AdrianVovk opened a new issue, #1885:
URL: https://github.com/apache/buildstream/issues/1885
Basically, whenever a file exists w/ a mode of 0000 in a directory that
BuildStream will try to cache, the job BuildStream is executing will fail.
I can reproduce this with the following versions. It didn't used to happen
with older versions of bst2 (or bst1 for that matter)
- BuildStream 2.1.0
-
`/usr/local/lib64/python3.11/site-packages/buildstream/subprojects/buildbox/buildbox-casd
1.0.0-0-g824ee5f`
Here's a trivial reproducer element:
```yaml
kind: manual
build-depends:
- buildsystems/base.bst # Basic CLI environment
config:
install-commands:
- touch %{install-root}/foo
- chmod 000 %{install-root}/foo
```
If you try to build this element, you'll get the following failure (TL;DR:
it's a permission denied error trying to access /buildsteream-install/foo in
the container)
```
2023-12-11T18:03:34.906-0500 [1542603:140399133368256]
[buildboxcommon_runner.cpp:437] [ERROR]
[actionDigest=b763e5057f3167fb391ded391c34753b52287a66021277b4fe025ce3d75947f6/178]
Error executing command: std::runtime_error exception thrown at
[buildboxcommon_localcasstageddirectory.cpp:124], errMsg = "Error capturing
"buildstream/carbonOS/test.bst/../../../buildstream-install" in
"/var/home/adrian/.cache/buildstream/cas/staging/cas-tmpdirTeNNPU": System
error in `make_nesteddirectory()` for path
"buildstream/carbonOS/test.bst/../../../buildstream-install": std::system_error
exception thrown at [buildboxcommon_merklize.cpp:69] [system:13], errMsg =
"Failed to open path "foo"", errno : Permission denied"
[00:00:00] FAILURE test.bst: Running commands
[00:00:01] FAILURE [6371c55b] test.bst: buildbox-run failed with returncode 1
```
An alternative way to trigger it looks something like the following. The
failure will happen right after all the integration commands finish running for
`bst build test2.bst` or `bst shell --build test2.bst`
```yaml
# test1.bst
kind: stack
depends:
- buildsystems/base.bst
public:
bst:
integration-commands:
- touch /foo
- chmod 000 /foo
```
```yaml
# test2.bst
# <...>
build-depends:
- test1.bst
# <...>
# <...>
```
The way I actually triggered this in my carbonOS build is an element that
runs `systemd-sysusers` as an integration command. This command creates the
files /etc/shadow and /etc/gshadow inside of the container, which BuildStream
will try to capture. However, /etc/shadow and /etc/gshadow typically have their
mode set to 0000. So, when systemd-sysusers creates the file like this, we get
the failure. My workaround for now is to set the integration commands like so:
```yaml
# <...>
integration-commands:
- systemd-sysusers
- chmod 400 %{sysconfdir}/{,g}shadow
# <...>
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
