Thank you for the quick reply. On 4/9/21 8:46 PM, Johannes Schauer Marin Rodrigues wrote: > Hi, > > Quoting bauen1 (2021-04-09 18:58:37) >> Please add support to the unshare chroot backend to unshare the network >> namespace. >> >> As per debian policy v4.5.1.0 >> https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules: >> >>> For packages in the main archive, no required targets may attempt network >>> access, except, via the loopback interface, to services on the build host >>> that have been started by the build. >> >> For these and similar scenarios It would be useful if sbuild unshare could be >> configured to prevent network access except for the loopback interface, by >> unsharing the network namespace and bringing up the loopback interface while >> still root. > > I don't understand. What bug do you see? The network namespace is already > unshared and only the loopback interface active in the unshare backend: > > https://sources.debian.org/src/sbuild/0.81.2/lib/Sbuild/Build.pm/?hl=2470#L2470
I'm sorry, I missed that. > Where is the bug? You can close it then :) > Thanks! -- bauen1 https://dn42.bauen1.xyz/
