On 07/04/2013 11:21 AM, Michael Schroeder wrote:
The worker just fetches the sources from the source server and the binary packages from the repo server and calls /usr/bin/build from the "build" package to do the building and sandboxing. "build" is like Fedora's "mock", but a couple of years older;)
The build program creates the file system, mounts it, copies the sources and binary packages into it and does the "preinstall" phase, i.e. it unpacks the packages needed to get rpm/bash running. This unpacking is done by using "rpm2cpio" and "bsdtar" for security reasons.
It then unmounts the file system and starts the virtual machine. The "init" program used in the vm is actually the build script again, it then installs all the rpm packages and runs rpmbuild.
Getting the build result out of the vm is a bit tricky, as we don't want to mount the filesystem again after the vm was running due to security reasons. Instead, the build script running inside the vm disables swap and writes a list of file system blocks to the swap device. Then the vm terminates, and the outer build script reads the swap space to get the block list and extracts the built rpms.
Then the build script terminates and the worker sends the result back to the repo server, which sends an event to the scheduler process to make it pick up the build result.
(The worker also listens to a port, so you can stream the build log and kill running jobs.)
Thanks Michael, that was the answer I was looking for. -- Miroslav Suchy Red Hat, Software Engineer -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org