pld-builder.new: PLD_Builder/rpm_builder.py - try to limit network access f...

arekm arekm at pld-linux.org
Sat Apr 4 19:57:37 CEST 2009


Author: arekm                        Date: Sat Apr  4 17:57:37 2009 GMT
Module: pld-builder.new               Tag: HEAD
---- Log message:
- try to limit network access for builder account

---- Files affected:
pld-builder.new/PLD_Builder:
   rpm_builder.py (1.74 -> 1.75) 

---- Diffs:

================================================================
Index: pld-builder.new/PLD_Builder/rpm_builder.py
diff -u pld-builder.new/PLD_Builder/rpm_builder.py:1.74 pld-builder.new/PLD_Builder/rpm_builder.py:1.75
--- pld-builder.new/PLD_Builder/rpm_builder.py:1.74	Wed Mar  4 11:33:10 2009
+++ pld-builder.new/PLD_Builder/rpm_builder.py	Sat Apr  4 19:57:32 2009
@@ -90,6 +90,8 @@
     chroot.run("test ! -e /dev/random && mknod /dev/random c 1 8 && chmod 644 /dev/random", 'root')
     chroot.run("test ! -e /dev/urandom && mknod /dev/urandom c 1 9 && chmod 644 /dev/urandom", 'root')
     chroot.run("test ! -e /dev/zero && mknod /dev/zero c 1 5 && chmod 666 /dev/zero", 'root')
+    # try to limit network access for builder account
+    chroot.run("/bin/setfacl -m u:builder:--- /etc/resolv.conf")
 
 def build_rpm(r, b):
     status.push("building %s" % b.spec)
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/pld-builder.new/PLD_Builder/rpm_builder.py?r1=1.74&r2=1.75&f=u



More information about the pld-cvs-commit mailing list