Skip to content

Regression of #611: autopkgtest image creation broken

Creating autopkgtest images started failing recently. https://debusine.debian.net/debian/base/work-request/68853/ It seems likely that this is caused by #611 (closed). The immediate failure is:

/customization_script: 1: /usr/share/autopkgtest/setup-commands/setup-testbed: not found

This is surprising on multiple accounts. For one thing, the new code special cases precisely that path and should not be uploading this script but pass it to --customize-hook directly according to the comment (# special case autopkgtest script + # as it needs to run outside of the chroot). Unfortunately, the comment only says what is being done and not why. What would be interesting here is why the setup-testbed script fails when run inside. Note that it has root=${1:/} and this default appears to indicate that running inside should work in theory. Is this an autopkgtest bug?

The value of the self._customization_script is not the path to the script, but the path to temporary text file containing the script. As a result the equality test fails and we are taking the else branch. There it executes a 1-line script containing nothing but

/usr/share/autopkgtest/setup-commands/setup-testbed

which happens to not exist inside the image (as we did not install autopkgtest there) and fails.

Going back to the documentation of the customization_script, it says that this is "a script that is copied in the target chroot", but it does not say whether the script is identified by path or by content. It can reasonably be read both ways. Evidently, an earlier interpretation was path and the current interpretation is content. From a security-pov, accepting content is much better, because we could easily pass /etc/debusine/worker/token here and thus leak it.

Problem summary:

  • The comment special casing autopkgtest should explain why it is being special cased.
  • The match introducing the special case can never match and presently is dead code.
  • The documentation should be clarified as to whether customization_script is path or content.
  • We need a new way of constructing autopkgtest images. Maybe the documentation could include an example update_environments showing how this is supposed to be done.
Edited by Raphaël Hertzog
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information