| 1 |
On Sat, 2020-03-28 at 11:16 -0700, Zac Medico wrote: |
| 2 |
> On 3/28/20 12:13 AM, Michał Górny wrote: |
| 3 |
> > Use UTS namespace to override hostname when network-sandbox is enabled. |
| 4 |
> > Set it to 'localhost' as that has a better chance of being present |
| 5 |
> > in /etc/hosts. This fixes tests in some packages that try to connect |
| 6 |
> > to localhost via hostname obtained using gethostname(), e.g. docker-py, |
| 7 |
> > and suffer resolution problems due to the system hostname not being |
| 8 |
> > defined in /etc/hosts. |
| 9 |
> > --- |
| 10 |
> > lib/portage/process.py | 11 ++++++++++- |
| 11 |
> > 1 file changed, 10 insertions(+), 1 deletion(-) |
| 12 |
> > |
| 13 |
> > diff --git a/lib/portage/process.py b/lib/portage/process.py |
| 14 |
> > index c1fc4bcf6..c48503208 100644 |
| 15 |
> > --- a/lib/portage/process.py |
| 16 |
> > +++ b/lib/portage/process.py |
| 17 |
> > @@ -348,12 +348,14 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False, |
| 18 |
> > if unshare_net or unshare_ipc or unshare_mount or unshare_pid: |
| 19 |
> > # from /usr/include/bits/sched.h |
| 20 |
> > CLONE_NEWNS = 0x00020000 |
| 21 |
> > + CLONE_NEWUTS = 0x04000000 |
| 22 |
> > CLONE_NEWIPC = 0x08000000 |
| 23 |
> > CLONE_NEWPID = 0x20000000 |
| 24 |
> > CLONE_NEWNET = 0x40000000 |
| 25 |
> > |
| 26 |
> > if unshare_net: |
| 27 |
> > - unshare_flags |= CLONE_NEWNET |
| 28 |
> > + # UTS namespace to override hostname |
| 29 |
> > + unshare_flags |= CLONE_NEWNET | CLONE_NEWUTS |
| 30 |
> > if unshare_ipc: |
| 31 |
> > unshare_flags |= CLONE_NEWIPC |
| 32 |
> > if unshare_mount: |
| 33 |
> > @@ -704,6 +706,13 @@ def _exec(binary, mycommand, opt_name, fd_pipes, |
| 34 |
> > noiselevel=-1) |
| 35 |
> > os._exit(1) |
| 36 |
> > if unshare_net: |
| 37 |
> > + # use 'localhost' to avoid hostname resolution problems |
| 38 |
> > + try: |
| 39 |
> > + socket.sethostname('localhost') |
| 40 |
> > + except Exception as e: |
| 41 |
> > + writemsg("Unable to set hostname: %s (for FEATURES=\"network-sandbox\")\n" % ( |
| 42 |
> > + e), |
| 43 |
> |
| 44 |
> Existing code uses (e,) in cases like this, in order to wrap the |
| 45 |
> exception in a tuple, preventing ambiguity in python2 where exceptions |
| 46 |
> may behave like tuples. If you don't include the comma, then the |
| 47 |
> parenthesis do nothing here, but these days the string formatting |
| 48 |
> appears to work correctly with python2.7 either way. |
| 49 |
|
| 50 |
Oops, I meant to leave it there. I'll fix and push. |
| 51 |
|
| 52 |
> |
| 53 |
> > + noiselevel=-1) |
| 54 |
> > _configure_loopback_interface() |
| 55 |
> > except AttributeError: |
| 56 |
> > # unshare() not supported by libc |
| 57 |
> > |
| 58 |
> |
| 59 |
> Looks good. Please merge. |
| 60 |
|
| 61 |
-- |
| 62 |
Best regards, |
| 63 |
Michał Górny |
Archives