Bug#996542: Post install fails when run as non-root user and does not respect PKG_ROOT

Johannes Schauer Marin Rodrigues josch at debian.org
Fri Oct 15 19:24:12 BST 2021 

Hi Michael & Glenn,

On Fri, 15 Oct 2021 12:26:38 +0200 Michael Biebl <biebl at debian.org> wrote:
> Am 15.10.21 um 11:14 schrieb Michael Biebl:
> > Am 15.10.21 um 07:53 schrieb Glenn Washburn:
> >> Probably the easiest solution would be to exit early from the post install
> >> if the current user is not root. There's probably a more subtle fix that
> >> preserves more functionality (eg. maybe updating the hwdb in PKG_ROOT?),
> >> what ever gets the post install to not fail in this scenario works for me.
> > 
> > Package installations need to be done as root.
> > I don't think the package would benefit if we'd litter the maintainer 
> > scripts with id checks.
> > 
> > Please elobare what the use case is here?
> 
> I notice that you filed multiple bugs against various packages [1].
> I don't think this is particularly helpful as long as dpkg doesn't 
> officially support installations as non-root.
> 
> If you want to allow non-root installations, then this needs to be 
> discussed with the dpkg maintainer and ideally on debian-devel.
> While this might be a laudable goal, my guess is that with the way packages
> are built today, this is not (easily) possible.

Helmut just made me aware of this bug as well as few others by Glenn that talk
about "PKG_ROOT" and asked me to follow up on the topic. Assuming that
"PKG_ROOT" is a typo and actually "DPKG_ROOT" is meant (Glenn, could you
clarify?), then it is important to know that DPKG_ROOT is about root as in the
root path ("/") and not as in the root user. The DPKG_ROOT variable that is set
for maintainer scripts if dpkg is run with --root and
--force-script-chrootless. Helmut and I are working on making the Essential:yes
package set work with DPKG_ROOT and we have submitted patches for all source
packages that are still missing support for it and we have a salsa CI pipeline
that makes sure that our patches allow a bit-by-bit identical chroot compared
to installations without DPKG_ROOT:
https://salsa.debian.org/helmutg/dpkg-root-demo/-/jobs

While running dpkg with --root and --force-script-chrootless avoids the
chroot() call and thus, allows installing packages without the root user in
theory, the DPKG_ROOT mechanism and the avoidance of the chroot() was *not*
added to dpkg so that packages can be installed as a user other than root. The
DPKG_ROOT mechanism exists because it allows creating foreign architecture
chroots for architectures that do not have qemu support yet or for which
emulation support is too slow. So DPKG_ROOT is something that helps us with
handling chroots for foreign architectures, bootstrapping Debian as well as
using Debian in an embedded systems context.

I agree with what Michael already wrote above. Glenn, before you open bugs
against a number of packages, please explain your use-case to a wider audience.
Maybe on the debian-devel mailing list. Without more information, I don't see a
use-case of being able to install packages without being the root user. For
cases where you still want to do that, there is fakeroot and there are Linux
user namespaces. I maintain a debootstrap alternative called mmdebstrap which
allows one to create a chroot without being root that makes use of fakeroot and
unshare. So I can confirm that it is already possible to run dpkg --install
without being the root user and I currently don't see a reason why adding
support of running maintainer scripts without being uid 0 would be necessary in
practice.

Glenn, if you want to help with DPKG_ROOT, you are welcome to do so! Just write
patches and submit merge requests to the salsa repository linked above. After
your patches are tested and show that they result in a bit-by-bit identical
chroot, you can open a bug against the respective source packages with a
working patch.

Thanks!

cheers, josch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20211015/4579eafe/attachment.sig>

More information about the Pkg-systemd-maintainers mailing list