Re: packages' config scripts creating files, chroots and buildds.
On Wed, Mar 25, 2009 at 01:18:20PM +0100, Peter Palfrader wrote:
> This raises some questions:
It might also explain why someone found sbuild-createchroot was
running apt-get upgrade on the host system.
> - should config scripts be allowed to create/touch/modify files
> (I think the answer here is no)
> - it's probably broken to run the preconfiguring outside of the chroot,
> at least I see no way how it can possibly work with the config script
> updating the host's debconf database and the postinst reading from
> the chroot's debconf database.
This looks like the tools are not respecting the APT and/or dpkg
options to use the alternate root (and configuration). They need
> o Is the fact that the config script is run on the host a bug in
> apt-get, dpkg, debconf, or apt-utils?
I'm unsure. If it's invoked by dpkg, it should be run inside the
chroot, surely? If it's not apt or dpkg, or a closely-related
helper tool that is obeying the same environment or command-line
options, then it shouldn't be being run on the host.
> o Is this whole idea that you can cause apt-get and dpkg to act on a
> root other than / doomed to failure to begin with?
I don't think so. We have been using apt and dpkg in this way for
years, with only the occasional hiccup. If this is brokenness in
just one tool, we should IMO just fix it.
> - when will the buildds be changed to call the chroot tools?
I don't know, but it's certainly possible to do so.
This is a trivial change. Just set $chroot_split=0 in sbuild.conf,
and everything happens inside. However, it does require working
networking support inside the chroot, or else you can't fetch
packages and sources; this has previously not been done for several
reasons, including preventing autobuilt packages from downloading
anything not in the original source packages.
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.