Writing "uninitialized" instructs systemd to run units with
ConditionFirstBoot=yes which should only be done by tools that know how
to correctly set up such units.
Debian-Bug: #1021478
The proot mode was broken from the start because in contrast to
fakechroot, no ownership information can be retained across multiple
invocations of proot. Since mmdebstrap started using apt from the
outside by setting DPkg::Chroot-Directory in mmdebstrap 0.8.0 proot mode
was finally completely broken because proot cannot wrap the chroot call
done by apt. Users of proot are recommended to run mmdebstrap in
fakechroot mode and then use proot with the resulting directory.
A dependency trace is a powerful tool to debug issues related to
APT's selection of packages, especially in custom mode.
Thus it makes sense to ask APT to output a dependency trace when
`mmdebstrap` is run with the `--debug` flag.
- implements the same as debootstrap in
https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/71
- builds a temporary usr-is-merged package and upgrades to the real one
- create merged-/usr chroots for unstable and testing (which will
become Debian 12 Bookworm)
- add a dedicated merged-/usr section to the manual page
Before, we bind-mounted /dev/ptmx and /dev/pts from the host into the
chroot. This will make posix_openpt() fail with 'No such file or
directory'. The ability to create pseudo terminals is important for apt
(which will throw a warning otherwise) or running script(1) or source
package testsuites like for src:util-linux. This functionality is
restored by mounting a new devpts instance to /dev/pts and making
/dev/ptmx a symlink to /dev/pts/ptmx. Mounting with ptmxmode=666 is
required such that also non-root users in unshare mode are able to
create pseudo terminals. See also:
https://www.kernel.org/doc/Documentation/filesystems/devpts.txthttps://salsa.debian.org/debian/schroot/-/merge_requests/2https://bugs.debian.org/856877https://bugs.debian.org/817236
If FAKECHROOT_CMD_SUBST sets up wrong substitutions, then binaries
cannot be found. For example if /usr/bin/chroot is listed in
FAKECHROOT_CMD_SUBST but /usr/sbin (the actual location of the chroot
binary) is not in PATH, the command fails
- rephrase info message to be less misleading
- do not require qemu-$arch-static binary
- check if /proc/sys/fs/binfmt_misc/qemu-$arch exists before reading it
- factor out package downloading function
- replace -oApt::Get::Download-Only=true by -oDebug::pkgDpkgPm=1
- remove guessing of package names in /var/cache/apt/archives/
- drop edsp parsing with proxysolver/mmdebstrap-dump-solution to obtain
downloaded filenames in favour of -oDpkg::Pre-Install-Pkgs::=cat
- /var/cache/apt/archives/ is now allowed to contain packages
- drop --skip=download/empty
- file:// mirrors are now supported if their path is available inside
the chroot
By mixing s@ for --$foo-hook options and manual pushing in --hook-dir,
it can happen that options get lost. Consider the following test:
use Getopt::Long;
my $arr = [];
GetOptions(
'A=s@' => \$arr,
'B=s' => sub { push @{$arr}, $_[1]; }
);
foreach my $hook (@{$arr}) { print "hook: $hook\n"; }
This works fine:
perl test.pl --A=a1 --B=b1 --A=a2 --B=b2
hook: a1
hook: b1
hook: a2
hook: b2
This misses b1:
perl test.pl --B=b1 --A=a2 --B=b2
hook: a2
hook: b2
Without no_chdir=>1 the unshared child process in unshare mode needs
read permissions for the directory from which mmdebstrap is executed.
With this change, the current working directory does not need to be
world-readable anymore.
Closes: #1005857
Reported-by: Trent W. Buck <trentbuck@gmail.com>
The generated image will not be bootable if `mbr.bin` is not installed
into the MBR.
These lines are copied from the "Debian desktop on USB stick" example.
don't bother with /sbin/start-stop-daemon and /usr/sbin/policy-rc.d
if they're not a regular files (e.g. symlinks)
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
- requires apt >= 2.3.10
- we can drop having to run apt-get indextargets and parse Packages
files ourselves
- we can drop the layer violation that computed the package set in
run_download() and passed the package set around in setup() to
run_install()
- packages are selected by suite unless the suite is the empty string
For non-release builds the version will include the number of commits since last release and the commit hash with dashes, e.g. 1.20.8-46-g0881.
For downstream distros it seems it may include their identification strings, e.g. 1.20.9ubuntu2.
Make the regex match everything after the version number to avoid incorrectly erroring on such versions.
Fixes#18
* remove_tree() requires the CWD to be accessible or fails with
cannot chdir to $CWD from $DIR_TO_DELETE: Permission denied, aborting.
* CWD is not always accessible -- example: run mmdebstrap from a
directory only accessible by the current user (like a tempdir) in
unshare mode
* find from findutils *also* requires CWD to be accessible but it's
easier to temporarily change CWD in a subprocess because using
there is no utility in perl core that changes CWD temporarily and
cleans up after itself
* we need to use find from findutils instead of rm in unshare mode
because the root directory itself might not be removable by the
unshared user so we only want to remove its subdirectories
There are now systems with 160 cores (debci runs on two Ampere Altra
ARMv8 Neoverse-N1), which makes xz fail with: "xz: (stdin): Cannot
allocate memory"
- use /etc/ld.so.conf from the chroot instead of the host
- parse /etc/ld.so.conf instead of blindly accessing /etc/ld.so.conf.d
- add libraries from the chroot instead of the host
- instead of throwing an error, just print a warning
- can now run as root without cap_sys_admin
- can now run without mount installed
- --skip=check/canmount is not needed anymore
- gpg will not create a trustdb when running with --update-trustdb with
--trust-model=always:
gpg: no need for a trustdb update with 'always' trust model
- subsequent gpg calls will fail because there is no trustdb in GPGHOME
- use $REAL_USER_ID from English instead of $<
- use getgrgid $REAL_GROUP_ID to get the group name instead of assuming
the group name to be equal to the user name
- also check whether /etc/subgid exists and is readable
This is fixing the error:
cannot rmdir /var/lib/apt/lists/auxfiles: Directory not empty at ./mmdebstrap/mmdebstrap line 3084.
which happens when using apt-transport-mirror.
/bin/ping (from iputils-ping) uses the security capabilities to allow
users to use the program:
```
$ getcap /bin/ping
/bin/ping cap_net_raw=ep
```
Debian testing/unstable images (variant important) contain security and
system attributes:
```
$ mmdebstrap --variant=important bullseye root.tar
$ tar --xattrs --xattrs-include='*' -vv -tf root.tar | grep -B 1 '^ '
-rwxr-xr-x* 0/0 77432 2021-02-02 18:49 ./bin/ping
x: 20 security.capability
--
drwxr-sr-x* 0/102 0 2021-05-07 15:10 ./var/log/journal/
x: 44 system.posix_acl_access
x: 44 system.posix_acl_default
```
When generating a squashfs image with mmdebstrap 0.7.5-2, these security
capabilities are lost. Example for building a squashfs image in a
minimal Debian unstable schroot:
```
$ apt install -y mmdebstrap squashfs-tools-ng
$ mmdebstrap --variant=important buster root.squashfs
$ rdsquashfs -x /bin/ping root.squashfs
$
```
tar2sqfs from squashfs-tools-ng 1.0.4-1 supports encoding extended
attributes from the namespace `user`, `trusted`, and `security` (see
`include/sqfs/xattr.h`). GNU tar (version 1.34) supports these three
namespaces plus the namespace `system`.
Passing extended attributes from the `system` namespace to tar2sqfs will
produce an error:
```
ERROR: squashfs does not support xattr prefix of system.posix_acl_default
```
So pass the extended attributes to tar2sqfs, but exclude the `system`
namespace. Then ping will keep its security attributes:
```
$ rdsquashfs -x /bin/ping root.squashfs
security.capability=0x0100000200200000000000000000000000000000
```
Closes: #988100
Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
gpg command "--list-keys" requires input files to be passed with
option "--keyring" and each file must match type "public keyring v4"
while gpg command "--show-keys" doesn't require extra options and
handles also ASCII-armored public keyrings as well.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
- assume all entries in @devfiles to be in /dev
- allow for /dev, /sys and /proc not to exist in the target and print warning
- allow for /dev entries as well as /sys and /proc not to exist on the outside
- simplify umount by storing special options in @umountopts
- remove superfluous checks for root and unshare mode
- make sure /dev entries are less than 100 chars in size for tar