Debian Bug report logs - #567995
cowbuilder doesn't honor my $HOME/.pbuilderrc

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Micah Anderson <micah@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: cowbuilder doesn't honor my $HOME/.pbuilderrc

Date: Mon, 01 Feb 2010 13:27:44 -0500

Package: cowbuilder
Version: 0.61
Severity: normal

My ~/.pbuilderrc has this in it:

if [ -n "${DIST}" ]; then
        BASETGZ="`dirname $BASETGZ`/$DIST-base.tgz"
        DISTRIBUTION="$DIST"
        BUILDRESULT="/var/cache/pbuilder/$DIST/result/"
        APTCACHE="/var/cache/pbuilder/$DIST/aptcache/"
fi

(which comes from http://pbuilder.alioth.debian.org/#DISTRIBUTIONSWITCH)

The cowbuilder(8) man page says that cowbuilder reads ~/.pbuilderrc, but when I do the following, it is clearly not used:

pond% DIST=lenny sudo cowbuilder --update                                                            
 -> Copying COW directory
  forking: rm -rf /var/cache/pbuilder/build//cow.28818 
  forking: cp -al /var/cache/pbuilder/base.cow /var/cache/pbuilder/build//cow.28818 
cp: cannot stat `/var/cache/pbuilder/base.cow': No such file or directory
Failed cowcopy.

and when I do a --create, its clear that the --distribution is overridden somehow and created as sid:

pond% sudo DIST=lenny cowbuilder --create --debug                                                    
 -> Invoking pbuilder
  forking: pbuilder create --debug --buildplace /var/cache/pbuilder/base.cow --mirror http://debian.csail.mit.edu/debian/ --distribution sid --no-targz --extrapackages cowdancer 
++ shift
++ '[' -n --buildplace ']'
++ case "$1" in
++ '[' '!' -d /var/cache/pbuilder/base.cow ']'
+++ readlink -f /var/cache/pbuilder/base.cow
++ BUILDPLACE=/var/cache/pbuilder/base.cow
++ shift
++ shift
++ '[' -n --mirror ']'
++ case "$1" in
++ MIRRORSITE=http://debian.csail.mit.edu/debian/
++ OVERRIDE_APTLINES_WARN=yes
++ shift
++ shift
++ '[' -n --distribution ']'
++ case "$1" in
++ DISTRIBUTION=sid
++ OVERRIDE_APTLINES_WARN=yes
++ shift
++ shift
++ '[' -n --no-targz ']'
++ case "$1" in
++ log 'I: Running in no-targz mode'
++ case "$*" in
++ echo 'I: Running in no-targz mode'
I: Running in no-targz mode
++ INTERNAL_BUILD_UML=yes
++ shift
++ '[' -n --extrapackages ']'
++ case "$1" in
++ EXTRAPACKAGES=cowdancer
++ shift
++ shift
++ '[' -n '' ']'
++ BUILDPLACE=/var/cache/pbuilder/base.cow
++ BASEBUILDPLACE=/var/cache/pbuilder/base.cow

If I pass the --configfile option to point directly at my
~/.pbuilderrc, it does start to use it, but then the options get
overridden. The BASETGZ gets set to the right place, the DISTRIBUTION
gets set to the right one, the BUILDRESULT gets set to the right one,
but then they are reset later in the process to be the wrong ones:

pond% sudo DIST=lenny cowbuilder --create --debug --configfile /home/micah/.pbuilderrc
 -> Invoking pbuilder
  forking: pbuilder create --debug --configfile /home/micah/.pbuilderrc --buildplace /var/cache/pbuilder/base.cow --mirror http://debian.csail.mit.edu/debian/ --distribution sid --no-targz --extrapackages cowdancer 
++ shift
++ '[' -n --configfile ']'
++ case "$1" in
++ '[' '!' -f /home/micah/.pbuilderrc ']'
++ . /home/micah/.pbuilderrc
+++ '[' -n lenny ']'
++++ dirname /var/cache/pbuilder/lenny-base.tgz
+++ BASETGZ=/var/cache/pbuilder/lenny-base.tgz
+++ DISTRIBUTION=lenny
+++ BUILDRESULT=/var/cache/pbuilder/lenny/result/
+++ APTCACHE=/var/cache/pbuilder/lenny/aptcache/
++ EXTRA_CONFIGFILE[${#EXTRA_CONFIGFILE[@]}]=/home/micah/.pbuilderrc
++ shift
++ shift
++ '[' -n --buildplace ']'
++ case "$1" in
++ '[' '!' -d /var/cache/pbuilder/base.cow ']'
+++ readlink -f /var/cache/pbuilder/base.cow
++ BUILDPLACE=/var/cache/pbuilder/base.cow
++ shift
++ shift
++ '[' -n --mirror ']'
++ case "$1" in
++ MIRRORSITE=http://debian.csail.mit.edu/debian/
++ OVERRIDE_APTLINES_WARN=yes
++ shift
++ shift
++ '[' -n --distribution ']'
++ case "$1" in
++ DISTRIBUTION=sid
++ OVERRIDE_APTLINES_WARN=yes
++ shift
++ shift
++ '[' -n --no-targz ']'
++ case "$1" in
++ log 'I: Running in no-targz mode'
++ case "$*" in
++ echo 'I: Running in no-targz mode'
I: Running in no-targz mode
++ INTERNAL_BUILD_UML=yes
++ shift
++ '[' -n --extrapackages ']'
++ case "$1" in
++ EXTRAPACKAGES=cowdancer
++ shift
++ shift
++ '[' -n '' ']'
++ BUILDPLACE=/var/cache/pbuilder/base.cow
++ BASEBUILDPLACE=/var/cache/pbuilder/base.cow
++ '[' yes '!=' yes -a no '!=' yes ']'
++ '[' -z '' ']'
++ CHROOTEXEC='chroot /var/cache/pbuilder/base.cow '
++ '[' sid = experimental ']'
++ EXPERIMENTAL=

Notice in the above that the DISTRIBUTION was set to lenny, but now it
is set to sid, and the other environment variables that were
previously set have been overridden.

thanks for your work on these utilities!
micah

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.31-1-vserver-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages cowbuilder depends on:
ii  cowdancer                     0.61       Copy-on-write directory tree utili
ii  libc6                         2.10.2-5   Embedded GNU C Library: Shared lib
ii  pbuilder                      0.196      personal package builder for Debia

cowbuilder recommends no packages.

cowbuilder suggests no packages.

-- no debconf information

Message #10 received at submit@bugs.debian.org (full text, mbox, reply):

From: Junichi Uekawa <dancer@netfort.gr.jp>

To: Micah Anderson <micah@debian.org>, 567995@bugs.debian.org

Cc: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: Re: Bug#567995: cowbuilder doesn't honor my $HOME/.pbuilderrc

Date: Fri, 05 Feb 2010 08:50:24 +0900

Hi,


At Mon, 01 Feb 2010 13:27:44 -0500,
Micah Anderson wrote:
> 
> Package: cowbuilder
> Version: 0.61
> Severity: normal
> 
> My ~/.pbuilderrc has this in it:

Hmm... I have an impression that ~/.pbuilderrc might happen to be looking at
/root/.pbuilderrc.

Could you check?

Message #20 received at submit@bugs.debian.org (full text, mbox, reply):

From: micah anderson <micah@debian.org>

To: Junichi Uekawa <dancer@netfort.gr.jp>, 567995@bugs.debian.org

Cc: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: Re: Bug#567995: cowbuilder doesn't honor my $HOME/.pbuilderrc

Date: Mon, 08 Feb 2010 18:47:06 -0500

[Message part 1 (text/plain, inline)]

On Fri, 05 Feb 2010 08:50:24 +0900, Junichi Uekawa <dancer@netfort.gr.jp> wrote:
> Hi,
> 
> 
> At Mon, 01 Feb 2010 13:27:44 -0500,
> Micah Anderson wrote:
> > 
> > Package: cowbuilder
> > Version: 0.61
> > Severity: normal
> > 
> > My ~/.pbuilderrc has this in it:
> 
> Hmm... I have an impression that ~/.pbuilderrc might happen to be looking at
> /root/.pbuilderrc.
> 
> Could you check?

I have the same thing in /root/.pbuilderrc and the same issue happens:

# cat /root/.pbuilderrc

if [ -n "${DIST}" ]; then 
   BASETGZ="`dirname $BASETGZ`/$DIST-base.tgz"
   DISTRIBUTION="$DIST"
   BUILDRESULT="/var/cache/pbuilder/$DIST/result/"
   APTCACHE="/var/cache/pbuilder/$DIST/aptcache/" 
fi

# DIST=lenny cowbuilder --create

 -> Invoking pbuilder
  forking: pbuilder create --buildplace /var/cache/pbuilder/base.cow --mirror http://debian.csail.mit.edu/debian/ --distribution sid --no-targz --extrapackages cowdancer 
I: Running in no-targz mode
I: Distribution is sid.
I: Building the build environment

as you can see, Distribution gets set to sid, when I specifically said
DIST=lenny

micah

[Message part 2 (application/pgp-signature, inline)]

Message #30 received at 567995@bugs.debian.org (full text, mbox, reply):

From: Stefan Lesicnik <stefan@lsd.co.za>

To: 567995@bugs.debian.org

Subject: Confirmation

Date: Sat, 20 Feb 2010 20:41:05 +0200 (SAST)

Hi,

Just for information, I am also using this version under Ubuntu and same thing happens. It seems to ignore /etc/pbuilderrc and .pbuilderrc.

Stefan

Message #37 received at 567995@bugs.debian.org (full text, mbox, reply):

From: David Paleino <dapal@debian.org>

To: 567995@bugs.debian.org

Subject: Confirming bug in 0.65

Date: Thu, 29 Sep 2011 19:25:05 +0200

[Message part 1 (text/plain, inline)]

Hello everybody,
this bug seems due to the changes in sudo, i.e. it does not retain the $HOME
env var:

$ sudo env | grep ^HOME
HOME=/root

forcing the setting of $HOME makes cowbuilder honor ~/.pbuilderrc again (see
later). This is tricky, and thus should be fixed in cowbuilder itself.

I have BINDMOUNTS="/deb/local" in my .pbuilderrc, and this is what happens:

$ sudo cowbuilder  --update 
[..]
W: Failed to fetch file:/deb/local/./Packages  File not found
[..]
$

$ sudo HOME=/home/david cowbuilder  --update 
[..]
Ign file: ./ InRelease
Get:1 file: ./ Release.gpg [72 B]
Get:2 file: ./ Release [712 B]
[..]

i.e. it finds my bindmount.

Kindly,
David

-- 
 . ''`.   Debian developer | http://wiki.debian.org/DavidPaleino
 : :'  : Linuxer #334216 --|-- http://www.hanskalabs.net/
 `. `'`  GPG: 1392B174 ----|---- http://deb.li/dapal
   `-   2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174

[signature.asc (application/pgp-signature, attachment)]

Message #42 received at 567995@bugs.debian.org (full text, mbox, reply):

From: David Paleino <dapal@debian.org>

To: 567995@bugs.debian.org

Subject: Re: Confirming bug in 0.65

Date: Thu, 29 Sep 2011 21:12:57 +0200

[Message part 1 (text/plain, inline)]

tags 567995 patch
thanks

I'm attaching a patch that adds a snippet to /etc/sudoers.d/, so that sudo
preserves $HOME during its actions.

This seems the cleanest approach to me, but it needs a
"#includedir /etc/sudoers.d/" line in /etc/sudoers. This isn't the case
everywhere.

I also thought at coding something into parameter.c, i.e. try to parse
$SUDO_USER, and try to detect the correct $HOME (getenv + getpwnam). I couldn't
test this, and I already had a patch ready, but inadvertently deleted it. If
needed I can make it again.

Kindly,
David

-- 
 . ''`.   Debian developer | http://wiki.debian.org/DavidPaleino
 : :'  : Linuxer #334216 --|-- http://www.hanskalabs.net/
 `. `'`  GPG: 1392B174 ----|---- http://deb.li/dapal
   `-   2BAB C625 4E66 E7B8 450A C3E1 E6AA 9017 1392 B174

[sudoers.d_snippet.patch (text/x-patch, attachment)]

[signature.asc (application/pgp-signature, attachment)]

Message #49 received at 567995@bugs.debian.org (full text, mbox, reply):

From: Luca Capello <luca@pca.it>

To: 567995@bugs.debian.org

Cc: David Paleino <dapal@debian.org>, Micah Anderson <micah@debian.org>, Stefan Lesicnik <stefan@lsd.co.za>, Neil Williams <codehelp@debian.org>

Subject: Re: Bug#567995: Confirming bug in 0.65

Date: Mon, 24 Oct 2011 18:12:49 +0200

[Message part 1 (text/plain, inline)]

Hi there!

Cc:ing all the people involved with this bug, sorry for the spam.

On Thu, 29 Sep 2011 21:12:57 +0200, David Paleino wrote:
> I'm attaching a patch that adds a snippet to /etc/sudoers.d/, so that sudo
> preserves $HOME during its actions.
>
> This seems the cleanest approach to me, but it needs a
> "#includedir /etc/sudoers.d/" line in /etc/sudoers. This isn't the case
> everywhere.

FYI that line is available since sudo_1.7.2p1-1:

--8<---------------cut here---------------start------------->8---
sudo (1.7.2p1-1) unstable; urgency=low

  * new upstream version
  * add support for /etc/sudoers.d using #includedir in default sudoers, 
    which I think is also a good solution to the request for a crontab-like
    API requested in March of 2001, closes: #539994, #271813, #89743
  * move init.d script from using rcS.d to rc[0-6].d, closes: #542924

 -- Bdale Garbee <bdale@gag.com>  Mon, 31 Aug 2009 14:09:32 -0600
--8<---------------cut here---------------end--------------->8---

However, please note that your patch is IMHO plainly wrong, because
first you are overriding the Defaults declaration in /etc/sudoers
without notifying anyone and, second, your snippet does not apply to
cowbuilder only, but for every sudo call.

Please note that this bug is nothing more than a duplicate of #563728
which was itself linked to #361362.  The workaround Neil Willimas
(Cc:ed) proposed on his blog post has the same implication of your
patch:

  <http://www.linux.codehelp.co.uk/serendipity/index.php?/archives/213-pbuilder-not-finding-HOME.pbuilderrc-anymore.html>

A better solution would be to notify users that what you need is to add
the SETENV tag to the *builder lines in their sudoers file, from `man 5
sudoers`:

	SETENV and NOSETENV

	These tags override the value of the setenv option on a
	per-command basis.  Note that if SETENV has been set for a
	command, the user may disable the env_reset option from the
	command line via the -E option.  Additionally, environment
	variables set on the command line are not subject to the
	restrictions imposed by env_check, env_delete, or env_keep.
	As such, only trusted users should be allowed to set
	variables in this manner.  If the command matched is ALL,
	the SETENV tag is implied for that command; this default may
	be overridden by use of the NOSETENV tag.

Given that pdebuild already calls sudo with the -E option, everything
should be OK:

  <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361362#54>
  <https://launchpad.net/bugs/175776>

Here is the example:
=====
root@gismo:/home/luca# grep -R HOME /etc/sudoers*

root@gismo:/home/luca# grep -R SETENV /etc/sudoers*
/etc/sudoers.d/luca:luca        ALL = SETENV: /usr/sbin/*builder
/etc/sudoers.d/luca:luca        ALL = SETENV: /usr/bin/env

luca@gismo:~$ sudo env | grep HOME
HOME=/root

luca@gismo:~$ sudo -E env | grep HOME
HOME=/home/luca

luca@gismo:~$ 
=====

Thx, bye,
Gismo / Luca

[Message part 2 (application/pgp-signature, inline)]

Message #54 received at 567995-done@bugs.debian.org (full text, mbox, reply):

From: "Iain R. Learmonth" <irl@debian.org>

To: 567995-done@bugs.debian.org

Subject: Re: Bug#567995: not a bug in cowbuilder

Date: Fri, 25 Dec 2015 11:03:10 +0000

Hi,

cowbuilder is honouring your $HOME/.pbuilderrc, but your $HOME is wrong.
This is not a bug in cowbuilder.

Tools such as git-buildpackage use cowbuilder, and use sudo when they do. It
may be appropriate to file bugs on those packages to ask them to preserve
the $HOME variable when they make those calls.

I am closing this bug.

Thanks,
Iain.

-- 

Send a report that this bug log contains spam.