This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author skrah
Recipients brett.cannon, docs@python, eric.snow, ezio.melotti, pitrou, skrah, tshepang
Date 2012-02-03.10:41:04
SpamBayes Score 4.227116e-10
Marked as misclassified No
Message-id <20120203104103.GA21108@sleipnir.bytereef.org>
In-reply-to <1328202378.3418.6.camel@localhost.localdomain>
Content
Antoine Pitrou <report@bugs.python.org> wrote:
> I'm sure some admins will prefer using their system's packages (I think
> buildbot is packaged for Debian/Ubuntu, I see it in Mageia's packages,
> not sure about Fedora).

Yes, certainly. I had a bad experience using the packaged buildbot-slave,
but I don't remember which distro it was.

Generally speaking, I've had so much trouble with rarely used packages
on multiple distros that I *always* compile or install that kind of
software directly from upstream.

> Anyway, the current instructions are on the wiki:
> http://wiki.python.org/moin/BuildBot

That's probably the best place.

Eric: I'm afraid the excerpts from the mailing list discussion you put
there are a bit confusing and don't reflect any kind of majority opinion.

For example I'm running two bots and I don't even know what this means:

"Some tests, as the start of this thread [...] indicates, must have some
 special logic to make sure they do or do not run, or run differently, in
 privileged vs. unprivileged configurations, but generally speaking most
 things should work in both places."

That does not concern a buildbot owner, since he has no influence on that.

Also, you included that nasty quote "executing arbitrarily horrible and/or
malicious code". I re-read the thread, and that quote is a half-sarcastic
concession from Glyph (who actually had a much lighter view on the whole
situation initially!) to the concerns of the people who were almost accusing
buildbot owners of being clueless.

The other side of the discussion (Martin's view) is missing completely,
despite the fact that most core developers *probably* share that view.

I'm sure you meant well, but I think we should give buildbot admins some
credit. Experienced admins don't need any advice, inexperienced admins
would be served better by a cookbook approach.

The script I posted is a start: All buildbot software is in /home/buildbot
and runs under the password-less user buildbot. In combination with a VM,
this is enough for me. If anyone thinks this is not secure enough and wants
to add chroot, jails, whatever, the best way forward is to post an improved
version.
History
Date User Action Args
2012-02-03 10:41:06skrahsetrecipients: + skrah, brett.cannon, pitrou, ezio.melotti, docs@python, tshepang, eric.snow
2012-02-03 10:41:06skrahlinkissue13124 messages
2012-02-03 10:41:04skrahcreate