In commit 40a90e2cab we tried to protect
against system umasks resulting in unreadable chroots. However, we tried
to do this in a targeted manner due to not wanting to fiddle with
permissions for user-owned files. Unfortuantely, mkdir -p -m755 does not
actually work that way -- the parent directory is created with broken
permissions. We need umask.
Run umask and mkdir in a subshell to prevent leakage.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Cache previous versions required for checkpkg via pacman to avoid
multiple downloads when running multiple times.
In case we can't download the packages, like while building out of repo
packages, print a warning instead of running checkpkg
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
When mixing and matching different repos and architectures not present
in mainline archlinux, it is sometimes desirable to set up differing
presets with more granularity than devtools currently allows.
One example of this is when building for architectures that are only
supported by another project -- in order to coexist on a mainline
archlinux host, a different mirrorlist needs to be used.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Packages should never be getting downgraded... unless a package is
pulled from testing, e.g. for example if gcc9 totally breaks the linux
kernel. In such cases, the master repo says there is a downgrade, so
we'd better go with that. Basically, ensure that packages match the repo
they are being built against. Consistency at all costs!
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
If a user umask is restrictive, a chroot may be created as root without the
ability for the user to read it, which then causes makepkg
--verifysource to fail.
Do not set this in lib/common.sh, where it would apply to all scripts,
as we do not want to override the user's policy for things like $SRCDEST
files, svn checkouts, etc.
Fixes FS#47625
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
Les us source makepkg.conf settings from the environemnt. This also includes
`GNUPGHOME` which is present in `makechrootpkg`, but not included in archbuild.
Signed-off-by: Morten Linderud <foxboron@archlinux.org>
Recent development versions of makepkg support reproducible builds
through the environment variable SOURCE_DATE_EPOCH. Pass this variable
through makechrootpkg to makepkg when available.
Also initialize SOURCE_DATE_EPOCH whenever running archbuild to enforce
reproducible builds for repository packages.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
This involves extending the signature of lib/common.sh's `stat_busy()`,
`lock()`, and `slock()`. The `mesg=$1; shift` in stat_busy even suggests
that this is what was originally intended from it.
In cases where there is no license specified, the file is tagged as
"License: Unspecified". Obviously, that is not ideal, but it
highlights the fact, and I hope that it encourages whoever has the
authority to specify the license to do so.
On that note, to anyone who may have the authority to specify the
license of files in devtools: the current licence of many files is
GPLv2 with no option for later versions; I impore you to re-license
them to have the "or any later version" option.
`lock_close FD` is easier to remember than 'exec FD>&-`; and is especially
easier if FD is a variable (though that isn't actually taken advantage of
here).
This uses Bash 4.1+ `exec {var}>&-`, rather than the clunkier
`eval exec "$var>&-"` that was necessary in older versions of Bash.
Thanks to Dave Reisner for pointing this new bit of syntax out to me
the last time I submitted this (back in 2014, 4.1 had just come out).
The systemd package creates a subvolume at /var/lib/machines (through
tmpfiles), if it can. We need to delete this subvolume before we can
delete the parent subvolume.
Look through the root for inodes with the number 256. These identify
subvolume roots.
It tried to lock `$copydir.lock`, which was the ONLY mention of $copydir in
the entire file. Surely it meant `$copy.lock`; the line was probably
originally copy/pasted from makechrootpkg or similar, where $copydir is
used.
In collaborative builder machine, these scripts are often allowed to become root
via sudo. This patch avoid to prefix them by sudo each time or call su.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Reduces code duplication.
With makechrootpkg not calling mkarchroot anymore,
the lock handover protocol is unneeded.
arch-nspawn does not do any locking, so add protection to archbuild.
Separates the two features of mkarchroot. Provides users of the new
arch-nspawn with the full feature set of systemd-nspawn.
For example, this can be used to bind custom directories into the chroot.
Since TODO [1] which state:
It would be good for base-devel to install everything needed for a build chroot
we can remove base and sudo
[1] https://www.archlinux.org/todo/add-more-to-base-devel/
Signed-off-by: Sébastien Luttringer <seblu@seblu.net>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
This will allow, by example, to easily build a package with a custom pkg.
staging-x86_64-build -- -cI /var/cache/pacman/pkg/ldoc-1.2.0-1-any.pkg.tar.xz
staging-x86_64-build -- -n
Signed-off-by: Sébastien Luttringer <seblu@seblu.net>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
The usage messages now begins with a "Usage:", i.e. capitalized and with a colon. Fixes FS#26956.
Signed-off-by: Eric Bélanger <snowmaniscool@gmail.com>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
This fixes a compound command such as the one below from continuing even
if the first fails.
extra-x86_64-build && extra-i686-build
The problem is that 'cleanup 0' is triggered in archbuild even after an
unsucessful call to makechrootpkg. Since both archbuild and
makechrootpkg share the exact same cleanup function (from lib/common),
we simply force the shell to exit with the true return value by exec'ing
the call to makechrootpkg.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
This build system overhaul allows for adding (define-style) macros to
our scripts. All source files are now suffixed with ".in" to clarify
that they might contain unprocessed defines. The Makefile provides a new
rule to preprocess source files and generate proper output scripts.
Also, add a "@pkgdatadir@" define (as used in GNU Autotools) and use it
instead of hardcoded paths to "/usr/share/devtools" everywhere. We
missed this when adding PREFIX support to the build system in commit
35fc83ce7d.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Eli Schwartz
Levente Polyak
Erich Eckner
Morten Linderud
Luke Shumaker
Jan Alexander Steffens (heftig)
Dave Reisner
Luke Shumaker
Sébastien Luttringer
Pierre Schmitz
Eric Bélanger
Dave Reisner
Lukas Fleischer