[Qa-jenkins-scm] [Git][qa/jenkins.debian.net][master] janitor: Enable exec, dev, suid on tmpfs mounted paths.

[Holger Levsen (@holger)]

Holger Levsen pushed to branch master at Debian QA / jenkins.debian.net


Commits:
409e1b36 by Jelmer Vernooij at 2023-01-19T13:27:56+01:00
janitor: Enable exec,dev,suid on tmpfs mounted paths.

Signed-off-by: Holger Levsen <holger at layer-acht.org>

- - - - -


1 changed file:

- bin/janitor_worker.sh


Changes:

=====================================
bin/janitor_worker.sh
=====================================
@@ -2,15 +2,15 @@
 
 set -e
 
-docker run --rm --cap-add=SYS_ADMIN --privileged \
+docker run --rm --privileged \
 	--memory=20g \
 	-v /srv/janitor:/srv/janitor \
 	-e BUILD_URL="${BUILD_URL}" \
 	-e NODE_NAME="${NODE_NAME}" \
-	--mount type=tmpfs,destination=/tmp \
-	--mount type=tmpfs,destination=/var/lib/schroot/session \
-	--mount type=tmpfs,destination=/var/lib/schroot/union/overlay \
-	--mount type=tmpfs,destination=/var/lib/sbuild/build \
+	--tmpfs /tmp:rw,exec,dev,suid \
+	--tmpfs /var/lib/schroot/session:rw,exec,dev,suid \
+	--tmpfs /var/lib/schroot/union/overlay:rw,exec,dev,suid \
+	--tmpfs /var/lib/sbuild/build:rw,exec,dev,suid \
 	eu.gcr.io/debian-janitor/worker:latest \
 	--listen-address=0.0.0.0 \
 	--port=8080 \



View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/409e1b36529342bebf30312016e03eb820cfc947

-- 
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/409e1b36529342bebf30312016e03eb820cfc947
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/qa-jenkins-scm/attachments/20230119/2cf656d3/attachment-0001.htm>