This involves extending the signature of lib/common.sh's `stat_busy()`,
`lock()`, and `slock()`. The `mesg=$1; shift` in stat_busy even suggests
that this is what was originally intended from it.
In cases where there is no license specified, the file is tagged as
"License: Unspecified". Obviously, that is not ideal, but it
highlights the fact, and I hope that it encourages whoever has the
authority to specify the license to do so.
On that note, to anyone who may have the authority to specify the
license of files in devtools: the current licence of many files is
GPLv2 with no option for later versions; I impore you to re-license
them to have the "or any later version" option.
`lock_close FD` is easier to remember than 'exec FD>&-`; and is especially
easier if FD is a variable (though that isn't actually taken advantage of
here).
This uses Bash 4.1+ `exec {var}>&-`, rather than the clunkier
`eval exec "$var>&-"` that was necessary in older versions of Bash.
Thanks to Dave Reisner for pointing this new bit of syntax out to me
the last time I submitted this (back in 2014, 4.1 had just come out).
The systemd package creates a subvolume at /var/lib/machines (through
tmpfiles), if it can. We need to delete this subvolume before we can
delete the parent subvolume.
Look through the root for inodes with the number 256. These identify
subvolume roots.
The way in which makechrootpkg reads variables from makepkg.conf(5) is
different from makepkg, in that it reads a subset of defined
variables, and only if the were not set in the environment before.
Mention this in the usage text.
Fixes FS#44827
This removes the preservation of HOME being /build just for the pacman
sudo call. Former leads to unbuildable packages when an to be installed
dependency writes something into the HOME dir (f.e. .config). The
resulting directories won't be writable by the builduser as they are
owned by root:root and ultimately will fail to build anything that
requires so.
The gnustep-base package ships a profile.d script that adds
"$HOME/GNUstep/Tools" to the PATH, which breaks when the user changes
and causes meson to exit with a "permission denied" error.
Copy both UID and primary GID of the invoker to the builduser. Mount
srcdest and startdir read-write.
v2: Fixed GnuPG keyring owner and moved running namcap from a heredoc
to a function.
This way the HOME dir is writable and no ugly hacks are required
in the PKGBUILD if $HOME is accessed (f.e. maven, gradle and also
some python tests etc.)
This is needed in order to use GPG's auto-key-retrieve keyserver option,
otherwise the keyring will get copied to the chroot before the required
keys are retrieved during 'makepkg --verifysource'.
Chances are that pubring.kbx has been created by gpgsm but pubring.gpg
is still around with valid data. We do not know what file contains what
we need, so just copy both.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
In collaborative builder machine, these scripts are often allowed to become root
via sudo. This patch avoid to prefix them by sudo each time or call su.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
If getopts comes across an unknown argument, $arg it set to '?' and
$OPTARG is unset. Therefore the getopts line detecting unknown arguments
doesn't work. Arguments to pass to makepkg are already handled by
passing all the aguments after the end-of-options marker (--), but this
wasn't documented in the usage text.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
We shouldn't be in the business of reparsing makepkg's arguments, but
since we have to treat the case of repackaging separately, do a better
job of trying to find signs of it happening. This change lets you pass
the longopt, --repackage, or multiple shortopts such as -RA, and still
get the intended effect.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Piggyback on systemd-nspawn's --bind and --bind-ro flags to allow
arbitrary mount points to be added to the build container.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Now that die() properly forwards arguments to error(), we can expect
that the first arg is a format string and not the entirety of the
output.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
- Ensure sources are available before entering chroot
- Bind STARTDIR and SRCDEST into the chroot read-only
- Refactor makechrootpkg and introduce meaningful functions
Avoids copying stuff from/to the chroot as much as possible. With
VCS sources these copies can get quite expensive.
Reduces code duplication.
With makechrootpkg not calling mkarchroot anymore,
the lock handover protocol is unneeded.
arch-nspawn does not do any locking, so add protection to archbuild.
Separates the two features of mkarchroot. Provides users of the new
arch-nspawn with the full feature set of systemd-nspawn.
For example, this can be used to bind custom directories into the chroot.
Add option -T to build in a temporary chroot. This apply to any kind of
filesytem and allow to easily parrallelize builds.
This patch also simplify how $default_copy and $copy are defined.
Signed-off-by: Sébastien Luttringer <seblu@seblu.net>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Move detection of chrootdir type after have check if the directory exists.
This avoid the following messages when -r is not given
stat: cannot read file system information for '': No such file or directory
Signed-off-by: Sébastien Luttringer <seblu@seblu.net>
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>