From nobody Sat Jan 13 06:17:19 2024
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TBp8z01mHz56rZY
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Sat, 13 Jan 2024 06:17:23 +0000 (UTC)
	(envelope-from dereks@lifeofadishwasher.com)
Received: from mail-qv1-xf30.google.com (mail-qv1-xf30.google.com [IPv6:2607:f8b0:4864:20::f30])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TBp8y4qcjz4S78
	for <freebsd-hackers@freebsd.org>; Sat, 13 Jan 2024 06:17:22 +0000 (UTC)
	(envelope-from dereks@lifeofadishwasher.com)
Authentication-Results: mx1.freebsd.org;
	none
Received: by mail-qv1-xf30.google.com with SMTP id 6a1803df08f44-67f8d9fe99fso45464836d6.2
        for <freebsd-hackers@freebsd.org>; Fri, 12 Jan 2024 22:17:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=lifeofadishwasher.com; s=google; t=1705126642; x=1705731442; darn=freebsd.org;
        h=in-reply-to:content-disposition:mime-version:references
         :mail-followup-to:message-id:subject:cc:to:from:date:from:to:cc
         :subject:date:message-id:reply-to;
        bh=gZd+hfWEkRwEpn0fZeHRkItPTFT3NEkWjwUal9yDkDg=;
        b=B7wjupUAUexlPoROyKtnR1Jzodh5ytKzxnSnqPQv6efAcqOuG+yzOcr65wAYNptyuA
         AbR8dFgPN7rDWdommat+zvAK81UhouWR56eyb3k/UhKu+xBli1Fqnc7tywTpZWALM4ly
         9U6eLaI18Quqx/MeP1RsuI3NRI+NrhrsCK9+4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1705126642; x=1705731442;
        h=in-reply-to:content-disposition:mime-version:references
         :mail-followup-to:message-id:subject:cc:to:from:date
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=gZd+hfWEkRwEpn0fZeHRkItPTFT3NEkWjwUal9yDkDg=;
        b=gvSfeHv8N5WhaAC2Hh8+/Y3nbzqbN1NuYqF5U4U9y8i9UXNk62uAHoHN+ptw5cTPP7
         4/zW2an21DOVbfSthg45YF1KdWzSMhpXIx0MrcDKXzjUPtU0cEOemAWKRmqGLzawndbF
         fDH5xxwcpyH2T6T/qHQfCZM7wfhS2Egi/YYSKil19jTRQRbvEum+WRXnjA7XvT/L0wR1
         y8bo0oJii8715GBAdx1wf4TNwHFFQ4DDnrc/ToCB4cTW7itkg1boFTBpRYUZMNRO0G/Y
         Kp6GQ+a+5gKHkWB2I2BUO8w3AuantxvHagrHcXZuLnwVNinL2WJZRZUpjMdzXxuFAeln
         jEjw==
X-Gm-Message-State: AOJu0YwGUmdJPAOp2E8tFkpjvzqFPtqndVoh1hhGc0nAEBIGLQ+sktyD
	faO0rV5+kz3GbhLumkxS4ztulrbCa3S5gRWGcxjq4OSs/Q==
X-Google-Smtp-Source: AGHT+IE4EsYNk7XS/whgQnOPFI9K1AHZgg4jlU+TrrDtViogMtaIBK3Pe0i4/ug+JBlFQyn5DpNdVw==
X-Received: by 2002:ad4:5caf:0:b0:681:98d:f7f6 with SMTP id q15-20020ad45caf000000b00681098df7f6mr2727778qvh.124.1705126641836;
        Fri, 12 Jan 2024 22:17:21 -0800 (PST)
Received: from lifeofadishwasher.com ([2601:547:1900:3230:81f9:2dee:f49d:b0ab])
        by smtp.gmail.com with ESMTPSA id cq11-20020a05622a424b00b00427f5c73636sm1977113qtb.27.2024.01.12.22.17.20
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 12 Jan 2024 22:17:21 -0800 (PST)
Received: by lifeofadishwasher.com (sSMTP sendmail emulation); Sat, 13 Jan 2024 01:17:19 -0500
Date: Sat, 13 Jan 2024 01:17:19 -0500
From: Derek Schrock <dereks@lifeofadishwasher.com>
To: Craig Leres <leres@freebsd.org>
Cc: freebsd-hackers@freebsd.org
Subject: Re: poudriere 3.4.0 regression: -i runs as NON_ROOT user
Message-ID: <ZaIq79Rph8laIN28@ircbsd.lifeofadishwasher.com>
Mail-Followup-To: Craig Leres <leres@freebsd.org>,
	freebsd-hackers@freebsd.org
References: <bbd3b92d-40f3-41f6-a802-001610b35c8b@freebsd.org>
 <ZaGC8pOtQ-cQV05A@ircbsd.lifeofadishwasher.com>
 <c1a8b664-317d-446d-b2f7-9ee7511dcff9@freebsd.org>
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <c1a8b664-317d-446d-b2f7-9ee7511dcff9@freebsd.org>
X-Rspamd-Queue-Id: 4TBp8y4qcjz4S78
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]

On Fri, Jan 12, 2024 at 09:17:48PM EST, Craig Leres wrote:
> On 1/12/24 10:20, Derek Schrock wrote:
> > You can `su -l` as nobody in the jail to get to root too.
> 
> Helpful, thanks!
> 
> >                                                            Still extra
> > but I do believe it is executed that interactive is started as non-root
> > when building as non-root.
> 
> If this change is documented somewhere I haven't seen it. And if if this is
> the desired behavior, there's still something not quite right as UID is set
> to 0 which breaks things. I *think* poudriere is setting it because
> bsd.port.mk appears to set it to .MAKE.UID if it's not already defined (and
> .MAKE.UID is set correctly).
> 
> 		Craig
> 
> zinc 143 # poudriere bulk -i -C -j 13release -p current-patched
> ports-mgmt/pkg
> [00:00:00] Creating the reference jail... done
> [...]
> [00:01:18] Entering interactive test mode. Type 'exit' when done.
> nobody@zinc:/usr/ports/ports-mgmt/pkg % whoami
> nobody
> nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V UID
> 0
> nobody@zinc:/usr/ports/ports-mgmt/pkg % make -V  .MAKE.UID
> 65534
> 
> 

It seems like you have PORTBUILD_UID set in poudriere.conf? UID is just
id -u and pw useradd command uses that var.  But it's 65534 for me (the
default) I'm using -devel though.