[buildd-tools-devel] Bug#802850: sbuild: please allow sbuild to run dpkg-buildpackage without network connection besides the loopback interface
Johannes Schauer
josch at debian.org
Sat Oct 24 09:02:16 UTC 2015
Source: sbuild
Version: 0.66.0-5
Severity: wishlist
Control: block -1 by 802849
Hi,
Debian packages must be buildable without access to the internet, so
there should be a way to disable network access when running
dpkg-buildpackage.
Running schroot within an unshared network namespace does not work
because to unshare the network, sbuild needs to unshare the user
namespace too, to become root. And after that is done it cannot execute
schroot anymore because that will complain about
/etc/schroot/schroot.conf not being owned by root anymore. So the
unshare call has to be done by schroot.
Luckily, schroot already has support for it in git master! See bug
#802849.
So when this bug gets fixed, please add support for calling schroot with
"-o unshare.net=true".
Thanks!
cheers, josch
More information about the Buildd-tools-devel
mailing list