On Wednesday 14 May 2014, Adrian Schröter wrote:
On Mittwoch, 14. Mai 2014, 09:17:08 wrote Lars Weber:
I use a package root4abuild created via attached spec-file. Use this package as a build-requirement for your package and you can gain root-rights for abuild via sudo during the build-process.
Might be a little bit ugly but works for me.
Thanks Lars! This should do it for me.
You should make sure not to publish that package, because a user would create a security hole in his system.
I'd like to protect local builds in chroot too to not crash my own or other's systems. Can I find out whether the spec file is running on OBS to disable sudo if not?
Also the package will never be accepted in Factory. So if your goal is to create an official package you should look for another solution :)
For me there is no other solution. I want to run "util-linux" advanced test-suite as root to see more issues. For now just for debugging but if it turns out to be useful I would like to have it "upstream" in Base:System. Maybe another project "util-linux-testsuite" which does not goes to Factory? IMO this is a general use case, worth to think about, see for example $ osc rbl -s Base:System coreutils-testsuite openSUSE_Factory i586 |\ grep "must be run as root" setgid.sh: skipped test: must be run as root basic.sh: skipped test: must be run as root cp-a-selinux.sh: skipped test: must be run as root preserve-gid.sh: skipped test: must be run as root special-bits.sh: skipped test: must be run as root cp-mv-enotsup-xattr.sh: skipped test: must be run as root capability.sh: skipped test: must be run as root skip-seek-past-dev.sh: skipped test: must be run as root problematic-chars.sh: skipped test: must be run as root bind-mount-dir-cycle.sh: skipped test: must be run as root install-C-root.sh: skipped test: must be run as root capability.sh: skipped test: must be run as root nameless-uid.sh: skipped test: must be run as root chcon.sh: skipped test: must be run as root chroot-credentials.sh: skipped test: must be run as root selinux.sh: skipped test: must be run as root truncate-owned-by-other.sh: skipped test: must be run as root writable-under-readonly.sh: skipped test: must be run as root sticky-to-xpart.sh: skipped test: must be run as root fail-2eperm.sh: skipped test: must be run as root no-give-up.sh: skipped test: must be run as root one-file-system.sh: skipped test: must be run as root read-only.sh: skipped test: must be run as root append-only.sh: skipped test: must be run as root now-owned-by-other.sh: skipped test: must be run as roo
(It is not an issue for OBS, since we use KVM/XEN secured environments in case you wonder)
Do you know whether these ones would work on OBS?: modprobe loop losetup ... modprobe scsi_debug I know it does not work for certain other secured VMs. cu, Rudi -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org