[pacman-dev] RootDir using symlinks -> problem

Xavier shiningxc at gmail.com
Thu Oct 4 16:37:36 EDT 2007 

On Sat, Sep 29, 2007 at 05:36:56PM +0200, Xavier wrote:
> I use the following options for using an alternate rootdir and testing stuff:
> RootDir     = /home/xav/pacman/pacman/foo
> DBPath      = /home/xav/pacman/pacman/foo/var/lib/pacman
> CacheDir    = /home/xav/pacman/pacman/foo/var/cache/pacman/pkg
> 
> with the following symlink :
> /home/xav/pacman -> /data/share/devel/pacman/
> 
> Running pacman -v with this config gives the following :
> Root      : /data/share/devel/pacman/pacman/foo/
> DB Path   : /home/xav/pacman/pacman/foo/var/lib/pacman/
> 
> This makes the scriptlets handling in libalpm/trans.c break :
> 570     strncpy(scriptfn, installfn, PATH_MAX);
> 571     /* chop off the root so we can find the tmpdir in the chroot */
> 572     scriptpath = scriptfn + strlen(root) - 1;
> 
> Because for example: 
> scriptfn = /home/xav/pacman/pacman/foo/var/lib/pacman/local/slocate-3.1-3/install
> root = /data/share/devel/pacman/pacman/foo/
> so scriptpath result in /pacman/local/slocate-3.1-3/install, instead of
> /var/lib/pacman/local/slocate-3.1-3/install

Actually, there is a bigger issue here.

This code assumes that DBPath depends on RootDir, while this is not the case
anymore.

So probably the install scriptlet needs to be put somewhere under RootDir,
maybe somewhere under RootDir/tmp/, like the others.
So that when we chroot in RootDir, it's still available inside the chroot.
Would this be the correct solution?


The second problem with this chroot is that it requires root access.
So the RootDir check here is wrong for a common -U / -S operation :

778   if(myuid > 0 && !strcmp(alpm_option_get_root(), "/") && needs_transaction()) {
779     /* special case: ignore root user check if -r is specified, fall back on
780      * normal FS checking */

If one try to install stuff in an alternate root dir as user, pacman will silently fail to run the scriptlets,
because it can't chroot. So don't you think this check should just be removed?

Anyway, the scriptlets won't be able to run at all until a base system is installed.. But that's another problem :
http://www.archlinux.org/pipermail/pacman-dev/2007-August/009148.html

More information about the pacman-dev mailing list