Philip Chimento commented:
I'm so happy this could be done. It's really going to save me a lot of time,
and prevent a lot of frustration from contributors.
--
Reply to this email directly or view it on GitLab:
https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/370#note_870994
Michael Catanzaro commented:
Thanks!
--
Reply to this email directly or view it on GitLab:
https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/370#note_870856
You're receiving this email because of your account on gitlab.gnome.org.
Bartłomiej Piotrowski commented:
@mcatanzaro @pwithnall There are 4 shared runners with `asan` tag which have
SYS_PTRACE passed to Docker. I have submitted MRs to glib-networking and gjs
enabling them; please poke me somewhere if you notice any problems.
--
Reply to this email directly or
Issue was closed by Bartłomiej Piotrowski
Issue #370: https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/370
--
Reply to this email directly or view it on GitLab:
https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/370
You're receiving this email because of your
Sri Ramkrishna commented:
I'm watching this issue as I'm also working on a ci runner.
I can understand that turning off CI for external contributors in World when ci
runner resources are limited is a good thing.
But I'm hoping that we can still use it for extensions rebooted. If I have to
Michael Catanzaro commented:
> I find it hard to believe you don't know security implications of granting
> `SYS_PTRACE` to CI which runs completely arbitrary loads, not to mention
> runners no longer run with `--privileged` after it was reported it breaks
> glib test suite as well.
Bartłomiej Piotrowski commented:
I find it hard to believe you don't know security implications of granting
`SYS_PTRACE` to CI which runs completely arbitrary loads, not to mention
runners no longer run with `--privileged` after it was reported it breaks glib
test suite as well.
We likely
Michael Catanzaro commented:
BTW, the error message:
```
==277==LeakSanitizer has encountered a fatal error.
==277==HINT: For debugging, try setting environment variable
LSAN_OPTIONS=verbosity=1:log_threads=1
==277==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
```
--
Michael Catanzaro created an issue:
https://gitlab.gnome.org/Infrastructure/Infrastructure/-/issues/370
For the past couple of months, we've needed privileged runners to run tests
with asan. It seems to be a regression caused by changes to the container
system the CI runs in. It means that
