Re: `eval' patch to dpkg-buildpackage

Ian Jackson wrote:
: Please REVERSE the change you made to make the default rootcommand be
: `eval'.

: Please DO NOT ATTEMPT to make `su -c' work as a gain-root-command.  It
: is IMPOSSIBLE to produce a correct implementation which works with
: both `su -c' and also with `really', `sudo', `super', &c.

... and I (somebody else) was happy, to have
dpkg-buildpackge run with and without the -r'su root -c' option ...

Zu frueh gefreut ...

: This is because `su -c' expects the command and all its arguments as a
: shell expression whereas all the rest expect the command and its
: arguments as separate arguments to themselves.


: implements what the manpage in 1.4.0 says:
:        -rgain-root-command
:               When dpkg-buildpackage needs to execute part of the
: There are several solutions that wouldn't necessarily break anything:
: 3. Switch from using su to using something else.

Just trying ... sudo can't cope with relative path names (as needed to
run ./debian/rules), with dpkg-buildpackage -rsuper  the dpkg-shlibdeps
fails (insecure $ENV{PATH} ...)

--> it seems all *.pl scripts detect the run as suid and refuse
operation, unless they get something like

$ENV{PATH} = "/usr/bin:/bin:/usr/sbin:/sbin";
$ENV{IFS} = " \t\n";


: 4. Make dpkg-buildpackage have a different style of -r option which
: does what you want.  This will quickly turn dpkg-buildpackage into a
: mess, so please don't do it.

Uh no, I think, that not what is intended ...

Reply to: