Bug#845715: Required targets must not write outside of the source package tree
Bill Allombert wrote:
> +Required targets must not attempt to write outside of the unpacked
> +source package tree. There are two exceptions. Firstly, the binary
> +targets may write the binary packages to the parent directory of the
> +unpacked source package tree. Secondly, required targets may write to
> +/tmp, /var/tmp and to the directory specified by the ``TMPDIR``
> environment
> + variable, but must not depend on the content of either.
> +
> +This restriction is intended to prevent source package builds creating
> +and depending on state outside of themselves, thus affecting multiple
> +independent rebuilds. In particular, the required targets must not
> +attempt to write into ``HOME``.
At the risk of letting perfect be the enemy of good, is it obvious following
this final remark about HOME that:
* if user sets TMPDIR=$HOME/tmp then it is indeed OK to write into HOME?
* if the package redefines HOME within d/rules then it is ok to write to the
(redefined) HOME?
It's reasonably common to redefine HOME within d/rules to make the build
robust against a user's config files and/or to prevent unwanted config files
being created.
https://codesearch.debian.net/search?q=path%3Adebian%2Frules+%5B+%5DHOME%3D
(I would cheerfully second the above text if my [deliberate] misreading is
an outlier and any tightening of the text is so hard to understand that it's
not actually an improvement.)
cheers
Stuart
--
Stuart Prescott http://www.nanonanonano.net/ stuart@nanonanonano.net
Debian Developer http://www.debian.org/ stuart@debian.org
GPG fingerprint 90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7
Reply to: