On Wednesday 14 May 2014, Adrian Schröter wrote:
On Mittwoch, 14. Mai 2014, 13:05:36 wrote Jan Engelhardt:
On Wednesday 2014-05-14 12:55, Bernhard Voelker wrote:
On 05/14/2014 11:11 AM, Ruediger Meier wrote:
IMO this is a general use case, worth to think about, see for example $ osc rbl -s Base:System coreutils-testsuite openSUSE_Factory i586 |\ grep "must be run as root" setgid.sh: skipped test: must be run as root basic.sh: skipped test: must be run as root cp-a-selinux.sh: skipped test: must be run as root preserve-gid.sh: skipped test: must be run as root special-bits.sh: skipped test: must be run as root cp-mv-enotsup-xattr.sh: skipped test: must be run as root capability.sh: skipped test: must be run as root [...]
I already asked that for coreutils some while ago (I'm a co-maintainer). So if someone can point to a valid solution - also for Factory - then I'd be grateful.
Didn't we have
#!rootneededforbuild
or so?
Yes, but it needs also an exception on the server side for that package.
While I understand that root access is really needed for a lot of test cases, we want to ensure that build src.rpms do not damage a user system.
Therefor we will also not allow root for building rpms in future.
But we will work on QA features (hopefully later this year). And I take this as input for them ...
Maybe you could do like this If specfile contains "#!needsudoforbuild" then OBS adds silently /etc/sudoers.d/abuild and also provides macro %have_abuild_sudo. rpmlint could check that any sudo is guarded by "%if %have_abuild_sudo" to make sure that we would never call sudo from spec file even if that paricular user has sudo permissions already. But user is still free to provide %have_abuild_sudo on local rpmbuild command line if he knows what he is doing. cu, Rudi -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org