commit bf707b1b225eb9a91b02df84aafb0993fc97e880 Author: Nicolas Vigier <boklm@torproject.org> Date: Mon Oct 2 19:04:08 2017 +0200 Bug 23734: backport rbm.conf changes from tor-browser-build to tor-messenger-build --- rbm.conf | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/rbm.conf b/rbm.conf index 2178843..b05a20a 100644 --- a/rbm.conf +++ b/rbm.conf @@ -36,7 +36,7 @@ var: build: [% c("build", { filename => 'f', output_dir => '/out' }) %] container: - dir: '[% c("tmp_dir") %]/[% c("uid") %]/rbm-containers/[% sha256(c("build_id")) %]' + dir: '[% c("rbm_tmp_dir") %]/rbm-containers/[% sha256(c("build_id")) %]' user: rbm input_files_list: | [% FOREACH file IN c("input_files_by_name").keys.sort -%] @@ -234,9 +234,6 @@ runc: fi mkdir -p '[% c("var/container/dir") %]'/rootfs/rbm sudo tar -C '[% c("var/container/dir") %]'/rootfs -xf $(ls -1 '[% c("remote_srcdir", { error_if_undef => 1 }) %]/container-image_'*) - cat > '[% c("var/container/dir") %]'/config.json << EOF - [% INCLUDE 'runc-config.json' %] - EOF [% SET user = c("var/container/user") -%] [% c("remote_exec", { exec_as_root => 1, exec_cmd => 'id ' _ user _ ' >/dev/null 2>&1 || adduser -m ' _ user _ ' || useradd -m ' _ user }) %] @@ -244,6 +241,9 @@ runc: remote_exec: | #!/bin/sh set -e + [% IF c("interactive") -%] + echo Container directory: [% shell_quote(c("var/container/dir")) %] + [% END -%] mkdir -p '[% c("var/container/dir", { error_if_undef => 1 }) %]'/rootfs/rbm echo '#!/bin/sh' > '[% c("var/container/dir") %]'/rootfs/rbm/cmd echo [% shell_quote(c('exec_cmd')) %] >> '[% c("var/container/dir") %]'/rootfs/rbm/cmd @@ -252,7 +252,10 @@ runc: echo 'su - [% user %] -c /rbm/cmd' >> '[% c("var/container/dir") %]'/rootfs/rbm/run chmod +x '[% c("var/container/dir") %]'/rootfs/rbm/cmd chmod +x '[% c("var/container/dir") %]'/rootfs/rbm/run - sudo runc start -b '[% c("var/container/dir") %]' rbm-[% sha256(c("build_id", { error_if_undef => 1 })) %] + cat > '[% c("var/container/dir") %]'/config.json << EOF + [% INCLUDE 'runc-config.json' %] + EOF + sudo runc [% IF c("var_p/runc100") %]run[% ELSE %]start[% END %] -b '[% c("var/container/dir") %]' rbm-[% sha256(c("build_id", { error_if_undef => 1 })) %] [% IF c("runc_hide_stderr") %]2>/dev/null[% END %] remote_put: | #!/bin/sh @@ -263,7 +266,10 @@ runc: -%] sudo mkdir -p '[% c("var/container/dir") %]'/rootfs/[% dst %] sudo cp -aP [% src %] '[% c("var/container/dir") %]'/rootfs/[% dst %] - [% c("remote_exec", { exec_as_root => 1, exec_cmd => 'chown -R ' _ c("var/container/user") _ ' ' _ dst }) %] + # On Ubuntu, the /root/.profile file contains a `mesg n` line which is + # producing some `stdin: is not a tty` messages. To hide them, we hide + # stderr from this part by setting runc_hide_stderr. + [% c("remote_exec", { exec_as_root => 1, exec_cmd => 'chown -R ' _ c("var/container/user") _ ' ' _ dst, runc_hide_stderr => 1 }) %] remote_get: | #!/bin/sh @@ -289,3 +295,16 @@ runc: ENV: TZ: UTC LC_ALL: C +--- | + # This part of the file contains options written in perl + use IO::CaptureOutput qw(capture_exec); + ( + var_p => { + # runc100 is true if we are using runc >= 1.0.0 + # we assume that any version that is not 0.1.1 is >= 1.0.0 + runc100 => sub { + my ($out) = capture_exec('sudo', 'runc', '--version'); + return !($out =~ m/^runc version 0.1.1/); + }, + }, + )