While testing a port using poudriere with something like this:
poudriere testport -v -j 11amd64 -p custom www/go-www
I got this error:
!!! build failure encountered !!!
[00:00:06] ====>> Error: Build failed in phase: fetch
For some reason, the package can't be found/downloaded, therefore in my try to check if there was an issue with the jails resolver, I listed the existing jails by doing a jls
- I got this output that caught my attention:
> jls
JID IP Address Hostname Path
363 127.0.0.1 11amd64-custom /usr/local/poudriere/data/.m/11amd64-custom/ref
364 11amd64-custom /usr/local/poudriere/data/.m/11amd64-custom/ref
365 127.0.0.1 11amd64-custom-job-02 /usr/local/poudriere/data/.m/11amd64-custom/02
366 11amd64-custom-job-02 /usr/local/poudriere/data/.m/11amd64-custom/02
367 127.0.0.1 11amd64-custom-job-01 /usr/local/poudriere/data/.m/11amd64-custom/01
368 11amd64-custom-job-01 /usr/local/poudriere/data/.m/11amd64-custom/01
369 127.0.0.1 11amd64-custom-job-03 /usr/local/poudriere/data/.m/11amd64-custom/03
370 11amd64-custom-job-03 /usr/local/poudriere/data/.m/11amd64-custom/03
The thing that I notice is that if I enter to a jail with no IP address assigned jexec 364
I do can ping/fetch any host, for example, but if I enter to a jail with an IP address jexec 363
, in this case 127.0.0.1
I can't ping/resolve:
ping: sendto: Can't assign requested address
Therefore I would like to know what is the idea of creating a pair of jails, one with IP (no routable) and another whitout IP (routable), what is the logic behind?
Just in case this is the configuration I am using for poudriere /usr/local/etc/poudriere.conf
:
ZPOOL=tank
ZROOTFS=/poudriere
FREEBSD_HOST=https://download.FreeBSD.org
RESOLV_CONF=/etc/resolv.conf
BASEFS=/usr/local/poudriere
POUDRIERE_DATA=${BASEFS}/data
USE_PORTLINT=no
USE_TMPFS=yes
DISTFILES_CACHE=/usr/ports/distfiles
CHECK_CHANGED_OPTIONS=verbose
CHECK_CHANGED_DEPS=yes
PKG_REPO_SIGNING_KEY=/usr/local/etc/ssl/keys/pkg.key
CCACHE_DIR=/var/cache/ccache
NOLINUX=yes
UPDATE
To fix the problem I entered in interactive mode - notice the -i
:
poudriere testport -v -i -j 11amd64 -p custom www/go-www
then:
cd /usr/ports/www/go-www/; make
That fetched the packages and I just copy them to /usr/ports/distfiles/
Then again:
poudriere testport -v -j 11amd64 -p custom www/go-www
That was an ugly hack but the main problem was a bad line in the Makefile that was duplicating content:
GH_ACCOUNT= nbari:DEFAULT,www
Should be:
GH_ACCOUNT= nbari:DEFAULT
But still wondering why the pair of jails is created with and without IP.
poudriere(8)
preforms preforms the stages that do not need networking is a more restrictive jail, for added security. Previously the jails were restarted with, or without, networking capabilities, now two separate jails are kept throughout the process to reduce complexity.
The jail with the listed IP address is explicitly set to a loopback address, and the one without inherits it networking from the host:
: ${LOIP6:=::1}
: ${LOIP4:=127.0.0.1}
case $IPS in
01)
localipargs="ip6.addr=${LOIP6}"
ipargs="ip6=inherit"
;;
10)
localipargs="ip4.addr=${LOIP4}"
ipargs="ip4=inherit"
;;
11)
localipargs="ip4.addr=${LOIP4} ip6.addr=${LOIP6}"
ipargs="ip4=inherit ip6=inherit"
;;
esac
...
jstart() {
local name network
network="${localipargs}"
[ "${RESTRICT_NETWORKING}" = "yes" ] || network="${ipargs}"
_my_name name
jail -c persist name=${name} \
path=${MASTERMNT}${MY_JOBID+/../${MY_JOBID}} \
host.hostname=${BUILDER_HOSTNAME-${name}} \
${network} ${JAIL_PARAMS} \
allow.socket_af allow.raw_sockets allow.chflags allow.sysvipc
jail -c persist name=${name}-n \
path=${MASTERMNT}${MY_JOBID+/../${MY_JOBID}} \
host.hostname=${BUILDER_HOSTNAME-${name}} \
${ipargs} ${JAIL_PARAMS} \
allow.socket_af allow.raw_sockets allow.chflags allow.sysvipc
}
The fetch error seems to be because of the duplicate entries in the new distfile
(two entries for nbari-www-1.1.1_GH0.tar.gz
). The error line
in your log file starts with fetch: 4211
, 4211 being the size of the duplicate entry.
The entry in question is being added twice because of the groups specified with GH_ACCOUNT
, DEFAUT
adds the PORTNAME
(www
), and www
adds itself.