user ni...@thykier.net usertags 1092384 rrr-no-as-default-issue thanks
On Tue, 07 Jan 2025 13:08:28 -0700 Sam Hartman <hartm...@debian.org> wrote:
>>>>> "Lucas" == Lucas Nussbaum <lu...@debian.org> writes: > install: cannot change ownership of > 'debian/krb5-admin-server/usr/sbin/krb5_newrealm': Operation not permitted It looks like this is a result of defaulting to rules-requires-root: no (was that change in your rebuild?) I think that I need to set rules-requires-root to binary-targets to deal with the setuid bit on ksu. Is that still correct?
Hi,First off, sorry I missed krb5 in the MBF for Rules-Requires-Root. I checked the build logs from then and the krb5 package failed with a tex related failure. I suspect it was an unfortunately timed regression in a build-dependency of krb5, since no krb5 upload has occurred since July and there is no FTBFS RC bug against krb5 for this tex failure.
The patch from Guillem looks promising. Given the use of debhelper, and the affected code occurs before dh_fixperms (which has no -X), then I see no path where it could misbuild. If I had been aware of krb5 in my MBF, this is most likely the patch I had provided as well. I can do a rebuild later with deb to confirm 0 delta.
That said, the simplest solution is to set `Rules-Requires-Root: binary-targets`, which will push krb5 back to the previous default. So if you are pressed for time/spoons, then pick that route and come back to Guillem's patch later. The primary goal of the MBF was to flip the default; migrating individual packages are nice but secondary.
Best regards, NielsPS: If you are pressed for Debian capacity/spoons, then I am also more than willing to fix this via an NMU. If so, let me know if you have a preference for the solution path or if you are ok with "Chef's choice".
OpenPGP_signature.asc
Description: OpenPGP digital signature
