summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/Sbuild.hs
diff options
context:
space:
mode:
authorSean Whitton2016-05-21 20:30:18 +0900
committerSean Whitton2016-05-21 20:30:18 +0900
commitb62279a911eabaa7f2b5223f3736d90004ab7f74 (patch)
tree0b5729e1ccf5ecc49734062743685716367ace78 /src/Propellor/Property/Sbuild.hs
parent4a53b158a2b6ca5e64f45058b2e26fe0a0c579e9 (diff)
disable Sbuild.blockNetwork
Doesn't seem to have the desired effect at present.
Diffstat (limited to 'src/Propellor/Property/Sbuild.hs')
-rw-r--r--src/Propellor/Property/Sbuild.hs24
1 files changed, 12 insertions, 12 deletions
diff --git a/src/Propellor/Property/Sbuild.hs b/src/Propellor/Property/Sbuild.hs
index ecf33712..5c592238 100644
--- a/src/Propellor/Property/Sbuild.hs
+++ b/src/Propellor/Property/Sbuild.hs
@@ -13,7 +13,6 @@ Suggested usage in @config.hs@:
> & Sbuild.updatedFor (System (Debian Unstable) "i386") `period` Weekly 1
> & Sbuild.usableBy (User "spwhitton")
> & Sbuild.shareAptCache
-> & Sbuild.blockNetwork
> & Schroot.overlaysInTmpfs
In @~/.sbuildrc@:
@@ -50,7 +49,7 @@ module Propellor.Property.Sbuild (
updated,
updatedFor,
-- * Global sbuild configuration
- blockNetwork,
+ -- blockNetwork,
installed,
keypairGenerated,
shareAptCache,
@@ -257,16 +256,17 @@ ccachePrepared = propertyList "sbuild group ccache configured" $ props
& File.mode "/var/cache/ccache-sbuild/sbuild-setup"
(combineModes (readModes ++ executeModes))
--- | Block network access during builds
---
--- This is a hack from <https://wiki.debian.org/sbuild> until #802850 and
--- #802849 are resolved.
-blockNetwork :: Property Linux
-blockNetwork = Firewall.rule Firewall.OUTPUT Firewall.Filter Firewall.DROP
- (Firewall.GroupOwner (Group "sbuild")
- <> Firewall.NotDestination
- [Firewall.IPWithNumMask (IPv4 "127.0.0.1") 8])
- `requires` installed -- sbuild group must exist
+-- This doesn't seem to work with the current version of sbuild
+-- -- | Block network access during builds
+-- --
+-- -- This is a hack from <https://wiki.debian.org/sbuild> until #802850 and
+-- -- #802849 are resolved.
+-- blockNetwork :: Property Linux
+-- blockNetwork = Firewall.rule Firewall.OUTPUT Firewall.Filter Firewall.DROP
+-- (Firewall.GroupOwner (Group "sbuild")
+-- <> Firewall.NotDestination
+-- [Firewall.IPWithNumMask (IPv4 "127.0.0.1") 8])
+-- `requires` installed -- sbuild group must exist
-- ==== utility functions ====