summaryrefslogtreecommitdiff
path: root/src/chroot-tools
diff options
context:
space:
mode:
authorLuke Shumaker <LukeShu@sbcglobal.net>2014-06-16 22:40:57 -0400
committerLuke Shumaker <LukeShu@sbcglobal.net>2014-06-16 22:40:57 -0400
commit3d9850b56c77b51edcdb2697c74ba2d1761109dc (patch)
treee5fe03bcbf6cd4d72f7c31a3129156e6784c4325 /src/chroot-tools
parent52cc0c3ff27d4c48d3461d9fd898367aa4a92631 (diff)
parent813bfa255a1e46f05e08dcb587b8f417b995b2d4 (diff)
Merge branch 'master' into lukeshu/xbs
Diffstat (limited to 'src/chroot-tools')
-rw-r--r--src/chroot-tools/.gitignore3
-rw-r--r--src/chroot-tools/Makefile29
-rw-r--r--src/chroot-tools/arch-nspawn.patch19
-rwxr-xr-xsrc/chroot-tools/chcleanup31
-rwxr-xr-xsrc/chroot-tools/distcc-tool18
-rw-r--r--src/chroot-tools/hooks-chcleanup.sh17
-rw-r--r--src/chroot-tools/hooks-check.sh17
-rw-r--r--src/chroot-tools/hooks-distcc.sh19
-rwxr-xr-xsrc/chroot-tools/indent23
-rwxr-xr-xsrc/chroot-tools/librechroot63
-rwxr-xr-xsrc/chroot-tools/libremakepkg101
-rw-r--r--src/chroot-tools/makechrootpkg.sh.patch143
-rw-r--r--src/chroot-tools/mkarchroot.patch30
13 files changed, 329 insertions, 184 deletions
diff --git a/src/chroot-tools/.gitignore b/src/chroot-tools/.gitignore
index 80e1000..3f46ed2 100644
--- a/src/chroot-tools/.gitignore
+++ b/src/chroot-tools/.gitignore
@@ -1,5 +1,4 @@
makechrootpkg.sh*
-!makechrootpkg.sh.patch
-
arch-nspawn*
mkarchroot*
+!*.patch
diff --git a/src/chroot-tools/Makefile b/src/chroot-tools/Makefile
index d08775e..e44ad5f 100644
--- a/src/chroot-tools/Makefile
+++ b/src/chroot-tools/Makefile
@@ -9,37 +9,10 @@ libs = makechrootpkg.sh $(wildcard hooks-*.sh)
pots = $(libexecs) $(libs)
pkglibexecdir = $(libexecdir)/libretools/chroot
-clean_files = makechrootpkg.sh.ugly* *~
include ../../common.mk
-# Usage: $(call indent,FILENAME)
-# Command to auto-indent a file.
-indent = emacs --batch $1 \
- --eval '(setq sh-basic-offset 8)' \
- --eval '(indent-region (point-min) (point-max) nil)' \
- -f save-buffer &>/dev/null
-
-# makechrootpkg.sh is special, we patch it and do fancy stuff
-# The flow is:
-# $(devtoolsdir)/*.in -> *.sh.in + *.sh.patch -> *.sh.ugly -> *.sh
-
+# makechrootpkg.sh is created from a command, not a library
makechrootpkg.sh.in: %.sh.in: $(devtoolsdir)/%.in
cp $< $@
-makechrootpkg.sh.ugly: %.ugly: %.in %.patch Makefile
- cp $*.in $@
- @echo 'PATCH $@ $*.patch'; patch $@ $*.patch || { rm -f -- '$@'; false; }
-makechrootpkg.sh: %: %.ugly Makefile
- @echo 'EDIT < $< > $@'; $(edit) <'$<' >'$@' || { rm -f -- '$@'; false; }
- @echo 'INDENT $@'; $(call indent,$@) || { rm -f -- '$@'; false; }
-
-mkarchroot: mkarchroot.in Makefile
- @echo '< $< M4_EDIT | SED > $@'
- @<'$<' $(edit) | sed 's|arch-nspawn|$$(librelib chroot/&)|' >'$@' || { rm -f -- '$@'; false; }
- @echo 'CHMOD $<'; chmod 755 "$@" || { rm -f -- '$@'; false; }
-
-archroot: %: %.in Makefile
- @echo "GEN $@"
- @$(edit) <"$<" >"$@" || { rm -f -- '$@'; false; }
- @chmod 755 "$@" || { rm -f -- '$@'; false; }
distcc-tool.pot: xgettext-keywords-sh+=--keyword=errusage
diff --git a/src/chroot-tools/arch-nspawn.patch b/src/chroot-tools/arch-nspawn.patch
new file mode 100644
index 0000000..5e0f10b
--- /dev/null
+++ b/src/chroot-tools/arch-nspawn.patch
@@ -0,0 +1,19 @@
+--- arch-nspawn.in 2014-05-11 00:58:42.030932904 -0400
++++ arch-nspawn.ugly 2014-05-11 22:33:47.186717386 -0400
+@@ -1,4 +1,6 @@
+ #!/bin/bash
++# License: GNU GPLv2
++#
+ # This program is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+ # the Free Software Foundation; version 2 of the License.
+@@ -103,7 +105,8 @@
+ machine_name="${machine_name#-}"
+ fi
+
+-exec ${CARCH:+setarch "$CARCH"} systemd-nspawn -q \
++CHROOTARCH="$(. $(librelib conf); get_var chroot CHROOTARCH "$CARCH")"
++exec ${CHROOTARCH:+setarch "$CHROOTARCH"} systemd-nspawn -q \
+ -D "$working_dir" \
+ --machine "$machine_name" \
+ "${mount_args[@]}" \
diff --git a/src/chroot-tools/chcleanup b/src/chroot-tools/chcleanup
index 2ff45f9..bfb65ce 100755
--- a/src/chroot-tools/chcleanup
+++ b/src/chroot-tools/chcleanup
@@ -1,13 +1,29 @@
#!/usr/bin/env bash
-set -eE
-# (c) Nicolás Reynolds <fauno@parabola.nu>
-# Released under GPLv3
+# Copyright (C) 2011-2012 Nicolás Reynolds <fauno@parabola.nu>
+# Copyright (C) 2012-2013 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv3+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
# Performs chroot cleanup smartly, it only removes the unneeded packages or
# leaves you with a cleansystem
#
# See: HOOKPREBUILD
+set -eE
+
DRYRUN=${DRYRUN:-false}
################################################################################
@@ -34,11 +50,6 @@ msg2() {
printf "${BLUE} ->${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
}
-warning() {
- local mesg="$(_ "$1")"; shift
- printf "${YELLOW}==> $(gettext "WARNING:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
-}
-
error() {
local mesg="$(_ "$1")"; shift
printf "${RED}==> $(gettext "ERROR:")${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2
@@ -67,8 +78,8 @@ msg "Cleaning chroot..."
cp /repo/repo.db /var/lib/pacman/sync/repo.db
# Setup the temporary directory
-TEMPDIR="$(mktemp --tmpdir -d $(basename $0).XXXXX)"
-trap "rm -rf '$TEMPDIR'" EXIT
+TEMPDIR="$(mktemp --tmpdir -d ${0##*/}.XXXXXXXXXX)"
+trap "rm -rf -- $(printf '%q' "$TEMPDIR")" EXIT
cp -a /var/lib/pacman/sync "${TEMPDIR}/"
pkglist="${TEMPDIR}"/pkglist.txt
diff --git a/src/chroot-tools/distcc-tool b/src/chroot-tools/distcc-tool
index 7633029..f2e43dd 100755
--- a/src/chroot-tools/distcc-tool
+++ b/src/chroot-tools/distcc-tool
@@ -2,7 +2,9 @@
# -*- tab-width: 4; sh-basic-offset: 4 -*-
# distcc-tool
-# Copyright 2013 Luke Shumaker
+# Copyright (C) 2013-2014 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv3+
#
# This file is part of Parabola.
#
@@ -32,6 +34,8 @@ if ! type gettext &>/dev/null; then
gettext() { echo "$@"; }
fi
+q0="$(printf '%q' "$0")" # quoted $0
+
panic() {
echo "$(gettext 'panic: malformed call to internal function')" >&2
exit 1
@@ -50,7 +54,7 @@ print() {
}
usage() {
- print "Usage: $0 COMMAND [COMMAND-ARGS]"
+ print "Usage: %s COMMAND [COMMAND-ARGS]" "$q0"
print "Tool for using distcc within a networkless chroot"
echo
print "Commands:"
@@ -125,7 +129,7 @@ parse_DISTCC_HOSTS() {
*@*)
# SSH_HOST doesn't allow custom port numbers, and even if it
# did, ssh would complain about MITM. Instead, we'll count on
- # ssh ProxyCommand being configured to used `client`.
+ # ssh ProxyCommand being configured to use `client`.
newhosts+=("$HOSTSPEC")
;;
# GLOBAL_OPTION
@@ -135,7 +139,7 @@ parse_DISTCC_HOSTS() {
;;
# ZEROCONF
+zeroconf)
- error "%s does not support the +zeroconf option" "$0"
+ error "%s does not support the +zeroconf option" "$q0"
exit 1
;;
# TCP_HOST or OLDSTYLE_TCP_HOST
@@ -159,7 +163,7 @@ parse_DISTCC_HOSTS() {
# set up port forwaring
if $forward_ports; then
- socat TCP-LISTEN:${newport},fork SYSTEM:"$0 client $HOSTID ${PORT:-3632}" &
+ socat TCP-LISTEN:${newport},fork SYSTEM:"$q0 client $HOSTID ${PORT:-3632}" &
pids+=($!)
fi
@@ -222,8 +226,8 @@ odaemon() {
local chrootpath=$1
umask 111
- socat UNIX-LISTEN:"$chrootpath/socket",fork SYSTEM:"$0 server" &
- trap "kill -- $!; rm -f '$chrootpath/socket'" EXIT
+ socat UNIX-LISTEN:"$chrootpath/socket",fork SYSTEM:"$q0 server" &
+ trap "kill -- $!; rm -f -- $(printf '%q' "$chrootpath/socket")" EXIT
wait
}
diff --git a/src/chroot-tools/hooks-chcleanup.sh b/src/chroot-tools/hooks-chcleanup.sh
index 86c872c..0fd0f72 100644
--- a/src/chroot-tools/hooks-chcleanup.sh
+++ b/src/chroot-tools/hooks-chcleanup.sh
@@ -1,4 +1,21 @@
#!/usr/bin/env bash
+# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv2+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
set -euE
hook_pre_build+=("clean_chroot")
diff --git a/src/chroot-tools/hooks-check.sh b/src/chroot-tools/hooks-check.sh
index 2702f95..850516b 100644
--- a/src/chroot-tools/hooks-check.sh
+++ b/src/chroot-tools/hooks-check.sh
@@ -1,4 +1,21 @@
#!/usr/bin/env bash
+# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv2+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
set -euE
hook_check_pkgbuild+=("check_pkgbuild_nonfree")
diff --git a/src/chroot-tools/hooks-distcc.sh b/src/chroot-tools/hooks-distcc.sh
index d8d708a..37c82dc 100644
--- a/src/chroot-tools/hooks-distcc.sh
+++ b/src/chroot-tools/hooks-distcc.sh
@@ -1,4 +1,23 @@
#!/usr/bin/env bash
+# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv2+
+#
+# This file is part of Parabola.
+#
+# Parabola is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# Parabola is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Parabola. If not, see <http://www.gnu.org/licenses/>.
+
set -euE
hook_pre_build+=("distcc_start")
diff --git a/src/chroot-tools/indent b/src/chroot-tools/indent
index 0e2d0e0..ffec4d5 100755
--- a/src/chroot-tools/indent
+++ b/src/chroot-tools/indent
@@ -1,4 +1,23 @@
#!/usr/bin/env perl
+# Copyright (C) 2013 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv3+
+#
+# This file is part of Parabola.
+#
+# Parabola is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Parabola is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Parabola. If not, see <http://www.gnu.org/licenses/>.
+
use warnings;
use strict;
use constant BUFFER_SIZE => 40;
@@ -19,9 +38,7 @@ while (1) {
$c = substr($buffer, $_, 1);
if ($c eq "\n") {
syswrite(STDOUT, $indent) if ($print_indent);
- # XXX: SYSTEMD-STDOUT HACK
- #syswrite(STDOUT, $c, 1);
- syswrite(STDOUT, "\r\n", 2);
+ syswrite(STDOUT, $c, 1);
$print_indent = 1;
} elsif ($c eq "\r") {
syswrite(STDOUT, $c, 1);
diff --git a/src/chroot-tools/librechroot b/src/chroot-tools/librechroot
index 5e16587..4edcb2f 100755
--- a/src/chroot-tools/librechroot
+++ b/src/chroot-tools/librechroot
@@ -2,15 +2,18 @@
set -euE
# librechroot
-# Copyright 2010 Nicolás Reynolds
-# Copyright 2011 Joshua Haase
-# Copyright 2012-2013 Luke Shumaker
+# Copyright (C) 2010-2012 Nicolás Reynolds <fauno@parabola.nu>
+# Copyright (C) 2011-2012 Joshua Ismael Haase Hernández (xihh) <hahj87@gmail.com>
+# Copyright (C) 2012 Michał Masłowski <mtjm@mtjm.eu>
+# Copyright (C) 2012-2014 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv2+
#
# This file is part of Parabola.
#
# Parabola is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
+# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# Parabola is distributed in the hope that it will be useful,
@@ -96,9 +99,9 @@ usage() {
printf ' rootdir : %s\n' "${rootdir:-$(_ 'ERROR')}"
printf ' copydir : %s\n' "${copydir:-$(_ 'ERROR')}"
echo
- prose 'If the chroot, or copy does not exist, it will be created
+ prose 'If the chroot or copy does not exist, it will be created
automatically. A chroot by default contains the packages in the
- group "base-devel", and any packages named in $CHROOTEXTRAPKG.
+ group "base-devel" and any packages named in $CHROOTEXTRAPKG.
Unless the `-C` or `-M` flags are used, the configuration files
that this program installs are the stock versions supplied in the
packages, not the versions from your host system. Other tools
@@ -151,7 +154,7 @@ readonly commands=(
run enter clean-repo help
)
-# set $rootdir and $copydir; blank them on error
+# Print code to set $rootdir and $copydir; blank them on error
calculate_directories() {
# Don't assume that CHROOTDIR or CHROOT are set,
# but assume that COPY is set.
@@ -186,23 +189,7 @@ arch_nspawn_flags=()
sysd_nspawn_flags=()
arch-nspawn() {
local copydir=$1; shift
- # XXX: SYSTEMD-STDOUT HACK
- if [[ -t 1 ]]; then
- cmd=("$@")
- else
- # This perl script is similar to `sed 's|\n|\r\n|g'`, (or, more
- # correctly, `sed 's|$|\r|'`) but it does't line-buffer.
- local perlcmd='
-my $size;
-my $buffer;
-while(1) {
- $size=sysread(STDIN, $buffer, 40);
- last if ($size < 1);
- $buffer =~ s/\n/\r\n/g;
- syswrite(STDOUT, $buffer);
-}'
- cmd=(bash --noprofile --norc -c "set -o pipefail; $(printf '%q ' "$@") |& perl -e $(printf '%q' "$perlcmd")")
- fi
+ local cmd=("$@")
set +u # if an array is empty, it counts as unbound
"$_arch_nspawn" "${arch_nspawn_flags[@]}" "$copydir" "${sysd_nspawn_flags[@]}" -- "${cmd[@]}"
@@ -223,19 +210,19 @@ main() {
C|M) arch_nspawn_flags+=(-$opt "$OPTARG");;
w) sysd_nspawn_flags+=("--bind=$OPTARG");;
r) sysd_nspawn_flags+=("--bind-ro=$OPTARG");;
- *) usage >/dev/stderr; return 1;;
+ *) usage >&2; return 1;;
esac
done
shift $(($OPTIND - 1))
if [[ $# -lt 1 ]]; then
error "Must specify a command"
- usage >/dev/stderr
+ usage >&2
return 1
fi
mode=$1
if ! in_array "$mode" "${commands[@]}"; then
error "Unrecognized command: %s" "$mode"
- usage >/dev/stderr
+ usage >&2
return 1
fi
shift
@@ -243,14 +230,14 @@ main() {
noop|make|sync|delete|update|enter|clean-pkgs|clean-repo)
if [[ $# -gt 0 ]]; then
error 'Command `%s` does not take any arguments: %s' "$mode" "$*"
- usage >/dev/stderr
+ usage >&2
return 1
fi
:;;
install-file)
if [[ $# -lt 1 ]]; then
error 'Command `%s` requires at least one file' "$mode"
- usage >/dev/stderr
+ usage >&2
return 1
else
local missing=()
@@ -269,14 +256,14 @@ main() {
install-name)
if [[ $# -lt 1 ]]; then
error 'Command `%s` requires at least one package name' "$mode"
- usage >/dev/stderr
+ usage >&2
return 1
fi
:;;
run)
if [[ $# -lt 1 ]]; then
error 'Command `%s` requires at least one argument' "$mode"
- usage >/dev/stderr
+ usage >&2
return 1
fi
:;;
@@ -342,11 +329,15 @@ main() {
mkdir -p "$copydir/etc/libretools.d"
{
- if [[ -n ${CHROOTEXTRAPKG[*]:-} ]]; then
- declare -p CHROOTEXTRAPKG | sed -r 's/declare( -.)* //'
+ if [[ ${#CHROOTEXTRAPKG[*]} -eq 0 ]]; then
+ echo 'CHROOTEXTRAPKG=()'
else
- printf 'CHROOTEXTRAPKG=()\n'
+ printf 'CHROOTEXTRAPKG=('
+ printf '%q ' "${CHROOTEXTRAPKG[@]}"
+ printf ')\n'
fi
+ # TODO: only set CHROOTARCH if $CARCH != $(uname -m)
+ printf 'CHROOTARCH=%q\n' "$(uname -m)"
} > "$copydir"/etc/libretools.d/chroot.conf
if [[ $mode != delete ]]; then
@@ -379,10 +370,10 @@ main() {
arch-nspawn "$copydir" pacman -Sy "$@"
;;
update)
- arch-nspawn "$copydir" pacman -Syu --noconfirm
+ arch-nspawn "$copydir" bash -c 'pacman -Syu --noconfirm'
;;
clean-pkgs)
- trap "rm -f '$copydir'/bin/chcleanup '$copydir'/chrootexec" EXIT
+ trap "rm -f -- $(printf '%q ' "$copydir"/{bin/chcleanup,chrootexec})" EXIT
install -m755 "$(librelib chroot/chcleanup)" "$copydir/bin/chcleanup"
printf '%s\n' \
'#!/bin/bash' \
diff --git a/src/chroot-tools/libremakepkg b/src/chroot-tools/libremakepkg
index fc6418c..aad4217 100755
--- a/src/chroot-tools/libremakepkg
+++ b/src/chroot-tools/libremakepkg
@@ -2,15 +2,18 @@
set -euE
# libremakepkg
-# Copyright 2010-2011 Nicolás Reynolds
-# Copyright 2011 Joshua Ismael Haase Hernández
-# Copyright 2012-2013 Luke Shumaker
+# Copyright (C) 2010-2012 Nicolás Reynolds <fauno@parabola.nu>
+# Copyright (C) 2010-2012 Joshua Ismael Haase Hernández (xihh) <hahj87@gmail.com>
+# Copyright (C) 2012 Michał Masłowski <mtjm@mtjm.eu>
+# Copyright (C) 2012-2014 Luke Shumaker <lukeshu@sbcglobal.net>
+#
+# License: GNU GPLv2+
#
# This file is part of Parabola.
#
# Parabola is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
+# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# Parabola is distributed in the hope that it will be useful,
@@ -33,7 +36,7 @@ umask 0022
readonly _indent="$(librelib chroot/indent)"
readonly INCHROOT=$([[ -f /.arch-chroot ]] && echo true || echo false)
NONET=true # can be changed with the -N flag
-# {SRC,LOG,PKG}DEST set at runtime by makepkg.conf
+# {PKG,SRC,SRCPKG,LOG}DEST set at runtime by makepkg.conf
# MAKEFLAGS, PACKAGER set at runtime by makepkg.conf
# LIBREUSER, LIBREHOME are set by conf.sh
librechroot_flags=()
@@ -54,6 +57,21 @@ indent() {
"$_indent" ' | '
}
+# Usage: _check_perms_dir $directory
+# Make sure that $directory is readable and executable (searchable) by 'nobody'
+check_directory_permissions() (
+ local dir=$1
+ # `cd` to the directory, then test `.`; that way if parent
+ # directories aren't readable, we aren't testing for that. We
+ # only need the last element in `$dir`.
+ cd "$dir"
+ if ! sudo -u nobody test -r . -a -x .; then
+ error "Directory '%s' must be readable by user 'nobody'" "$dir"
+ return 1
+ fi
+ return 0
+)
+
# Usage: exit_copy $copydir $src_owner
# End immediately, but copy log files out
exit_copy() {
@@ -106,21 +124,22 @@ build() (
local copydir=$1; shift
local repack=$1; shift
- local netflag=''
- local run=()
+ local run_ynet=()
+ local run_nnet=()
if $INCHROOT; then
- ! $NONET || netflag='-N'
- run=(unshare)
+ run_ynet=(unshare)
+ run_nnet=(unshare -n)
else
- ! $NONET || netflag='-n'
- run=(librechroot "${librechroot_flags[@]}" run)
+ run_ynet=(librechroot "${librechroot_flags[@]}" run)
+ run_nnet=(librechroot "${librechroot_flags[@]}" -N run)
fi
+ $NONET || run_nnet=("${run_ynet[@]}")
prepare_chroot "$copydir" "$LIBREHOME" "$repack" false
- "${run[@]}" /chrootprepare "$@" |& indent
+ "${run_ynet[@]}" /chrootprepare false "$@" |& indent
run_hook pre_build "$copydir"
trap "run_hook post_build '$copydir'" EXIT
- "${run[@]}" /chrootbuild "$@" |& indent
+ "${run_nnet[@]}" /chrootbuild false "$@" |& indent
)
# The main program #############################################################
@@ -132,7 +151,7 @@ usage() {
prose 'If run from outside of a chroot, command will make the following
configuration changes in the chroot:'
bullet 'whatever changes `librechroot` makes.'
- bullet 'set `PKGDEST` and `SRCDEST` in `/etc/makepkg.conf`'
+ bullet 'set `{PKG,SRC,SRCPKG,LOG}DEST` in `/etc/makepkg.conf`'
bullet 'set `PACKAGER` in `/etc/makepkg.conf` to reflect the value
outside of the chroot.'
bullet '(maybe) delete `/build/.makepkg.conf`'
@@ -148,8 +167,12 @@ usage() {
the documentation there.'
echo
print 'Options:'
+ print ' %s options:' librechroot
flag "-n <$(_ CHROOT)>" 'Name of the chroot to use'
flag "-l <$(_ COPY)>" 'Name of, or absolute path to, the chroot copy to use'
+ flag "-w <$(_ 'PATH[:PATH]')>" 'Bind mount a file or directory, read/write'
+ flag "-r <$(_ 'PATH[:PATH]')>" 'Bind mount a file or directory, read-only'
+ print ' %s options:' libremakepkg
flag '-N' "Don't disable networking during build() and
package(). PLEASE don't use this unless you
have a special reason, its use is a violation
@@ -173,10 +196,14 @@ main() {
local chroot=''
# Parse command line options ###########################################
- while getopts 'n:l:NRh' flag ; do
+ while getopts 'n:l:w:r:NRh' flag ; do
case "${flag}" in
- n) if $INCHROOT; then err_chflag "$flag"; else chroot=$OPTARG; fi;;
- l) if $INCHROOT; then err_chflag "$flag"; else copy=$OPTARG; fi;;
+ n) if $INCHROOT; then err_chflag "$flag"; else
+ chroot=$OPTARG; fi;;
+ l) if $INCHROOT; then err_chflag "$flag"; else
+ copy=$OPTARG; fi;;
+ w|r) if $INCHROOT; then err_chflag "$flag"; else
+ librechroot_flags+=(-$flag "$OPTARG"); fi;;
N) NONET=false;;
R) repack=true; makepkg_args+=(-R);;
h) usage; return 0;;
@@ -204,6 +231,15 @@ main() {
fi
unset chroot
+ # Load makepkg configuration ###########################################
+ # Note that all of these are globals
+ PKGDEST="$(get_var makepkg PKGDEST "$PWD")"
+ SRCDEST="$(get_var makepkg SRCDEST "$PWD")"
+ SRCPKGDEST="$(get_var makepkg SRCPKGDEST "$PWD")"
+ LOGDEST="$(get_var makepkg LOGDEST "$PWD")"
+ MAKEFLAGS="$(get_var makepkg MAKEFLAGS '')"
+ PACKAGER="$(get_var makepkg PACKAGER '')"
+
# Quick sanity check ###################################################
if (( EUID )); then
@@ -217,20 +253,16 @@ main() {
exit 1
fi
- # Load makepkg configuration ###########################################
- # Note that all of these are globals
- SRCDEST="$(get_var makepkg SRCDEST "$PWD")"
- PKGDEST="$(get_var makepkg PKGDEST "$PWD")"
- LOGDEST="$(get_var makepkg LOGDEST "$PWD")"
- mkdir -p "$SRCDEST" "$PKGDEST" "$LOGDEST"
- MAKEFLAGS="$(get_var makepkg MAKEFLAGS '')"
- PACKAGER="$(get_var makepkg PACKAGER '')"
-
- librechroot_flags=(
- -r "$PWD:/startdir_host"
- -r "$SRCDEST:/srcdest_host"
- -n "$CHROOT"
- -l "$copy"
+ # Make sure that the various *DEST directories exist
+ mkdir -p -- "$PKGDEST" "$SRCDEST" "$SRCPKGDEST" "$LOGDEST"
+ # Check the permissions for $startdir and $SRCDEST
+ (
+ declare -i ret=0
+ check_directory_permissions "$PWD" || ret=1
+ if ! [[ "$PWD" -ef "$SRCDEST" ]]; then
+ check_directory_permissions "$SRCDEST" || ret=1
+ fi
+ exit $ret
)
# OK, we are starting now ##############################################
@@ -239,6 +271,13 @@ main() {
lock 9 "/build/.lock" \
"Waiting for existing lock on build directory to be released"
else
+ librechroot_flags+=(
+ -r "$PWD:/startdir_host"
+ -r "$SRCDEST:/srcdest_host"
+ -n "$CHROOT"
+ -l "$copy"
+ )
+
# Obtain a lock on the chroot
lock 9 "$copydir.lock" \
"Waiting for existing lock on chroot copy to be released: [%s]" "$copy"
diff --git a/src/chroot-tools/makechrootpkg.sh.patch b/src/chroot-tools/makechrootpkg.sh.patch
index 4dd1146..8180d89 100644
--- a/src/chroot-tools/makechrootpkg.sh.patch
+++ b/src/chroot-tools/makechrootpkg.sh.patch
@@ -1,14 +1,21 @@
---- makechrootpkg.sh.in 2013-10-26 14:53:57.000000000 -0400
-+++ makechrootpkg.sh.ugly 2013-11-16 15:14:04.000000000 -0500
-@@ -12,6 +12,7 @@
+--- makechrootpkg.sh.in 2014-05-10 22:03:27.956692573 -0400
++++ makechrootpkg.sh.ugly 2014-05-10 22:09:15.376594518 -0400
+@@ -1,4 +1,6 @@
+ #!/bin/bash
++# License: GNU GPLv2
++#
+ # This program is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+ # the Free Software Foundation; version 2 of the License.
+@@ -12,6 +14,7 @@
shopt -s nullglob
+init_variables() {
- _makepkg_args=(-s --noconfirm -L --holdver)
- makepkg_args=("${_makepkg_args[@]}")
+ default_makepkg_args=(-s --noconfirm -L --holdver)
+ makepkg_args=("${default_makepkg_args[@]}")
repack=false
-@@ -29,9 +30,10 @@
+@@ -29,9 +32,10 @@
bindmounts_rw=()
copy=$USER
@@ -20,7 +27,7 @@
usage() {
echo "Usage: ${0##*/} [options] -r <chrootdir> [--] [makepkg args]"
-@@ -67,6 +69,7 @@
+@@ -67,6 +71,7 @@
exit 1
}
@@ -28,7 +35,7 @@
while getopts 'hcur:I:l:nTD:d:' arg; do
case "$arg" in
h) usage ;;
-@@ -93,9 +96,6 @@
+@@ -91,9 +96,6 @@
[[ ! -d $chrootdir ]] && die "No chroot dir defined, or invalid path '%s'" "$passeddir"
[[ ! -d $chrootdir/root ]] && die "Missing chroot dir root directory. Try using: mkarchroot %s/root base-devel" "$chrootdir"
@@ -38,9 +45,9 @@
if [[ ${copy:0:1} = / ]]; then
copydir=$copy
else
-@@ -110,30 +110,47 @@
- repack=true
- fi
+@@ -113,30 +115,48 @@
+ esac
+ done
-if [[ -n $SUDO_USER ]]; then
+if [[ -n ${SUDO_USER:-} ]]; then
@@ -54,8 +61,9 @@
+# Usage: load_vars $makepkg_conf
+# Globals:
+# - SRCDEST
-+# - LOGDEST
++# - SRCPKGDEST
+# - PKGDEST
++# - LOGDEST
+# - MAKEFLAGS
+# - PACKAGER
load_vars() {
@@ -63,7 +71,7 @@
[[ -f $makepkg_conf ]] || return 1
- for var in {SRC,PKG,LOG}DEST MAKEFLAGS PACKAGER; do
+ for var in {SRC,SRCPKG,PKG,LOG}DEST MAKEFLAGS PACKAGER; do
- [[ -z ${!var} ]] && eval $(grep "^${var}=" "$makepkg_conf")
+ [[ -z ${!var:-} ]] && eval $(grep "^${var}=" "$makepkg_conf")
done
@@ -92,11 +100,14 @@
# Get a read lock on the root chroot to make
# sure we don't clone a half-updated chroot
slock 8 "$chrootdir/root.lock" "Locking clean chroot"
-@@ -154,11 +171,16 @@
+@@ -157,14 +177,19 @@
# Drop the read lock again
lock_close 8
- fi
+
+ # Update mtime
+ touch "$copydir"
}
-clean_temporary() {
@@ -109,10 +120,10 @@
+ local chroottype=$(stat -f -c %T "$copydir")
+
+ stat_busy "Removing chroot copy [%s]" "$copy"
- if [[ "$chroottype" == btrfs ]]; then
+ if [[ "$chroottype" == btrfs ]] && ! mountpoint -q "$copydir"; then
btrfs subvolume delete "$copydir" >/dev/null ||
die "Unable to delete subvolume %s" "$copydir"
-@@ -173,9 +195,14 @@
+@@ -179,9 +204,14 @@
stat_done
}
@@ -127,7 +138,7 @@
for install_pkg in "${install_pkgs[@]}"; do
pkgname="${install_pkg##*/}"
cp "$install_pkg" "$copydir/$pkgname"
-@@ -188,11 +215,19 @@
+@@ -194,11 +224,19 @@
rm "$copydir/$pkgname"
done
@@ -149,9 +160,9 @@
$repack || rm -rf "$copydir/build"
mkdir -p "$copydir/build"
-@@ -226,12 +261,12 @@
+@@ -237,12 +275,12 @@
- chown -R nobody "$copydir"/{build,pkgdest,logdest,srcdest,startdir}
+ chown -R nobody "$copydir"/{build,pkgdest,srcpkgdest,logdest,srcdest,startdir}
- if [[ -n $MAKEFLAGS ]]; then
+ if [[ -n ${MAKEFLAGS:-} ]]; then
@@ -164,7 +175,7 @@
sed -i '/^PACKAGER=/d' "$copydir/etc/makepkg.conf"
echo "PACKAGER='${PACKAGER}'" >> "$copydir/etc/makepkg.conf"
fi
-@@ -244,20 +279,38 @@
+@@ -255,20 +293,38 @@
chmod 440 "$copydir/etc/sudoers.d/nobody-pacman"
fi
@@ -174,16 +185,15 @@
+SigLevel = Optional TrustAll
+Server = file:///repo
+'
-+ sed -i "${line}i${ins//$'\n'/\n}" "$copydir/etc/pacman.conf"
++ sed -i "${line}i${ins//$'\n'/\\n}" "$copydir/etc/pacman.conf"
+ fi
+
# This is a little gross, but this way the script is recreated every time in the
# working copy
-- printf $'#!/bin/bash\n%s\n_chrootbuild %q "$@"' "$(declare -f _chrootbuild)" \
-+ printf '#!/bin/bash\n%s\n_chrootprepare "$@"' "$(declare -f _chrootprepare)" \
++ printf $'#!/bin/bash\n%s\n_chrootprepare "$@"' "$(declare -f _chrootprepare)" \
+ > "$copydir/chrootprepare"
+ chmod +x "$copydir/chrootprepare"
-+ printf '#!/bin/bash\n%s\n_chrootbuild %q "$@"' "$(declare -f _chrootbuild)" \
+ printf $'#!/bin/bash\n%s\n_chrootbuild %q "$@"' "$(declare -f _chrootbuild)" \
"$run_namcap" >"$copydir/chrootbuild"
chmod +x "$copydir/chrootbuild"
}
@@ -206,7 +216,7 @@
makepkg --config="$copydir/etc/makepkg.conf" --verifysource -o
else
( export SRCDEST BUILDDIR="$builddir"
-@@ -267,20 +320,15 @@
+@@ -278,10 +334,10 @@
(( $? != 0 )) && die "Could not download sources."
# Clean up garbage from verifysource
@@ -218,31 +228,28 @@
+_chrootprepare() {
# This function isn't run in makechrootpkg,
# so no global variables
-- local run_namcap="$1"; shift
-- local makepkg_args=("$@")
--
-- . /etc/profile
-- export HOME=/build
-- shopt -s nullglob
+ local run_namcap="$1"; shift
+@@ -292,6 +348,7 @@
+ shopt -s nullglob
# XXX: Workaround makepkg disliking read-only dirs
+ rm -rf -- /srcdest/* /startdir/*
ln -sft /srcdest /srcdest_host/*
ln -sft /startdir /startdir_host/*
-@@ -295,15 +343,27 @@
- done
- done
+@@ -317,11 +374,29 @@
-- cd /startdir
--
- # XXX: Keep PKGBUILD writable for pkgver()
-- rm PKGBUILD*
-- cp /startdir_host/PKGBUILD* .
-- chown nobody PKGBUILD*
-+ rm /startdir/PKGBUILD*
-+ cp /startdir_host/PKGBUILD* /startdir
-+ chown nobody /startdir/PKGBUILD*
+ # Safety check
+ if [[ ! -w PKGBUILD ]]; then
++ # XXX: internationalize this message
+ echo "Can't write to PKGBUILD!"
+ exit 1
+ fi
+
+- sudo -u nobody makepkg "${makepkg_args[@]}" || exit 1
++ # Sync deps now, as networking may be disabled during _chrootbuild
++ cp /repo/repo.db /var/lib/pacman/sync/repo.db
++ sudo -u nobody makepkg "${makepkg_args[@]}" -o
+}
+
+_chrootbuild() {
@@ -256,14 +263,12 @@
+ shopt -s nullglob
+
+ cd /startdir
++
++ sudo -u nobody makepkg "${makepkg_args[@]}" -e || exit 1
- # Safety check
- if [[ ! -w PKGBUILD ]]; then
-+ # XXX: internationalize this message
- echo "Can't write to PKGBUILD!"
- exit 1
- fi
-@@ -321,12 +381,24 @@
+ if $run_namcap; then
+ pacman -S --needed --noconfirm namcap
+@@ -334,12 +409,24 @@
exit 0
}
@@ -286,9 +291,9 @@
+ local l
for l in "$copydir"/logdest/*; do
+ [[ $l == */logpipe.* ]] && continue
chown "$src_owner" "$l"
- mv "$l" "$LOGDEST"
-@@ -334,6 +406,10 @@
+@@ -353,6 +440,10 @@
}
# }}}
@@ -298,26 +303,24 @@
+
umask 0022
- load_vars /etc/makepkg.conf
-@@ -344,17 +420,25 @@
- [[ -d $SRCDEST ]] || SRCDEST=$PWD
- [[ -d $LOGDEST ]] || LOGDEST=$PWD
+ load_vars "$USER_HOME/.makepkg.conf"
+@@ -364,30 +455,45 @@
+ [[ -d $SRCPKGDEST ]] || SRCPKGDEST=$PWD
+ [[ -d $LOGDEST ]] || LOGDEST=$PWD
-create_chroot
+# Lock the chroot we want to use. We'll keep this lock until we exit.
+lock 9 "$copydir.lock" "Locking chroot copy [%s]" "$copy"
-
--$update_first && arch-nspawn "$copydir" \
-- "${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \
-- pacman -Syu --noconfirm
++
+if [[ ! -d $copydir ]] || $clean_first; then
+ sync_chroot "$chrootdir" "$copy"
+fi
--[[ -n ${install_pkgs[*]} ]] && install_packages
-+$update_first && arch-nspawn "$copydir" pacman -Syu --noconfirm
+ $update_first && arch-nspawn "$copydir" \
+ "${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \
+ pacman -Syu --noconfirm
--prepare_chroot
+-[[ -n ${install_pkgs[*]} ]] && install_packages
+if [[ -n ${install_pkgs[*]:-} ]]; then
+ install_packages "$copydir" "${install_pkgs[@]}"
+ ret=$?
@@ -325,15 +328,21 @@
+ [[ -f PKGBUILD ]] || exit $ret
+fi
--download_sources
+-prepare_chroot
+prepare_chroot "$copydir" "$USER_HOME" "$repack"
-+
+
+-download_sources
+download_sources "$copydir" "$src_owner"
if arch-nspawn "$copydir" \
--bind-ro="$PWD:/startdir_host" \
-@@ -362,12 +446,12 @@
+ --bind-ro="$SRCDEST:/srcdest_host" \
"${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \
++ /chrootprepare &&
++ arch-nspawn "$copydir" \
++ --bind-ro="$PWD:/startdir_host" \
++ --bind-ro="$SRCDEST:/srcdest_host" \
++ "${bindmounts_ro[@]}" "${bindmounts_rw[@]}" \
/chrootbuild "${makepkg_args[@]}"
then
- move_products
@@ -347,7 +356,7 @@
if (( ret != 0 )); then
if $temp_chroot; then
-@@ -378,3 +462,4 @@
+@@ -398,3 +504,4 @@
else
true
fi
diff --git a/src/chroot-tools/mkarchroot.patch b/src/chroot-tools/mkarchroot.patch
new file mode 100644
index 0000000..9366d92
--- /dev/null
+++ b/src/chroot-tools/mkarchroot.patch
@@ -0,0 +1,30 @@
+--- mkarchroot.in 2014-05-10 22:10:54.871326879 -0400
++++ mkarchroot.ugly 2014-05-10 22:10:54.887993222 -0400
+@@ -1,4 +1,6 @@
+ #!/bin/bash
++# License: GNU GPLv2
++#
+ # This program is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+ # the Free Software Foundation; version 2 of the License.
+@@ -66,6 +68,11 @@
+ chmod 0755 "$working_dir"
+ fi
+
++_env=()
++while read -r varname; do
++ _env+=("$varname=${!varname}")
++done < <(declare -x | sed -r 's/^declare -x ([^=]*)=.*/\1/' | grep -i '_proxy$')
++env -i "${_env[@]}" \
+ pacstrap -GMcd ${pac_conf:+-C "$pac_conf"} "$working_dir" \
+ "${cache_dirs[@]/#/--cachedir=}" "$@" || die 'Failed to install all packages'
+
+@@ -73,7 +80,7 @@
+ echo 'LANG=C' > "$working_dir/etc/locale.conf"
+ echo "$CHROOT_VERSION" > "$working_dir/.arch-chroot"
+
+-exec arch-nspawn \
++exec $(librelib chroot/arch-nspawn) \
+ ${pac_conf:+-C "$pac_conf"} \
+ ${makepkg_conf:+-M "$makepkg_conf"} \
+ ${cache_dir:+-c "$cache_dir"} \