summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-01-03makechrootpkg: Put "keyserver-options auto-key-retrieve" in gpg.confLuke Shumaker
This allows signature verification by `makepkg --verifysource`, `git verify-tag`, and such without requiring the user to manually retrieve the keys first. This is based off of devtools32 commit 009695b (2017-06-27) by Erich Eckner <git@eckner.net>. There are 2 differences from that commit: - In this version, gpg.conf is owned by builduser, not by root - In this version, we don't keep appending duplicate lines if we re-use a chroot
2018-01-03makechrootpkg: Adjust to work properly with `set -e`Luke Shumaker
This worked properly until eab5aba.
2018-01-03lib/common.sh: Adjust to work properly with `set -u`Luke Shumaker
Support for working with `set -u` was broken by 94160d6. Egg on my face; I'm the one who wants `set -u` support, and I'm the author of that commit! libmakepkg does not work with `set -u`; but mostly because of the include guards! So we just need to temporarily disable `set -u` (nounset) while loading libmakepkg. Instead of introducing a new variable, just store the initial nounset status in _INCLUDE_COMMON_SH; rather than a useless fixed-string "true". While we're at it, disable POSIX-mode (just in case we're running as "sh" instead of "bash"), since libmakepkg uses bash-isms that won't parse in POSIX mode.
2018-01-03arch-nspawn: Remove pointless $(echo ...) subshellLuke Shumaker
2018-01-03makechrootpkg: Fix anti-pattern when checking for enabled featuresEli Schwartz
Don't use error-prone logic e.g. foo=true; if $foo ... This completely fails to act as expected when the variable is unset because of unrelated bugs. While this merely causes the default behavior to be "false" rather than "true" in such cases, it is better to fail to enable explicitly requested behavior (which will be noticed by the user) than to simply upgrade to this behavior for free (which may not seem to have any obvious cause). Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Reviewed-by: Luke Shumaker <lukeshu@parabola.nu>
2018-01-03makechrootpkg: Fix unconditionally running namcapEli Schwartz
Fixes regression in 2fd5931a8c67289a8a4acd327b3ce99a5d64c8c7 $run_namcap will always be set to "" `if $not_a_var; then ...; fi` is always truthful when $not_a_var is unset or equal to "" and the `then` clause will always be run. I'm not sure why global state variables need to be cloned locally for their sole explicit purpose. But for now this patch implements the minimum necessary work to properly pass the "do I want namcap" variable into prepare_chroot() according to the current logic flow. Note that I have still not thorougly tested makechrootpkg. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Reviewed-by: Luke Shumaker <lukeshu@parabola.nu>
2018-01-03Merge branch 'archlinux'Luke Shumaker
2017-12-27Revert "makechrootpkg: Reopen console to assign the CTTY"Evangelos Foutras
This reverts commit ddd508efc083fc9beb6f2c96e2537521b31c1e6f. The underlying bug (FS#56529) was fixed in glibc 2.26-9.
2017-11-22Support reproducible buildsEli Schwartz
Recent development versions of makepkg support reproducible builds through the environment variable SOURCE_DATE_EPOCH. Pass this variable through makechrootpkg to makepkg when available. Also initialize SOURCE_DATE_EPOCH whenever running archbuild to enforce reproducible builds for repository packages. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2017-11-08Version 2017110820171108Bartłomiej Piotrowski
2017-11-08Remove i686 supportBartłomiej Piotrowski
2017-10-30use makepkg library instead of local function copiesLuke Shumaker
This mirrors dbscripts commit 625fa02 by Pierre Schmitz <pierre@archlinux.de> at 2017-04-18 14:20:49
2017-10-30makechrootpkg: Fix function usage commentsLuke Shumaker
A couple of the comments noting which globals are used by functions are outdated/wrong. - download_sources() : Remove USER from the list. It was always wrong. Originally, it should have been SUDO_USER (not USER), but I should have removed it entirely in 4f23609. - move_products() : Add SRCPKGDEST to the list. Though the commit adding the comment was only recently upstreamed (as 2fd5931), it originated in 2013 in a commit that has since been rebased many times. Anyway, in this rebasing, it missed move_products() starting to pay attention to SRCPKGDEST in fd1be1b (since nothing made git think there was a "conflict").
2017-10-30makechrootpkg: move init_variables() to be part of main()Luke Shumaker
The reason it wasn't moved before was just to keep the diffs (with --ignore-all-space) smaller, to make merging and rebasing work easier. Moving code around in a file tends to make that difficult. But, readability wise, it belongs in main().
2017-09-14makechrootpkg: Reopen console to assign the CTTYJan Alexander Steffens (heftig)
nspawn does not give us a controlling terminal, hence we ignore interrupts. Apparently this was lost in systemd at some point. Hack around this by reopening the console to make it the controlling terminal.
2017-09-14makechrootpkg: Prevent collecting coredumpsJan Alexander Steffens (heftig)
Coredumps from build chroots are not generally useful. Prevent them from being generated. Avoids a lot of annoyance from the GCC testsuite spawning lots of systemd-coredump processes. Just set the soft limit so the user can still raise it in the PKGBUILD if they insist.
2017-09-13Merge branch 'lukeshu/rebase/master'libretools-20170913Luke Shumaker
2017-09-13arch-nspawn: make sure that makepkg.conf is always parsed as textLuke Shumaker
https://lists.parabola.nu/pipermail/dev/2017-June/005576.html
2017-09-13common.sh: Add a find_cached_srcpackage counterpart to find_cached_packageLuke Shumaker
2017-09-13makechrootpkg: Also build --allsource packages.Luke Shumaker
It also sets SRCEXT="-$pkgarch$SRCEXT", so that two runs of makechrootpkg on different architectures don't overwrite eachothers source packages.
2017-09-13mkarchroot: Use librelib rather than PATH to find arch-nspawn.Luke Shumaker
2017-09-13lib/common.sh: Discourage use in favor of libremessages.Luke Shumaker
2017-09-13checkpkg, find-libdeps, finddeps, lddd: Use libremessages to add help text.Luke Shumaker
2017-09-13lib/common.sh: Internationalize.Luke Shumaker
2017-09-13makechrootpkg, arch-nspawn: Force-enable local '/repo/' repository.Luke Shumaker
The change in arch-nspawn is subtle: This was the source of "infamous" "it fails every other time" bug that took me over a year to solve. <https://labs.parabola.nu/issues/435> By having a repository of local packages (rather than simply running `pacman -U`), we are inviting pacman to cache them in `/var/cache/pacman/pkg`. Besides being needless disk writes, this actually causes a real issue. If the package gets rebuilt, pacman will balk, as the file no longer matches the cached signature. So, how do we prevent pacman from caching these local packages? Simple: include the directory they are already in in the pacman.conf:CacheDir list. This will prevent pacman from copying the files to one of the other cache directories.
2017-09-13arch-nspawn: add a table of CARCH/setarch overridesLuke Shumaker
The table is just armv7h->armv7l for now.
2017-09-13makechrootpkg: _chrootbuild: Split into _chroot{prepare,build}.Luke Shumaker
2017-09-13arch-nspawn: Message style: two spaces after a periodLuke Shumaker
This affects both the usage() text, and the error message if the `/.arch-chroot` version doesn't match. The latter is the one that I really care about, and motivates this change. On Parabola, the `arch-nspawn` program isn't in PATH, it's somewhere under `/usr/lib/`, and gets called as a helper to user-facing programs; and the error message is displayed directly to the user. These programs consistently put two spaces after a period when printing a message to the terminal.
2017-09-13Revert "arch-nspawn: Hack to give the inner process a controlling terminal"Jan Alexander Steffens (heftig)
Whoops, this will of course mess with nspawn arguments passed to arch-nspawn.
2017-09-13arch-nspawn: Hack to give the inner process a controlling terminalJan Alexander Steffens (heftig)
This was lost at some point.
2017-09-12arch-nspawn: Pass --as-pid2Jan Alexander Steffens (heftig)
As not all commands we run are capable of reaping processes correctly. For example, pacman is not.
2017-09-11Version 2017091120170911Sébastien Luttringer
2017-09-11arch-nspawn: Force PATH to be the Arch defaultSébastien Luttringer
systemd-nspawn use a default environ PATH value of: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Since filesystem 2017.08, this is no more overrided by /etc/profile to the Arch default: PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
2017-08-24makechrootpkg: Also look for -e as --noextractJan Alexander Steffens (heftig)
2017-08-24makechrootpkg: Prevent removing build dir when --noextract specifiedMartchus
2017-08-24arch-nspawn: Add --keep-unit to prevent scope conflictsJan Alexander Steffens (heftig)
2017-08-13Version 2017081320170813Jan Alexander Steffens (heftig)
2017-07-13makechrootpkg: Skip integrity checks inside the chrootJan Alexander Steffens (heftig)
We've already done these during download_sources().
2017-07-13makechrootpkg: Use long args for makepkgJan Alexander Steffens (heftig)
Slightly more verbose, but also more understandable.
2017-07-13makechrootpkg: Move makepkg-as-root check to main()Jan Alexander Steffens (heftig)
download_sources(), while the first invocation of makepkg, is a rather odd place for this kind of guard.
2017-07-05Merge branch 'lukeshu/rebase/master'libretools-20170705Luke Shumaker
2017-07-05arch-nspawn: make sure that makepkg.conf is always parsed as textLuke Shumaker
https://lists.parabola.nu/pipermail/dev/2017-June/005576.html
2017-07-05common.sh: Add a find_cached_srcpackage counterpart to find_cached_packageLuke Shumaker
2017-07-05makechrootpkg: Also build --allsource packages.Luke Shumaker
It also sets SRCEXT="-$pkgarch$SRCEXT", so that two runs of makechrootpkg on different architectures don't overwrite eachothers source packages.
2017-07-05mkarchroot: Use librelib rather than PATH to find arch-nspawn.Luke Shumaker
2017-07-05lib/common.sh: Discourage use in favor of libremessages.Luke Shumaker
2017-07-05checkpkg, find-libdeps, finddeps, lddd: Use libremessages to add help text.Luke Shumaker
2017-07-05lib/common.sh: Internationalize.Luke Shumaker
2017-07-05makechrootpkg, arch-nspawn: Force-enable local '/repo/' repository.Luke Shumaker
The change in arch-nspawn is subtle: This was the source of "infamous" "it fails every other time" bug that took me over a year to solve. <https://labs.parabola.nu/issues/435> By having a repository of local packages (rather than simply running `pacman -U`), we are inviting pacman to cache them in `/var/cache/pacman/pkg`. Besides being needless disk writes, this actually causes a real issue. If the package gets rebuilt, pacman will balk, as the file no longer matches the cached signature. So, how do we prevent pacman from caching these local packages? Simple: include the directory they are already in in the pacman.conf:CacheDir list. This will prevent pacman from copying the files to one of the other cache directories.
2017-07-05arch-nspawn: add a table of CARCH/setarch overridesLuke Shumaker
The table is just armv7h->armv7l for now.