Re: poudriere 3.4.0 regression: -i runs as NON_ROOT user

From: Tomoaki AOKI <junchoon_at_dec.sakura.ne.jp>
Date: Sun, 14 Jan 2024 22:07:17 UTC
On Sun, 14 Jan 2024 13:31:57 -0800
Craig Leres <leres@freebsd.org> wrote:

> On 1/12/24 22:17, Derek Schrock wrote:
> > It seems like you have PORTBUILD_UID set in poudriere.conf? UID is just
> > id -u and pw useradd command uses that var.  But it's 65534 for me (the
> > default) I'm using -devel though.
> 
> Nope:
> 
>      zinc 363 # fgrep PORTBUILD_UID /usr/local/etc/poudriere.conf
>      # Default: nobody (uid PORTBUILD_UID)
>      #PORTBUILD_UID=65534
> 
> But I find it interesting that poudriere.conf.sample says the default 
> user/gid is nobody/65534 but when I poudriere bulk (non interactively) 
> the jobs run as root!
> 
> On 1/12/24 23:49, Gleb Popov wrote:
>  > Now you mentioned that, I wonder if this change will fix the problem
>  > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276259
> 
> My testing shows it does not fix the problem. I think that even as 
> poudriere is creating the -i shell as user nobody it also defines UID to 
> 0 in make. So this change:
> 
>      +UID?=  ${.MAKE.UID}
> 
> has no effect.
> 
> It seems poudriere intends to run as a non-root user now. But what I see 
> happening is that it runs as root for non-interactive bulk builds and as 
> nobody for interactive. And either way UID is defined in make as 0. Even 
> when make itself knows it's running with UID 65534.
> 
> 		Craig
> 
> [with the patch from 276259 applied]
> zinc 188 # poudriere bulk -i -j 13release -p current ports-mgmt/pkg
> [...]
> nobody@zinc:/usr/ports/ports-mgmt/pkg % whoami
> nobody
> nobody@zinc:/usr/ports/ports-mgmt/pkg % cd /usr/ports/ports-mgmt/pkg
> nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V UID
> 0
> nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V .MAKE.UID
> 65534

IIRC, poudriere[-devel] ran as nobody (65534) initially, but it started
running as root (0) when I started using ccache.

-- 
Tomoaki AOKI    <junchoon@dec.sakura.ne.jp>