Hi,
]] Jochen Sprickerhof > * Tollef Fog Heen <tfh...@err.no> [2025-03-03 06:20]: >>This sounds like a bug in sbuild – it must reset the value of TMP/TMPDIR >>when changing UIDs. > > I tend to disagree here. sbuild is not changing to a different user > but to a different UID of the same user. How does this work with other resources that are linked to that particular user, whether ephemereal or not? Say, do they share the systemd --user instance, ssh or gpg agents? What about $HOME, or /run/user/$UID? Does sbuilt open a new PAM session when switching to a subuid? (If not, why not?) Is there an in-depth description of what subuids really are somewhere? A quick search on the net did not find a design doc or explanation of tradeoffs around the questions asked above. > So resetting TMPDIR would mean that sbuild would not respect any > TMPDIR and I think that would be wrong. Instead I see two options: > > 1. sbuild sets acls such that subuids have access to the TMPDIR. Does it need to share files between different subuids? > I think both options are rather suboptimal and there are more tools > running into the same problem, like mmdebstrap in #1052471. So instead > of patching every tool to work around the specifics of libpam-tmpdir I > would prefer if libpam-tmpdir would learn about subuids. I think it's uncovering latent bugs in software. A bit like what non-mainstream architectures tend to help with. Regards, -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are
