Stefan Krah <stefan-use...@bytereef.org> added the comment: Antoine Pitrou <rep...@bugs.python.org> wrote: > I'm sure some admins will prefer using their system's packages (I think > buildbot is packaged for Debian/Ubuntu, I see it in Mageia's packages, > not sure about Fedora).
Yes, certainly. I had a bad experience using the packaged buildbot-slave, but I don't remember which distro it was. Generally speaking, I've had so much trouble with rarely used packages on multiple distros that I *always* compile or install that kind of software directly from upstream. > Anyway, the current instructions are on the wiki: > http://wiki.python.org/moin/BuildBot That's probably the best place. Eric: I'm afraid the excerpts from the mailing list discussion you put there are a bit confusing and don't reflect any kind of majority opinion. For example I'm running two bots and I don't even know what this means: "Some tests, as the start of this thread [...] indicates, must have some special logic to make sure they do or do not run, or run differently, in privileged vs. unprivileged configurations, but generally speaking most things should work in both places." That does not concern a buildbot owner, since he has no influence on that. Also, you included that nasty quote "executing arbitrarily horrible and/or malicious code". I re-read the thread, and that quote is a half-sarcastic concession from Glyph (who actually had a much lighter view on the whole situation initially!) to the concerns of the people who were almost accusing buildbot owners of being clueless. The other side of the discussion (Martin's view) is missing completely, despite the fact that most core developers *probably* share that view. I'm sure you meant well, but I think we should give buildbot admins some credit. Experienced admins don't need any advice, inexperienced admins would be served better by a cookbook approach. The script I posted is a start: All buildbot software is in /home/buildbot and runs under the password-less user buildbot. In combination with a VM, this is enough for me. If anyone thinks this is not secure enough and wants to add chroot, jails, whatever, the best way forward is to post an improved version. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13124> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
