diff options
Diffstat (limited to 'src/chroot-tools')
| -rw-r--r-- | src/chroot-tools/.gitignore | 3 | ||||
| -rw-r--r-- | src/chroot-tools/Makefile | 29 | ||||
| -rw-r--r-- | src/chroot-tools/arch-nspawn.patch | 19 | ||||
| -rwxr-xr-x | src/chroot-tools/chcleanup | 31 | ||||
| -rwxr-xr-x | src/chroot-tools/distcc-tool | 18 | ||||
| -rw-r--r-- | src/chroot-tools/hooks-chcleanup.sh | 17 | ||||
| -rw-r--r-- | src/chroot-tools/hooks-check.sh | 17 | ||||
| -rw-r--r-- | src/chroot-tools/hooks-distcc.sh | 19 | ||||
| -rwxr-xr-x | src/chroot-tools/indent | 23 | ||||
| -rwxr-xr-x | src/chroot-tools/librechroot | 63 | ||||
| -rwxr-xr-x | src/chroot-tools/libremakepkg | 101 | ||||
| -rw-r--r-- | src/chroot-tools/makechrootpkg.sh.patch | 143 | ||||
| -rw-r--r-- | src/chroot-tools/mkarchroot.patch | 30 |
13 files changed, 329 insertions, 184 deletions
diff --git a/src/chroot-tools/.gitignore b/src/chroot-tools/.gitignore index 80e1000..3f46ed2 100644 --- a/src/chroot-tools/.gitignore +++ b/src/chroot-tools/.gitignore @@ -1,5 +1,4 @@ makechrootpkg.sh* -!makechrootpkg.sh.patch - arch-nspawn* mkarchroot* +!*.patch diff --git a/src/chroot-tools/Makefile b/src/chroot-tools/Makefile index d08775e..e44ad5f 100644 --- a/src/chroot-tools/Makefile +++ b/src/chroot-tools/Makefile @@ -9,37 +9,10 @@ libs = makechrootpkg.sh $(wildcard hooks-*.sh) pots = $(libexecs) $(libs) pkglibexecdir = $(libexecdir)/libretools/chroot -clean_files = makechrootpkg.sh.ugly* *~ include ../../common.mk -# Usage: $(call indent,FILENAME) -# Command to auto-indent a file. -indent = emacs --batch $1 \ - --eval '(setq sh-basic-offset 8)' \ - --eval '(indent-region (point-min) (point-max) nil)' \ - -f save-buffer &>/dev/null - -# makechrootpkg.sh is special, we patch it and do fancy stuff -# The flow is: -# $(devtoolsdir)/*.in -> *.sh.in + *.sh.patch -> *.sh.ugly -> *.sh - +# makechrootpkg.sh is created from a command, not a library makechrootpkg.sh.in: %.sh.in: $(devtoolsdir)/%.in cp $< $@ -makechrootpkg.sh.ugly: %.ugly: %.in %.patch Makefile - cp $*.in $@ - @echo 'PATCH $@ $*.patch'; patch $@ $*.patch || { rm -f -- '$@'; false; } -makechrootpkg.sh: %: %.ugly Makefile - @echo 'EDIT < $< > $@'; $(edit) <'$<' >'$@' || { rm -f -- '$@'; false; } - @echo 'INDENT $@'; $(call indent,$@) || { rm -f -- '$@'; false; } - -mkarchroot: mkarchroot.in Makefile - @echo '< $< M4_EDIT | SED > $@' - @<'$<' $(edit) | sed 's|arch-nspawn|$$(librelib chroot/&)|' >'$@' || { rm -f -- '$@'; false; } - @echo 'CHMOD $<'; chmod 755 "$@" || { rm -f -- '$@'; false; } - -archroot: %: %.in Makefile - @echo "GEN $@" - @$(edit) <"$<" >"$@" || { rm -f -- '$@'; false; } - @chmod 755 "$@" || { rm -f -- '$@'; false; } distcc-tool.pot: xgettext-keywords-sh+=--keyword=errusage diff --git a/src/chroot-tools/arch-nspawn.patch b/src/chroot-tools/arch-nspawn.patch new file mode 100644 index 0000000..5e0f10b --- /dev/null +++ b/src/chroot-tools/arch-nspawn.patch @@ -0,0 +1,19 @@ +--- arch-nspawn.in 2014-05-11 00:58:42.030932904 -0400 ++++ arch-nspawn.ugly 2014-05-11 22:33:47.186717386 -0400 +@@ -1,4 +1,6 @@ + #!/bin/bash ++# License: GNU GPLv2 ++# + # This program is free software; you can redistribute it and/or modify + # it under the terms of the GNU General Public License as published by + # the Free Software Foundation; version 2 of the License. +@@ -103,7 +105,8 @@ + machine_name="${machine_name#-}" + fi + +-exec ${CARCH:+setarch "$CARCH"} systemd-nspawn -q \ ++CHROOTARCH="$(. $(librelib conf); get_var chroot CHROOTARCH "$CARCH")" ++exec ${CHROOTARCH:+setarch "$CHROOTARCH"} systemd-nspawn -q \ + -D "$working_dir" \ + --machine "$machine_name" \ + "${mount_args[@]}" \ diff --git a/src/chroot-tools/chcleanup b/src/chroot-tools/chcleanup index 2ff45f9..bfb65ce 100755 --- a/src/chroot-tools/chcleanup +++ b/src/chroot-tools/chcleanup @@ -1,13 +1,29 @@ #!/usr/bin/env bash -set -eE -# (c) Nicolás Reynolds <fauno@parabola.nu> -# Released under GPLv3 +# Copyright (C) 2011-2012 Nicolás Reynolds <fauno@parabola.nu> +# Copyright (C) 2012-2013 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv3+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. # +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + # Performs chroot cleanup smartly, it only removes the unneeded packages or # leaves you with a cleansystem # # See: HOOKPREBUILD +set -eE + DRYRUN=${DRYRUN:-false} ################################################################################ @@ -34,11 +50,6 @@ msg2() { printf "${BLUE} ->${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 } -warning() { - local mesg="$(_ "$1")"; shift - printf "${YELLOW}==> $(gettext "WARNING:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 -} - error() { local mesg="$(_ "$1")"; shift printf "${RED}==> $(gettext "ERROR:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 @@ -67,8 +78,8 @@ msg "Cleaning chroot..." cp /repo/repo.db /var/lib/pacman/sync/repo.db # Setup the temporary directory -TEMPDIR="$(mktemp --tmpdir -d $(basename $0).XXXXX)" -trap "rm -rf '$TEMPDIR'" EXIT +TEMPDIR="$(mktemp --tmpdir -d ${0##*/}.XXXXXXXXXX)" +trap "rm -rf -- $(printf '%q' "$TEMPDIR")" EXIT cp -a /var/lib/pacman/sync "${TEMPDIR}/" pkglist="${TEMPDIR}"/pkglist.txt diff --git a/src/chroot-tools/distcc-tool b/src/chroot-tools/distcc-tool index 7633029..f2e43dd 100755 --- a/src/chroot-tools/distcc-tool +++ b/src/chroot-tools/distcc-tool @@ -2,7 +2,9 @@ # -*- tab-width: 4; sh-basic-offset: 4 -*- # distcc-tool -# Copyright 2013 Luke Shumaker +# Copyright (C) 2013-2014 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv3+ # # This file is part of Parabola. # @@ -32,6 +34,8 @@ if ! type gettext &>/dev/null; then gettext() { echo "$@"; } fi +q0="$(printf '%q' "$0")" # quoted $0 + panic() { echo "$(gettext 'panic: malformed call to internal function')" >&2 exit 1 @@ -50,7 +54,7 @@ print() { } usage() { - print "Usage: $0 COMMAND [COMMAND-ARGS]" + print "Usage: %s COMMAND [COMMAND-ARGS]" "$q0" print "Tool for using distcc within a networkless chroot" echo print "Commands:" @@ -125,7 +129,7 @@ parse_DISTCC_HOSTS() { *@*) # SSH_HOST doesn't allow custom port numbers, and even if it # did, ssh would complain about MITM. Instead, we'll count on - # ssh ProxyCommand being configured to used `client`. + # ssh ProxyCommand being configured to use `client`. newhosts+=("$HOSTSPEC") ;; # GLOBAL_OPTION @@ -135,7 +139,7 @@ parse_DISTCC_HOSTS() { ;; # ZEROCONF +zeroconf) - error "%s does not support the +zeroconf option" "$0" + error "%s does not support the +zeroconf option" "$q0" exit 1 ;; # TCP_HOST or OLDSTYLE_TCP_HOST @@ -159,7 +163,7 @@ parse_DISTCC_HOSTS() { # set up port forwaring if $forward_ports; then - socat TCP-LISTEN:${newport},fork SYSTEM:"$0 client $HOSTID ${PORT:-3632}" & + socat TCP-LISTEN:${newport},fork SYSTEM:"$q0 client $HOSTID ${PORT:-3632}" & pids+=($!) fi @@ -222,8 +226,8 @@ odaemon() { local chrootpath=$1 umask 111 - socat UNIX-LISTEN:"$chrootpath/socket",fork SYSTEM:"$0 server" & - trap "kill -- $!; rm -f '$chrootpath/socket'" EXIT + socat UNIX-LISTEN:"$chrootpath/socket",fork SYSTEM:"$q0 server" & + trap "kill -- $!; rm -f -- $(printf '%q' "$chrootpath/socket")" EXIT wait } diff --git a/src/chroot-tools/hooks-chcleanup.sh b/src/chroot-tools/hooks-chcleanup.sh index 86c872c..0fd0f72 100644 --- a/src/chroot-tools/hooks-chcleanup.sh +++ b/src/chroot-tools/hooks-chcleanup.sh @@ -1,4 +1,21 @@ #!/usr/bin/env bash +# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv2+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + set -euE hook_pre_build+=("clean_chroot") diff --git a/src/chroot-tools/hooks-check.sh b/src/chroot-tools/hooks-check.sh index 2702f95..850516b 100644 --- a/src/chroot-tools/hooks-check.sh +++ b/src/chroot-tools/hooks-check.sh @@ -1,4 +1,21 @@ #!/usr/bin/env bash +# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv2+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + set -euE hook_check_pkgbuild+=("check_pkgbuild_nonfree") diff --git a/src/chroot-tools/hooks-distcc.sh b/src/chroot-tools/hooks-distcc.sh index d8d708a..37c82dc 100644 --- a/src/chroot-tools/hooks-distcc.sh +++ b/src/chroot-tools/hooks-distcc.sh @@ -1,4 +1,23 @@ #!/usr/bin/env bash +# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv2+ +# +# This file is part of Parabola. +# +# Parabola is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 2 of the License, or +# (at your option) any later version. +# +# Parabola is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Parabola. If not, see <http://www.gnu.org/licenses/>. + set -euE hook_pre_build+=("distcc_start") diff --git a/src/chroot-tools/indent b/src/chroot-tools/indent index 0e2d0e0..ffec4d5 100755 --- a/src/chroot-tools/indent +++ b/src/chroot-tools/indent @@ -1,4 +1,23 @@ #!/usr/bin/env perl +# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv3+ +# +# This file is part of Parabola. +# +# Parabola is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Parabola is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Parabola. If not, see <http://www.gnu.org/licenses/>. + use warnings; use strict; use constant BUFFER_SIZE => 40; @@ -19,9 +38,7 @@ while (1) { $c = substr($buffer, $_, 1); if ($c eq "\n") { syswrite(STDOUT, $indent) if ($print_indent); - # XXX: SYSTEMD-STDOUT HACK - #syswrite(STDOUT, $c, 1); - syswrite(STDOUT, "\r\n", 2); + syswrite(STDOUT, $c, 1); $print_indent = 1; } elsif ($c eq "\r") { syswrite(STDOUT, $c, 1); diff --git a/src/chroot-tools/librechroot b/src/chroot-tools/librechroot index 5e16587..4edcb2f 100755 --- a/src/chroot-tools/librechroot +++ b/src/chroot-tools/librechroot @@ -2,15 +2,18 @@ set -euE # librechroot -# Copyright 2010 Nicolás Reynolds -# Copyright 2011 Joshua Haase -# Copyright 2012-2013 Luke Shumaker +# Copyright (C) 2010-2012 Nicolás Reynolds <fauno@parabola.nu> +# Copyright (C) 2011-2012 Joshua Ismael Haase Hernández (xihh) <hahj87@gmail.com> +# Copyright (C) 2012 Michał Masłowski <mtjm@mtjm.eu> +# Copyright (C) 2012-2014 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv2+ # # This file is part of Parabola. # # Parabola is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or +# the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Parabola is distributed in the hope that it will be useful, @@ -96,9 +99,9 @@ usage() { printf ' rootdir : %s\n' "${rootdir:-$(_ 'ERROR')}" printf ' copydir : %s\n' "${copydir:-$(_ 'ERROR')}" echo - prose 'If the chroot, or copy does not exist, it will be created + prose 'If the chroot or copy does not exist, it will be created automatically. A chroot by default contains the packages in the - group "base-devel", and any packages named in $CHROOTEXTRAPKG. + group "base-devel" and any packages named in $CHROOTEXTRAPKG. Unless the `-C` or `-M` flags are used, the configuration files that this program installs are the stock versions supplied in the packages, not the versions from your host system. Other tools @@ -151,7 +154,7 @@ readonly commands=( run enter clean-repo help ) -# set $rootdir and $copydir; blank them on error +# Print code to set $rootdir and $copydir; blank them on error calculate_directories() { # Don't assume that CHROOTDIR or CHROOT are set, # but assume that COPY is set. @@ -186,23 +189,7 @@ arch_nspawn_flags=() sysd_nspawn_flags=() arch-nspawn() { local copydir=$1; shift - # XXX: SYSTEMD-STDOUT HACK - if [[ -t 1 ]]; then - cmd=("$@") - else - # This perl script is similar to `sed 's|\n|\r\n|g'`, (or, more - # correctly, `sed 's|$|\r|'`) but it does't line-buffer. - local perlcmd=' -my $size; -my $buffer; -while(1) { - $size=sysread(STDIN, $buffer, 40); - last if ($size < 1); - $buffer =~ s/\n/\r\n/g; - syswrite(STDOUT, $buffer); -}' - cmd=(bash --noprofile --norc -c "set -o pipefail; $(printf '%q ' "$@") |& perl -e $(printf '%q' "$perlcmd")") - fi + local cmd=("$@") set +u # if an array is empty, it counts as unbound "$_arch_nspawn" "${arch_nspawn_flags[@]}" "$copydir" "${sysd_nspawn_flags[@]}" -- "${cmd[@]}" @@ -223,19 +210,19 @@ main() { C|M) arch_nspawn_flags+=(-$opt "$OPTARG");; w) sysd_nspawn_flags+=("--bind=$OPTARG");; r) sysd_nspawn_flags+=("--bind-ro=$OPTARG");; - *) usage >/dev/stderr; return 1;; + *) usage >&2; return 1;; esac done shift $(($OPTIND - 1)) if [[ $# -lt 1 ]]; then error "Must specify a command" - usage >/dev/stderr + usage >&2 return 1 fi mode=$1 if ! in_array "$mode" "${commands[@]}"; then error "Unrecognized command: %s" "$mode" - usage >/dev/stderr + usage >&2 return 1 fi shift @@ -243,14 +230,14 @@ main() { noop|make|sync|delete|update|enter|clean-pkgs|clean-repo) if [[ $# -gt 0 ]]; then error 'Command `%s` does not take any arguments: %s' "$mode" "$*" - usage >/dev/stderr + usage >&2 return 1 fi :;; install-file) if [[ $# -lt 1 ]]; then error 'Command `%s` requires at least one file' "$mode" - usage >/dev/stderr + usage >&2 return 1 else local missing=() @@ -269,14 +256,14 @@ main() { install-name) if [[ $# -lt 1 ]]; then error 'Command `%s` requires at least one package name' "$mode" - usage >/dev/stderr + usage >&2 return 1 fi :;; run) if [[ $# -lt 1 ]]; then error 'Command `%s` requires at least one argument' "$mode" - usage >/dev/stderr + usage >&2 return 1 fi :;; @@ -342,11 +329,15 @@ main() { mkdir -p "$copydir/etc/libretools.d" { - if [[ -n ${CHROOTEXTRAPKG[*]:-} ]]; then - declare -p CHROOTEXTRAPKG | sed -r 's/declare( -.)* //' + if [[ ${#CHROOTEXTRAPKG[*]} -eq 0 ]]; then + echo 'CHROOTEXTRAPKG=()' else - printf 'CHROOTEXTRAPKG=()\n' + printf 'CHROOTEXTRAPKG=(' + printf '%q ' "${CHROOTEXTRAPKG[@]}" + printf ')\n' fi + # TODO: only set CHROOTARCH if $CARCH != $(uname -m) + printf 'CHROOTARCH=%q\n' "$(uname -m)" } > "$copydir"/etc/libretools.d/chroot.conf if [[ $mode != delete ]]; then @@ -379,10 +370,10 @@ main() { arch-nspawn "$copydir" pacman -Sy "$@" ;; update) - arch-nspawn "$copydir" pacman -Syu --noconfirm + arch-nspawn "$copydir" bash -c 'pacman -Syu --noconfirm' ;; clean-pkgs) - trap "rm -f '$copydir'/bin/chcleanup '$copydir'/chrootexec" EXIT + trap "rm -f -- $(printf '%q ' "$copydir"/{bin/chcleanup,chrootexec})" EXIT install -m755 "$(librelib chroot/chcleanup)" "$copydir/bin/chcleanup" printf '%s\n' \ '#!/bin/bash' \ diff --git a/src/chroot-tools/libremakepkg b/src/chroot-tools/libremakepkg index fc6418c..aad4217 100755 --- a/src/chroot-tools/libremakepkg +++ b/src/chroot-tools/libremakepkg @@ -2,15 +2,18 @@ set -euE # libremakepkg -# Copyright 2010-2011 Nicolás Reynolds -# Copyright 2011 Joshua Ismael Haase Hernández -# Copyright 2012-2013 Luke Shumaker +# Copyright (C) 2010-2012 Nicolás Reynolds <fauno@parabola.nu> +# Copyright (C) 2010-2012 Joshua Ismael Haase Hernández (xihh) <hahj87@gmail.com> +# Copyright (C) 2012 Michał Masłowski <mtjm@mtjm.eu> +# Copyright (C) 2012-2014 Luke Shumaker <lukeshu@sbcglobal.net> +# +# License: GNU GPLv2+ # # This file is part of Parabola. # # Parabola is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or +# the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Parabola is distributed in the hope that it will be useful, @@ -33,7 +36,7 @@ umask 0022 readonly _indent="$(librelib chroot/indent)" readonly INCHROOT=$([[ -f /.arch-chroot ]] && echo true || echo false) NONET=true # can be changed with the -N flag -# {SRC,LOG,PKG}DEST set at runtime by makepkg.conf +# {PKG,SRC,SRCPKG,LOG}DEST set at runtime by makepkg.conf # MAKEFLAGS, PACKAGER set at runtime by makepkg.conf # LIBREUSER, LIBREHOME are set by conf.sh librechroot_flags=() @@ -54,6 +57,21 @@ indent() { "$_indent" ' | ' } +# Usage: _check_perms_dir $directory +# Make sure that $directory is readable and executable (searchable) by 'nobody' +check_directory_permissions() ( + local dir=$1 + # `cd` to the directory, then test `.`; that way if parent + # directories aren't readable, we aren't testing for that. We + # only need the last element in `$dir`. + cd "$dir" + if ! sudo -u nobody test -r . -a -x .; then + error "Directory '%s' must be readable by user 'nobody'" "$dir" + return 1 + fi + return 0 +) + # Usage: exit_copy $copydir $src_owner # End immediately, but copy log files out exit_copy() { @@ -106,21 +124,22 @@ build() ( local copydir=$1; shift local repack=$1; shift - local netflag='' - local run=() + local run_ynet=() + local run_nnet=() if $INCHROOT; then - ! $NONET || netflag='-N' - run=(unshare) + run_ynet=(unshare) + run_nnet=(unshare -n) else - ! $NONET || netflag='-n' - run=(librechroot "${librechroot_flags[@]}" run) + run_ynet=(librechroot "${librechroot_flags[@]}" run) + run_nnet=(librechroot "${librechroot_flags[@]}" -N run) fi + $NONET || run_nnet=("${run_ynet[@]}") prepare_chroot "$copydir" "$LIBREHOME" "$repack" false - "${run[@]}" /chrootprepare "$@" |& indent + "${run_ynet[@]}" /chrootprepare false "$@" |& indent run_hook pre_build "$copydir" trap "run_hook post_build '$copydir'" EXIT - "${run[@]}" /chrootbuild "$@" |& indent + "${run_nnet[@]}" /chrootbuild false "$@" |& indent ) # The main program ############################################################# @@ -132,7 +151,7 @@ usage() { prose 'If run from outside of a chroot, command will make the following configuration changes in the chroot:' bullet 'whatever changes `librechroot` makes.' - bullet 'set `PKGDEST` and `SRCDEST` in `/etc/makepkg.conf`' + bullet 'set `{PKG,SRC,SRCPKG,LOG}DEST` in `/etc/makepkg.conf`' bullet 'set `PACKAGER` in `/etc/makepkg.conf` to reflect the value outside of the chroot.' bullet '(maybe) delete `/build/.makepkg.conf`' @@ -148,8 +167,12 @@ usage() { the documentation there.' echo print 'Options:' + print ' %s options:' librechroot flag "-n <$(_ CHROOT)>" 'Name of the chroot to use' flag "-l <$(_ COPY)>" 'Name of, or absolute path to, the chroot copy to use' + flag "-w <$(_ 'PATH[:PATH]')>" 'Bind mount a file or directory, read/write' + flag "-r <$(_ 'PATH[:PATH]')>" 'Bind mount a file or directory, read-only' + print ' %s options:' libremakepkg flag '-N' "Don't disable networking during build() and package(). PLEASE don't use this unless you have a special reason, its use is a violation @@ -173,10 +196,14 @@ main() { local chroot='' # Parse command line options ########################################### - while getopts 'n:l:NRh' flag ; do + while getopts 'n:l:w:r:NRh' flag ; do case "${flag}" in - n) if $INCHROOT; then err_chflag "$flag"; else chroot=$OPTARG; fi;; - l) if $INCHROOT; then err_chflag "$flag"; else copy=$OPTARG; fi;; + n) if $INCHROOT; then err_chflag "$flag"; else + chroot=$OPTARG; fi;; + l) if $INCHROOT; then err_chflag "$flag"; else + copy=$OPTARG; fi;; + w|r) if $INCHROOT; then err_chflag "$flag"; else + librechroot_flags+=(-$flag "$OPTARG"); fi;; N) NONET=false;; R) repack=true; makepkg_args+=(-R);; h) usage; return 0;; @@ -204,6 +231,15 @@ main() { fi unset chroot + # Load makepkg configuration ########################################### + # Note that all of these are globals + PKGDEST="$(get_var makepkg PKGDEST "$PWD")" + SRCDEST="$(get_var makepkg SRCDEST "$PWD")" + SRCPKGDEST="$(get_var makepkg SRCPKGDEST "$PWD")" + LOGDEST="$(get_var makepkg LOGDEST "$PWD")" + MAKEFLAGS="$(get_var makepkg MAKEFLAGS '')" + PACKAGER="$(get_var makepkg PACKAGER '')" + # Quick sanity check ################################################### if (( EUID )); then @@ -217,20 +253,16 @@ main() { exit 1 fi - # Load makepkg configuration ########################################### - # Note that all of these are globals - SRCDEST="$(get_var makepkg SRCDEST "$PWD")" - PKGDEST="$(get_var makepkg PKGDEST "$PWD")" - LOGDEST="$(get_var makepkg LOGDEST "$PWD")" - mkdir -p "$SRCDEST" "$PKGDEST" "$LOGDEST" - MAKEFLAGS="$(get_var makepkg MAKEFLAGS '')" - PACKAGER="$(get_var makepkg PACKAGER '')" - - librechroot_flags=( - -r "$PWD:/startdir_host" - -r "$SRCDEST:/srcdest_host" - -n "$CHROOT" - -l "$copy" + # Make sure that the various *DEST directories exist + mkdir -p -- "$PKGDEST" "$SRCDEST" "$SRCPKGDEST" "$LOGDEST" + # Check the permissions for $startdir and $SRCDEST + ( + declare -i ret=0 + check_directory_permissions "$PWD" || ret=1 + if ! [[ "$PWD" -ef "$SRCDEST" ]]; then + check_directory_permissions "$SRCDEST" || ret=1 + fi + exit $ret ) # OK, we are starting now ############################################## @@ -239,6 +271,13 @@ main() { lock 9 "/build/.lock" \ "Waiting for existing lock on build directory to be released" else + librechroot_flags+=( + -r "$PWD:/startdir_host" + -r "$SRCDEST:/srcdest_host" + -n "$CHROOT" + -l "$copy" + ) + # Obtain a lock on the chroot lock 9 "$copydir.lock" \ "Waiting for existing lock on chroot copy to be released: [%s]" "$copy" diff --git a/src/chroot-tools/makechrootpkg.sh.patch b/src/chroot-tools/makechrootpkg.sh.patch index 4dd1146..8180d89 100644 --- a/src/chroot-tools/makechrootpkg.sh.patch +++ b/src/chroot-tools/makechrootpkg.sh.patch @@ -1,14 +1,21 @@ ---- makechrootpkg.sh.in 2013-10-26 14:53:57.000000000 -0400 -+++ makechrootpkg.sh.ugly 2013-11-16 15:14:04.000000000 -0500 -@@ -12,6 +12,7 @@ +--- makechrootpkg.sh.in 2014-05-10 22:03:27.956692573 -0400 ++++ makechrootpkg.sh.ugly 2014-05-10 22:09:15.376594518 -0400 +@@ -1,4 +1,6 @@ + #!/bin/bash ++# License: GNU GPLv2 ++# + # This program is free software; you can redistribute it and/or modify + # it under the terms of the GNU General Public License as published by + # the Free Software Foundation; version 2 of the License. +@@ -12,6 +14,7 @@ shopt -s nullglob +init_variables() { - _makepkg_args=(-s --noconfirm -L --holdver) - makepkg_args=("${_makepkg_args[@]}") + default_makepkg_args=(-s --noconfirm -L --holdver) + makepkg_args=("${default_makepkg_args[@]}") repack=false -@@ -29,9 +30,10 @@ +@@ -29,9 +32,10 @@ bindmounts_rw=() copy=$USER @@ -20,7 +27,7 @@ usage() { echo "Usage: ${0##*/} [options] -r <chrootdir> [--] [makepkg args]" -@@ -67,6 +69,7 @@ +@@ -67,6 +71,7 @@ exit 1 } @@ -28,7 +35,7 @@ while getopts 'hcur:I:l:nTD:d:' arg; do case "$arg" in h) usage ;; -@@ -93,9 +96,6 @@ +@@ -91,9 +96,6 @@ [[ ! -d $chrootdir ]] && die "No chroot dir defined, or invalid path '%s'" "$passeddir" [[ ! -d $chrootdir/root ]] && die "Missing chroot dir root directory. Try using: mkarchroot %s/root base-devel" "$chrootdir" @@ -38,9 +45,9 @@ if [[ ${copy:0:1} = / ]]; then copydir=$copy else -@@ -110,30 +110,47 @@ - repack=true - fi +@@ -113,30 +115,48 @@ + esac + done -if [[ -n $SUDO_USER ]]; then +if [[ -n ${SUDO_USER:-} ]]; then @@ -54,8 +61,9 @@ +# Usage: load_vars $makepkg_conf +# Globals: +# - SRCDEST -+# - LOGDEST ++# - SRCPKGDEST +# - PKGDEST ++# - LOGDEST +# - MAKEFLAGS +# - PACKAGER load_vars() { @@ -63,7 +71,7 @@ [[ -f $makepkg_conf ]] || return 1 - for var in {SRC,PKG,LOG}DEST MAKEFLAGS PACKAGER; do + for var in {SRC,SRCPKG,PKG,LOG}DEST MAKEFLAGS PACKAGER; do - [[ -z ${!var} ]] && eval $(grep "^${var}=" "$makepkg_conf") + [[ -z ${!var:-} ]] && eval $(grep "^${var}=" "$makepkg_conf") done @@ -92,11 +100,14 @@ # Get a read lock on the root chroot to make # sure we don't clone a half-updated chroot slock 8 "$chrootdir/root.lock" "Locking clean chroot" -@@ -154,11 +171,16 @@ +@@ -157,14 +177,19 @@ # Drop the read lock again lock_close 8 - fi + + # Update mtime + touch "$copydir" } -clean_temporary() { @@ -109,10 +120,10 @@ + local chroottype=$(stat -f -c %T "$copydir") + + stat_busy "Removing chroot copy [%s]" "$copy" - if [[ "$chroottype" == btrfs ]]; then + if [[ "$chroottype" == btrfs ]] && ! mountpoint -q "$copydir"; then btrfs subvolume delete "$copydir" >/dev/null || die "Unable to delete subvolume %s" "$copydir" -@@ -173,9 +195,14 @@ +@@ -179,9 +204,14 @@ stat_done } @@ -127,7 +138,7 @@ for install_pkg in "${install_pkgs[@]}"; do pkgname="${install_pkg##*/}" cp "$install_pkg" "$copydir/$pkgname" -@@ -188,11 +215,19 @@ +@@ -194,11 +224,19 @@ rm "$copydir/$pkgname" done @@ -149,9 +160,9 @@ $repack || rm -rf "$copydir/build" mkdir -p "$copydir/build" -@@ -226,12 +261,12 @@ +@@ -237,12 +275,12 @@ - chown -R nobody "$copydir"/{build,pkgdest,logdest,srcdest,startdir} + chown -R nobody "$copydir"/{build,pkgdest,srcpkgdest,logdest,srcdest,startdir} - if [[ -n $MAKEFLAGS ]]; then + if [[ -n ${MAKEFLAGS:-} ]]; then @@ -164,7 +175,7 @@ sed -i '/^PACKAGER=/d' "$copydir/etc/makepkg.conf" echo "PACKAGER='${PACKAGER}'" >> "$copydir/etc/makepkg.conf" fi -@@ -244,20 +279,38 @@ +@@ -255,20 +293,38 @@ chmod 440 "$copydir/etc/sudoers.d/nobody-pacman" fi @@ -174,16 +185,15 @@ +SigLevel = Optional TrustAll +Server = file:///repo +' -+ sed -i "${line}i${ins//$'\n'/\n}" "$copydir/etc/pacman.conf" ++ sed -i "${line}i${ins//$'\n'/\\n}" "$copydir/etc/pacman.conf" + fi + # This is a little gross, but this way the script is recreated every time in the # working copy -- printf $'#!/bin/bash\n%s\n_chrootbuild %q "$@"' "$(declare -f _chrootbuild)" \ -+ printf '#!/bin/bash\n%s\n_chrootprepare "$@"' "$(declare -f _chrootprepare)" \ ++ printf $'#!/bin/bash\n%s\n_chrootprepare "$@"' "$(declare -f _chrootprepare)" \ + > "$copydir/chrootprepare" + chmod +x "$copydir/chrootprepare" -+ printf '#!/bin/bash\n%s\n_chrootbuild %q "$@"' "$(declare -f _chrootbuild)" \ + printf $'#!/bin/bash\n%s\n_chrootbuild %q "$@"' "$(declare -f _chrootbuild)" \ "$run_namcap" >"$copydir/chrootbuild" chmod +x "$copydir/chrootbuild" } @@ -206,7 +216,7 @@ makepkg --config="$copydir/etc/makepkg.conf" --verifysource -o else ( export SRCDEST BUILDDIR="$builddir" -@@ -267,20 +320,15 @@ +@@ -278,10 +334,10 @@ (( $? != 0 )) && die "Could not download sources." # Clean up garbage from verifysource @@ -218,31 +228,28 @@ +_chrootprepare() { # This function isn't run in makechrootpkg, # so no global variables -- local run_namcap="$1"; shift -- local makepkg_args=("$@") -- -- . /etc/profile -- export HOME=/build -- shopt -s nullglob + local run_namcap="$1"; shift +@@ -292,6 +348,7 @@ + shopt -s nullglob # XXX: Workaround makepkg disliking read-only dirs + rm -rf -- /srcdest/* /startdir/* ln -sft /srcdest /srcdest_host/* ln -sft /startdir /startdir_host/* -@@ -295,15 +343,27 @@ - done - done +@@ -317,11 +374,29 @@ -- cd /startdir -- - # XXX: Keep PKGBUILD writable for pkgver() -- rm PKGBUILD* -- cp /startdir_host/PKGBUILD* . -- chown nobody PKGBUILD* -+ rm /startdir/PKGBUILD* -+ cp /startdir_host/PKGBUILD* /startdir -+ chown nobody /startdir/PKGBUILD* + # Safety check + if [[ ! -w PKGBUILD ]]; then ++ # XXX: internationalize this message + echo "Can't write to PKGBUILD!" + exit 1 + fi + +- sudo -u nobody makepkg "${makepkg_args[@]}" || exit 1 ++ # Sync deps now, as networking may be disabled during _chrootbuild ++ cp /repo/repo.db /var/lib/pacman/sync/repo.db ++ sudo -u nobody makepkg "${makepkg_args[@]}" -o +} + +_chrootbuild() { @@ -256,14 +263,12 @@ + shopt -s nullglob + + cd /startdir ++ ++ sudo -u nobody makepkg "${makepkg_args[@]}" -e || exit 1 - # Safety check - if [[ ! -w PKGBUILD ]]; then -+ # XXX: internationalize this message - echo "Can't write to PKGBUILD!" - exit 1 - fi -@@ -321,12 +381,24 @@ + if $run_namcap; then + pacman -S --needed --noconfirm namcap +@@ -334,12 +409,24 @@ exit 0 } @@ -286,9 +291,9 @@ + local l for l in "$copydir"/logdest/*; do + [[ $l == */logpipe.* ]] && continue chown "$src_owner" "$l" - mv "$l" "$LOGDEST" -@@ -334,6 +406,10 @@ +@@ -353,6 +440,10 @@ } # }}} @@ -298,26 +303,24 @@ + umask 0022 - load_vars /etc/makepkg.conf -@@ -344,17 +420,25 @@ - [[ -d $SRCDEST ]] || SRCDEST=$PWD - [[ -d $LOGDEST ]] || LOGDEST=$PWD + load_vars "$USER_HOME/.makepkg.conf" +@@ -364,30 +455,45 @@ + [[ -d $SRCPKGDEST ]] || SRCPKGDEST=$PWD + [[ -d $LOGDEST ]] || LOGDEST=$PWD -create_chroot +# Lock the chroot we want to use. We'll keep this lock until we exit. +lock 9 "$copydir.lock" "Locking chroot copy [%s]" "$copy" - --$update_first && arch-nspawn "$copydir" \ -- "${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \ -- pacman -Syu --noconfirm ++ +if [[ ! -d $copydir ]] || $clean_first; then + sync_chroot "$chrootdir" "$copy" +fi --[[ -n ${install_pkgs[*]} ]] && install_packages -+$update_first && arch-nspawn "$copydir" pacman -Syu --noconfirm + $update_first && arch-nspawn "$copydir" \ + "${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \ + pacman -Syu --noconfirm --prepare_chroot +-[[ -n ${install_pkgs[*]} ]] && install_packages +if [[ -n ${install_pkgs[*]:-} ]]; then + install_packages "$copydir" "${install_pkgs[@]}" + ret=$? @@ -325,15 +328,21 @@ + [[ -f PKGBUILD ]] || exit $ret +fi --download_sources +-prepare_chroot +prepare_chroot "$copydir" "$USER_HOME" "$repack" -+ + +-download_sources +download_sources "$copydir" "$src_owner" if arch-nspawn "$copydir" \ --bind-ro="$PWD:/startdir_host" \ -@@ -362,12 +446,12 @@ + --bind-ro="$SRCDEST:/srcdest_host" \ "${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \ ++ /chrootprepare && ++ arch-nspawn "$copydir" \ ++ --bind-ro="$PWD:/startdir_host" \ ++ --bind-ro="$SRCDEST:/srcdest_host" \ ++ "${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \ /chrootbuild "${makepkg_args[@]}" then - move_products @@ -347,7 +356,7 @@ if (( ret != 0 )); then if $temp_chroot; then -@@ -378,3 +462,4 @@ +@@ -398,3 +504,4 @@ else true fi diff --git a/src/chroot-tools/mkarchroot.patch b/src/chroot-tools/mkarchroot.patch new file mode 100644 index 0000000..9366d92 --- /dev/null +++ b/src/chroot-tools/mkarchroot.patch @@ -0,0 +1,30 @@ +--- mkarchroot.in 2014-05-10 22:10:54.871326879 -0400 ++++ mkarchroot.ugly 2014-05-10 22:10:54.887993222 -0400 +@@ -1,4 +1,6 @@ + #!/bin/bash ++# License: GNU GPLv2 ++# + # This program is free software; you can redistribute it and/or modify + # it under the terms of the GNU General Public License as published by + # the Free Software Foundation; version 2 of the License. +@@ -66,6 +68,11 @@ + chmod 0755 "$working_dir" + fi + ++_env=() ++while read -r varname; do ++ _env+=("$varname=${!varname}") ++done < <(declare -x | sed -r 's/^declare -x ([^=]*)=.*/\1/' | grep -i '_proxy$') ++env -i "${_env[@]}" \ + pacstrap -GMcd ${pac_conf:+-C "$pac_conf"} "$working_dir" \ + "${cache_dirs[@]/#/--cachedir=}" "$@" || die 'Failed to install all packages' + +@@ -73,7 +80,7 @@ + echo 'LANG=C' > "$working_dir/etc/locale.conf" + echo "$CHROOT_VERSION" > "$working_dir/.arch-chroot" + +-exec arch-nspawn \ ++exec $(librelib chroot/arch-nspawn) \ + ${pac_conf:+-C "$pac_conf"} \ + ${makepkg_conf:+-M "$makepkg_conf"} \ + ${cache_dir:+-c "$cache_dir"} \ |