[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1002626: debian-policy: building packages should not require to be root

Vincent Lefevre <vincent@vinc17.net> writes:
> On 2021-12-25 14:48:33 -0800, Russ Allbery wrote:
>> Vincent Lefevre <vincent@vinc17.net> writes:

>>> Here, the build via "debuild" is failing even when fakeroot is
>>> available (installed on the machine). Note that Rules-Requires-Root
>>> has been set to "no". IMHO, the policy should say that when
>>> Rules-Requires-Root is set to "no", being root or using fakeroot
>>> should not be required.

>> It does already.

>>     no: Declares that neither root nor fakeroot is required. Package
>>     builders (e.g. dpkg-buildpackage) may choose to invoke any target in
>>     debian/rules with an unprivileged user.

>> Am I missing something?

> According to Sean, this is just advisory (and Scott Kitterman seemed
> to assume that a build failure as non-root[*] was not a RC bug).

I don't understand what "advisory" means here.  This field controls the
behavior of the package building software.  If the package says that root
isn't required, the package will be built without root.  If root turns out
to be required, the package will FTBFS.  There's nothing "advisory" about
having inaccurate package metadata that causes FTBFS, surely?

Presumably the question is about the severity of the bug, but I don't
think the severity question has anything to do with the Policy wording or
would change if we worded Policy differently.  The package says that you
don't have to run it as root, so an autobuilder that knows about
Rules-Requires-Root won't run the build as root, the build will fail, and
that's a FTBFS bug, regardless of what Policy says.  Presumably Lucas
would report it as such if his builder supports Rules-Requires-Root.

Reading the bug log, I'm not sure there's even any disagreement about
that.  What I see instead is that Scott was surprised that the file being
removed was not writable and thought that was something that you had done
in the local build system and that therefore wouldn't happen with other
rebuild efforts.  It looks like that's not the case, so I think this was
just a bog-standard FTBFS, only a bit surprising because it was triggered
by honoring Rules-Requires-Root, which I'm not sure the buildds do (yet).

-- 
Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>
Reply to: