buildbox-run-userchroot must own chroot to install devices
Currently, userchroot requires whoever invokes userchroot /path/to/chroot --install-devices
to own /path/to/chroot
. This means that buildbox-run-userchroot cannot install the devices, when using local cas protocol. This is because, in the local cas protocol, buildbox-casd should own the stage directory (/path/to/chroot
) and should run as a different user than the runner.
We have a few options, going forward on how to resolve this issue.
-
Patch userchroot to not perform this check This is probably the best approach. It is unclear why userchroot performs this check to begin with.
-
the buildbox-run-userchroot user owns the chroot Not sure if this will work, userchroot requires the chroots to have restricted permissions. Consequently, if buildbox-run-userchroot owns the chroot, buildbox-casd will not be able to stage directories into it.
-
buildbox-casd installs the devices itself Not a clear way to do this, without information of the runner leaking to casd. Maybe the runners can request arbitrary work for casd to perform, before the runners execute the command themselves?