On 27/09/23 12:54, Alexander Leidinger wrote:
Am 2023-09-27 10:56, schrieb Charlie Li:
In poudriere, apart from the fetch phase, network access is not
allowed by default so spawning a server that listens on an IP that
does not necessarily exist that clients, individual compiler
invocations, talk to isn't tenable. At the very least, one would need
to architect and implement Unix domain socket support there, which
they are happy to consider.
How is poudriere preventing network access outside the fetch phase?
two (undocumented) guesses:
- removing interfaces (including lo0)
- no routing
The only way to know for sure is reading the source code.
--
Guido Falsi <madpi...@freebsd.org>
