@ -23,7 +23,7 @@
use strict;
use warnings;
our $VERSION = '0.8.4 ';
our $VERSION = '0.8.3 ';
use English;
use Getopt::Long;
@ -2722,18 +2722,13 @@ sub run_install() {
any { $_ eq $options->{variant} }
('required', 'important', 'standard', 'buildd')
) {
# Many of the priority:required packages are also essential:yes. We
# make sure not to select those here to avoid useless "xxx is already
# the newest version" messages.
my $priority;
if (any { $_ eq $options->{variant} } ('required', 'buildd')) {
$priority = '?and(? priority(required),?not(?essential) )';
$priority = '?priority(required)';
} elsif ($options->{variant} eq 'important') {
$priority = '?and(?or(?priority(required),?priority(important)),'
. '?not(?essential))';
$priority = '?or(?priority(required),?priority(important))';
} elsif ($options->{variant} eq 'standard') {
$priority = '?and(?or(~prequired,~pimportant,~pstandard),'
. '?not(?essential))';
$priority = '?or(~prequired,~pimportant,~pstandard)';
}
$pkgs_to_install{
"?narrow("
@ -2785,9 +2780,6 @@ sub run_install() {
#
# - we can make use of file:// and copy://
#
# - we can use EDSP solvers without installing apt-utils or other
# solvers inside the chroot
#
# The DPkg::Install::Recursive::force=true workaround can be
# dropped after this issue is fixed:
# https://salsa.debian.org/apt-team/apt/-/merge_requests/189
@ -2923,8 +2915,7 @@ sub run_cleanup() {
foreach my $fname (
'/var/log/dpkg.log', '/var/log/apt/history.log',
'/var/log/apt/term.log', '/var/log/alternatives.log',
'/var/cache/ldconfig/aux-cache', '/var/log/apt/eipp.log.xz',
'/var/lib/dbus/machine-id'
'/var/cache/ldconfig/aux-cache', '/var/log/apt/eipp.log.xz'
) {
my $path = "$options->{root}$fname";
if (!-e $path) {
@ -6297,7 +6288,11 @@ needs to be able to mount and thus requires C<SYS_CAP_ADMIN>.
This mode uses Linux user namespaces to allow unprivileged use of chroot and
creation of files that appear to be owned by the superuser inside the unshared
namespace. A tarball created in this mode should be bit-by-bit identical to a
tarball created with the B<root> mode.
tarball created with the B<root> mode. In Debian, this mode requires the sysctl
C<kernel.unprivileged_userns_clone> being set to C<1>. The default used to be
C<0> but was changed to C<1> with linux 5.10.1 or Debian 11 (Bullseye).
B<SETTING THIS OPTION TO 1 HAS SECURITY IMPLICATIONS>. Refer to
L<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898446>
A directory chroot created with this mode will end up with wrong ownership
information. For correct ownership information, the directory must be accessed
@ -6721,7 +6716,7 @@ Performs cleanup tasks, unless B<--skip=cleanup> is used:
=item * Remove all files that were put into the chroot for setup purposes, like F</etc/apt/apt.conf.d/00mmdebstrap>, the temporary apt config and the qemu-user-static binary. This can be disabled using B<--skip=cleanup/mmdebstrap>.
=item * Remove all files that make the result unreproducible, like apt and dpkg logs and caches or F</etc/machine-id> and F</var/lib/dbus/machine-id> . This can be disabled using B<--skip=cleanup/reproducible>
=item * Remove all files that make the result unreproducible, like apt and dpkg logs and caches or F</etc/machine-id>. This can be disabled using B<--skip=cleanup/reproducible>
=item * Remove everything in F</tmp> inside the chroot. This can be disabled using B<--skip=cleanup/tmp>.
@ -6817,14 +6812,12 @@ Create a bootable USB Stick that boots into a full Debian desktop:
END
# You can use $(sudo blockdev --getsize64 /dev/sdXXX) to get the right
# image size for the target medium in bytes
$ guestfish -N debian-unstable.img=disk:8G -- \
part-disk /dev/sda mbr : \
part-set-bootable /dev/sda 1 true : \
set-label /dev/sda1 rootfs : \
mkfs ext4 /dev/sda1 : mount /dev/sda1 / : \
$ guestfish -N debian-unstable.img=disk:8G -- part-disk /dev/sda mbr : \
part-set-bootable /dev/sda 1 true : mkfs ext2 /dev/sda1 : \
set-label /dev/sda1 rootfs : mount /dev/sda1 / : \
tar-in debian-unstable.tar / xattrs:true : \
upload /usr/lib/EXTLINUX/mbr.bin /boot /mbr.bin : \
copy-file-to-device /boot/ mbr.bin /dev/sda size:440 : \
upload /usr/lib/SYSLINUX/mbr.bin /mbr.bin : \
copy-file-to-device /mbr.bin /dev/sda size:440 : rm /mbr.bin : \
extlinux / : copy-in extlinux.conf / : sync : umount / : shutdown
$ qemu-system-x86_64 -m 1G -enable-kvm debian-unstable.img
$ sudo dd if=debian-unstable.img of=/dev/sdXXX status=progress
@ -6859,11 +6852,10 @@ Use as replacement for autopkgtest-build-qemu and vmdb2:
$ guestfish -N debian-unstable.img=disk:8G -- \
part-disk /dev/sda mbr : \
part-set-bootable /dev/sda 1 true : \
mkfs ext4 /dev/sda1 : mount /dev/sda1 / : \
mkfs ext2 /dev/sda1 : mount /dev/sda1 / : \
tar-in debian-unstable.tar / xattrs:true : \
upload /usr/lib/EXTLINUX/mbr.bin /boot/mbr.bin : \
copy-file-to-device /boot/mbr.bin /dev/sda size:440 : \
extlinux / : copy-in extlinux.conf / : sync : umount / : shutdown
extlinux / : copy-in extlinux.conf / : \
sync : umount / : shutdown
$ qemu-img convert -O qcow2 debian-unstable.img debian-unstable.qcow2
As a debootstrap wrapper to run it without superuser privileges but using Linux