[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libspring-java security patch

On Wed, Aug 27, 2014 at 6:55 PM, tony mancill <tmancill@debian.org> wrote:
I just checked and it builds fine for me, but I suspect that it's
because my cowbuilder bind mounts my build area so that its path looks
the same to the bits of the build that run before entering the chroot to
those after entering that chroot.  That is, /path/to/foo is accessible
to both because /path exists both inside and outside the chroot.

One thing you might try is running a shell the in chroot using --login,
doing an apt-get build-dep $foo, and then initiating the build from
within the chroot with debuild or similar.  I do this frequently enough
that I have a bash function that does something like this:

sudo cowbuilder --bindmounts /buildarea --bindmounts $HOME --login
--basepath=/var/cache/pbuilder/base-${chroot}.cow $@

(Note: bind-mounting $HOME is potentially dangerous - anything you
delete/modify is changed outside of the chroot as well.)

Hi Tony

Thanks a lot for providing the pointer. I'll get my pbuilder setup in a similar way. I'm not too worried about it deleting from /home as it is running in a VM.

Many thanks


Reply to: