Re: `eval' patch to dpkg-buildpackage
Ian Jackson wrote:
: Please REVERSE the change you made to make the default rootcommand be
: `eval'.
: Please DO NOT ATTEMPT to make `su -c' work as a gain-root-command. It
: is IMPOSSIBLE to produce a correct implementation which works with
: both `su -c' and also with `really', `sudo', `super', &c.
... and I (somebody else) was happy, to have
dpkg-buildpackge run with and without the -r'su root -c' option ...
Zu frueh gefreut ...
: This is because `su -c' expects the command and all its arguments as a
: shell expression whereas all the rest expect the command and its
: arguments as separate arguments to themselves.
Hmmm.
: implements what the manpage in 1.4.0 says:
: -rgain-root-command
: When dpkg-buildpackage needs to execute part of the
...
: There are several solutions that wouldn't necessarily break anything:
:
: 3. Switch from using su to using something else.
Just trying ... sudo can't cope with relative path names (as needed to
run ./debian/rules), with dpkg-buildpackage -rsuper the dpkg-shlibdeps
fails (insecure $ENV{PATH} ...)
--> it seems all *.pl scripts detect the run as suid and refuse
operation, unless they get something like
$ENV{PATH} = "/usr/bin:/bin:/usr/sbin:/sbin";
$ENV{IFS} = " \t\n";
included.
: 4. Make dpkg-buildpackage have a different style of -r option which
: does what you want. This will quickly turn dpkg-buildpackage into a
: mess, so please don't do it.
Uh no, I think, that not what is intended ...
Heiko
--
email : heiko@lotte.sax.de heiko@debian.org heiko@sax.de
pgp : A1 7D F6 7B 69 73 48 35 E1 DE 21 A7 A8 9A 77 92
finger: heiko@sax.sax.de heiko@master.debian.org
Reply to: