Matthias Klose:
On 14.12.24 13:33, Niels Thykier wrote:
Package: gcc-14-cross
Version: 7
Severity: important
X-Debbugs-Cc: ni...@thykier.net
User: ni...@thykier.net
Usertags: rrr-no-as-default-issue
Dear maintainer,
While reviewing packages for potential issues with `Rules-Requires-
Root: no` as default, this package was deemed at risk of having an
issue. However, when rebuild on the testing infrastructure it FTBFS
for an unrelated reason.
The concern when manually reviewing the package is that this package
uses `dpkg-deb -b` inside its `debian/rules` without `--root-group-
owner`. This means it will either silently misbuild (having non-root
ownership) or FTBFS (if there is a chown call somewhere).
Please review how the package behaves with `Rules-Requires-Root: no`
and patch it to support `Rules-Requires-Root: no` if possible.
Otherwise, please set `Rules-Requires-Root: binary-targets` instead.
this is not something I intend to address for trixie, and from my point
of view such changes don't belong in the distro around two months before
a freeze.
does this mean, that adding --root-owner-group to the dpkg-deb calls
will also address this issue?
Matthias
Yes, in your case, a blind `--root-owner-group` to `dpkg-deb -b` calls
will solve the issue. It is available with dpkg/1.19 and later (not sure
how far back your support requirement goes for this package)
You can verify the result is correct by adding `Rules-Requires-Root: no`
to the source stanza of d/control and then check the resulting `deb`
files for paths owned by non-root (lintian has a check that catches it
as well).
An alternative is to keep `debian/rules` as-is and then add
`Rules-Requires-Root: binary-targets` to the source stanza. Then the
packaging will use the current status quo. This is side-steps any change
of regressions or problems.
Best regards,
Niels
