Bug#566879: [buildd-tools-devel] Bug#566879: dchroot: does not work as root

Tue, 26 Jan 2010 03:52:45 -0800 

On Tue, Jan 26, 2010 at 01:35:50AM +0100, Aurelien Jarno wrote:
> On Tue, Jan 26, 2010 at 12:22:29AM +0000, Roger Leigh wrote:
> > On Mon, Jan 25, 2010 at 07:44:05PM +0100, Aurelien Jarno wrote:
> > > Package: dchroot
> > > Version: 1.4.0-1
> > > Severity: important
> > > 
> > > Since the upgrade of dchroot to version 1.4.0-1, it doesn't work as root
> > > anymore:
> > > 
> > > | # dchroot
> > > | E: Authentication failed: Operation not supported
> > > | #
> > > 
> > > dchroot still works as a user, and schroot still works for both modes.
> > 
> > Were you previously using DSA dchroot or dchroot provided by schroot?
> > If you were using DSA dchroot, have you tried the dchroot-dsa package?
> > If you were using DSA dchroot, have you tried the dchroot-dsa package?
> > [dchroot.conf format and command-line syntax differ slightly]
> 
> I am using dchroot from the schroot source package.
> 
> > There have been no dchroot changes TTBOMK since the previous stable
> > 1.2.x releases (it's just an schroot API wrapper).
> 
> 1.2.x works fine with the same configuration.
> 
> > I'll take a look as soon as I have some free time.  If you also use
> > schroot, could you possibly try renaming dchroot.conf temporarily
> > and dchroot should then use schroot.conf instead.  Does this now
> > work correctly?  [If you don't have a schroot.conf, 'dchroot --config'
> > will generate one for you]
> 
> I don't have dchroot.conf, I am using schroot.conf for both schroot and
> dchroot.

Does the same occur if you run schroot as root?

Could you please try running with '-v --debug=notice' and let me
have the log?  This should hopefully narrow down the cause.  If
you have gdb and schroot-debug installed, you could run it in gdb
with 'catch throw' and then get a backtrace which should identify
exactly where it's failing.

I think it's in sbuild::auth_null::authenticate:

    case STATUS_USER:
      throw error(AUTHENTICATION, strerror(ENOTSUP));
      break;

but it would be useful to see the call site.  dchroot uses a null
authentication handler which doesn't allow user switching.  It may
need a special case to handle root, but this should already be being
handled by the higher-level session code which skips authentication
for root (the handler shouldn't be being called in this manner, which
is why it's unsupported and throwing the exception).


Thanks,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.

Attachment: signature.asc
Description: Digital signature

Reply via email to