def run_logged(this, cmd_list): app.log_env(this['log'], os.environ, argv_to_string(cmd_list)) with open(this['log'], "a") as logfile: if call(cmd_list, stdin=PIPE, stdout=logfile, stderr=logfile): app.log(this, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), argv_to_string(cmd_list)) app.exit(this, 'ERROR: log file is at', this['log'])
def run_logged(this, cmd_list): app.log_env(this["log"], os.environ, argv_to_string(cmd_list)) with open(this["log"], "a") as logfile: if call(cmd_list, stdin=PIPE, stdout=logfile, stderr=logfile): app.log(this, "ERROR: command failed in directory %s:\n\n" % os.getcwd(), argv_to_string(cmd_list)) call(["tail", "-n", "200", this["log"]]) app.exit(this, "ERROR: log file is at", this["log"])
def run_logged(dn, cmd_list): app.log_env(dn['log'], os.environ, argv_to_string(cmd_list)) with open(dn['log'], "a") as logfile: if call(cmd_list, stdin=PIPE, stdout=logfile, stderr=logfile): app.log(dn, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), argv_to_string(cmd_list)) call(['tail', '-n', '200', dn['log']]) app.log(dn, 'Log file is at', dn['log'], exit=True)
def run_logged(this, cmd_list, config=''): app.log_env(this['log'], '\n'.join(cmd_list)) with open(this['log'], "a") as logfile: if call(cmd_list, stdout=logfile, stderr=logfile): app.log(this, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), ' '.join(cmd_list)) app.log(this, 'ERROR: Containerisation settings:\n\n', config) app.log(this, 'ERROR: Path:\n\n', os.environ['PATH']) app.log(this, 'ERROR: log file is at', this['log']) raise SystemExit
def run_sandboxed(this, command, env=None, allow_parallel=False): global executor app.log(this, 'Running command:\n%s' % command) with open(this['log'], "a") as logfile: logfile.write("# # %s\n" % command) mounts = ccache_mounts(this, ccache_target=env['CCACHE_DIR']) if this.get('build-mode') == 'bootstrap': # bootstrap mode: builds have some access to the host system, so they # can use the compilers etc. tmpdir = app.config.get("TMPDIR", "/tmp") writable_paths = [this['build'], this['install'], tmpdir, ] config = dict( cwd=this['build'], filesystem_root='/', filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=[], network='isolated', ) else: # normal mode: builds run in a chroot with only their dependencies # present. mounts.extend([('tmpfs', '/dev/shm', 'tmpfs'), ('proc', '/proc', 'proc'), ]) if this.get('kind') == 'system': writable_paths = 'all' else: writable_paths = [ this['name'] + '.build', this['name'] + '.inst', '/dev', '/proc', '/tmp', ] config = dict( cwd=this['name'] + '.build', filesystem_root=this['sandbox'], filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=mounts, network='isolated', ) argv = ['sh', '-c', command] cur_makeflags = env.get("MAKEFLAGS") # Adjust config for what the backend is capable of. The user will be warned # about any changes made. config = executor.degrade_config_for_capabilities(config, warn=False) try: if not allow_parallel: env.pop("MAKEFLAGS", None) app.log_env(this['log'], env, argv_to_string(argv)) with open(this['log'], "a") as logfile: exit_code = executor.run_sandbox_with_redirection( argv, stdout=logfile, stderr=sandboxlib.STDOUT, env=env, **config) if exit_code != 0: app.log(this, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), argv_to_string(argv)) call(['tail', '-n', '200', this['log']]) app.log(this, 'ERROR: log file is at', this['log']) app.exit(this, 'ERROR: sandbox debris is at', this['sandbox']) finally: if cur_makeflags is not None: env['MAKEFLAGS'] = cur_makeflags
def run_sandboxed(this, command, env=None, allow_parallel=False): global executor app.log(this, "Running command:\n%s" % command) with open(this["log"], "a") as logfile: logfile.write("# # %s\n" % command) mounts = ccache_mounts(this, ccache_target=env["CCACHE_DIR"]) if this.get("build-mode") == "bootstrap": # bootstrap mode: builds have some access to the host system, so they # can use the compilers etc. tmpdir = app.config.get("TMPDIR", "/tmp") writable_paths = [this["build"], this["install"], tmpdir] config = dict( cwd=this["build"], filesystem_root="/", filesystem_writable_paths=writable_paths, mounts="isolated", extra_mounts=[], network="isolated", ) else: # normal mode: builds run in a chroot with only their dependencies # present. mounts.extend([("tmpfs", "/dev/shm", "tmpfs"), ("proc", "/proc", "proc")]) if this.get("kind") == "system": writable_paths = "all" else: writable_paths = [this["name"] + ".build", this["name"] + ".inst", "/dev", "/proc", "/tmp"] config = dict( cwd=this["name"] + ".build", filesystem_root=this["sandbox"], filesystem_writable_paths=writable_paths, mounts="isolated", extra_mounts=mounts, network="isolated", ) argv = ["sh", "-c", command] cur_makeflags = env.get("MAKEFLAGS") # Adjust config for what the backend is capable of. The user will be warned # about any changes made. config = executor.degrade_config_for_capabilities(config, warn=False) try: if not allow_parallel: env.pop("MAKEFLAGS", None) app.log_env(this["log"], env, argv_to_string(argv)) with open(this["log"], "a") as logfile: exit_code = executor.run_sandbox_with_redirection( argv, stdout=logfile, stderr=sandboxlib.STDOUT, env=env, **config ) if exit_code != 0: app.log(this, "ERROR: command failed in directory %s:\n\n" % os.getcwd(), argv_to_string(argv)) call(["tail", "-n", "200", this["log"]]) app.log(this, "ERROR: log file is at", this["log"]) app.exit(this, "ERROR: sandbox debris is at", this["sandbox"]) finally: if cur_makeflags is not None: env["MAKEFLAGS"] = cur_makeflags
def run_sandboxed(dn, command, env=None, allow_parallel=False): global executor app.log(dn, 'Running command:\n%s' % command) with open(dn['log'], "a") as logfile: logfile.write("# # %s\n" % command) mounts = ccache_mounts(dn, ccache_target=env['CCACHE_DIR']) if dn.get('build-mode') == 'bootstrap': # bootstrap mode: builds have some access to the host system, so they # can use the compilers etc. tmpdir = app.config.get("TMPDIR", "/tmp") writable_paths = [ dn['checkout'], dn['install'], tmpdir, ] config = dict( cwd=dn['checkout'], filesystem_root='/', filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=[], network='isolated', ) else: # normal mode: builds run in a chroot with only their dependencies # present. mounts.extend([ ('tmpfs', '/dev/shm', 'tmpfs'), ('proc', '/proc', 'proc'), ]) if dn.get('kind') == 'system': writable_paths = 'all' else: writable_paths = [ dn['name'] + '.build', dn['name'] + '.inst', '/dev', '/proc', '/tmp', ] config = dict( cwd=dn['name'] + '.build', filesystem_root=dn['sandbox'], filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=mounts, network='isolated', ) # Awful hack to ensure string-escape is loaded: # # this ensures that when propagating an exception back from # the child process in a chroot, the required string-escape # python module is already in memory and no attempt to # lazy load it in the chroot is made. unused = "Some Text".encode('string-escape') argv = ['sh', '-c', '-e', command] cur_makeflags = env.get("MAKEFLAGS") # Adjust config for what the backend is capable of. The user will be warned # about any changes made. config = executor.degrade_config_for_capabilities(config, warn=False) try: if not allow_parallel: env.pop("MAKEFLAGS", None) app.log_env(dn['log'], env, argv_to_string(argv)) with open(dn['log'], "a") as logfile: exit_code = 99 try: exit_code = executor.run_sandbox_with_redirection( argv, stdout=logfile, stderr=sandboxlib.STDOUT, env=env, **config) except: import traceback traceback.print_exc() app.log('SANDBOX', 'ERROR: in run_sandbox_with_redirection', exit_code) if exit_code != 0: app.log(dn, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), argv_to_string(argv)) call(['tail', '-n', '200', dn['log']]) app.log(dn, 'ERROR: log file is at', dn['log']) app.log(dn, 'Sandbox debris is at', dn['sandbox'], exit=True) finally: if cur_makeflags is not None: env['MAKEFLAGS'] = cur_makeflags
def run_sandboxed(this, command, env=None, allow_parallel=False): global executor app.log(this, 'Running command:\n%s' % command) with open(this['log'], "a") as logfile: logfile.write("# # %s\n" % command) mounts = ccache_mounts(this, ccache_target=env['CCACHE_DIR']) if this.get('build-mode') == 'bootstrap': # bootstrap mode: builds have some access to the host system, so they # can use the compilers etc. tmpdir = app.config.get("TMPDIR", "/tmp") writable_paths = [ this['build'], this['install'], tmpdir, ] config = dict( cwd=this['build'], filesystem_root='/', filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=[], network='isolated', ) else: # normal mode: builds run in a chroot with only their dependencies # present. mounts.extend([ (None, '/dev/shm', 'tmpfs'), (None, '/proc', 'proc'), ]) if this.get('kind') == 'system': writable_paths = 'all' else: writable_paths = [ this['name'] + '.build', this['name'] + '.inst', '/dev', '/proc', '/tmp', ] config = dict( cwd=this['name'] + '.build', filesystem_root=this['sandbox'], filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=mounts, network='isolated', ) argv = ['sh', '-c', command] cur_makeflags = env.get("MAKEFLAGS") # Adjust config for what the backend is capable of. The user will be warned # about any changes made. config = executor.degrade_config_for_capabilities(config, warn=False) try: if not allow_parallel: env.pop("MAKEFLAGS", None) app.log_env(this['log'], env, argv_to_string(argv)) with open(this['log'], "a") as logfile: exit_code = executor.run_sandbox_with_redirection( argv, stdout=logfile, stderr=sandboxlib.STDOUT, env=env, **config) if exit_code != 0: app.log(this, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), argv_to_string(argv)) call(['tail', '-n', '200', this['log']]) app.log(this, 'ERROR: log file is at', this['log']) app.exit(this, 'ERROR: sandbox debris is at', this['sandbox']) finally: if cur_makeflags is not None: env['MAKEFLAGS'] = cur_makeflags
def run_sandboxed(this, command, env=None, allow_parallel=False): app.log(this, 'Running command:\n%s' % command) with open(this['log'], "a") as logfile: logfile.write("# # %s\n" % command) executor = sandboxlib.linux_user_chroot sandbox_config = executor.maximum_possible_isolation() mounts = ccache_mounts(this, ccache_target=env['CCACHE_DIR']) if this.get('build-mode') == 'bootstrap': # bootstrap mode: builds have some access to the host system, so they # can use the compilers etc. tmpdir = app.settings.get("TMPDIR", "/tmp") writable_paths = [ this['build'], this['install'], tmpdir, ] sandbox_config.update(dict( cwd=this['build'], filesystem_root='/', filesystem_writable_paths=writable_paths, extra_mounts=[], )) else: # normal mode: builds run in a chroot with only their dependencies # present. mounts.extend([ (None, '/dev/shm', 'tmpfs'), (None, '/proc', 'proc'), ]) if this.get('kind') == 'system': writable_paths = 'all' else: writable_paths = [ builddir_for_component(this), installdir_for_component(this), '/dev', '/proc', '/tmp', ] sandbox_config.update(dict( cwd=builddir_for_component(this), filesystem_root=this['sandbox'], filesystem_writable_paths=writable_paths, extra_mounts=mounts, )) argv = ['sh', '-c', command] cur_makeflags = env.get("MAKEFLAGS") try: if not allow_parallel: env.pop("MAKEFLAGS", None) app.log_env(this['log'], env, argv_to_string(argv)) with open(this['log'], "a") as logfile: exit_code = executor.run_sandbox_with_redirection( argv, stdout=logfile, stderr=sandboxlib.STDOUT, env=env, **sandbox_config) if exit_code != 0: app.log(this, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), argv_to_string(argv)) app.exit(this, 'ERROR: log file is at', this['log']) finally: if cur_makeflags is not None: env['MAKEFLAGS'] = cur_makeflags
def run_sandboxed(dn, command, env=None, allow_parallel=False): global executor app.log(dn, 'Running command:\n%s' % command) with open(dn['log'], "a") as logfile: logfile.write("# # %s\n" % command) mounts = ccache_mounts(dn, ccache_target=env['CCACHE_DIR']) if dn.get('build-mode') == 'bootstrap': # bootstrap mode: builds have some access to the host system, so they # can use the compilers etc. tmpdir = app.config.get("TMPDIR", "/tmp") writable_paths = [dn['checkout'], dn['install'], tmpdir, ] config = dict( cwd=dn['checkout'], filesystem_root='/', filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=[], network='isolated', ) else: # normal mode: builds run in a chroot with only their dependencies # present. mounts.extend([('tmpfs', '/dev/shm', 'tmpfs'), ('proc', '/proc', 'proc'), ]) if dn.get('kind') == 'system': writable_paths = 'all' else: writable_paths = [dn['name'] + '.build', dn['name'] + '.inst', '/dev', '/proc', '/tmp', ] config = dict( cwd=dn['name'] + '.build', filesystem_root=dn['sandbox'], filesystem_writable_paths=writable_paths, mounts='isolated', extra_mounts=mounts, network='isolated', ) # Awful hack to ensure string-escape is loaded: # # this ensures that when propagating an exception back from # the child process in a chroot, the required string-escape # python module is already in memory and no attempt to # lazy load it in the chroot is made. unused = "Some Text".encode('string-escape') argv = ['sh', '-c', '-e', command] cur_makeflags = env.get("MAKEFLAGS") # Adjust config for what the backend is capable of. The user will be warned # about any changes made. config = executor.degrade_config_for_capabilities(config, warn=False) try: if not allow_parallel: env.pop("MAKEFLAGS", None) app.log_env(dn['log'], env, argv_to_string(argv)) with open(dn['log'], "a") as logfile: exit_code = 99 try: exit_code = executor.run_sandbox_with_redirection( argv, stdout=logfile, stderr=sandboxlib.STDOUT, env=env, **config) except: import traceback traceback.print_exc() app.log('SANDBOX', 'ERROR: in run_sandbox_with_redirection', exit_code) if exit_code != 0: app.log(dn, 'ERROR: command failed in directory %s:\n\n' % os.getcwd(), argv_to_string(argv)) call(['tail', '-n', '200', dn['log']]) app.log(dn, 'ERROR: log file is at', dn['log']) app.log(dn, 'Sandbox debris is at', dn['sandbox'], exit=True) finally: if cur_makeflags is not None: env['MAKEFLAGS'] = cur_makeflags