Your message dated Wed, 03 Oct 2018 15:34:26 +0000 with message-id <[email protected]> and subject line Bug#910006: fixed in bubblewrap 0.3.1-2 has caused the Debian Bug report #910006, regarding "basic" autopkgtest fails when bwrap is non-suid to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 910006: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910006 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: src:bubblewrap Version: 0.3.1-1 Severity: minor Tags: patch Hey, Filing as minor because this doesn't affect the package as built in Debian. When the package is built non-suid, not all GIDs are mapped into the new (implicitly created) user namespace. The "basic" test is testing that this does happen, so it fails: autopkgtest [11:52:43]: test basic: [----------------------- ok 1 - "bwrap --ro-bind / / /usr/bin/id" should succeed # Failed test at /tmp/autopkgtest.TprZKQ/build.wEi/src/debian/tests/basic line 17. # got: 'uid=1000(ubuntu) gid=1001(ubuntu) groups=1001(ubuntu),65534(nogroup) # ' # expected: 'uid=1000(ubuntu) gid=1001(ubuntu) groups=1001(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),115(netdev),1000(lxd) # ' not ok 2 1..2 # Looks like you failed 1 test of 2. autopkgtest [11:52:44]: test basic: -----------------------] basic FAIL non-zero exit status 1 autopkgtest [11:52:44]: test basic: - - - - - - - - - - results - - - - - - - - - - I think this test is just trying to show that bwrap "basic"ally works. To get the test passing again in Ubuntu I applied the attached commit, checking that the euid and egid survive. Maybe it's an idea to add "-n" to both calls, which would amount to a test of the {uid,gid}_map code. Cheers, -- Iain Lane [ [email protected] ] Debian Developer [ [email protected] ] Ubuntu Developer [ [email protected] ]>From 0ae7028bf4c6a3b87dd9ad0e571a026e4c57c92c Mon Sep 17 00:00:00 2001 From: Iain Lane <[email protected]> Date: Mon, 1 Oct 2018 09:21:01 +0100 Subject: [PATCH] basic: Don't assume `id` will be the same inside the sandbox When bwrap is installed non-suid, unsharing the user namespace happens implicitly. Not all GIDs are mapped into the sandbox, which results in any supplementary groups returning as "nogroup". As a basic test of bubblewrap's functionality, instead let's test if `id -u` and `id -g` are the same inside and outside a sandbox. --- debian/tests/basic | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/debian/tests/basic b/debian/tests/basic index fbf1b61..c8e3449 100755 --- a/debian/tests/basic +++ b/debian/tests/basic @@ -13,7 +13,9 @@ sub run_ok { } my $out; -run_ok([qw(bwrap --ro-bind / / /usr/bin/id)], '<', \undef, '>', \$out); -is($out, `id`); +run_ok([qw(bwrap --ro-bind / / /usr/bin/id -u)], '<', \undef, '>', \$out); +is($out, `id -u`); +run_ok([qw(bwrap --ro-bind / / /usr/bin/id -g)], '<', \undef, '>', \$out); +is($out, `id -g`); done_testing; -- 2.17.0
--- End Message ---
--- Begin Message ---Source: bubblewrap Source-Version: 0.3.1-2 We believe that the bug you reported is fixed in the latest version of bubblewrap, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie <[email protected]> (supplier of updated bubblewrap package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 03 Oct 2018 15:23:27 +0100 Source: bubblewrap Binary: bubblewrap Architecture: source Version: 0.3.1-2 Distribution: unstable Urgency: medium Maintainer: Utopia Maintenance Team <[email protected]> Changed-By: Simon McVittie <[email protected]> Description: bubblewrap - setuid wrapper for unprivileged chroot and namespace manipulation Closes: 910006 Changes: bubblewrap (0.3.1-2) unstable; urgency=medium . [ Iain Lane ] * d/tests/basic: Don't assume `id` will be the same inside the sandbox, making this test pass on (Ubuntu) systems where bubblewrap is not setuid (Closes: #910006) * d/tests/upstream-usrmerge: Add a test to ensure that bubblewrap works on a /usr-merged system . [ Simon McVittie ] * d/p/tests-Handle-systems-without-merged-usr.patch: Add patch from upstream git to make tests pass on non-merged-/usr systems where bubblewrap is not setuid. Thanks to Iain Lane. * d/p/man-page-Describe-chdir-not-nonexistent-cwd.patch: Add patch from upstream git to fix documentation of --chdir option * d/p/Make-lockdata-long-enough-on-32-bit-with-64-bit-file-poin.patch: Add patch from upstream git to fix lock handling in tests on 32-bit platforms with 64-bit off_t. Thanks to Timothy E Baldwin. Checksums-Sha1: b60016b2f46541e65d223057f83d930ab7501813 2241 bubblewrap_0.3.1-2.dsc 301d69e3a508a3512f60e609d686787f4129a2fb 8680 bubblewrap_0.3.1-2.debian.tar.xz dae95181eca7d1399dd728705797e7576a128afa 5999 bubblewrap_0.3.1-2_source.buildinfo Checksums-Sha256: dae16f38aa286694e56c2a1c065979c77807a9665a5bb97e6f2867896543b525 2241 bubblewrap_0.3.1-2.dsc 5b6627bef95c4c6224b356b9fe01dadbe4f3f39ffca67091daef92b49445c829 8680 bubblewrap_0.3.1-2.debian.tar.xz c187dbc4adad30db51995c1e0ba6a304c62e2ce031739edfad79cf02fd5ed521 5999 bubblewrap_0.3.1-2_source.buildinfo Files: 6b5acaf3f4cb878478006ed89d8da191 2241 admin optional bubblewrap_0.3.1-2.dsc 553fceba30324a71f809d11c4add00ad 8680 admin optional bubblewrap_0.3.1-2.debian.tar.xz eee4e69245798787b6208ca314044850 5999 admin optional bubblewrap_0.3.1-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAlu028EACgkQ4FrhR4+B TE9Clw//avTQNhJGkN2hkxUDv6eorLFe5eFDRnk4xLBSrqLovrU0BVia37HjHi4u oVDUbJEeV/EGDC6SnWYhqQBQr9QPGqc2g6ETH3xSLYjweqzYVLxxOF2AUfPJjRmU lVdKwjwR9hJrXbcjVaK6Ph1xJbnIqVphMGE6fBizdQcEyxqcLfzNFqaahao4WkR0 EBnEAj85MT8Xa0dKF48gDBTDDYqZ6zYLEe/ANrCAvnO9Y9mATM58rr+W3OTRLFqa SDbu/LRE8sYqq8kAhuV40NsGt4GmZUjeHX5L3p4Au+20STPw79DCOI7n53SYCLHY 1AIVtdd1TLaUleZ3DpXoX4IqdL4hcNU/lAaPkLKp7guQnRH0TPpf0ccSh5sWEYqo H7AePCBvo6b8ino+qarf2I+alMTdhssF0YeM4d56FtzwGkm7aJW19t6GV0eyWMoO YwuUQbtr8bdmpH/fRBlMlcxfUdp/w+NrIR5h6kFERlY4PkX3TLjSBkhML9r8ReWk Dc2mvhgVgVL3zXRMrxx01X8RWnBmeBTOl7kzkgVpJkJjEyYShn0gbH0e3N0ba1iM YH38Tg4NqJeLuOB4/e8Nb8+2WehvUOwSEYQi+agO//IRunciJzXGpaL9ojh82Fuv RXamuCpoPhhDMbsIPQvx5pH+VXNTg6LoG4DFxWmd5OZc9rkQDNI= =2vY7 -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-utopia-maintainers mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
