Bug#300603: acknowledged by developer (Re: Bug#300603: choose-mirror: Should not test for root in clean target)
owner@bugs.debian.org (Debian Bug Tracking System) writes:
> This is an automatic notification regarding your Bug report
> #300603: choose-mirror: Should not test for root in clean target,
> which was filed against the choose-mirror package.
>
> It has been closed by one of the developers, namely
> Joey Hess <joeyh@debian.org>.
>...
> Goswin Brederlow wrote:
>> since I noticed it in choose-mirror and it just came up on
>> irc://irc.debian.org/#debian-devel:
>>=20
>> 18:52 < Manoj> and packages should not test for root in the clean target;=
> if it
>> fails, the user knows what to do
>
> Quoting debian policy:
>
> The `clean' target may need to be invoked as root if `binary' has
> been invoked since the last `clean'
>
>> choose-mirror runs dh_testroot in clean.
>
> So do most packages in Debian. If you disagree with this, get policy changed
> to not allow binary to leave any files behind, when run as root, that can
> only be deleted by root.
>
> --=20
> see shy jo
That is not the point.
| The clean target _may_ _need_ to be invoked as root _if_ binary has been
| invoked since the last clean,...
Compare that to:
| The binary targets _must_ be invoked as root.[22]
The reason clean might need root is a consequence of a previous use of
root by the user. It should not be needlesly forced upon the user by
the package.
Consider all cases:
- fresh source unpacked, calling clean as user
clean target does not need root but dh_testroot fails
- fresh source unpacked, calling clean with fakeroot
needless use of root
- fresh source unpacked, calling clean with sudo
needless use of root
- previous build with fakeroot, calling clean as user
clean target does not need root but dh_testroot fails
- previous build with fakeroot, calling clean with fakeroot
needless use of root
- previous build with fakeroot, calling clean with sudo
needless use of root
- previous build with sudo, calling clean as user
clean may need root and dh_testroot fails
- previous build with sudo, calling clean with fakeroot
clean may need root BUT dh_testroot WORKS
- previous build with sudo, calling clean with sudo
clean may need root and dh_testroot works
Summing up:
2 false negatives
4 needless use of root
1 false positive
1 correct positive
The need for root in clean is conditional on the permissions of
directories (and sometimes files) from a previous build and can't be
decided by looking at the UID of the current invocation.
If you want to test for the need for root in clean I suggest using the
following:
dh_testroot() {
if rm -rf clean_root_stamp; then
mkdir -p clean_root_stamp
touch clean_root_stamp/stamp
else
echo "clean target needs real root rights"
exit 1
fi
}
This behaves correctly in all cases and even catches source unpacked
as root and building as user.
MfG
Goswin
Reply to: