@ -872,30 +872,11 @@ sub run_dpkg_progress {
}
}
sub run_apt_progress {
sub run_apt_progress {
my $options = shift;
my $options = shift;
my @debs = @{ $options->{PKGS} // [] };
my @debs = @{ $options->{PKGS} // [] };
my $tmpedsp;
if (exists $options->{EDSP_RES}) {
(undef, $tmpedsp) = tempfile(
"mmdebstrap.edsp.XXXXXXXXXXXX",
OPEN => 0,
TMPDIR => 1
);
}
my $get_exec = sub {
my $get_exec = sub {
my @prefix = ();
my @prefix = ();
my @opts = ();
my @opts = ();
if (exists $options->{EDSP_RES}) {
push @prefix, 'env', "APT_EDSP_DUMP_FILENAME=$tmpedsp";
if (-e "./proxysolver") {
# for development purposes, use the current directory if it
# contains a file called proxysolver
push @opts, ("-oDir::Bin::solvers=" . getcwd()),
'--solver=proxysolver';
} else {
push @opts, '--solver=mmdebstrap-dump-solution';
}
}
return (
return (
@prefix,
@prefix,
@{ $options->{ARGV} },
@{ $options->{ARGV} },
@ -950,36 +931,44 @@ sub run_apt_progress {
}
}
};
};
run_progress $get_exec, $line_handler, $line_has_error, $options->{CHDIR};
run_progress $get_exec, $line_handler, $line_has_error, $options->{CHDIR};
if (exists $options->{EDSP_RES}) {
return;
info "parsing EDSP results...";
}
open my $fh, '<', $tmpedsp
or error "failed to open $tmpedsp for reading: $!";
sub run_apt_download_progress {
my $inst = 0;
my $options = shift;
my $pkg;
my $tmplistofdebs;
my $ver;
if ($options->{dryrun}) {
while (my $line = <$fh>) {
info "simulate downloading packages with apt...";
chomp $line;
} else {
if ($line ne "") {
info "downloading packages with apt...";
if ($line =~ /^Install: \d+/) {
(undef, $tmplistofdebs) = tempfile(
$inst = 1;
"mmdebstrap.listofdebs.XXXXXXXXXXXX",
} elsif ($line =~ /^Package: (.*)/) {
OPEN => 0,
$pkg = $1;
TMPDIR => 1
} elsif ($line =~ /^Version: (.*)/) {
);
$ver = $1;
}
}
run_apt_progress({
next;
ARGV => [
}
'apt-get',
if ($inst == 1 && defined $pkg && defined $ver) {
'--yes',
push @{ $options->{EDSP_RES} }, [$pkg, $ver];
'-oDebug::pkgDpkgPm=1',
}
'-oDir::Log=/dev/null',
$inst = 0;
$options->{dryrun}
undef $pkg;
? '-oAPT::Get::Simulate=true'
undef $ver;
: "-oDpkg::Pre-Install-Pkgs::=cat > $tmplistofdebs",
}
@{ $options->{APT_ARGV} },
],
});
if ($tmplistofdebs) {
open my $fh, '<', $tmplistofdebs
or error "failed to open $tmplistofdebs for reading: $!";
my @listofdebs = <$fh>;
close $fh;
close $fh;
unlink $tmpedsp;
unlink $tmplistofdebs;
chomp(@listofdebs);
return @listofdebs;
}
}
return;
return [] ;
}
}
sub run_chroot {
sub run_chroot {
@ -2034,26 +2023,14 @@ sub run_update() {
sub run_download() {
sub run_download() {
my $options = shift;
my $options = shift;
# We use /var/cache/apt/archives/ to figure out which packages apt chooses
# to install. That's why the directory must be empty if:
# - /var/cache/apt/archives exists, and
# - no simulation run is done, and
# - the variant is not extract or custom or the number to be
# installed packages not zero
#
# We could also unconditionally use the proxysolver and then "apt-get
# download" any missing packages but using the proxysolver requires
# /usr/lib/apt/solvers/apt from the apt-utils package and we want to avoid
# that dependency.
#
# In the future we want to replace downloading packages with "apt-get
# In the future we want to replace downloading packages with "apt-get
# install --download-only " and installing them with dpkg by just installing
# install" and installing them with dpkg by just installing the essential
# the essential packages with apt from the outside with
# packages with apt from the outside with DPkg::Chroot-Directory.
# DPkg::Chroot-Directory. We are not doing that because then the preinst
# We are not doing that because then the preinst script of base-passwd will
# script of base-passwd will not be called early enough and packages will
# not be called early enough and packages will fail to install because they
# fail to install because they are missing /etc/passwd.
# are missing /etc/passwd.
my @cached_debs = ();
my @cached_debs = ();
my @dl_debs = () ;
my @dl_debs;
if (
if (
!$options->{dryrun}
!$options->{dryrun}
&& ((none { $_ eq $options->{variant} } ('extract', 'custom'))
&& ((none { $_ eq $options->{variant} } ('extract', 'custom'))
@ -2073,14 +2050,6 @@ sub run_download() {
push @cached_debs, $deb;
push @cached_debs, $deb;
}
}
closedir $dh;
closedir $dh;
if (scalar @cached_debs > 0) {
if (any { $_ eq 'download/empty' } @{ $options->{skip} }) {
info "skipping download/empty as requested";
} else {
error("/var/cache/apt/archives/ inside the chroot contains: "
. (join ', ', (sort @cached_debs)));
}
}
}
}
# To figure out the right package set for the apt variant we can use:
# To figure out the right package set for the apt variant we can use:
@ -2094,7 +2063,7 @@ sub run_download() {
info "nothing to download -- skipping...";
info "nothing to download -- skipping...";
return ([], []);
return ([], []);
}
}
my %pkgs_to_install ;
my @apt_argv = ['install'] ;
for my $incl (@{ $options->{include} }) {
for my $incl (@{ $options->{include} }) {
for my $pkg (split /[,\s]+/, $incl) {
for my $pkg (split /[,\s]+/, $incl) {
# strip leading and trailing whitespace
# strip leading and trailing whitespace
@ -2103,32 +2072,15 @@ sub run_download() {
if ($pkg eq '') {
if ($pkg eq '') {
next;
next;
}
}
$pkgs_to_install{$pkg} = () ;
push @apt_argv, $pkg ;
}
}
}
}
my %result = ();
@dl_debs = run_apt_download_progress({
if ($options->{dryrun}) {
APT_ARGV => @apt_argv,
info "simulate downloading packages with apt...";
dryrun => $options->{dryrun},
} else {
},
# if there are already packages in /var/cache/apt/archives/, we
);
# need to use our proxysolver to obtain the solution chosen by apt
if (scalar @cached_debs > 0) {
$result{EDSP_RES} = \@dl_debs;
}
info "downloading packages with apt...";
}
run_apt_progress({
ARGV => [
'apt-get',
'--yes',
'-oApt::Get::Download-Only=true',
$options->{dryrun} ? '-oAPT::Get::Simulate=true' : (),
'install'
],
PKGS => [keys %pkgs_to_install],
%result
});
} elsif ($options->{variant} eq 'apt') {
} elsif ($options->{variant} eq 'apt') {
# if we just want to install Essential:yes packages, apt and their
# if we just want to install Essential:yes packages, apt and their
# dependencies then we can make use of libapt treating apt as
# dependencies then we can make use of libapt treating apt as
@ -2143,27 +2095,11 @@ sub run_download() {
# remind me in 5+ years that I said that after I wrote
# remind me in 5+ years that I said that after I wrote
# in the bugreport: "Are you crazy?!? Nobody in his
# in the bugreport: "Are you crazy?!? Nobody in his
# right mind would even suggest depending on it!")
# right mind would even suggest depending on it!")
my %result = ();
@dl_debs = run_apt_download_progress({
if ($options->{dryrun}) {
APT_ARGV => ['dist-upgrade'],
info "simulate downloading packages with apt...";
dryrun => $options->{dryrun},
} else {
},
# if there are already packages in /var/cache/apt/archives/, we
);
# need to use our proxysolver to obtain the solution chosen by apt
if (scalar @cached_debs > 0) {
$result{EDSP_RES} = \@dl_debs;
}
info "downloading packages with apt...";
}
run_apt_progress({
ARGV => [
'apt-get',
'--yes',
'-oApt::Get::Download-Only=true',
$options->{dryrun} ? '-oAPT::Get::Simulate=true' : (),
'dist-upgrade'
],
%result
});
} elsif (
} elsif (
any { $_ eq $options->{variant} }
any { $_ eq $options->{variant} }
('essential', 'standard', 'important', 'required', 'buildd')
('essential', 'standard', 'important', 'required', 'buildd')
@ -2172,23 +2108,8 @@ sub run_download() {
# 17:27 < DonKult> (?essential includes 'apt' through)
# 17:27 < DonKult> (?essential includes 'apt' through)
# 17:30 < josch> DonKult: no, because pkgCacheGen::ForceEssential ",";
# 17:30 < josch> DonKult: no, because pkgCacheGen::ForceEssential ",";
# 17:32 < DonKult> touché
# 17:32 < DonKult> touché
my %result = ();
@dl_debs = run_apt_download_progress({
if ($options->{dryrun}) {
APT_ARGV => [
info "simulate downloading packages with apt...";
} else {
# if there are already packages in /var/cache/apt/archives/, we
# need to use our proxysolver to obtain the solution chosen by apt
if (scalar @cached_debs > 0) {
$result{EDSP_RES} = \@dl_debs;
}
info "downloading packages with apt...";
}
run_apt_progress({
ARGV => [
'apt-get',
'--yes',
'-oApt::Get::Download-Only=true',
$options->{dryrun} ? '-oAPT::Get::Simulate=true' : (),
'install',
'install',
'?narrow('
'?narrow('
. (
. (
@ -2203,76 +2124,31 @@ sub run_download() {
. $options->{nativearch}
. $options->{nativearch}
. '),?essential)'
. '),?essential)'
],
],
%result
dryrun => $options->{dryrun},
});
},
);
} else {
} else {
error "unknown variant: $options->{variant}";
error "unknown variant: $options->{variant}";
}
}
my @essential_pkgs;
my @essential_pkgs;
if (scalar @cached_debs > 0 && scalar @dl_debs > 0) {
# strip the the chroot directory from the filenames
my $archives = "/var/cache/apt/archives/";
foreach my $deb (@dl_debs) {
# for each package in @dl_debs, check if it's in
if (rindex $deb, $options->{root}, 0) {
# /var/cache/apt/archives/ and add it to @essential_pkgs
if (-e "$options->{root}/$deb") {
foreach my $p (@dl_debs) {
push @essential_pkgs, $deb;
my ($pkg, $ver_epoch) = @{$p};
# apt appends the architecture at the end of the package name
($pkg, my $arch) = split ':', $pkg, 2;
# apt replaces the colon by its percent encoding %3a
my $ver = $ver_epoch;
$ver =~ s/:/%3a/;
# the architecture returned by apt is the native architecture.
# Since we don't know whether the package is architecture
# independent or not, we first try with the native arch and then
# with "all" and only error out if neither exists.
if (-e "$options->{root}/$archives/${pkg}_${ver}_$arch.deb") {
push @essential_pkgs, "$archives/${pkg}_${ver}_$arch.deb";
} elsif (-e "$options->{root}/$archives/${pkg}_${ver}_all.deb") {
push @essential_pkgs, "$archives/${pkg}_${ver}_all.deb";
} else {
} else {
error( "cannot find package for $pkg:$arch (= $ver_epoch) "
error "package file $deb not accessible from chroot directory"
. "in /var/cache/apt/archives/") ;
. " -- use copy:// instead of file:// or a bind-mount";
}
}
next;
}
}
} else {
if (-e $deb) {
# collect the .deb files that were downloaded by apt from the content
push @essential_pkgs, substr($deb, length($options->{root}));
# of /var/cache/apt/archives/
} else {
if (!$options->{dryrun}) {
error "cannot find package file $deb";
my $apt_archives = "/var/cache/apt/archives/";
opendir my $dh, "$options->{root}/$apt_archives"
or error "cannot read $apt_archives";
while (my $deb = readdir $dh) {
if ($deb !~ /\.deb$/) {
next;
}
$deb = "$apt_archives/$deb";
if (!-f "$options->{root}/$deb") {
next;
}
push @essential_pkgs, $deb;
}
closedir $dh;
if (scalar @essential_pkgs == 0) {
# check if a file:// URI was used
open(my $pipe_apt, '-|', 'apt-get', 'indextargets', '--format',
'$(URI)', 'Created-By: Packages')
or error "cannot start apt-get indextargets: $!";
while (my $uri = <$pipe_apt>) {
if ($uri =~ /^file:\/\//) {
error
"nothing got downloaded -- use copy:// instead of"
. " file://";
}
}
error "nothing got downloaded";
}
}
}
}
}
# Unpack order matters. Since we create this list using two different
# methods but we want both methods to have the same result, we sort the
# list before returning it.
@essential_pkgs = sort @essential_pkgs;
return (\@essential_pkgs, \@cached_debs);
return (\@essential_pkgs, \@cached_debs);
}
}
@ -6703,15 +6579,13 @@ the B<setup> step. This can be disabled using B<--skip=update>.
=item B<download>
=item B<download>
Checks whether F</var/cache/apt/archives/> is empty. This can be disabled with
In the B<extract> and B<custom> variants, C<apt-get install> is used to
B<--skip=download/empty>. In the B<extract> and B<custom> variants, C<apt-get
download all the packages requested via the B<--include> option. The B<apt>
--download-only install> is used to download all the packages requested via the
variant uses the fact that libapt treats the C<apt> packages as implicitly
B<--include> option. The B<apt> variant uses the fact that libapt treats the
essential to download only all C<Essential:yes> packages plus apt using
C<apt> packages as implicitly essential to download only all C<Essential:yes>
C<apt-get dist-upgrade>. In the remaining variants, all Packages files
packages plus apt using C<apt-get --download-only dist-upgrade>. In the
downloaded by the B<update> step are inspected to find the C<Essential:yes>
remaining variants, all Packages files downloaded by the B<update> step are
package set as well as all packages of the required priority.
inspected to find the C<Essential:yes> package set as well as all packages of
the required priority.
=item B<extract>
=item B<extract>
@ -6939,7 +6813,7 @@ apt-cacher-ng, you can use the B<sync-in> and B<sync-out> special hooks to
synchronize a directory outside the chroot with F</var/cache/apt/archives>
synchronize a directory outside the chroot with F</var/cache/apt/archives>
inside the chroot.
inside the chroot.
$ mmdebstrap --variant=apt --skip=download/empty --skip= essential/unlink \
$ mmdebstrap --variant=apt --skip=essential/unlink \
--setup-hook='mkdir -p ./cache "$1"/var/cache/apt/archives/' \
--setup-hook='mkdir -p ./cache "$1"/var/cache/apt/archives/' \
--setup-hook='sync-in ./cache /var/cache/apt/archives/' \
--setup-hook='sync-in ./cache /var/cache/apt/archives/' \
--customize-hook='sync-out /var/cache/apt/archives ./cache' \
--customize-hook='sync-out /var/cache/apt/archives ./cache' \
@ -7080,12 +6954,6 @@ as the non-root user, then as a workaround you could run C<chmod 600
/etc/dpkg/dpkg.cfg.d/*> so that the config files are only accessible by the
/etc/dpkg/dpkg.cfg.d/*> so that the config files are only accessible by the
root user. See Debian bug #808203.
root user. See Debian bug #808203.
The C<file://> URI type cannot be used to install the essential packages. This
is because B<mmdebstrap> uses dpkg to install the packages that apt places into
F</var/cache/apt/archives> but with C<file://> apt will not copy the files even
with C<--download-only>. Use C<copy://> instead, which is equivalent to
C<file://> but copies the archives into F</var/cache/apt/archives>.
With apt versions before 2.1.16, setting C<[trusted=yes]> or
With apt versions before 2.1.16, setting C<[trusted=yes]> or
C<Acquire::AllowInsecureRepositories "1"> to allow signed archives without a
C<Acquire::AllowInsecureRepositories "1"> to allow signed archives without a
known public key or unsigned archives will fail because of a gpg warning in the
known public key or unsigned archives will fail because of a gpg warning in the