Mimi,
On Tue, Nov 02, 2021 at 08:32:30PM -0400, Mimi Zohar wrote:
> On Wed, 2021-11-03 at 02:23 +0300, Vitaly Chikunov wrote:
> > On Tue, Nov 02, 2021 at 07:17:42PM -0400, Mimi Zohar wrote:
> > > Instead of returning an image, it prompts for a response. Hardcode
> > > to use docker.io.
> > >
> > > Please select an image:
> > > ▸ docker.io/library/alt:sisyphus
> > > quay.io/alt:sisyphus
> > >
> > > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
> > > ---
> > > .travis.yml | 5 +++--
> > > 1 file changed, 3 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/.travis.yml b/.travis.yml
> > > index 42853e16bfee..3836befe0bae 100644
> > > --- a/.travis.yml
> > > +++ b/.travis.yml
> > > @@ -68,7 +68,7 @@ matrix:
> > > compiler: gcc
> > >
> > > - os: linux
> > > - env: DISTRO=alt:sisyphus TSS=libtpm2-tss-devel CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host"
> > > + env: REPO="docker.io/library" DISTRO=${REPO}/alt:sisyphus TSS=libtpm2-tss-devel CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host"
> >
> > I wonder why podman is used in this case.
>
> We were seeing issues on Alpine, Fedora, and Alt. Changing to podman
> fixed them. For example on Alt, we started seeing the following, but
> openssl-gost was installed. [1]
>
> + control openssl-gost
> control: No such facility: openssl-gost
Now I realize that podman is used to workaround incorrect seccomp
filtering of faccessat2 syscall in old Docker (with EPERM instead of
ENOSYS). This problem is still not fixed in bionic Travis instances,
causing "control: No such facility" errors.
Thanks,
>
> I've reverted the commit, but I don't have access to the public travis.
> I've asked Stefan to trigger travis and am waiting for the results.
>
> Mimi
>
> [1]
> https://app.travis-ci.com/github/stefanberger/ima-evm-utils/jobs/545999661
