On Tue, 2 Sep 2014, Adam Borowski wrote: > > (I’m aware that there is still *too* much “disable the network” in > > pbuilder. Sorry for not having had the time to work on that. I’ll > > try to do so shortly.) > > Could you tell us what's this "too much"?
#753944 > Here's how I would do it: > unshare --net > iptables rule on !127.0.0.0/8 and !::1 -j REJECT, if after the build the > rule's counter is non-zero we fail the build unsharing the network is already too much. I believe I just need to start the loopback interface in the chroot, to fix most of these, and maybe do something about /etc/hosts; see also Message #91 there. There is no iptables inside the chroot either, besides that’s just overkill (and the modules may not be loaded, etc). bye, //mirabilos -- [16:04:33] bkix: "veni vidi violini" [16:04:45] bkix: "ich kam, sah und vergeigte"... -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/alpine.deb.2.11.1409021605030.22...@tglase.lan.tarent.de