#34176: Tor Browser Nightly external server support -------------------------------------------------+--------------------- Reporter: sysrqb | Owner: tpa Type: task | Status: new Priority: Medium | Milestone: Component: Internal Services/Tor Sysadmin Team | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: -------------------------------------------------+---------------------
Comment (by sysrqb): Replying to [comment:4 anarcat]: > > What do you think? > > I need to talk with the team about this, we have the change of guard tomorrow, let me see if I can poke at this problem again then. To be clear, the current plan is we (Tor Browser devs) get an external server and we maintain it ourselves, in the short-term. I'll take on this responsibility. At some time in the future (but not too far in the future), TPA receive additional budget for adding a machine large enough for building Tor Browser Nightly. We then migrate the nightly build setup onto the new server and cancel the old machine. > > What, exactly, do you need to run as root? Could we encapsulate only a subset of the build to run as root? Not easily in the current architecture of the build system. The system alternates between configuring a clean build environment (and installing dependencies) and then building the component. Currently, the build system runs the following programs as root (in addition to executing dynamically created build (shell) scripts at run- time): {{{ sudo tar sudo ip netns add sudo ip netns exec sudo runc run sudo ip netns delete sudo mkdir sudo cp sudo chown sudo rm sudo runc --version sudo id sudo useradd ... }}} > > How about if we give you the ability to run Docker containers? I've never tried runc-in-docker, but maybe? ticket:23631#comment:2 describes some problems with directly using Docker. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34176#comment:5> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs