From nobody Sat Jan 13 02:17:48 2024
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TBhrg06H4z56w5q
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Sat, 13 Jan 2024 02:17:55 +0000 (UTC)
	(envelope-from leres@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TBhrf6Xjrz40sb
	for <freebsd-hackers@freebsd.org>; Sat, 13 Jan 2024 02:17:54 +0000 (UTC)
	(envelope-from leres@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1705112274;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=g31SPBOwePLupGx6cFpfB/l76H6DXDJ0VRi6E1/3Fo8=;
	b=yKOk8lX9y6i1EHKTvbAisqxjIQfyXrOQVDXDJm4T5GFDSgl1ALFIjBgLQlkCU4wSrF+E2/
	XwecGEXUwSvHj9GgCYC7kKeYdGG1aZLxNZ29cCPc9PUrIlKa+okw+QOTfkGZVNMbenFE9y
	HTjoibtQ2UWkWOXrl53H+wadu0G7U4TvFN59cx6D1JagzNdzfLY82iTaBwOU51jB0f3Mn/
	s8O3GnekdKUn81a4KL42H7Hqv+yOE485vjp5dfKuSUCEm4K0EPEHbhLD5hmO+stW+bHZzi
	UyFIdifjNrw1mmoONYzjCIOPIK7pI3r7RUZ0W/Z/DINZaPCHZtGuENwS3izpKw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1705112274;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=g31SPBOwePLupGx6cFpfB/l76H6DXDJ0VRi6E1/3Fo8=;
	b=HBHwwsTaDvkMLLs6dXLDOeNuT6yD6lWNNyeFKBo80Ptg+ipbR91sesUFUT6iqVyvbcKuS2
	xoAxiHVu6b5BzVx9XXLcGR4FSGynQF/YBnXin4VbTh2SM0HsUld31RH0paDgPbAmIYk6wY
	Q8FM5KgGPxguZ9zuKEvAUhmxx4qZKpheYOekRr6nzRJVnXAnX5K98ZVIMtH9/2pwubvI4z
	OaHV6CmyRt1QDPL+/wRCZMaO1O4gqfNphCFPQ4E+aOBz57Q7K3EYw+Eakp7zfbwBrrZyPN
	MccFKPbXumXuern5ET2bn+1BkXElW11HD4sJmehYdTK3flzVOEc+sAi8eBhWiw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705112274; a=rsa-sha256; cv=none;
	b=euYAI35ZrNR5Kzg9jtlM0lZx+iV6UkJjhIUwL3bJfMPNtzIxhpezxw7eOPF6JtijtQvn/W
	gWCkd5ACQyJhv7DZyCnMRDvBnzONppu4oDZqcBsDxllD06GfLiSKwLO2vrJ7zBukGko0Qb
	U7dV2xZ7y2Og3A0QbwzL+YazDOCfhMoejMDrBp3Ueu8/Kgv7eUbZZHnqAk/JGvYlaovIQz
	CDFao1ShU/QCcQ7ABs2fX4UlITyD2afTZ118XxCi6qjIpkzncSiEjzR5qdo8u/fCUZuLez
	5sBE4bCqpR1Jg+eT93tiqpNvUbB8qq++Cd1sq+JK5wKYjP47LVDtnmZdKjJgVQ==
Received: from [IPV6:fd:1965::2] (unknown [IPv6:2600:1700:ab1b:6800:2e0:edff:fece:8f27])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: leres)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4TBhrd6SnJz1Jlm
	for <freebsd-hackers@freebsd.org>; Sat, 13 Jan 2024 02:17:53 +0000 (UTC)
	(envelope-from leres@freebsd.org)
Message-ID: <c1a8b664-317d-446d-b2f7-9ee7511dcff9@freebsd.org>
Date: Fri, 12 Jan 2024 18:17:48 -0800
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@freebsd.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: poudriere 3.4.0 regression: -i runs as NON_ROOT user
Content-Language: en-US
To: freebsd-hackers@freebsd.org
References: <bbd3b92d-40f3-41f6-a802-001610b35c8b@freebsd.org>
 <ZaGC8pOtQ-cQV05A@ircbsd.lifeofadishwasher.com>
From: Craig Leres <leres@freebsd.org>
In-Reply-To: <ZaGC8pOtQ-cQV05A@ircbsd.lifeofadishwasher.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

On 1/12/24 10:20, Derek Schrock wrote:
> You can `su -l` as nobody in the jail to get to root too.

Helpful, thanks!

 >                                                            Still extra
> but I do believe it is executed that interactive is started as non-root
> when building as non-root.

If this change is documented somewhere I haven't seen it. And if if this 
is the desired behavior, there's still something not quite right as UID 
is set to 0 which breaks things. I *think* poudriere is setting it 
because bsd.port.mk appears to set it to .MAKE.UID if it's not already 
defined (and .MAKE.UID is set correctly).

		Craig

zinc 143 # poudriere bulk -i -C -j 13release -p current-patched 
ports-mgmt/pkg
[00:00:00] Creating the reference jail... done
[...]
[00:01:18] Entering interactive test mode. Type 'exit' when done.
nobody@zinc:/usr/ports/ports-mgmt/pkg % whoami
nobody
nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V UID
0
nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V  .MAKE.UID
65534