summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMattia Rizzolo <mattia@mapreri.org>2015-06-15 18:29:31 +0200
committerHolger Levsen <holger@layer-acht.org>2015-06-15 18:42:07 +0200
commit0c7a58c92456e4d3c69c38424abf86cde5948a86 (patch)
tree17f2403d43b9d59dda5d9766963335464eb36c80
parentfa84ad0ea13d80dcce563545d187244e36ae0203 (diff)
downloadjenkins.debian.net-0c7a58c92456e4d3c69c38424abf86cde5948a86.tar.xz
reproducible: build: call timeout with sudo, and not the reverse, as a user-called timeout can't kill a root process + give pbuilder 6 minutes to exit after SIGTERM before SIGKILL
-rwxr-xr-xbin/reproducible_build.sh6
-rw-r--r--etc/sudoers.d/jenkins4
2 files changed, 6 insertions, 4 deletions
diff --git a/bin/reproducible_build.sh b/bin/reproducible_build.sh
index 6cbc486b..e0270a18 100755
--- a/bin/reproducible_build.sh
+++ b/bin/reproducible_build.sh
@@ -368,7 +368,8 @@ first_build(){
local TMPCFG=$(mktemp -t pbuilderrc_XXXX --tmpdir=$TMPDIR)
set -x
printf "BUILDUSERID=1111\nBUILDUSERNAME=pbuilder1\n" > $TMPCFG
- ( timeout -k 12h 12h ionice -c 3 nice sudo \
+ # remember to change the sudoers setting if you change the following command
+ ( sudo timeout -k 12.1h 12h /usr/bin/ionice -c 3 /usr/bin/nice \
DEB_BUILD_OPTIONS="parallel=$NUM_CPU" \
TZ="/usr/share/zoneinfo/Etc/GMT+12" \
pbuilder --build \
@@ -426,7 +427,8 @@ build_rebuild() {
set -x
local TMPCFG=$(mktemp -t pbuilderrc_XXXX --tmpdir=$TMPDIR)
printf "BUILDUSERID=2222\nBUILDUSERNAME=pbuilder2\n" > $TMPCFG
- ( timeout -k 12h 12h ionice -c 3 nice sudo \
+ # remember to change the sudoers setting if you change the following command
+ ( sudo timeout -k 12.1h 12h /usr/bin/ionice -c 3 /usr/bin/nice \
DEB_BUILD_OPTIONS="parallel=$(echo $NUM_CPU-1|bc)" \
TZ="/usr/share/zoneinfo/Etc/GMT-14" \
LANG="fr_CH.UTF-8" \
diff --git a/etc/sudoers.d/jenkins b/etc/sudoers.d/jenkins
index 103841a6..c8803602 100644
--- a/etc/sudoers.d/jenkins
+++ b/etc/sudoers.d/jenkins
@@ -29,8 +29,8 @@ jenkins ALL= \
/usr/bin/guestmount *, \
/bin/cp -rv /media/*, \
/bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*,\
- SETENV: NOPASSWD: /usr/sbin/pbuilder *, \
- SETENV: NOPASSWD: /usr/bin/linux64 --uname-2.6 /usr/bin/unshare --uts -- /usr/sbin/pbuilder *, \
+ SETENV: NOPASSWD: /usr/bin/timeout -k 12.1h 12h /usr/bin/ionice -c 3 nice /usr/sbin/pbuilder *, \
+ SETENV: NOPASSWD: /usr/bin/timeout -k 12.1h 12h /usr/bin/ionice -c 3 nice /usr/bin/linux64 --uname-2.6 /usr/bin/unshare --uts -- /usr/sbin/pbuilder *, \
/bin/mv /var/cache/pbuilder/*base*.tgz /var/cache/pbuilder/*base*.tgz, \
/bin/rm /var/cache/pbuilder/*base*.tgz, \
/bin/rm -v /var/cache/pbuilder/*base*.tgz, \