#archlinux32 | Logs for 2022-07-31
Back
[01:48:44] -!- rogue_cheddar has joined #archlinux32
[02:10:27] -!- rogue_cheddar has quit [Quit: WeeChat 3.6]
[03:21:04] -!- drathir_tor has quit [Ping timeout: 268 seconds]
[03:22:57] -!- drathir_tor has joined #archlinux32
[04:27:20] -!- ejjdhfjsu has joined #archlinux32
[07:55:59] -!- titus_livius has joined #archlinux32
[08:13:15] -!- abaumann has joined #archlinux32
[08:13:15] <buildmaster> Hi abaumann!
[08:13:15] <buildmaster> !rq abaumann
[08:13:16] <phrik> buildmaster: <abaumann> "Round Robin": the legendary thief named Robin with a hang for good food ;-)
[08:13:23] <abaumann> Build slaves act eratic at the moment:
[08:13:23] <abaumann> /var/lib/archbuild/staging-i686/root/dev is pre-mounted and pre-populated. If a pre-mounted /dev is provided it needs to be an unpopulated file system.
[08:13:27] <abaumann> mknod(/var/lib/archbuild/staging-i686/root/dev/null) failed: File exists
[08:13:57] <abaumann> It still builds somehow..
[08:15:12] <abaumann> compiling a busybox for i486 adds mmx and endbr32 to the artifacts. busybox and/or musl might be wrong for i486..
[08:16:27] <abaumann> gcc/gdc is ok again.. fixing gdc was a little bit ugly (had to manually hack a build slave for missing gcc 11 stuff)
[08:16:50] <abaumann> making a partial and changing shim package from existing packages is a little bit problematic.
[08:28:21] <abaumann> building linux fails with:
[08:28:23] <abaumann> Error 409: Commit $(echo "djUuMTguMTUtYXJjaDE=" | base64 -d) is not signed by ABAF11C65A2970B130ABE3C479B
[08:28:26] <abaumann> E3E4300411886,647F28654894E3BD457199BE38DBBDC86092693E,A2FF3A36AAA56654109064AB19802F8B0D70FC30,C7E784946
[08:28:29] <abaumann> 6FE2358343588377258734B41C31549
[08:28:32] <abaumann> so, the tarballer doesn't work at all on the buildmaster..
[08:29:41] -!- buildmaster has quit [Remote host closed the connection]
[08:33:08] -!- buildmaster has joined #archlinux32
[08:43:45] -!- abaumann has quit [Quit: leaving]
[09:15:26] -!- GNUtoo has quit [Remote host closed the connection]
[09:15:51] -!- GNUtoo has joined #archlinux32
[09:55:52] <girls> abaumann: I'll have a look in the evening on the tarballer
[09:56:15] <girls> probably some missing gpg key or not-up-to-date git repos (e.g. failing git pull) or something "trivial" like that
[10:05:29] <girls> btw: I see "/root/dev is pre-mounted and pre-populated" on "normal" archbuild commands, too
[10:05:38] <girls> seems to be some broken locking
[10:05:44] <girls> ... but not in our tooling
[12:44:53] -!- ejjdhfjsu has quit [Remote host closed the connection]
[14:19:27] <KillerWasp> abaumann: you're still use ssh_log or you change to txt? I don't know if my suggestion has been useful to you.
[16:04:19] -!- drathir_tor has quit [Remote host closed the connection]
[16:09:55] -!- drathir_tor has joined #archlinux32
[16:53:18] -!- drathir_tor has quit [Remote host closed the connection]
[17:23:46] -!- drathir_tor has joined #archlinux32
[17:27:39] -!- drathir_tor has quit [Remote host closed the connection]
[17:34:32] -!- drathir_tor has joined #archlinux32
[18:20:09] -!- drathir_tor has quit [Remote host closed the connection]
[18:25:20] -!- drathir_tor has joined #archlinux32
[18:36:17] -!- drathir_tor has quit [Remote host closed the connection]
[18:41:47] -!- drathir_tor has joined #archlinux32
[18:56:45] -!- abaumann has joined #archlinux32
[18:56:45] <buildmaster> Hi abaumann!
[18:56:45] <buildmaster> !rq abaumann
[18:56:46] <phrik> buildmaster: <abaumann> "give developers mighty machines and trouble you have with software.."
[18:57:16] <abaumann> KillerWasp: thanks for that. But in the end the real issue was that I had binlogs enabled on the slave, this was causing all the trouble.. :-)
[18:57:30] <abaumann> So, I prefer not to touch the build system as it just works (TM)
[19:46:26] -!- abaumann has quit [Quit: leaving]
[19:59:59] -!- drathir_tor has quit [Remote host closed the connection]
[20:05:20] -!- drathir_tor has joined #archlinux32
[21:31:12] <girls> looks like the tarballer repaired itself - at least, I don't see any problem with it, currently
[22:09:00] -!- abaumann has joined #archlinux32
[22:09:06] <abaumann> deep42thought: by itself :-)
[22:09:43] <abaumann> yeah. There was a master/http timer permission conflict I solved with a bindmnt analogous to the oder bind mounts for the mirror and archive
[22:10:10] <abaumann> still struggling with getting the signing keys for those repos, they don't match, what the PKGBUILD is requesting.
[22:10:37] <abaumann> before the update script just threw "git suspicious permission errors"
[22:10:41] <girls> then the pkgbuild is wrong
[22:10:53] <girls> never seen that error before :/
[22:10:57] <abaumann> ah. this can also be. but upstream pgp keys wrong?
[22:10:58] <abaumann> mmh.
[22:11:12] <girls> sounds like it could not be
[22:11:21] <abaumann> oh. and wish-list was empty :-)
[22:11:31] <girls> empty wish-list is ok
[22:11:33] <abaumann> After finding out, what has to be in there, it also works much better.
[22:11:35] <abaumann> ah?
[22:11:42] <abaumann> this is just for new wishes, I suppose. :-)
[22:11:56] <abaumann> do you have more than three wishes?
[22:11:56] <girls> it just records all the repos, that were wished for by clients, but are not available
[22:12:07] <abaumann> ah.
[22:12:08] <girls> depends on your disc size ;)
[22:12:27] <abaumann> that's what the jinie said too.. ;-)
[22:13:48] <abaumann> -rw-rw-r-- 1 master master 53 Jul 31 21:06 wish-list
[22:13:50] <abaumann> damn.
[22:13:56] <abaumann> I have to change that again..
[22:14:33] <girls> maybe some service runs as the wrong user?
[22:16:09] <girls> actually, the wishlist should *not* be touched by a cronjob, only by the webserver (when adding new wishes)
[22:16:41] <abaumann> the touching was my, most likely, to get some initial checkouts..
[22:17:27] <girls> ah, ok, I see
[22:20:18] <abaumann> ah, I went from Commit error with pgp to an empty archlinux-linux-5.18.15.arch1.tar.gz.. some success.
[22:20:55] <girls> O.o
[22:21:39] <abaumann> na. this is too complicated for me..
[22:21:53] <abaumann> I don't understand at all what this is happening..
[22:22:09] <girls> the tarballer gives you an empty tar ball?
[22:22:15] <abaumann> yep.
[22:22:53] <abaumann> this is really a problem. A web server php script should not do pgp, git, and taring.
[22:23:13] <abaumann> it should write a task list or a queue or somehting and something in the background should do it.
[22:23:19] <girls> a webserver should not run php at all
[22:23:21] <abaumann> you risk apache is going to kill the script and so..
[22:23:30] <abaumann> yes. but short living operations..
[22:23:38] <abaumann> git is in the background..
[22:23:42] <abaumann> taring is in index.php
[22:23:49] <abaumann> but still. it should work
[22:24:07] <girls> you would need buffering, etc.
[22:24:13] <girls> this would become asynchronous
[22:24:18] <abaumann> and permissions are always an issue. php writes writing to the file system might do things you don't want. :-)
[22:24:20] <girls> not sure, if http could handle this at all
[22:24:30] <abaumann> yeah. a little bit too much effort..
[22:25:58] <abaumann> ah, index.php runs git archive..
[22:26:04] <girls> yeah
[22:26:08] <abaumann> .. and this is not allowed due to path restricitons again..
[22:26:22] <abaumann> this is the other really nasty change lately in git: safe directories..
[22:26:24] <girls> http:http should own the work dir
[22:26:26] <girls> then it should all work
[22:26:34] <abaumann> ..this didn't work for php in the past either (they tried) :-)
[22:26:44] <abaumann> no:
[22:26:46] <girls> what's "safe directories"?
[22:26:51] <abaumann> the service update script runs as master.
[22:26:58] <abaumann> again. permission safe dir errors
[22:27:01] <girls> then it should run as http, too
[22:27:27] <abaumann> git insists you do a 'git config safe dir I really meant this to be a git repo'
[22:27:33] <abaumann> this has to be in the config..
[22:27:36] <abaumann> annoying..
[22:28:04] <abaumann> so bindmnt or execute service as http or suexec
[22:28:13] <abaumann> pick your evil of the day ;-)
[22:28:19] <girls> do we need the directory twice?
[22:28:26] <girls> why not only have it owned by http?
[22:28:35] <girls> run the service as http and done
[22:28:57] <abaumann> that's one the second of three evils. I tried the first one already :-)
[22:29:05] <abaumann> the last one I will not attempt..
[22:29:28] <girls> but running the service as the correct user seems pretty much easier than bindmnt
[22:29:40] <girls> at least, if noone needs to access the dir from user "master"
[22:29:45] <abaumann> yeah, but it would separate somewhat things..
[22:29:57] <girls> yeah
[22:30:06] <abaumann> doesn't really matter too much.
[22:30:07] <girls> but that's all right: the webserver is not the buildmaster
[22:30:11] <abaumann> yep.
[22:34:09] <abaumann> XDG_RUNTIME_DIR=/run/user/$UID systemctl --user list-timers --all
[22:34:09] <abaumann> Failed to connect to bus: No such file or directory
[22:34:12] <abaumann> I really hate systemd
[22:34:23] <abaumann> systemctl --user list-timers --all
[22:34:48] <abaumann> don't tell me that user 'http' has no dbus whatever context..
[22:35:17] <abaumann> ok, I make a crontab, I'm fed up..
[22:35:42] <girls> you can run it as root service with User=http, I think
[22:36:23] <abaumann> With cron I had to write one line. With systemd I have to write .service, .timer, remember strange syntax, enable/start both services.
[22:36:34] <girls> yes, indeeed
[22:36:41] <girls> I'm not against crontabs at all :)
[22:36:44] <abaumann> the output of list-timers is just bad.
[22:37:04] <abaumann> and you can't do simple stuff like in shutdownasap test if a timer is currently running.
[22:37:09] <girls> the only problem with crontab is, that you need to run the crontab service for each user separately IIRC
[22:38:01] <girls> or maybe not - I'm not sure
[22:39:12] <abaumann> crond can fork for every user.
[22:39:25] <abaumann> or drop privileges late when it executes the script
[22:39:46] <abaumann> The how might be the same in cron/systemd. I don't appreciate about the usability.
[22:40:23] <abaumann> and having to tell where DBUS is running with XDG_RUNTIME_DIR=/run/user/$UID is really so 1970ish.
[22:40:52] <abaumann> I was under the implession, that those are variables you set in a login session.
[22:41:03] <abaumann> So, I understand why http doesn't have them, but master?
[22:41:58] <abaumann> aha. I see a gzip and a tar now on the buildmaster
[22:42:01] <abaumann> -> Downloading archlinux-linux-5.18.15.arch1.tar.gz...
[22:42:17] <girls> \o/
[22:42:18] <abaumann> this looks promising, but I had to temporarily remove the pgp check in index.php
[22:42:32] <girls> then there's something wrong with the keyring
[22:42:37] <girls> can you share the dl url?
[22:42:59] <girls> please don't disable the pgp check - this basically circumvents any signature check
[22:43:03] <abaumann> this is the local keying in work/gnupg
[22:43:12] <girls> yes
[22:43:26] <abaumann> well, somehow this doesn't work.
[22:43:29] <girls> can you give me the url, that the client tries do download from the tarballer?
[22:44:12] <abaumann> sl on the buildmaster, very funny :-)
[22:44:19] <girls> :)
[22:46:51] <abaumann> there is some shell_exec --receive-keys in index.php. that helps.
[22:47:06] <girls> yes, that's its purpose there
[22:47:16] <abaumann> I switched now back to gpg checks, now they pass.
[22:47:22] <abaumann> I blame it all on permission issues..
[22:47:22] <girls> has some security implications, though
[22:47:34] <girls> I would blame it on outdated keys :)
[22:47:44] <abaumann> true :-)
[23:06:54] -!- abaumann has quit [Quit: leaving]
[23:55:10] -!- drathir_tor has quit [Write error: Connection reset by peer]
[23:55:10] -!- GNUtoo has quit [Write error: Connection reset by peer]