1431400 – ostrees are not building in f26

Bug 1431400 - ostrees are not building in f26

Summary: ostrees are not building in f26

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	rpm-ostree
Sub Component:
Version:	26
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Colin Walters
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	AcceptedFreezeException
Depends On:
Blocks:	F26AlphaFreezeException
TreeView+	depends on / blocked

Reported:	2017-03-12 01:12 UTC by Dusty Mabe
Modified:	2017-03-14 01:40 UTC (History)
CC List:	4 users (show)
Fixed In Version:	rpm-ostree-2017.3-2.fc26
Clone Of:
Environment:
Last Closed:	2017-03-14 01:40:32 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
test run (48.16 KB, text/plain) 2017-03-12 01:21 UTC, Dusty Mabe	no flags	Details
View All

Description Dusty Mabe 2017-03-12 01:12:40 UTC

Description of problem:
rpm-ostree tries to drop network access when it runs scriptlets. In order to do this mock needs to pass systemd-nspawn args with --capability=CAP_NET_ADMIN. One way to fix this is to fix koji and pungi to pass the args:

https://pagure.io/koji/pull-request/344
https://pagure.io/pungi/pull-request/560

The other way, which we have done for now, is to make rpm-ostree not drop network access (and thus not require CAP_NET_ADMIN) by default so that we don't have to require changes to pungi/koji. 

https://github.com/projectatomic/rpm-ostree/pull/672

This is in the rpm-ostree in the following bodhi update:
https://bodhi.fedoraproject.org/updates/FEDORA-2017-47f6ab16ca



Can we get this as a freeze exception?

Comment 1 Dusty Mabe 2017-03-12 01:15:48 UTC


The failure you see looks something like: 
```
INFO: Running in chroot: ['/usr/bin/rpm-ostree compose tree --repo=/srv/ostreerepo/ /srv/fedora-atomic/fedora-atomic-docker-host.json']
Start: chroot ['/usr/bin/rpm-ostree compose tree --repo=/srv/ostreerepo/ /srv/fedora-atomic/fedora-atomic-docker-host.json']
Can't create loopback device
error: bwrap test failed, see <https://github.com/projectatomic/rpm-ostree/pull/429>: Executing bwrap(true): Child process exited with code 1
Finish: chroot ['/usr/bin/rpm-ostree compose tree --repo=/srv/ostreerepo/ /srv/fedora-atomic/fedora-atomic-docker-host.json']
```

Comment 2 Dusty Mabe 2017-03-12 01:21:14 UTC

Created attachment 1262175 [details]
test run

I tested rpm-ostree-2017.3-2.fc26 in a mock environment (like is run by pungi/bodhi) and verified this update allowed for me to successfully build an ostree (also tested that the previous rpm-ostree did show the failure).

Here is an attachment with more information on how I tested.

Comment 3 Fedora Blocker Bugs Application 2017-03-12 01:27:22 UTC

Proposed as a Freeze Exception for 26-alpha by Fedora user dustymabe using the blocker tracking app because:

 Get the ostree generated. Images aren't getting created and thus "don't boot". I don't know if Atomic is considered release blocking or not so please be nice if I'm out of line.

Comment 4 Fedora Update System 2017-03-13 13:14:54 UTC

rpm-ostree-2017.3-2.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-47f6ab16ca

Comment 5 Mike Ruckman 2017-03-13 18:53:54 UTC

Discussed in today's Blocker Review meeting. We should pull in a fix so that Atomic ostree's get build properly for Fedora Atomic.

Comment 6 Fedora Update System 2017-03-14 01:40:32 UTC

rpm-ostree-2017.3-2.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.