Mock
Mock is a tool for building packages. It can build packages for different architectures and different Fedora, RHEL, and Mageia versions than the build host have. Mock creates chroots and builds packages in them. Its only task is to reliably populate a chroot and attempt to build a package in that chroot.
$ mock -r fedora-35-x86_64 package.src.rpm
...
Finish: rpmbuild packagei-1.98-1.fc35.src.rpm
Finish: build phase for package-1.98-1.fc35.src.rpm
INFO: Done(package.src.rpm) Config(fedora-35-x86_64) 2 minutes 14 seconds
INFO: Results and/or logs in: /var/lib/mock/fedora-35-x86_64/result
$ ls /var/lib/mock/fedora-35-x86_64/result
build.log package-1.98-1.fc35.noarch.rpm package-1.98-1.fc35.src.rpm hw_info.log installed_pkgs.log root.log state.log
$ mock -r centos-stream+epel-9-s390x package.src.rpm
...
$ mock -r alma+epel-8-x86_64 package.src.rpm
...
Mock also offers a multi-package command (--chain
), that can build chains of packages that depend on each other.
Mock is capable of building SRPMs from source configuration management if the mock-scm
package is present, then building the SRPM into RPMs. See --scm-enable
in the documentation.
Scope
- Mock is a
rpmbuild(8)
wrapper. Mock tries to simplify some steps, which would otherwise be boring or complicated. - Mock runs
rpmbuild(8)
in an isolated environment consisting of a minimal set of packages. - Mock helps you find missing
BuildRequires
- if it is missing and the package needs it, then the build fails. - Mock can build packages for various platforms and architectures. Some combinations of hosts and targets may need an additional configuration depending on your host platform.
- Mock can prepare a fresh build/development environment for specific RPM-based operating systems.
- Mock needs to execute some tasks under root privileges, therefore malicious RPMs can put your system at risk. Mock is not safe for unknown RPMs. If you want to build packages from untrusted sources, then use some wrapper around Mock like OBS, Copr or run Mock in a virtual machine.
- Mock is neither container nor VM. Mock does some isolation, but it does not aim to be fully isolated.
- Mock helps you open a shell within the buildroot to retrieve artifacts, or run commands for the purpose of debugging the build. It is not intended to run any production or developer application from there. For such purposes, you can use podman or Flatpak.
Content
- Status
- Release Notes
- Tarballs
- Download
- Setup
- Chroot config files
- Plugins
- Features
- Using Mock outside your git sandbox
- Mock inside Podman, Fedora Toolbox or Docker container
- FAQ
- Exit codes
- Problems
- Mock configuration
- See Also
Status
Mock is currently being used for all Fedora builds. It is called by Koji and Copr to build chroots and packages.
Versions in Linux distributions:
|
|
Release Notes
-
3.5 (2022-12-01) - Fixed detection of qemu-user-static* packages for the
--forcearch
feature. - 3.4 (2022-11-15) - Device Mapper control file exposed, better detection for qemu-user-static.
-
3.3 (2022-10-17) - Mock can again be run by
root
, even though this is discouraged. -
3.2 (2022-10-14) - Optimized –list-chroots option, directories in
/var/lib
dropped SGID bit,rpmbuild --noclean
is not used for old chroots (EL6 and older). -
3.1 (2022-07-22) - Fixes for new RPM with –no-cleanup-after, a new config
tar_binary
added, more convenient work with/bin/bsdtar
. - 3.0 (2022-04-07) - Added –list-chroots command, a new seccomp option, Mock is not installable on EL7, dropped Python 2 compatibility.
-
2.16 (2021-12-16) - EPEL 8 chroots removed, alternatives added. New
ssl_extra_certs
option. Bugfixes. -
2.15 (2021-11-18) - Fix for old-style
mock shell -- commands
variant. -
2.14 (2021-11-04) - Fix for broken
--enablerepo
and--disablerepo
options. -
2.13 (2021-11-02) - New options
--additional-package
and--debug-config-expanded
. Bugfixing. - 2.12 (2021-07-19) - bugfixes in Mock, but new config files in mock-core-configs
-
2.11 (2021-06-09) - introduced
%{_platform_multiplier}
macro - 2.10 (2021-04-27) - smaller bugfixes
- 2.9 (2021-01-18) - bugfixes, EOLed Fedora 31 and EPEL 6 chroots
- 2.8 (2020-12-15) - bugfix in –isolation=nspawn, –isolation=simple was used instead
- 2.7 (2020-12-01) - external build requires implemented, new rpkg_preprocessor plugin, bugfixes
- 2.6 (2020-09-15) - bugfixing –chain mode and –isolation=nspawn
- 2.5 (2020-09-03) - setting DNFs user_agent, a new showrc plugin added, new mock-filesystem package introduced
-
2.4 (2020-07-21) - exposed btrfs-control,
module_setup_commands
configuration option, copy source CA certificates - 2.3 (2020-05-22) - bugfixes, mostly related to (by default on) bootstrap
- 2.2 (2020-04-02) - bugfixing, mostly –bootstrap-chroot issues and mock-in-container use-cases
- 2.1 (2020-03-11) - bugfixing
- 2.0 (2020-02-07) - new major version, default –bootstrap-chroot
- 1.4.21 (2019-11-01) - bugfixing
- 1.4.20 (2019-10-04) - Container image for bootstrap, Mockchain removed, New config option package_manager_max_attempts, Bind mount local repos to bootstrap chroot
- 1.4.19 (2019-09-10) - bugfixing
- 1.4.18 (2019-08-27) - subscription-manager support; procenv plugin; automatic forcearch; signals propagated in chroot
-
1.4.17 (2019-08-08) - Toolbox support, OpenMandriva,
mock --chain
, Dynamic Build Requires enabled by default - 1.4.16 (2019-05-22) - python3 on el7
- 1.4.15 (2019-04-22) - Dynamic Build Requires; configurable list of disabled plugins; nice error for people not in mock group
- 1.4.14 (2019-02-19) - Jinja2 templates; choose decompress program for root_cache
-
1.4.13 (2018-08-13) - rawhide is gpg checked; new option
print_main_output
; proxy environmnet variables passed to mock; improved bash completation -
1.4.11 (2018-06-12) - new options
--force-arch
,--spec
,chrootuser
; MicroDNF support; BSDTar support - 1.4.10 (2018-05-10) - new overlayfs plugin; bind_mount can mount even files; chroot_scan can retrieve artifacts even from failed builds; introduced symlinks to rawhide configs
-
1.4.9 (2018-02-12) - split of stdout and stderr; new option
optstimeout
-
1.4.8 (2017-12-22) - new option
--config-opts
-
1.4.7 (2017-10-31) - new option
chrootgroup
; config options for bootstrap; recognize DeskOS; handle network namespace in systemd container on our own -
1.4.6 (2017-09-15) - separation of mock-core-configs; new command
--debug-config
; short option-N
for--no-cleanup-after
- 1.4.4 (2017-08-22) - rename group inside of chroot from mockbuild to mock
- 1.4.3 (2017-08-7)
- 1.4.2 (2017-06-20)
-
1.4.1 (2017-04-26) - introduced systemd-nspawn and
--old-chroot
option; new option/dev/hwrng
,/dev/prandom
; added%distro_section
for Mageia; bugfixing - 1.3.5 (2017-03-02)- only for EL6; change path to the “df” in hw-info plugin
-
1.3.4 (2017-02-27) -
.log
extension for theavailable_pkgs
andinstalled_pkgs
log files, support for custom nspawn args, new hw_info plugin, best=1 used for Rawhide, added Fedora 26 configs -
1.3.3 (2017-01-01) - bugfixing; a new config option for the builder hostname; upgraded temporary directories, chroot contains
best=1
- 1.3.2 (2016-10-17) - move /usr/sbin/mock/ to /usr/libexec/mock/mock; script in /usr/libexec/ are not in $PATH; F22 configs have been removed; –nocheck works; run mock in Docker; a lot of flake8/pep8/pycodestyle clean-ups
- 1.2.21 (2016-09-12) - fix privilege escalation via mock-scm; rename of mageia pubkey
- 1.2.20 (2016-08-17) - just a bugfix release, which uses correct gpg keys for epel in epel* configs.
- 1.2.19
- 1.2.18 (2016-06-10) - Unconditional setup resolver config, added MPS personalities, requires rpm=pyton, use root name instead config name for backups dir, use DNF for F24 chroot, scm plugging handles better submodes and improve prompt
- 1.2.17
- 1.2.16
- 1.2.15
- 1.2.14
- 1.2.13 (2016-08-17)
Tarballs
Tarballs can be found at https://github.com/rpm-software-management/mock/releases
You can retrieve tarball from the command line:
git checkout --hard mock-1.4.20-1
cd mock
tito build --tgz
Download
If you want to contribute to the code, please checkout https://github.com/rpm-software-management/mock for more information.
Otherwise, just run
dnf install mock
For nightly builds, please refer to developer documentation
Setup
All users that are to use mock must be added to the mock group.
usermod -a -G mock [User name]
Mock runs some parts of its code with root privileges. There are known ways to get root access once a user is in the mock group (and once he is able to run mock). This is possible when a user abuses the mock configuration options. Please do not add anyone who is not trustworthy to the mock group!
To have this change take effect you have to either log out and log back in or run command
newgrp -
Mock caches the downloaded rpm packages (via the yum_cache
plugin), which
speeds up subsequent builds by a considerable margin. Nevertheless, you may
wish to change the default configuration to point to local
repositories to speed up builds.
By default, builds are done in /var/lib/mock
, so be sure you have room there. You can change this via the basedir
config option.
Chroot config files
Mock project provides the mock-core-configs
package which installs the
default configuration files for various RPM-based Linux
distributions. This packages is typically installed with Mock by default
(runtime dependency).
Other projects can provide their own configuration files in other packages, we know of:
Plugins
- bind_mount - bind mountpoints inside the chroot
- ccache - compiler cache plugin
- chroot_scan - allows you to retrieve build artifacts from buildroot (e.g. additional logs, coredumps)
- compress_logs - compress logs
- hw_info - prints HW information of builder
- lvm_root - caching buildroots using LVM
- mount - allows you to mount directories into chroot
- overlayfs - plugin implementing snapshot functionality (similary to lvm_root)
- package_state - dumps list of available and installed packages
- pm_request - executes package manager commands requested by processes running in the chroot
- procenv - dumps the build process runtime within the chroot.
- rpkg_preprocessor - preprocess the input spec file just before srpm build starts
- root_cache - cache buildroots (as tar file)
- scm - SCM integration module - builds directly from Git or Svn
- selinux - on SELinux enabled box, this plugin will pretend, that SELinux is disabled in build environment
-
showrc - Log the content of
rpm --showrc
for capturing all defined macros - sign - call command on the produced rpm
- tmpfs - mount buildroot directory as tmpfs
-
yum_cache - mount
/var/cache/{dnf,yum}
of your host machine to chroot
Plugins can be enabled on command line e.g --enable-plugin=chroot_scan
. And you can set plugin options using e.g. '--plugin-option=root_cache:age_check=False'
Every plugin has a corresponding wiki page with docs.
Features
- container image for bootstrap - set up bootstrap chroot using Podman.
- bootstrap - bootstrapping chroot. I.e., when building F28 on RHEL7, then first install very minimal bootstrap chroot with DNF and rpm from F28 and then use F28’s rpm to install final F28 chroot.
-
external dependencies - use of external dependencies, e.g.,
BuildRequires external:pypi:foo
. - forcearch - build for foreign architecture using emulated virtualization.
-
nosync - speed up build by making
fsync
(2) no-op. - modularity - support for Fedora Modularity.
- package managers - supported package managers
- rhel chroots - builds for RHEL
- GPG keys and SSL - how to get your GPG keys and SSL certificates to buildroot
Using Mock outside your git sandbox
Create your SRPM using rpmbuild -bs
. Then change to the directory where your SRPM was created.
Now you can start mock with
mock -r <configname> --rebuild package-1.2-3.src.rpm
where <configname>
is the name of a configuration file from /etc/mock/
, without the /etc/mock
path prefix and without the .cfg
suffix.
Note that you can track the progress of mock using the logs stored in /var/lib/mock/<configfile>/result
Mock inside Podman, Fedora Toolbox or Docker container
By default, Mock uses systemd-nspawn to isolate the build in chroot. This is
not necessary though if you run Mock inside a container, and Mock is the only
service running there. NB spawning containers inside containers isn’t
implemented in Mock, so switching to --isolation=simple
is mandatory. Mock
is, though, able to automatically detect a container environment, and switch to
--isolation=simple
.
One can even run Mock in a rootless Podman container without any special tweaks - the only necessary step is to run the
container with --privileged
option. Read the podman-run manual page for more
info, but --privileged
- by the Podman nature - can not give the process more
permissions than the UID running the podman process already has; in other
words - podman run --privileged
is a completely different thing from
docker run --privileged
!
So simply, as any non-privileged user, do:
$ podman run --rm --privileged -ti fedora:32 bash
# dnf install -y mock
# useradd mockbuilder
# usermod -a -G mock mockbuilder
# su - mockbuilder
$ mock https://some/online.src.rpm
$ mock --shell
#> ...
# etc
And similarly in toolbox enter
.
You can run Mock in Docker container, however, you need to add SYS_ADMIN
capability to the docker container (or use --privileged
). I.e. run the
container like:
docker run --cap-add=SYS_ADMIN ...
Please note that Mock run inside of Docker container skips unsharing
of a namespace, so it runs in the same namespace as any other program in the
same container. That means you should not run any other application inside of
that container. Mock prints warning about this. You can suppress this warning
when you put in the config
config_opts['docker_unshare_warning'] = False
FAQ
See separate page: FAQ
Exit codes
Mock has various exit codes to signal a problem in the build. See https://github.com/rpm-software-management/mock/blob/master/mock/py/mockbuild/exception.py#L26
Problems
If you encounter a bug running mock, please file it in Bugzilla: product “Fedora”, component mock (Open Bugs).
If your problem is specific to EPEL, then file it against the “Fedora EPEL” product instead (Open Bugs).
Users
If you use Mock, we’d love to hear from you and add you to this wiki page. It will motivate our future work.
See Also
- Using Mock to test package builds has some useful tips for using mock.
- Mock Setup Using Local Mirror Setting up a local mirror using Mock.
- Legacy/Mock has some useful tips for building packages in mock for older Fedora and Red Hat Linux releases.
- Increase Mock performance.
- RPM Packaging Guide
- Modularity Features in Mock