I don't quite agree with that being the default but I understand. The patch works as intended. Thanks!
Thanks Kimo ----- Original Message ----- > From: Bryan Drewery <[email protected]> > To: Kimo Rosenbaum <[email protected]>; "[email protected]" > <[email protected]> > Cc: > Sent: Friday, October 11, 2013 4:14 AM > Subject: Re: poudriere and networking > > On 10/11/2013 1:33 AM, Kimo Rosenbaum wrote: >> Hello, >> >> I'm running poudriere-devel-3.0.99.20130927 on 9.1-RELEASE. I'm > trying to build a private port which requires downloading files after the > extract target. However, it seems as though networking isn't available after > post-fetch. I do have RESOLV_CONF set in poudriere.conf and cat'ing > /etc/resolv.conf in post-patch shows the correct contents. The build is able > to > run the fetch but once past post-fetch I can't do any DNS lookups nor ping > anything external. The host itself can do those things. Also when I enter the > jail via jexec I can perform those things. >> >> Any ideas? >> >> Thanks >> Kimo > > This is done for security. During build, the code running is untrusted. > We don't want it to reach out and scan/infect your network during a build. > > I do understand you're building a private port though. I would add a > flag to override this per port, but I worry some porter would put it in > their FreeBSD port where it does not belong. > > You can apply a patch like this to your > /usr/local/share/poudriere/common.sh to work around the issue: > >> --- src/share/poudriere/common.sh >> +++ src/share/poudriere/common.sh >> @@ -1402,14 +1402,10 @@ >> fi >> return 1 >> fi >> fi >> >> - if [ "${phase}" = "checksum" ]; > then >> - jstop >> - jstart 0 > >> - fi >> print_phase_footer >> >> if [ "${phase}" = "checksum" ]; > then >> mkdir -p ${mnt}/portdistfiles >> echo "DISTDIR=/portdistfiles" >> > ${mnt}/etc/make.conf > > > -- > Regards, > Bryan Drewery > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[email protected]"
