diff options
-rw-r--r-- | Makefile | 8 | ||||
-rw-r--r-- | arch-nspawn.in | 2 | ||||
-rw-r--r-- | archbuild.in | 7 | ||||
-rw-r--r-- | commitpkg.in | 7 | ||||
-rw-r--r-- | lib/archroot.sh | 6 | ||||
-rw-r--r-- | lib/common.sh | 100 | ||||
-rw-r--r-- | lib/valid-tags.sh | 19 | ||||
-rw-r--r-- | makechrootpkg.in | 64 | ||||
-rw-r--r-- | makepkg-i686.conf | 150 | ||||
-rw-r--r-- | zsh_completion.in | 2 |
10 files changed, 67 insertions, 298 deletions
@@ -1,4 +1,4 @@ -V=20170911 +V=20171108 PREFIX = /usr/local @@ -19,7 +19,6 @@ BINPROGS = \ makechrootpkg CONFIGFILES = \ - makepkg-i686.conf \ makepkg-x86_64.conf \ pacman-extra.conf \ pacman-testing.conf \ @@ -45,18 +44,13 @@ COMMITPKG_LINKS = \ gnome-unstablepkg ARCHBUILD_LINKS = \ - extra-i686-build \ extra-x86_64-build \ - testing-i686-build \ testing-x86_64-build \ - staging-i686-build \ staging-x86_64-build \ multilib-build \ multilib-testing-build \ multilib-staging-build \ - kde-unstable-i686-build \ kde-unstable-x86_64-build \ - gnome-unstable-i686-build \ gnome-unstable-x86_64-build CROSSREPOMOVE_LINKS = \ diff --git a/arch-nspawn.in b/arch-nspawn.in index a225c1a..7f778be 100644 --- a/arch-nspawn.in +++ b/arch-nspawn.in @@ -118,6 +118,6 @@ esac exec ${CARCH:+setarch "$CARCH"} systemd-nspawn -q \ -D "$working_dir" \ -E "PATH=/usr/local/sbin:/usr/local/bin:/usr/bin" \ - --register=no --keep-unit \ + --register=no --keep-unit --as-pid2 \ "${mount_args[@]}" \ "$@" diff --git a/archbuild.in b/archbuild.in index 8339aef..1e5b582 100644 --- a/archbuild.in +++ b/archbuild.in @@ -39,7 +39,7 @@ while getopts 'hcr:' arg; do esac done -check_root +check_root SOURCE_DATE_EPOCH # Pass all arguments after -- right to makepkg makechrootpkg_args+=("${@:$OPTIND}") @@ -74,5 +74,10 @@ else pacman -Syu --noconfirm || abort fi +# Always build official packages reproducibly +if [[ ! -v SOURCE_DATE_EPOCH ]]; then + export SOURCE_DATE_EPOCH=$(date +%s) +fi + msg "Building in chroot for [%s] (%s)..." "${repo}" "${arch}" exec makechrootpkg -r "${chroots}/${repo}-${arch}" "${makechrootpkg_args[@]}" diff --git a/commitpkg.in b/commitpkg.in index 53b6612..3fc3fa6 100644 --- a/commitpkg.in +++ b/commitpkg.in @@ -189,12 +189,11 @@ if [[ ${#uploads[*]} -gt 0 ]]; then fi if [[ "${arch[*]}" == 'any' ]]; then - if [[ -d ../repos/$repo-i686 && -d ../repos/$repo-x86_64 ]]; then + if [[ -d ../repos/$repo-x86_64 ]]; then pushd ../repos/ >/dev/null - stat_busy "Removing %s and %s" "$repo-i686" "$repo-x86_64" - svn rm -q "$repo-i686" + stat_busy "Removing %s" "$repo-x86_64" svn rm -q "$repo-x86_64" - svn commit -q -m "Removed $repo-i686 and $repo-x86_64 for $pkgname" + svn commit -q -m "Removed $repo-x86_64 for $pkgname" stat_done popd >/dev/null fi diff --git a/lib/archroot.sh b/lib/archroot.sh index 98fd2cf..f279603 100644 --- a/lib/archroot.sh +++ b/lib/archroot.sh @@ -6,13 +6,15 @@ CHROOT_VERSION='v4' ## -# usage : check_root +# usage : check_root $keepenv ## orig_argv=("$0" "$@") check_root() { + local keepenv=$1 + (( EUID == 0 )) && return if type -P sudo >/dev/null; then - exec sudo -- "${orig_argv[@]}" + exec sudo --preserve-env=$keepenv -- "${orig_argv[@]}" else exec su root -c "$(printf ' %q' "${orig_argv[@]}")" fi diff --git a/lib/common.sh b/lib/common.sh index 118a06c..a0796bb 100644 --- a/lib/common.sh +++ b/lib/common.sh @@ -9,6 +9,9 @@ [[ -z ${_INCLUDE_COMMON_SH:-} ]] || return 0 _INCLUDE_COMMON_SH=true +# shellcheck disable=1091 +. /usr/share/makepkg/util.sh + [[ -n ${TEXTDOMAIN:-} ]] || export TEXTDOMAIN='libretools' [[ -n ${TEXTDOMAINDIR:-} ]] || export TEXTDOMAINDIR='/usr/share/locale' @@ -25,56 +28,12 @@ _l() { shopt -s extglob # check if messages are to be printed using color -declare ALL_OFF='' BOLD='' BLUE='' GREEN='' RED='' YELLOW='' if [[ -t 2 ]]; then - # prefer terminal safe colored and bold text when tput is supported - if tput setaf 0 &>/dev/null; then - ALL_OFF="$(tput sgr0)" - BOLD="$(tput bold)" - BLUE="${BOLD}$(tput setaf 4)" - GREEN="${BOLD}$(tput setaf 2)" - RED="${BOLD}$(tput setaf 1)" - YELLOW="${BOLD}$(tput setaf 3)" - else - ALL_OFF="\e[1;0m" - BOLD="\e[1;1m" - BLUE="${BOLD}\e[1;34m" - GREEN="${BOLD}\e[1;32m" - RED="${BOLD}\e[1;31m" - YELLOW="${BOLD}\e[1;33m" - fi + colorize +else + # shellcheck disable=2034 + declare -gr ALL_OFF='' BOLD='' BLUE='' GREEN='' RED='' YELLOW='' fi -readonly ALL_OFF BOLD BLUE GREEN RED YELLOW - -plain() { - local mesg; mesg="$(_ "$1")"; shift - # shellcheck disable=2059 - printf "${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 -} - -msg() { - local mesg; mesg="$(_ "$1")"; shift - # shellcheck disable=2059 - printf "${GREEN}==>${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 -} - -msg2() { - local mesg; mesg="$(_ "$1")"; shift - # shellcheck disable=2059 - printf "${BLUE} ->${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 -} - -warning() { - local mesg; mesg="$(_ "$1")"; shift - # shellcheck disable=2059 - printf "${YELLOW}==> WARNING:${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 -} - -error() { - local mesg; mesg="$(_ "$1")"; shift - # shellcheck disable=2059 - printf "${RED}==> ERROR:${ALL_OFF}${BOLD} ${mesg}${ALL_OFF}\n" "$@" >&2 -} stat_busy() { local mesg; mesg="$(_ "$1")"; shift @@ -124,51 +83,6 @@ die() { } ## -# usage : in_array( $needle, $haystack ) -# return : 0 - found -# 1 - not found -## -in_array() { - local needle=$1; shift - local item - for item in "$@"; do - [[ $item = "$needle" ]] && return 0 # Found - done - return 1 # Not Found -} - -## -# usage : get_full_version( [$pkgname] ) -# return : full version spec, including epoch (if necessary), pkgver, pkgrel -## -get_full_version() { - # set defaults if they weren't specified in buildfile - local pkgbase=${pkgbase:-${pkgname[0]}} - local epoch=${epoch:-0} - local pkgver=${pkgver} - local pkgrel=${pkgrel} - if [[ -z $1 ]]; then - if (( ! epoch )); then - printf '%s\n' "$pkgver-$pkgrel" - else - printf '%s\n' "$epoch:$pkgver-$pkgrel" - fi - else - local pkgver_override='' pkgrel_override='' epoch_override='' - for i in pkgver pkgrel epoch; do - local indirect="${i}_override" - eval "$(declare -f "package_$1" | sed -n "s/\(^[[:space:]]*$i=\)/${i}_override=/p")" - [[ -z ${!indirect} ]] && eval ${indirect}=\"${!i}\" - done - if (( ! epoch_override )); then - printf '%s\n' "$pkgver_override-$pkgrel_override" - else - printf '%s\n' "$epoch_override:$pkgver_override-$pkgrel_override" - fi - fi -} - -## # usage : lock( $fd, $file, $message, [ $message_arguments... ] ) ## lock() { diff --git a/lib/valid-tags.sh b/lib/valid-tags.sh index 2916dc7..3cfe046 100644 --- a/lib/valid-tags.sh +++ b/lib/valid-tags.sh @@ -4,23 +4,22 @@ # shellcheck disable=2034 _arch=( - i686 x86_64 any ) # shellcheck disable=2034 _tags=( - core-i686 core-x86_64 core-any - extra-i686 extra-x86_64 extra-any + core-x86_64 core-any + extra-x86_64 extra-any multilib-x86_64 - staging-i686 staging-x86_64 staging-any - testing-i686 testing-x86_64 testing-any + staging-x86_64 staging-any + testing-x86_64 testing-any multilib-testing-x86_64 multilib-staging-x86_64 - community-i686 community-x86_64 community-any - community-staging-i686 community-staging-x86_64 community-staging-any - community-testing-i686 community-testing-x86_64 community-testing-any - kde-unstable-i686 kde-unstable-x86_64 kde-unstable-any - gnome-unstable-i686 gnome-unstable-x86_64 gnome-unstable-any + community-x86_64 community-any + community-staging-x86_64 community-staging-any + community-testing-x86_64 community-testing-any + kde-unstable-x86_64 kde-unstable-any + gnome-unstable-x86_64 gnome-unstable-any ) diff --git a/makechrootpkg.in b/makechrootpkg.in index 5511002..ccdcebc 100644 --- a/makechrootpkg.in +++ b/makechrootpkg.in @@ -15,29 +15,6 @@ m4_include(lib/archroot.sh) shopt -s nullglob -init_variables() { - default_makepkg_args=(--syncdeps --noconfirm --log --holdver --skipinteg) - makepkg_args=("${default_makepkg_args[@]}") - keepbuilddir=false - update_first=false - clean_first=false - run_namcap=false - temp_chroot=false - chrootdir= - passeddir= - makepkg_user= - declare -ga install_pkgs - declare -gi ret=0 - - bindmounts_ro=() - bindmounts_rw=() - - copy=$USER - [[ -n ${SUDO_USER:-} ]] && copy=$SUDO_USER - [[ -z "$copy" || $copy = root ]] && copy=copy - src_owner=${SUDO_USER:-$USER} -} - usage() { echo "Usage: ${0##*/} [options] -r <chrootdir> [--] [makepkg args]" echo ' Run this script in a PKGBUILD dir to build a package inside a' @@ -247,6 +224,7 @@ Server = file:///repo { printf '#!/bin/bash\n' declare -f _chrootbuild + declare -p SOURCE_DATE_EPOCH 2>/dev/null printf '_chrootbuild "$@" || exit\n' if $run_namcap; then @@ -260,18 +238,26 @@ Server = file:///repo # These functions aren't run in makechrootpkg, # so no global variables _chrootprepare() { + # No coredumps + ulimit -c 0 + # shellcheck source=/dev/null . /etc/profile + # Beware, there are some stupid arbitrary rules on how you can # use "$" in arguments to commands with "sudo -i". ${foo} or # ${1} is OK, but $foo or $1 isn't. # https://bugzilla.sudo.ws/show_bug.cgi?id=765 - sudo -iu builduser bash -c 'cd /startdir; makepkg "$@" --nobuild' -bash "$@" + sudo --preserve-env=SOURCE_DATE_EPOCH -iu builduser bash -c 'cd /startdir; makepkg "$@" --nobuild' -bash "$@" } _chrootbuild() { + # No coredumps + ulimit -c 0 + # shellcheck source=/dev/null . /etc/profile + local srcext srcext="$( # shellcheck source=makepkg-x86_64.conf @@ -285,12 +271,13 @@ _chrootbuild() { fi printf '%s\n' "-$pkgarch$SRCEXT" )" || return + # Beware, there are some stupid arbitrary rules on how you can # use "$" in arguments to commands with "sudo -i". ${foo} or # ${1} is OK, but $foo or $1 isn't. # https://bugzilla.sudo.ws/show_bug.cgi?id=765 - sudo -iu builduser bash -c 'cd /startdir; SRCEXT="${1}" makepkg "${@:2}" --allsource' -bash "$srcext" "$@" || return - sudo -iu builduser bash -c 'cd /startdir; makepkg "$@" --noextract --noprepare' -bash "$@" + sudo --preserve-env=SOURCE_DATE_EPOCH -iu builduser bash -c 'cd /startdir; SRCEXT="${1}" makepkg "${@:2}" --allsource' -bash "$srcext" "$@" || return + sudo --preserve-env=SOURCE_DATE_EPOCH -iu builduser bash -c 'cd /startdir; makepkg "$@" --noextract --noprepare' -bash "$@" } _chrootnamcap() { @@ -304,7 +291,6 @@ _chrootnamcap() { # Usage: download_sources $copydir $makepkg_user # Globals: # - SRCDEST -# - USER download_sources() { local copydir=$1 local makepkg_user=$2 @@ -326,6 +312,7 @@ download_sources() { # Globals: # - PKGDEST # - LOGDEST +# - SRCPKGDEST move_products() { local copydir=$1 local src_owner=$2 @@ -361,7 +348,26 @@ move_products() { # }}} main() { - init_variables + default_makepkg_args=(--syncdeps --noconfirm --log --holdver --skipinteg) + makepkg_args=("${default_makepkg_args[@]}") + keepbuilddir=false + update_first=false + clean_first=false + run_namcap=false + temp_chroot=false + chrootdir= + passeddir= + makepkg_user= + declare -a install_pkgs + declare -i ret=0 + + bindmounts_ro=() + bindmounts_rw=() + + copy=$USER + [[ -n ${SUDO_USER:-} ]] && copy=$SUDO_USER + [[ -z "$copy" || $copy = root ]] && copy=copy + src_owner=${SUDO_USER:-$USER} while getopts 'hcur:I:l:nTD:d:U:' arg; do case "$arg" in @@ -383,7 +389,7 @@ main() { [[ -n $makepkg_user && -z $(id -u "$makepkg_user") ]] && die 'Invalid makepkg user.' makepkg_user=${makepkg_user:-${SUDO_USER:-$USER}} - check_root + check_root SOURCE_DATE_EPOCH # Canonicalize chrootdir, getting rid of trailing / chrootdir=$(readlink -e "$passeddir") diff --git a/makepkg-i686.conf b/makepkg-i686.conf deleted file mode 100644 index f7ea2c2..0000000 --- a/makepkg-i686.conf +++ /dev/null @@ -1,150 +0,0 @@ -#!/hint/bash -# shellcheck disable=2034 - -# -# /etc/makepkg.conf -# - -######################################################################### -# SOURCE ACQUISITION -######################################################################### -# -#-- The download utilities that makepkg should use to acquire sources -# Format: 'protocol::agent' -DLAGENTS=('ftp::/usr/bin/curl -fC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u' - 'http::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' - 'https::/usr/bin/curl -fLC - --retry 3 --retry-delay 3 -o %o %u' - 'rsync::/usr/bin/rsync --no-motd -z %u %o' - 'scp::/usr/bin/scp -C %u %o') - -# Other common tools: -# /usr/bin/snarf -# /usr/bin/lftpget -c -# /usr/bin/wget - -#-- The package required by makepkg to download VCS sources -# Format: 'protocol::package' -VCSCLIENTS=('bzr::bzr' - 'git::git' - 'hg::mercurial' - 'svn::subversion') - -######################################################################### -# ARCHITECTURE, COMPILE FLAGS -######################################################################### -# -CARCH="i686" -CHOST="i686-pc-linux-gnu" - -#-- Compiler and Linker Flags -# -march (or -mcpu) builds exclusively for an architecture -# -mtune optimizes for an architecture, but builds for whole processor family -CPPFLAGS="-D_FORTIFY_SOURCE=2" -CFLAGS="-march=i686 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt" -CXXFLAGS="-march=i686 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt" -LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now" -#-- Make Flags: change this for DistCC/SMP systems -#MAKEFLAGS="-j2" -#-- Debugging flags -DEBUG_CFLAGS="-g -fvar-tracking-assignments" -DEBUG_CXXFLAGS="-g -fvar-tracking-assignments" - -######################################################################### -# BUILD ENVIRONMENT -######################################################################### -# -# Defaults: BUILDENV=(!distcc color !ccache check !sign) -# A negated environment option will do the opposite of the comments below. -# -#-- distcc: Use the Distributed C/C++/ObjC compiler -#-- color: Colorize output messages -#-- ccache: Use ccache to cache compilation -#-- check: Run the check() function if present in the PKGBUILD -#-- sign: Generate PGP signature file -# -BUILDENV=(!distcc color !ccache check !sign) -# -#-- If using DistCC, your MAKEFLAGS will also need modification. In addition, -#-- specify a space-delimited list of hosts running in the DistCC cluster. -#DISTCC_HOSTS="" -# -#-- Specify a directory for package building. -#BUILDDIR=/tmp/makepkg - -######################################################################### -# GLOBAL PACKAGE OPTIONS -# These are default values for the options=() settings -######################################################################### -# -# Default: OPTIONS=(strip docs !libtool !staticlibs emptydirs zipman purge !optipng !upx !debug) -# A negated option will do the opposite of the comments below. -# -#-- strip: Strip symbols from binaries/libraries -#-- docs: Save doc directories specified by DOC_DIRS -#-- libtool: Leave libtool (.la) files in packages -#-- staticlibs: Leave static library (.a) files in packages -#-- emptydirs: Leave empty directories in packages -#-- zipman: Compress manual (man and info) pages in MAN_DIRS with gzip -#-- purge: Remove files specified by PURGE_TARGETS -#-- upx: Compress binary executable files using UPX -#-- optipng: Optimize PNG images with optipng -#-- debug: Add debugging flags as specified in DEBUG_* variables -# -OPTIONS=(strip docs !libtool !staticlibs emptydirs zipman purge !optipng !upx !debug) - -#-- File integrity checks to use. Valid: md5, sha1, sha256, sha384, sha512 -INTEGRITY_CHECK=(md5) -#-- Options to be used when stripping binaries. See `man strip' for details. -STRIP_BINARIES="--strip-all" -#-- Options to be used when stripping shared libraries. See `man strip' for details. -STRIP_SHARED="--strip-unneeded" -#-- Options to be used when stripping static libraries. See `man strip' for details. -STRIP_STATIC="--strip-debug" -#-- Manual (man and info) directories to compress (if zipman is specified) -MAN_DIRS=({usr{,/local}{,/share},opt/*}/{man,info}) -#-- Doc directories to remove (if !docs is specified) -DOC_DIRS=(usr/{,local/}{,share/}{doc,gtk-doc} opt/*/{doc,gtk-doc}) -#-- Files to be removed from all packages (if purge is specified) -PURGE_TARGETS=(usr/{,share}/info/dir .packlist *.pod) - -######################################################################### -# PACKAGE OUTPUT -######################################################################### -# -# Default: put built package and cached source in build directory -# -#-- Destination: specify a fixed directory where all packages will be placed -#PKGDEST=/home/packages -#-- Source cache: specify a fixed directory where source files will be cached -#SRCDEST=/home/sources -#-- Source packages: specify a fixed directory where all src packages will be placed -#SRCPKGDEST=/home/srcpackages -#-- Log files: specify a fixed directory where all log files will be placed -#LOGDEST=/home/makepkglogs -#-- Packager: name/email of the person or organization building packages -#PACKAGER="John Doe <john@doe.com>" -#-- Specify a key to use for package signing -#GPGKEY="" - -######################################################################### -# COMPRESSION DEFAULTS -######################################################################### -# -COMPRESSGZ=(gzip -c -f -n) -COMPRESSBZ2=(bzip2 -c -f) -COMPRESSXZ=(xz -c -z -) -COMPRESSLRZ=(lrzip -q) -COMPRESSLZO=(lzop -q) -COMPRESSZ=(compress -c -f) - -######################################################################### -# EXTENSION DEFAULTS -######################################################################### -# -# WARNING: Do NOT modify these variables unless you know what you are -# doing. -# -PKGEXT='.pkg.tar.xz' -SRCEXT='.src.tar.gz' - -# vim: set ft=sh ts=2 sw=2 et: diff --git a/zsh_completion.in b/zsh_completion.in index 0f95a4c..3bd4c4d 100644 --- a/zsh_completion.in +++ b/zsh_completion.in @@ -1,4 +1,4 @@ -#compdef archbuild archco arch-nspawn archrelease archrm commitpkg finddeps makechrootpkg mkarchroot rebuildpkgs extrapkg=commitpkg corepkg=commitpkg testingpkg=commitpkg stagingpkg=commitpkg communitypkg=commitpkg community-testingpkg=commitpkg community-stagingpkg=commitpkg multilibpkg=commitpkg multilib-testingpkg=commitpkg extra-i686-build=archbuild extra-x86_64-build=archbuild testing-i686-build=archbuild testing-x86_64-build=archbuild staging-i686-build=archbuild staging-x86_64-build=archbuild multilib-build=archbuild multilib-testing-build=archbuild multilib-staging-build=archbuild kde-unstable-i686-build=archbuild kde-unstable-x86_64-build=archbuild gnome-unstable-i686-build=archbuild gnome-unstable-x86_64-build=archbuild communityco=archco +#compdef archbuild archco arch-nspawn archrelease archrm commitpkg finddeps makechrootpkg mkarchroot rebuildpkgs extrapkg=commitpkg corepkg=commitpkg testingpkg=commitpkg stagingpkg=commitpkg communitypkg=commitpkg community-testingpkg=commitpkg community-stagingpkg=commitpkg multilibpkg=commitpkg multilib-testingpkg=commitpkg extra-x86_64-build=archbuild testing-x86_64-build=archbuild staging-x86_64-build=archbuild multilib-build=archbuild multilib-testing-build=archbuild multilib-staging-build=archbuild kde-unstable-x86_64-build=archbuild gnome-unstable-x86_64-build=archbuild communityco=archco # License: Unspecified m4_include(lib/valid-tags.sh) |