Package: sbuild
Tags: moreinfo patch
X-Debbugs-Cc: m...@debian.org
Hi,
I noticed that sbuild --mode=schroot does not support --no-enable
network. As it happens, unschroot[1] supports --isolate-network and all
that's missing here is passing that flag. Of course, that's not the
default schroot implementation and schroot may end up using a different
flag name. Still, I'm posting the patch that makes it work practically
for future reference.
Helmut
[1]
https://git.subdivi.de/~helmut/python-linuxnamespaces.git/tree/examples/unschroot.py
--- a/usr/share/perl5/Sbuild/ChrootSchroot.pm
+++ b/usr/share/perl5/Sbuild/ChrootSchroot.pm
@@ -107,12 +107,14 @@
my $self = shift;
my $dir = shift;
my $user = shift;
+ my $disable_network = shift // 0;
return ($self->get_conf('SCHROOT'),
'-d', $dir,
'-c', $self->get('Session ID'),
'--run-session',
@{$self->get_conf('SCHROOT_OPTIONS')},
+ $disable_network ? ('--isolate-network') : (),
'-u', "$user", '-p', '--');
}
@@ -134,7 +136,11 @@
my $disable_network = 0;
if (defined($options->{'ENABLE_NETWORK'}) && $options->{'ENABLE_NETWORK'} == 0) {
- print STDERR "Disabling the network for this command was requested but the schroot backend doesn't support this feature yet: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802849\n"; if $self->get_conf('DEBUG');
+ if ($self->get_conf('SCHROOT') =~ /unschroot/) {
+ $disable_network = 1;
+ } else {
+ print STDERR "Disabling the network for this command was requested but the schroot backend doesn't support this feature yet: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802849\n"; if $self->get_conf('DEBUG');
+ }
}
# Command to run. If I have a string, use it. Otherwise use the list-ref
@@ -156,7 +162,7 @@
$dir = '/';
}
- my @cmdline = $self->_get_exec_argv($dir, $user);
+ my @cmdline = $self->_get_exec_argv($dir, $user, $disable_network);
if (ref $command) {
push @cmdline, @$command;
