This is an automated email from the ASF dual-hosted git repository.
bneradt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/trafficserver-ci.git
The following commit(s) were added to refs/heads/main by this push:
new 5be2630 Revert privilege escalation for centos pipeline (#415)
5be2630 is described below
commit 5be26304d0128df5184eef21619b22f34e9abff2
Author: Brian Neradt <[email protected]>
AuthorDate: Tue Dec 23 17:16:56 2025 -0600
Revert privilege escalation for centos pipeline (#415)
Remove --cap-add=SYS_PTRACE and --security-opt seccomp=unconfined from
the centos pipeline docker args. These were added to enable ptrace for
crash log backtraces, but they don't work because the Jenkins host has
YAMA ptrace_scope=1, which blocks a child process from ptracing its
parent regardless of container privileges.
Keep --init for proper signal handling in the container.
---
jenkins/github/centos.pipeline | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/jenkins/github/centos.pipeline b/jenkins/github/centos.pipeline
index f935d9e..5d6b577 100644
--- a/jenkins/github/centos.pipeline
+++ b/jenkins/github/centos.pipeline
@@ -4,7 +4,7 @@ pipeline {
image 'ci.trafficserver.apache.org/ats/centos:7'
registryUrl 'https://ci.trafficserver.apache.org/'
label 'docker'
- args '--init --privileged -v ${HOME}/ccache:/tmp/ccache:rw'
+ args '--init -v ${HOME}/ccache:/tmp/ccache:rw'
}
}
environment {
