Hi Daniel, On Thu, Jul 21, 2011 at 5:13 AM, Daniel Baumann < daniel.baum...@progress-technologies.net> wrote:
> On 07/19/2011 10:16 PM, Cody A.W. Somerville wrote: > > Please accept attached patch to remove calls to chown chroot and > > binary directories during build process if LB_ROOT_COMMAND is set as > > chown will strip the setsuid bit (which breaks a lot of stuff > > naturally). > > there are two sort of independent issues here, one is changing ownership > of binary, and the other is changing it for chroot. > > for binary, i don't see why in the case of using sudo (!= running lb > with sudo), it would work without setting (temporarily) the ownership of > binary recursively to the user (in order to be able to execute hooks > etc). the argument of loosing setuid/setgid bits does not really apply > for binary anyway. is there anything else that breaks, for binary, that > i didn't though of? > If the chroot filesystem type is plain then recursively chowning the binary directory will cause the same problems. > for chroot, i tried to find out why we did it in the first place, as > it's really rather intrusive to do it (even if the setuid/setgid bits > would not be stripped). it looks like this was introduced in 1.0~a7-1, > but i couldn't find any more information from the git commit, nor the > changelog, nor the referenced bug reports for that version. therefore, i > think we should remove those chown calls. > Agreed. Cheers, -- Cody A.W. Somerville Release Engineer Foundations Team Custom Engineering Solutions Group Canonical OEM Services Phone: +1 781 850 2087 Cell: +1 613 401 5141 Fax: +1 613 687 7368 Email: cody.somervi...@canonical.com