Bug#144571: dpkg-source invokes tar without --no-same-owner
for those interested, this is the relevant part from the tar manual:
When writing an archive, `tar' writes the user id and user name
separately. If it can't find a user name (because the user id is
not in /etc/passwd'), then it does not write one. When restoring,
and doing a `chmod' like when you use --same-permissions'
(--preserve-permissions', -p'), it tries to look the name (if
one was written) up in /etc/passwd'. If it fails, then it uses
the user id stored in the archive instead.
So those funny numbers are not random at all, they are from the tar file.
Under these circumstances, tar's behaviour arguably makes sense, and the
only lesson to learn from is that you should never unpack a tarfile as root
without --no-same-owner if you are not sure that the user and group ids in
the tar file are what you want. I wonder how many scripts out there
invoking tar to extract archives are careful enough about that? It's a
pretty obscure point considering that tar reverts the default of
--no-same-owner to --same-owner for the superuser.
`Rhubarb is no Egyptian god.' Debian http://www.debian.org email@example.com
Marcus Brinkmann GNU http://www.gnu.org firstname.lastname@example.org
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org