Debian Bug report logs - #666274
schroot complains about unknow source-root-groups config entry

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Raphaël Hertzog <hertzog@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: schroot complains about unknow source-root-groups config entry

Date: Fri, 30 Mar 2012 09:53:30 +0200

Package: schroot
Version: 1.4.25-1
Severity: minor

I have this warning about a chroot I setup:
$ LANG=C schroot -c squeeze -p
W: line 7 [sid-test]: Unknown key 'source-root-groups' used
I: This option may be present in a newer version

However man schroot.conf clearly documents this key:

source-root-users=user1,user2,...
      A comma-separated list of users which are allowed password-less root  access
      to  the  source  chroot.  If empty or omitted, no users will be allowed root
      access without a password (but if a user is in users, they may  gain  access
      with  a  password).   This  will  become the root-users option in the source
      chroot.  See the section “Security” below.

source-root-groups=group1,group2,...
      A comma-separated list of groups which are allowed password-less root access
      to  the  source  chroot.  If empty or omitted, no users will be allowed root
      access without a password (but if a user's group is in groups, they may gain
      access  with  a  password).   This will become the root-groups option in the
      source chroot.  See the section “Security” below.

After investigation, it turns out that this specific chroot was
lacking my usual "union-type=aufs" entry... I believe that the error
message should be improved to point out the real underlying problem
because claiming that the key is unknown is misleading.

-- System Information:
Debian Release: wheezy/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (150, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages schroot depends on:
ii  libboost-filesystem1.48.0       1.48.0-3
ii  libboost-program-options1.48.0  1.48.0-3
ii  libboost-regex1.48.0            1.48.0-3
ii  libboost-system1.48.0           1.48.0-3
ii  libc6                           2.13-27
ii  libgcc1                         1:4.7.0-1
ii  liblockdev1                     1.0.3-1.4+b2
ii  libpam0g                        1.1.3-7
ii  libstdc++6                      4.7.0-1
ii  libuuid1                        2.20.1-4
ii  schroot-common                  1.4.25-1

schroot recommends no packages.

Versions of packages schroot suggests:
ii  aufs-modules | unionfs-modules  <none>
ii  btrfs-tools                     0.19+20111105-2
ii  debootstrap                     1.0.39
ii  lvm2                            2.02.88-2

-- Configuration Files:
/etc/schroot/default/copyfiles changed [not included]
/etc/schroot/default/fstab changed [not included]

-- no debconf information

Message #10 received at 666274@bugs.debian.org (full text, mbox, reply):

From: Roger Leigh <rleigh@codelibre.net>

To: Raphaël Hertzog <hertzog@debian.org>, 666274@bugs.debian.org

Subject: Re: [buildd-tools-devel] Bug#666274: schroot complains about unknow source-root-groups config entry

Date: Fri, 30 Mar 2012 10:13:28 +0100

On Fri, Mar 30, 2012 at 09:53:30AM +0200, Raphaël Hertzog wrote:
> 
> I have this warning about a chroot I setup:
> $ LANG=C schroot -c squeeze -p
> W: line 7 [sid-test]: Unknown key 'source-root-groups' used
> I: This option may be present in a newer version
> 
> However man schroot.conf clearly documents this key:
> After investigation, it turns out that this specific chroot was
> lacking my usual "union-type=aufs" entry... I believe that the error
> message should be improved to point out the real underlying problem
> because claiming that the key is unknown is misleading.

We currently treat any key which isn't settable as "unknown".
Maybe we should report it as "invalid" instead?  Or we could
have a list of known and deprecated keys, and tailor the
warning appropriately.  In this specific case, without the
union-type setting, the chroot most likely isn't a source
chroot, and hence there is not means to set that key on that
particular chroot instance (it entirely lacks the logic, the
chroot_facet_source_clonable facet), so is completely
unaware that it's valid in other contexts.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux    http://people.debian.org/~rleigh/
 `. `'   schroot and sbuild  http://alioth.debian.org/projects/buildd-tools
   `-    GPG Public Key      F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800

Message #15 received at 666274@bugs.debian.org (full text, mbox, reply):

From: Raphael Hertzog <hertzog@debian.org>

To: Roger Leigh <rleigh@codelibre.net>

Cc: 666274@bugs.debian.org

Subject: Re: [buildd-tools-devel] Bug#666274: schroot complains about unknow source-root-groups config entry

Date: Fri, 30 Mar 2012 14:29:59 +0200

On Fri, 30 Mar 2012, Roger Leigh wrote:
> We currently treat any key which isn't settable as "unknown".
> Maybe we should report it as "invalid" instead?  Or we could
> have a list of known and deprecated keys, and tailor the
> warning appropriately.  In this specific case, without the
> union-type setting, the chroot most likely isn't a source
> chroot, and hence there is not means to set that key on that
> particular chroot instance (it entirely lacks the logic, the
> chroot_facet_source_clonable facet), so is completely
> unaware that it's valid in other contexts.

At the very least the error message should hint that it can be
either invalid or not appropriate for this specific "facet".

But the more specific you can be, the better.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Pre-order a copy of the Debian Administrator's Handbook and help
liberate it: http://debian-handbook.info/liberation/

Message #20 received at 666274-close@bugs.debian.org (full text, mbox, reply):

From: Roger Leigh <rleigh@debian.org>

To: 666274-close@bugs.debian.org

Subject: Bug#666274: fixed in schroot 1.5.2-1

Date: Tue, 15 May 2012 22:37:16 +0000

Source: schroot
Source-Version: 1.5.2-1

We believe that the bug you reported is fixed in the latest version of
schroot, which is due to be installed in the Debian FTP archive:

dchroot-dsa_1.5.2-1_amd64.deb
  to main/s/schroot/dchroot-dsa_1.5.2-1_amd64.deb
dchroot_1.5.2-1_amd64.deb
  to main/s/schroot/dchroot_1.5.2-1_amd64.deb
libsbuild-dev_1.5.2-1_amd64.deb
  to main/s/schroot/libsbuild-dev_1.5.2-1_amd64.deb
libsbuild-doc_1.5.2-1_all.deb
  to main/s/schroot/libsbuild-doc_1.5.2-1_all.deb
schroot-common_1.5.2-1_all.deb
  to main/s/schroot/schroot-common_1.5.2-1_all.deb
schroot-dbg_1.5.2-1_amd64.deb
  to main/s/schroot/schroot-dbg_1.5.2-1_amd64.deb
schroot_1.5.2-1.debian.tar.gz
  to main/s/schroot/schroot_1.5.2-1.debian.tar.gz
schroot_1.5.2-1.dsc
  to main/s/schroot/schroot_1.5.2-1.dsc
schroot_1.5.2-1_amd64.deb
  to main/s/schroot/schroot_1.5.2-1_amd64.deb
schroot_1.5.2.orig.tar.xz
  to main/s/schroot/schroot_1.5.2.orig.tar.xz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 666274@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Roger Leigh <rleigh@debian.org> (supplier of updated schroot package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 14 May 2012 23:29:22 +0100
Source: schroot
Binary: schroot-common libsbuild-dev schroot-dbg libsbuild-doc schroot dchroot dchroot-dsa
Architecture: source all amd64
Version: 1.5.2-1
Distribution: experimental
Urgency: low
Maintainer: Debian buildd-tools Developers <buildd-tools-devel@lists.alioth.debian.org>
Changed-By: Roger Leigh <rleigh@debian.org>
Description: 
 dchroot    - Execute commands in a chroot environment
 dchroot-dsa - Execute commands in a chroot environment
 libsbuild-dev - development files for the Debian source builder
 libsbuild-doc - development documentation for the Debian source builder
 schroot    - Execute commands in a chroot environment
 schroot-common - common files for schroot
 schroot-dbg - schroot, dchroot and dchroot-dsa debugging symbols
Closes: 477937 588962 625202 625205 648450 653732 658544 659524 659967 660040 661514 666274 666497 670881 672113
Changes: 
 schroot (1.5.2-1) experimental; urgency=low
 .
   * New upstream development release.
   * Build with current Boost libraries (1.49).
   * debian/control:
     - Fix typo (debuggging, Closes: #653732).  Thanks to Vincent Blut.
     - Build-Depend on debhelper 9, and po4a 0.40.
     - Upgrade to Standards-Version 3.9.3.
   * schroot preinst: Remove default (script-config) conffiles on
     upgrade.  These are deprecated and support will be dropped in
     the future.
   * /etc/default/schroot supports ending sessions on stop
     (Closes: #625202).  The existing SESSIONS_RECOVER option has been
     renamed to START_ACTION, and an additional STOP_ACTION option has
     been added.  Both of these may be set to "end" to cause all
     sessions to be ended when run with a "start" or "stop" argument,
     respectively.
   * Support translation of the documentation with po4a
     (Closes: #588962).  A French translation of the manual pages has
     been added, and translated manual pages are built, but is not yet
     installed.  Thanks to David Prévot.
   * Support for overlayfs has been added in addition to aufs and
     unionfs (Closes: #648450).  Thanks to Evan Broder.
   * Arbitrary options may now be set in a chroot definition in
     schroot.conf.  These options are also set in the environment when
     running setup scripts, making this a simple means by which setup
     scripts may be customised without writing code.  As part of this
     change, the error message for invalid keys has been reworded to
     make it more helpful (Closes: #666274).
   * The gshadow database is now copied into the chroot using the
     nssdatabases setup script, rather than copyfiles.
   * Services may be started and stopped inside the chroot on session
     creation and session ending (Closes: #625205).  These are specified
     using the new setup.services key, and are started and stopped using
     invoke-rc.d.  See schroot.conf(5) for further details.
   * 15killprocs kills processes under CHROOT_PATH rather than
     CHROOT_MOUNT_LOCATION (Closes: #672113).  Thanks to Julien Viard de
     Galbert.
   * The above options may be set (where permitted) on the schroot
     command-line by using the new --option command-line option to set
     the option to a user-defined value, which will permit users to
     customise the behaviour of setup scripts.  Note that only keys
     specified in the new user-modifiable-keys or root-modifiable-keys
     settings are permitted to be set, for security reasons.
   * A new "custom" chroot type has been added (Closes: #477937).  This
     permits the testing and development of new specialised chroot
     types without the need to write any C++ chroot modules.  It just
     requires a custom setup script, which can use arbitrary options
     set in your schroot.conf for configuration.  Options are provided
     to set up the session cloning and purging behaviour for the custom
     chroot.  See schroot.conf(5) for further details.
   * Exceptions thrown for command-line options validation errors no
     longer use the Boost validation_error exception, which formatted
     the exception reason text badly (Closes: #666497).
   * schroot(1): Update overview text, including explaining the
     restriction of the plain chroot type not running setup scripts
     (Closes: #670881).
   * PATH is now set when running setup scripts.
   * Updated translations:
     - da (Closes: #658544).  Thanks to Joe Hansen.
     - de (Closes: #659524).  Thanks to Holger Wansing.
     - fr (Closes: #661514).  Thanks to Thomas Blein.
     - pt (Closes: #660040).  Thanks to Pedro Ribeiro.
     - zh_CN (Closes: #659967).  Thanks to Ji ZhengYu.
Checksums-Sha1: 
 46d95ae57ef81ae04d2bb942011a034791913c4e 2424 schroot_1.5.2-1.dsc
 40377167864c508901882951a1c18ad65cbf744a 718344 schroot_1.5.2.orig.tar.xz
 9eaf97eac6c0635ea18a37224b3e86255107b5c5 26764 schroot_1.5.2-1.debian.tar.gz
 ea69f4484ca60bf980e71fc4fb4fc5c59f9610a6 252632 schroot-common_1.5.2-1_all.deb
 b39961b61ce9d66f7263f622c882ed448b5e4dcc 2289162 libsbuild-dev_1.5.2-1_amd64.deb
 b507d22255106284de74fcf04fd5eefc083180de 29677682 schroot-dbg_1.5.2-1_amd64.deb
 0bbfcaa044a879c89a0f2a59e9914380c30b8eb6 7763476 libsbuild-doc_1.5.2-1_all.deb
 4f055759337a3fd59358c1c03bfb50bcbaba028d 953368 schroot_1.5.2-1_amd64.deb
 1ad84ef5033632d2ac6d3b6719bd6531811390db 370280 dchroot_1.5.2-1_amd64.deb
 ebaace85d3790af293b5bad0f216099a02650a14 369528 dchroot-dsa_1.5.2-1_amd64.deb
Checksums-Sha256: 
 985e7a881b2a3e8b6060418c7b1a5601180986d1a7a0cab4dc2ac325622d8672 2424 schroot_1.5.2-1.dsc
 14ea4c1fcd13fbccc4ac287d33e70ef26a804d85b803b60ee9d75a8f2c8eb9fc 718344 schroot_1.5.2.orig.tar.xz
 70bc839e0671412f741d3cbf6a7553102464b0267e00bc744a4fcce24ce7f054 26764 schroot_1.5.2-1.debian.tar.gz
 6d8610683e68a1df86c3b34cc563c832c8bae2c8cbaee3ab94c9032e61bc723f 252632 schroot-common_1.5.2-1_all.deb
 ab4a95e673ee7a40b690d41cf78af152c2512a828fa5792acbb69b60876da779 2289162 libsbuild-dev_1.5.2-1_amd64.deb
 5f9336e5b57b068be3c9402710dc4214dca940a547b0a860e66e38c43afa6a3a 29677682 schroot-dbg_1.5.2-1_amd64.deb
 c01b9db96f89bf82ad216f24fad5bb006fa5069ad9bc983d6d14c35ae41125b8 7763476 libsbuild-doc_1.5.2-1_all.deb
 06f8da78707c2296ee7c6e6df901f514155261d4747de74007faa8a5e351f9e5 953368 schroot_1.5.2-1_amd64.deb
 cadf5c34c73eb39f834decc5f810bb7b4f82a929ffb9ca656a10019e46b291ca 370280 dchroot_1.5.2-1_amd64.deb
 65edb882f2439af91bed0f558c8680ecc0160d1dacf0e3903c2b35a09f255897 369528 dchroot-dsa_1.5.2-1_amd64.deb
Files: 
 b6a925b56f5088359e2656a98cae4d0c 2424 admin optional schroot_1.5.2-1.dsc
 7504d34970697b951896a4e36bb07bd3 718344 admin optional schroot_1.5.2.orig.tar.xz
 92721f1e16d859c2373217a444d64f5d 26764 admin optional schroot_1.5.2-1.debian.tar.gz
 4b568fe66dec35daca987dbaf8396e2a 252632 admin optional schroot-common_1.5.2-1_all.deb
 1655225f16ac6632e0d04827b06c2173 2289162 libdevel optional libsbuild-dev_1.5.2-1_amd64.deb
 48188da135046620adea7a2b6e88caee 29677682 debug extra schroot-dbg_1.5.2-1_amd64.deb
 ff44d0b8eacc08ad16ec99b1f2e10f83 7763476 doc optional libsbuild-doc_1.5.2-1_all.deb
 980c18a88ff2a6d2d0cbb29b2fea87f7 953368 admin optional schroot_1.5.2-1_amd64.deb
 5d615c646ece726b00c420e72b9b1be4 370280 admin optional dchroot_1.5.2-1_amd64.deb
 1fc394e3a7065f9661eefde1f0db6178 369528 admin optional dchroot-dsa_1.5.2-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJPstEUAAoJEOJSSsUKn1xZwBIQALGJpz3JiKJK2xe2zAO9d5OT
PFdr3OzbjmFFVGnZHHde/0KohZ9OdAlMDUNr5CiDT73CcMkUOwSJJkSIhFsAUi5M
1awCYcsejTAUxSyKXimqDPdvI+e2jkWZ5xwaQX5fmCJ8fwN6pFyNizE83TepdiOU
jV0o6kJKKbXYtQCRGufxQPuxQAMWn8r4zdGLnLX8sucvznnFQoH33OhhJwhdaDj5
u3tJATFGvpcgoJ4G6OXHpeEc6t/S14Pm8XybFV03uFjQy/8WVSPLG5zYjvTnm2qx
5TZpUyIo9BMCzJgil1ZSa2Kw86nt/wwwmTa+ARDPokZIkHhh9hld9ma8P5EKkyqh
aNfPejbHm4xZ8s0zEWKjwK+Y+A5Dqdhf7oM7nMjewfgdrGSpPiVXuAbF2xImjt/T
iOzqoz+qRQ/PHLmPLfEZd1o3R84hN1kwPP9m0v8alUs8lAZahXHgpYIK0zrMMj2C
QjCcRLY3tU5Qbmh+XH5znSrdaRrnzOLggnT0Zl3/OXuZ0BYW/yEELvkb3fwC9dqO
6DrJu0kbcmU7QJudAQZs/nFXPrPGOmZLRHlo/nOl72k9Pvy/wvHVm4nQU2W3+YlE
BCiuc6M6u6CGChlmlIh9DSWCBLhyQsxnUxZ122ozROxgIEJiTzd1FbWKaFMwHDS5
ef8AeAx73TI91bVK4rpG
=r2bS
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.