[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#996540: Post install fails when run as non-root user and does not respect PKG_ROOT

On Mon, 17 Jan 2022 09:10:52 +0100
Johannes Schauer Marin Rodrigues <josch@debian.org> wrote:

> Quoting Glenn Washburn (2022-01-17 08:42:24)
> > I'll restate my use case briefly here. The use case is installing packages as
> > an unprivileged user to a user writable location (I don't have privileges on
> > this machine and can't chroot). This can be done by invoking the dpkg binary
> > with the "--force-script-chrootless" option and works, but the post install
> > fails.
> 
> And just as I told you in that other bug, you can achieve that same thing
> without being root by using either fakechroot or by unsharing the user
> namespace. But you definitely have privileges for the former.

Chroot is a semantic I'e been trying to avoid because I'm wanting to
use the main filesystem as much as possible (ie only install what's
not already installed on the main system). I believe unprivileged
overlayfs is what I want. I could use overlayfs in UML, but so far
trying to avoid that as a dependency. I believe Ubuntu has a patch for
this, but I don't think its been accepted to mainline yet. So here I am.

> We don't need to put support allowing maintainer scripts to be run as another
> user as the root user if there are mechanisms that can fake the root user. For
> good reasons package maintainers are cautious when it's about increasing the
> complexity of their maintainer scripts and it should only be done when it's
> absolutely necessary.

Yes, I've heard this before. Probably at a minimum this should be
documented in the dpkg debian man page, perhaps under script-chrootless
or DPKG_ROOT, noting that that not all distro packages honor this
method of package install.

> The final decision of course lies with the texinfo maintainers and not me. I'm
> just explaining for you (again) why this is not needed. Just have a look at the
> mmdebstrap code and how it fakes being root to create chroot tarballs without
> any root privileges. Take that code and use it for your own project and you
> will not have to file another of these bugs as all packages will just magically
> work without any changes. If you need help understanding how mmdebstrap does
> what it does I (again) offer you my help.

Thank you Josch. I don't believe this can help me because of the afore
mentioned issue with chroot. Am I mistaken? You can take this
discussion off the bug list if you like. It seems to be venturing into
irrelevant territory.

Glenn
Reply to: