Mailinglist Archive: opensuse-buildservice (88 mails)

< Previous Next >
Re: [opensuse-buildservice] Problems after update to 2.9.2

On 8. Jun 2018, at 15:50 , Adrian Schröter <adrian@xxxxxxx> wrote:

begin of this week I updated our private instance of OBS from 2.8.4 to
2.9.2. First tests did not show any
issues, builds were running just fine. But after adding a new worker (no
package cache !) we get
build errors, in the build log we see that getbinaries did fail for the
basic system packages (but the
files are available and the packages do not have any unresolved state.
In the repo server log I see the GET /getbinaries request and then a POST
with failed status, nothing more.
With Wireshark I saw that the answer for the /getbinaries request do contain
info with "file is a symlink".
Our base OS repositories are created from loop mounted Product DVDs or a
local SMT copy, all packages are sym linked to
the :full/ directory of the project, since we are in a fully isolated
network. This setup did work without any issues
for some years until now and I know some other private installations which
use a similar bootstrapping method for the basic repositories.

Digging a little bit deeper in the repo server backend code, I found that
some special handling for symlinks was introduced
In the BSHTTP::cpio_sender function and that the function has some support
do follow symlinks, but this was not enabled in the calling
function BSServer::reply_cpio, adding 'follow' => 1 as parameter to the call
of BSHTTP::cpio_sender seems to fix this problem for me.

Questions: Is this valid as fix for now ? Is this a bug or is here some
reason to forbid following symlinks ?

This is considered to be a security feature from our side. We could make it
configurable though.

This kind of setup is not really 100% supported atm, is there any reason why
you don't just use DoD functionality?

This problem would hit us also.
We're using DoD for recent versions, but we also have a bunch of legacy stuff
with a similar symlink strategy.


kind regards,
Carsten Hoeger
Professional Services

Email: carsten.hoeger@xxxxxxxxxxxxxxxx

Open-Xchange AG, Rollnerstr. 14, 90408 Nuremberg,
District Court Nuremberg HRB 24738
Managing Board: Rafael Laguna de la Vera, Carsten Dirks,
Michael Knapstein, Stephan Martin
Chairman of the Board: Richard Seibt

European Office:
Open-Xchange GmbH, Olper Huette 5f, D-57462 Olpe, Germany,
District Court Siegen, HRB 8718
Managing Director: Frank Hoberg

US Office:
Open-Xchange. Inc., 530 Lytton Avenue, Palo Alto, CA 94301, USA

To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >