The bug isn't currently triggered, but I accidentally did trigger when I
was trying to modify the command a bit. I figure a "caution" sign would be
helpful to any future developers.
What this is really doing is fixing a conflict that I had incorrectly
resolved when rebasing what became 2fd5931 onto cda9cf4. Of course,
because of dynamic scoping, everything worked out, and everything worked as
intended.
Before cda9cf4, it was appropriate for download_sources to take src_owner
as an argument, but after cda9cf4, it is now appropriate to take
makepkg_user as an argument. However, it still takes src_owner as an
argument, but pays 0 attention to it; instead looking at makepkg_user which
it happily inherited because of dynamic scoping.
So change it to take makepkg_user as the argument.
This is inspired by the thought that went in to the delete_chroot
is_subvolume commit.
sync_chroot($chrootdir, $copydir) copies `$chrootdir/root` to `$copydir`.
That seems a little silly; why do we care about "$chrootdir"? Have it just
be sync_chroot(source, destination) like every other sync/copy command.
Where this becomes tricky is check to decide if we are going to use btrfs
subvolumes or not. We don't care if "$source/.." is on btrfs; the root
could be a directly-mounted subvolume, but and the destination could be
another subvolume of the same btrfs mounted somewhere else.
The things we do care about are:
- The source is a btrfs subvolume (so that we can snapshot it)
- The source is on the same filesystem as the directory that the copy will
be created in.
- If the destination exists:
* that it is not a mountpoint (so that we can delete and recreate it)
* that it is a btrfs subvolume (so that we can quickly delete it)
On the last point, it isn't necessary for creating the new snapshot, just
for quick deletion. That can be a separate check, where we use regular
`rm` for deleting the existing copy, but use subvolume snapshots for
creating the new one.
Also, shorten the "Synchronizing" message to only include the full path
to the copy if it was specified.
The capslocked variable names in the Usage comment were references to
things in Parabola's tools, that didn't make much sense here out of
context.
First of all, it ran `is_btrfs "$chrootdir"` to decide if it was on
btrfs, but $chrootdir wasn't defined locally; it just happens to work
because $chrootdir was defined in main(). (I noticed this because in
Parabola, it is called differently, so $chrootdir was empty).
So I was tempted to just change it to `is_btrfs "$copydir"`, but if
$copydir is just a regular directory on a btrfs filesystem, then it
It would leave much of $copydir intact. What we really care about is
if $copydir is a btrfs subvolume; which we can check by combining the
is_btrfs check with inspecting the inum of the directory.
I put this combined check in lib/archroot.sh:is_subvolume.
https://lists.archlinux.org/pipermail/arch-projects/2013-September/003901.html
This means wrapping variable initialization in init_variables(), and the
main program routine in main().
I did NOT put `shopt -s nullglob` in to a function.
It make make sense to move init_variables() down into the main()
function, instead of having it as a separate function up top (if this
done, then the `-g` flag passed to `declare` in init_variables() can
be dropped). However, in interest of keeping the `diff -w` small, and
merges/rebases simpler, this isn't done here.
In sync_chroot(), this makes the messages be a bit more precise with
exactly which thing they are syncing where. This is based on my users
expressing confusion at what is going on (especially when something is
taking a long time, and they have to blame something for blocking).
With these changes, I haven't gotten such confusion in a long time
(but maybe my users just got used to it).
In delete_chroot(), this changes "temporary copy" to "chroot copy",
since in Parabola's version of the tools, the function can get called
from other places, and it isn't necessarily operating on a temporary
copy.
Even though main() doesn't call `set -u`; this way the functions will
continue to work if copied into an environment with `set -u`, or so
that we are ready if we ever want to start using `set -u`.
Rather than them simply being named blocks of code with braces around
them.
That is: have them take things via arguments rather than global
variables.
Specific notes:
- create_chroot->sync_chroot:
I pulled out locking the destination chroot; getting that lock is
now the caller's responsibility. It still handles locking the
source chroot though.
I pulled the `if [[ ! -d $copydir ]] || $clean_first;` check out; it is
now the caller's responsibility to use that check when deciding if to
call sync_chroot.
However, when pulling that check out, I left it as `if true;`, to
keep an indentation level. This patch has had to be rebased/merged
many times, and changing the indentation is a sure way to make that
go less smoothly; I'm not going to re-indent this block until I see
the check removed in the git.archlinux.org/devtools.git repository.
- install_packages:
1. Receive the list of packages as arguments, rather than a global
variable.
2. Make the caller responsible for looking at PKGBUILD. From the
name and arguments, one would never expect it to look at PKGBUILD.
It was displaing the value of the `makepkg_args` variable, which may
have already been changed by the argument parsing by the time it gets
to `-h`. Now there is a separate `default_makepkg_args` variable.
This involves extending the signature of lib/common.sh's `stat_busy()`,
`lock()`, and `slock()`. The `mesg=$1; shift` in stat_busy even suggests
that this is what was originally intended from it.
In cases where there is no license specified, the file is tagged as
"License: Unspecified". Obviously, that is not ideal, but it
highlights the fact, and I hope that it encourages whoever has the
authority to specify the license to do so.
On that note, to anyone who may have the authority to specify the
license of files in devtools: the current licence of many files is
GPLv2 with no option for later versions; I impore you to re-license
them to have the "or any later version" option.
`lock_close FD` is easier to remember than 'exec FD>&-`; and is especially
easier if FD is a variable (though that isn't actually taken advantage of
here).
This uses Bash 4.1+ `exec {var}>&-`, rather than the clunkier
`eval exec "$var>&-"` that was necessary in older versions of Bash.
Thanks to Dave Reisner for pointing this new bit of syntax out to me
the last time I submitted this (back in 2014, 4.1 had just come out).
The systemd package creates a subvolume at /var/lib/machines (through
tmpfiles), if it can. We need to delete this subvolume before we can
delete the parent subvolume.
Look through the root for inodes with the number 256. These identify
subvolume roots.
The way in which makechrootpkg reads variables from makepkg.conf(5) is
different from makepkg, in that it reads a subset of defined
variables, and only if the were not set in the environment before.
Mention this in the usage text.
Fixes FS#44827
This removes the preservation of HOME being /build just for the pacman
sudo call. Former leads to unbuildable packages when an to be installed
dependency writes something into the HOME dir (f.e. .config). The
resulting directories won't be writable by the builduser as they are
owned by root:root and ultimately will fail to build anything that
requires so.
The gnustep-base package ships a profile.d script that adds
"$HOME/GNUstep/Tools" to the PATH, which breaks when the user changes
and causes meson to exit with a "permission denied" error.
Copy both UID and primary GID of the invoker to the builduser. Mount
srcdest and startdir read-write.
v2: Fixed GnuPG keyring owner and moved running namcap from a heredoc
to a function.
This way the HOME dir is writable and no ugly hacks are required
in the PKGBUILD if $HOME is accessed (f.e. maven, gradle and also
some python tests etc.)
This is needed in order to use GPG's auto-key-retrieve keyserver option,
otherwise the keyring will get copied to the chroot before the required
keys are retrieved during 'makepkg --verifysource'.
Chances are that pubring.kbx has been created by gpgsm but pubring.gpg
is still around with valid data. We do not know what file contains what
we need, so just copy both.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
In collaborative builder machine, these scripts are often allowed to become root
via sudo. This patch avoid to prefix them by sudo each time or call su.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Luke Shumaker
Jan Alexander Steffens (heftig)
Alad Wenter
Levente Polyak
NicoHood
Johannes Löthberg
Evangelos Foutras
Christian Hesse
Dave Reisner
Luke Shumaker
Sébastien Luttringer