From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id wLiYNM2y0GEuQAEAgWs5BA (envelope-from ) for ; Sat, 01 Jan 2022 21:00:13 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id +If9Mc2y0GGUJQEA9RJhRA (envelope-from ) for ; Sat, 01 Jan 2022 21:00:13 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 25F293753D for ; Sat, 1 Jan 2022 21:00:13 +0100 (CET) Received: from localhost ([::1]:35390 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1n3kY0-0007bl-AR for larch@yhetil.org; Sat, 01 Jan 2022 15:00:12 -0500 Received: from eggs.gnu.org ([209.51.188.92]:38954) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1n3kXq-0007b8-S8 for guix-patches@gnu.org; Sat, 01 Jan 2022 15:00:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:47819) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1n3kXq-0007WQ-Ht for guix-patches@gnu.org; Sat, 01 Jan 2022 15:00:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1n3kXq-000248-CX for guix-patches@gnu.org; Sat, 01 Jan 2022 15:00:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#52174] [PATCH] gnu: Add podman Resent-From: Timmy Douglas Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 01 Jan 2022 20:00:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 52174 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 52174-done@debbugs.gnu.org Received: via spool by 52174-done@debbugs.gnu.org id=D52174.16410671737873 (code D ref 52174); Sat, 01 Jan 2022 20:00:02 +0000 Received: (at 52174-done) by debbugs.gnu.org; 1 Jan 2022 19:59:33 +0000 Received: from localhost ([127.0.0.1]:59365 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1n3kXM-00022v-Su for submit@debbugs.gnu.org; Sat, 01 Jan 2022 14:59:33 -0500 Received: from out1.migadu.com ([91.121.223.63]:38553) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1n3kXK-00022l-4N for 52174-done@debbugs.gnu.org; Sat, 01 Jan 2022 14:59:31 -0500 X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=timmydouglas.com; s=key1; t=1641067168; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JLqw3lxImGYjQW0OXCmIp5m4xe+GXhpNeIlYv6lW+iA=; b=CB8xYmfgerGpWFtkpoQ6nay24Toy0o2LWkG536Yvb+gEuMIVlGFFh6LhgZG8mf3JcLAs10 FIsJBuKaAGAH3qCySz/akgw6DYh/m3vwETIwyQbSKApR8JWFV6md4RZkYXmnRKCNhad0pe zmhn79eOW94Cv41kFucjJG9fm6sonno= In-Reply-To: <87wnjjnx5u.fsf_-_@gnu.org> References: <874k75pzi7.fsf@gnu.org> <52542aec3c127a893453ac1ecbbd504022d4c8dd.1639889841.git.mail@timmydouglas.com> <875yrjl8a5.fsf@gnu.org> <87tuf1zpa1.fsf@timmydouglas.com> <87v8zet4b4.fsf@gnu.org> <87pmplmt24.fsf@timmydouglas.com> <87wnjjnx5u.fsf_-_@gnu.org> Date: Sat, 01 Jan 2022 11:59:25 -0800 Message-ID: <87czlbmdlu.fsf@timmydouglas.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" Reply-to: Timmy Douglas X-ACL-Warn: , Timmy Douglas via Guix-patches From: Timmy Douglas via Guix-patches via X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1641067213; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=JLqw3lxImGYjQW0OXCmIp5m4xe+GXhpNeIlYv6lW+iA=; b=Dy8MbaUQMYLw6ntN3xyAjDfilgT/s363lW/j7kacr0gG+JjHJHDRV2kO0pJfaUb8e/Hvge EKWvOp3AhfZUEVjp3bBkKXuGmu85xSpot4XXQeAWx8OypHMTCuva7F1FFezT4hBXD8QL1D /DKTtfA0WdMstbGnFZTVr8D5x3s2yQRXKSw6chol/zRk8XiTXyyj+lp+mZYvXE3wtaJcXh e/HZ/PgwsQUASyGApdvJjExQFbFf8ce0tJXsaDzezYm4jW7JXUFVoUWDXuUVJljKgOuQ5T j03uZ7nbloZ9qM2s9NVB+4yPMrIoS6hzNrp5XGbdx7IY9r13bREXLk3u4r8uEA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1641067213; a=rsa-sha256; cv=none; b=QO9mWNH5ilIzd6zZjdmOw5mumZpPY0uqmS4pZBqXyW83a1E/4Hd1Jum5m0b/9qokfyS5Lu FW6h9mJrIy7W9deEAElcaNJcN49wR777EbMEsIFbRI0ngxNNS11Eak2a8TZbKz8G+pjN66 rgFDcncdbO43TtmPDXSMjvaSnVdPNQ74d5CYDNqZlPzcW8aJ32HMW0R4CB1c1h74TxxN55 ar7J296tegQTAVaT6jQFXjpe8vXwzqWsNLIW5pBrU/dYV9PNcGRC7aD4x3GTXz1cZ/3I34 JUB0ypRdg+CpLipSTs55rE3WIKLqDZZwE6eMSgO+jRMNF6ycBdE/icxI0rLybQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=timmydouglas.com header.s=key1 header.b=CB8xYmfg; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.68 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=timmydouglas.com header.s=key1 header.b=CB8xYmfg; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 25F293753D X-Spam-Score: -3.68 X-Migadu-Scanner: scn1.migadu.com X-TUID: IPm1huKKfkvy Ludovic Court=C3=A8s writes: > Hi, > >> Timmy Douglas skribis: >> >> Maybe my original reply wasn't clear--they all pass when I cd into the >> tmp (--keep-failed) directory and run them manually. They fail when the = builder runs >> them. I think I put the reasons in the v3 patch. For crun, it's because >> it needs the /sys/fs/cgroup mount which doesn't seem to be there for the >> builder. For the others, it's a similar situation--off the top of my >> head, they were either missing that mount or a /dev device. > > Oh I see. I pushed v3 as 637dec9d45db4df2a3e6aa565fa2c5cf6bb77768 with > minor tweaks (long lines and one or two synopses/descriptions tweaked.) thanks for the help Ludo! > IWBN to see if we can still run those tests somehow, or at least the > subset of them that doesn=E2=80=99t rely on /sys/fs/cgroup. I=E2=80=99d = argue that the > test harness should automatically skip tests that cannot be run; perhaps > worth raising upstream? I'd like to get the tests to run also, but the builder sandbox appears to be blocking some pretty major functionality that the tests would rely on. I think pretty much all of the container/crun ones would rely on the cgroup mount because that's the kernel interface into the container APIs... Is there some way that guix and the builder could eventually expose those by default? I don't know how receptive upstream would be towards an ask to run container tests with the container interface disabled? For the networking ones that fail, they try to use /dev/net/tun. Like the cgroup one, I assume this is a kernel interface needed to perform network operations. I guess the builders disable this as a part of the network disabling stuff because the tests pass outside of the builder sandbox. The cni-plugins (cni=3Dcontainer network interface) use /var/run to mount network namespaces. /var/run is present on my machine but I don't think it exists inside the builder sandbox. The actual directory used can be set with XDG_RUNTIME_DIR, but it appears the code still checks the ownership of /var/run to see if it's running in a user namespace: https://github.com/containernetworking/plugins/blob/2c46a726805bcf13e2f7858= 0c57b21e9de107285/pkg/testutils/netns_linux.go