1. Patchew
  2. linux
  3. View series

[PATCH v3] kbuild: deb-pkg: remove the fakeroot builds support

Masahiro Yamada posted 1 patch 2 years ago 
scripts/Makefile.package | 4 +---
scripts/package/builddeb | 8 +-------
2 files changed, 2 insertions(+), 10 deletions(-)
[PATCH v3] kbuild: deb-pkg: remove the fakeroot builds support
Posted by Masahiro Yamada 2 years ago 
In 2017, the dpkg suite introduced the rootless builds support with the
following commits:

  - 2436807c87b0 ("dpkg-deb: Add support for rootless builds")
  - fca1bfe84068 ("dpkg-buildpackage: Add support for rootless builds")

This feature is available in the default dpkg on Debian 10 and Ubuntu
20.04.

Remove the old method.

Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
---

Changes in v3:
  - Remove DEB_RULES_REQUIRES_ROOT=no again
    (resent in order to clarify which one should be applied)

Changes in v2:
  - add DEB_RULES_REQUIRES_ROOT=no to debian/rules

 scripts/Makefile.package | 4 +---
 scripts/package/builddeb | 8 +-------
 2 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/scripts/Makefile.package b/scripts/Makefile.package
index 0c3adc48dfe8..a81dfb1f5181 100644
--- a/scripts/Makefile.package
+++ b/scripts/Makefile.package
@@ -109,8 +109,6 @@ debian-orig: linux.tar$(debian-orig-suffix) debian
 		cp $< ../$(orig-name); \
 	fi
 
-KBUILD_PKG_ROOTCMD ?= 'fakeroot -u'
-
 PHONY += deb-pkg srcdeb-pkg bindeb-pkg
 
 deb-pkg:    private build-type := source,binary
@@ -125,7 +123,7 @@ deb-pkg srcdeb-pkg bindeb-pkg:
 	$(if $(findstring source, $(build-type)), \
 		--unsigned-source --compression=$(KDEB_SOURCE_COMPRESS)) \
 	$(if $(findstring binary, $(build-type)), \
-		-R'$(MAKE) -f debian/rules' -j1 -r$(KBUILD_PKG_ROOTCMD) -a$$(cat debian/arch), \
+		-R'$(MAKE) -f debian/rules' -j1 -a$$(cat debian/arch), \
 		--no-check-builddeps) \
 	$(DPKG_FLAGS))
 
diff --git a/scripts/package/builddeb b/scripts/package/builddeb
index d7dd0d04c70c..2fe51e6919da 100755
--- a/scripts/package/builddeb
+++ b/scripts/package/builddeb
@@ -36,19 +36,13 @@ create_package() {
 	sh -c "cd '$pdir'; find . -type f ! -path './DEBIAN/*' -printf '%P\0' \
 		| xargs -r0 md5sum > DEBIAN/md5sums"
 
-	# Fix ownership and permissions
-	if [ "$DEB_RULES_REQUIRES_ROOT" = "no" ]; then
-		dpkg_deb_opts="--root-owner-group"
-	else
-		chown -R root:root "$pdir"
-	fi
 	# a+rX in case we are in a restrictive umask environment like 0077
 	# ug-s in case we build in a setuid/setgid directory
 	chmod -R go-w,a+rX,ug-s "$pdir"
 
 	# Create the package
 	dpkg-gencontrol -p$pname -P"$pdir"
-	dpkg-deb $dpkg_deb_opts ${KDEB_COMPRESS:+-Z$KDEB_COMPRESS} --build "$pdir" ..
+	dpkg-deb --root-owner-group ${KDEB_COMPRESS:+-Z$KDEB_COMPRESS} --build "$pdir" ..
 }
 
 install_linux_image () {
-- 
2.40.1
Re: [PATCH v3] kbuild: deb-pkg: remove the fakeroot builds support
Posted by Guillem Jover 2 years ago 
Hi!

On Wed, 2023-11-29 at 08:53:56 +0900, Masahiro Yamada wrote:
> In 2017, the dpkg suite introduced the rootless builds support with the
> following commits:
> 
>   - 2436807c87b0 ("dpkg-deb: Add support for rootless builds")
>   - fca1bfe84068 ("dpkg-buildpackage: Add support for rootless builds")
> 
> This feature is available in the default dpkg on Debian 10 and Ubuntu
> 20.04.
> 
> Remove the old method.
> 
> Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
> ---
> 
> Changes in v3:
>   - Remove DEB_RULES_REQUIRES_ROOT=no again
>     (resent in order to clarify which one should be applied)

Thanks, as this variable is supposed to be defined by the build driver
(such as dpkg-buildpackage) that calls debian/rules, as covered in the
rootless-builds.txt spec.

> diff --git a/scripts/Makefile.package b/scripts/Makefile.package
> index 0c3adc48dfe8..a81dfb1f5181 100644
> --- a/scripts/Makefile.package
> +++ b/scripts/Makefile.package
> @@ -109,8 +109,6 @@ debian-orig: linux.tar$(debian-orig-suffix) debian
>  		cp $< ../$(orig-name); \
>  	fi
>  
> -KBUILD_PKG_ROOTCMD ?= 'fakeroot -u'
> -
>  PHONY += deb-pkg srcdeb-pkg bindeb-pkg
>  
>  deb-pkg:    private build-type := source,binary
> @@ -125,7 +123,7 @@ deb-pkg srcdeb-pkg bindeb-pkg:
>  	$(if $(findstring source, $(build-type)), \
>  		--unsigned-source --compression=$(KDEB_SOURCE_COMPRESS)) \
>  	$(if $(findstring binary, $(build-type)), \
> -		-R'$(MAKE) -f debian/rules' -j1 -r$(KBUILD_PKG_ROOTCMD) -a$$(cat debian/arch), \
> +		-R'$(MAKE) -f debian/rules' -j1 -a$$(cat debian/arch), \

Since dpkg 1.14.7, dpkg-buildpackage uses fakeroot if available, so
regardless of anything else this removal seems safe.

>  		--no-check-builddeps) \
>  	$(DPKG_FLAGS))
>  
> diff --git a/scripts/package/builddeb b/scripts/package/builddeb
> index d7dd0d04c70c..2fe51e6919da 100755
> --- a/scripts/package/builddeb
> +++ b/scripts/package/builddeb
> @@ -36,19 +36,13 @@ create_package() {
>  	sh -c "cd '$pdir'; find . -type f ! -path './DEBIAN/*' -printf '%P\0' \
>  		| xargs -r0 md5sum > DEBIAN/md5sums"
>  
> -	# Fix ownership and permissions
> -	if [ "$DEB_RULES_REQUIRES_ROOT" = "no" ]; then
> -		dpkg_deb_opts="--root-owner-group"
> -	else
> -		chown -R root:root "$pdir"
> -	fi
>  	# a+rX in case we are in a restrictive umask environment like 0077
>  	# ug-s in case we build in a setuid/setgid directory
>  	chmod -R go-w,a+rX,ug-s "$pdir"
>  
>  	# Create the package
>  	dpkg-gencontrol -p$pname -P"$pdir"
> -	dpkg-deb $dpkg_deb_opts ${KDEB_COMPRESS:+-Z$KDEB_COMPRESS} --build "$pdir" ..
> +	dpkg-deb --root-owner-group ${KDEB_COMPRESS:+-Z$KDEB_COMPRESS} --build "$pdir" ..

If you want to make sure dpkg-deb supports that option, perhaps add
«dpkg (>= 1.19.0)» to the package Build-Depends? If that version seems
old enough to be assumed to be present, then unconditionally using it
seems fine.

>  }
>  
>  install_linux_image () {

Otherwise, the change LGTM.

Thanks,
Guillem
Re: [PATCH v3] kbuild: deb-pkg: remove the fakeroot builds support
Posted by Masahiro Yamada 2 years ago 
On Wed, Nov 29, 2023 at 12:04 PM Guillem Jover <guillem@debian.org> wrote:
>
> Hi!
>
> On Wed, 2023-11-29 at 08:53:56 +0900, Masahiro Yamada wrote:
> > In 2017, the dpkg suite introduced the rootless builds support with the
> > following commits:
> >
> >   - 2436807c87b0 ("dpkg-deb: Add support for rootless builds")
> >   - fca1bfe84068 ("dpkg-buildpackage: Add support for rootless builds")
> >
> > This feature is available in the default dpkg on Debian 10 and Ubuntu
> > 20.04.
> >
> > Remove the old method.
> >
> > Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
> > ---
> >
> > Changes in v3:
> >   - Remove DEB_RULES_REQUIRES_ROOT=no again
> >     (resent in order to clarify which one should be applied)
>
> Thanks, as this variable is supposed to be defined by the build driver
> (such as dpkg-buildpackage) that calls debian/rules, as covered in the
> rootless-builds.txt spec.
>
> > diff --git a/scripts/Makefile.package b/scripts/Makefile.package
> > index 0c3adc48dfe8..a81dfb1f5181 100644
> > --- a/scripts/Makefile.package
> > +++ b/scripts/Makefile.package
> > @@ -109,8 +109,6 @@ debian-orig: linux.tar$(debian-orig-suffix) debian
> >               cp $< ../$(orig-name); \
> >       fi
> >
> > -KBUILD_PKG_ROOTCMD ?= 'fakeroot -u'
> > -
> >  PHONY += deb-pkg srcdeb-pkg bindeb-pkg
> >
> >  deb-pkg:    private build-type := source,binary
> > @@ -125,7 +123,7 @@ deb-pkg srcdeb-pkg bindeb-pkg:
> >       $(if $(findstring source, $(build-type)), \
> >               --unsigned-source --compression=$(KDEB_SOURCE_COMPRESS)) \
> >       $(if $(findstring binary, $(build-type)), \
> > -             -R'$(MAKE) -f debian/rules' -j1 -r$(KBUILD_PKG_ROOTCMD) -a$$(cat debian/arch), \
> > +             -R'$(MAKE) -f debian/rules' -j1 -a$$(cat debian/arch), \
>
> Since dpkg 1.14.7, dpkg-buildpackage uses fakeroot if available, so
> regardless of anything else this removal seems safe.


You are right.

Even without the explicit -r option, fakeroot will be used
when dpkg-buildpackage determines it is necessary.


Only a use-case I can come up with is,
the fakeroot command is not installed on the system, and a user
may want to do  "make bindeb-pkg KBUILD_PKG_ROOTCMD=sudo"
as a backup plan.


Anyway, now we always assume "--root-command=none" should work,
so -r$(KBUILD_PKG_ROOTCMD) is unneeded.




> >               --no-check-builddeps) \
> >       $(DPKG_FLAGS))
> >
> > diff --git a/scripts/package/builddeb b/scripts/package/builddeb
> > index d7dd0d04c70c..2fe51e6919da 100755
> > --- a/scripts/package/builddeb
> > +++ b/scripts/package/builddeb
> > @@ -36,19 +36,13 @@ create_package() {
> >       sh -c "cd '$pdir'; find . -type f ! -path './DEBIAN/*' -printf '%P\0' \
> >               | xargs -r0 md5sum > DEBIAN/md5sums"
> >
> > -     # Fix ownership and permissions
> > -     if [ "$DEB_RULES_REQUIRES_ROOT" = "no" ]; then
> > -             dpkg_deb_opts="--root-owner-group"
> > -     else
> > -             chown -R root:root "$pdir"
> > -     fi
> >       # a+rX in case we are in a restrictive umask environment like 0077
> >       # ug-s in case we build in a setuid/setgid directory
> >       chmod -R go-w,a+rX,ug-s "$pdir"
> >
> >       # Create the package
> >       dpkg-gencontrol -p$pname -P"$pdir"
> > -     dpkg-deb $dpkg_deb_opts ${KDEB_COMPRESS:+-Z$KDEB_COMPRESS} --build "$pdir" ..
> > +     dpkg-deb --root-owner-group ${KDEB_COMPRESS:+-Z$KDEB_COMPRESS} --build "$pdir" ..
>
> If you want to make sure dpkg-deb supports that option, perhaps add
> «dpkg (>= 1.19.0)» to the package Build-Depends? If that version seems
> old enough to be assumed to be present, then unconditionally using it
> seems fine.



Personally, I do not want to list an essential tool
in the dependency.

The Debian kernel does not do it either.

Anyway, thank you for your comments.



> >  }
> >
> >  install_linux_image () {
>
> Otherwise, the change LGTM.
>
> Thanks,
> Guillem



-- 
Best Regards
Masahiro Yamada

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.