- all creating and extraction of tarballs respects extended attributes
- extended attributes require pax format, so explicitly request the
format
- to make pax bit-by-bit reproducible, ctime, atime and PID have to be
removed from the headers with:
--pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime
- always pass --numeric-owner to tar
- always pass --xattrs when creating a tar
- always pass --xattrs --xattrs-include=* when extracting a tar
When specifying a tarball as output format, the extended attributes are
lost. This leads to programs like ping fail to run as normal user.
Therefore preserve the extended attributes when generating the tarball.
Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
- apt can only handle one directory and one file as keyring
- the signed-by option is used to specify the keyrings for suites that
are not known by apt
Printing the full man page requires the perl-doc package. To avoid this
dependency, print the less verbose output containing only the synopsis
and the option list for the --help option and print the full output
(requiring perldoc) for the --man option.
One of mmdebstrap benefits over deboostrap is that it is faster.
Creating a xz tarball as output will take a lot of time, since xz
consumes a lot of compute power and tar uses only one core.
Therefore use parallel xz compression since xz supports it using the -T
parameter.
Closes: #943327
Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
Package order is important when calling apt. Consider this dependency
graph:
A -> B -> C | D , E -> D | C
"apt install A E" it will install "A B C E"
"apt install E A" it will install "E D A B"