Fwd: Re: PLD cooperation

[Paweł Sakowski]

Michael Shigorin wrote:
> Hm, the builds are carried out in host system?  Dmitry Levin has
> developed a standalone isolated build environment over here:
> ftp://ftp.altlinux.org/pub/people/ldv/hasher/
> 
> (after one of the partner firms freed their build system which
> was very nice in supporting particular workflow but also had some
> assumptions, like "no-one is going to break out of chroot in
> %post", so at least theoretically, the possibility for attacks
> on a build system was there; now it's gone)

Yes, we have a whole central infrastructure to possibly automate package
building. Yes, it could possibly lead to security issues on the hosting
system (to give a real-life example, one upstream package reveals the
configuration of net interfaces in ./configure). It does not seem very
much of a problem for us, because 1) builder access is not granted to
random people (even if they have CVS write access), 2) the builder
activity is verbosely reported to other developers, 3) the specs/sources
are always fetched from the CVS repo, flaming on evil CVS commits has
already been discussed.

If people without rights to issue build requests want their package
(re)built, they have to ask someone to issue a request on their behalf
(which is a point where the changes can/should be reviewed). A build
process (from the developer's point of view) starts with a request
(actually, a gpg-signed, specially formatted mail to the "source
builder" server) and ends with getting a series of mails with the
building stdout, and the package being placed on the "ready" tree on FTP
(the optimistic case: everything went fine). As a general rule, if a
package is sent to the builders, care should be taken to make it build
properly on all supported architectures.

-- 
Paweł Sakowski <saq w pld-linux.org>
PLD Linux Distribution