summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbill-auger <mr.j.spam.me@gmail.com>2021-07-19 17:06:58 -0400
committerbill-auger <mr.j.spam.me@gmail.com>2021-07-26 19:20:09 -0400
commitf852d5876b8c0be70e3686efd4f0a005dbb53648 (patch)
treedc8bb4b038d041f09d166360ecd2517a88713c45
parentc64c8ddcdfcce76f41f7c37cccec8d4894ade2c1 (diff)
wip - multiple concernswip-2021-03
-rw-r--r--src/chroot-tools/chcleanup.in30
-rwxr-xr-xsrc/chroot-tools/libremakepkg13
-rw-r--r--src/lib/conf.sh.in2
-rwxr-xr-xsrc/librefetch/librefetch143
-rwxr-xr-xsrc/librefetch/librefetchdir/libmakepkg/source.sh.gen4
5 files changed, 126 insertions, 66 deletions
diff --git a/src/chroot-tools/chcleanup.in b/src/chroot-tools/chcleanup.in
index 89a25c4..65bfb15 100644
--- a/src/chroot-tools/chcleanup.in
+++ b/src/chroot-tools/chcleanup.in
@@ -66,9 +66,23 @@ fi
# This is intentionally hard-coded.
source /etc/libretools.d/chroot.conf # sets $CHROOTEXTRAPKG
-# NOTE: ARM chroots require 'fakeroot-tcp' (BR #2775)
+CHROOTPKG=( $( pacman -Sgq base-devel) )
+CHROOTPKG+=() # DEBUG: normally empty - mandatory core package-set
+WHITELIST_PKGS=() # DEBUG: normally empty - optional packages, possibly insane
+
+# FIXME: ARM chroots require 'fakeroot-tcp' (BR #2775)
+#CHROOTPKG+=( fakeroot-tcp ) # armv7h qemu
fakeroot_pkg=fakeroot$( [[ "$(uname -m)" == 'armv7l' ]] && echo '-tcp' )
-CHROOTPKG=( $( pacman -Sgq base-devel | sed "s|fakeroot|${fakeroot_pkg}|" ) )
+CHROOTPKG=( ${CHROOTPKG[*]/fakeroot/${fakeroot_pkg}/} )
+
+# FIXME: host<->chroot glibc mismatch
+WHITELIST_PKGS+=( glibc-linux4 ) # BR #3038
+# $ wget https://repo.archlinuxcn.org/x86_64/glibc-linux4-2.33-4-x86_64.pkg.tar.zst.sig
+# $ wget https://repo.archlinuxcn.org/x86_64/glibc-linux4-2.33-4-x86_64.pkg.tar.zst
+# $ pacman-key --verify glibc-linux4-2.33-4-x86_64.pkg.tar.zst.sig
+# $ sudo librechroot -n autobuilder install-file glibc-linux4-2.33-4-x86_64.pkg.tar.zst
+# $ sudo cp glibc-linux4-2.33-4-x86_64.pkg.tar.zst* /var/lib/archbuild/autobuilder/bill-auger/
+# $ sudo librechroot -n autobuilder enter
# If we're running makepkg
if [[ -f ./PKGBUILD ]]; then
@@ -132,10 +146,10 @@ done
# This is done by installing those into a temporary pacman DB;
# then querying the DB for it's complete package list.
msg2 "Collecting the minimal set of packages needed ..."
-"${pacman_cmd[@]}" -S --dbonly --noscriptlet --needed --noconfirm \
- -- ${CHROOTPKG[*]} ${CHROOTEXTRAPKG[*]} ${DEPENDS[*]} \
- <&- >& "$ERROR_PKGS_FILE"
-if (( $? != 0 )); then
+if ! "${pacman_cmd[@]}" -S --dbonly --noscriptlet --needed --noconfirm \
+ -- ${CHROOTPKG[*]} ${CHROOTEXTRAPKG[*]} ${DEPENDS[*]} \
+ <&- >& "$ERROR_PKGS_FILE"
+then
error "Could not create a full list of packages, exiting."
plain "This is likely caused by a dependency that could not be found."
sed 's/^/ > /' < "$ERROR_PKGS_FILE" >&2
@@ -159,9 +173,11 @@ fi
# (via the libremakepkg '-I' option), and to exit otherwise, warning the user to upgrade.
# If the '-I' option was detected (!SANE), the stale packages are added to the whitelist.
"${pacman_cmd[@]}" -Qq > "$WHITELIST_PKGS_FILE"
+# echo "${WHITELIST_PKGS[@]}" >> "$WHITELIST_PKGS_FILE"
+cat >> "$WHITELIST_PKGS_FILE" <<<${WHITELIST_PKGS[@]}
if (( ${#stale_pkgs[*]} > 0 )); then
insane_msg_1="Some (%d) essential packages are out-of-sync with the database."
- insane_msg_2="Consider upgrading the chroot system before building this package."
+ insane_msg_2="Consider upgrading the chroot system before building packages."
if ! $SANE; then
warning "$insane_msg_1" "${#stale_pkgs[*]}" ; plain "$insane_msg_2" ;
plain "(ignoring, per the '-I' option)" ;
diff --git a/src/chroot-tools/libremakepkg b/src/chroot-tools/libremakepkg
index 3718166..945b8ae 100755
--- a/src/chroot-tools/libremakepkg
+++ b/src/chroot-tools/libremakepkg
@@ -110,6 +110,8 @@ chroot_cleanup() {
}
build() (
+DBG "libremakepkg::build() IN"
+
local copydir=$1
local srcpkg=$2
local repack=$3
@@ -134,11 +136,17 @@ build() (
fi
$NONET || run_nnet=("${run_ynet[@]}")
- prepare_chroot "$copydir" "$LIBREHOME" "$repack" false
+DBG "libremakepkg::build() prepare_chroot"
+
+ prepare_chroot "$copydir" "$LIBREHOME" "$repack" false # generates 'chrootbuild'
+
+DBG "libremakepkg::build() pre_build run_nnet=${run_nnet[*]}"
run_hook pre_build "$copydir"
trap "run_hook post_build ${copydir@Q}; rm -rf -- ${startdir@Q}" EXIT
- "${run_nnet[@]}" /chrootbuild "${makepkg_args[@]}" </dev/null |& indent
+ "${run_nnet[@]}" /chrootbuild "${makepkg_args[@]}" < /dev/null |& indent
+
+DBG "libremakepkg::build() OUT"
)
# The main program #############################################################
@@ -299,6 +307,7 @@ main() {
msg 'Initializing the chroot...'
librechroot "${librechroot_flags[@]}" make |& indent
fi
+DBG "libremakepkg::main() GUARD whoami=$(whoami) id=$(id)" ; return 1
# Set target CARCH
# note that we waited until after locking/creating the chroot to do this
diff --git a/src/lib/conf.sh.in b/src/lib/conf.sh.in
index 110aa38..7b2e1ea 100644
--- a/src/lib/conf.sh.in
+++ b/src/lib/conf.sh.in
@@ -42,7 +42,7 @@ if [[ "$(id -u "${SUDO_USER:-root}")" == 0 ]]; then
unset SUDO_USER
fi
LIBREUSER="${SUDO_USER:-$USER}"
-REPOUSER="${REPOUSER:-LIBREUSER}"
+REPOUSER="${REPOUSER:-$LIBREUSER}"
if [[ -z "$LIBREHOME" ]]; then
eval "LIBREHOME=~$LIBREUSER"
fi
diff --git a/src/librefetch/librefetch b/src/librefetch/librefetch
index 19e6559..e9f07eb 100755
--- a/src/librefetch/librefetch
+++ b/src/librefetch/librefetch
@@ -36,6 +36,8 @@
source "$(librelib conf)"
source "$(librelib messages)"
+readonly SKIP_CREATE_SIGNATURE=1 # TODO: CLI option
+
setup_traps
trap 'rm -f -- "${tmpfiles[@]}"; rm -rf -- "${tmpdirs[@]}"' EXIT
@@ -50,39 +52,36 @@ usage() {
print "Downloads or creates a liberated source tarball."
echo
prose "The default mode is to create OUTPUT_FILE, first by trying
- download mode, then create mode."
- echo
- prose "If OUTPUT_FILE isn't specified, it defaults to the non-directory
- part of SOURCE_URL, in the current directory."
+ 'download' mode, then 'create' mode."
echo
- prose "Unless '-C' is specified, if SOURCE_URL does not begin with a
- configured mirror, create mode is inhibited."
+ prose "If no OUTPUT_FILE is specified, it defaults to the same filename
+ as SOURCE_URL, in the current directory.
+ The OUTPUT_FILE will be generated only if SOURCE_URL points to
+ a configured mirrorm or if the '-C' option given."
echo
- prose "In download mode, it simply tries to download SOURCE_URL. At the
- beginning of a URL, 'libre://' expands to the first configured
- mirror."
+ prose "In 'download' mode, the SOURCE_URL is fetched. A URL specifying the
+ 'libre://' protocol, expands to the first configured mirror."
echo
- prose "In create mode, it either looks at a build script and uses that
- to create the source tarball, or it uses GPG to create a
- signature (if OUTPUT_FILE ends with \`.sig\` or \`.sig.part\`).
- If it is using GPG to create a signature, but the file which it is
- trying to sign doesn't exist yet, it recurses on itself to first
- create that file. SOURCE_URL is ignored, except that it is used
- to set the default value of OUTPUT_FILE, and that it may be used
- when recursing."
+ prose "In 'create' mode, the build recipe is sourced; and the libre
+ source-ball is generated using the 'mksource' sources, unless
+ OUTPUT_FILE indicates a signature file (\`*.sig\` or \`*.sig.part\`).
+ In the case of a signature file, the newly generated libre source-ball
+ is signed with GPG, unless the corrsponoding libre source-ball does
+ not yet exist. In that case, the script recurses on itself, to firstly
+ create the libre source-ball. SOURCE_URL is ignored in that case,
+ but is passed to the recursive call."
echo
prose "The default build script is 'PKGBUILD', or 'SRCBUILD' if it
exists."
echo
- prose "Other options, if they are valid \`makepkg\` options, are passed
- straight to makepkg."
+ prose "Valid \`makepkg\` options may be given, and will be passed to makepkg."
echo
print "Example usage:"
print ' $ %s https://repo.parabola.nu/other/mypackage/mypackage-1.0.tar.gz' "$cmd"
echo
flag 'Options (behavior):' \
- "-C" "Force create mode (don't download)" \
- "-D" "Force download mode (don't create)" \
+ "-C" "Force 'create' mode (don't download)" \
+ "-D" "Force 'download' mode (don't create)" \
"-p <$(_ FILE)>" "Use an alternate build script (instead of
'PKGBUILD'). If an SRCBUILD exists in the same
directory, it is used instead"
@@ -108,6 +107,8 @@ main() {
}
doit() {
+DBG "librefetch::doit() mode=$mode"
+
# Mode: help ###########################################################
if [[ $mode =~ help ]]; then
@@ -178,7 +179,7 @@ doit() {
if [[ $mode =~ download ]]; then
load_conf librefetch.conf MIRRORS DOWNLOADER || exit
- # Canonicalize $src
+ # Canonicalize $src (libre:// faux protocol)
if [[ "$src" == libre://* ]]; then
src="${MIRRORS[0]}/${src#libre://}"
fi
@@ -202,12 +203,12 @@ doit() {
dlcmd="${dlcmd//\%o/\"\$dst\"}"
dlcmd="${dlcmd//\%u/\"\$src\"}"
-#DBG "librefetch::doit() mode==download dlcmd=$dlcmd"
+DBG "librefetch::doit(download) mode==download dlcmd=%s" "$(sed "s|\"\$dst\"|\"$dst\"| ; s|\"\$src\"|\"$src\"|" <<<$dlcmd)"
if { eval "$dlcmd"; } >&2; then
exit $EXIT_SUCCESS
fi
-#DBG "librefetch::doit() we did not exit success inmirror=$inmirror"
+DBG "librefetch::doit(download) \$dlcmd failed - inmirror=$inmirror mode=$mode"
fi
# Mode: create #########################################################
@@ -216,34 +217,52 @@ doit() {
# The recursive `makepkg` invokation processes a modified PKGBUILD (per PKGBUILD_APPEND).
if [[ $mode =~ create ]]; then
- local base_dst=${dst%.part}
- local suffix=${dst#"$base_dst"}
- local src_missing_msg="Libre source not found. Attempting to create it from upstream sources."
- local done_msg="Libre source created successfully"
+ local final_dst="${dst%.part}"
+ local suffix=${dst#"$final_dst"}
+ local src_missing_msg="Libre source-ball not found. Attempting to create it from upstream sources."
+ local done_msg="Libre source-ball created successfully"
+
+DBG "librefetch::doit(create) dst=$dst final_dst=$final_dst suffix=$suffix" ; # DBG "PKGBUILD=" ; cat $srcbuild ;
-DBG "librefetch::doit(create) dst=$dst base_dst=${base_dst} suffix=$suffix" ; # DBG "PKGBUILD=" ; cat $srcbuild ;
+ if [[ "$final_dst" == *.sig ]]; then # handle missing libre source-ball signature
+ local src_file=${src%.sig}
+ local out_file="${final_dst%.sig}"
+
+DBG "librefetch::doit(create) IS_SIG src_file=$src_file out_file=$out_file"
- if [[ $base_dst == *.sig ]]; then
# recurse to create the libre source-ball, if it does not yet exist
- # the libre source-ball signature is deferred to librerelease
- if ! [[ -e ${base_dst%.sig} ]]; then
- extra_opts=("${src%.sig}" "${base_dst%.sig}")
+ if ! [[ -e "$out_file" ]]; then
+ extra_opts=("$src_file" "$out_file")
msg2 "${src_missing_msg}"
doit || exit
fi
-DBG "librefetch::doit(create) IS_SIG"
-# set -x
-# FIXME: there is a note about this signature in usage()
-# create_signature "${base_dst%.sig}" || exit
-# if [[ -n $suffix ]]; then
- if [[ -n $suffix && -f "$base_dst" ]]; then
-DBG "librefetch::doit(create) RENAME"
- mv -f "$base_dst" "$dst"
-DBG "librefetch::doit(create) RENAMED"
+DBG "librefetch::doit(create) IS_SIG suffix=$suffix exists=$( [[ -f "$final_dst" ]] && echo t || echo f) is_newly_created=$( [[ -f "$LIBRE_SRCBALL_CREATION_MARKER" ]] && echo t || echo f)" # ; set -x
+# WIP: 'create_signature' normally entails manual password confirmation.
+# in the case that a libre source-ball was just created,
+# the build machine will not necessarily be able to sign it;
+# and 'create_signature' would fail here, as a fatal error.
+# however, librerelease will sign all tarballs, if necessary;
+# so the current WIP defers the signature to librerelease
+# see file.sh::download_file()
+# TODO: adjust the usage() note about this signature if necessary
+ if rm $LIBRE_SRCBALL_CREATION_MARKER 2> /dev/null; then
+DBG "librefetch::doit(create) IS_SIG create_signature"
+# create_signature "${final_dst%.sig}" || exit
+ create_signature "${final_dst%.sig}" || true # WIP:
+
+# TODO: renaming here is probably not necessary;
+# because the caller (file.sh::download_file()) will do it.
+# are there other callers which would not?
+ if [[ -n $suffix && -f "$final_dst" ]]; then
+ mv -f "$final_dst" "$dst"
+ fi
+ else
+DBG "librefetch::doit(create) IS_SIG FAIL"
+ return 1
fi
- else
+ else # create libre source-ball
export PKGDEST=${dst%/*}
export pkg_file=$dst
@@ -251,7 +270,13 @@ DBG "librefetch::doit(create) PKGEXT=$PKGEXT cmd=\"$makepkg\" \"${makepkg_opts[@
cd "$BUILDFILEDIR"
msg2 "${src_missing_msg}"
- "$makepkg" "${makepkg_opts[@]}" -p "$srcbuild" >&2 && msg2 "${done_msg}" || exit
+ rm -f $LIBRE_SRCBALL_CREATION_MARKER
+ if "$makepkg" "${makepkg_opts[@]}" -p "$srcbuild" >&2; then
+ msg2 "${done_msg}"
+ cd - > /dev/null ; touch $LIBRE_SRCBALL_CREATION_MARKER ;
+ else
+ exit
+ fi
fi
fi
@@ -419,24 +444,30 @@ modified_srcbuild() {
create_signature() {
local filename="$1"
local gpg_cmd=( gpg --detach-sign --use-agent --no-armor )
+ local gpg_disabled_msg="Defering libre source-ball signature."
local gpg_signing_msg="Signing libre source-ball..."
local gpg_created_msg="Created signature file:"
- local gpg_remind_msg="Ensure that your GPG key is referenced in the PKGBUILD 'validpgpkeys' array."
local gpg_failed_msg="Failed to sign the libre source-ball!"
- local gpg_sign_msg="If you can not sign it now on this machine, you can take it home, and run librerelease on it."
- local ret
+ local gpg_sign_msg="The libre source-ball will be signed by librerelease later."
+ local gpg_remind_msg="Ensure that your GPG key is referenced in the PKGBUILD, before running librerelease."
+ local ret=0
- if [[ -n "${GPGKEY}" ]]; then
- gpg_cmd=( --local-user "${GPGKEY}" )
- fi
+ if (( SKIP_CREATE_SIGNATURE )); then
+ msg2 "${gpg_disabled_msg}" ; prose "${gpg_sign_msg} ${gpg_remind_msg}" ;
+ else
- msg "${gpg_signing_msg}"
- ${gpg_cmd[@]} "${filename}" &> /dev/null ; ret=$? ;
+ if [[ -n "${GPGKEY}" ]]; then
+ gpg_cmd=( --local-user "${GPGKEY}" )
+ fi
- if (( ! ret )); then
- msg2 "%s %s." "${gpg_created_msg}" "${filename}.sig" ; plain "${gpg_remind_msg}" ;
- else
- error "${gpg_failed_msg}" ; plain "${gpg_sign_msg}" ; plain "${gpg_remind_msg}" ;
+ msg "${gpg_signing_msg}"
+ ${gpg_cmd[@]} "${filename}" &> /dev/null ; ret=$? ;
+
+ if (( ! ret )); then
+ msg2 "%s %s." "${gpg_created_msg}" "${filename}.sig" ; prose "${gpg_remind_msg}" ;
+ else
+ warning "${gpg_failed_msg}" ; prose "${gpg_sign_msg} ${gpg_remind_msg}" ;
+ fi
fi
return ${ret}
diff --git a/src/librefetch/librefetchdir/libmakepkg/source.sh.gen b/src/librefetch/librefetchdir/libmakepkg/source.sh.gen
index 7d848c3..0f43b05 100755
--- a/src/librefetch/librefetchdir/libmakepkg/source.sh.gen
+++ b/src/librefetch/librefetchdir/libmakepkg/source.sh.gen
@@ -25,3 +25,7 @@
}
s|DBG "source.sh::|DBG "source.sh<SPECIAL>::|
+
+
+s|source "$LIBRARY/util/source.sh"|source "$LIBRARY/util/source.sh" ; DBG "source.sh<SPECIAL> LIBRARY=$LIBRARY"|
+s|source "$lib"|DBG "source.sh<SPECIAL> source $lib" ; source "$lib"|