server. Error conditions are flagged by other processes by creating
a named dotfile in ${scratchdir}. If these files are found, report the
error status instead of the number of running jobs. Currently report "ERR"
for all error conditions; I will probably change this to a per-condition
message.
Currently only "squid not running" and "disk space low" conditions are
reported.
If the package copy fails, bail out immediately instead of later on when
we try to pkg_add it. Also trap signals and bail out.
Both conditions will cause a retry of the package build.
If portbuild bailed out unexpectedly, mail the log to ${mailto}.
Add some XXX comments about improving robustness of this script.
Sleep for 2 minutes before retrying builds, to avoid spamming ${mailto}
with a high rate of failure logs. In future we might be smarter about
attempting to automatically correct common failure modes.
* Test whether squid is running. If not, try to kick off
the rc script in the background in case it can be restarted
cleanly.
* Test for at least 100MB of free space on the scratch partition.
If either condition fails, set an exception flag and bail out. This
will be reported back to the server via reportload.
cause is because it was specified in the list twice)
* Don't panic when the list of packages to delete becomes empty
* When unexpected filesystem changes are detected, bail immediately
instead of proceeding and hiding the error in the middle of
the log
with all the errors from broken pkg_delete scripts
* As threatened in previous commit, move the pristine mtree spec
generation to phase 1, and avoid having to delete and re-add the
FETCH_DEPENDS. We still have to keep them installed until after
'make extract' though
arguments (cosmetic)
* Detect if a chroot was used to run a jailed build, and first attempt
to gracefully shut it down by killing everything within using pgrep(1)
This has a much higher chance of succeeding that relying on fstat to
identify processes that might interfere with our attempts to clean up
mountpoints, which is fragile (libkvm-dependent), and inherently
unreliable at best.
in portbuild.conf (or per-machine .conf), then construct a 127.0.0.0/8
IP address based on the build directory ID (i.e. unique for each
build instance). This is bound to the lo0 interface for the duration
of the 'phase 2' build.
We cannot build 'phase 1' in a jail since 'make fetch' doesn't always
work through a proxy (e.g. squid sometimes mangles files fetched through
FTP, I think by performing CR/LF translation in FTP ASCII mode).
Pass in the HTTP_PROXY variable to the jail, if set. This allows FTP/HTTP
access from within the jail if the proxy is suitably configured (some ports
legitimately need to fetch additional files during the build, e.g. if they
have a BUILD_DEPENDS=...:configure target that needs to fetch additional
distfiles).
Not all ports can be built in jails (most notably the linux_base ports
since they want to mount/umount linprocfs), so we will need to come up
with a way to deal with this.
Some ports require SYSV IPC, so security.jail.sysvipc_allowed=1 might be
required. Some other ports attempt to perform DNS lookups, ping, or
outbound TCP connections during the build.
When it works, this provides better compartmentalization of package builds,
e.g. easier termination of builds without the possibility of daemonized
processes staying active; no possibility of accidental interference
between jails, etc. It also allows for admin monitoring using jls(1).
* Remove old logs and possible compressed logs before attempting the build
Requested by: lofi [1]
Submitted by: linimon [1]
No more accidental portbuild spam: kris and krion [1]
* Only keep distfiles if the port passes 'make fetch', so we don't
accidentally keep files with invalid checksums
* Use cleanup() instead of directly exiting in some error conditions
* When cleanup() is called indicating an unexpected error (possibly
leaving the filesystem in an inconsistent state), mark the chroot
as dirty so it will not be reused by another build
* Remove packages in dependency order instead of with pkg_delete -f in
possibly incorrect order. This paves the way for focusing on errors
generated by pkg_delete (e.g. @dirrm that should be @dirrmtry) in the
future. [1]
* Detect when packages were left behind because they were still in use
by other packages, indicating an incorrect or incomplete port
dependency list
* Partial support for ccache builds (not yet complete)
* Support non-standard LOCALBASE/X11BASE settings
* Delete FETCH_DEPENDS after the 'make fetch' stage. We have to add
them again before 'make extract' since, due to a lack of a 'fetch
cookie', 'make extract' actually *always* runs 'make fetch' again,
even when distfiles have already been fetched. We need to delete
them in order to:
* Record an mtree spec of the 'pristine' filesystem state, for later
comparison.
# XXX Perhaps this can be done in stage 1 before the
# 'make fetch', removing the need to delete-and-readd.
* Also record an mtree spec of the filesystem state prior to the
build phase. Compare this to the state of the filesystem
immediately before running the install phase, to detect files
that were inappropriately installed during the build phase.
Doing so is a fatal error.
* Prior to installing, try to run a 'regression-test' port makefile
target, if it exists. This allows ports to hook their internal
regression suites into the package build. This needs further
infrastructure support, e.g. a default NOP target in bsd.port.mk.
For now this is run with 'make -k', so regression failures will
not yet actually cause package build failures.
* Separate the 'make install' from 'make package' phases rather than
let the latter implicitly do the install.
* After the newly packaged port has been deleted, compare the state
of the filesystem to the state before 'make install'.
* After removing BUILD and RUN dependencies, compare the filesystem
state to the pristine state before the start of the build. This
also detects package dependencies that did not clean themselves up
properly when deinstalling. It also detects dependencies that were
'missing' from the port INDEX: these were not pkg_added into place,
so the package build had to compile them from scratch (a big waste
of time and effort), so this is now also a fatal error.
PR: ports/85746 (inspired by) [1]
Submitted by: Boris B. Samorodov <bsam@ipt.ru> [1]
and copy it to the client. This has two benefits:
1) Avoids spamming the master with dozens of md5 processes when
dosetupnode is spawned for all client machines at ocne
2) Avoids silly copy attempts on disconnected nodes for which the file
is copied to itself
portbuild.conf, builds will each be done in a separate swap-backed md.
This dramatically improves build performance since
* Every transaction is not written to disk, so disk bandwidth is not
a bottleneck
* Multiple builds do not contend with each other for the same set of
filesystem locks and other per-device resources
The size of the md devices is controlled by the md_size variable. '2g'
seems to be a good size.
Currently we mdconfig -u each device after each port build, since
otherwise dirty blocks accumulate and the md eventually uses a full
amount of backing store (2g in the above example). This is a problem
if there is unsufficient swap backing to accomodate them all.
XXX This should be made configurable to avoid the performance penalty on
systems that do have enough swap backing