On 18.01.2023 07:54, Arkadiusz Miśkiewicz via pld-devel-en wrote: > On 17.01.2023 12:23, Jan Palus wrote: > > Noticed during build of kodi-addon-inputstream-adaptive that contrary to > > x86_64 and i686, x32 builder downloaded external sources successfully: > > bind was installed there and seems that even if there is no access to > /etc/resolv.conf glibc fallbacks to querying 127.0.0.1:53 > > Uninstalled. > > The best would be to change UID of "builder" user used inside of chroot > and drop all outgoing packets coming from it at iptables level.
Or perhaps modify pld-builder to make each rpmbuild invocation in a new network namespace via `unshare -n -c`. That would effectively cut whole network for the process. _______________________________________________ pld-devel-en mailing list pld-devel-en@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-devel-en