|
|
|
@ -23,7 +23,7 @@
|
|
|
|
|
use strict;
|
|
|
|
|
use warnings;
|
|
|
|
|
|
|
|
|
|
our $VERSION = '0.8.2';
|
|
|
|
|
our $VERSION = '0.8.3';
|
|
|
|
|
|
|
|
|
|
use English;
|
|
|
|
|
use Getopt::Long;
|
|
|
|
@ -102,7 +102,13 @@ my @devfiles = (
|
|
|
|
|
# 3 -> debug output
|
|
|
|
|
my $verbosity_level = 1;
|
|
|
|
|
|
|
|
|
|
my $is_covering = !!(eval { Devel::Cover::get_coverage() });
|
|
|
|
|
my $is_covering = 0;
|
|
|
|
|
{
|
|
|
|
|
# make $@ local, so we don't print "Undefined subroutine called"
|
|
|
|
|
# in other parts where we evaluate $@
|
|
|
|
|
local $@ = '';
|
|
|
|
|
$is_covering = !!(eval { Devel::Cover::get_coverage() });
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# the reason why Perl::Critic warns about this is, that it suspects that the
|
|
|
|
|
# programmer wants to implement a test whether the terminal is interactive or
|
|
|
|
@ -1657,7 +1663,7 @@ sub run_setup() {
|
|
|
|
|
# from inside the chroot.
|
|
|
|
|
# The config filename is chosen such that any settings in it will be
|
|
|
|
|
# overridden by what the user specified with --aptopt.
|
|
|
|
|
{
|
|
|
|
|
if (!-e "$options->{root}/etc/apt/apt.conf.d/00mmdebstrap") {
|
|
|
|
|
open my $fh, '>', "$options->{root}/etc/apt/apt.conf.d/00mmdebstrap"
|
|
|
|
|
or error "cannot open /etc/apt/apt.conf.d/00mmdebstrap: $!";
|
|
|
|
|
print $fh "Apt::Install-Recommends false;\n";
|
|
|
|
@ -1666,7 +1672,7 @@ sub run_setup() {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# apt-get update requires this
|
|
|
|
|
{
|
|
|
|
|
if (!-e "$options->{root}/var/lib/dpkg/status") {
|
|
|
|
|
open my $fh, '>', "$options->{root}/var/lib/dpkg/status"
|
|
|
|
|
or error "failed to open(): $!";
|
|
|
|
|
close $fh;
|
|
|
|
@ -1678,9 +1684,11 @@ sub run_setup() {
|
|
|
|
|
# architecture outside the chroot.
|
|
|
|
|
chomp(my $hostarch = `dpkg --print-architecture`);
|
|
|
|
|
if (
|
|
|
|
|
scalar @{ $options->{foreignarchs} } > 0
|
|
|
|
|
or ( $options->{mode} eq 'chrootless'
|
|
|
|
|
and $hostarch ne $options->{nativearch})
|
|
|
|
|
(!-e "$options->{root}/var/lib/dpkg/arch")
|
|
|
|
|
and (
|
|
|
|
|
scalar @{ $options->{foreignarchs} } > 0
|
|
|
|
|
or ( $options->{mode} eq 'chrootless'
|
|
|
|
|
and $hostarch ne $options->{nativearch}))
|
|
|
|
|
) {
|
|
|
|
|
open my $fh, '>', "$options->{root}/var/lib/dpkg/arch"
|
|
|
|
|
or error "cannot open /var/lib/dpkg/arch: $!";
|
|
|
|
@ -1691,7 +1699,8 @@ sub run_setup() {
|
|
|
|
|
close $fh;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (scalar @{ $options->{aptopts} } > 0) {
|
|
|
|
|
if (scalar @{ $options->{aptopts} } > 0
|
|
|
|
|
and (!-e "$options->{root}/etc/apt/apt.conf.d/99mmdebstrap")) {
|
|
|
|
|
open my $fh, '>', "$options->{root}/etc/apt/apt.conf.d/99mmdebstrap"
|
|
|
|
|
or error "cannot open /etc/apt/apt.conf.d/99mmdebstrap: $!";
|
|
|
|
|
foreach my $opt (@{ $options->{aptopts} }) {
|
|
|
|
@ -1717,7 +1726,8 @@ sub run_setup() {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (scalar @{ $options->{dpkgopts} } > 0) {
|
|
|
|
|
if (scalar @{ $options->{dpkgopts} } > 0
|
|
|
|
|
and (!-e "$options->{root}/etc/dpkg/dpkg.cfg.d/99mmdebstrap")) {
|
|
|
|
|
# FIXME: in chrootless mode, dpkg will only read the configuration
|
|
|
|
|
# from the host -- see #808203
|
|
|
|
|
if ($options->{mode} eq 'chrootless') {
|
|
|
|
@ -1747,7 +1757,7 @@ sub run_setup() {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
if (!-e "$options->{root}/etc/fstab") {
|
|
|
|
|
open my $fh, '>', "$options->{root}/etc/fstab"
|
|
|
|
|
or error "cannot open fstab: $!";
|
|
|
|
|
print $fh "# UNCONFIGURED FSTAB FOR BASE SYSTEM\n";
|
|
|
|
@ -1787,9 +1797,11 @@ sub run_setup() {
|
|
|
|
|
$fname .= 'main.sources';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
open my $fh, '>', "$fname" or error "cannot open $fname: $!";
|
|
|
|
|
print $fh $firstentry->{content};
|
|
|
|
|
close $fh;
|
|
|
|
|
if (!-e $fname) {
|
|
|
|
|
open my $fh, '>', "$fname" or error "cannot open $fname: $!";
|
|
|
|
|
print $fh $firstentry->{content};
|
|
|
|
|
close $fh;
|
|
|
|
|
}
|
|
|
|
|
# everything else goes into /etc/apt/sources.list.d/
|
|
|
|
|
for (my $i = 1 ; $i < scalar @{ $options->{sourceslists} } ; $i++) {
|
|
|
|
|
my $entry = $options->{sourceslists}->[$i];
|
|
|
|
@ -1816,15 +1828,17 @@ sub run_setup() {
|
|
|
|
|
error "invalid type: $entry->{type}";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
open my $fh, '>', "$fname" or error "cannot open $fname: $!";
|
|
|
|
|
print $fh $entry->{content};
|
|
|
|
|
close $fh;
|
|
|
|
|
if (!-e $fname) {
|
|
|
|
|
open my $fh, '>', "$fname" or error "cannot open $fname: $!";
|
|
|
|
|
print $fh $entry->{content};
|
|
|
|
|
close $fh;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# allow network access from within
|
|
|
|
|
foreach my $file ("/etc/resolv.conf", "/etc/hostname") {
|
|
|
|
|
if (-e $file) {
|
|
|
|
|
if (-e $file && !-e "$options->{root}/$file") {
|
|
|
|
|
# this will create a new file with 644 permissions and copy
|
|
|
|
|
# contents only even if $file was a symlink
|
|
|
|
|
copy($file, "$options->{root}/$file")
|
|
|
|
@ -1945,15 +1959,6 @@ sub run_setup() {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# setting PATH for chroot, ldconfig, start-stop-daemon...
|
|
|
|
|
if (length $ENV{PATH}) {
|
|
|
|
|
## no critic (Variables::RequireLocalizedPunctuationVars)
|
|
|
|
|
$ENV{PATH} = "$ENV{PATH}:/usr/sbin:/usr/bin:/sbin:/bin";
|
|
|
|
|
} else {
|
|
|
|
|
## no critic (Variables::RequireLocalizedPunctuationVars)
|
|
|
|
|
$ENV{PATH} = "/usr/sbin:/usr/bin:/sbin:/bin";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -2150,7 +2155,10 @@ sub run_download() {
|
|
|
|
|
'?narrow('
|
|
|
|
|
. (
|
|
|
|
|
length($options->{suite})
|
|
|
|
|
? '?archive(' . $options->{suite} . '),'
|
|
|
|
|
? '?or(?archive(^'
|
|
|
|
|
. $options->{suite}
|
|
|
|
|
. '$),?codename(^'
|
|
|
|
|
. $options->{suite} . '$)),'
|
|
|
|
|
: ''
|
|
|
|
|
)
|
|
|
|
|
. '?architecture('
|
|
|
|
@ -2506,19 +2514,41 @@ sub run_prepare {
|
|
|
|
|
$ENV{QEMU_LD_PREFIX} = $options->{root};
|
|
|
|
|
}
|
|
|
|
|
} elsif (any { $_ eq $options->{mode} } ('root', 'unshare')) {
|
|
|
|
|
# other modes require a static qemu-user binary
|
|
|
|
|
my $qemubin = "/usr/bin/qemu-$options->{qemu}-static";
|
|
|
|
|
if (!-e $qemubin) {
|
|
|
|
|
error "cannot find $qemubin";
|
|
|
|
|
my $require_qemu_static = 1;
|
|
|
|
|
# make $@ local, so we don't print an eventual error
|
|
|
|
|
# in other parts where we evaluate $@
|
|
|
|
|
local $@ = '';
|
|
|
|
|
eval {
|
|
|
|
|
# Check for the F flag which makes the kernel open the binfmt
|
|
|
|
|
# binary at configuration time instead of lazily at startup
|
|
|
|
|
# time. If the flag is set, then the qemu-static binary is not
|
|
|
|
|
# required inside the chroot.
|
|
|
|
|
open my $fh, '<',
|
|
|
|
|
"/proc/sys/fs/binfmt_misc/qemu-$options->{qemu}";
|
|
|
|
|
while (my $line = <$fh>) {
|
|
|
|
|
chomp($line);
|
|
|
|
|
if ($line =~ /^flags: [A-Z]*F[A-Z]*$/) {
|
|
|
|
|
$require_qemu_static = 0;
|
|
|
|
|
last;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
close $fh;
|
|
|
|
|
};
|
|
|
|
|
if ($require_qemu_static) {
|
|
|
|
|
# other modes require a static qemu-user binary
|
|
|
|
|
my $qemubin = "/usr/bin/qemu-$options->{qemu}-static";
|
|
|
|
|
if (!-e $qemubin) {
|
|
|
|
|
error "cannot find $qemubin";
|
|
|
|
|
}
|
|
|
|
|
copy $qemubin, "$options->{root}/$qemubin"
|
|
|
|
|
or error "cannot copy $qemubin: $!";
|
|
|
|
|
# File::Copy does not retain permissions but on some
|
|
|
|
|
# platforms (like Travis CI) the binfmt interpreter must
|
|
|
|
|
# have the executable bit set or otherwise execve will
|
|
|
|
|
# fail with EACCES
|
|
|
|
|
chmod 0755, "$options->{root}/$qemubin"
|
|
|
|
|
or error "cannot chmod $qemubin: $!";
|
|
|
|
|
}
|
|
|
|
|
copy $qemubin, "$options->{root}/$qemubin"
|
|
|
|
|
or error "cannot copy $qemubin: $!";
|
|
|
|
|
# File::Copy does not retain permissions but on some
|
|
|
|
|
# platforms (like Travis CI) the binfmt interpreter must
|
|
|
|
|
# have the executable bit set or otherwise execve will
|
|
|
|
|
# fail with EACCES
|
|
|
|
|
chmod 0755, "$options->{root}/$qemubin"
|
|
|
|
|
or error "cannot chmod $qemubin: $!";
|
|
|
|
|
} else {
|
|
|
|
|
error "unknown mode: $options->{mode}";
|
|
|
|
|
}
|
|
|
|
@ -2704,7 +2734,10 @@ sub run_install() {
|
|
|
|
|
"?narrow("
|
|
|
|
|
. (
|
|
|
|
|
length($options->{suite})
|
|
|
|
|
? '?archive(' . $options->{suite} . '),'
|
|
|
|
|
? '?or(?archive(^'
|
|
|
|
|
. $options->{suite}
|
|
|
|
|
. '$),?codename(^'
|
|
|
|
|
. $options->{suite} . '$)),'
|
|
|
|
|
: ''
|
|
|
|
|
)
|
|
|
|
|
. "?architecture($options->{nativearch}),"
|
|
|
|
@ -2864,8 +2897,11 @@ sub run_cleanup() {
|
|
|
|
|
or error "failed to unlink $ENV{APT_CONFIG}: $!";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (defined $options->{qemu}
|
|
|
|
|
and any { $_ eq $options->{mode} } ('root', 'unshare')) {
|
|
|
|
|
if (any { $_ eq 'cleanup/mmdebstrap/qemu' } @{ $options->{skip} }) {
|
|
|
|
|
info "skipping cleanup/mmdebstrap/qume as requested";
|
|
|
|
|
} elsif (defined $options->{qemu}
|
|
|
|
|
and any { $_ eq $options->{mode} } ('root', 'unshare')
|
|
|
|
|
and -e "$options->{root}/usr/bin/qemu-$options->{qemu}-static") {
|
|
|
|
|
unlink "$options->{root}/usr/bin/qemu-$options->{qemu}-static"
|
|
|
|
|
or error
|
|
|
|
|
"cannot unlink /usr/bin/qemu-$options->{qemu}-static: $!";
|
|
|
|
@ -3915,19 +3951,25 @@ sub get_sourceslist_by_suite {
|
|
|
|
|
# the security mirror changes, starting with bullseye
|
|
|
|
|
# https://lists.debian.org/87r26wqr2a.fsf@43-1.org
|
|
|
|
|
my $bullseye_or_later = 0;
|
|
|
|
|
my $distro_info = '/usr/share/distro-info/debian.csv';
|
|
|
|
|
if (
|
|
|
|
|
any { $_ eq $suite }
|
|
|
|
|
('stable', 'bullseye', 'bookworm', 'trixie')
|
|
|
|
|
) {
|
|
|
|
|
$bullseye_or_later = 1;
|
|
|
|
|
}
|
|
|
|
|
my $distro_info = '/usr/share/distro-info/debian.csv';
|
|
|
|
|
# make $@ local, so we don't print "Can't locate Debian/DistroInfo.pm"
|
|
|
|
|
# in other parts where we evaluate $@
|
|
|
|
|
local $@ = '';
|
|
|
|
|
eval { require Debian::DistroInfo; };
|
|
|
|
|
if (!$@) {
|
|
|
|
|
# libdistro-info-perl is installed
|
|
|
|
|
debug "libdistro-info-perl is installed";
|
|
|
|
|
my $debinfo = DebianDistroInfo->new();
|
|
|
|
|
if ($debinfo->version($suite, 0) >= 11) {
|
|
|
|
|
$bullseye_or_later = 1;
|
|
|
|
|
}
|
|
|
|
|
} elsif (-f $distro_info) {
|
|
|
|
|
# distro-info-data is installed
|
|
|
|
|
debug "distro-info-data is installed";
|
|
|
|
|
open my $fh, '<', $distro_info
|
|
|
|
|
or error "cannot open $distro_info: $!";
|
|
|
|
|
my $i = 0;
|
|
|
|
@ -3974,13 +4016,7 @@ sub get_sourceslist_by_suite {
|
|
|
|
|
$bullseye_or_later = 1;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
# neither libdistro-info-perl nor distro-info-data is installed
|
|
|
|
|
if (
|
|
|
|
|
any { $_ eq $suite }
|
|
|
|
|
('stable', 'bullseye', 'bookworm', 'trixie')
|
|
|
|
|
) {
|
|
|
|
|
$bullseye_or_later = 1;
|
|
|
|
|
}
|
|
|
|
|
debug "neither libdistro-info-perl nor distro-info-data installed";
|
|
|
|
|
}
|
|
|
|
|
if ($bullseye_or_later) {
|
|
|
|
|
# starting from bullseye use
|
|
|
|
@ -4314,7 +4350,11 @@ sub main() {
|
|
|
|
|
error "invalid format. Choose from " . (join ', ', @valid_formats);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!defined $ENV{PATH} || $ENV{PATH} eq "") {
|
|
|
|
|
# setting PATH for chroot, ldconfig, start-stop-daemon...
|
|
|
|
|
if (length $ENV{PATH}) {
|
|
|
|
|
## no critic (Variables::RequireLocalizedPunctuationVars)
|
|
|
|
|
$ENV{PATH} = "$ENV{PATH}:/usr/sbin:/usr/bin:/sbin:/bin";
|
|
|
|
|
} else {
|
|
|
|
|
## no critic (Variables::RequireLocalizedPunctuationVars)
|
|
|
|
|
$ENV{PATH} = "/usr/sbin:/usr/bin:/sbin:/bin";
|
|
|
|
|
}
|
|
|
|
@ -4374,8 +4414,8 @@ sub main() {
|
|
|
|
|
and $content =~ /^apt ([0-9]+\.[0-9]+\.[0-9]+) \([a-z0-9-]+\)$/m) {
|
|
|
|
|
$aptversion = version->new($1);
|
|
|
|
|
}
|
|
|
|
|
if ($aptversion < "2.3.10") {
|
|
|
|
|
error "need apt >= 2.3.10 but have $aptversion";
|
|
|
|
|
if ($aptversion < "2.3.14") {
|
|
|
|
|
error "need apt >= 2.3.14 but have $aptversion";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -5723,7 +5763,12 @@ sub main() {
|
|
|
|
|
if ($@) {
|
|
|
|
|
# we cannot die here because that would leave the other thread
|
|
|
|
|
# running without a parent
|
|
|
|
|
# We send SIGHUP to all our processes (including eventually
|
|
|
|
|
# running tar and this process itself) to reliably tear down
|
|
|
|
|
# all running child processes. The main process is not affected
|
|
|
|
|
# because we are ignoring SIGHUP.
|
|
|
|
|
warning "creating tarball failed: $@";
|
|
|
|
|
kill HUP => -getpgrp();
|
|
|
|
|
$exitstatus = 1;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
@ -5804,9 +5849,11 @@ sub main() {
|
|
|
|
|
if ($exitstatus == 0) {
|
|
|
|
|
my $duration = Time::HiRes::time - $before;
|
|
|
|
|
info "success in " . (sprintf "%.04f", $duration) . " seconds";
|
|
|
|
|
exit 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exit $exitstatus;
|
|
|
|
|
error "mmdebstrap failed to run";
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
main();
|
|
|
|
@ -6546,7 +6593,9 @@ chroot as I<fileinside>. In contrast to B<copy-in>, this command only
|
|
|
|
|
handles files and not directories. To copy a directory recursively into the
|
|
|
|
|
chroot, use B<copy-in> or B<tar-in>. Its advantage is, that by being able to
|
|
|
|
|
specify the full path on the inside, including the filename, the file on the
|
|
|
|
|
inside can have a different name from the file on the outside.
|
|
|
|
|
inside can have a different name from the file on the outside. In contrast to
|
|
|
|
|
B<copy-in> and B<tar-in>, permission and ownership information will not be
|
|
|
|
|
retained.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|