From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#24108: guix make tests failure Date: Sun, 31 Jul 2016 12:53:26 +0200 Message-ID: <87d1lu84ex.fsf@gnu.org> References: <4c03321977ef605cc34a23986d83ce47@openmailbox.org> <874m77e0ky.fsf@gnu.org> <20160730104312.2166ffa5@openmailbox.org> <87bn1ebynp.fsf@gnu.org> <20160730174027.0551e855@openmailbox.org> <20160730185305.0c8cfe59@openmailbox.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:34580) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bToNj-00011Z-I9 for bug-guix@gnu.org; Sun, 31 Jul 2016 06:54:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bToNe-0008S3-OV for bug-guix@gnu.org; Sun, 31 Jul 2016 06:54:07 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:54646) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bToNe-0008Rz-Ky for bug-guix@gnu.org; Sun, 31 Jul 2016 06:54:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1bToNe-0002Oa-GW for bug-guix@gnu.org; Sun, 31 Jul 2016 06:54:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20160730185305.0c8cfe59@openmailbox.org> (Dylan Jeffers's message of "Sat, 30 Jul 2016 18:53:05 -0700") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Dylan Jeffers Cc: 24108@debbugs.gnu.org Hello, Dylan Jeffers skribis: [...] > > > These tests are skipped when user namespaces are not supported, as > > > per this condition: > > >=20 > > > (define perform-container-tests? > > > (and (user-namespace-supported?) > > > (unprivileged-user-namespace-supported?))) > > >=20 > > > =E2=80=A6 which is true iff (1) /proc/self/ns/user exists, and (2) > > > /proc/sys/kernel/unprivileged_userns_clone does not exist, or it > > > exists and contains =E2=80=9C1=E2=80=9D. > > >=20 > > > Do these files exist on this system?=20=20 >> >> (1) /proc/self/ns/user exists, and >> (2) /proc/sys/kernel/unpriviledged_userns_clone D.N.E They do not exist now with the new =E2=80=98test-suite.log=E2=80=99 that yo= u posted, but they did exist before (with the Grsec kernel), otherwise the user namespaces tests would have been skipped. >> Ideas on the best approach to allow the build to succeed? >>=20 >> I also have had issues with qemu, so it makes sense that vm/container >> stuff both have issues. I have a feeling its due to the >> grsec kernel. >> https://wiki.archlinux.org/index.php/Grsecurity_Patchset talks a >> bit about userspace/namespace hardening + issues with xen and >> virtbox. Going to reboot with an lts kernel and try again. Will post >> update... >>=20 >> Best, >> Dylan >>=20 >> Best, >> Dylan > > After changing kernel, and stopping paxd.service, build still > failed :( [...] > test-name: clone > location: /home/sapientech/Dev/guix/guix_wip/tests/syscalls.scm:109 > source: > + (test-assert > + "clone" > + (match (clone (logior CLONE_NEWUSER SIGCHLD)) > + (0 (primitive-exit 42)) > + (pid (and (not (equal? > + (readlink (user-namespace pid)) > + (readlink (user-namespace (getpid))))) > + (match (waitpid pid) > + ((_ . status) (=3D 42 (status:exit-val status= )))))))) > result: SKIP This and other container-related tests are now properly skipped. > test-name: home-page: host not found > location: /home/sapientech/Dev/guix/guix_wip/tests/lint.scm:393 > source: > + (test-assert > + "home-page: host not found" > + (->bool > + (string-contains > + (with-warnings > + (let ((pkg (package > + (inherit (dummy-package "x")) > + (home-page "http://does-not-exist")))) > + (check-home-page pkg))) > + "domain not found"))) > actual-value: #f > result: FAIL This and the remaining failures are due to DNS hijacking, so nothing we can do about it. You=E2=80=99d have to use a well-behaved DNS server (e.g., =E2=80=9Cecho nameserver 8.8.8.8 > /etc/resolv.conf=E2=80=9D to use Google= =E2=80=99s name server) to work around that. Thanks, Ludo=E2=80=99.