Age | Commit message (Collapse) | Author |
|
It's important to ensure the guest has up to date data because updating
a chroot after quite some time can potentially rely on updated
archlinux-keyring, something which the host machine either kept up to
date on or manually fixed, but it kills automation to mess around with
chroot configs like that. Alternatively, signed packages added with -I
need to work, and we assume the host is configured to accept these.
That is *not* a good reason to completely nuke whatever is in the guest,
though. A guest might have been manually configured to accept keys which
aren't accepted by the host; one example of this happening in practice,
is archlinux32 when building 32-bit packages from an archlinux host.
A simple solution is to use pacman-key's native facility to dump the
known keys and trust status from one gpg configuration, and import it
into another. Use this to append to, rather than overwrite, the chrooted
guest's pacman keyring.
While we are at it, fix a bug where we didn't respect the host's
pacman.conf settings for the GpgDir. While it isn't wildly likely a user
will choose to customize this, it is a valid and supported use case and
we must think about this ourselves.
|
|
Some lines are indented by spaces, while adjacent lines are indentet by tabs.
We should use tabs on both.
|
|
|
|
These changes are all strictly "slap some double-quotes in there".
Anything more than that is not included in this commit.
|
|
These are purely stylistic changes that make shellcheck complain less.
This does NOT include things like quoting currently unquoted variables.
|
|
A previous iteration of this change (libretools commit d7dcce53396d)
simply inserted `env -i` to clear the environment.
However, that lead to it ignoring proxy settings, which some users had
problems with:
https://labs.parabola.nu/issues/487:
> To fix other bugs, the pacstrap environment is blank, which also
> means that the proxy settings are blank.
So (in libretools commit d17d1d82349f), I changed it to use `declare
-x` to inspect the environment, and create a version of it only
consisting of variables ending with "_proxy" (case-insensitive).
I honestly don't remember what "other bugs" prompted me to clear the
environment in the first place.
|
|
This allows us to run an ARM chroot on an x86 box; as the binfmt
runner will set the architecture for us, and the x86
`/usr/bin/setarch` program won't know about the ARM architecture
string.
|
|
This allows us to copy in files like `qemu-arm-static`, which is
necessary for running an ARM chroot on an x86 box.
|
|
This involves extending the signature of lib/common.sh's `stat_busy()`,
`lock()`, and `slock()`. The `mesg=$1; shift` in stat_busy even suggests
that this is what was originally intended from it.
|
|
In cases where there is no license specified, the file is tagged as
"License: Unspecified". Obviously, that is not ideal, but it
highlights the fact, and I hope that it encourages whoever has the
authority to specify the license to do so.
On that note, to anyone who may have the authority to specify the
license of files in devtools: the current licence of many files is
GPLv2 with no option for later versions; I impore you to re-license
them to have the "or any later version" option.
|
|
|
|
Move the function and save the orig_argv right along it.
|
|
|
|
In order to have an UTF-8 locale in the build root. This is something
normally set on real machines but is not set from our chroots. Meson,
for example, loudly complains when the locale charset is not UTF-8.
I'd like to have C.UTF-8, as most other distributions do. Unfortunately,
it's not part of vanilla glibc; en_US.UTF-8 will have to do.
mkarchroot already creates roots with both en_US.UTF-8 and de_DE.UTF-8,
the latter because builds of gcc (perhaps used to) require it.
Bump the CHROOT_VERSION due to the setting change.
|
|
|
|
Fixes FS#42277.
|
|
The "app" hasn't been an option since arch-nspawn was created.
|
|
In collaborative builder machine, these scripts are often allowed to become root
via sudo. This patch avoid to prefix them by sudo each time or call su.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
Now that die() properly forwards arguments to error(), we can expect
that the first arg is a format string and not the entirety of the
output.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
Reduces code duplication.
With makechrootpkg not calling mkarchroot anymore,
the lock handover protocol is unneeded.
arch-nspawn does not do any locking, so add protection to archbuild.
|
|
Separates the two features of mkarchroot. Provides users of the new
arch-nspawn with the full feature set of systemd-nspawn.
For example, this can be used to bind custom directories into the chroot.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
systemd-nspawn is capable of doing this as of systemd-198. Doing this
means we can remove all of our home grown chroot mount/umount logic, as
it's all performed by pacstrap or systemd-nspawn.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
|
|
The usage messages now begins with a "Usage:", i.e. capitalized and with a colon. Fixes FS#26956.
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
Fixes FS#28973
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
Stop trap_exit from forcing a 0 exit code. This fixes makechrootpkg,
which used to always return success, even if the build failed.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
/etc/timezone is no longer used. We only need /etc/localtime.
This fixes FS#31929
|
|
|
|
* If we are running systemd use nspawn instead of our own chroot setup
* Use pacstrap to setup our chroot environment
* Make sure the common trap is still called
* Bind resolve.conf, timezone and lcoaltime from the host if nspawn is not used
* Run ldconfig within the chroot
|
|
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
* We use the host package cache configuration
* As only the first cache will be written to, we mount the others readonly
|
|
|
|
is needed
|
|
* bind /sys and /dev/pts from host
* drop support for devtmpfs as it is no longer needed
* add /run and /dev/rtc0
* clone own ipc, uts and mount namespaces for chroot
* set localtime, timezone and locale within chroot environment
* copy /etc/pacman.d/gnupg from host
|
|
We need /dev/ptmx -> /dev/pts/ptmx (for devpts -o newinstance)
Other way to do this thing is via bind mount (as said kernel doc[devpts.txt]).
This should be done in this way at least for /dev as devtmpfs in the chroot.
Since we can not touch /dev (devtmpfs), because devtmpfs is "singleton",
just use bind method and avoid interference.
Do it the same for both modes of /dev (tmpfs) and (devtmpfs) to keep it simple.
Currently devpts in chroot is not working without this when using /dev as devtmpfs,
this fixes this issue (opening /dev/ptmx, creates devices nodes on outside /dev/pts)
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
The main intention of this patch is to take advantage of
/dev/loop-control and loop devices.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
As of filesystem-2011.12 this is not needed anylonger, and indeed blocks the
chroot from being upgraded. As a workaround, recreating the chroot fixes the
problem.
Fixes FS#27640.
Reported-by: Andrea Scarpino <andrea@archlinux.org>
Signed-off-by: Tom Gundersen <teg@jklm.no>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
We already fixed a couple of these in previous patches - this one should
replace all remaining uses of single brackets ("[") by double brackets.
Also, use arithmetic evaluation instead of conditional expressions where
appropriate and make use of "-z" and "-n" instead of comparing variables
to empty strings.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
Some of the output/error messages were capitalized, some were
not. This patch capitalize everything for consistency sake. Other
minor changes were done to the messages like removing the superfluous
"error:" from die messages and adding a final period to messages that
were complete sentences as appropriate.
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
|
|
* common.sh is included on build time
* most functions are copied from makepkg
|
|
Thanks to Peter Schuller for this hint
|
|
This build system overhaul allows for adding (define-style) macros to
our scripts. All source files are now suffixed with ".in" to clarify
that they might contain unprocessed defines. The Makefile provides a new
rule to preprocess source files and generate proper output scripts.
Also, add a "@pkgdatadir@" define (as used in GNU Autotools) and use it
instead of hardcoded paths to "/usr/share/devtools" everywhere. We
missed this when adding PREFIX support to the build system in commit
35fc83ce7d8dc26cd424321f2e8638d05da0a6d4.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|