Fix a regression which stopped Ruby from building #547
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This change fixes a regression in filesystem permissions introduced in #539, which stopped `ruby-build` from being able to build the Ruby version required by `rbenv`. After #539 was merged, we started seeing the following error message when building the Whitehall and Content Publisher apps: ``` ruby-build: TMPDIR=/tmp cannot hold executables (partition possibly mounted with `noexec`) ``` The error was triggered by running `make whitehall` or `make content-publisher` to re-build the app's docker image. However it also dependended on the docker cache being empty, because otherwise the required Ruby version would already exist in a cached image layer and wouldn't need to be re-installed. The cause for the error was the new `tmpfs` volume which was mounted at `/tmp`. By default, `docker-compose` mounts `tmpfs` volumes with the `noexec` flag, which means that files inside the `/tmp` directory cannot be executed. But `ruby-build` needs to execute files in `/tmp` in order to build Ruby. This change re-enables execution of files inside `/tmp` by including the `exec` flag on the `tmpfs` volume mount.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change fixes a regression in filesystem permissions introduced in #539, which stopped
ruby-buildfrom being able to build the Ruby version required byrbenv.After #539 was merged, we started seeing the following error message when building the Whitehall and Content Publisher apps:
The error was triggered by running
make whitehallormake content-publisherto re-build the app's docker image. However it also dependended on the docker cache being empty, because otherwise the required Ruby version would already exist in a cached image layer and wouldn't need to be re-installed.The cause for the error was the new
tmpfsvolume which was mounted at/tmp. By default,docker-composemountstmpfsvolumes with thenoexecflag, which means that files inside the/tmpdirectory cannot be executed. Butruby-buildneeds to execute files in/tmpin order to build Ruby.This change re-enables execution of files inside
/tmpby including theexecflag on thetmpfsvolume mount.