From e887a329aba9123709a917ceb4ddd34b43575fa7 Mon Sep 17 00:00:00 2001 From: Johannes Schauer Marin Rodrigues Date: Tue, 18 Oct 2022 10:32:03 +0200 Subject: [PATCH] more changes for merged-/usr which is now default in testing and unstable --- make_mirror.sh | 2 +- mmdebstrap | 4 +- tests/create-arm64-tarball | 39 +++++++++++++++---- tests/i386-which-can-be-executed-without-qemu | 16 ++++---- tests/tarfilter-idshift | 23 +++++------ 5 files changed, 56 insertions(+), 28 deletions(-) diff --git a/make_mirror.sh b/make_mirror.sh index 703c8d4..da2a4df 100755 --- a/make_mirror.sh +++ b/make_mirror.sh @@ -270,7 +270,7 @@ END # starting from Debian 12 (Bullseye) case "$dist" in oldstable|stable) : ;; - *) pkgs="$pkgs usr-is-merged" ;; + *) pkgs="$pkgs usr-is-merged usrmerge" ;; esac APT_CONFIG="$rootdir/etc/apt/apt.conf" apt-get --yes install $pkgs diff --git a/mmdebstrap b/mmdebstrap index 9e62300..70dc7b1 100755 --- a/mmdebstrap +++ b/mmdebstrap @@ -7231,8 +7231,8 @@ I<--merged-usr> and I<--no-merged-usr> B will create a merged-/usr chroot or not depending on whether packages setting up merged-/usr (i.e. the B package) are installed or -not. In Debian, the essential package B is will depend -on the B package, starting with Debian 12 (Bookworm). +not. In Debian, the essential package B depends on the +B package, starting with Debian 12 (Bookworm). Before Debian 12 (Bookworm), to force B to create a chroot with merged-/usr using symlinks, either explicitly install the B package: diff --git a/tests/create-arm64-tarball b/tests/create-arm64-tarball index d0e361e..8b84722 100644 --- a/tests/create-arm64-tarball +++ b/tests/create-arm64-tarball @@ -22,8 +22,22 @@ $prefix {{ CMD }} --mode={{ MODE }} --variant=apt --architectures=arm64 {{ DIST # we ignore differences between architectures by ignoring some files # and renaming others { tar -tf /tmp/debian-chroot.tar \ - | grep -v '^\./lib/ld-linux-aarch64\.so\.1$' \ - | grep -v '^\./lib/aarch64-linux-gnu/ld-linux-aarch64\.so\.1$' \ + | grep -v '^\./usr/lib/ld-linux-aarch64\.so\.1$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/ld-linux-aarch64\.so\.1$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/asm-generic/int-ll64.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/asm-generic/types.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/asm-generic/unistd.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/asm/sigcontext.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/asm/sve_context.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/asm/types.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/bits/procfs-extra.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/bits/procfs-id.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/bits/procfs-prregset.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/bits/procfs.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/gnu/stubs-lp64.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/linux/types.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/sys/procfs.ph$' \ + | grep -v '^\./usr/lib/aarch64-linux-gnu/perl/5.34.0/sys/user.ph$' \ | grep -v '^\./usr/share/doc/[^/]\+/changelog\(\.Debian\)\?\.arm64\.gz$' \ | sed 's/aarch64-linux-gnu/x86_64-linux-gnu/' \ | sed 's/arm64/amd64/'; @@ -31,11 +45,22 @@ $prefix {{ CMD }} --mode={{ MODE }} --variant=apt --architectures=arm64 {{ DIST { cat tar1.txt \ | grep -v '^\./usr/bin/i386$' \ | grep -v '^\./usr/bin/x86_64$' \ - | grep -v '^\./lib64/$' \ - | grep -v '^\./lib64/ld-linux-x86-64\.so\.2$' \ - | grep -v '^\./lib/x86_64-linux-gnu/ld-linux-x86-64\.so\.2$' \ - | grep -v '^\./lib/x86_64-linux-gnu/libmvec-2\.[0-9]\+\.so$' \ - | grep -v '^\./lib/x86_64-linux-gnu/libmvec\.so\.1$' \ + | grep -v '^\./lib32$' \ + | grep -v '^\./lib64$' \ + | grep -v '^\./libx32$' \ + | grep -v '^\./usr/lib32/$' \ + | grep -v '^\./usr/libx32/$' \ + | grep -v '^\./usr/lib64/$' \ + | grep -v '^\./usr/lib64/ld-linux-x86-64\.so\.2$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/ld-linux-x86-64\.so\.2$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/libmvec\.so\.1$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/perl/5.34.0/asm/posix_types_32.ph$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/perl/5.34.0/asm/posix_types_64.ph$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/perl/5.34.0/asm/posix_types_x32.ph$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/perl/5.34.0/asm/unistd_32.ph$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/perl/5.34.0/asm/unistd_64.ph$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/perl/5.34.0/asm/unistd_x32.ph$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/perl/5.34.0/gnu/stubs-64.ph$' \ | grep -v '^\./usr/share/doc/[^/]\+/changelog\(\.Debian\)\?\.amd64\.gz$' \ | grep -v '^\./usr/share/man/man8/i386\.8\.gz$' \ | grep -v '^\./usr/share/man/man8/x86_64\.8\.gz$'; diff --git a/tests/i386-which-can-be-executed-without-qemu b/tests/i386-which-can-be-executed-without-qemu index 936dd01..f345310 100644 --- a/tests/i386-which-can-be-executed-without-qemu +++ b/tests/i386-which-can-be-executed-without-qemu @@ -12,25 +12,27 @@ apt-get remove --yes qemu-user-static binfmt-support qemu-user # and renaming others { tar -tf /tmp/debian-chroot.tar \ | grep -v '^\./usr/bin/i386$' \ - | grep -v '^\./lib/ld-linux\.so\.2$' \ - | grep -v '^\./lib/i386-linux-gnu/ld-linux\.so\.2$' \ + | grep -v '^\./usr/lib/ld-linux\.so\.2$' \ + | grep -v '^\./usr/lib/i386-linux-gnu/ld-linux\.so\.2$' \ | grep -v '^\./usr/lib/gcc/i686-linux-gnu/$' \ | grep -v '^\./usr/lib/gcc/i686-linux-gnu/[0-9]\+/$' \ | grep -v '^\./usr/share/man/man8/i386\.8\.gz$' \ | grep -v '^\./usr/share/doc/[^/]\+/changelog\(\.Debian\)\?\.i386\.gz$' \ | sed 's/i386-linux-gnu/x86_64-linux-gnu/' \ - | sed 's/i386/amd64/'; + | sed 's/i386/amd64/' \ + | sed 's/\/stubs-32.ph$/\/stubs-64.ph/'; } | sort > tar2.txt { cat tar1.txt \ | grep -v '^\./usr/bin/i386$' \ | grep -v '^\./usr/bin/x86_64$' \ + | grep -v '^\./usr/lib32/$' \ + | grep -v '^\./lib32$' \ | grep -v '^\./lib64/$' \ - | grep -v '^\./lib64/ld-linux-x86-64\.so\.2$' \ + | grep -v '^\./usr/lib64/ld-linux-x86-64\.so\.2$' \ | grep -v '^\./usr/lib/gcc/x86_64-linux-gnu/$' \ | grep -v '^\./usr/lib/gcc/x86_64-linux-gnu/[0-9]\+/$' \ - | grep -v '^\./lib/x86_64-linux-gnu/ld-linux-x86-64\.so\.2$' \ - | grep -v '^\./lib/x86_64-linux-gnu/libmvec-2\.[0-9]\+\.so$' \ - | grep -v '^\./lib/x86_64-linux-gnu/libmvec\.so\.1$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/ld-linux-x86-64\.so\.2$' \ + | grep -v '^\./usr/lib/x86_64-linux-gnu/libmvec\.so\.1$' \ | grep -v '^\./usr/share/doc/[^/]\+/changelog\(\.Debian\)\?\.amd64\.gz$' \ | grep -v '^\./usr/share/man/man8/i386\.8\.gz$' \ | grep -v '^\./usr/share/man/man8/x86_64\.8\.gz$'; diff --git a/tests/tarfilter-idshift b/tests/tarfilter-idshift index 67cef5e..95bb72f 100644 --- a/tests/tarfilter-idshift +++ b/tests/tarfilter-idshift @@ -18,11 +18,12 @@ runuser -u user -- {{ CMD }} --mode=unshare --variant=apt --include=iputils-ping | ./tarfilter --idshift 0 > /tmp/debian-chroot.tar # make sure that xattrs are set in the original tarball mkdir /tmp/debian-chroot -tar --xattrs --xattrs-include='*' --directory /tmp/debian-chroot -xf /tmp/debian-chroot.tar ./bin/ping -echo "/tmp/debian-chroot/bin/ping cap_net_raw=ep" > /tmp/expected -getcap /tmp/debian-chroot/bin/ping | diff -u /tmp/expected - >&2 -rm /tmp/debian-chroot/bin/ping -rmdir /tmp/debian-chroot/bin +tar --xattrs --xattrs-include='*' --directory /tmp/debian-chroot -xf /tmp/debian-chroot.tar ./usr/bin/ping +echo "/tmp/debian-chroot/usr/bin/ping cap_net_raw=ep" > /tmp/expected +getcap /tmp/debian-chroot/usr/bin/ping | diff -u /tmp/expected - >&2 +rm /tmp/debian-chroot/usr/bin/ping +rmdir /tmp/debian-chroot/usr/bin +rmdir /tmp/debian-chroot/usr rmdir /tmp/debian-chroot # shift the uid/gid forward by 100000 and backward by 100000 ./tarfilter --idshift 100000 < /tmp/debian-chroot.tar > /tmp/debian-chroot-shifted.tar @@ -48,12 +49,12 @@ tar --numeric-owner -tvf /tmp/debian-chroot-shifted.tar \ mkdir /tmp/debian-chroot tar --xattrs --xattrs-include='*' --directory /tmp/debian-chroot -xf /tmp/debian-chroot-shifted.tar echo "100000 100000" > /tmp/expected -stat --format="%u %g" /tmp/debian-chroot/bin/ping | diff -u /tmp/expected - >&2 -echo "/tmp/debian-chroot/bin/ping cap_net_raw=ep" > /tmp/expected -getcap /tmp/debian-chroot/bin/ping | diff -u /tmp/expected - >&2 +stat --format="%u %g" /tmp/debian-chroot/usr/bin/ping | diff -u /tmp/expected - >&2 +echo "/tmp/debian-chroot/usr/bin/ping cap_net_raw=ep" > /tmp/expected +getcap /tmp/debian-chroot/usr/bin/ping | diff -u /tmp/expected - >&2 echo "0 0" > /tmp/expected -runuser -u user -- {{ CMD }} --unshare-helper /usr/sbin/chroot /tmp/debian-chroot stat --format="%u %g" /bin/ping \ +runuser -u user -- {{ CMD }} --unshare-helper /usr/sbin/chroot /tmp/debian-chroot stat --format="%u %g" /usr/bin/ping \ | diff -u /tmp/expected - >&2 -echo "/bin/ping cap_net_raw=ep" > /tmp/expected -runuser -u user -- {{ CMD }} --unshare-helper /usr/sbin/chroot /tmp/debian-chroot getcap /bin/ping \ +echo "/usr/bin/ping cap_net_raw=ep" > /tmp/expected +runuser -u user -- {{ CMD }} --unshare-helper /usr/sbin/chroot /tmp/debian-chroot getcap /usr/bin/ping \ | diff -u /tmp/expected - >&2