0.6.1: Add checks to ensure mock is not in a container

This commit is contained in:
Louis Abel 2023-04-07 12:14:06 -07:00
parent 44947ef406
commit 4e02e89ed2
Signed by untrusted user: label
GPG Key ID: B37E62D143879B36
4 changed files with 26 additions and 4 deletions

View File

@ -1 +1 @@
__version__ = '0.6.0' __version__ = '0.6.1'

View File

@ -9,9 +9,30 @@ test -f {{ isoname }} && { echo "ERROR: ISO ALREDY EXISTS!"; exit 1; }
major=$(grep loop /proc/devices | cut -c3) major=$(grep loop /proc/devices | cut -c3)
for index in 0 1 2 3 4 5; do for index in 0 1 2 3 4 5; do
mknod /dev/loop$index $major $index mknod /dev/loop$index b $major $index
done done
{% else %} {% else %}
# This section is typically for mock. It is possible to run mock within a
# container, but we generally don't like this. Even though we can do this,
# it does not mean that livemedia-creator is going to work. There are ways
# around this, such as making sure the container is privileged to have loop
# devices, and the loop devices should exist on the host. After, the loop
# devices have to be cleaned up.
#
# The lorax devs have a way of doing this, but it requires privleges and
# the containers cannot be root, as far as I understand it. Having root
# containers is bad practice IMO.
#
# Even so, we don't support it. These checks are to prevent (you) from
# getting needless headaches.
[[ -f /run/.containerenv ]]; container_ec=$?
grep -q "0::/$" /proc/1/cgroup; pid_ec=$?
grep -q "0::/$" /proc/self/cgroup; self_ec=$?
if [[ "$pid_ec" == "0" ]] || [[ "$container_ec" == 0 ]] || [[ "$self_ec" == 0 ]]; then
exit 23
fi
cd /builddir cd /builddir
{% endif %} {% endif %}

View File

@ -1828,7 +1828,8 @@ class LiveBuild:
bad_exit_list = [] bad_exit_list = []
checksum_list = [] checksum_list = []
entry_name_list = [] entry_name_list = []
self.log.warn(Color.WARN + 'This mode does not work properly. It will fail.') self.log.warn(Color.WARN + 'There is no support for podman in empanadas.')
self.log.warn(Color.WARN + "If this fails, it's on you to determine the fix.")
for i in images: for i in images:
image_name = i image_name = i
entry_name = f'buildLiveImage-{arch}-{i}.sh' entry_name = f'buildLiveImage-{arch}-{i}.sh'

View File

@ -1,6 +1,6 @@
[tool.poetry] [tool.poetry]
name = "empanadas" name = "empanadas"
version = "0.6.0" version = "0.6.1"
description = "hand crafted ISOs with love and spice" description = "hand crafted ISOs with love and spice"
authors = ["Louis Abel <label@rockylinux.org>", "Neil Hanlon <neil@rockylinux.org>"] authors = ["Louis Abel <label@rockylinux.org>", "Neil Hanlon <neil@rockylinux.org>"]