From owner-freebsd-ports@FreeBSD.ORG  Fri Oct 11 11:15:00 2013
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 72367243
 for <freebsd-ports@freebsd.org>; Fri, 11 Oct 2013 11:15:00 +0000 (UTC)
 (envelope-from bdrewery@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 565062B52
 for <freebsd-ports@freebsd.org>; Fri, 11 Oct 2013 11:15:00 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r9BBExHZ078413
 for <freebsd-ports@freebsd.org>; Fri, 11 Oct 2013 11:14:59 GMT
 (envelope-from bdrewery@freefall.freebsd.org)
Received: (from bdrewery@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r9BBExVH078411
 for freebsd-ports@freebsd.org; Fri, 11 Oct 2013 11:14:59 GMT
 (envelope-from bdrewery)
Received: (qmail 74411 invoked from network); 11 Oct 2013 06:14:58 -0500
Received: from unknown (HELO ?10.10.0.24?) (freebsd@shatow.net@10.10.0.24)
 by sweb.xzibition.com with ESMTPA; 11 Oct 2013 06:14:58 -0500
Message-ID: <5257DDA8.5080202@FreeBSD.org>
Date: Fri, 11 Oct 2013 06:14:48 -0500
From: Bryan Drewery <bdrewery@FreeBSD.org>
Organization: FreeBSD
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.0.1
MIME-Version: 1.0
To: Kimo Rosenbaum <kimor79@yahoo.com>,
 "freebsd-ports@freebsd.org" <freebsd-ports@freebsd.org>
Subject: Re: poudriere and networking
References: <1381473199.36649.YahooMailNeo@web142801.mail.bf1.yahoo.com>
In-Reply-To: <1381473199.36649.YahooMailNeo@web142801.mail.bf1.yahoo.com>
X-Enigmail-Version: 1.5.2
OpenPGP: id=3C9B0CF9;
	url=http://www.shatow.net/bryan/bryan.asc
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="5poXjuH55Ef2I8vp6EXxRcpIGpr21Hx77"
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Oct 2013 11:15:00 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--5poXjuH55Ef2I8vp6EXxRcpIGpr21Hx77
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 10/11/2013 1:33 AM, Kimo Rosenbaum wrote:
> Hello,
>=20
> I'm running poudriere-devel-3.0.99.20130927 on 9.1-RELEASE. I'm trying =
to build a private port which requires downloading files after the extrac=
t target. However, it seems as though networking isn't available after po=
st-fetch. I do have RESOLV_CONF set in poudriere.conf and cat'ing /etc/re=
solv.conf in post-patch shows the correct contents. The build is able to =
run the fetch but once past post-fetch I can't do any DNS lookups nor pin=
g anything external. The host itself can do those things. Also when I ent=
er the jail via jexec I can perform those things.
>=20
> Any ideas?
>=20
> Thanks
> Kimo

This is done for security. During build, the code running is untrusted.
We don't want it to reach out and scan/infect your network during a build=
=2E

I do understand you're building a private port though. I would add a
flag to override this per port, but I worry some porter would put it in
their FreeBSD port where it does not belong.

You can apply a patch like this to your
/usr/local/share/poudriere/common.sh to work around the issue:

> --- src/share/poudriere/common.sh
> +++ src/share/poudriere/common.sh
> @@ -1402,14 +1402,10 @@
>                                 fi
>                                 return 1
>                         fi
>                 fi
>=20
> -               if [ "${phase}" =3D "checksum" ]; then
> -                       jstop
> -                       jstart 0
> -               fi
>                 print_phase_footer
>=20
>                 if [ "${phase}" =3D "checksum" ]; then
>                         mkdir -p ${mnt}/portdistfiles
>                         echo "DISTDIR=3D/portdistfiles" >> ${mnt}/etc/m=
ake.conf


--=20
Regards,
Bryan Drewery


--5poXjuH55Ef2I8vp6EXxRcpIGpr21Hx77
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSV92tAAoJEG54KsA8mwz5t7gP/3tGsIe4sEzbvi+cAVFu4346
r8PCxNc84GyXPwb+zppImkcxR0ZosQhjkgK2Eu6Q4K15eJoe8LoyKdlo//1BqnUU
8+ln7dX/MC8Fv7oHRyRfy9TDXev4kc57dhg9sgphlABlt6ObPN1ReN6G0/pWixay
+5rn0vop2b0D6xjeAx/vSujYMqKeA74+05dtIXtZ0YrEm9/pBF8yq3faXioKmQSI
+PYxqvZaK5L5nACtI7VA6QKfJTKViYTqS34zvUMm3CwMjrT3bPQqxxwFpHYVYWlF
tVPXA2/1lTwrfk1wdDeiVEO8odITW9GA4RprvgNqTIDtE6/dgHuyHR3wOjxpYMn9
i0EILFzERyMjG84wa586fDiDSyOXFhnZhlUaA8qhvz2jBvvyxLevbOU9fds15WDI
7ZdOJop4nB7guDoozt8uUBPZ3S+qO8yERtHTljItIGS2kIWWi4NKUAH9OdENErhX
vj1gvL5M1u+M2DZLXaYRYCTs40nDcxGe3r1Z8uD/BUT6o2rkMo1hwkeqjSFVZBpv
Qvrg7zLEYfX/86p323sIWvSn2ENDPE1QEKSPJNvNQn/LUcBgXFi3lTdkdZdDAWKT
fbpOqhIkieye3N7UeLbFIpoUHYCSxJ/tm3SzOsPmjEUrOLr6l9SGHVwVMlu0jpvj
MCYbSu89cSkG4uqHawcd
=ieN1
-----END PGP SIGNATURE-----

--5poXjuH55Ef2I8vp6EXxRcpIGpr21Hx77--