GNOME Bugzilla – Bug 750726
SELinux policy denials for builddisks
Last modified: 2021-06-05 16:29:49 UTC
Creating image for buildName=20150609.38 Mounting /tmp/continuous-JKP3ZX/mnt-gnome-continuous-x86_64-devel-debug : guestmount -o allow_root --pid-file /tmp/continuous-JKP3ZX/mnt-gnome-continuous-x86_64-devel-debug.guestmount-pid -a /srv/ostree/ostbuild/work/builds/2015/06/09/38/builddisks/images/gnome-continuous-x86_64-devel-debug.qcow2 --rw -m /dev/sda3 -m /dev/sda1:/boot /tmp/continuous-JKP3ZX/mnt-gnome-continuous-x86_64-devel-debug libguestfs: error: could not create appliance through libvirt. Try running qemu directly without libvirt using this environment variable: export LIBGUESTFS_BACKEND=direct Original error from libvirt: internal error: process exited while connecting to monitor: /usr/libexec/qemu-kvm: error while loading shared libraries: libgthread-2.0.so.0: failed to map segment from shared object: Permission denied [code=1 domain=10] So the thing is we're trying to run qemu with the jhbuild environment setup. What we need is something like "jhbuild unshell" to run qemu without our LD_LIBRARY_PATH etc.
This should ensure we don't eat up gobs of disk space when this happens: https://git.gnome.org/browse/gnome-continuous/commit/?id=a0f73a3bdfc5730dac8e59cd3d71b13b650ad742 But the real fix is to audit all places where we invoke subprocesses and ensure we "jhbuild unshell". For builds with linux-user-chroot we already set a pristine env, but here we need to just undo jhbuild.
gnome-continuous is not under active development anymore. Its codebase has been archived: https://gitlab.gnome.org/Archive/gnome-continuous Closing all its open tickets as part of housekeeping.