buildsys January 2007

buildsys@lists.fedoraproject.org

12 participants
15 discussions

by Zhang, Yanmin

I used pungi on ia64 to try to build CD/DVD images for the FC development tree, and ran into a couple of issues. 1) I used the mirrors/fedora/linux/core/development/ia64/os/repodata/comps.xml. Got below error: /mnt/tmp2/soft/pungi-0.1.0/work/iso/FedoraCore-test/ia64/os/buildinstall.tree.1229 /mnt/tmp2/soft/pungi-0.1 .0/work rpm2cpio: /mnt/tmp2/soft/pungi-0.1.0/work/iso/FedoraCore-test/ia64/os/Fedora/anaconda-runtime-[0-9]*: No su ch file or directory cpio: premature end of archive /mnt/tmp2/soft/pungi-0.1.0/work So anaconda and anaconda-runtime were missed. I changed the comps.xml manually by adding anaconda and anaconda-runtime into base group. The issue disappeared. 2) Then, restarted pungi, but got below error: Wrote /mnt/tmp2/soft/pungi-0.1.0/work/iso/FedoraCore-test/ia64/os/images/stage2.img (94676k) Writing .discinfo file timestamp not specified; using the current time ** Message: sqlite cache needs updating, reading in metadata ** Message: sqlite cache needs updating, reading in metadata du: cannot access `/mnt/tmp2/soft/pungi-0.1.0/work/iso/FedoraCore-test/ia64/os-disc0': No such file or directory Traceback (most recent call last): File "/usr/bin/pungi", line 100, in ? main() File "/usr/bin/pungi", line 47, in main mypungi.doSplittree() File "/usr/lib/python2.4/site-packages/pypungi/pungi.py", line 54, in doSplittree output = timber.main() File "/usr/lib/python2.4/site-packages/pypungi/splittree.py", line 394, in main self.splitRPMS() File "/usr/lib/python2.4/site-packages/pypungi/splittree.py", line 301, in splitRPMS curused = self.getSize("%s-disc%s" % (self.dist_dir, disc), blocksize=1) File "/usr/lib/python2.4/site-packages/pypungi/splittree.py", line 113, in getSize thesize = long(string.split(thesize)[0]) IndexError: list index out of range Yanmin

16 years, 2 months

4
21
0 / 0

RFC: new mock: strategy, selinux, etc.

by Clark Williams

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all, It's been some number of months (six+) since we decided to change the way mock works. We (Michael Brown and I, with input from skvidal and others) came up with a change in how mock launches, manages permissions and runs privileged commands. Old mock (mock-0.6 and previous) is a python script that does some sanity checking (insures that the person running mock is not root and is in the mock group) and then processes the input commands. Whenever it needed to do something that required root privileges, old mock ran a setuid root program named mock-helper. Mock-helper is a C program that knows how to do a limited number of things (mount/unmount, run chroot, etc.). The new mock (mock-0.7 and beyond) turns things around a bit. In new mock, the program /usr/bin/mock is a setuid:root, setgid:mock C program that does one thing only: launches the command "python /usr/libexec/mock.py <args>" in it's own kernel namespace. The mock.py logic still sanity checks that the user is in the mock group and drops privileges to the actual uid while keeping the gid of the process the mock group. As long as we're careful to maintain proper group ownership and permissions of created file and directories, this should go a long way toward fixing the issues we're having with multiple users on a single machine. New mock will no longer use mock-helper. When it needs to do something that requires root privileges, it will elevate it's privilege level to root (using os.setreuid()), execute the command and then drop privileges back to the normal user. All of this is working, although it has not been extensively testing (hello rawhide!). I've merged the BZ bugfixes from the mock-0.6 branch of CVS into the head (which is the new mock) and would like to push the new mock out to rawhide for testing. What I'm looking for from the readership of this list is: 1. Review of strategy and code for security issues 2. Help in formulating an SELinux plan/policy for mock We had some discussion on this issue back in June 2006, but I'd like to look at it one more time before inflicting the new mock on the rawhide faithful. With regard to SELinux, I'm not sure where we need to go with mock. I want mock to function properly and securely on a system running SELinux, but I'm just not sure how to go about that. I've looked at the steps mentioned on: http://fedoraproject.org/wiki/Extras/MockTricks But I'm too SELinux ignorant to be able to make an informed judgment on whether that's the right thing to do. Help on this would be greatly appreciated. Thanks, Clark -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFnS0vHyuj/+TTEp0RAtmUAJ0X6axpPl9UNA8JeSYBeiT++OBtQwCg1/Vj 3NGUFzEmfw5b10NJq3LhxT0= =sIYO -----END PGP SIGNATURE-----

16 years, 2 months

5
15
0 / 0

make tag weirdness

by Gianluca Sforna

Is it just me, or the "make tag" command behaved strangely in this case ? [giallu@hal9001 devel]$ make tag cvs tag -c mantis-1_0_6-2_fc7 ? clog ? mantis-1.0.6 ? mantis-1.0.6-1.fc7.src.rpm ? mantis-1.0.6-2.fc7.src.rpm cvs tag: mantis-httpd.conf is locally modified cvs [tag aborted]: correct the above errors first! make: *** [tag] Error 1 [giallu@hal9001 devel]$ mv mantis-httpd.conf mantis-httpd.conf.new [giallu@hal9001 devel]$ cvs update ? clog ? mantis-1.0.6 ? mantis-1.0.6-1.fc7.src.rpm ? mantis-1.0.6-2.fc7.src.rpm ? mantis-httpd.conf.new cvs update: Updating . cvs update: warning: mantis-httpd.conf was lost U mantis-httpd.conf [giallu@hal9001 devel]$ make tag build cvs tag -c mantis-1_0_6-2_fc7 ? clog ? mantis-1.0.6 ? mantis-1.0.6-1.fc7.src.rpm ? mantis-1.0.6-2.fc7.src.rpm ? mantis-httpd.conf.new ERROR: Tag mantis-1_0_6-2_fc7 has been already created. The following tags have been created so far mantis-1_0_0-0_1_a3_fc5:devel:ensc:1119711001 mantis-0_19_2-2_fc4:FC-4:ensc:1119711469 mantis-0_19_3-1_fc4:FC-4:ensc:1130434051 mantis-1_0_0-0_1_rc4_fc5:devel:ensc:1135352863 mantis-0_19_4-1_fc4:FC-4:ensc:1135352893 mantis-1_0_0-1_fc5:devel:ensc:1140260422 mantis-1_0_1-1_fc5:devel:ensc:1141846123 mantis-1_0_3-1_fc6:devel:ensc:1148279495 mantis-1_0_5-1_fc6:devel:giallu:1160481046 mantis-1_0_5-1_fc5:FC-5:giallu:1161039528 mantis-1_0_5-1_fc5:FC-5:giallu:1161039915 mantis-1_0_5-1_fc5_1:FC-5:giallu:1161076958 mantis-0_19_4-2_fc4:FC-4:giallu:1161388633 mantis-1_0_6-1_fc7:devel:giallu:1162505136 mantis-1_0_6-1_fc6:FC-6:giallu:1162506434 mantis-1_0_6-1_fc5:FC-5:giallu:1162506806 mantis-1_0_6-2_fc7:devel:giallu:1168344682 I mean, the tag is NOT there, since the pre tag check failed, but it seems that now "make tag" believes otherwise. What am I missing?

16 years, 2 months

2
2
0 / 0

Failed to buildup new images on ia64

by Zhang, Yanmin

I installed Fedora Core 6 on my ia64 machine. Then, after getting the new rpms from the latest ia64 development tree, I tried to buildup new iso images by pungi. The buildup failed. Pls. see below log. The new development tree uses python 2.5, but my distribution on machine installs python 2.4. If I replace it with 2.5, lots of other tools will be erased. The iso buildup also needs python 2.5 and the latest anaconda and yum. In the other hand, it looks like only with the new iso image, I could install python 2.5. Is it a chicken-egg issue? Is there any walkaround to install the latest python 2.5/anaconda/yum? Yanmin *************************************************pungi log******************************* Downloading eclipse-pde-3.2.1-23.fc7.ia64.rpm Running buildinstall... /mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438 /mnt/tmp2/soft/work_pungi rpm2cpio: /mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/Fedora/anaconda-runtime-[0-9]*: No such file or directory cpio: premature end of archive /mnt/tmp2/soft/work_pungi cp: cannot stat `/mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438/usr/lib/anaconda-runtime/./upd-instroot*': No such file or directory cp: cannot stat `/mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438/usr/lib/anaconda-runtime/./mk-images*': No such file or directory cp: cannot stat `/mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438/usr/lib/anaconda-runtime/./makestamp.py*': No such file or directory cp: cannot stat `/mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438/usr/lib/anaconda-runtime/./buildinstall*': No such file or directory Building images... /usr/lib/anaconda-runtime/buildinstall: line 134: /mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438/upd-instroot: No such file or directory Creating repository metadata... Making images... /usr/lib/anaconda-runtime/buildinstall: line 146: /mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438/mk-images: No such file or directory Writing .discinfo file /usr/lib/anaconda-runtime/buildinstall: line 149: /mnt/tmp2/soft/work_pungi/pungi/7.01/ia64/os/buildinstall.tree.8438/makestamp.py: No such file or directory /mnt/tmp2/soft/work_pungi/pungi/work/ia64/docs /mnt/tmp2/soft/work_pungi 126 blocks /mnt/tmp2/soft/work_pungi /mnt/tmp2/soft/work_pungi/pungi/work/ia64/docs /mnt/tmp2/soft/work_pungi 4766 blocks /mnt/tmp2/soft/work_pungi Copying release note file RPM-GPG-KEY Copying release note file RPM-GPG-KEY-beta Copying release note file RPM-GPG-KEY-fedora Copying release note file RPM-GPG-KEY-fedora-extras Copying release note file RPM-GPG-KEY-fedora-legacy Copying release note file RPM-GPG-KEY-fedora-rawhide Copying release note file RPM-GPG-KEY-fedora-test Copying release note file RPM-GPG-KEY-rawhide Copying release note file GPL Copying release note file eula.txt Copying release note file README-BURNING-ISOS-en_US.txt Copying release note file RELEASE-NOTES-en_US.html Copying release note file fedora.css Copying release note dir stylesheet-images Traceback (most recent call last): File "/usr/bin/pungi", line 164, in ? main() File "/usr/bin/pungi", line 100, in main mypungi.doSplittree() File "/usr/lib/python2.4/site-packages/pypungi/pungi.py", line 108, in doSplittree output = timber.main() File "/usr/lib/python2.4/site-packages/pypungi/splittree.py", line 393, in main self.createSplitDirs() File "/usr/lib/python2.4/site-packages/pypungi/splittree.py", line 236, in createSplitDirs self.createDiscInfo(i) File "/usr/lib/python2.4/site-packages/pypungi/splittree.py", line 141, in createDiscInfo raise RuntimeError, "CRITICAL ERROR : .discinfo doesn't exist in the unified tree, not splitting" RuntimeError: CRITICAL ERROR : .discinfo doesn't exist in the unified tree, not splitting

16 years, 2 months

2
1
0 / 0

pungi issues

by Phil Meyer

First when building: ... Building images... Assembling package list... Expanding text packages... Expanding graphical packages... retrieving timezones ln: creating symbolic link `/tmp/treedir.29220/instimage/etc/joe/picorc' to `jpicorc': No such file or directory ln: creating symbolic link `/tmp/treedir.29220/instimage/etc/joe/jnanorc' to `jpicorc': No such file or directory ln: creating symbolic link `/tmp/treedir.29220/instimage/etc/joe/nanorc' to `jpicorc': No such file or directory ln: creating symbolic link `/tmp/treedir.29220/instimage/etc/joe/emacsrc' to `jmacsrc': No such file or directory ... I assume that this is harmless Then: ... mv: cannot stat `/tmp/treedir.29220/instimage/etc/man.config': No such file or directory cat: /tmp/treedir.29220/instimage/etc/man.config-old: No such file or directory Running mkfontdir... ... No big deal since I don't want man pages, nor did I specify them in the the comps.xml ... Scrubbing trees... /tmp/treedir.29220/instimage cp: cannot stat `/tmp/treedir.29220/instimage/boot/memtest*': No such file or directory mv: cannot stat `/tmp/treedir.29220/instimage/usr/sbin/busybox.anaconda': No such file or directory ... These might be an issue ... Found keymap override, using it unpacking /big/pungi/6.89/i386/os/Fedora/kernel-2.6.18-1.2868.fc6.i586.rpm.i586 Building initrd.img Wrote /tmp/makebootdisk.initrdimage.7258 (5796k compressed) Building isolinux directory 192000 pixels, 9629 bytes, (89.97% compression) Unknown file type (unallocated) /big/pungi/6.89/i386/os/images/isopath/.. - ignoring and continuing. mkdosfs 2.11 (12 Mar 2005) cannot find package kernel-xen in path /big/pungi/6.89/i386/os/Fedora No i586 kernel, trying i686... unpacking /big/pungi/6.89/i386/os/Fedora/kernel-xen-2.6.18-1.2868.fc6.i686.rpm.i686 Building i686 guest initrd.img Wrote /tmp/makebootdisk.initrdimage.7258 (5808k compressed) Building minstg.img ... Why is the i586 image here?? The result is ALWAYS: ERROR : failed to mount loop: Invalid argument ERROR : Error mounting /dev/loop0 on /mnt/runtime (Invalid Argument) This happens when using the stock /etc/pungi as shipped from extras, and any incarnation of comps.xml that I can put together. For reference: -> cat pungi.conf # Pungi config file # [default] product_name = Fedora Core product_path = Fedora iso_basename = FC comps = /etc/pungi/comps.xml yumconf = /etc/pungi/yum.conf.fc6.i386 destdir = /big/pungi cachedir = /big/pungi/cache arch = i386 version = 6.89 discs = 1 getsource = No -> cat comps.xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE newcomps PUBLIC "-//Red Hat, Inc.//DTD Comps info//EN" "comps.dtd"> <comps> <group> <id>base</id> <name>Base</name> <description>This is the base group.</description> <default>true</default> <uservisible>true</uservisible> <packagelist> <packagereq type="optional">anaconda-runtime</packagereq> <packagereq type="mandatory">authconfig</packagereq> <packagereq type="optional">busybox</packagereq> <packagereq type="optional">dejavu-lgc-fonts</packagereq> <packagereq type="optional">gnome-python2-gtkhtml2</packagereq> <packagereq type="default">grub</packagereq> <packagereq type="optional">kernel</packagereq> <packagereq type="optional">libuser</packagereq> <packagereq type="optional">policycoreutils</packagereq> <packagereq type="optional">selinux-policy</packagereq> <packagereq type="optional">selinux-policy-targeted</packagereq> <packagereq type="optional">xorg-x11-drivers</packagereq> <packagereq type="optional">xorg-x11-fonts-base</packagereq> <packagereq type="optional">xorg-x11-fonts-ISO8859-1-75dpi</packagereq> <packagereq type="mandatory">yum</packagereq> <packagereq type="mandatory">postgresql</packagereq> <packagereq type="optional">postgresql-contrib</packagereq> <packagereq type="optional">postgresql-docs</packagereq> <packagereq type="optional">postgresql-jdbc</packagereq> <packagereq type="optional">postgresql-odbc</packagereq> <packagereq type="optional">postgresql-pl</packagereq> <packagereq type="default">postgresql-python</packagereq> <packagereq type="default">postgresql-server</packagereq> <packagereq type="optional">postgresql-tcl</packagereq> <packagereq type="optional">postgresql-test</packagereq> <packagereq type="default">crypto-utils</packagereq> <packagereq type="default">distcache</packagereq> <packagereq type="mandatory">httpd</packagereq> <packagereq type="default">httpd-manual</packagereq> <packagereq type="default">mod_auth_kerb</packagereq> <packagereq type="default">mod_auth_mysql</packagereq> <packagereq type="default">mod_auth_pgsql</packagereq> <packagereq type="default">mod_authz_ldap</packagereq> <packagereq type="default">mod_perl</packagereq> <packagereq type="default">mod_python</packagereq> <packagereq type="default">mod_ssl</packagereq> <packagereq type="default">php</packagereq> <packagereq type="default">php-ldap</packagereq> <packagereq type="default">php-mysql</packagereq> <packagereq type="default">php-odbc</packagereq> <packagereq type="default">php-pgsql</packagereq> <packagereq type="default">squid</packagereq> <packagereq type="default">tux</packagereq> <packagereq type="default">webalizer</packagereq> </packagelist> </group> </comps>

16 years, 2 months

2
1
0 / 0

← Newer
1
2
Older →

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

buildsys January 2007