Dne 16.9.2016 v 17:00 Pavel Raiskup napsal(a):
> Hi all,
> this is probably proper place for such discussions -- I am curious what is the
> plan with Docker stuff within Copr project.
> Do you plan to make Fedora's copr hardly dependant on Docker images?
You mean the commit 25c7d91bfdc895bb0d63f3b06fa1399b507fff14 ?
Previous week we worked on Mock security issue. This is fixed now. However it
raised the question: is it smart to run
mock-scm, pyp2rpm, gem2spec... directly on copr-dist-git machine? It is run
under non-privileged user, but still...
I can think about some attack vectors. For obvious reasons I will not disclose
So we wanted to build SRPM in environment, which will be discarded after SRPM
build and hard to escape.
There are several ways how to implement it. But we chosen builds in Docker
container. It will be used just for SRPM
build. Nothing more. Is it problem for you?
Miroslav Suchy, RHCA
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys
copr-devel mailing list -- email@example.com
To unsubscribe send an email to copr-devel-le...@lists.fedorahosted.org