| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
o _platform/linux.py: Add linux32 flag to send to sandbox bwrap when the
build arch is x86-32 and the machines arch is x86-64 or similarly with
aarch32 and aarch64.
o sandbox/_sandboxbwrap.py: Use flag passed to start bwrap command with
linux32 if set.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
command failure
If `bwrap` fails to set up the sandbox and start the payload command
it won't write an exit-code in --json-status-fd,
so we can report if it was a sandboxing failure if we don't get exit-code status
and a payload command failure if we do and it's non-zero.
Closes https://gitlab.com/BuildStream/buildstream/issues/286
|
| |
|
|
|
|
|
|
| |
Currently we would make sure the sandbox had a command before
converting it to a list if it was given as a string. That meant that a string
command would never exist and the check be invalid.
This also adds the same logic in the dummy sandbox for consistency.
|
| |
|
|
|
|
|
| |
Sometimes `dict.get()` is preferable, in this instance it's less clear
so we'll disable that lint
Signed-off-by: Daniel Silverstone <daniel.silverstone@codethink.co.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The code was creating the cwd folder but when the workspace was
mounted in to the buildroot it was hiding the folder created in it
behind the bind mounted workspace.
However by using the bubblewarp `--dir` directive to ensure that cwd
exists we can cover both workspace and non workspace situations with
the same method.
For issue #512 in Gitlab.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Naive getcwd implementations (such as in bash 4.4) can break
when bind-mounts to different paths on the same filesystem are present,
since the algorithm needs to know whether it's a mount-point
to know whether it can trust the inode value from the readdir result
or to use stat on the directory.
Less naive implementations (such as in glibc) iterate again using stat
in the case of not finding the directory because the inode in readdir was wrong,
though a Linux-specific implementation could use name_to_handle_at.
Letting the command know what directory it is in makes it unnecessary
for it to call the faulty getcwd in the first place.
|
| | |
|
| | |
|
| |
|
|
| |
Fixes #498
|
| |
|
|
|
| |
sandbox/_mount.py, sandbox/_sandboxbwrap.py:
Remove instances of get_directory
|
| |
|
|
|
|
|
| |
Before running a command in the sandbox, check its existence and fail
early if it does not.
This fixes issue #289.
|
| |
|
|
| |
Fixes #424
|
| |
|
|
|
|
|
|
|
| |
The cleanup was supposed not to remove folders (`/dev`, `/tmp`, `/proc`) if
they already existed before bwrap but it did the opposite: it tried to remove
them if they existed before, and didn't remove them if they were created during
bwrap. This was caused by a `not` clause, and this removes it.
Fixes #379
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This only affects SandboxBWrap at the moment.
buildstream/_loader.py: Add Symbol.SANDBOX and allow it in validation
buildstream/_metaelement.py: Add 'sandbox' variable and store it in the object
buildstream/_project.py: Add 'sandbox' configuration key and load it from
project.conf.
buildstream/data/projectconfig.yaml: Default build-uid/build-gid values of 0
for 'sandbox'.
buildstream/element.py: Add __extract_sandbox_config to find the final sandbox
configuration. Pass this to the sandbox constructor.
buildstream/sandbox/_sandboxbwrap.py: If sandbox configuration was supplied,
use it for uid and gid instead of the default 0.
buildstream/sandbox/_sandboxchroot.py: Throw exception if non-0 uid/gid were
supplied.
buildstream/sandbox/__init__.py: Import SandboxConfig.
buildstream/sandbox/_private.py: New file, containing SandboxConfig. Made private
to avoid documentation for this class.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running a sandbox in interactive mode (implies `bst shell` was launched
or an interactive shell for debugging), dont bail out when cleaning up
directories which are not empty.
We treat this as a bug, if any of the base sandbox directories (/dev,
/tmp or /proc) are not empty when tearing down the sandbox, because
it would indicate something is wrong with bwrap.
When in interactive mode however, the user/project may have mounted
additional directories inside these base directories; for which we
need to create intermediate directories for the mount.
Instead of keeping track of every intermediate directory, just force
remove in interactive mode, as this is safe.
Ideally, we should fix upstream bwrap to cleanup the debris it creates
when exiting.
|
| | |
|
| |
|
|
|
|
|
| |
This ensures subprocesses are cleaned up when the bwrap parent dies.
This is available since bubblewrap 0.1.8. We skip the option if the host
bwrap does not support it.
|
| |
|
|
| |
Isolate sandbox processes from System V IPC.
|
| |
|
|
|
| |
Set hostname to buildstream in build sandbox to reduce host
contamination.
|
| |
|
|
|
|
| |
This allows D-Bus access.
Fixes #227
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This functionality is only supported for sources which have an open
workspace. When such sources are present, the workspace directory will
be mounted directly inside the sandbox. As opposed to the default
behavior, which is to copy files inside the sandbox.
This will save time when building large projects as only those files
will need be re-compiled that have been modified during two consecutive
builds (assuming the underlying build system supports such behavior).
A few things to note regarding this behavior:
- If there are any `configure-commands` present, they will run only once
for each open workspace. If an element has multiple workspaces and any
one of them is opened/closed, they will be executed again on the next
run. But, modifying the contents of a workspace will not trigger the
`configure-commands` to be executed on the next run.
- Workspaced builds still leverage the cache. So, if no changes are made
to the workspace, i.e. no files are modified, then it will not force a
rebuild.
Fixes #192.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Part of the fix for #92
|
| | |
|
| | |
|
| |
|
