Re: poudriere 3.4.0 regression: -i runs as NON_ROOT user

From: Craig Leres <leres_at_freebsd.org>
Date: Sun, 14 Jan 2024 21:31:57 UTC
On 1/12/24 22:17, Derek Schrock wrote:
> It seems like you have PORTBUILD_UID set in poudriere.conf? UID is just
> id -u and pw useradd command uses that var.  But it's 65534 for me (the
> default) I'm using -devel though.

Nope:

     zinc 363 # fgrep PORTBUILD_UID /usr/local/etc/poudriere.conf
     # Default: nobody (uid PORTBUILD_UID)
     #PORTBUILD_UID=65534

But I find it interesting that poudriere.conf.sample says the default 
user/gid is nobody/65534 but when I poudriere bulk (non interactively) 
the jobs run as root!

On 1/12/24 23:49, Gleb Popov wrote:
 > Now you mentioned that, I wonder if this change will fix the problem
 > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276259

My testing shows it does not fix the problem. I think that even as 
poudriere is creating the -i shell as user nobody it also defines UID to 
0 in make. So this change:

     +UID?=  ${.MAKE.UID}

has no effect.

It seems poudriere intends to run as a non-root user now. But what I see 
happening is that it runs as root for non-interactive bulk builds and as 
nobody for interactive. And either way UID is defined in make as 0. Even 
when make itself knows it's running with UID 65534.

		Craig

[with the patch from 276259 applied]
zinc 188 # poudriere bulk -i -j 13release -p current ports-mgmt/pkg
[...]
nobody@zinc:/usr/ports/ports-mgmt/pkg % whoami
nobody
nobody@zinc:/usr/ports/ports-mgmt/pkg % cd /usr/ports/ports-mgmt/pkg
nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V UID
0
nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V .MAKE.UID
65534