Google Git
Sign in
bazel / bazel / d4390f81b306f3ae0b2f85c722965142e14dd356
commitd4390f81b306f3ae0b2f85c722965142e14dd356[log] [tgz]
authorPras Velagapudi <psigen@gmail.com>Thu Jun 17 08:46:25 2021 -0700
committerCopybara-Service <copybara-worker@google.com>Thu Jun 17 08:47:47 2021 -0700
tree216b1888fe0fd97488658746b23c4b1b040a905f
parentbb725018b85e18c75ccf8db574cc799cc7569d2a [diff]
Add --no-log-init flag to docker sandbox.

This adds the `--no-log-init` flag (`-l`) to the internal `useradd` command used to initial the docker sandbox environment.

Without this flag, AD/LDAP/SSSD users that have large UID/GID values will be added to `lastlog`/`faillog`, but since docker does not support sparse files, this will cause the docker daemon to attempt to create a `/var/lib/docker/overlay2` entry that may consume all available disk space.

https://github.com/moby/moby/issues/5419#issuecomment-332785867

For one example, my SSSD-assigned uid is `1553201121`, which makes the _sparse_ size of my `lastlog` file 423GB.  If this uid is used by bazel's docker-sandbox, the resulting container attempts to create the full 423GB file, which I confirmed the hard way.

Closes #13506.

PiperOrigin-RevId: 379966973
1 file changed
tree: 216b1888fe0fd97488658746b23c4b1b040a905f
  1. .bazelci/
  2. examples/
  3. scripts/
  4. site/
  5. src/
  6. third_party/
  7. tools/
  8. .bazelrc
  9. .gitattributes
  10. .gitignore
  11. AUTHORS
  12. BUILD
  13. CHANGELOG.md
  14. CODEBASE.md
  15. CODEOWNERS
  16. combine_distfiles.py
  17. combine_distfiles_to_tar.sh
  18. compile.sh
  19. CONTRIBUTING.md
  20. CONTRIBUTORS
  21. distdir.bzl
  22. distdir_deps.bzl
  23. ISSUE_TEMPLATE.md
  24. LICENSE
  25. README.md
  26. WORKSPACE
README.md

Bazel

{Fast, Correct} - Choose two

Build and test software of any size, quickly and reliably.

  • Speed up your builds and tests: Bazel rebuilds only what is necessary. With advanced local and distributed caching, optimized dependency analysis and parallel execution, you get fast and incremental builds.

  • One tool, multiple languages: Build and test Java, C++, Android, iOS, Go, and a wide variety of other language platforms. Bazel runs on Windows, macOS, and Linux.

  • Scalable: Bazel helps you scale your organization, codebase, and continuous integration solution. It handles codebases of any size, in multiple repositories or a huge monorepo.

  • Extensible to your needs: Easily add support for new languages and platforms with Bazel's familiar extension language. Share and re-use language rules written by the growing Bazel community.

Getting Started

Documentation

Contributing to Bazel

See CONTRIBUTING.md

Build status