooine:/# cat /etc/apt/sources.list
> deb http://ftp.es.debian.org/debian/ unstable main
> root at tatooine:/#
>
> It isn't overwritten.
Turns out this is a pbuilder bug. When EATMYDATA=yes, it overwrites its
CHROOTEXEC variable to just be a plain "chroot $BUILDPLACE eatmydata",
and so cowbuilder’s cow-shell that adds libcowdancer to LD_PRELOAD is
not executed. Fix incoming.
Regards,
James
More information about the Pbuilder-maint
mailing list