Re: sccache(-overlay) to speed up rust builds in poudriere
- In reply to: Charlie Li : "Re: sccache(-overlay) to speed up rust builds in poudriere"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 28 Sep 2023 05:38:46 UTC
(I have reduced some of my reply addresses and replied to them.) Charlie Li wrote on 2023/09/27 20:11: > Guido Falsi wrote: >> On 27/09/23 12:57, Guido Falsi wrote: >>> On 27/09/23 12:54, Alexander Leidinger wrote: >>>> Am 2023-09-27 10:56, schrieb Charlie Li: >>>> >>>>> In poudriere, apart from the fetch phase, network access is not allowed by default so spawning a server that listens on an IP that does not necessarily exist that clients, individual compiler invocations, talk to isn't tenable. At the very least, one would need to architect and implement Unix domain socket support there, which they are happy to consider. >>>> >>>> How is poudriere preventing network access outside the fetch phase? >>> >> https://github.com/freebsd/poudriere/blob/97404baad0c41f1007f971c4a19c89b7c594d89f/src/share/poudriere/common.sh#L691C59-L692C32 >> >> >> This looks like the relevant line of code, one has obviously to check all the involved variables definitions. This is a good starting point for this kind of research though. >> > Yes, RESTRICT_NETWORKING=yes by default and is the relevant setting here. > It is done by launching and using two jails (jail-porttree-job-01, jail-porttree-job-01-n), right? However, sometimes escape is attempted :) It happens when it looks like ppp nat is enabled. And it seems to be caused by the port using libxslt during the build. In my case, ipfw seems to be preventing it... :)