mmdebstrap

Author	SHA1	Message	Date
Johannes Schauer Marin Rodrigues	1b0f7f1138	make $@ local, so we don't print "Can't locate Undefined subroutine &Devel::Cover::get_coverage called" in other parts where we evaluate $@	2022-01-07 23:15:07 +01:00
Johannes Schauer Marin Rodrigues	88619e4d9c	test codename apt pattern as well, requires apt >= 2.3.14 closes: #21	2022-01-07 12:46:42 +01:00
Johannes Schauer Marin Rodrigues	5d8943b739	release 0.8.2	2021-12-14 21:07:04 +01:00
Johannes Schauer Marin Rodrigues	7501708aaf	perltidy 20200110 -> 20210717	2021-12-14 21:07:04 +01:00
Konstantin Demin	e4e10b670c	allow custom daemon startup prevention don't bother with /sbin/start-stop-daemon and /usr/sbin/policy-rc.d if they're not a regular files (e.g. symlinks) Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>	2021-12-06 00:28:34 +03:00
Johannes Schauer Marin Rodrigues	c4a43ea0f9	make $@ local, so we don't print "Can't locate Dpkg/Vendor/Debian.pm" in other parts where we evaluate $@	2021-11-29 21:15:59 +01:00
Johannes Schauer Marin Rodrigues	60d69f6f78	Use apt patters to select priority variants - requires apt >= 2.3.10 - we can drop having to run apt-get indextargets and parse Packages files ourselves - we can drop the layer violation that computed the package set in run_download() and passed the package set around in setup() to run_install() - packages are selected by suite unless the suite is the empty string	2021-11-09 07:31:56 +01:00
Johannes Schauer Marin Rodrigues	3b41fe6805	document mmdebstrap as docker/podman replacement	2021-11-07 10:00:48 +01:00
Raul Tambre	c61e81a244	Relax dpkg version regex For non-release builds the version will include the number of commits since last release and the commit hash with dashes, e.g. 1.20.8-46-g0881. For downstream distros it seems it may include their identification strings, e.g. 1.20.9ubuntu2. Make the regex match everything after the version number to avoid incorrectly erroring on such versions. Fixes #18	2021-11-06 23:04:27 +02:00
Johannes Schauer Marin Rodrigues	7a062661e5	release 0.8.1	2021-10-07 13:35:39 +02:00
Johannes Schauer Marin Rodrigues	1d2a7ef71a	enforce dpkg >= 1.20.0 and remove dead code	2021-10-07 10:51:20 +02:00
Johannes Schauer Marin Rodrigues	4f278deadf	use rm and find instead of remove_tree() * remove_tree() requires the CWD to be accessible or fails with cannot chdir to $CWD from $DIR_TO_DELETE: Permission denied, aborting. * CWD is not always accessible -- example: run mmdebstrap from a directory only accessible by the current user (like a tempdir) in unshare mode * find from findutils also requires CWD to be accessible but it's easier to temporarily change CWD in a subprocess because using there is no utility in perl core that changes CWD temporarily and cleans up after itself * we need to use find from findutils instead of rm in unshare mode because the root directory itself might not be removable by the unshared user so we only want to remove its subdirectories	2021-10-07 07:07:45 +02:00
Johannes Schauer Marin Rodrigues	c2d988b475	enforce apt >= 2.3.7 and remove dead code (closes: #14 )	2021-10-06 23:30:09 +02:00
Johannes Schauer Marin Rodrigues	28cb757742	do not run xz and zstd with --threads=0 There are now systems with 160 cores (debci runs on two Ampere Altra ARMv8 Neoverse-N1), which makes xz fail with: "xz: (stdin): Cannot allocate memory"	2021-09-24 22:09:24 +02:00
Johannes Schauer Marin Rodrigues	12ec2c50aa	also create cmethopt and available in chrootless mode - this allows bit-by-bit identical output of chrootless mode compared to other modes	2021-09-22 15:22:35 +02:00
Johannes Schauer Marin Rodrigues	1a4491b4d3	release 0.8.0	2021-09-21 14:20:58 +02:00
Johannes Schauer Marin Rodrigues	2c945e4c87	improve fakechroot LD_LIBRARY_PATH - use /etc/ld.so.conf from the chroot instead of the host - parse /etc/ld.so.conf instead of blindly accessing /etc/ld.so.conf.d - add libraries from the chroot instead of the host	2021-09-21 14:17:31 +02:00
Johannes Schauer Marin Rodrigues	ddb642a1dc	update apt MR urls	2021-09-19 19:38:52 +02:00
Johannes Schauer Marin Rodrigues	dceb881bd0	drop DPkg::Install::Recursive::force=true (requires apt >= 2.3.7)	2021-09-19 19:37:06 +02:00
Johannes Schauer Marin Rodrigues	6d59d51a4a	add ldconfig.fakechroot and translate symlinks for bit-by-bit identical buildd variant	2021-09-16 16:23:46 +02:00
Johannes Schauer Marin Rodrigues	6a22e05d59	document that zstd is also called with --threads=0	2021-09-16 16:12:35 +02:00
Johannes Schauer Marin Rodrigues	c7390f648b	be more permissive in the FAKECHROOT_DETECT version format	2021-09-16 16:12:20 +02:00
Johannes Schauer Marin Rodrigues	631b103ca7	check for symlink first to compute disk usage because -f und -s otherwise follow symlinks	2021-09-16 16:11:34 +02:00
Johannes Schauer Marin Rodrigues	101229aa04	add a newline to /etc/machine-id as systemd does the same	2021-09-16 16:08:07 +02:00
Johannes Schauer Marin Rodrigues	5b0bb46421	add gpgvnoexpkeysig	2021-09-15 16:10:22 +02:00
Johannes Schauer Marin Rodrigues	6851cd7cb4	move hooks/setup00-merged-usr.sh -> hooks/merged-usr/setup00.sh, expand docs	2021-09-03 12:04:40 +02:00
Johannes Schauer Marin Rodrigues	6a8fbae9d8	make fakechroot mode bit-by-bit identical to the others	2021-08-29 10:25:34 +02:00
Johannes Schauer Marin Rodrigues	7d472ca116	document on how to use mmdebstrap with podman	2021-08-27 11:53:32 +02:00
Johannes Schauer Marin Rodrigues	047619967e	also check whether CAP_SYS_ADMIN is in the bounding set	2021-08-27 11:53:11 +02:00
Johannes Schauer Marin Rodrigues	5a5f57b404	Automatically skip using mount if that's not possible - instead of throwing an error, just print a warning - can now run as root without cap_sys_admin - can now run without mount installed - --skip=check/canmount is not needed anymore	2021-08-26 15:40:27 +02:00
Johannes Schauer Marin Rodrigues	1a18160fe8	document that apt-transport-https, ca-certificates and apt-transport-tor are no longer installed automatically	2021-08-26 11:17:13 +02:00
Johannes Schauer Marin Rodrigues	91d8be5f9c	Do not use gpg --trust-model=always - gpg will not create a trustdb when running with --update-trustdb with --trust-model=always: gpg: no need for a trustdb update with 'always' trust model - subsequent gpg calls will fail because there is no trustdb in GPGHOME	2021-08-26 07:58:27 +02:00
Johannes Schauer Marin Rodrigues	850eeb24d5	more code comments	2021-08-25 05:21:57 +02:00
Johannes Schauer Marin Rodrigues	8b12375de3	add more references to #808203	2021-08-25 05:15:44 +02:00
Johannes Schauer Marin Rodrigues	c627606110	document copy:// vs. file://	2021-08-23 10:41:44 +02:00
Johannes Schauer Marin Rodrigues	60dba1c19e	fixup read_subuid_subgid - use $REAL_USER_ID from English instead of $< - use getgrgid $REAL_GROUP_ID to get the group name instead of assuming the group name to be equal to the user name - also check whether /etc/subgid exists and is readable	2021-08-19 13:02:44 +02:00
Joe Groocock	15029c1c3b	improve error message for missing /etc/subuid entry (closes: #9 )	2021-08-19 11:18:53 +02:00
Johannes Schauer Marin Rodrigues	3c37d692a0	write 'uninitialized' to /etc/machine-id to support systemd ConditionFirstBoot (closes: #10 )	2021-08-19 07:18:21 +02:00
Nicolas Vigier	5283d74dfe	Remove files inside the auxfiles directory This is fixing the error: cannot rmdir /var/lib/apt/lists/auxfiles: Directory not empty at ./mmdebstrap/mmdebstrap line 3084. which happens when using apt-transport-mirror.	2021-08-19 07:18:21 +02:00
Johannes Schauer Marin Rodrigues	ea82b267c9	only run test_unshare_userns() if not root user	2021-08-18 22:06:16 +02:00
Johannes Schauer Marin Rodrigues	dfbf9cdcef	several fixes to chrootless mode	2021-08-17 23:39:20 +02:00
Johannes Schauer Marin Rodrigues	f868073b6e	add --skip=setup, --skip=update and --skip=cleanup	2021-08-17 11:11:00 +02:00
Johannes Schauer Marin Rodrigues	98f1f0abde	use apt pattern to select essential set	2021-08-17 10:30:06 +02:00
Johannes Schauer Marin Rodrigues	3e488dd1dd	use apt from the outside by setting DPkg::Chroot-Directory	2021-08-16 22:33:39 +02:00
Johannes Schauer Marin Rodrigues	c63ad87310	changes for release of Debian 11 Buster	2021-08-16 13:11:42 +02:00
Johannes Schauer Marin Rodrigues	594ea3c72e	improve busybox and --hook-dir examples in man page -- thanks Jochen Sprickerhof!	2021-05-31 16:33:34 +02:00
Johannes Schauer Marin Rodrigues	3f79c18a0d	since apt 2.1.16 we can use --error-on=any and do not anymore need to error out on all W: lines (closes: #6 )	2021-05-31 11:17:45 +02:00
Benjamin Drung	0378c101bb	Pass extended attributes (excluding system) to tar2sqfs /bin/ping (from iputils-ping) uses the security capabilities to allow users to use the program: ``` $ getcap /bin/ping /bin/ping cap_net_raw=ep ``` Debian testing/unstable images (variant important) contain security and system attributes: ``` $ mmdebstrap --variant=important bullseye root.tar $ tar --xattrs --xattrs-include='' -vv -tf root.tar \| grep -B 1 '^ ' -rwxr-xr-x 0/0 77432 2021-02-02 18:49 ./bin/ping x: 20 security.capability -- drwxr-sr-x* 0/102 0 2021-05-07 15:10 ./var/log/journal/ x: 44 system.posix_acl_access x: 44 system.posix_acl_default ``` When generating a squashfs image with mmdebstrap 0.7.5-2, these security capabilities are lost. Example for building a squashfs image in a minimal Debian unstable schroot: ``` $ apt install -y mmdebstrap squashfs-tools-ng $ mmdebstrap --variant=important buster root.squashfs $ rdsquashfs -x /bin/ping root.squashfs $ ``` tar2sqfs from squashfs-tools-ng 1.0.4-1 supports encoding extended attributes from the namespace `user`, `trusted`, and `security` (see `include/sqfs/xattr.h`). GNU tar (version 1.34) supports these three namespaces plus the namespace `system`. Passing extended attributes from the `system` namespace to tar2sqfs will produce an error: ``` ERROR: squashfs does not support xattr prefix of system.posix_acl_default ``` So pass the extended attributes to tar2sqfs, but exclude the `system` namespace. Then ping will keep its security attributes: ``` $ rdsquashfs -x /bin/ping root.squashfs security.capability=0x0100000200200000000000000000000000000000 ``` Closes: #988100 Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>	2021-05-17 21:43:10 +02:00
Johannes Schauer Marin Rodrigues	88a031477a	add --skip=cleanup/apt/lists and --skip=cleanup/apt/cache	2021-05-09 20:44:02 +02:00
Vagrant Cascadian	c51fb24c7b	Use all cores when compressing with zstd.	2021-05-09 17:32:04 +02:00
Johannes Schauer Marin Rodrigues	236b84a486	tarfilter: add --pax-exclude and --pax-include to strip extended attributes because tar2sqfs only supports user., trusted. and security.*	2021-05-07 09:39:40 +02:00
Johannes Schauer Marin Rodrigues	ebfac91738	also choose null format if stdout is /dev/null and check whether major and minor number of /dev/null are as expected to avoid false positives	2021-05-04 15:01:53 +02:00
Konstantin Demin	ccd4b5c163	gpg: handle ASCII-armored keyrings as well gpg command "--list-keys" requires input files to be passed with option "--keyring" and each file must match type "public keyring v4" while gpg command "--show-keys" doesn't require extra options and handles also ASCII-armored public keyrings as well. Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>	2021-04-25 22:33:37 +03:00
Helmut Grohne	2767b051bc	implement --format=null	2021-03-25 07:04:14 +01:00
Johannes Schauer Marin Rodrigues	4c17f36072	better document the TMPDIR env var	2021-03-08 19:33:51 +01:00
Johannes Schauer Marin Rodrigues	5a3d1ab5c4	Rework /dev, /sys, /proc mounting - assume all entries in @devfiles to be in /dev - allow for /dev, /sys and /proc not to exist in the target and print warning - allow for /dev entries as well as /sys and /proc not to exist on the outside - simplify umount by storing special options in @umountopts - remove superfluous checks for root and unshare mode - make sure /dev entries are less than 100 chars in size for tar	2021-03-08 08:04:35 +01:00
Johannes Schauer Marin Rodrigues	d52eaa4814	instead of checking for defined-ness and then comparing with the empty string, we can just use 'length' which returns undef if its argument is undef	2021-03-08 07:54:04 +01:00
Johannes Schauer Marin Rodrigues	270fd09b43	update copyright information	2021-03-08 07:52:14 +01:00
Johannes Schauer Marin Rodrigues	d5c8a85ace	document problems with chrootless mode in man page	2021-02-23 12:50:18 +01:00
Johannes Schauer Marin Rodrigues	ecbc10794c	warn if --dpkgopt is used in chrootless mode because of #808203	2021-02-23 12:49:46 +01:00
Johannes Schauer Marin Rodrigues	49f464e7da	create /etc/dpkg/dpkg.cfg.d/ if --dpkgopt is used	2021-02-23 12:49:26 +01:00
Johannes Schauer Marin Rodrigues	067daaf4c2	also run unshare with --propagation unchanged in root mode	2021-02-19 12:53:14 +01:00
Josh Triplett	f8fc7d9bbf	Fix typo in hook directory example	2021-02-06 18:58:30 +01:00
Johannes Schauer Marin Rodrigues	976cc9c1c4	release 0.7.5	2021-02-06 14:46:37 +01:00
Johannes Schauer Marin Rodrigues	73cd7cd2e8	run unshare --mount with --propagation unchanged to prevent 'cannot change root filesystem propagation' when running mmdebstrap from inside a chroot	2021-02-06 10:11:53 +01:00
Johannes Schauer Marin Rodrigues	39167dbc30	expose hook name to hooks via MMDEBSTRAP_HOOK environment variable	2021-02-06 09:18:05 +01:00
Johannes Schauer Marin Rodrigues	8a4f4d90ab	remove example showing mmdebstrap as debootstrap replacement for sbuild-createchroot as it doesn't work in unshare mode	2021-02-04 17:47:40 +01:00
Johannes Schauer Marin Rodrigues	e1e0df7799	skip emulation check for extract variant	2021-02-04 17:47:10 +01:00
Johannes Schauer Marin Rodrigues	c740b01dc8	unset TMPDIR in hooks because there is no value that works inside as well as outside the chroot	2021-02-04 17:46:39 +01:00
Johannes Schauer Marin Rodrigues	0595c5c220	add new suite name trixie	2021-02-04 17:43:33 +01:00
Johannes Schauer Marin Rodrigues	7a43ff89dc	improve dpkg and apt version parsing	2021-02-04 17:42:40 +01:00
Johannes 'josch' Schauer	d9633d05fe	release 0.7.4	2021-01-16 00:33:40 +01:00
Johannes 'josch' Schauer	7bd733fb8b	In root mode, check whether it's possible to mount - even if the user is root, they might not have permission to mount - check for CAP_SYS_ADMIN and unshare --mount before proceeding - allow one to disable the check with --skip=check/canmount - this is useful in container environments like docker	2021-01-13 18:40:29 +01:00
Johannes 'josch' Schauer	205f5c2692	document how to use mmdebstrap to create a docker chroot	2021-01-13 18:08:04 +01:00
Johannes 'josch' Schauer	4693034138	allow unshare as root user - this is useful when you are already root and want the benefits of unsharing the mount namespace to prevent messing up your system - if the unshare mode is used as root, the user namespace is not unshared anymore and newuidmap, setuid and friends are not called anymore - if the unshare mode is used as non-root test if the user namespace can be unshared, otherwise test if the mount namespace can be unshared	2021-01-13 16:15:59 +01:00
Johannes 'josch' Schauer	ea6bbc1d9c	#898446 got closed and the default of kernel.unprivileged_userns_clone changed to 1	2021-01-09 19:44:39 +01:00
Johannes 'josch' Schauer	62bcf3261e	do not run an additional env command inside the chroot	2021-01-09 19:44:00 +01:00
Johannes 'josch' Schauer	7ff3f53fb9	apt 2.1.16 fixed immediate configure	2021-01-09 19:43:15 +01:00
Johannes 'josch' Schauer	ac21074243	set MMDEBSTRAP_APT_CONFIG, MMDEBSTRAP_MODE and MMDEBSTRAP_HOOKSOCK for hook scripts	2021-01-09 19:41:59 +01:00
Johannes 'josch' Schauer	9484107392	set PATH if it's unset or empty	2021-01-06 11:49:29 +01:00
Johannes 'josch' Schauer	2d03a81997	coverage.sh: reenabling tests because bugs got fixed - systemd didn't get fixed but somehow the order matches again (bug #963788) - python is installable again (bug #968217) - apt immediate configure was not fixed but src:glibc changed to not trigger the bug anymore (bugs #973305, #973325 and #972552)	2021-01-06 11:33:37 +01:00
Johannes 'josch' Schauer	0b2a0c5a55	release 0.7.3	2020-12-02 06:15:54 +01:00
Johannes 'josch' Schauer	43ca8a5211	it is wrong to match the suite for the package set selection if more than one apt index is given (because the suite name might be equal) instead check whether there is more than zero matching and more than zero not-matching suites	2020-12-02 00:47:16 +01:00
Johannes 'josch' Schauer	2c232e0661	don't ignore packages added via --include if multiple apt indices are used	2020-12-02 00:33:18 +01:00
Johannes 'josch' Schauer	85328c5c7e	mmdebstrap: check for defined-ness before integer comparison	2020-11-29 20:54:50 +01:00
Johannes 'josch' Schauer	165cc82f97	preserve permissions of /etc/resolv.conf and /etc/hostname and resolve symlinks as debootstrap does it	2020-11-29 20:54:31 +01:00
Johannes 'josch' Schauer	beb0b8c177	name solver mmdebstrap-dump-solution in official apt path	2020-11-29 02:30:03 +01:00
Johannes 'josch' Schauer	f76bcb5750	release 0.7.2	2020-11-28 14:32:14 +01:00
Johannes 'josch' Schauer	732fde54f8	documentation improvements, add OPERATION section	2020-11-28 14:30:50 +01:00
Johannes 'josch' Schauer	da449be3fe	fix missing I in front of <>	2020-11-28 00:49:46 +01:00
Johannes 'josch' Schauer	2e19a8bda4	remove nonsense code comment	2020-11-28 00:48:38 +01:00
Johannes 'josch' Schauer	96f45ec2e7	info messages start with lower case character	2020-11-28 00:48:18 +01:00
Johannes 'josch' Schauer	b7e257871d	use Debian::DistroInfo if available	2020-11-28 00:46:48 +01:00
Johannes 'josch' Schauer	b2ea7b230f	remove no-op if statement	2020-11-28 00:45:54 +01:00
Johannes 'josch' Schauer	1e7e002eb1	print explicit info message about installing essential packages	2020-11-28 00:45:32 +01:00
Johannes 'josch' Schauer	ad56754a2a	pkgs_to_install might contain duplicates when multiple suites are used -- avoid that by using a hash instead of an array	2020-11-15 22:58:26 +01:00
Johannes 'josch' Schauer	0c990abc48	coverage.sh: only consider non-POD parts for maximum line length check	2020-11-15 11:30:04 +01:00
Johannes 'josch' Schauer	534798dbd2	add example for how to use a cache directory	2020-11-15 11:27:51 +01:00
Johannes 'josch' Schauer	12b26a8817	use /usr/share/distro-info/debian.csv to figure out the security mirror for bullseye and beyond	2020-11-15 10:14:03 +01:00
Johannes 'josch' Schauer	9d32dee3f5	if a suite name was specified, use the matching apt index to figure out the package set to install	2020-11-14 23:25:07 +01:00
Johannes 'josch' Schauer	21a26b5dac	pass verbosity to hook-listener	2020-11-13 22:37:53 +01:00
Johannes 'josch' Schauer	e71487af5e	improve hook-helper and hook-listener debug output	2020-11-13 22:36:58 +01:00
Johannes 'josch' Schauer	bf87e83bdb	make it possible to seed /var/cache/apt/archives with deb packages	2020-11-13 19:02:41 +01:00
Johannes 'josch' Schauer	50d8d5edae	check whether dpkg, apt and others are installed (closes: #18 )	2020-11-12 22:36:10 +01:00
Johannes 'josch' Schauer	0a985948cf	create temporary test ext2 image in TMPDIR and not in CWD	2020-11-12 15:49:10 +01:00
Johannes 'josch' Schauer	1000a033e8	release 0.7.1	2020-09-18 13:43:42 +02:00
Johannes 'josch' Schauer	259a188e06	fix typo: 3030 -> 2020 (thanks Trent W. Buck!)	2020-09-02 22:58:50 +02:00
Johannes 'josch' Schauer	65e40c8c34	redirect stderr of dpkg --version to /dev/null to prevent error output if dpkg is too old (thanks Trent W. Buck!)	2020-09-02 22:58:20 +02:00
Johannes 'josch' Schauer	58925dc493	add two more debug messages	2020-08-28 14:36:14 +02:00
Johannes 'josch' Schauer	400b51ad7b	release 0.7.0	2020-08-27 20:52:47 +02:00
Johannes 'josch' Schauer	3713735240	document non-functional --variant=standard due to bug #968217	2020-08-25 18:08:35 +02:00
Johannes 'josch' Schauer	7c752fa8a0	print elapsed time after successful run	2020-08-25 18:08:31 +02:00
Johannes 'josch' Schauer	74725ac451	coverage.sh: test eatmydata and merged-usr hooks	2020-08-25 16:05:10 +02:00
Johannes 'josch' Schauer	465c056434	no longer needs to install twice when --depkgopt=path-exclude is given by filtering the tarball with new tarfilter utility	2020-08-25 13:02:33 +02:00
Johannes 'josch' Schauer	8f09c3e02f	unless in chrootless mode, omitting stuff in /var/lib/dpkg does not depend on the dpkg version outside, but on the version inside the chroot (and we don't know that one yet)	2020-08-24 18:45:22 +02:00
Johannes 'josch' Schauer	dd64e8220d	use distro-info-data and debootstrap to help with suite name and keyring discovery	2020-08-24 18:45:22 +02:00
Johannes 'josch' Schauer	87d383d754	replace -t STDERR with a common function that explains the 'no critic' annotation	2020-08-24 18:45:18 +02:00
Johannes 'josch' Schauer	307cbf5a41	prefix certain progress bars with what is being done (closes: #16 )	2020-08-18 14:31:38 +02:00
Johannes 'josch' Schauer	df18304449	add a new pipe to communicate the number of blocks to the parent instead of abusing the hookhelper/listener	2020-08-18 12:08:55 +02:00
Johannes 'josch' Schauer	a5ea38cbad	fix docs: there are four hooks, not three	2020-08-18 09:38:22 +02:00
Johannes 'josch' Schauer	0451d5f004	do not suggest using --dpkgopt=force-unsafe-io because it barely brings any speedups, see Debian bug #613428	2020-08-18 09:37:53 +02:00
Johannes 'josch' Schauer	614ef0e43d	make it clear that --aptopt and --dpkgopt add their content permamently	2020-08-18 09:37:08 +02:00
Johannes 'josch' Schauer	23fb2055e4	fix error message to specify the right command	2020-08-18 09:36:27 +02:00
Johannes 'josch' Schauer	501e29fdeb	fix closedir calls	2020-08-18 09:35:56 +02:00
Johannes 'josch' Schauer	12f41ad33f	fix syntax for perltidy	2020-08-17 18:57:36 +02:00
Johannes 'josch' Schauer	075645289f	add --hook-directory option and a directory with hooks	2020-08-16 00:50:46 +02:00
Johannes 'josch' Schauer	e2a759967f	put hook listener into its own function and expose it to the CLI via --hook-listener	2020-08-15 22:36:13 +02:00
Johannes 'josch' Schauer	c2c270390b	implement dpkg-realpath in perl so that we don't need to run tar inside the chroot anymore for modes other than fakechroot and proot	2020-08-15 18:29:17 +02:00
Johannes 'josch' Schauer	dc67c1f4be	if we got dpkg >= 1.20.0, then we don't have to create certain files and directories ourselves	2020-08-15 18:09:06 +02:00
Johannes 'josch' Schauer	904274b9f4	adjust genext2fs (>= 1.5.0) interface	2020-07-09 07:34:03 +02:00
Johannes 'josch' Schauer	112c0a5a6d	add documentation about --{setup,extract,essential,customize}-hooks and --skip option, making them an official interface	2020-06-23 23:14:37 +02:00
Johannes 'josch' Schauer	40b6155967	add another --dpkgopt example	2020-06-23 23:12:16 +02:00
Johannes 'josch' Schauer	4d041140d5	instead of 'du' we use File::Find to avoid different results on different filesystems, see https://bugs.debian.org/650077 for a discussion	2020-06-23 22:45:17 +02:00
Johannes 'josch' Schauer	655857e525	don't use apt sandboxing in fakechroot or proot modes	2020-06-08 15:45:22 +02:00
Johannes 'josch' Schauer	af13116336	do not hide errors even with --quiet This change also fixes the problem that when --quiet is given, an error will never lead to a non-zero exit status because the error function returns before it runs die()	2020-05-10 13:36:54 +02:00
Johannes 'josch' Schauer	dc9a5dc281	document how to use mmdebstrap as a debootstrap wrapper	2020-05-03 17:19:03 +02:00
Johannes 'josch' Schauer	fa12e4f488	create /tmp with chmod 01777	2020-05-03 17:18:34 +02:00
Johannes 'josch' Schauer	b60893aa83	add --skip=output/dev	2020-05-03 15:06:41 +02:00
Johannes 'josch' Schauer	e1d0a17751	return immediately if nothing to do in download, extract and essential stages	2020-05-03 15:06:24 +02:00
Johannes 'josch' Schauer	ccae6de410	fix message 'failed to start' -> 'failed to run'	2020-05-02 23:55:34 +02:00
Johannes 'josch' Schauer	be2bb0bb7e	do not emit a tarball with xattrs for squashfs and ext2 output because tar2sqfs and genext2fs do not support extended attributes	2020-05-02 23:55:05 +02:00
Johannes 'josch' Schauer	da88c56b9f	warn if chrootless mode is run by the root user	2020-05-02 23:54:04 +02:00
Johannes 'josch' Schauer	6af46f0b4a	fix typo squasfs -> squashfs	2020-05-02 23:53:41 +02:00
Johannes 'josch' Schauer	08319f6c77	Return the same block number irrespective of what is in /dev Depending on the mode an on whether mknod works (mount options of $TMPDIR) different stuff might be in /dev. To make the blocksize in of the ext2 output format reproducible, ignore the content of /dev.	2020-05-02 23:51:58 +02:00
Johannes 'josch' Schauer	af5841269c	always check if _apt user can access /var/lib/apt/lists/partial	2020-05-02 23:51:33 +02:00
Johannes 'josch' Schauer	af4e77903b	add instructions how to convert from ext2 to ext3 and ext4	2020-05-02 00:12:31 +02:00
Johannes 'josch' Schauer	3b67de6d31	add note about the dangers of chrootless mode	2020-05-02 00:12:31 +02:00
Johannes 'josch' Schauer	5cf209996e	format mmdebstrap bold in POD	2020-05-02 00:12:31 +02:00
Johannes 'josch' Schauer	4ea784c1bc	add --skip check/empty	2020-05-02 00:12:26 +02:00
Johannes 'josch' Schauer	1b380e4513	add --skip check/qemu	2020-05-01 07:39:26 +02:00
Helmut Grohne	d7f7f8cb34	skip the emulation check in chrootless mode Whenever the selected architecture differs from the native architecture of the system that runs mmdebstrap, mmdebstrap checks whether it can run the selected architecture. In the majority of cases, this is good and helps avoid difficult to diagnose issues. However when running in chrootless mode, we don't actually want to run any binaries from the target system. For that reason, the emulation check should be skipped in chrootless mode.	2020-04-14 18:25:55 +02:00
Johannes 'josch' Schauer	9717faef59	refer to MODES section in docs for directory format	2020-04-12 09:11:35 +02:00
Johannes 'josch' Schauer	2678ccaf38	mention missing TARGET in docs for auto format	2020-04-12 09:11:21 +02:00
Johannes 'josch' Schauer	2ce9555dc5	expand docs for unshare mode	2020-04-12 09:10:30 +02:00
Johannes 'josch' Schauer	a0c097a6fa	TARGET must be italic not bold	2020-04-11 23:10:13 +02:00
Johannes 'josch' Schauer	f1a952d468	explicitly inform the user why apt-transport-https or apt-transport-tor are getting installed	2020-04-10 12:55:52 +02:00
Johannes 'josch' Schauer	9195972bef	dump contents of /etc/apt/apt.conf.d/99mmdebstrap and /etc/dpkg/dpkg.cfg.d/99mmdebstrap in debug mode	2020-04-10 12:55:31 +02:00
Johannes 'josch' Schauer	f6214e343f	add debug output of which command is run in run_progress()	2020-04-10 12:55:02 +02:00
Johannes 'josch' Schauer	ab5d5777d5	check whether qemu-$arch-static exists early	2020-04-10 12:26:42 +02:00
Johannes 'josch' Schauer	f50ca9bf6d	also warn if /usr/sbin/update-binfmts has non-zero exit	2020-04-10 12:26:14 +02:00
Johannes 'josch' Schauer	df1827d991	check if /usr/sbin/update-binfmts exists	2020-04-10 12:26:00 +02:00
Johannes 'josch' Schauer	a0c393f256	fix /proc/mounts regex to find binfmt_misc	2020-04-10 12:25:45 +02:00
Johannes 'josch' Schauer	d26f5de912	check whether arch-test exists	2020-04-10 12:25:24 +02:00
Johannes 'josch' Schauer	46f477f339	add --skip option	2020-04-10 00:00:36 +02:00
Johannes 'josch' Schauer	1076e9a78d	split up setup() into multiple functions	2020-04-10 00:00:02 +02:00
Johannes 'josch' Schauer	895c388ede	add --format option and ext2 image output	2020-04-09 20:40:23 +02:00
Johannes 'josch' Schauer	15d6f5528b	also print apt-get --version output with --debug	2020-04-09 18:40:23 +02:00
Johannes 'josch' Schauer	8d04ffee64	unset APT_CONFIG env var when running hook	2020-04-09 18:40:23 +02:00
Johannes 'josch' Schauer	d29bdafb89	add workaround for dpkg bug to docs	2020-04-09 18:40:23 +02:00
Johannes 'josch' Schauer	323a353548	output tarball if output is named pipe or character special	2020-04-09 18:40:23 +02:00
Johannes 'josch' Schauer	412039bd66	commit `de8b6a45` forgot to also run re-install with /proc, /dev and /sys mounted	2020-04-09 18:40:22 +02:00
Johannes 'josch' Schauer	02ed5e33f8	add --extract-hook	2020-04-09 18:40:18 +02:00
Johannes 'josch' Schauer	5fae5e83f9	release 0.6.1	2020-03-08 23:21:16 +01:00
Johannes 'josch' Schauer	e1008006fc	add stub for future ext2 image support	2020-03-07 23:43:29 +01:00
Johannes 'josch' Schauer	773249a0ca	document limitation of missing /etc/ld.so.cache when using fakechroot	2020-03-07 23:42:41 +01:00
Johannes 'josch' Schauer	7bad5fb1e6	in unshare mode, the unshared process might not have enough permissions to rmdir root directory -- try again as normal user	2020-03-07 23:42:19 +01:00
Johannes 'josch' Schauer	3922851636	use Dpkg::Vendor::Debian and Dpkg::Vendor::Ubuntu for keyring locations, if they are available	2020-03-07 23:41:28 +01:00
Johannes 'josch' Schauer	89e7dd6756	store temporary files in /tmp inside the rootfs to avoid problems in unshare mode and TMPDIR set	2020-03-07 23:40:55 +01:00
Johannes 'josch' Schauer	b9db466a26	add note about usage of /usr/sbin/policy-rc.d	2020-03-07 23:39:53 +01:00
Johannes 'josch' Schauer	ff9b6509fb	add more usage examples	2020-03-07 02:25:55 +01:00
Johannes 'josch' Schauer	6c6378a6e0	emit more warnings about setting kernel.unprivileged_userns_clone to 1	2020-03-07 02:13:53 +01:00
Johannes 'josch' Schauer	48914894cb	dump temporary apt.conf with --debug	2020-03-07 02:13:26 +01:00
Johannes 'josch' Schauer	1ff5ba7e9e	set APT::Immediate-Configure to false in dry-run mode	2020-03-07 02:12:21 +01:00
Johannes 'josch' Schauer	3e50d09b43	create temporary apt.conf inside chroot because unshared process might not have permissions to write into TMPDIR	2020-03-07 02:11:35 +01:00
Johannes 'josch' Schauer	9918809a65	add another example about how to use mmdebstrap to make a bootable live system	2020-03-07 02:07:10 +01:00
Johannes 'josch' Schauer	bd84829595	unset TMPDIR environment variable for everything running inside the chroot	2020-03-07 02:06:11 +01:00
Johannes 'josch' Schauer	5bf8c3fcf9	add sync, umount and shutdown to guestfish calls	2020-03-04 13:29:07 +01:00
Johannes 'josch' Schauer	c4a47947ab	mount /sys and /proc as read-only in root mode	2020-01-24 10:14:10 +01:00
Johannes 'josch' Schauer	d503e4fd96	put fh variables into their own scope	2020-01-22 23:31:00 +01:00
Johannes 'josch' Schauer	62159d124a	support deb822-style format apt sources	2020-01-22 23:30:28 +01:00
Johannes 'josch' Schauer	1579d06380	use tempdir(..., TMPDIR => 1) instead of tempdir(..., DIR => File::Spec->tmpdir)	2020-01-22 00:30:12 +01:00
Johannes 'josch' Schauer	ae15fe3d9f	convert gpg keyring processing to less nesting and abort earlier if possible	2020-01-22 00:29:38 +01:00
Johannes 'josch' Schauer	c26ec4d6fc	instead of hardcoding /etc/apt/trusted.gpg, read it from apt-config shell	2020-01-22 00:28:48 +01:00
Johannes 'josch' Schauer	efaea907e9	run apt-cache policy instead of dumping sources.list	2020-01-22 00:28:22 +01:00
Johannes 'josch' Schauer	c45e7d9baf	print warning if apt trusted cannot be read	2020-01-22 00:27:57 +01:00
Johannes 'josch' Schauer	75428e37dd	assign the absolute key path and not the relative one	2020-01-21 13:38:53 +01:00
Johannes 'josch' Schauer	64fedc530e	Restore deterministic tar with pax and xattr support - all creating and extraction of tarballs respects extended attributes - extended attributes require pax format, so explicitly request the format - to make pax bit-by-bit reproducible, ctime, atime and PID have to be removed from the headers with: --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime - always pass --numeric-owner to tar - always pass --xattrs when creating a tar - always pass --xattrs --xattrs-include=* when extracting a tar	2020-01-21 13:24:49 +01:00
Johannes 'josch' Schauer	a1df1a9730	fix docs: default variant is 'debootstrap' and not 'required'	2020-01-21 13:17:31 +01:00
Johannes 'josch' Schauer	bef4c890d8	if /etc/machine-id exists, replace by an empty file	2020-01-21 13:13:58 +01:00
Johannes 'josch' Schauer	9eaacca795	dump apt config with verbosity level >= 3	2020-01-21 13:12:44 +01:00
Johannes 'josch' Schauer	6455cda34b	release 0.6.0	2020-01-19 22:24:32 +01:00
Johannes 'josch' Schauer	c33ded3539	improve differences to debootstrap docs a bit more	2020-01-19 22:22:50 +01:00
Johannes 'josch' Schauer	98c8c573de	coverage.sh: test taridshift	2020-01-18 23:13:10 +01:00
Johannes 'josch' Schauer	30ec192c50	some improvements to the docs	2020-01-16 18:03:13 +01:00
Johannes 'josch' Schauer	6e829ca066	send error package when anything goes wrong in special hook handling	2020-01-16 12:02:11 +01:00
Johannes 'josch' Schauer	7d152ec7e0	add sync-in and sync-out hooks	2020-01-16 10:38:14 +01:00
Johannes 'josch' Schauer	7852a33d01	don't forget chrootless in the list of mode names	2020-01-10 12:05:01 +01:00
Johannes 'josch' Schauer	2cb6438454	add --dry-run and --simulate	2020-01-10 11:44:15 +01:00
Johannes 'josch' Schauer	9441184bf1	reformat some code to keep opening curly brace on the right	2020-01-10 09:29:34 +01:00
Johannes 'josch' Schauer	f867384c20	coverage.sh: test with perlcritic	2020-01-09 08:39:40 +01:00
Johannes 'josch' Schauer	4ba82a41cf	format code with perltidy	2020-01-08 17:46:41 +01:00
Johannes 'josch' Schauer	bba8922243	reformat code that would exceed 79 character width even after perltidy	2020-01-08 17:41:46 +01:00
Johannes 'josch' Schauer	6abbb3ebd9	wrap POD to 79 characters width	2020-01-08 17:19:30 +01:00
Johannes 'josch' Schauer	2782d14348	rewrite comments so that they fit into 79 characters	2020-01-08 17:07:17 +01:00
Johannes 'josch' Schauer	27bd6df320	add vim modeline	2020-01-08 16:22:51 +01:00
Johannes 'josch' Schauer	b10177cb6e	use spaces instead of tabs	2020-01-08 15:41:49 +01:00
Johannes 'josch' Schauer	6d3a824b45	disable Devel::Cover before exec-ing external tools to avoid massive slowdowns	2020-01-08 15:40:42 +01:00
Johannes 'josch' Schauer	4fed488c35	when re-execing itself, keep Devel::Cover options	2020-01-08 15:33:49 +01:00
Johannes 'josch' Schauer	dbdf3f34c6	add support for generating squashfs images using tar2sqfs	2020-01-07 17:40:13 +01:00
Johannes 'josch' Schauer	c6944d0b8f	cleanup leftovers in /tmp inside the chroot	2020-01-06 12:44:49 +01:00
Johannes 'josch' Schauer	61db086921	also clean package lists and apt cache from sources.d directory	2020-01-06 12:44:29 +01:00
Johannes 'josch' Schauer	327c0e83ca	further document prerequisites and limitations of different modes	2020-01-04 01:10:46 +01:00
Johannes 'josch' Schauer	ecd5c7a662	fixup warning message	2020-01-04 01:09:59 +01:00
Johannes 'josch' Schauer	8abb93633c	warn that creating tarball might also fail in proot mode for extract and custom variants	2020-01-04 00:59:22 +01:00
Johannes 'josch' Schauer	05e796cd95	add missing error handlers for fork() and open() calls	2020-01-04 00:39:00 +01:00
Johannes 'josch' Schauer	ed0b5069ce	on debug level verbosity, also print the line number	2020-01-04 00:37:49 +01:00
Johannes 'josch' Schauer	c8f79cf4b5	document that --xattrs --xattrs-include='*' is needed when extracting a tarball	2020-01-03 16:05:28 +01:00
Benjamin Drung	1dbb576c99	Preserve extended attributes in tarball When specifying a tarball as output format, the extended attributes are lost. This leads to programs like ping fail to run as normal user. Therefore preserve the extended attributes when generating the tarball. Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>	2019-12-10 17:38:36 +01:00
Johannes 'josch' Schauer	868081727e	add special hooks copy-in, copy-out, tar-in, tar-out, upload and download	2019-12-09 10:40:51 +01:00
Johannes 'josch' Schauer	e6d5d74d87	--keyring now overwrites the default apt keyring - apt can only handle one directory and one file as keyring - the signed-by option is used to specify the keyrings for suites that are not known by apt	2019-12-03 10:16:43 +01:00
Johannes 'josch' Schauer	db1e7f27ad	add oldoldstable and jessie	2019-12-03 00:05:56 +01:00
Johannes 'josch' Schauer	2de2eb6a8c	add space between negation operator and test operator	2019-12-02 23:59:43 +01:00
Johannes 'josch' Schauer	394731102a	before unmounting /proc, check if /proc/sys/fs/binfmt_misc is mounted	2019-12-02 23:54:48 +01:00
Johannes 'josch' Schauer	d262d67877	Fix parallel xz compression... hopefully for the last time...	2019-12-02 21:17:45 +01:00
Johannes 'josch' Schauer	9f2ea61265	Fix parallel xz compression	2019-11-29 08:51:45 +01:00
Johannes 'josch' Schauer	aad36777e8	add --man option and reduce output of --help option Printing the full man page requires the perl-doc package. To avoid this dependency, print the less verbose output containing only the synopsis and the option list for the --help option and print the full output (requiring perldoc) for the --man option.	2019-11-29 08:45:13 +01:00
Johannes 'josch' Schauer	de8b6a457d	also run initial installation of Essential:yes with /proc, /dev and /sys mounted In Debian Jessie, init is part of Essential:yes and thus systemd gets installed which needs working /proc, /dev and /sys	2019-11-29 08:18:35 +01:00
Johannes 'josch' Schauer	3a1d5413e2	also remove /var/log/apt/eipp.log.xz	2019-11-29 07:48:44 +01:00
Johannes 'josch' Schauer	f5afbfaab0	don't let make_path fail if directory already existed	2019-11-21 22:56:59 +01:00
Benjamin Drung	4b82a664da	Use parallel xz compression One of mmdebstrap benefits over deboostrap is that it is faster. Creating a xz tarball as output will take a lot of time, since xz consumes a lot of compute power and tar uses only one core. Therefore use parallel xz compression since xz supports it using the -T parameter. Closes: #943327 Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>	2019-11-13 12:02:42 +01:00
Johannes 'josch' Schauer	bc423e6ab6	Add disclaimer of warranty and limitation of liability	2019-11-13 11:53:30 +01:00
Johannes 'josch' Schauer	a2cd0e9843	add --keyring option as a shorthand for --aptopt='Dir::Etc::Trusted...	2019-10-28 16:29:38 +01:00
Johannes 'josch' Schauer	6cac8e70e8	allow multiple --include options and use array instead of hash Package order is important when calling apt. Consider this dependency graph: A -> B -> C \| D , E -> D \| C "apt install A E" it will install "A B C E" "apt install E A" it will install "E D A B"	2019-10-28 15:35:36 +01:00
Johannes 'josch' Schauer	e12db588bd	add debug output for unknown data type	2019-10-28 14:53:03 +01:00
Johannes 'josch' Schauer	da4f9e4349	check whether /sbin/start-stop-daemon.REAL exists before overwriting it	2019-10-28 14:52:21 +01:00
Johannes 'josch' Schauer	daab09bfdd	only write /usr/sbin/policy-rc.d if /usr/sbin exists in the chroot	2019-10-28 14:51:49 +01:00
Johannes 'josch' Schauer	e0732140c0	make hooks work in chrootless mode	2019-10-28 14:27:37 +01:00
Johannes 'josch' Schauer	d36ba6b371	allow multiple --architecture options and separation by whitespace	2019-10-27 22:16:23 +01:00
Johannes 'josch' Schauer	7eb0851c59	only remove policy-rc.d if it exists	2019-10-23 14:00:55 +02:00
Johannes 'josch' Schauer	1f15f690e7	release 0.5.1	2019-10-19 23:26:10 +02:00

... 3 4 5 6 7 ...

624 commits