Tom, On Wed, Jul 08, 2020 at 11:15:26PM -0400, Tom Rini wrote: > On Thu, Jul 09, 2020 at 09:58:03AM +0900, AKASHI Takahiro wrote: > > > Hi Tom, > > > > I'd like to make sure of your policy about usage of "sudo" on CI. > > Do you think that we should always avoid using "sudo" in testing? > > > > I remember that you had allowed us to run sudo in (python) > > test scripts on Travis CI when I requested this (for FAT filesystem?). > > So, the best practices at this time are to have the code try and use > guestmount (or similar tools) when possible and fall back to sudo, as > Ubuntu breaks guestmount (and similar tools) by default.
See the commands log (on my ubuntu 19.10) below: ===8<=== << try 1 >> tmp$ mkdir tmpdir tmp$ virt-make-fs -t vfat -s +1M --partition=gpt ./tmpdir tmp.img libguestfs: error: /usr/bin/supermin exited with error status 1. To see full error messages you may need to enable debugging. Do: export LIBGUESTFS_DEBUG=1 LIBGUESTFS_TRACE=1 and run the command again. For further information, read: http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs You can also run 'libguestfs-test-tool' and post the *complete* output into a bug report or message to the libguestfs mailing list. << try 2 >> tmp$ LIBGUESTFS_DEBUG=1 virt-make-fs -t vfat -s +1M --partition=gpt ./tmpdir tmp.img ... supermin: kernel: kernel_version 5.3.0-62-generic supermin: kernel: modpath /lib/modules/5.3.0-62-generic cp: cannot open '/boot/vmlinuz-5.3.0-62-generic' for reading: Permission denied supermin: cp -p '/boot/vmlinuz-5.3.0-62-generic' '/var/tmp/.guestfs-1000/appliance.d.op62psoy/kernel': command failed, see earlier errors libguestfs: error: /usr/bin/supermin exited with error status 1, see debug messages above ... << try 3 >> tmp$ sudo chmod a+rw /boot/vmlinuz-5.3.0-62-generic tmp$ LIBGUESTFS_DEBUG=1 virt-make-fs -t vfat -s +1M --partition=gpt ./tmpdir tmp.img ... tmp$ ls -l tmp.img -rw-r--r-- 1 akashi akashi 1341440 Jul 9 13:50 tmp.img ===>8=== As you can see, virt-make-fs will fail on *standard* ubuntu. You have to change the permission of the current kernel's binary. While I can't make sure, we will have the same issue with guestmount as it will also create a minimum virtual machine before execution. What does it mean? You must change the permission every time when you re-install the OS or re-bump the kernel version. Obviously, I can't do that from my own test script (without sudo). So if you don't have any way (or workaround) to deal with it, libguestfs-tools or guestmount cannot be a solution here. -Takahiro Akashi > -- > Tom
