942892 – net-dns/bind: pkg_postinst fails with ROOT != /

Bug 942892 - net-dns/bind: pkg_postinst fails with ROOT != /

Summary: net-dns/bind: pkg_postinst fails with ROOT != /

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Patrick McLean

URL:
Whiteboard:
Keywords:	PullRequest

Depends on:
Blocks:

Reported:	2024-11-04 23:50 UTC by Brandon Holbrook
Modified:	2024-11-07 16:37 UTC (History)
CC List:	1 user (show)

See Also:	https://github.com/gentoo/gentoo/pull/39214
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brandon Holbrook 2024-11-04 23:50:17 UTC

We maintain a set of gentoo-based images that are built by emerging a set of world packages in a directory (by setting ROOT=/path/to/image), then tar'ing up that directory afterward similar to the official stage3 images.

These images have always contained `bind-tools` for client tools like dig/host/nslookup, but now that package has been folded up into the main bind package. We are now encountering an error that emerge fails for net-dns/bind in the pkg_postinst phase when ROOT != / with these errors:

* Generating rndc.key
/var/tmp/portage/net-dns/bind-9.18.29-r2/temp/environment: line 1235: /usr/sbin/rndc-confgen: No such file or directory
chown: invalid group: ‘root:named’

It seems several changes might be needed to this ebuild to take ROOT/EROOT into account. Some suggestions reading through the code:
* Determine if generating rndc.key during pkg_postinst() is appropriate. For our scenario, the random key would get generated while creating the OS image, so then ALL systems deployed from this image would have the same key. Not ideal. Perhaps pkg_config() is the better place to do this.
* If pkg_postinst() is the correct phase to perform these actions:
* Prefix all bare path references with ${ROOT} or ${EROOT} as appropriate.
* Ensure that `rndc-confgen -a` will generate the key file at ${ROOT}/etc/bind/rndc.key rather than the build host's /etc/bind/rndc.key
* Add acct-user/named and acct-group/named to BDEPEND and/or IDEPEND to ensure the `named` group exists on the system where pkg_postinst() is executing

Reproducible: Always

Comment 1 Mike Gilbert gentoo-dev

2024-11-05 19:40:32 UTC

Calling ${ROOT}/usr/sbin/rndc-confgen is really not a viable option. The binary may have been cross-compiled, or built against a different set of libraries in ${SYSROOT}.

Comment 2 Larry the Git Cow gentoo-dev

2024-11-07 16:37:11 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2559800a0a46c96d9fe61768986de954c2f93e51

commit 2559800a0a46c96d9fe61768986de954c2f93e51
Author:     Mike Gilbert <floppym@gentoo.org>
AuthorDate: 2024-11-05 20:20:52 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2024-11-07 16:36:36 +0000

    net-dns/bind: wire up ROOT in pkg_postinst
    
    Skip calling rndc-confgen when ROOT is not empty.
    Add EPREFIX to paths.
    Add proper quoting in pkg_postinst and pkg_config.
    
    Closes: https://bugs.gentoo.org/942892
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 ...{bind-9.18.31.ebuild => bind-9.18.31-r1.ebuild} | 48 +++++++++++-----------
 1 file changed, 24 insertions(+), 24 deletions(-)