Projects/Mock

From FedoraProject

< Projects(Difference between revisions)
Jump to: navigation, search
m (remove Plague mention)
(6 intermediate revisions by 5 users not shown)
Line 6: Line 6:
  
 
== Status ==
 
== Status ==
Mock is currently being used for all Fedora builds. It is called by [[Projects/Plague|  Plague]]  (<=FC-6) and [[Koji|  Koji]] (>=F-7) to build chroots and packages.
+
Mock is currently being used for all Fedora builds. It is called by [[Koji]] to build chroots and packages.
  
 
== Download ==
 
== Download ==
Line 16: Line 16:
 
== Setup ==
 
== Setup ==
  
All users that are to use mock must be added to the mock group.
+
All users that are to use mock must be added to the 'mock' group.
 +
 
 +
<code>usermod -a -G mock [User name] && newgrp mock</code>
  
 
Configuration files are in /etc/mock.  Mock versions 0.8.0 and higher cache the downloaded rpm packages (via the yum_cache plugin), which speeds up subsequent builds by a considerable margin. Nevertheless, you may wish to change the default configuration to point to local repositories to speed up builds.
 
Configuration files are in /etc/mock.  Mock versions 0.8.0 and higher cache the downloaded rpm packages (via the yum_cache plugin), which speeds up subsequent builds by a considerable margin. Nevertheless, you may wish to change the default configuration to point to local repositories to speed up builds.
Line 22: Line 24:
 
By default, builds are done in /var/lib/mock, so be sure you have room. Starting with mock 0.8.0 and higher, you can change this via the 'basedir' config option.
 
By default, builds are done in /var/lib/mock, so be sure you have room. Starting with mock 0.8.0 and higher, you can change this via the 'basedir' config option.
  
== Using Mock outside your CVS sandbox ==
+
== Using Mock outside your git sandbox ==
  
Create your srpm using 'rpmbuild -bs'. Then change to the directory where your srpm was created.
+
Create your SRPM using 'rpmbuild -bs'. Then change to the directory where your srpm was created.
  
 
Now you can start mock with
 
Now you can start mock with
  
mock -r <configfile> rebuild package-1.2-3.src.rpm
+
<code>mock -r <configname> rebuild package-1.2-3.src.rpm</code>
  
where <configfile> is the name of a configuration from /etc/mock/.
+
where <configname> is the name of a configuration from /etc/mock/, without the /etc/mock path prefix and without the .cfg suffix.
  
 
If using mock version older than 0.8.8 or on a system with python 2.4, and building i386 packages on x86_64, prepend setarch i386 to the mock command line: setarch i386 mock -r <configfile> rebuild package-1.2-3.src.rpm. Newer versions of mock no longer need the setarch command, although it does not hurt anything if it is there.
 
If using mock version older than 0.8.8 or on a system with python 2.4, and building i386 packages on x86_64, prepend setarch i386 to the mock command line: setarch i386 mock -r <configfile> rebuild package-1.2-3.src.rpm. Newer versions of mock no longer need the setarch command, although it does not hurt anything if it is there.
Line 36: Line 38:
 
Note that you can track the progress of mock using the logs stored in <code>/var/lib/mock/<configfile>/result</code>
 
Note that you can track the progress of mock using the logs stored in <code>/var/lib/mock/<configfile>/result</code>
  
== Using Mock inside your CVS sandbox ==
+
== Using Mock inside your git sandbox ==
  
You only need to type 'make mockbuild' to start a mock build. The used architecture depends on the directory where you start the mock build.
+
You only need to type 'fedpkg mockbuild' to start a mock build. The used architecture depends on the directory where you start the mock build.
  
  
Line 48: Line 50:
 
To create the user, and put them into the mock group, run:
 
To create the user, and put them into the mock group, run:
  
    *  adduser -m -G mock build  
+
<code>adduser -m -G mock build </code>
  
Then remember to su - build prior to running mock.
+
Then remember to 'su' - build prior to running mock.
  
 
=== Untrusted Users Using Mock ===
 
=== Untrusted Users Using Mock ===
Line 56: Line 58:
 
Beware that adding a user to the mock group means that the user can easily get root access on the machine without providing a password:
 
Beware that adding a user to the mock group means that the user can easily get root access on the machine without providing a password:
 
<pre>
 
<pre>
$ /usr/bin/mock --init -r fedora-10-i386
+
$ /usr/bin/mock --init -r fedora-15-i386
$ /usr/bin/mock --shell -r fedora-10-i386
+
$ /usr/bin/mock --shell -r fedora-15-i386
 
mock-chroot> chmod u+s bin/bash
 
mock-chroot> chmod u+s bin/bash
$ /var/lib/mock/fedora-10-i386/root/bin/bash -p
+
$ /var/lib/mock/fedora-15-i386/root/bin/bash -p
 
# cat /etc/shadow
 
# cat /etc/shadow
 
</pre>
 
</pre>
Line 66: Line 68:
  
 
<pre>
 
<pre>
Usage:
+
Usage:  
usage:
+
    usage:
mock [options] {init|clean}
+
          mock [options] {--init|--clean|--scrub=[all,chroot,cache,root-cache,c-cache,yum-cache]}
mock [options] [rebuild] /path/to/srpm(s)
+
          mock [options] [--rebuild] /path/to/srpm(s)
mock [options] {shell|chroot} <cmd>
+
          mock [options] --buildsrpm {--spec /path/to/spec --sources /path/to/src|--scm-enable [--scm-option key=value]}
mock [options] installdeps {SRPM|RPM}
+
          mock [options] {--shell|--chroot} <cmd>
mock [options] install PACKAGE
+
          mock [options] --installdeps {SRPM|RPM}
commands:
+
          mock [options] --install PACKAGE
rebuild    - build the specified SRPM(s) [default command]  
+
          mock [options] --copyin path [..path] destination
chroot      - run the specified command within the chroot
+
          mock [options] --copyout path [..path] destination
shell      - run an interactive shell within specified chroot
+
          mock [options] --scm-enable [--scm-option key=value]
clean      - clean out the specified chroot
+
 
init        - initialize the chroot, do not build anything
+
installdeps - install build dependencies for a specified SRPM
+
install    - install packages using yum
+
  
 
Options:
 
Options:
--version            show program's version number and exit
+
  --version            show program's version number and exit
-h, --help            show this help message and exit
+
  -h, --help            show this help message and exit
-r CHROOT             chroot name/config file name default: default
+
  --rebuild            rebuild the specified SRPM(s)
--no-clean            do not clean chroot before building
+
  --buildsrpm          Build a SRPM from spec (--spec ...) and sources
--cleanup-after      Clean chroot after building. Use with --resultdir.
+
                        (--sources ...) or from SCM
Only active for 'rebuild'.
+
  --shell              run the specified command interactively within the
--no-cleanup-after    Dont clean chroot after building. If automatic cleanup
+
                        chroot. Default command: /bin/sh
is enabled, use this to disable.
+
  --chroot              run the specified command noninteractively within the
--arch=ARCH          target build arch
+
                        chroot.
--resultdir=RESULTDIR
+
  --clean              completely remove the specified chroot
path for resulting files to be put
+
  --scrub=[all|chroot|cache|root-cache|c-cache|yum-cache]
--uniqueext=UNIQUEEXT
+
                        completely remove the specified chroot or cache dir or
Arbitrary, unique extension to append to buildroot
+
                        all of the chroot and cache
directory name
+
  --init                initialize the chroot, do not build anything
--configdir=CONFIGDIR
+
  --installdeps        install build dependencies for a specified SRPM
Change where config files are found
+
  --install            install packages using yum
--rpmbuild_timeout=RPMBUILD_TIMEOUT
+
  --update              update installed packages using yum
Fail build if rpmbuild takes longer than 'timeout'
+
  --orphanskill        Kill all processes using specified buildroot.
seconds
+
  --copyin              Copy file(s) into the specified chroot
--enable-plugin=ENABLED_PLUGINS
+
  --copyout            Copy file(s) from the specified chroot
Enable plugin. Currently-available plugins: ('ccache',
+
  -r CHROOT, --root=CHROOT
'yum_cache', 'root_cache', 'bind_mount')
+
                        chroot name/config file name default: default
--disable-plugin=DISABLED_PLUGINS
+
  --offline            activate 'offline' mode.
Disable plugin. Currently-available plugins:
+
  --no-clean            do not clean chroot before building
('ccache', 'yum_cache', 'root_cache', 'bind_mount')
+
  --cleanup-after      Clean chroot after building. Use with --resultdir.
 +
                        Only active for 'rebuild'.
 +
  --no-cleanup-after    Dont clean chroot after building. If automatic cleanup
 +
                        is enabled, use this to disable.
 +
  --arch=ARCH          Sets kernel personality().
 +
  --target=RPMBUILD_ARCH
 +
                        passed to rpmbuild as --target
 +
  -D 'MACRO EXPR', --define='MACRO EXPR'
 +
                        define an rpm macro (may be used more than once)
 +
  --with=option        enable configure option for build (may be used more
 +
                        than once)
 +
  --without=option      disable configure option for build (may be used more
 +
                        than once)
 +
  --resultdir=RESULTDIR
 +
                        path for resulting files to be put
 +
  --uniqueext=UNIQUEEXT
 +
                        Arbitrary, unique extension to append to buildroot
 +
                        directory name
 +
  --configdir=CONFIGDIR
 +
                        Change where config files are found
 +
  --rpmbuild_timeout=RPMBUILD_TIMEOUT
 +
                        Fail build if rpmbuild takes longer than 'timeout'
 +
                        seconds
 +
  --unpriv              Drop privileges before running command when using
 +
                        --chroot
 +
  --cwd=DIR            Change to the specified directory (relative to the
 +
                        chroot) before running command when using --chroot
 +
  --spec=SPEC          Specifies spec file to use to build an SRPM (used only
 +
                        with --buildsrpm)
 +
  --sources=SOURCES    Specifies sources (either a single file or a directory
 +
                        of files)to use to build an SRPM (used only with
 +
                        --buildsrpm)
 +
  -v, --verbose        verbose build
 +
  -q, --quiet          quiet build
 +
  --trace              Enable internal mock tracing output.
 +
  --enable-plugin=ENABLED_PLUGINS
 +
                        Enable plugin. Currently-available plugins: ['tmpfs',
 +
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
 +
                        'selinux']
 +
  --disable-plugin=DISABLED_PLUGINS
 +
                        Disable plugin. Currently-available plugins: ['tmpfs',
 +
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
 +
                        'selinux']
 +
  --print-root-path    print path to chroot root
 +
  --scm-enable          build from SCM repository
 +
  --scm-option=SCM_OPTS
 +
                        define an SCM option (may be used more than once)
 
</pre>
 
</pre>
  
 
For example, to rebuild a package for i386 on the development branch of Fedora:
 
For example, to rebuild a package for i386 on the development branch of Fedora:
  
* <code>mock rebuild -r fedora-devel-i386 /path/to/rpm</code>
+
* <code>mock --rebuild -r fedora-devel-i386 /path/to/rpm</code>
  
 
See /etc/mock for the available targets.  If you have the bash-completion package installed, it will tab complete the targets for you.
 
See /etc/mock for the available targets.  If you have the bash-completion package installed, it will tab complete the targets for you.
  
 
== Problems ==
 
== Problems ==
If you encounter a bug running mock, please file it in [https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora%20Hosted%20Projects&component=mock Bugzilla] , product "Fedora Hosted Projects", component mock ([https://bugzilla.redhat.com/buglist.cgi?query_format=advanced&product=Fedora%20Hosted%20Projects&component=mock&bug_status=NEW&bug_status=ASSIGNED&bug_status=MODIFIED&bug_status=ON_DEV&bug_status=ON_QA&bug_status=VERIFIED&bug_status=FAILS_QA&bug_status=RELEASE_PENDING&bug_status=POST Open Bugs]).
+
If you encounter a bug running mock, please file it in [https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=mock Bugzilla], product "Fedora", component mock ([https://bugzilla.redhat.com/buglist.cgi?query_format=advanced&product=Fedora&component=mock&bug_status=NEW&bug_status=ASSIGNED&bug_status=MODIFIED&bug_status=ON_DEV&bug_status=ON_QA&bug_status=VERIFIED&bug_status=FAILS_QA&bug_status=RELEASE_PENDING&bug_status=POST Open Bugs]).
 +
 
 +
If your problem is specific to EPEL, then [https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora%20EPEL&component=mock file it] against the "Fedora EPEL" product instead ([https://bugzilla.redhat.com/buglist.cgi?query_format=advanced&product=Fedora%20EPEL&component=mock&bug_status=NEW&bug_status=ASSIGNED&bug_status=MODIFIED&bug_status=ON_DEV&bug_status=ON_QA&bug_status=VERIFIED&bug_status=FAILS_QA&bug_status=RELEASE_PENDING&bug_status=POST Open Bugs]).
  
 
== See Also ==
 
== See Also ==
  
[[Extras/MockTricks]]  has some useful tips for using mock.<BR>
+
* [[Extras/MockTricks]]  has some useful tips for using mock.
[[Docs/Drafts/MockSetupUsingLocalMirror]]  Setting up a local mirror using Mock. <BR>
+
* [[Docs/Drafts/MockSetupUsingLocalMirror]]  Setting up a local mirror using Mock.
[[Legacy/Mock]]  has some useful tips for building packages in mock for older Fedora and Red Hat Linux releases.
+
* [[Legacy/Mock]]  has some useful tips for building packages in mock for older Fedora and Red Hat Linux releases.

Revision as of 19:35, 7 October 2012

Contents

Mock

Mock creates chroots and builds packages in them. Its only task is to reliably populate a chroot and attempt to build a package in that chroot.

Status

Mock is currently being used for all Fedora builds. It is called by Koji to build chroots and packages.

Download

https://fedorahosted.org/mock/ has all the latest builds. It can be installed with "yum install mock".

To check out the current code:

Setup

All users that are to use mock must be added to the 'mock' group.

usermod -a -G mock [User name] && newgrp mock

Configuration files are in /etc/mock. Mock versions 0.8.0 and higher cache the downloaded rpm packages (via the yum_cache plugin), which speeds up subsequent builds by a considerable margin. Nevertheless, you may wish to change the default configuration to point to local repositories to speed up builds.

By default, builds are done in /var/lib/mock, so be sure you have room. Starting with mock 0.8.0 and higher, you can change this via the 'basedir' config option.

Using Mock outside your git sandbox

Create your SRPM using 'rpmbuild -bs'. Then change to the directory where your srpm was created.

Now you can start mock with

mock -r <configname> rebuild package-1.2-3.src.rpm

where <configname> is the name of a configuration from /etc/mock/, without the /etc/mock path prefix and without the .cfg suffix.

If using mock version older than 0.8.8 or on a system with python 2.4, and building i386 packages on x86_64, prepend setarch i386 to the mock command line: setarch i386 mock -r <configfile> rebuild package-1.2-3.src.rpm. Newer versions of mock no longer need the setarch command, although it does not hurt anything if it is there.

Note that you can track the progress of mock using the logs stored in /var/lib/mock/<configfile>/result

Using Mock inside your git sandbox

You only need to type 'fedpkg mockbuild' to start a mock build. The used architecture depends on the directory where you start the mock build.


Security Considerations

Build User

It's recommended you use a user account other than your normal user account to do the builds, just to be safe. You wouldn't want the build user to "accidentally" have access to your GPG or SSH keys.

To create the user, and put them into the mock group, run:

adduser -m -G mock build

Then remember to 'su' - build prior to running mock.

Untrusted Users Using Mock

Beware that adding a user to the mock group means that the user can easily get root access on the machine without providing a password:

$ /usr/bin/mock --init -r fedora-15-i386
$ /usr/bin/mock --shell -r fedora-15-i386
mock-chroot> chmod u+s bin/bash
$ /var/lib/mock/fedora-15-i386/root/bin/bash -p
# cat /etc/shadow

Using

Usage: 
    usage:
           mock [options] {--init|--clean|--scrub=[all,chroot,cache,root-cache,c-cache,yum-cache]}
           mock [options] [--rebuild] /path/to/srpm(s)
           mock [options] --buildsrpm {--spec /path/to/spec --sources /path/to/src|--scm-enable [--scm-option key=value]}
           mock [options] {--shell|--chroot} <cmd>
           mock [options] --installdeps {SRPM|RPM}
           mock [options] --install PACKAGE
           mock [options] --copyin path [..path] destination
           mock [options] --copyout path [..path] destination
           mock [options] --scm-enable [--scm-option key=value]


Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit
  --rebuild             rebuild the specified SRPM(s)
  --buildsrpm           Build a SRPM from spec (--spec ...) and sources
                        (--sources ...) or from SCM
  --shell               run the specified command interactively within the
                        chroot. Default command: /bin/sh
  --chroot              run the specified command noninteractively within the
                        chroot.
  --clean               completely remove the specified chroot
  --scrub=[all|chroot|cache|root-cache|c-cache|yum-cache]
                        completely remove the specified chroot or cache dir or
                        all of the chroot and cache
  --init                initialize the chroot, do not build anything
  --installdeps         install build dependencies for a specified SRPM
  --install             install packages using yum
  --update              update installed packages using yum
  --orphanskill         Kill all processes using specified buildroot.
  --copyin              Copy file(s) into the specified chroot
  --copyout             Copy file(s) from the specified chroot
  -r CHROOT, --root=CHROOT
                        chroot name/config file name default: default
  --offline             activate 'offline' mode.
  --no-clean            do not clean chroot before building
  --cleanup-after       Clean chroot after building. Use with --resultdir.
                        Only active for 'rebuild'.
  --no-cleanup-after    Dont clean chroot after building. If automatic cleanup
                        is enabled, use this to disable.
  --arch=ARCH           Sets kernel personality().
  --target=RPMBUILD_ARCH
                        passed to rpmbuild as --target
  -D 'MACRO EXPR', --define='MACRO EXPR'
                        define an rpm macro (may be used more than once)
  --with=option         enable configure option for build (may be used more
                        than once)
  --without=option      disable configure option for build (may be used more
                        than once)
  --resultdir=RESULTDIR
                        path for resulting files to be put
  --uniqueext=UNIQUEEXT
                        Arbitrary, unique extension to append to buildroot
                        directory name
  --configdir=CONFIGDIR
                        Change where config files are found
  --rpmbuild_timeout=RPMBUILD_TIMEOUT
                        Fail build if rpmbuild takes longer than 'timeout'
                        seconds
  --unpriv              Drop privileges before running command when using
                        --chroot
  --cwd=DIR             Change to the specified directory (relative to the
                        chroot) before running command when using --chroot
  --spec=SPEC           Specifies spec file to use to build an SRPM (used only
                        with --buildsrpm)
  --sources=SOURCES     Specifies sources (either a single file or a directory
                        of files)to use to build an SRPM (used only with
                        --buildsrpm)
  -v, --verbose         verbose build
  -q, --quiet           quiet build
  --trace               Enable internal mock tracing output.
  --enable-plugin=ENABLED_PLUGINS
                        Enable plugin. Currently-available plugins: ['tmpfs',
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
                        'selinux']
  --disable-plugin=DISABLED_PLUGINS
                        Disable plugin. Currently-available plugins: ['tmpfs',
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
                        'selinux']
  --print-root-path     print path to chroot root
  --scm-enable          build from SCM repository
  --scm-option=SCM_OPTS
                        define an SCM option (may be used more than once)

For example, to rebuild a package for i386 on the development branch of Fedora:

  • mock --rebuild -r fedora-devel-i386 /path/to/rpm

See /etc/mock for the available targets. If you have the bash-completion package installed, it will tab complete the targets for you.

Problems

If you encounter a bug running mock, please file it in Bugzilla, product "Fedora", component mock (Open Bugs).

If your problem is specific to EPEL, then file it against the "Fedora EPEL" product instead (Open Bugs).

See Also