[d-i-commits] r32180 - in trunk/installer: build build/util debian
Joey Hess
joeyh at costa.debian.org
Wed Nov 16 19:58:59 UTC 2005
Author: joeyh
Date: 2005-11-16 19:58:56 +0000 (Wed, 16 Nov 2005)
New Revision: 32180
Modified:
trunk/installer/build/Makefile
trunk/installer/build/README
trunk/installer/build/TODO
trunk/installer/build/util/get-packages
trunk/installer/debian/changelog
Log:
* Back to managing localudebs with apt. To support secure apt,
authentication is disabled and a warning printed if there are any udebs
in the localudebs directory. During an official build there will not be
any and the downloaded udebs will be properly authenticated.
Modified: trunk/installer/build/Makefile
===================================================================
--- trunk/installer/build/Makefile 2005-11-16 16:48:32 UTC (rev 32179)
+++ trunk/installer/build/Makefile 2005-11-16 19:58:56 UTC (rev 32180)
@@ -214,7 +214,7 @@
.PHONY: reallyclean
reallyclean: all_clean
rm -rf $(APTDIR) $(APTDIR).udeb $(APTDIR).deb $(BASE_DEST) $(BASE_TMP) $(SOURCEDIR) $(DEBUGUDEBDIR)
- rm -f sources.list sources.list.udeb
+ rm -f sources.list sources.list.udeb $(LOCALUDEBDIR)/Packages.gz $(LOCALUDEBDIR)/Packages
rm -rf $(UDEBDIR) $(STAMPS)
# For manual invocation, we provide a generic clean rule.
@@ -506,6 +506,7 @@
sources.list.udeb:
(set -e; \
echo "# This file is automatically generated, edit $@.local instead."; \
+ echo "deb copy:$(shell pwd)/ $(LOCALUDEBDIR)/"; \
if [ "$(MIRROR)x" != "x" ]; then \
echo "deb $(MIRROR) $(SUITE) $(UDEB_COMPONENTS)"; \
else \
@@ -687,8 +688,6 @@
-sPackage apt.udeb/state/lists/*_Packages* | \
grep -v kernel-image | grep -v -- -modules | \
cut -d " " -f 2 > $@
- # Add any local udebs to the list, skipping kernel stuff
- find localudebs/*.udeb -printf '%f\n' | grep -v kernel-image | grep -v -- -modules- | sed 's/_.*//' >> $@
# Get a list of all kernel modules matching the kernel version.
pkg-lists/kernel-module-udebs:
@@ -698,9 +697,7 @@
grep-dctrl -P -e '.*-modules-$(VERSION)-$(KERNEL_FLAVOUR)' \
-sPackage apt.udeb/state/lists/*_Packages* | \
cut -d " " -f 2 >> $@;)
- # Add any local kernel modules to the list.
- $(foreach VERSION,$(KERNELVERSION), \
- find localudebs/*-modules-$(VERSION)-$(KERNEL_FLAVOUR)_*.udeb -printf '%f\n' | sed 's/_.*//' >> $@;)
+
# The kernel version changes from build to build, so always regen the file.
.PHONY: pkg-lists/kernel-module-udebs
Modified: trunk/installer/build/README
===================================================================
--- trunk/installer/build/README 2005-11-16 16:48:32 UTC (rev 32179)
+++ trunk/installer/build/README 2005-11-16 19:58:56 UTC (rev 32180)
@@ -69,12 +69,6 @@
and so are build-depended on.
* If you have some udebs that are not available on your mirror yet,
you can drop them in 'localudebs/' and they will be used.
- HOWEVER, the current way they are used does not make apt aware of the
- files in localudebs when it is installing other udebs. So if you have
- added a package to localudebs to satisfy a dependency of some other udeb
- that is not in localudebs, apt will still fail during the build. The way
- around this for now is to copy any such udebs into localudebs, then apt
- does not have to worry about installing them and everything will work.
* dpkg is used to unpack the udebs into the build directory.
* A customized set of reduced libraries is generated to correspond to the
udebs that were installed.
Modified: trunk/installer/build/TODO
===================================================================
--- trunk/installer/build/TODO 2005-11-16 16:48:32 UTC (rev 32179)
+++ trunk/installer/build/TODO 2005-11-16 19:58:56 UTC (rev 32180)
@@ -14,13 +14,3 @@
* Convert the driver floppies to use FAT filesystem, not ext2, on i386.
Makes it easier for third parties to throw additional udebs on.
* Cache the upxed kernel, to avoid re-upxing it over and over.
-* The localudebs stuff is a hack, and would be better handled by using
- apt-ftparchive to set up an apt repository based on files in localudebs,
- and let apt know about it by adding that to sources.list.udeb. Then the
- ugly caveat in README could be removed. In fact, this was done once (svn
- r26866), but secure apt broke it by requring gpg signatures, which would
- e very hard to automate for this.
- An alternative for apt-ftparchive is to use dpkg-scanpackages:
- dpkg-scanpackages -u localudebs /dev/null | gzip >localudebs/Packages.gz
- The following line in sources.list.udeb will then work:
- deb file:<full path to installer/build/> localudebs/
Modified: trunk/installer/build/util/get-packages
===================================================================
--- trunk/installer/build/util/get-packages 2005-11-16 16:48:32 UTC (rev 32179)
+++ trunk/installer/build/util/get-packages 2005-11-16 19:58:56 UTC (rev 32180)
@@ -54,6 +54,18 @@
make sources.list.$TYPE
fi
+# localudebs support
+apt-ftparchive packages $LOCALUDEBDIR > $LOCALUDEBDIR/Packages
+cat $LOCALUDEBDIR/Packages | gzip > $LOCALUDEBDIR/Packages.gz
+if [ -s $LOCALUDEBDIR/Packages ]; then
+ echo "*" >&2
+ echo "* Warning: Building with localudebs." >&2
+ echo "* Secure apt validation will be disabled for this build." >&2
+ echo "* This build should not be used for official purposes." >&2
+ echo "*" >&2
+ SECOPTS="--allow-unauthenticated"
+fi
+
# All these options make apt read the right sources list, and use APTDIR for
# everything so it need not run as root.
APT_GET="apt-get --assume-yes \
@@ -62,7 +74,8 @@
-o Debug::NoLocking=true \
-o Dir::Cache=`pwd`/$APTDIR/cache \
-o Acquire::Retries=3 \
- -o Apt::Architecture=`dpkg-architecture -qDEB_HOST_ARCH`"
+ -o Apt::Architecture=`dpkg-architecture -qDEB_HOST_ARCH` \
+ $SECOPTS"
# Prepare APTDIR
mkdir -p $APTDIR/state/lists/partial
@@ -112,33 +125,23 @@
exit 0
fi
-# If there are local (u)debs, remove them from the list of things to
-# get. Then get all the (u)debs that are left to get. Note that the
-# trailing blank on the next line is significant. It makes the sed
-# below always work.
-
-needed="$PACKAGES "
-for file in `find $LOCALUDEBDIR -name "*_*" -printf "%f\n" 2>/dev/null`; do
- package=`echo $file | cut -d _ -f 1`
- needed=`echo " $needed " | sed "s/ $package / /g"`
-done
+# Get udebs.
if [ "$DEBUG" = y ]; then
mkdir -p $DEBUGUDEBDIR
cd $DEBUGUDEBDIR
export DEB_BUILD_OPTIONS="debug"
- $APT_GET source --build --yes $needed
+ $APT_GET source --build --yes $PACKAGES
cd ..
else
- echo Need to download : $needed
- if [ -n "$needed" ]; then
- $APT_GET -dy install $needed
+ echo Need to download: $PACKAGES
+ if [ -n "$PACKAGES" ]; then
+ $APT_GET -dy install $PACKAGES
fi
fi
-# Now the (u)debs are in APTDIR/cache/archives/ and maybe LOCALUDEBDIR
-# or DEBUGUDEBDIR, but there may be other (u)debs there too besides
-# those we asked for. So link those we asked for to UDEBDIR, renaming
-# them to more useful names.
+# Now the (u)debs are in APTDIR/cache/archives/ (and maybe DEBUGUDEBDIR)
+# but there may be other (u)debs there too besides those we asked for. So
+# link those we asked for to UDEBDIR, renaming them to more useful names.
rm -rf $UDEBDIR
mkdir -p $UDEBDIR
@@ -152,10 +155,9 @@
for package in $PACKAGES; do
lnpkg $package $APTDIR/cache/archives $UDEBDIR
- lnpkg $package $LOCALUDEBDIR $UDEBDIR
lnpkg $package $DEBUGUDEBDIR $UDEBDIR
if [ ! -e $UDEBDIR/$package.$TYPE ]; then
- echo "Needed $package not found (looked in $APTDIR/cache/archives/, $LOCALUDEBDIR/, $DEBUGUDEBDIR/)";
+ echo "Needed $package not found (looked in $APTDIR/cache/archives/, $DEBUGUDEBDIR/)";
exit 1
fi
done
Modified: trunk/installer/debian/changelog
===================================================================
--- trunk/installer/debian/changelog 2005-11-16 16:48:32 UTC (rev 32179)
+++ trunk/installer/debian/changelog 2005-11-16 19:58:56 UTC (rev 32180)
@@ -20,6 +20,10 @@
* Switch to root=/dev/ram in syslinux configs to support 2.6.14 post-devfs
kernels.
* Did away with the kernel_specific pkg-lists directories.
+ * Back to managing localudebs with apt. To support secure apt,
+ authentication is disabled and a warning printed if there are any udebs
+ in the localudebs directory. During an official build there will not be
+ any and the downloaded udebs will be properly authenticated.
-- Joey Hess <joeyh at debian.org> Tue, 15 Nov 2005 17:23:56 -0500
More information about the d-i-commits
mailing list