Build control-center in mock fail
walters at verbum.org
Sat May 25 15:51:56 UTC 2013
On Sat, 2013-05-25 at 11:15 -0400, Nico Kadel-Garcia wrote:
[The build hosts do not have outside network access]
> That's very specific to the Fedora build environment. Difficult to
> replicate in the field without a huge local build structure!
If you do it using firewalls, yes, quite annoying. But not if you use
Linux container features; linux-user-chroot allows using some of them
in a (relatively) safe way as non-root:
$ ping -c 1 google.com
PING google.com (184.108.40.206) 56(84) bytes of data.
64 bytes from lga15s34-in-f2.1e100.net (220.127.116.11): icmp_seq=1 ttl=54 time=39.9 ms
--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 106ms
rtt min/avg/max/mdev = 39.956/39.956/39.956/0.000 ms
$ linux-user-chroot --unshare-net / ping -c 1 google.com
ping: unknown host google.com
This is how the gnome-ostree build system builds completely as
non-root *and* denies network access during the build process.
More information about the devel