On Thu, Jul 21, 2011 at 5:13 AM, Daniel Baumann
<daniel.baumann@progress-technologies.net> wrote:
On 07/19/2011 10:16 PM, Cody A.W. Somerville wrote:
> Please accept attached patch to remove calls to chown chroot and
> binary directories during build process if LB_ROOT_COMMAND is set as
> chown will strip the setsuid bit (which breaks a lot of stuff
> naturally).
there are two sort of independent issues here, one is changing ownership
of binary, and the other is changing it for chroot.
for binary, i don't see why in the case of using sudo (!= running lb
with sudo), it would work without setting (temporarily) the ownership of
binary recursively to the user (in order to be able to execute hooks
etc). the argument of loosing setuid/setgid bits does not really apply
for binary anyway. is there anything else that breaks, for binary, that
i didn't though of?
If the chroot filesystem type is plain then recursively chowning the binary directory will cause the same problems.
for chroot, i tried to find out why we did it in the first place, as
it's really rather intrusive to do it (even if the setuid/setgid bits
would not be stripped). it looks like this was introduced in 1.0~a7-1,
but i couldn't find any more information from the git commit, nor the
changelog, nor the referenced bug reports for that version. therefore, i
think we should remove those chown calls.