On Wed, Jan 18, 2023 at 01:02:34PM +0100, Arkadiusz Miśkiewicz via pld-devel-en wrote: > On 18.01.2023 09:56, Jan Palus wrote: > >On 18.01.2023 07:54, Arkadiusz Miśkiewicz via pld-devel-en wrote: > >>On 17.01.2023 12:23, Jan Palus wrote: > >>>Noticed during build of kodi-addon-inputstream-adaptive that contrary to > >>>x86_64 and i686, x32 builder downloaded external sources successfully: > >> > >>bind was installed there and seems that even if there is no access to > >>/etc/resolv.conf glibc fallbacks to querying 127.0.0.1:53 > >> > >>Uninstalled. > >> > >>The best would be to change UID of "builder" user used inside of chroot > >>and drop all outgoing packets coming from it at iptables level. > > > >Or perhaps modify pld-builder to make each rpmbuild invocation in a new > >network namespace via `unshare -n -c`. That would effectively cut whole > >network for the process. > > We can try that... commited.
i686 and x86_64 say: "unshare: unshare failed: Operation not permitted" Still waiting for x32 (seems busy with openjdks). -- Jakub Bogusz http://qboosh.pl/ _______________________________________________ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
