Hi Daniel,

On Thu, Jul 21, 2011 at 5:13 AM, Daniel Baumann <
daniel.baum...@progress-technologies.net> wrote:

> On 07/19/2011 10:16 PM, Cody A.W. Somerville wrote:
> > Please accept attached patch to remove calls to chown chroot and
> > binary directories during build process if LB_ROOT_COMMAND is set as
> > chown will strip the setsuid bit (which breaks a lot of stuff
> > naturally).
>
> there are two sort of independent issues here, one is changing ownership
> of binary, and the other is changing it for chroot.
>
> for binary, i don't see why in the case of using sudo (!= running lb
> with sudo), it would work without setting (temporarily) the ownership of
> binary recursively to the user (in order to be able to execute hooks
> etc). the argument of loosing setuid/setgid bits does not really apply
> for binary anyway. is there anything else that breaks, for binary, that
> i didn't though of?
>

If the chroot filesystem type is plain then recursively chowning the binary
directory will cause the same problems.


> for chroot, i tried to find out why we did it in the first place, as
> it's really rather intrusive to do it (even if the setuid/setgid bits
> would not be stripped). it looks like this was introduced in 1.0~a7-1,
> but i couldn't find any more information from the git commit, nor the
> changelog, nor the referenced bug reports for that version. therefore, i
> think we should remove those chown calls.
>

Agreed.

Cheers,

-- 
Cody A.W. Somerville
Release Engineer
Foundations Team
Custom Engineering Solutions Group
Canonical OEM Services
Phone: +1 781 850 2087
Cell: +1 613 401 5141
Fax: +1 613 687 7368
Email: cody.somervi...@canonical.com

Reply via email to