On 28/02/2020 15.17, Michael Catanzaro wrote: > Please revert the runner changes until you have time to fix this. Our CI > has been basically unusable all week and that blocks flatpak pushes.
All issues with user namespaces on gcc* runners should be resolved by now. It slipped my mind to set it persistently in sysctl.conf and runners were rebooted right after I left for vacation. On 03/03/2020 06.41, Philip Chimento via desktop-devel-list wrote: > I have little knowledge of this problem space so I don't even know whereto > start to debug this. Is this the same privileges problem as "bwrap: Creating > new namespace failed" described earlier in the thread, or is it something > different? (...) > Also, has anyone successfully gotten a CI job that uses lsan or asan to > work in the unprivileged setup? (See my previous question about > CAP_SYS_PTRACE.) I've poked around yesterday and it's apparently not as trivial to run buildah unprivileged in a container as it was the last time I tried. I don't see better way than tagging jobs privileged at the moment. I can apply a custom seccomp profile if that helps, but someone has to write it. Bart _______________________________________________ desktop-devel-list mailing list desktop-devel-list@gnome.org https://mail.gnome.org/mailman/listinfo/desktop-devel-list
