forked from josch/mmdebstrap
don't use apt sandboxing in fakechroot or proot modes
This commit is contained in:
parent
af13116336
commit
655857e525
1 changed files with 16 additions and 5 deletions
21
mmdebstrap
21
mmdebstrap
|
@ -1605,11 +1605,22 @@ sub run_setup() {
|
|||
copy($tmpfile, \*STDERR);
|
||||
}
|
||||
|
||||
# when apt-get update is run by the root user, then apt will attempt to
|
||||
# drop privileges to the _apt user. This will fail if the _apt user does
|
||||
# not have permissions to read the root directory. In that case, we have
|
||||
# to disable apt sandboxing.
|
||||
{
|
||||
if (any { $_ eq $options->{mode} } ('fakechroot', 'proot')) {
|
||||
# Apt dropping privileges to another user than root is not useful in
|
||||
# fakechroot and proot mode because all users are faked and thus there
|
||||
# is no real privilege difference anyways. Thus, we also print no
|
||||
# warning message in this case.
|
||||
open my $fh, '>>', $tmpfile
|
||||
or error "cannot open $tmpfile for appending: $!";
|
||||
print $fh "APT::Sandbox::User \"root\";\n";
|
||||
close $fh;
|
||||
} else {
|
||||
# when apt-get update is run by the root user, then apt will attempt to
|
||||
# drop privileges to the _apt user. This will fail if the _apt user
|
||||
# does not have permissions to read the root directory. In that case,
|
||||
# we have to disable apt sandboxing. This can for example happen in
|
||||
# root mode when the path of the chroot is not in a world-readable
|
||||
# location.
|
||||
my $partial = '/var/lib/apt/lists/partial';
|
||||
if (
|
||||
system('/usr/lib/apt/apt-helper', 'drop-privs', '--', 'test',
|
||||
|
|
Loading…
Reference in a new issue