[libcxx-commits] [PATCH] D110938: [libcxx][utils] Note read only mount and ptrace permission in container script
David Spickett via Phabricator via libcxx-commits
libcxx-commits at lists.llvm.org
Tue Oct 5 02:25:25 PDT 2021
DavidSpickett updated this revision to Diff 377124.
DavidSpickett added a comment.
Add ptrace cap always.
You were right it's not docker that's making the mount read only,
it's that the user in the container doesn't have permissions to
write to the folder in general.
I don't expect being a different user would change a CI result
too much but it would change paths and that can be noise if you're trying
to match up logs.
So added a note for a couple of ways you can fix that if you need
r/w from inside the container.
For what I was doing I just went to /tmp and did the build there,
it's not like you can't write anywhere at all.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D110938/new/
https://reviews.llvm.org/D110938
Files:
libcxx/utils/ci/run-buildbot-container
Index: libcxx/utils/ci/run-buildbot-container
===================================================================
--- libcxx/utils/ci/run-buildbot-container
+++ libcxx/utils/ci/run-buildbot-container
@@ -12,6 +12,12 @@
# state in `/llvm` is shared between the container and the host machine, which
# is useful for editing files on the host machine and re-running the build bot
# in the container.
+#
+# You will not be able to write to the mount from within the container
+# unless the user that created the monorepo matches "libcxx-builder".
+# If you need to do this, give that user permission to do so after running
+# the container. Or add this flag to run the container as your local user IDs:
+# --user $(id -u):$(id -g)
set -e
@@ -21,4 +27,4 @@
exit 1
fi
docker pull ldionne/libcxx-builder
-docker run -it --volume "${MONOREPO_ROOT}:/llvm" --workdir "/llvm" ldionne/libcxx-builder bash
+docker run -it --volume "${MONOREPO_ROOT}:/llvm" --workdir "/llvm" --cap-add=SYS_PTRACE ldionne/libcxx-builder bash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D110938.377124.patch
Type: text/x-patch
Size: 1025 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/libcxx-commits/attachments/20211005/530de5ce/attachment.bin>
More information about the libcxx-commits
mailing list