Package: sbuild Version: 0.81.2 Severity: important Tags: upstream Dear maintainers, thanks for your hard work with this amazing tool.
We're experimenting a problem with our sbuild deployment. I'm not even sure the problem is with sbuild itself, or shcroot, or what. Anyway, let me try explaining the setup. * we have a separated virtual machine where we collectively build debian packages using sbuild. * the virtual machine uses LDAP for users with sssd as client stack, our users are defined in LDAP. * we maintain a bunch of schroots for the package builds (basically, one for each debian release) A normal operation would be: * log into the VM via SSH * go to a directory in the VM filesystem where a debian source package lives * run sbuild, usual cmdline is something like: sbuild -v -A -d bullseye --no-clean-source * the package builds normally, but in the final stage the dpkg-deb call fails I think the relevant part of the log is this: === 8< === [..] dh_gencontrol -O--buildsystem=pybuild dh_md5sums -O--buildsystem=pybuild dh_builddeb -O--buildsystem=pybuild dpkg-deb: building package 'toollabs-webservice' in '../toollabs-webservice_0.76_all.deb'. dpkg-deb: error: unable to create '../toollabs-webservice_0.76_all.deb': Permission denied dh_builddeb: error: dpkg-deb --build debian/toollabs-webservice .. returned exit code 2 dh_builddeb: error: Aborting due to earlier error make: *** [debian/rules:6: binary] Error 25 dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned exit status 2 -------------------------------------------------------------------------------- Build finished at 2021-09-10T10:04:15Z === 8< === I logged it to the schroot after this error with --build-failed-commands '%SBUILD_SHELL' to investigate a bit more, and I see this: (bullseye-amd64-sbuild)root@tools-package-builder-04:/build/toollabs-webservice-Oe7KMY# ls -la total 320 drwxr-x--- 4 aborrero sbuild 4096 Sep 10 10:09 . drwxrws--- 3 sbuild sbuild 4096 Sep 10 10:08 .. drwxr-x--- 6 aborrero sbuild 4096 Sep 10 10:08 resolver-CXim0X drwxr-xr-x 9 18194 500 4096 Sep 10 10:09 toollabs-webservice-0.76 -rw-r--r-- 1 aborrero sbuild 642 Sep 10 10:08 toollabs-webservice_0.76.dsc -rw-r--r-- 1 aborrero sbuild 307011 Sep 10 10:08 toollabs-webservice_0.76.tar.gz (bullseye-amd64-sbuild)root@tools-package-builder-04:/build/toollabs-webservice-Oe7KMY# ls -lna total 320 drwxr-x--- 4 119 123 4096 Sep 10 10:09 . drwxrws--- 3 117 123 4096 Sep 10 10:08 .. drwxr-x--- 6 119 123 4096 Sep 10 10:08 resolver-CXim0X drwxr-xr-x 9 18194 500 4096 Sep 10 10:09 toollabs-webservice-0.76 -rw-r--r-- 1 119 123 642 Sep 10 10:08 toollabs-webservice_0.76.dsc -rw-r--r-- 1 119 123 307011 Sep 10 10:08 toollabs-webservice_0.76.tar.gz (bullseye-amd64-sbuild)root@tools-package-builder-04:/build/toollabs-webservice-Oe7KMY# id 119 uid=119(aborrero) gid=123(sbuild) groups=123(sbuild) (bullseye-amd64-sbuild)root@tools-package-builder-04:/build/toollabs-webservice-Oe7KMY# grep sbuild /etc/group sbuild:x:123:aborrero Additionally, some information from outside the schroot: aborrero@tools-package-builder-04:~$ id sbuild uid=117(sbuild) gid=123(sbuild) groups=123(sbuild) aborrero@tools-package-builder-04:~$ id uid=18194(aborrero) gid=500(wikidev) groups=123(sbuild),[.. many more ..] aborrero@tools-package-builder-04:~$ grep aborrero /etc/group sbuild:x:123:aborrero aborrero@tools-package-builder-04:~$ id 119 id: ‘119’: no such user You can see there is something wrong somewhere. My user is uid 18194 outside the schroot (defined in LDAP) but inside the schroot is 119 (likely statically defined inside the schroot). It seems the mapping between the real user (from the VM, defined in LDAP) and the transient user inside the schroot is not working well. Please don't hesitate to request more information if required. regards.
