Message ID | 20200714061856.4487-1-xypron.glpk@gmx.de |
---|---|
State | Changes Requested |
Delegated to: | Tom Rini |
Headers | show |
Series | [v2,1/1] Dockerfile: provide kernel for libguestfs-tools | expand |
On Tue, Jul 14, 2020 at 08:18:56AM +0200, Heinrich Schuchardt wrote: > The libguestfs-tools use QEMU to mount an image file. This requires a Linux > kernel. > > On Ubuntu the kernel (/boot/vmlinuz*) is not readable for normal users > (chmod 600), cf. > https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 > > Install a kernel and make it readable for all users (chmod 644). > > Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> This causes the tests to fail now that they're trying to use libguestfs-tools: https://gitlab.denx.de/u-boot/u-boot/-/jobs/124872 I did a quick change to pass in the KVM group to useradd as well, but that didn't catch. I suspect that changing /dev/kvm inside the container won't stick either. But that shouldn't be fatal as it's still fast enough.
Am 14. Juli 2020 23:28:21 MESZ schrieb Tom Rini <trini@konsulko.com>: >On Tue, Jul 14, 2020 at 08:18:56AM +0200, Heinrich Schuchardt wrote: > >> The libguestfs-tools use QEMU to mount an image file. This requires a >Linux >> kernel. >> >> On Ubuntu the kernel (/boot/vmlinuz*) is not readable for normal >users >> (chmod 600), cf. >> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 >> >> Install a kernel and make it readable for all users (chmod 644). >> >> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > >This causes the tests to fail now that they're trying to use >libguestfs-tools: >https://gitlab.denx.de/u-boot/u-boot/-/jobs/124872 > >I did a quick change to pass in the KVM group to useradd as well, but >that didn't catch. I suspect that changing /dev/kvm inside the >container won't stick either. But that shouldn't be fatal as it's >still >fast enough. KVM requires docker --privileged according to what I read. Tests failing that were not excercised before seems to be a step into the right direction. - But a lot of work before us. Thanks for the update. Best regards Heinrich
On Wed, Jul 15, 2020 at 12:00:25AM +0200, Heinrich Schuchardt wrote: > Am 14. Juli 2020 23:28:21 MESZ schrieb Tom Rini <trini@konsulko.com>: > >On Tue, Jul 14, 2020 at 08:18:56AM +0200, Heinrich Schuchardt wrote: > > > >> The libguestfs-tools use QEMU to mount an image file. This requires a > >Linux > >> kernel. > >> > >> On Ubuntu the kernel (/boot/vmlinuz*) is not readable for normal > >users > >> (chmod 600), cf. > >> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 > >> > >> Install a kernel and make it readable for all users (chmod 644). > >> > >> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > > > >This causes the tests to fail now that they're trying to use > >libguestfs-tools: > >https://gitlab.denx.de/u-boot/u-boot/-/jobs/124872 > > > >I did a quick change to pass in the KVM group to useradd as well, but > >that didn't catch. I suspect that changing /dev/kvm inside the > >container won't stick either. But that shouldn't be fatal as it's > >still > >fast enough. > > KVM requires docker --privileged according to what I read. > > Tests failing that were not excercised before seems to be a step into the right direction. - But a lot of work before us. It's not progress as they do pass when I apply the patch I posted the other day to fix sudo'ing the tests. And we may need to have an off-list chat to make sure everyone with a runner is configured consistently.
On 7/15/20 12:10 AM, Tom Rini wrote: > On Wed, Jul 15, 2020 at 12:00:25AM +0200, Heinrich Schuchardt wrote: >> Am 14. Juli 2020 23:28:21 MESZ schrieb Tom Rini <trini@konsulko.com>: >>> On Tue, Jul 14, 2020 at 08:18:56AM +0200, Heinrich Schuchardt wrote: >>> >>>> The libguestfs-tools use QEMU to mount an image file. This requires a >>> Linux >>>> kernel. >>>> >>>> On Ubuntu the kernel (/boot/vmlinuz*) is not readable for normal >>> users >>>> (chmod 600), cf. >>>> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 >>>> >>>> Install a kernel and make it readable for all users (chmod 644). >>>> >>>> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> >>> >>> This causes the tests to fail now that they're trying to use >>> libguestfs-tools: >>> https://gitlab.denx.de/u-boot/u-boot/-/jobs/124872 >>> >>> I did a quick change to pass in the KVM group to useradd as well, but >>> that didn't catch. I suspect that changing /dev/kvm inside the >>> container won't stick either. But that shouldn't be fatal as it's >>> still >>> fast enough. >> >> KVM requires docker --privileged according to what I read. >> >> Tests failing that were not excercised before seems to be a step into the right direction. - But a lot of work before us. > > It's not progress as they do pass when I apply the patch I posted the > other day to fix sudo'ing the tests. And we may need to have an Which patch do you relate to? > off-list chat to make sure everyone with a runner is configured > consistently. > You marked this patch as "changes requested". It is unclear to me what change you are requesting for this patch. Best regards Heinrich
On Mon, Jul 20, 2020 at 08:26:14AM +0200, Heinrich Schuchardt wrote: > On 7/15/20 12:10 AM, Tom Rini wrote: > > On Wed, Jul 15, 2020 at 12:00:25AM +0200, Heinrich Schuchardt wrote: > >> Am 14. Juli 2020 23:28:21 MESZ schrieb Tom Rini <trini@konsulko.com>: > >>> On Tue, Jul 14, 2020 at 08:18:56AM +0200, Heinrich Schuchardt wrote: > >>> > >>>> The libguestfs-tools use QEMU to mount an image file. This requires a > >>> Linux > >>>> kernel. > >>>> > >>>> On Ubuntu the kernel (/boot/vmlinuz*) is not readable for normal > >>> users > >>>> (chmod 600), cf. > >>>> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 > >>>> > >>>> Install a kernel and make it readable for all users (chmod 644). > >>>> > >>>> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > >>> > >>> This causes the tests to fail now that they're trying to use > >>> libguestfs-tools: > >>> https://gitlab.denx.de/u-boot/u-boot/-/jobs/124872 > >>> > >>> I did a quick change to pass in the KVM group to useradd as well, but > >>> that didn't catch. I suspect that changing /dev/kvm inside the > >>> container won't stick either. But that shouldn't be fatal as it's > >>> still > >>> fast enough. > >> > >> KVM requires docker --privileged according to what I read. > >> > >> Tests failing that were not excercised before seems to be a step into the right direction. - But a lot of work before us. > > > > It's not progress as they do pass when I apply the patch I posted the > > other day to fix sudo'ing the tests. And we may need to have an > > Which patch do you relate to? http://patchwork.ozlabs.org/project/uboot/patch/20200709134225.10412-1-trini@konsulko.com/ > > off-list chat to make sure everyone with a runner is configured > > consistently. > > > > You marked this patch as "changes requested". It is unclear to me what > change you are requesting for this patch. We need something, I'm not sure what, that moves us from "tests run and pass on travis, are skipped on GitLab and are skipped on Azure" to at least "tests run and pass on travis, run and pass on GitLab and are skipped on Azure". I believe we just won't have the required privileges to run the tests on Azure.
diff --git a/Dockerfile b/Dockerfile index bc3cdee..aac7f01 100644 --- a/Dockerfile +++ b/Dockerfile @@ -68,6 +68,7 @@ RUN apt-get update && apt-get install -y \ libssl-dev \ libudev-dev \ libusb-1.0-0-dev \ + linux-image-kvm \ lzma-alone \ lzop \ mount \ @@ -94,6 +95,9 @@ RUN apt-get update && apt-get install -y \ zip \ && rm -rf /var/lib/apt/lists/* +# libguestfs-tools runs the kernel via QEMU. Give normal users access. +RUN chmod 644 /boot/vmlinu* + # Manually install libmpfr4 for the toolchains RUN wget http://mirrors.kernel.org/ubuntu/pool/main/m/mpfr4/libmpfr4_3.1.4-1_amd64.deb && dpkg -i libmpfr4_3.1.4-1_amd64.deb && rm libmpfr4_3.1.4-1_amd64.deb
The libguestfs-tools use QEMU to mount an image file. This requires a Linux kernel. On Ubuntu the kernel (/boot/vmlinuz*) is not readable for normal users (chmod 600), cf. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 Install a kernel and make it readable for all users (chmod 644). Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> --- v2: add link to Ubuntu bug report --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) -- 2.27.0