Re: Bug#725434: Problems with gbp when $TMP != /tmp
Hi Mattia,
On Tue, Oct 20, 2015 at 04:18:55PM +0000, Mattia Rizzolo wrote:
> On Tue, Oct 20, 2015 at 03:07:55PM +0200, Andreas Tille wrote:
> > I'm obviously beaten by bug #725434 when trying to use gbp on a stable
> > box with libpam-tmpdir. I followed the workaround and added a hook
> > script:
> >
> > $ cat .pbuilder/D10tmp
> > [ -n "$TMP" -a ! -d "$TMP" ] && mkdir -p "$TMP" || true
> > [ -n "$TMPDIR" -a ! -d "$TMPDIR" ] && mkdir -p "$TMPDIR" || true
>
> umh, something tells me this is not enough: hooks are run as root, while
> the build is not, so the build user would not be able to write there.
> Currently the build username or user ID is not exported to the hooks, so
> the better you can do is to chmod 777 TMPDIR and TMP (programs using
> /tmp should be able to use that securely anyway...)
I can confirm that this works.
> > The interesting thing here is that while TMP=/tmp/user/0 this
> > dir is empty and the packaging is done in /tmp/buildd. If I do
>
> the directory where the package is kept and the build is done is
> hardcoded to /tmp/buildd/ till 0.216, where it was made configurable and
> moved to /build/.
>
> JOOI, can you try with pbuilder from backports and see whether with the
> changed build place something different happen?
I forget to say that I'm just doing this:
$ apt-cache policy pbuilder
pbuilder:
Installed: 0.215+nmu4~bpo8+1
Candidate: 0.215+nmu4~bpo8+1
Version table:
*** 0.215+nmu4~bpo8+1 0
501 http://httpredir.debian.org/debian/ jessie-backports/main amd64 Packages
100 /var/lib/dpkg/status
0.215+nmu3 0
500 http://httpredir.debian.org/debian/ jessie/main amd64 Packages
> > # cd /tmp/buildd/python-pyfaidx-0.4.2
> > # dh_builddeb -O--buildsystem=pybuild
> > dpkg-deb: building package `python-pyfaidx' in `../python-pyfaidx_0.4.2-0~bpo8+1_all.deb'.
> > dpkg-deb: building package `python3-pyfaidx' in `../python3-pyfaidx_0.4.2-0~bpo8+1_all.deb'.
> > dpkg-deb: building package `python-pyfaidx-examples' in `../python-pyfaidx-examples_0.4.2-0~bpo8+1_all.deb'.
> >
> > this obviously works fine.
>
> yes, because you're building as root, which can write anywhere he likes
> :)
>
> > So the problem is definitely created by gbp.
>
> s/gbp/pbuilder/
If you think so... At least it is pbuilder only if called by gbp.
Kind regards
Andreas.
--
http://fam-tille.de
Reply to: