work with no keep-id
Signed-off-by: fbt <fbt@fleshless.org>
This commit is contained in:
parent
8adeef05bc
commit
0a31377fcd
|
@ -3,14 +3,21 @@
|
||||||
# Upgrade
|
# Upgrade
|
||||||
pacman -Suy --noconfirm
|
pacman -Suy --noconfirm
|
||||||
|
|
||||||
|
# Create a builder user
|
||||||
|
groupadd -g 1100 builder
|
||||||
|
useradd -g 1100 -u 1100 builder
|
||||||
|
|
||||||
# gnupg dir permissions
|
# gnupg dir permissions
|
||||||
chown -R "$BUILDUSER:$BUILDUSER" /.gnupg
|
chown -R builder:builder /.gnupg /buildroot
|
||||||
|
|
||||||
# Add sudo permissions for pacman to install dependencies
|
# Add sudo permissions for pacman to install dependencies
|
||||||
printf '%s ALL=(ALL) NOPASSWD: /usr/bin/pacman\n' "$BUILDUSER" > /etc/sudoers.d/builduser
|
printf '%s ALL=(ALL) NOPASSWD: /usr/bin/pacman\n' builder > /etc/sudoers.d/builduser
|
||||||
|
|
||||||
# Workdir
|
# Workdir
|
||||||
cd /buildroot
|
cd /buildroot
|
||||||
|
|
||||||
# Build the damn thing
|
# Build the damn thing
|
||||||
sudo -u "$BUILDUSER" GNUPGHOME="/.gnupg" makepkg "$@"
|
sudo -u builder GNUPGHOME="/.gnupg" makepkg "$@"
|
||||||
|
|
||||||
|
# Return the permissions
|
||||||
|
chown -R root:root /buildroot
|
||||||
|
|
|
@ -4,7 +4,6 @@ image=${PODMAN_IMAGE:-localhost/spark:autobuilder}
|
||||||
|
|
||||||
podman_cmd=(
|
podman_cmd=(
|
||||||
podman run --rm -it -u root
|
podman run --rm -it -u root
|
||||||
--userns=keep-id
|
|
||||||
-v "$PWD:/buildroot"
|
-v "$PWD:/buildroot"
|
||||||
--workdir /buildroot
|
--workdir /buildroot
|
||||||
--name "autobuilder.$$"
|
--name "autobuilder.$$"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user