Re: poudriere 3.4.0 regression: -i runs as NON_ROOT user
Date: Sun, 14 Jan 2024 22:07:17 UTC
On Sun, 14 Jan 2024 13:31:57 -0800
Craig Leres <leres@freebsd.org> wrote:
> On 1/12/24 22:17, Derek Schrock wrote:
> > It seems like you have PORTBUILD_UID set in poudriere.conf? UID is just
> > id -u and pw useradd command uses that var. But it's 65534 for me (the
> > default) I'm using -devel though.
>
> Nope:
>
> zinc 363 # fgrep PORTBUILD_UID /usr/local/etc/poudriere.conf
> # Default: nobody (uid PORTBUILD_UID)
> #PORTBUILD_UID=65534
>
> But I find it interesting that poudriere.conf.sample says the default
> user/gid is nobody/65534 but when I poudriere bulk (non interactively)
> the jobs run as root!
>
> On 1/12/24 23:49, Gleb Popov wrote:
> > Now you mentioned that, I wonder if this change will fix the problem
> > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276259
>
> My testing shows it does not fix the problem. I think that even as
> poudriere is creating the -i shell as user nobody it also defines UID to
> 0 in make. So this change:
>
> +UID?= ${.MAKE.UID}
>
> has no effect.
>
> It seems poudriere intends to run as a non-root user now. But what I see
> happening is that it runs as root for non-interactive bulk builds and as
> nobody for interactive. And either way UID is defined in make as 0. Even
> when make itself knows it's running with UID 65534.
>
> Craig
>
> [with the patch from 276259 applied]
> zinc 188 # poudriere bulk -i -j 13release -p current ports-mgmt/pkg
> [...]
> nobody@zinc:/usr/ports/ports-mgmt/pkg % whoami
> nobody
> nobody@zinc:/usr/ports/ports-mgmt/pkg % cd /usr/ports/ports-mgmt/pkg
> nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V UID
> 0
> nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V .MAKE.UID
> 65534
IIRC, poudriere[-devel] ran as nobody (65534) initially, but it started
running as root (0) when I started using ccache.
--
Tomoaki AOKI <junchoon@dec.sakura.ne.jp>