From Fedora Project Wiki

m (layout changes)
(Update content for current mock... could use a check by smarter bears)
Line 24: Line 24:
By default, builds are done in /var/lib/mock, so be sure you have room. Starting with mock 0.8.0 and higher, you can change this via the 'basedir' config option.
By default, builds are done in /var/lib/mock, so be sure you have room. Starting with mock 0.8.0 and higher, you can change this via the 'basedir' config option.


== Using Mock outside your CVS sandbox ==
== Using Mock outside your git sandbox ==


Create your SRPM using 'rpmbuild -bs'. Then change to the directory where your srpm was created.
Create your SRPM using 'rpmbuild -bs'. Then change to the directory where your srpm was created.
Line 38: Line 38:
Note that you can track the progress of mock using the logs stored in <code>/var/lib/mock/<configfile>/result</code>
Note that you can track the progress of mock using the logs stored in <code>/var/lib/mock/<configfile>/result</code>


== Using Mock inside your CVS sandbox ==
== Using Mock inside your git sandbox ==


You only need to type 'make mockbuild' to start a mock build. The used architecture depends on the directory where you start the mock build.
You only need to type 'fedpkg mockbuild' to start a mock build. The used architecture depends on the directory where you start the mock build.




Line 58: Line 58:
Beware that adding a user to the mock group means that the user can easily get root access on the machine without providing a password:
Beware that adding a user to the mock group means that the user can easily get root access on the machine without providing a password:
<pre>
<pre>
$ /usr/bin/mock --init -r fedora-10-i386
$ /usr/bin/mock --init -r fedora-15-i386
$ /usr/bin/mock --shell -r fedora-10-i386
$ /usr/bin/mock --shell -r fedora-15-i386
mock-chroot> chmod u+s bin/bash
mock-chroot> chmod u+s bin/bash
$ /var/lib/mock/fedora-10-i386/root/bin/bash -p
$ /var/lib/mock/fedora-15-i386/root/bin/bash -p
# cat /etc/shadow
# cat /etc/shadow
</pre>
</pre>
Line 68: Line 68:


<pre>
<pre>
Usage:
Usage:  
usage:
    usage:
mock [options] {init|clean}
          mock [options] {--init|--clean|--scrub=[all,chroot,cache,root-cache,c-cache,yum-cache]}
mock [options] [rebuild] /path/to/srpm(s)
          mock [options] [--rebuild] /path/to/srpm(s)
mock [options] {shell|chroot} <cmd>
          mock [options] --buildsrpm {--spec /path/to/spec --sources /path/to/src|--scm-enable [--scm-option key=value]}
mock [options] installdeps {SRPM|RPM}
          mock [options] {--shell|--chroot} <cmd>
mock [options] install PACKAGE
          mock [options] --installdeps {SRPM|RPM}
commands:
          mock [options] --install PACKAGE
rebuild    - build the specified SRPM(s) [default command]  
          mock [options] --copyin path [..path] destination
chroot      - run the specified command within the chroot
          mock [options] --copyout path [..path] destination
shell      - run an interactive shell within specified chroot
          mock [options] --scm-enable [--scm-option key=value]
clean      - clean out the specified chroot
 
init        - initialize the chroot, do not build anything
installdeps - install build dependencies for a specified SRPM
install    - install packages using yum


Options:
Options:
--version            show program's version number and exit
  --version            show program's version number and exit
-h, --help            show this help message and exit
  -h, --help            show this help message and exit
-r CHROOT             chroot name/config file name default: default
  --rebuild            rebuild the specified SRPM(s)
--no-clean            do not clean chroot before building
  --buildsrpm          Build a SRPM from spec (--spec ...) and sources
--cleanup-after      Clean chroot after building. Use with --resultdir.
                        (--sources ...) or from SCM
Only active for 'rebuild'.
  --shell              run the specified command interactively within the
--no-cleanup-after    Dont clean chroot after building. If automatic cleanup
                        chroot. Default command: /bin/sh
is enabled, use this to disable.
  --chroot              run the specified command noninteractively within the
--arch=ARCH          target build arch
                        chroot.
--resultdir=RESULTDIR
  --clean              completely remove the specified chroot
path for resulting files to be put
  --scrub=[all|chroot|cache|root-cache|c-cache|yum-cache]
--uniqueext=UNIQUEEXT
                        completely remove the specified chroot or cache dir or
Arbitrary, unique extension to append to buildroot
                        all of the chroot and cache
directory name
  --init                initialize the chroot, do not build anything
--configdir=CONFIGDIR
  --installdeps        install build dependencies for a specified SRPM
Change where config files are found
  --install            install packages using yum
--rpmbuild_timeout=RPMBUILD_TIMEOUT
  --update              update installed packages using yum
Fail build if rpmbuild takes longer than 'timeout'
  --orphanskill        Kill all processes using specified buildroot.
seconds
  --copyin              Copy file(s) into the specified chroot
--enable-plugin=ENABLED_PLUGINS
  --copyout            Copy file(s) from the specified chroot
Enable plugin. Currently-available plugins: ('ccache',
  -r CHROOT, --root=CHROOT
'yum_cache', 'root_cache', 'bind_mount')
                        chroot name/config file name default: default
--disable-plugin=DISABLED_PLUGINS
  --offline            activate 'offline' mode.
Disable plugin. Currently-available plugins:
  --no-clean            do not clean chroot before building
('ccache', 'yum_cache', 'root_cache', 'bind_mount')
  --cleanup-after      Clean chroot after building. Use with --resultdir.
                        Only active for 'rebuild'.
  --no-cleanup-after    Dont clean chroot after building. If automatic cleanup
                        is enabled, use this to disable.
  --arch=ARCH          Sets kernel personality().
  --target=RPMBUILD_ARCH
                        passed to rpmbuild as --target
  -D 'MACRO EXPR', --define='MACRO EXPR'
                        define an rpm macro (may be used more than once)
  --with=option        enable configure option for build (may be used more
                        than once)
  --without=option      disable configure option for build (may be used more
                        than once)
  --resultdir=RESULTDIR
                        path for resulting files to be put
  --uniqueext=UNIQUEEXT
                        Arbitrary, unique extension to append to buildroot
                        directory name
  --configdir=CONFIGDIR
                        Change where config files are found
  --rpmbuild_timeout=RPMBUILD_TIMEOUT
                        Fail build if rpmbuild takes longer than 'timeout'
                        seconds
  --unpriv              Drop privileges before running command when using
                        --chroot
  --cwd=DIR            Change to the specified directory (relative to the
                        chroot) before running command when using --chroot
  --spec=SPEC          Specifies spec file to use to build an SRPM (used only
                        with --buildsrpm)
  --sources=SOURCES    Specifies sources (either a single file or a directory
                        of files)to use to build an SRPM (used only with
                        --buildsrpm)
  -v, --verbose        verbose build
  -q, --quiet          quiet build
  --trace              Enable internal mock tracing output.
  --enable-plugin=ENABLED_PLUGINS
                        Enable plugin. Currently-available plugins: ['tmpfs',
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
                        'selinux']
  --disable-plugin=DISABLED_PLUGINS
                        Disable plugin. Currently-available plugins: ['tmpfs',
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
                        'selinux']
  --print-root-path    print path to chroot root
  --scm-enable          build from SCM repository
  --scm-option=SCM_OPTS
                        define an SCM option (may be used more than once)
</pre>
</pre>



Revision as of 14:41, 13 July 2011

Mock

Mock creates chroots and builds packages in them. Its only task is to reliably populate a chroot and attempt to build a package in that chroot.

Status

Mock is currently being used for all Fedora builds. It is called by Plague (<=FC-6) and Koji (>=F-7) to build chroots and packages.

Download

https://fedorahosted.org/mock/ has all the latest builds. It can be installed with "yum install mock".

To check out the current code:

Setup

All users that are to use mock must be added to the 'mock' group.

usermod -a G mock [User name] && newgrp mock

Configuration files are in /etc/mock. Mock versions 0.8.0 and higher cache the downloaded rpm packages (via the yum_cache plugin), which speeds up subsequent builds by a considerable margin. Nevertheless, you may wish to change the default configuration to point to local repositories to speed up builds.

By default, builds are done in /var/lib/mock, so be sure you have room. Starting with mock 0.8.0 and higher, you can change this via the 'basedir' config option.

Using Mock outside your git sandbox

Create your SRPM using 'rpmbuild -bs'. Then change to the directory where your srpm was created.

Now you can start mock with

mock -r <configfile> rebuild package-1.2-3.src.rpm

where <configfile> is the name of a configuration from /etc/mock/.

If using mock version older than 0.8.8 or on a system with python 2.4, and building i386 packages on x86_64, prepend setarch i386 to the mock command line: setarch i386 mock -r <configfile> rebuild package-1.2-3.src.rpm. Newer versions of mock no longer need the setarch command, although it does not hurt anything if it is there.

Note that you can track the progress of mock using the logs stored in /var/lib/mock/<configfile>/result

Using Mock inside your git sandbox

You only need to type 'fedpkg mockbuild' to start a mock build. The used architecture depends on the directory where you start the mock build.


Security Considerations

Build User

It's recommended you use a user account other than your normal user account to do the builds, just to be safe. You wouldn't want the build user to "accidentally" have access to your GPG or SSH keys.

To create the user, and put them into the mock group, run:

adduser -m -G mock build

Then remember to 'su' - build prior to running mock.

Untrusted Users Using Mock

Beware that adding a user to the mock group means that the user can easily get root access on the machine without providing a password:

$ /usr/bin/mock --init -r fedora-15-i386
$ /usr/bin/mock --shell -r fedora-15-i386
mock-chroot> chmod u+s bin/bash
$ /var/lib/mock/fedora-15-i386/root/bin/bash -p
# cat /etc/shadow

Using

Usage: 
    usage:
           mock [options] {--init|--clean|--scrub=[all,chroot,cache,root-cache,c-cache,yum-cache]}
           mock [options] [--rebuild] /path/to/srpm(s)
           mock [options] --buildsrpm {--spec /path/to/spec --sources /path/to/src|--scm-enable [--scm-option key=value]}
           mock [options] {--shell|--chroot} <cmd>
           mock [options] --installdeps {SRPM|RPM}
           mock [options] --install PACKAGE
           mock [options] --copyin path [..path] destination
           mock [options] --copyout path [..path] destination
           mock [options] --scm-enable [--scm-option key=value]


Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit
  --rebuild             rebuild the specified SRPM(s)
  --buildsrpm           Build a SRPM from spec (--spec ...) and sources
                        (--sources ...) or from SCM
  --shell               run the specified command interactively within the
                        chroot. Default command: /bin/sh
  --chroot              run the specified command noninteractively within the
                        chroot.
  --clean               completely remove the specified chroot
  --scrub=[all|chroot|cache|root-cache|c-cache|yum-cache]
                        completely remove the specified chroot or cache dir or
                        all of the chroot and cache
  --init                initialize the chroot, do not build anything
  --installdeps         install build dependencies for a specified SRPM
  --install             install packages using yum
  --update              update installed packages using yum
  --orphanskill         Kill all processes using specified buildroot.
  --copyin              Copy file(s) into the specified chroot
  --copyout             Copy file(s) from the specified chroot
  -r CHROOT, --root=CHROOT
                        chroot name/config file name default: default
  --offline             activate 'offline' mode.
  --no-clean            do not clean chroot before building
  --cleanup-after       Clean chroot after building. Use with --resultdir.
                        Only active for 'rebuild'.
  --no-cleanup-after    Dont clean chroot after building. If automatic cleanup
                        is enabled, use this to disable.
  --arch=ARCH           Sets kernel personality().
  --target=RPMBUILD_ARCH
                        passed to rpmbuild as --target
  -D 'MACRO EXPR', --define='MACRO EXPR'
                        define an rpm macro (may be used more than once)
  --with=option         enable configure option for build (may be used more
                        than once)
  --without=option      disable configure option for build (may be used more
                        than once)
  --resultdir=RESULTDIR
                        path for resulting files to be put
  --uniqueext=UNIQUEEXT
                        Arbitrary, unique extension to append to buildroot
                        directory name
  --configdir=CONFIGDIR
                        Change where config files are found
  --rpmbuild_timeout=RPMBUILD_TIMEOUT
                        Fail build if rpmbuild takes longer than 'timeout'
                        seconds
  --unpriv              Drop privileges before running command when using
                        --chroot
  --cwd=DIR             Change to the specified directory (relative to the
                        chroot) before running command when using --chroot
  --spec=SPEC           Specifies spec file to use to build an SRPM (used only
                        with --buildsrpm)
  --sources=SOURCES     Specifies sources (either a single file or a directory
                        of files)to use to build an SRPM (used only with
                        --buildsrpm)
  -v, --verbose         verbose build
  -q, --quiet           quiet build
  --trace               Enable internal mock tracing output.
  --enable-plugin=ENABLED_PLUGINS
                        Enable plugin. Currently-available plugins: ['tmpfs',
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
                        'selinux']
  --disable-plugin=DISABLED_PLUGINS
                        Disable plugin. Currently-available plugins: ['tmpfs',
                        'root_cache', 'yum_cache', 'bind_mount', 'ccache',
                        'selinux']
  --print-root-path     print path to chroot root
  --scm-enable          build from SCM repository
  --scm-option=SCM_OPTS
                        define an SCM option (may be used more than once)

For example, to rebuild a package for i386 on the development branch of Fedora:

  • mock rebuild -r fedora-devel-i386 /path/to/rpm

See /etc/mock for the available targets. If you have the bash-completion package installed, it will tab complete the targets for you.

Problems

If you encounter a bug running mock, please file it in Bugzilla, product "Fedora", component mock (Open Bugs).

If your problem is specific to EPEL, then file it against the "Fedora EPEL" product instead (Open Bugs).

See Also