For the record.
On Sat, Apr 13, 2019 at 11:29:47AM +0400, Jerome BENOIT wrote:on my box I put special access for _apt. Now I would like to create some pbuilder ball. But the creation process is getting stick because _apt is set with an arbitrary UID. What is the best way, if we can, to set this arbitrary UID for _apt to the one used in my firewall ?
At the time of writing, _apt is actually not set to an arbitrary UID. Indeed the file /usr/share/base-passwd/passwd.master appears to be used during the boost time: so in pbuilder environment _apt has a UID equals to 42. Incorporating this value in my firewall resolves the issue.
These are the options in my mind: * set APT::Sandbox::User to "root", and give up on sandboxing * add a hook to create a system user with the uid that you like, and set APT::Sandbox::User to that special user * add a hook to change the uid of the _apt user to the uid you want
I opted for the last approach. It had worked fine until my upgrade to Trixie. This is because the hook uses tools provided by the package `passwd' and it appears that this package is (no ?) not among the boosted packages in Trixie. (and that I could not get EXTRAPACKAGES to work).
In pbuilder, hooks G are the ones that should be used for this job, to tweak the chroot right after debootstrap during its creation. For the first case, you can just inject that option through APTGETOPT (in the other cases, it's probably a good idea to add a file in the chroot's /etc/apt/apt.conf.d/; see also APTCONFDIR). -- regards,
Best wishes, Jerome
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
Jerome BENOIT | calculus+at-rezozer^dot*net https://qa.debian.org/[email protected] AE28 AE15 710D FF1D 87E5 A762 3F92 19A6 7F36 C68B
OpenPGP_signature.asc
Description: OpenPGP digital signature
