aboutsummaryrefslogtreecommitdiff
path: root/pbuilder-checkparams
Commit message (Collapse)AuthorAge
* Bug#579028: pbuilder: installs untrusted packages without askingSimon Ruderich2012-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Package: pbuilder Version: 0.206 Tags: patch Followup-For: Bug #579028 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear Maintainer, The attached patch changes the defaults to always enforce signed repositories and aborts if an untrusted/manipulated package is installed. It adds the new option --keyring (APTKEYRINGS) to add additional keyrings, which are then used to verify the (local) signed repositories. This way no untrusted packages can be installed. To still allow untrusted/unsigned repositories - they are a very bad idea and allow remote attackers performing a MITM to take over the system, including all built packages - the new option - --allow-untrusted (ALLOWUNTRUSTED) was added. I tested it with the official Debian repository, signed and unsigned local repositories and it works fine for me. But I'm only a "normal" pbuilder user, so I might have missed something. Please test the patch. I haven't tested it with cdebootstrap, but it should work as well. The old PBUILDERSATISFYDEPENDSOPT --check-key option was deprecated and is no longer used (it emits a warning now) as validation is the default now. The patch also contains documentation updates for the new options/variables and updates for the NEWS file describing the necessary changes to continue using untrusted packages (but please don't do that - especially as a Debian developer). Please have a look and include the patch as soon as possible to fix this security issue. Regards, Simon - -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages pbuilder depends on: ii cdebootstrap 0.5.8+b1 ii coreutils 8.13-3 ii debconf [debconf-2.0] 1.5.41 ii debianutils 4.2.1 ii debootstrap 1.0.38 ii dpkg-dev 1.16.1.2 ii wget 1.13.4-2 Versions of packages pbuilder recommends: pn devscripts 2.11.4 pn fakeroot 1.18.2-1 pn sudo <none> Versions of packages pbuilder suggests: pn cowdancer <none> pn gdebi-core <none> pn pbuilder-uml <none> - -- debconf information excluded -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJPVWhvAAoJEJL+/bfkTDL5ivAP/iayE8NRQnyk2HW8R+NiRXU3 uavLilwwpmEZyuciu8GxMQIAhT9HYd/DlkhF9I+yBSd30TO3fl0xW7YV9SaIZ+bv IPwnZbHri4KfeV9Zob/gd2jrT9A2QCoFRW0ny4XNCK3NvtWH5KuH+TG2Mq5CQqdN j4VJ3+76oJcbQbU7AUYXfvKDAsEb7gX+VwTEFLS4GrPkni/FIQJ8HHJhlTscyuCD gQANCoRFZHVSMaas3xqi9KYFKgVS4BZ5Z/9FZuLeY5kWBfcbnIhQloVOWTQZIMRI PhnqP1g62XlPu71K3a/Y2RMAcy3Gs6sUbW4OianIr2iskCndejih/MCb+3LmBFCg Ekxi/CcJGrc7a0pV57Qs8Iwkm1siRZZUxcp4xdD3mo9iayoOt4sfFyrvBCYryilQ 7JKpQc3iNoV3EQql6KBu5G+GmFFWHmokpLvVY27n8LgkV2YSb2wrgxqXPfxcYHj7 0j/y2MFw+HOX/d5YSESMLxn9aiZBi7CkMtlMemzqizxlNlL/+OOZiDsi4vdH8L/j Y0c2i9efjNeooc0/B9wASu/Ck8SWV8wW1EcfTag0p9Rp0avy4hoQUmG+MtgQsV0l MQuWWysyxeJFX4Z8ooau82L6sIGC0L073JH6Y/C7uTOz9gKt+e5tV3fnU+pkWpqH oF3CcmlykKX4SYzhUI/e =6EPj -----END PGP SIGNATURE----- >From cadc48fb599d436577a6efedc7f25e175652a3a1 Mon Sep 17 00:00:00 2001 Message-Id: <cadc48fb599d436577a6efedc7f25e175652a3a1.1330997290.git.simon@ruderich.org> From: Simon Ruderich <simon@ruderich.org> Date: Tue, 6 Mar 2012 02:00:48 +0100 Subject: [PATCH] Enforce valid signed repositories by default.
* Bug#569917: Support base.tar.xz/bz2 as well as tgzTino Keitel2011-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Package: pbuilder Version: 0.203 Followup-For: Bug #569917 I cooked a little patch that adds a --compressprog command line option and COMPRESSPROG option in pbuilderrc. Tested with pigz, to get multithreaded, and therefore much faster compression/decompression, and xz. Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-00002-g5eeb7f9 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages pbuilder depends on: ii cdebootstrap 0.5.8+b1 ii coreutils 8.13-3 ii debconf [debconf-2.0] 1.5.41 ii debianutils 4.0.4 ii debootstrap 1.0.38 ii wget 1.13.4-1 Versions of packages pbuilder recommends: ii devscripts 2.11.2 ii fakeroot 1.18.1-1 ii sudo 1.8.3p1-2 Versions of packages pbuilder suggests: pn cowdancer 0.65 pn gdebi-core <none> pn pbuilder-uml <none> -- debconf information: pbuilder/mirrorsite: http://ftp.de.debian.org/debian/ pbuilder/nomirror: pbuilder/rewrite: false
* Add builtin ccache support, enabled by defaultLoïc Minier2010-01-02
| | | | | | | | | Add builtin support for using ccache in pbuilder and enable it by default. Ship a new /var/cache/pbuilder/ccache dir and bind-mount and chown it to BUILDUSERID at build time. Install/remove ccache automatically on create/update if CCACHEDIR is set/unset. Update docs and remove old ccache config example. Add a NEWS entry featuring the change.
* Use $PBUILDER_ROOT instead of ${PBUILDER_ROOT}Loïc Minier2010-01-02
|
* pbuilder: Add --architecture and ARCHITECTURE flagLoïc Minier2009-12-30
| | | | | pbuilder: add support for setting the architecture on the command-line and in pbuilderrc.
* Honor PBUILDER_ROOT and PBUILDER_*DIR varsLoïc Minier2009-12-27
| | | | | | Use GNU-style vars for system directories, allow to set them from the env, and let them be prefixed with a PBUILDER_ROOT directory to allow relocation.
* Avoid appending extra spaces in DEBBUILDOPTSLoïc Minier2009-12-14
|
* Factor "exec >" + "exec 2>&1" togetherLoïc Minier2009-12-13
|
* Use debootstrap by default instead of cdebootstrapLoïc Minier2009-12-13
|
* Make --debbuildopts additiveLoïc Minier2009-12-12
| | | | | | Change --debbuildopts to be additive and reset the list of options to the empty list if --debbuildopts "" is passed. Update docs and add NEWS entry.
* Add support for building packages twice; #493538Loïc Minier2009-12-11
| | | | | Add support for building packages twice; based on a patch by Nicolas Valcárcel; closes: #493538
* allow --autocleanaptcache to be specified in pbuilderrc.Matt Kraai2009-11-13
|
* implement --inputfile option.Junichi Uekawa2009-03-07
| | | | Copies extra files to inside chroot.
* refactor to use 'log' function rather than using 'echo' directly.Junichi Uekawa2009-02-26
| | | | First cut into doing this, hopefully we're not breaking anything.
* Bug#493154: warn if --othermirror is specified and --override-config is not ↵Junichi Uekawa2009-02-24
| | | | | | specified. People don't read the manpage thoroughly, and file bugs. Add a Warning.
* typo, double-semicolon, pleaseJunichi Uekawa2008-03-31
|
* --create with --basetgz will not fail file does not exist (closes: #451835)Junichi Uekawa2008-03-30
| | | | | | --basetgz expects an existing file except for when 'create'-ing. 'create' was special-cased, but '--create' wasn't. Special-case both.
* [Pbuilder-maint] Bug#422371: Patch for specifying componentsAdrien Cunin2007-10-22
| | | | | | | | | Here is a patch against latest git revision which adds the ability to specify the components either via $COMPONENTS in pbuilderrc or via the command line with --components. It is based on some of the Ubuntu changes [1]. [1] http://patches.ubuntu.com/p/pbuilder/pbuilder_0.170ubuntu1.patch
* use tee instead of not outputting anything for logging mode.Junichi Uekawa2007-05-17
|
* copyright year 2007, and changelog about it, and changelog warning/error to >&2Junichi Uekawa2007-03-27
|
* user-mode-linux supportdancer2006-09-16
|
* support --login, --execute, etc.dancer2006-09-01
|
* bind-mount ordering fix.dancer2006-08-20
|
* support PKGNAME_LOGFILE option in pbuilderrc.dancer2006-08-15
|
* thinko fix.dancer2006-06-10
|
* do not error out if buildresult directory does not exist.dancer2006-06-10
|
* update copyright info.dancer2006-05-30
|
* * fix pdebuild --help output (closes: #367133)dancer2006-05-14
| | | | | | | | | | | * pbuilderrc.5: undocument the restriction that --buildresult option needs to be specified for pdebuild, and BUILDRESULT cannot be used. I should probably warn that the directory should be absolute. * pdebuild.1: fix man a bit to make --buildresult option doc unambiguous.
* remove support for --nonusmirror.dancer2006-02-22
|
* use readlink -f instead of -e.dancer2005-12-21
| | | | add q-funk's script.
* Use readlink -e instead of readlink -f :dancer2005-12-05
| | | | | | | | | | | | | | | | | | | * pdebuild-user-mode-linux: * pdebuild-uml-checkparams: * pdebuild-checkparams: * pdebuild: readlink -e instead of readlink -f * pbuilder-uml-checkparams: readlink -e instead of readlink -f * pbuilder-modules: readlink -e instead of readlink -f * pbuilder-createbuildenv: quote HOOKDIR and readlink -e instead of readlink -f. * pbuilder-checkparams: * pbuilder-buildpackage: use readlink -e here. * pbuilder-buildpackage-funcs: use readlink -e instead of readlink -f. 342117 thanks to Markus Kolb
* 2005-08-28 Junichi Uekawa <dancer@debian.org>dancer2005-08-28
| | | | * pbuilderrc: SHELL variable is set a default value.
* +2005-08-07 Junichi Uekawa <dancer@debian.org>dancer2005-08-07
| | | | | | | | | | | | | | | | | | | | | | | | | | + + * debian/control: allow cdebootstrap dependency. + + * testsuite/run-test.sh: complicate the process by testing both + cdebootstrap and debootstrap. + + * pbuilder.8: document --debootstrap + + * pbuilder-checkparams: --debootstrap + + * pbuilder-modules: --debootstrap + + * pbuilder-createbuildenv: unset DEBOOTSTRAPSCRIPT instead of setting + "". The number of parameter given to cdebootstrap changes. + since DEBOOTSTRAPSCRIPT are not supported by cdebootstrap, + Giving cdebootstrap this parameter caused it to fail. + + * pbuilderrc.5: Document DEBOOTSTRAP + + * pbuilderrc (DEBOOTSTRAP): new option. + + * pbuilder-createbuildenv (DEBOOTSTRAPSCRIPT): call ${DEBOOTSTRAP} instead of calling debootstrap directly. +
* pdebuild now checks for unsupported options.dancer2005-06-04
| | | | | | | | | | | | | | | | | | | | | | | | + * debian/pbuilder-uml.files: move to uml. + * Makefile: install + * pdebuild-user-mode-linux: use pdebuild-uml-checkparams + + * pdebuild-uml-checkparams: add --debsign-k + + * pbuilder-uml-checkparams: pdebuild options remove. + + * pdebuild-uml-checkparams: --buildresult + + * pdebuild.1: add --logfile option to documentation. + + * pdebuild-checkparams: --logfile option implemented for pdebuild. + + * Makefile (install): install + + * pdebuild: use pdebuild-checkparams instead. + + * pbuilder-checkparams: split + * pdebuild-checkparams: new file. +
* + * pbuilder.8: document --autocleanaptcachedancer2005-06-03
| | | | | | | | + + * pbuilder-updatebuildenv: + * pbuilder-checkparams (AUTOCLEANAPTCACHE): support auto-clean of aptcache + (IGNORE_UMOUNT): add --autocleanaptcache +
* change to use experimental,dancer2005-06-03
| | | | and apply patch; and apply my own patch.
* --- ChangeLog 11 Apr 2005 06:24:29 -0000 1.293dancer2005-04-16
| | | | | | | | | | | | | | | | | | | | | | +++ ChangeLog 16 Apr 2005 04:39:27 -0000 @@ -1,3 +1,20 @@ +2005-04-16 Junichi Uekawa <dancer@debian.org> + + * pbuilder-modules: document signing-related options in pbuilder-options. + + * pdebuild-user-mode-linux: + * pdebuild: implement keyid specification. + + * Documentation/pbuilder-doc.xml: add document on using auto-debsign + and add a FAQ entry for source.changes file. + + * pbuilder-checkparams: use --debsign-k option + to specify DEBSIGN_KEYID + + * pdebuild.1: add --debsign-k option + + * pdebuild-user-mode-linux.1: add --debsign-k option +
* +2005-03-04 Junichi Uekawa <dancer@debian.org>dancer2005-03-04
| | | | | | | | | | | | | | | | | | | + + * pbuilder: apply patch frp, Danilo to save aptcache on pbuilder login. + Apply similar change to pbuilder execute. + 271600 + + * pbuilder.8: + * pbuilder-checkparams: + * pbuilder-modules: support --aptcache option + thanks: Danilo Piazzalunga <danilopiazza@libero.it> + 295766 + + * Cleaned build dir for pbuilder-uml #297100 + + * pbuilder-modules (pbuilder-options): document save-after-login/exec + flag in --help output. #296672 +
* update datedancer2005-01-04
|
* +2004-10-31 Junichi Uekawa <dancer@debian.org>dancer2004-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | + + * Documentation/pbuilder-doc.xml (PBUILDER_UML_IMAGE): add notes on + BUILRESULTUID and SUDO interaction. + + * pbuilder-buildpackage (PACKAGENAME): move around buildresult dir creation before pkgname logfile creation. + + * pbuilder.8: add documentation for --save-after-login/exec option. + + * pbuilder: execute and login with --save-after-login/exec option. + + * pbuilder-user-mode-linux.1: add notes that uml-nocow is effective for exec and login. + + * pbuilder-uml-checkparams (UML_SAVE_AFTER_LOGIN): add UML_NOCOW for exec + + * pbuilder-checkparams (SAVE_AFTER_LOGIN): --save-after-login/exec command-option. + + * pdebuild-user-mode-linux.1: add notes that the option will override + pbuilder option. + + * pdebuild.1: add notes that the option will override pbuilder option + + * pdebuild-user-mode-linux: ditto. + + * pdebuild: override --debbbuildopts in pbuilder option when DEBBUILDOPTS is available and for non-internal mode. +
* +dancer2004-07-28
| | | | | | | | | | | | | | | | | | | + * debian/pbuilder-uml.files: add pbuilder-uml-checkparams + + * Makefile: add pbuilder-uml-checkparams + + * pdebuild-user-mode-linux.1: update manual to reflect + current reality of pdebuild-user-mode-linux. It was originally just a + copy of pdebuild manpage. + + * pbuilder-checkparams: shift around debootstrapopts parameter + processing out of pdebuild options; it doesn't belong there. + + * pdebuild-user-mode-linux: Call pbuilder-uml-checkparams to + parse commands in UML way, not pbuilder way. + * pbuilder-uml-checkparams: Move command-line parser to here + * pbuilder-user-mode-linux: Move command-line parser out +
* + * Implement --variant=buildd support, thanks for Daniel Scheplerdancer2004-04-06
| | | | | | | + for the work on debootstrap side. + Note that this change does not affect user-mode-linux, since + user-mode-linux version uses rootstrap + (closes: #154528)
* modifications to copyright notice, anddancer2004-01-11
| | | | run-test.sh
* +2003-12-23 Junichi Uekawa <dancer@debian.org>dancer2003-12-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | + + * Makefile (install): update build rules to install pdebuild-internal + + * pbuilderrc.5: update document USE_PDEBUILD_INTERNAL + + * pdebuild-user-mode-linux.1: document --use-pdebuild-internal + + * pdebuild.1: document --use-pdebuild-internal + + * pbuilder-modules: document use-pdebuild-internal + + * pbuilder-checkparams: --use-pdebuild-internal option. + + * pdebuild: use pdebuild-internal if USE_PDEBUILD_INTERNAL option is 'yes' + + * pdebuild-user-mode-linux: use pdebuild-internal if USE_PDEBUILD_INTERNAL option is 'yes' + + * pdebuild-internal: Implement a pbuilder execute script to be + used for pdebuild without doing debian/rules clean outside of chroot. + + * pbuilder-checkparams: support multiple bindmounts; + delimit it with spaces. + + * pbuilder-modules: add --debug option here. +
* + * debian/control (Description): do not conflict with older bash.dancer2003-12-16
| | | | | | | | | | | | | | | + + * pbuilder-buildpackage-funcs: + * pbuilder-checkparams: do not error out on + failure to unset. + + * pbuilder.8: document --debug. + + * pbuilder-checkparams (IGNORE_UMOUNT): --debug option. + + * pbuilder-createbuildenv: + * pbuilder-updatebuildenv: use PBUILDER_DEBUGMODE variable +
* +2003-10-28 Junichi Uekawa <dancer@debian.org>dancer2003-10-27
| | | | | | | | | | | | | | | | | | | | | | | | + + * pdebuild.1: pbuilder will use the config file that is specified + as pdebuild command-line. + + * pdebuild (ARCHITECTURE): Add --configfile to the call to pbuilder + invocation. + + * pbuilder-checkparams (IGNORE_UMOUNT): EXTRA_CONFIGFILE is an array + containing the list of CONFIGFILEs loaded via --configfile. + + * pbuilder-user-mode-linux: rename variable that looked similar to + other variable. CONFIGFILE->SYSTEM_CONFIG. + + * pbuilder-checkparams (IGNORE_UMOUNT): add error check to --configfile option + + * pbuilderrc.5: update docs on BUILDRESULT not effective on + pdebuild. + + * pdebuild.1: add notes on pdebuild requiring buildresult to be + specified. +
* +dancer2003-10-04
| | | | | | | + * auditing of readlink occurrences + * Bug fix: "pbuilder: Please deal with nonexistent --buildplace + directory", reported from Artur R. Czechowski (Closes: #213890). +
* +2003-09-04 Junichi Uekawa <dancer@debian.org>dancer2003-09-03
| | | | | | | | | | | | | | | | + + * pbuilder-modules: fix typo in file existence checking. + + * debian/TODO: how about passing "-o dpkg::Options=--force-confnew" to apt? is now done. + Request from Roland Stigge <ernie@atari.antcom.de> + to finally implement the missing feature. + + * pbuilder-checkparams: set FORCE_CONFNEW array variable if + DEBIAN_FRONTEND is noninteractive to allow non-interactive install. + + * pbuilder-updatebuildenv: use FORCE_CONFNEW variable to + give force-confnew option to DPKG +
* +dancer2003-08-31
| | | | | | | | | | | + * debian/changelog: 0.85 + + * THANKS: update + + * pbuilder-checkparams (IGNORE_UMOUNT): fix case of --basetgz option + when the base.tgz does not exist (pbuilder create). + readlink failed if file did not exist. +
* update rootstrap depends.dancer2003-04-15
|