Bug#880920: Document Rules-Requires-Root field
- To: 880920@bugs.debian.org
- Subject: Bug#880920: Document Rules-Requires-Root field
- From: Josh Triplett <josh@joshtriplett.org>
- Date: Mon, 1 Jan 2018 08:48:42 -0800
- Message-id: <[🔎] 20180101164838.GA16779@localhost>
- Reply-to: Josh Triplett <josh@joshtriplett.org>, 880920@bugs.debian.org
- In-reply-to: <9450b851-265c-3aff-2e33-f447047ee19e@thykier.net>
- References: <b4a0f34e-bc21-60ae-99f5-caba6db20923@thykier.net> <m2n.s.1eBOes-116207@chiark.greenend.org.uk> <87fu9sbq1o.fsf@iris.silentflame.com> <23042.64971.490270.316891@chiark.greenend.org.uk> <87y3ng2qo4.fsf@iris.silentflame.com> <87y3ng2qo4.fsf@iris.silentflame.com> <9450b851-265c-3aff-2e33-f447047ee19e@thykier.net> <87fu9sbq1o.fsf@iris.silentflame.com>
On Fri, 29 Dec 2017 11:29:00 +0000 Niels Thykier <niels@thykier.net> wrote:
> Here is an initial draft for how I think it could look.
>
> Review welcome.
[...]
> +The `gain root command` is passed to the build script via the
> +``DPKG_GAIN_ROOT_CMD`` environment variable. It is space separated
> +list with the first word being the command (which should available be
> +in PATH) and additional words being arguments. The `gain root
> +command` may not be used via a shell and accordingly it must not rely
> +on shell features.
> +
> +The `gain root command` must not prompt or require human interaction
> +(as the build script itself must not require interaction).
> +Furthermore, it must be possible to preprend the command to an
> +existing command without having to alter or quote the command being
> +invoked.
> +
> +The following are examples of valid defitions root commands (in the sh
> +syntax) provided the tools are available and properly configured::
> +
> + # Command "sudo", with arguments "-nE" and "--"
> + export DPKG_GAIN_ROOT_CMD='sudo -nE --'
> + # Command "fakeroot" with the single argument "--"
> + export DPKG_GAIN_ROOT_CMD='fakeroot --'
You use sudo with -E here to preserve the environment. If that's a
requirement, then the preceding paragraph should explicitly say
something like "the command must preserve all environment variables,
unmodified".
Reply to: