Bug#841935: pbuilder: incorrect permissions on /dev/ptmx breaks openpty()

Simon McVittie smcv at debian.org
Sun Mar 5 19:53:11 UTC 2017 

Control: unmerge -1
Control: severity -1 normal
Control: reassign -1 pbuilder

I'm decoupling this bug from debootstrap and making it non-RC because I
suspect the best long-term solution might be to solve it in pbuilder
*and* debootstrap, and debootstrap already has a RC bug representing
the need for a short-term fix.

On Sun, 06 Nov 2016 at 20:41:38 +0000, James Clarke wrote:
> newinstance seems to be a world of pain, as then it can’t access the TTY
> for std{in,out,err}. I tried many months ago and couldn’t get it to work,
> but would love to be proved wrong.

I agree with later commenters on this bug that it would be best for
debootstrap to create /dev/ptmx as a real device node and not a symlink,
and I have proposed a patch to do that. However, I don't think you can
avoid newinstance on recent kernels *anyway*: see
<https://www.kernel.org/doc/Documentation/filesystems/devpts.txt>
and compare with
<http://lxr.free-electrons.com/source/Documentation/filesystems/devpts.txt?v=3.16>.

So if you have trouble with interactive use under particular use cases,
you're going to have that same trouble with stretch kernels anyway -
unless you bind-mount the host's /dev/pts instead of mounting your own,
like schroot does, which comes with its own problems (in my testing it
didn't work inside an lxc container with the jessie kernel unless also
bind-mounting the host's (i.e. lxc's) /dev).

Also, as Marco noted on #817236, if invoking debootstrap in a container that
restricts device node creation (notably systemd-nspawn), /dev/ptmx
cannot be created as a real device node, and the only options are to
make it a symlink or to fail altogether. So it would seem like a good
long-term plan to make pbuilder tolerate that arrangement? Unfortunately,
this might involve setting up a pty between the user and the contained
processes, or using "script /dev/null".

I attach a possible patch that makes kernels >= 2.6.29 consistent with 4.7+.
By this point I've mostly lost track of whether it is a good idea or not :-(

Regards,
    S
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-pbuilder-modules-Set-up-dev-ptmx-dev-pts-for-modern-.patch
Type: text/x-diff
Size: 3613 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pbuilder-maint/attachments/20170305/a03a70e5/attachment.patch>

More information about the Pbuilder-maint mailing list