On Thu, Mar 10, 2016 at 05:58:05PM +0100, Karel Gardas wrote:
> On Thu, Mar 10, 2016 at 3:13 PM, Marc Espie <es...@nerim.net> wrote:
> > On Thu, Mar 10, 2016 at 11:53:56AM +0100, Karel Gardas wrote:
> >> This is a sign of not so correct network configuration. MICO is really
> >> picky about it so it should be able to resolve your host name/IP
> >> address. What's failing precisely in the assert above is that it's not
> >> able to get IP for your hostname. Can you confirm that this is the
> >> case?
> >
> > Nope. This is the only port in the tree that doesn't like it when you cut
> > network access during build (which proper build machines have started doing
> > for a while now).
>
> This would be strange since I commonly build MICO w/o any internet connection.
This is not what I'm talking about. I'm talking about explicitly blocking
the build user from any kind of network activity thru pf.
> Indeed, it is, but I guess this was done for a good reason in the past
> and I would rather keep it this way. What I can certainly do for
> 2.3.14 release is to add some clear error message pointing to the
> incorrect network configuration.
It's not an incorrect network configuration, actually. It's just no resolving
some things on localhost.
mico is the only port that wants this. Everything else works peachy.
I've got a very paranoid setup on my build machines.
I just have:
block out quick proto {tcp,udp} from self user pbuild0
oh, and the build is chroot'd to a place that only knows about localhost.
No other port in the trees ever tries to resolve `hostname` during build.
