We should do shadow-utils (e.g. useradd) with `--root`, not `--prefix`
praiskup opened this issue · 4 comments
praiskup commented
But it currently fails with a weird error:
$ sudo dnf-3 diff mock
Updating Subscription Management repositories.
Last metadata expiration check: 1:25:41 ago on Pá 12. ledna 2024, 15:23:00.
Binary files ./usr/lib/python3.12/site-packages/mockbuild/__pycache__/config.cpython-312.pyc and /usr/lib/python3.12/site-packages/mockbuild/__pycache__/config.cpython-312.pyc differ
Binary files ./usr/lib/python3.12/site-packages/mockbuild/__pycache__/shadow_utils.cpython-312.pyc and /usr/lib/python3.12/site-packages/mockbuild/__pycache__/shadow_utils.cpython-312.pyc differ
--- /usr/lib/python3.12/site-packages/mockbuild/config.py 2023-12-13 01:00:00.000000000 +0100
+++ /usr/lib/python3.12/site-packages/mockbuild/config.py 2024-01-12 15:58:14.890989945 +0100
@@ -313,7 +313,7 @@
config_opts['dnf_command'] = '/usr/bin/dnf-3'
config_opts['system_dnf_command'] = '/usr/bin/dnf-3'
config_opts['dnf_common_opts'] = ['--setopt=deltarpm=False', '--setopt=allow_vendor_change=yes', '--allowerasing']
- config_opts['dnf_install_command'] = 'install python3-dnf python3-dnf-plugins-core'
+ config_opts['dnf_install_command'] = 'install python3-dnf python3-dnf-plugins-core strace'
config_opts['dnf_disable_plugins'] = ['local', 'spacewalk', 'versionlock']
config_opts["dnf_avoid_opts"] = {}
--- /usr/lib/python3.12/site-packages/mockbuild/shadow_utils.py 2023-12-13 01:00:00.000000000 +0100
+++ /usr/lib/python3.12/site-packages/mockbuild/shadow_utils.py 2024-01-12 16:48:35.631059155 +0100
@@ -16,7 +16,7 @@
@property
def _chroot_opts(self):
- return ["--prefix", self.root.make_chroot_path()]
+ return ["--root", self.root.make_chroot_path()]
def _execute_command(self, command, can_fail=False):
with self.root.uid_manager.elevated_privileges():
@@ -42,7 +42,7 @@
"""
Create group in self.root (/etc/group modified)
"""
- command = ["groupadd", groupname]
+ command = ["strace", "groupadd", groupname]
if gid is not None:
command += ["-g", str(gid)]
self._execute_command(command)The failure looks like (filtered):
DEBUG: openat(AT_FDCWD, "/etc/group-", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 7
DEBUG: umask(002) = 0777
DEBUG: fchown(7, 0, 0) = 0
DEBUG: fchmod(7, 0644) = 0
DEBUG: newfstatat(7, "", {st_mode=S_IFREG|0644, st_size=0, ...}, AT_EMPTY_PATH) = 0
DEBUG: write(7, "root:x:0:\nbin:x:1:\ndaemon:x:2:\ns"..., 290) = 290
DEBUG: fsync(7) = 0
DEBUG: close(7) = 0
DEBUG: utimensat(AT_FDCWD, "/etc/group-", [{tv_sec=1705072132, tv_nsec=0} /* 2024-01-12T16:08:52+0100 */, {tv_sec=1705072132, tv_nsec=0} /* 2024-01-12T16:08:52+0100 */], 0) = 0
...
DEBUG: futex(0x7fb58fc12500, FUTEX_WAKE_PRIVATE, 2147483647) = 0
DEBUG: openat(AT_FDCWD, "/proc/thread-self/attr/fscreate", O_RDWR|O_CLOEXEC) = -1 ENOENT (No such file or directory)
DEBUG: gettid() = 2838902
DEBUG: openat(AT_FDCWD, "/proc/self/task/2838902/attr/fscreate", O_RDWR|O_CLOEXEC) = -1 ENOENT (No such file or directory)
DEBUG: openat(AT_FDCWD, "/sys/fs/selinux/enforce", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
DEBUG: openat(AT_FDCWD, "/usr/share/locale/C.UTF-8/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
DEBUG: openat(AT_FDCWD, "/usr/share/locale/C.utf8/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
DEBUG: openat(AT_FDCWD, "/usr/share/locale/C/LC_MESSAGES/shadow.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
DEBUG: write(2, "groupadd: failure while writing "..., 54groupadd: failure while writing changes to /etc/group
DEBUG: ) = 54
This needs a bit more closer observation, and report against shadow-utils project.
praiskup commented
Work-around patch prepared (opened PR). We are just waiting till the shadow-utils/libselinux upstreams tell us what's the best way forward.
ikerexxe commented
What do you mean by workaround?