Date: Fri, 11 Oct 2013 20:10:29 +0300 From: Alexander Yerenkow <yerenkow@gmail.com> To: Kimo Rosenbaum <kimor79@yahoo.com> Cc: "freebsd-ports@freebsd.org" <freebsd-ports@freebsd.org>, Bryan Drewery <bdrewery@freebsd.org> Subject: Re: poudriere and networking Message-ID: <CAPJF9wnZ=VjysOmnMdPeWVmoWEzzF8aeXzsO59QzAjRsV349PA@mail.gmail.com> In-Reply-To: <1381510700.37006.YahooMailNeo@web142806.mail.bf1.yahoo.com> References: <1381473199.36649.YahooMailNeo@web142801.mail.bf1.yahoo.com> <5257DDA8.5080202@FreeBSD.org> <1381510700.37006.YahooMailNeo@web142806.mail.bf1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I'd suggest to you anyway investigate what are downloaded, and why; If it's some static files - you could try to add them to distfiles, and replace places where they are trying download from web to file; e.g. find somewhere http://site/your.file and try to replace it with file://$DISTFILES/your.file 2013/10/11 Kimo Rosenbaum <kimor79@yahoo.com> > I don't quite agree with that being the default but I understand. The > patch works as intended. Thanks! > > > Thanks > Kimo > > > > ----- Original Message ----- > > From: Bryan Drewery <bdrewery@FreeBSD.org> > > To: Kimo Rosenbaum <kimor79@yahoo.com>; "freebsd-ports@freebsd.org" < > freebsd-ports@freebsd.org> > > Cc: > > Sent: Friday, October 11, 2013 4:14 AM > > Subject: Re: poudriere and networking > > > > On 10/11/2013 1:33 AM, Kimo Rosenbaum wrote: > >> Hello, > >> > >> I'm running poudriere-devel-3.0.99.20130927 on 9.1-RELEASE. I'm > > trying to build a private port which requires downloading files after the > > extract target. However, it seems as though networking isn't available > after > > post-fetch. I do have RESOLV_CONF set in poudriere.conf and cat'ing > > /etc/resolv.conf in post-patch shows the correct contents. The build is > able to > > run the fetch but once past post-fetch I can't do any DNS lookups nor > ping > > anything external. The host itself can do those things. Also when I > enter the > > jail via jexec I can perform those things. > >> > >> Any ideas? > >> > >> Thanks > >> Kimo > > > > This is done for security. During build, the code running is untrusted. > > We don't want it to reach out and scan/infect your network during a > build. > > > > I do understand you're building a private port though. I would add a > > flag to override this per port, but I worry some porter would put it in > > their FreeBSD port where it does not belong. > > > > You can apply a patch like this to your > > /usr/local/share/poudriere/common.sh to work around the issue: > > > >> --- src/share/poudriere/common.sh > >> +++ src/share/poudriere/common.sh > >> @@ -1402,14 +1402,10 @@ > >> fi > >> return 1 > >> fi > >> fi > >> > >> - if [ "${phase}" = "checksum" ]; > > then > >> - jstop > >> - jstart 0 > > > >> - fi > >> print_phase_footer > >> > >> if [ "${phase}" = "checksum" ]; > > then > >> mkdir -p ${mnt}/portdistfiles > >> echo "DISTDIR=/portdistfiles" >> > > ${mnt}/etc/make.conf > > > > > > -- > > Regards, > > Bryan Drewery > > > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" > -- Regards, Alexander Yerenkow
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPJF9wnZ=VjysOmnMdPeWVmoWEzzF8aeXzsO59QzAjRsV349PA>