Guido Falsi wrote:
On 27/09/23 12:57, Guido Falsi wrote:On 27/09/23 12:54, Alexander Leidinger wrote:Am 2023-09-27 10:56, schrieb Charlie Li:In poudriere, apart from the fetch phase, network access is not allowed by default so spawning a server that listens on an IP that does not necessarily exist that clients, individual compiler invocations, talk to isn't tenable. At the very least, one would need to architect and implement Unix domain socket support there, which they are happy to consider.How is poudriere preventing network access outside the fetch phase?https://github.com/freebsd/poudriere/blob/97404baad0c41f1007f971c4a19c89b7c594d89f/src/share/poudriere/common.sh#L691C59-L692C32This looks like the relevant line of code, one has obviously to check all the involved variables definitions. This is a good starting point for this kind of research though.
Yes, RESTRICT_NETWORKING=yes by default and is the relevant setting here. -- Charlie Li ...nope, still don't have an exit line.
OpenPGP_signature
Description: OpenPGP digital signature
