Debian Bug report logs - #825991
sbuild: /etc/sbuild/sbuild.conf leaks the user home path

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Aurelien Jarno <aurel32@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: sbuild: /etc/sbuild/sbuild.conf leaks the user home path

Date: Wed, 01 Jun 2016 09:53:37 +0200

Package: sbuild
Version: 0.69.0-2
Severity: minor

Dear Maintainer,

The default sbuild.conf shipped with the sbuild package is generated
using the "sbuild-dumpconfig sbuild config" command. This causes the
stats_dir entry to contain the home path of the user who has build the
package:

| # STATS_DIR
| # Type: STRING
| # Directory for writing build statistics to
| # See also related command line options in sbuild(1):
| #   --stats-dir
| #$stats_dir = '/home/aurel32/stats';

Fortunately as sbuild is usually built on the build daemons,
/home/buildd/stats is used, which makes more sense.

Aurelien


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sbuild depends on:
ii  adduser         3.114
ii  apt-utils       1.2.12
ii  libsbuild-perl  0.69.0-2
ii  perl            5.22.2-1

Versions of packages sbuild recommends:
ii  debootstrap  1.0.81
ii  fakeroot     1.20.2-1

Versions of packages sbuild suggests:
ii  deborphan  1.7.28.8-0.3
ii  wget       1.17.1-2

-- no debconf information

Message #10 received at 825991@bugs.debian.org (full text, mbox, reply):

From: Johannes Schauer <josch@debian.org>

To: Aurelien Jarno <aurel32@debian.org>, 825991@bugs.debian.org

Cc: reproducible-builds@lists.alioth.debian.org

Subject: Re: [buildd-tools-devel] Bug#825991: sbuild: /etc/sbuild/sbuild.conf leaks the user home path

Date: Wed, 01 Jun 2016 11:08:27 +0200

[Message part 1 (text/plain, inline)]

Hi

Quoting Aurelien Jarno (2016-06-01 09:53:37)
> The default sbuild.conf shipped with the sbuild package is generated
> using the "sbuild-dumpconfig sbuild config" command. This causes the
> stats_dir entry to contain the home path of the user who has build the
> package:
> 
> | # STATS_DIR
> | # Type: STRING
> | # Directory for writing build statistics to
> | # See also related command line options in sbuild(1):
> | #   --stats-dir
> | #$stats_dir = '/home/aurel32/stats';
> 
> Fortunately as sbuild is usually built on the build daemons,
> /home/buildd/stats is used, which makes more sense.

Indeed, looking at the code, the default is set to $HOME/stats so your
observation makes sense.

Though I am surprised that the reproducible builds machinery didn't catch this
at all. It seems that sbuild is still marked as reproducible:

https://tests.reproducible-builds.org/rb-pkg/unstable/amd64/sbuild.html

Is there something wrong with how $HOME is set in the reproducible builds
pbuilder?

Thanks!

cheers, josch

[signature.asc (application/pgp-signature, inline)]

Message #15 received at 825991@bugs.debian.org (full text, mbox, reply):

From: Mattia Rizzolo <mattia@debian.org>

To: Johannes Schauer <josch@debian.org>, 825991@bugs.debian.org

Cc: Aurelien Jarno <aurel32@debian.org>, reproducible-builds@lists.alioth.debian.org

Subject: Re: [buildd-tools-devel] Bug#825991: Bug#825991: sbuild: /etc/sbuild/sbuild.conf leaks the user home path

Date: Wed, 1 Jun 2016 09:55:31 +0000

[Message part 1 (text/plain, inline)]

On Wed, Jun 01, 2016 at 11:08:27AM +0200, Johannes Schauer wrote:
> Though I am surprised that the reproducible builds machinery didn't catch this
> at all. It seems that sbuild is still marked as reproducible:
> 
> https://tests.reproducible-builds.org/rb-pkg/unstable/amd64/sbuild.html
> 
> Is there something wrong with how $HOME is set in the reproducible builds
> pbuilder?

It wasn't varied, indeed.  Now it is, and sbuild is not reproducible
anymore:
https://tests.reproducible-builds.org/rb-pkg/unstable/armhf/sbuild.html


Thanks for bringing this up.

-- 
regards,
                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
more about me:  https://mapreri.org                             : :'  :
Launchpad user: https://launchpad.net/~mapreri                  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-

[signature.asc (application/pgp-signature, inline)]

Message #20 received at 825991@bugs.debian.org (full text, mbox, reply):

From: Johannes Schauer <josch@debian.org>

To: 825991@bugs.debian.org

Cc: reproducible-builds@lists.alioth.debian.org, "Aurelien Jarno" <aurel32@debian.org>

Subject: Re: [Reproducible-builds] [buildd-tools-devel] Bug#825991: Bug#825991: sbuild: /etc/sbuild/sbuild.conf leaks the user home path

Date: Wed, 01 Jun 2016 11:59:29 +0200

[Message part 1 (text/plain, inline)]

Quoting Mattia Rizzolo (2016-06-01 11:55:31)
> On Wed, Jun 01, 2016 at 11:08:27AM +0200, Johannes Schauer wrote:
> > Though I am surprised that the reproducible builds machinery didn't catch this
> > at all. It seems that sbuild is still marked as reproducible:
> > 
> > https://tests.reproducible-builds.org/rb-pkg/unstable/amd64/sbuild.html
> > 
> > Is there something wrong with how $HOME is set in the reproducible builds
> > pbuilder?
> 
> It wasn't varied, indeed.  Now it is, and sbuild is not reproducible
> anymore:
> https://tests.reproducible-builds.org/rb-pkg/unstable/armhf/sbuild.html

cool! Now I can fix a few other similar cases as well! :)

> Thanks for bringing this up.

Thanks for fixing it!

cheers, josch

[signature.asc (application/pgp-signature, inline)]

Message #27 received at 825991-close@bugs.debian.org (full text, mbox, reply):

From: Johannes Schauer <josch@debian.org>

To: 825991-close@bugs.debian.org

Subject: Bug#825991: fixed in sbuild 0.70.0-1

Date: Wed, 03 Aug 2016 10:08:10 +0000

Source: sbuild
Source-Version: 0.70.0-1

We believe that the bug you reported is fixed in the latest version of
sbuild, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 825991@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Johannes Schauer <josch@debian.org> (supplier of updated sbuild package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 03 Aug 2016 10:58:48 +0200
Source: sbuild
Binary: libsbuild-perl sbuild buildd
Architecture: source
Version: 0.70.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian buildd-tools Developers <buildd-tools-devel@lists.alioth.debian.org>
Changed-By: Johannes Schauer <josch@debian.org>
Description:
 buildd     - Daemon for automatically building Debian binary packages from Deb
 libsbuild-perl - Tool for building Debian binary packages from Debian sources
 sbuild     - Tool for building Debian binary packages from Debian sources
Closes: 792037 800593 812361 813895 823993 824165 824582 824935 825359 825991 826847 826957 831063 831462
Changes:
 sbuild (0.70.0-1) unstable; urgency=medium
 .
   * new upstream version
     - Fix reproducibility issue by not writing the $HOME as set during the
       build into config files and man pages anymore (closes: #825991)
     - Add an EXAMPLE section to the sbuild man page (closes: #824582)
     - sbuild-createchroot now has support for SUITE-VARIANT chroot names. This
       is useful to create variants of base suits like jessie-backports or
       unstable-experimental. (closes: #826957)
     - sbuild-createchroot now has the --no-deb-src option which allows one to
       create a chroot without a deb-src entry in its sources.list. This is
       useful to save bandwidth and disk space for chroots that will never be
       used to download source packages as the source indices do not have to
       downloaded, stored and later updated from the mirrors. (closes: #826847)
     - sbuild-createchroot now has the --alias option which is useful to add a
       shorthand alias to a chroot which will be used for chroot selection. This
       is for example useful for a Debian unstable chroot which will be
       automatically selected for package builds that have UNRELEASED in their
       debian/changelog, if the UNRELEASED alias is added to the Debian unstable
       chroot. (closes: #800593)
     - suild-createchroot now has the --extra-repository which works like the
       --extra-repository option for sbuild and permanently adds another line to
       the chroot's sources.list.
     - Private/public key pairs are now stored in armored ASCII format to
       maintain compatibility between different gpg versions on the host and
       within the chroot. Re-running `sbuild-update --keygen` will create the
       new key types.
     - Chroots can now have gpg >= 2.x installed as sbuild will properly clean
       up any remaining gpg-agent processes and "apt-key add" is not used
       anymore (it will leave a gpg-agent process around that cannot properly
       be killed).
     - Add the --source-only-changes option which will create a .changes file
       suitable for a source-only upload alongside the normal binary .changes
       file. (closes: #812361)
     - Do not install debfoster by default in sbuild-createchroot to keep the
       build chroot as minimal as possible. Users that use debfoster can use the
       --include option of sbuild-createchroot.
     - Drop requirement for gpg inside the chroot as external archive keys are
       now processed without gpg and signing of the internal repository is
       entirely optional with helpful warning and error messages in case
       signing failed. (closes: #831462)
     - Allow running autopkgtest after a successful build in the same manner
       that piuparts can be run after a successful build. (closes: #824935)
     - fix uninitialized value problem in loop (closes: #823993)
     - Fix typo in APT::Get::AllowUnauthenticated config setting
       (closes: #824165)
     - Add up correct size when looping over files (closes: #825359)
     - Make sure printed timestamps are in C locale, in UTC and in standard
       formats (closes: #813895)
     - Move addition of extra repositories from the creation of the dummy build
       dependency repository to the initial setup (closes: #792037)
     - Fix execution of man (closes: #831063)
   * Remove patches
     0001-lib-Sbuild-ResolverBase.pm-do-not-produce-non-error-.patch and
     0001-bin-sbuild-createchroot-fix-chown-chmod-error-checks.patch as they
     were merged upstream.
Checksums-Sha1:
 b5047115d16e186360b949f566cd1b33f3decf37 2353 sbuild_0.70.0-1.dsc
 ec8c6196e98789143827e4762d8175ca66eba434 630317 sbuild_0.70.0.orig.tar.gz
 8f7c17c8a5fe1f8dca80abcb52787f3fb4744fe7 54324 sbuild_0.70.0-1.debian.tar.xz
Checksums-Sha256:
 dd70822b01dad9fd764498ad5ea5b5760069311c15c2c014f15751643a9e4b66 2353 sbuild_0.70.0-1.dsc
 813877e1d7a2c73eaa7b0a1dcc0afe7719ea91975fe7a6bb2d6656cfec260981 630317 sbuild_0.70.0.orig.tar.gz
 a22135925a5d7a2881b24e76a8e4bb57d418a94bf509f208e5963b605da1b82d 54324 sbuild_0.70.0-1.debian.tar.xz
Files:
 d1106cb4372bb5df71bdba2f8db2b2b2 2353 devel extra sbuild_0.70.0-1.dsc
 a88eb6118f60453995f93eb365c23fa8 630317 devel extra sbuild_0.70.0.orig.tar.gz
 8e6ea7e11ec15f4a101489c9316af62c 54324 devel extra sbuild_0.70.0-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXobMmAAoJEPLLpcePvYPhavEP/2Dfdf5dDU9h7BVIL8gibhpQ
lja9AsYgpAOa1zgIwCN9+YDwy+DWpWiAEN/nu9Qz8y255+w3YuQ4gcx8r9kWyNf2
/Em8SNpBApB1nOyoL6aeViCoHcu5r0sqWoA1t6yUijWmtGO2/N2qHZ9hu/IOskEm
ADVsFDKmPryJxISPLDMPelYjMYnKMJbAWWdXtlk+2gQw95BGS/WDNv31bKZ4MSeJ
MmxAOE5H8ADj5npRs2Rcos2Cg8FdM8Vds4utz/PAsHlG6dCQmRrq9ARLkXtVbyRo
EmQRH4XV6JkcWO8/XTGZG76BdcK9exk/H8ynrKVFXC12A/qFvggdHaDcIt6buzqJ
xE1AR3JO8Uu2CoxFzpi8IGZDMd+Yl2MrgrSpcVYSQXwuDtlxb1FYf1Ypz285BtdO
8VF+la62q5u/7o2Fn60RkUn30zefJu/v5dt0hTTEIX8xgpJwmkm+RHVMHhCVBLIh
uDXXLsU9SqqyH422J5SS50bxChTtDOTZCqEMVFVL4ASTWRliWdo+e7bPKr0jcT29
gYyD0uOir0aA29oAVBxsI9ZXBmiUMzmdSWV6fr9oBAIgrgmPVRGdP6EAAhpyU90S
J1yTsqkc9imTvdRZUSluVIn/yAaUEv688MGtn6nfII6KlDb4qTtTgaqHPiEmFv/I
ieuDo5/OEHFbDZ+9nJ8D
=me9f
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.