[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

`eval' patch to dpkg-buildpackage

Please REVERSE the change you made to make the default rootcommand be
`eval'.

Please DO NOT ATTEMPT to make `su -c' work as a gain-root-command.  It
is IMPOSSIBLE to produce a correct implementation which works with
both `su -c' and also with `really', `sudo', `super', &c.

This is because `su -c' expects the command and all its arguments as a
shell expression whereas all the rest expect the command and its
arguments as separate arguments to themselves.

Please see the manpage for dpkg-buildpackage and make sure that it
implements what the manpage in 1.4.0 says:
       -rgain-root-command
              When dpkg-buildpackage needs to execute part of the
              build  process  as root, it prefixes the command it
              executes with gain-root-command  if  one  has  been
              specified.  gain-root-command should be the name of
              a program on the PATH and will get as arguments the
              name  of  the real command to run and the arguments
              it should take.  gain-root-command should not  con-
              tain  spaces  or  any  other  shell metacharacters.
              gain-root-command might typically be sudo, super or
              really.  su is not suitable, since it requires a -c
              option to run a command and even then it  can  only
              invoke  the user's shell with -c instead of passing
              arguments individually to the command to be run.

There are several solutions that wouldn't necessarily break anything:

1. Write a wrapper script for `su' which does shell-quoting &c, so
that it can be used like really, sudo and super but uses su -c
internally.  Getting this right so that it works even if the arguments
have funny characters in is hard, but it happens that dpkg-source
doesn't usually pass such arguments so you're probably OK with this
application.  However, don't distribute the script unless you've got
it right.  dpkg-buildpackage might at some point in the future build
packages with arguments as specified.

2. Make su have an option to run a command specified with its
arguments in separate arguments, using exec directly rather than
"<user's-shell> -c".  You'd have to make sure that the user's shell
was in /etc/shells for this to be safe.

3. Switch from using su to using something else.

4. Make dpkg-buildpackage have a different style of -r option which
does what you want.  This will quickly turn dpkg-buildpackage into a
mess, so please don't do it.

I do not have time to have a flamewar about this.  Bruce and everyone
else, please can you ensure that my instructions are carried out.  If
someone thinks that I'm making a mistake with this I want them to
convince me of it BEFORE acting, because it seems that there is so
much misunderstanding here.

Thanks,
Ian.
Reply to: