Bug#969084: buildd.d.o: please don't use a tainted buildenv
Aurelien Jarno
aurelien at aurel32.net
Wed Sep 9 14:58:18 BST 2020
On 2020-09-09 11:01, Aurelien Jarno wrote:
> Hi,
>
> On 2020-09-09 08:33, Holger Levsen wrote:
> > control: tags -1 patch
> >
> > On Sat, Sep 05, 2020 at 11:11:22AM +0200, Mattia Rizzolo wrote:
> > > https://tracker.debian.org/pkg/policy-rcd-declarative
> > > is a good solution to this: install that package, then instead of
> > > dropping that file into /usr/local/sbin/policy-rc.d, do
> > > echo ".* .* deny" > /etc/service-policy.d/00-buildd-deny-all
>
> Thanks a lot Mattia for the solution. It's just a pitty that this
> package is not in (old)stable, so that we need to special case the way
> we create the chroots.
>
> > > That turns a non-dpkg tracked binary into a non-dpkg tracked conffile,
> > > which I suppose it's a good compromise.
> >
> > awesome find, Mattia, thank you. I dare to tag this bug 'patch' now.
>
> Well I would say that we have a solution but not yet the patch, but
> anyway I'll plan to work on writing a patch in the next days.
>
I have just pushed:
https://salsa.debian.org/dsa-team/mirror/dsa-puppet/-/commit/abacce72bdc2417961cab2704ef3881f6d15d654
That should be effective the next time the chroots are regenerated
(tonight).
Aurelien
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
aurelien at aurel32.net http://www.aurel32.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/reproducible-builds/attachments/20200909/81a7f1bc/attachment.sig>
More information about the Reproducible-builds
mailing list