| Summary: | Nspawn enabled in mock causes issues running mock in docker. | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Jeremiah Summers <JMiahMan> |
| Component: | RPM Packages | Assignee: | Neal Gompa <ngompa13> |
| Status: | RESOLVED WONTFIX | QA Contact: | |
| Severity: | minor | ||
| Priority: | Normal | CC: | JMiahMan, marja11 |
| Version: | 6 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | mock-1.4.2-1.mga6.src.rpm | CVE: | |
| Status comment: | |||
| Attachments: | patch for the issue | ||
|
Description
Jeremiah Summers
2017-10-06 22:48:01 CEST
Created attachment 9704 [details]
patch for the issue
The simple solution is to just add:
"config_opts['use_nspawn'] = False"
to the mock files as presented in the example patch.CC:
(none) =>
JMiahMan
Marja Van Waes
2017-10-07 15:39:27 CEST
CC:
(none) =>
marja11 Nspawn containers basically do the same thing Docker does, so if you're using mock in Docker, you will want to pass "--old-chroot" to the command to revert to using the chroot() instead, which should work inside of Docker. Nspawn containers automatically namespace out everything, so you don't get collisions between different builds running at the same time, and it makes it far harder for host information to leak into the container and vice versa. I do not intend to change the default, as upstream has intended for nspawn to be used to enhance the security of building packages. Status:
NEW =>
RESOLVED That works, Thanks |