ebfac91738
also choose null format if stdout is /dev/null and check whether major and minor number of /dev/null are as expected to avoid false positives
2021-05-04 15:01:53 +02:00
ccd4b5c163
gpg: handle ASCII-armored keyrings as well
...
gpg command "--list-keys" requires input files to be passed with
option "--keyring" and each file must match type "public keyring v4"
while gpg command "--show-keys" doesn't require extra options and
handles also ASCII-armored public keyrings as well.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2021-04-25 22:33:37 +03:00
Helmut Grohne
2767b051bc
implement --format=null
2021-03-25 07:04:14 +01:00
4c17f36072
better document the TMPDIR env var
2021-03-08 19:33:51 +01:00
5a3d1ab5c4
Rework /dev, /sys, /proc mounting
...
- assume all entries in @devfiles to be in /dev
- allow for /dev, /sys and /proc not to exist in the target and print warning
- allow for /dev entries as well as /sys and /proc not to exist on the outside
- simplify umount by storing special options in @umountopts
- remove superfluous checks for root and unshare mode
- make sure /dev entries are less than 100 chars in size for tar
2021-03-08 08:04:35 +01:00
d52eaa4814
instead of checking for defined-ness and then comparing with the empty string, we can just use 'length' which returns undef if its argument is undef
2021-03-08 07:54:04 +01:00
270fd09b43
update copyright information
2021-03-08 07:52:14 +01:00
d5c8a85ace
document problems with chrootless mode in man page
2021-02-23 12:50:18 +01:00
ecbc10794c
warn if --dpkgopt is used in chrootless mode because of #808203
2021-02-23 12:49:46 +01:00
49f464e7da
create /etc/dpkg/dpkg.cfg.d/ if --dpkgopt is used
2021-02-23 12:49:26 +01:00
067daaf4c2
also run unshare with --propagation unchanged in root mode
2021-02-19 12:53:14 +01:00
Josh Triplett
f8fc7d9bbf
Fix typo in hook directory example
2021-02-06 18:58:30 +01:00
976cc9c1c4
release 0.7.5
2021-02-06 14:46:37 +01:00
73cd7cd2e8
run unshare --mount with --propagation unchanged to prevent 'cannot change root filesystem propagation' when running mmdebstrap from inside a chroot
2021-02-06 10:11:53 +01:00
39167dbc30
expose hook name to hooks via MMDEBSTRAP_HOOK environment variable
2021-02-06 09:18:05 +01:00
8a4f4d90ab
remove example showing mmdebstrap as debootstrap replacement for sbuild-createchroot as it doesn't work in unshare mode
2021-02-04 17:47:40 +01:00
e1e0df7799
skip emulation check for extract variant
2021-02-04 17:47:10 +01:00
c740b01dc8
unset TMPDIR in hooks because there is no value that works inside as well as outside the chroot
2021-02-04 17:46:39 +01:00
0595c5c220
add new suite name trixie
2021-02-04 17:43:33 +01:00
7a43ff89dc
improve dpkg and apt version parsing
2021-02-04 17:42:40 +01:00
d9633d05fe
release 0.7.4
2021-01-16 00:33:40 +01:00
7bd733fb8b
In root mode, check whether it's possible to mount
...
- even if the user is root, they might not have permission to mount
- check for CAP_SYS_ADMIN and unshare --mount before proceeding
- allow one to disable the check with --skip=check/canmount
- this is useful in container environments like docker
2021-01-13 18:40:29 +01:00
205f5c2692
document how to use mmdebstrap to create a docker chroot
2021-01-13 18:08:04 +01:00
4693034138
allow unshare as root user
...
- this is useful when you are already root and want the benefits of
unsharing the mount namespace to prevent messing up your system
- if the unshare mode is used as root, the user namespace is not unshared
anymore and newuidmap, setuid and friends are not called anymore
- if the unshare mode is used as non-root test if the user namespace can be
unshared, otherwise test if the mount namespace can be unshared
2021-01-13 16:15:59 +01:00
ea6bbc1d9c
#898446 got closed and the default of kernel.unprivileged_userns_clone changed to 1
2021-01-09 19:44:39 +01:00
62bcf3261e
do not run an additional env command inside the chroot
2021-01-09 19:44:00 +01:00
7ff3f53fb9
apt 2.1.16 fixed immediate configure
2021-01-09 19:43:15 +01:00
ac21074243
set MMDEBSTRAP_APT_CONFIG, MMDEBSTRAP_MODE and MMDEBSTRAP_HOOKSOCK for hook scripts
2021-01-09 19:41:59 +01:00
9484107392
set PATH if it's unset or empty
2021-01-06 11:49:29 +01:00
2d03a81997
coverage.sh: reenabling tests because bugs got fixed
...
- systemd didn't get fixed but somehow the order matches again (bug #963788 )
- python is installable again (bug #968217 )
- apt immediate configure was not fixed but src:glibc changed to not
trigger the bug anymore (bugs #973305 , #973325 and #972552 )
2021-01-06 11:33:37 +01:00
0b2a0c5a55
release 0.7.3
2020-12-02 06:15:54 +01:00
43ca8a5211
it is wrong to match the suite for the package set selection if more than one apt index is given (because the suite name might be equal) instead check whether there is more than zero matching and more than zero not-matching suites
2020-12-02 00:47:16 +01:00
2c232e0661
don't ignore packages added via --include if multiple apt indices are used
2020-12-02 00:33:18 +01:00
85328c5c7e
mmdebstrap: check for defined-ness before integer comparison
2020-11-29 20:54:50 +01:00
165cc82f97
preserve permissions of /etc/resolv.conf and /etc/hostname and resolve symlinks as debootstrap does it
2020-11-29 20:54:31 +01:00
beb0b8c177
name solver mmdebstrap-dump-solution in official apt path
2020-11-29 02:30:03 +01:00
f76bcb5750
release 0.7.2
2020-11-28 14:32:14 +01:00
732fde54f8
documentation improvements, add OPERATION section
2020-11-28 14:30:50 +01:00
da449be3fe
fix missing I in front of <>
2020-11-28 00:49:46 +01:00
2e19a8bda4
remove nonsense code comment
2020-11-28 00:48:38 +01:00
96f45ec2e7
info messages start with lower case character
2020-11-28 00:48:18 +01:00
b7e257871d
use Debian::DistroInfo if available
2020-11-28 00:46:48 +01:00
b2ea7b230f
remove no-op if statement
2020-11-28 00:45:54 +01:00
1e7e002eb1
print explicit info message about installing essential packages
2020-11-28 00:45:32 +01:00
ad56754a2a
pkgs_to_install might contain duplicates when multiple suites are used -- avoid that by using a hash instead of an array
2020-11-15 22:58:26 +01:00
0c990abc48
coverage.sh: only consider non-POD parts for maximum line length check
2020-11-15 11:30:04 +01:00
534798dbd2
add example for how to use a cache directory
2020-11-15 11:27:51 +01:00
12b26a8817
use /usr/share/distro-info/debian.csv to figure out the security mirror for bullseye and beyond
2020-11-15 10:14:03 +01:00
9d32dee3f5
if a suite name was specified, use the matching apt index to figure out the package set to install
2020-11-14 23:25:07 +01:00
21a26b5dac
pass verbosity to hook-listener
2020-11-13 22:37:53 +01:00
e71487af5e
improve hook-helper and hook-listener debug output
2020-11-13 22:36:58 +01:00
bf87e83bdb
make it possible to seed /var/cache/apt/archives with deb packages
2020-11-13 19:02:41 +01:00
50d8d5edae
check whether dpkg, apt and others are installed ( closes : #18 )
2020-11-12 22:36:10 +01:00
0a985948cf
create temporary test ext2 image in TMPDIR and not in CWD
2020-11-12 15:49:10 +01:00
1000a033e8
release 0.7.1
2020-09-18 13:43:42 +02:00
259a188e06
fix typo: 3030 -> 2020 (thanks Trent W. Buck!)
2020-09-02 22:58:50 +02:00
65e40c8c34
redirect stderr of dpkg --version to /dev/null to prevent error output if dpkg is too old (thanks Trent W. Buck!)
2020-09-02 22:58:20 +02:00
58925dc493
add two more debug messages
2020-08-28 14:36:14 +02:00
400b51ad7b
release 0.7.0
2020-08-27 20:52:47 +02:00
3713735240
document non-functional --variant=standard due to bug #968217
2020-08-25 18:08:35 +02:00
7c752fa8a0
print elapsed time after successful run
2020-08-25 18:08:31 +02:00
74725ac451
coverage.sh: test eatmydata and merged-usr hooks
2020-08-25 16:05:10 +02:00
465c056434
no longer needs to install twice when --depkgopt=path-exclude is given by filtering the tarball with new tarfilter utility
2020-08-25 13:02:33 +02:00
8f09c3e02f
unless in chrootless mode, omitting stuff in /var/lib/dpkg does not depend on the dpkg version outside, but on the version inside the chroot (and we don't know that one yet)
2020-08-24 18:45:22 +02:00
dd64e8220d
use distro-info-data and debootstrap to help with suite name and keyring discovery
2020-08-24 18:45:22 +02:00
87d383d754
replace -t STDERR with a common function that explains the 'no critic' annotation
2020-08-24 18:45:18 +02:00
307cbf5a41
prefix certain progress bars with what is being done ( closes : #16 )
2020-08-18 14:31:38 +02:00
df18304449
add a new pipe to communicate the number of blocks to the parent instead of abusing the hookhelper/listener
2020-08-18 12:08:55 +02:00
a5ea38cbad
fix docs: there are four hooks, not three
2020-08-18 09:38:22 +02:00
0451d5f004
do not suggest using --dpkgopt=force-unsafe-io because it barely brings any speedups, see Debian bug #613428
2020-08-18 09:37:53 +02:00
614ef0e43d
make it clear that --aptopt and --dpkgopt add their content permamently
2020-08-18 09:37:08 +02:00
23fb2055e4
fix error message to specify the right command
2020-08-18 09:36:27 +02:00
501e29fdeb
fix closedir calls
2020-08-18 09:35:56 +02:00
12f41ad33f
fix syntax for perltidy
2020-08-17 18:57:36 +02:00
075645289f
add --hook-directory option and a directory with hooks
2020-08-16 00:50:46 +02:00
e2a759967f
put hook listener into its own function and expose it to the CLI via --hook-listener
2020-08-15 22:36:13 +02:00
c2c270390b
implement dpkg-realpath in perl so that we don't need to run tar inside the chroot anymore for modes other than fakechroot and proot
2020-08-15 18:29:17 +02:00
dc67c1f4be
if we got dpkg >= 1.20.0, then we don't have to create certain files and directories ourselves
2020-08-15 18:09:06 +02:00
904274b9f4
adjust genext2fs (>= 1.5.0) interface
2020-07-09 07:34:03 +02:00
112c0a5a6d
add documentation about --{setup,extract,essential,customize}-hooks and --skip option, making them an official interface
2020-06-23 23:14:37 +02:00
40b6155967
add another --dpkgopt example
2020-06-23 23:12:16 +02:00
4d041140d5
instead of 'du' we use File::Find to avoid different results on different filesystems, see https://bugs.debian.org/650077 for a discussion
2020-06-23 22:45:17 +02:00
655857e525
don't use apt sandboxing in fakechroot or proot modes
2020-06-08 15:45:22 +02:00
af13116336
do not hide errors even with --quiet
...
This change also fixes the problem that when --quiet is given, an error
will never lead to a non-zero exit status because the error function
returns before it runs die()
2020-05-10 13:36:54 +02:00
dc9a5dc281
document how to use mmdebstrap as a debootstrap wrapper
2020-05-03 17:19:03 +02:00
fa12e4f488
create /tmp with chmod 01777
2020-05-03 17:18:34 +02:00
b60893aa83
add --skip=output/dev
2020-05-03 15:06:41 +02:00
e1d0a17751
return immediately if nothing to do in download, extract and essential stages
2020-05-03 15:06:24 +02:00
ccae6de410
fix message 'failed to start' -> 'failed to run'
2020-05-02 23:55:34 +02:00
be2bb0bb7e
do not emit a tarball with xattrs for squashfs and ext2 output because tar2sqfs and genext2fs do not support extended attributes
2020-05-02 23:55:05 +02:00
da88c56b9f
warn if chrootless mode is run by the root user
2020-05-02 23:54:04 +02:00
6af46f0b4a
fix typo squasfs -> squashfs
2020-05-02 23:53:41 +02:00
08319f6c77
Return the same block number irrespective of what is in /dev
...
Depending on the mode an on whether mknod works (mount options of
$TMPDIR) different stuff might be in /dev. To make the blocksize in of
the ext2 output format reproducible, ignore the content of /dev.
2020-05-02 23:51:58 +02:00
af5841269c
always check if _apt user can access /var/lib/apt/lists/partial
2020-05-02 23:51:33 +02:00
af4e77903b
add instructions how to convert from ext2 to ext3 and ext4
2020-05-02 00:12:31 +02:00
3b67de6d31
add note about the dangers of chrootless mode
2020-05-02 00:12:31 +02:00
5cf209996e
format mmdebstrap bold in POD
2020-05-02 00:12:31 +02:00
4ea784c1bc
add --skip check/empty
2020-05-02 00:12:26 +02:00
1b380e4513
add --skip check/qemu
2020-05-01 07:39:26 +02:00
Helmut Grohne
d7f7f8cb34
skip the emulation check in chrootless mode
...
Whenever the selected architecture differs from the native architecture
of the system that runs mmdebstrap, mmdebstrap checks whether it can run
the selected architecture. In the majority of cases, this is good and
helps avoid difficult to diagnose issues. However when running in
chrootless mode, we don't actually want to run any binaries from the
target system. For that reason, the emulation check should be skipped in
chrootless mode.
2020-04-14 18:25:55 +02:00
9717faef59
refer to MODES section in docs for directory format
2020-04-12 09:11:35 +02:00
2678ccaf38
mention missing TARGET in docs for auto format
2020-04-12 09:11:21 +02:00
2ce9555dc5
expand docs for unshare mode
2020-04-12 09:10:30 +02:00
a0c097a6fa
TARGET must be italic not bold
2020-04-11 23:10:13 +02:00
f1a952d468
explicitly inform the user why apt-transport-https or apt-transport-tor are getting installed
2020-04-10 12:55:52 +02:00
9195972bef
dump contents of /etc/apt/apt.conf.d/99mmdebstrap and /etc/dpkg/dpkg.cfg.d/99mmdebstrap in debug mode
2020-04-10 12:55:31 +02:00
f6214e343f
add debug output of which command is run in run_progress()
2020-04-10 12:55:02 +02:00
ab5d5777d5
check whether qemu-$arch-static exists early
2020-04-10 12:26:42 +02:00
f50ca9bf6d
also warn if /usr/sbin/update-binfmts has non-zero exit
2020-04-10 12:26:14 +02:00
df1827d991
check if /usr/sbin/update-binfmts exists
2020-04-10 12:26:00 +02:00
a0c393f256
fix /proc/mounts regex to find binfmt_misc
2020-04-10 12:25:45 +02:00
d26f5de912
check whether arch-test exists
2020-04-10 12:25:24 +02:00
46f477f339
add --skip option
2020-04-10 00:00:36 +02:00
1076e9a78d
split up setup() into multiple functions
2020-04-10 00:00:02 +02:00
895c388ede
add --format option and ext2 image output
2020-04-09 20:40:23 +02:00
15d6f5528b
also print apt-get --version output with --debug
2020-04-09 18:40:23 +02:00
8d04ffee64
unset APT_CONFIG env var when running hook
2020-04-09 18:40:23 +02:00
d29bdafb89
add workaround for dpkg bug to docs
2020-04-09 18:40:23 +02:00
323a353548
output tarball if output is named pipe or character special
2020-04-09 18:40:23 +02:00
412039bd66
commit de8b6a45
forgot to also run re-install with /proc, /dev and /sys mounted
2020-04-09 18:40:22 +02:00
02ed5e33f8
add --extract-hook
2020-04-09 18:40:18 +02:00
5fae5e83f9
release 0.6.1
2020-03-08 23:21:16 +01:00
e1008006fc
add stub for future ext2 image support
2020-03-07 23:43:29 +01:00
773249a0ca
document limitation of missing /etc/ld.so.cache when using fakechroot
2020-03-07 23:42:41 +01:00
7bad5fb1e6
in unshare mode, the unshared process might not have enough permissions to rmdir root directory -- try again as normal user
2020-03-07 23:42:19 +01:00
3922851636
use Dpkg::Vendor::Debian and Dpkg::Vendor::Ubuntu for keyring locations, if they are available
2020-03-07 23:41:28 +01:00
89e7dd6756
store temporary files in /tmp inside the rootfs to avoid problems in unshare mode and TMPDIR set
2020-03-07 23:40:55 +01:00
b9db466a26
add note about usage of /usr/sbin/policy-rc.d
2020-03-07 23:39:53 +01:00
ff9b6509fb
add more usage examples
2020-03-07 02:25:55 +01:00
6c6378a6e0
emit more warnings about setting kernel.unprivileged_userns_clone to 1
2020-03-07 02:13:53 +01:00
48914894cb
dump temporary apt.conf with --debug
2020-03-07 02:13:26 +01:00
1ff5ba7e9e
set APT::Immediate-Configure to false in dry-run mode
2020-03-07 02:12:21 +01:00
3e50d09b43
create temporary apt.conf inside chroot because unshared process might not have permissions to write into TMPDIR
2020-03-07 02:11:35 +01:00
9918809a65
add another example about how to use mmdebstrap to make a bootable live system
2020-03-07 02:07:10 +01:00
bd84829595
unset TMPDIR environment variable for everything running inside the chroot
2020-03-07 02:06:11 +01:00
5bf8c3fcf9
add sync, umount and shutdown to guestfish calls
2020-03-04 13:29:07 +01:00
c4a47947ab
mount /sys and /proc as read-only in root mode
2020-01-24 10:14:10 +01:00
d503e4fd96
put fh variables into their own scope
2020-01-22 23:31:00 +01:00
62159d124a
support deb822-style format apt sources
2020-01-22 23:30:28 +01:00
1579d06380
use tempdir(..., TMPDIR => 1) instead of tempdir(..., DIR => File::Spec->tmpdir)
2020-01-22 00:30:12 +01:00
ae15fe3d9f
convert gpg keyring processing to less nesting and abort earlier if possible
2020-01-22 00:29:38 +01:00
c26ec4d6fc
instead of hardcoding /etc/apt/trusted.gpg, read it from apt-config shell
2020-01-22 00:28:48 +01:00
efaea907e9
run apt-cache policy instead of dumping sources.list
2020-01-22 00:28:22 +01:00
c45e7d9baf
print warning if apt trusted cannot be read
2020-01-22 00:27:57 +01:00
75428e37dd
assign the absolute key path and not the relative one
2020-01-21 13:38:53 +01:00
64fedc530e
Restore deterministic tar with pax and xattr support
...
- all creating and extraction of tarballs respects extended attributes
- extended attributes require pax format, so explicitly request the
format
- to make pax bit-by-bit reproducible, ctime, atime and PID have to be
removed from the headers with:
--pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime
- always pass --numeric-owner to tar
- always pass --xattrs when creating a tar
- always pass --xattrs --xattrs-include=* when extracting a tar
2020-01-21 13:24:49 +01:00
a1df1a9730
fix docs: default variant is 'debootstrap' and not 'required'
2020-01-21 13:17:31 +01:00
bef4c890d8
if /etc/machine-id exists, replace by an empty file
2020-01-21 13:13:58 +01:00
9eaacca795
dump apt config with verbosity level >= 3
2020-01-21 13:12:44 +01:00
6455cda34b
release 0.6.0
2020-01-19 22:24:32 +01:00