* Re: [gentoo-portage-dev] [PATCH v2] process: Unshare UTS namespace, and set hostname to 'localhost'
@ 2020-03-28 18:16 99% ` Zac Medico
0 siblings, 0 replies; 1+ results
From: Zac Medico @ 2020-03-28 18:16 UTC (permalink / raw
To: gentoo-portage-dev, Michał Górny
On 3/28/20 12:13 AM, Michał Górny wrote:
> Use UTS namespace to override hostname when network-sandbox is enabled.
> Set it to 'localhost' as that has a better chance of being present
> in /etc/hosts. This fixes tests in some packages that try to connect
> to localhost via hostname obtained using gethostname(), e.g. docker-py,
> and suffer resolution problems due to the system hostname not being
> defined in /etc/hosts.
> ---
> lib/portage/process.py | 11 ++++++++++-
> 1 file changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/lib/portage/process.py b/lib/portage/process.py
> index c1fc4bcf6..c48503208 100644
> --- a/lib/portage/process.py
> +++ b/lib/portage/process.py
> @@ -348,12 +348,14 @@ def spawn(mycommand, env=None, opt_name=None, fd_pipes=None, returnpid=False,
> if unshare_net or unshare_ipc or unshare_mount or unshare_pid:
> # from /usr/include/bits/sched.h
> CLONE_NEWNS = 0x00020000
> + CLONE_NEWUTS = 0x04000000
> CLONE_NEWIPC = 0x08000000
> CLONE_NEWPID = 0x20000000
> CLONE_NEWNET = 0x40000000
>
> if unshare_net:
> - unshare_flags |= CLONE_NEWNET
> + # UTS namespace to override hostname
> + unshare_flags |= CLONE_NEWNET | CLONE_NEWUTS
> if unshare_ipc:
> unshare_flags |= CLONE_NEWIPC
> if unshare_mount:
> @@ -704,6 +706,13 @@ def _exec(binary, mycommand, opt_name, fd_pipes,
> noiselevel=-1)
> os._exit(1)
> if unshare_net:
> + # use 'localhost' to avoid hostname resolution problems
> + try:
> + socket.sethostname('localhost')
> + except Exception as e:
> + writemsg("Unable to set hostname: %s (for FEATURES=\"network-sandbox\")\n" % (
> + e),
Existing code uses (e,) in cases like this, in order to wrap the
exception in a tuple, preventing ambiguity in python2 where exceptions
may behave like tuples. If you don't include the comma, then the
parenthesis do nothing here, but these days the string formatting
appears to work correctly with python2.7 either way.
> + noiselevel=-1)
> _configure_loopback_interface()
> except AttributeError:
> # unshare() not supported by libc
>
Looks good. Please merge.
--
Thanks,
Zac
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2020-03-28 7:13 [gentoo-portage-dev] [PATCH v2] process: Unshare UTS namespace, and set hostname to 'localhost' Michał Górny
2020-03-28 18:16 99% ` Zac Medico
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox