Add users inside mock environment

Rocky Linux Tech Help
1

So as part of my migration from C7 to R9 I need to install INN on my new machine. Previously I used the version from EPEL, but this hasn’t been built for 9. And there’s a new version out. So I thought I’d build my own, based on the work EPEL had previously done.

Now I can get most of the way, but as part of the “install” phase it tries to install files as news:news. That’d imply creating the user on my build server and running rpmbuild as root.

Looking further, It’s clearly not meant to be run on the host OS 'cos of sections like this in %post

%post
su -m news -c '/usr/libexec/news/makedbz -i -o'

umask 002
touch /var/log/news/news.notice
touch /var/log/news/news.crit
touch /var/log/news/news.err
chown -R news:news /var/log/news*

So I thought I’d try out mock. But this fails the same way, the user doesn’t exist. And, of course, the build environments are transitory so even if I do a mock --shell and add the user/group the next time I try to do a rebuild from the SRPM it does a clean up :slight_smile:

So how can I add users and groups inside the mock tree during this build? I don’t see CLI options. Google isn’t helpful 'cos all the questions referring to users is talking about the OS environment. I also tried to find EPEL build logs to see if they had a hint, but I was unsuccessful at finding them as well!

Am I going about this the right way, or is there a different tool that should be used to build this?

2

To clarify what you’re seeing (and for other readers who stumble upon this post): You’re still talking about the %build phase. It looks like things are “installing” during the build, but that’s not actually the case. This is just what is happening during make. The actual “install” is during %install where make install is ran.

If you look at %build and %install in the spec file, there’s nothing that implies news exists on the builder. (The %configure part of %build does not count). The implication is that %pre creates the user and ownership of files/directories is taken care of by %files during package installation, not build. Remember this for later down in this post.

You should almost never build a package in a non-clean environment. Always, always, always use mock to build an RPM.

You don’t. The issue is how you’re invoking/running mock. The behavior you’re describing is not what is occurring for me.

% wget https://kojipkgs.fedoraproject.org//packages/inn/2.7.1/8.fc41/src/inn-2.7.1-8.fc41.src.rpm
% mock -r rocky+epel-9-x86_64 /tmp/inn-2.7.1-8.fc41.src.rpm  --nocheck
. . .
Wrote: /builddir/build/RPMS/inews-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inews-debuginfo-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-devel-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-libs-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-libs-debuginfo-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-debuginfo-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-debugsource-2.7.1-8.el9.x86_64.rpm
Finish: rpmbuild inn-2.7.1-8.fc41.src.rpm
Finish: build phase for inn-2.7.1-8.fc41.src.rpm
INFO: Done(/tmp/inn-2.7.1-8.fc41.src.rpm) Config(rocky+epel-9-x86_64) 3 minutes 29 seconds
INFO: Results and/or logs in: /var/lib/mock/rocky+epel-9-x86_64/result
Finish: run

This tells me you are likely running mock as root, when you should be running it as a non-root user who is in the mock group.

% id
uid=11011(rpmbuild) gid=11011(rpmbuild) groups=11011(rpmbuild),135(mock) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
3

No, I’m running this as myself, but I’m getting errors like this

for D in /usr /usr/libexec/news /usr/libexec/news/auth /usr/libexec/news/auth/resolv /usr/libexec/news/auth/passwd /usr/libexec/news/control /usr/libexec/news/filter /usr/libexec/news/rnews.libexec /var/lib/news /usr/doc /etc/news /var/lib/news/http /usr/lib64 /usr/share/perl5/vendor_perl /usr/share/perl5/vendor_perl/INN /usr/share/perl5/vendor_perl/INN/Utils /usr/share /usr/share/man /usr/share/man/man1 /usr/share/man/man3 /usr/share/man/man3 /usr/share/man/man5 /usr/share/m
an/man8 /var/spool/news /var/lib/news/tmp /var/spool/news/archive /var/spool/news/articles /var/spool/news/incoming /var/spool/news/incoming/bad /var/spool/news/innfeed /var/spool/news/overview /var/spool/news/outgoing /var/log/news /var/log/news/OLD /usr/include ; do \
    support/install-sh -o news -g news -m 0755 -d /builddir/build/BUILDROOT/inn-2.7.2-1.el9.x86_64$D ; \
done
chgrp: invalid group: 'news'
chown: invalid user: 'news'
chown: invalid user: 'news'
chown: invalid user: 'news'
chown: invalid user: 'news'

But I think you’ve provided a clue, anyway… the FC41 version of the srpm has only the one patch file (the epel version has 11), and this make it clearer what’s going on; this one patch file is mangling the makefile.in to remove references to “-o news -g news” and that’s howo it’s working around it.

I’d missed this in the noise of the EPEL version.

This is leading me down the right path now :slight_smile:

Thanks!

4

Both the Fedora and EPEL packages have the same patch that change that. If you didn’t bring that patch, then yes that’s the start of the issue.

[rpmbuild@router SOURCES]$ grep -- '-o $(RUNASUSER)' *
inn-2.7.0-fedora.patch:-OWNER           = -o $(RUNASUSER) -g $(RUNASGROUP)
inn-2.7.0-fedora.patch:-ROWNER          = -o $(RUNASUSER) -g $(RNEWSGROUP)

[rpmbuild@router inn3]$ grep -- '-o $(RUNASUSER)' *
inn-2.4.3.rh.patch:-OWNER               = -o $(RUNASUSER) -g $(RUNASGROUP)
inn-2.4.3.rh.patch:-ROWNER              = -o $(RUNASUSER) -g $(RNEWSGROUP)

There is also a reason for the number of patches between EPEL7 (2.5.5) and Fedora (2.7.1). A lot of patches in EPEL7 made changes that aren’t needed in 2.7.X.

[rpmbuild@router inn-2.5.5]$ grep 'xroot' * -R
backends/Makefile:      if [ x"$$ME" = xroot ] ; then \

. . .
        touch $@
        chown $(RUNASUSER) $@
        chgrp $(RUNASGROUP) $@
        chmod $(FILEMODE) $@
. . .

[rpmbuild@router inn-2.7.1]$ grep xroot * -R
backends/Makefile:      if [ x"$$ME" = xroot ] ; then \
Makefile:       if [ x"$$ME" = xroot ] ; then \
site/Makefile:  if [ x"$$ME" = xroot ] ; then \
site/Makefile:  if [ x"$$ME" = xroot ] ; then \
site/Makefile:      if [ x"$$ME" = xroot ] || [ x"$$ME" = x"$(RUNASUSER)" ] ; then \

. . .
        if [ x"$$ME" = xroot ] ; then \
            chown $(RUNASUSER) $@ ; \
            chgrp $(RUNASGROUP) $@ ; \
        fi
. . .

This was the only reason why I brought up root. The assumption is you were using the same singular patch between the two and even with it, you were still getting errors due to running as root.

[root@router tmp]# mock -r rocky+epel-9-x86_64 /tmp/inn-2.7.1-8.fc41.src.rpm --nocheck
. . .
libtool: warning: '/builddir/build/BUILD/inn-2.7.1/lib/libinn.la' has not been installed in '/usr/lib64'
libtool: install: ../support/install-sh -p -o root -g news -m 4550 -S .OLD .libs/innbind /builddir/build/BUILDROOT/inn-2.7.1-8.el9.x86_64/usr/libexec/news/innbind
chgrp: invalid group: 'news'

. . .

[root@router tmp]# su - rpmbuild
[rpmbuild@router ~]$ mock -r rocky+epel-9-x86_64 /tmp/inn-2.7.1-8.fc41.src.rpm --nocheck
. . .
Wrote: /builddir/build/RPMS/inews-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inews-debuginfo-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-devel-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-libs-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-libs-debuginfo-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-debuginfo-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-2.7.1-8.el9.x86_64.rpm
Wrote: /builddir/build/RPMS/inn-debugsource-2.7.1-8.el9.x86_64.rpm
Finish: rpmbuild inn-2.7.1-8.fc41.src.rpm
Finish: build phase for inn-2.7.1-8.fc41.src.rpm
INFO: Done(/tmp/inn-2.7.1-8.fc41.src.rpm) Config(rocky+epel-9-x86_64) 3 minutes 29 seconds
INFO: Results and/or logs in: /var/lib/mock/rocky+epel-9-x86_64/result
Finish: run
5

Yeah, the patch needed a minor adjustment to work with 2.7.2 and there’s a few extra files to add in to the spec file, but I’ve been able to build a new rpm.

% ls /var/lib/mock/rocky+epel-9-x86_64/result/             
build.log
hw_info.log
inews-2.7.2-0.el9.x86_64.rpm
inews-debuginfo-2.7.2-0.el9.x86_64.rpm
inn-2.7.2-0.el9.src.rpm
inn-2.7.2-0.el9.x86_64.rpm
inn-debuginfo-2.7.2-0.el9.x86_64.rpm
inn-debugsource-2.7.2-0.el9.x86_64.rpm
inn-devel-2.7.2-0.el9.x86_64.rpm
inn-libs-2.7.2-0.el9.x86_64.rpm
inn-libs-debuginfo-2.7.2-0.el9.x86_64.rpm
installed_pkgs.log
root.log
state.log

Now I just need to test it :slight_smile:

6

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.