[arch-general] [PATCH] devtools: give a writable home to nobody for use in makechrootpkg

[Magnus Therning]

On 23/08/10 16:39, Gaetan Bisson wrote:
> [2010-08-23 16:46:09 +0200] Pierre Schmitz:
>> On Mon, 23 Aug 2010 11:21:20 +0200, Gaetan Bisson
>> <bisson at archlinux.org> wrote:
>>> This is to ensure $HOME is a writable directory during makechrootpkg
>>> runs. I suspect this is helpful to build various packages - in the
>>> example I have in mind (uim in [extra]), the home directory was
>>> determined by getpwuid(getuid())->pw_dir, so simply exporting a new HOME
>>> environment variable in the PKGBUILD wasn't enough.
>>
>> I would say if a build or package function tries to write file in a
>> user's home directory it should be considered broken and the PKGBUILD
>> should be fixed.
>
> I completely agree that it's broken to write to $HOME at build time.
>
> Nevertheless, when a package does that and uses getpwuid() to determine
> the home directory, there is no way that I know of to deal with this
> solely in the PKGBUILD: the source must be patched, for instance to use
> getent("HOME") rather than getpwuid(), which is, in my opinion, not as
> satisfying a fix as simply setting ~nobody to /build.
>
> That said, well, both fixes work... :)

Is this *really* bad, in fact so bad that upstream should be told about it,
since it doesn't only affect packagers?  (AFAICS the build system
provided by
upstream only works for individual users installing a personal build.)

Has this already been communicated to upstream?

/M

-- 
Magnus Therning                        (OpenPGP: 0xAB4DFBA4)
magnus＠therning．org           Jabber: magnus＠therning．org
http://therning.org/magnus         identi.ca|twitter: magthe

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20100823/f1764f4c/attachment.bin>