[JIRA] (OVIRT-1170) add option to disable networking (or have it off by default)
Barak Korren (oVirt JIRA)
jira at ovirt-jira.atlassian.net
Tue Feb 21 17:57:02 UTC 2017
[ https://ovirt-jira.atlassian.net/browse/OVIRT-1170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=27532#comment-27532 ]
Barak Korren commented on OVIRT-1170:
-------------------------------------
Oh sorry that should have been:
{code}
rm /etc/resolv.conf
{code}
Or perhaps more safely:
{code}
truncate /etc/resolv.conf
{code}
This should be safe enough, and will block anything that does not use direct IP addresses to access outside resources.
> add option to disable networking (or have it off by default)
> ------------------------------------------------------------
>
> Key: OVIRT-1170
> URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1170
> Project: oVirt - virtualization made easy
> Issue Type: New Feature
> Reporter: Greg Sheremeta
> Assignee: infra
>
> Add option to disable networking (or have it off by default). Basically, we want to prevent a job from accessing the internet if we want repeatable builds and/or are doing a downstream build somewhere else. Other/downstream build environments often have networking off. Copr has an option: (See: https://lists.fedorahosted.org/archives/list/copr-devel@lists.fedorahosted.org/thread/LZZPJ534ZDRD7YYFDC3BXDUVVPF5B735/ )
> In particular, the ovirt-engine-nodejs-modules build-artifacts job *tries* to stay offline, but an evil node module called 'phantomjs' connects to the internet in a post-offline-install hook. I'd like the option to disallow that and have the build fail.
--
This message was sent by Atlassian JIRA
(v1000.773.2#100032)
More information about the Infra
mailing list