2
# Copyright 2006-2007 (C) Canonical Ltd.
3
# Created by Kees Cook <kees@ubuntu.com>
3
# Copyright 2006-2009 (C) Canonical Ltd.
4
# Author: Kees Cook <kees@ubuntu.com>
6
# ##################################################################
8
# This program is free software; you can redistribute it and/or
9
# modify it under the terms of the GNU General Public License
10
# as published by the Free Software Foundation; either version 3
11
# of the License, or (at your option) any later version.
13
# This program is distributed in the hope that it will be useful,
14
# but WITHOUT ANY WARRANTY; without even the implied warranty of
15
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
# GNU General Public License for more details.
18
# See file /usr/share/common-licenses/GPL for more details.
20
# ##################################################################
6
22
# This script creates LVM snapshot chroots via schroot and sbuild.
7
23
# Much love to "man sbuild-setup", https://wiki.ubuntu.com/PbuilderHowto,
8
24
# and https://help.ubuntu.com/community/SbuildLVMHowto.
10
# It assumes that sbuild has not be installed and configured before.
12
# If using schroot earlier than 1.1.4-1, it's a good idea to apply the
13
# process-cleaning patch to /etc/schroot/setup.d/10mount. Without this, any
14
# processes left running from the build (like cron, dbus, etc) will stop
15
# schroot from umounting and shutting down cleanly:
16
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391319
18
# If using sbuild 0.50 or earlier, and you intend to use the "arch" argument
19
# to do i386 builds on amd64, you will need to patch "sbuild" to correctly
20
# detect the chroot architecture:
21
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=392992
26
# It will deal with sbuild having not be installed and configured before.
29
# For when schroot enters the chroot, we cannot be in a directory that
30
# will not exist in the chroot.
27
33
# Make sure we've got a regular user
28
34
if [ -w /etc/passwd ]; then
29
35
echo "Please run this script as a regular user, not root." >&2
35
41
# Load all the packages you'll need to do work
36
42
sudo apt-get install sbuild schroot debootstrap lvm2
37
43
# Make sure LVM tools that operate on the snapshots have needed module
38
sudo modprobe dm_snapshot
39
sudo bash -c "grep ^dm_snapshot /etc/modules >/dev/null || echo dm_snapshot >> /etc/modules"
44
if ! sudo dmsetup targets | grep -q ^snapshot; then
45
sudo modprobe dm_snapshot
46
echo dm_snapshot | sudo tee -a /etc/modules >/dev/null
40
48
# Add self to the sbuild group
41
49
sudo adduser "$USER" sbuild
43
# Create some default build/log areas
44
mkdir -p ~/ubuntu/build ~/ubuntu/logs
45
51
# Prepare a usable default .sbuildrc
46
52
if [ ! -e ~/.sbuildrc ]; then
47
53
cat > ~/.sbuildrc <<EOM
67
73
sensible-editor ~/.sbuildrc
74
# Create target directories, if needed
75
eval $(egrep '^\$(build|log)_dir[ ]*=' ~/.sbuildrc | cut -c2-)
76
if [ -n "$log_dir" ]; then
79
if [ -n "$build_dir" ]; then
69
83
echo "Your ~/.sbuildrc already exists -- leaving it as-is."
98
# Set up configurable defaults (loaded after option processing)
86
104
echo "Usage: $0 [OPTIONS] VG Release" >&2
88
106
echo " --arch=ARCH What architecture to select"
89
107
echo " --name=NAME Base name for the schroot (arch is appended)"
108
echo " --personality=PERSONALITY What personality to use (defaults to match --arch)"
90
109
echo " --debug Turn on script debugging"
110
echo " --skip-updates Do not include -updates pocket in sources.list"
91
111
echo " --source-template=FILE Use FILE as the sources.list template"
92
112
echo " --debootstrap-mirror=URL Use URL as the debootstrap source"
113
echo " --distro=DISTRO Install specific distro (defaults to 'ubuntu')"
115
echo "Configuration (via ~/.mk-sbuild-lv.rc)"
116
echo " LV_SIZE Size of source LVs (default ${LV_SIZE})"
117
echo " SNAPSHOT_SIZE Size of snapshot LVs (default ${SNAPSHOT_SIZE})"
118
echo " SCHROOT_CONF_SUFFIX Lines to append to schroot.conf entries"
119
echo " SKIP_UPDATES Enable --skip-updates"
120
echo " TEMPLATE_SOURCES A template for sources.list"
121
echo " TEMPLATE_SCHROOTCONF A template for schroot.conf stanza"
97
126
if [ -z "$1" ]; then
100
OPTS=`getopt -o '' --long "help,debug,arch:,name:,source-template:,debootstrap-mirror:" -- "$@"`
129
OPTS=`getopt -o '' --long "help,debug,skip-updates,arch:,name:,source-template:,debootstrap-mirror:,personality:,distro:" -- "$@"`
101
130
eval set -- "$OPTS"
111
141
# By default, use the native architecture.
112
142
arch_opt="--arch $2"
113
143
arch_suffix="-$2"
144
if [ "$2" = "i386" ] || [ "$2" = "lpia" ] && [ -z "$personality" ];
146
personality="linux32"
121
TEMPLATE_SOURCES="$2"
123
if [ ! -r $TEMPLATE_SOURCES ]; then
124
echo "W: Template file $TEMPLATE_SOURCES is not readable"
125
echo "W: Continuing with default sources!"
128
--debootstrap-mirror)
129
DEBOOTSTRAP_MIRROR="$2"
163
TEMPLATE_SOURCES="$2"
165
if [ ! -r $TEMPLATE_SOURCES ]; then
166
echo "W: Template file $TEMPLATE_SOURCES is not readable"
167
echo "W: Continuing with default sources!"
170
--debootstrap-mirror)
171
DEBOOTSTRAP_MIRROR="$2"
157
203
CHROOT_PATH="/dev/$VG/$CHROOT_LV"
158
204
CHROOT_NAME="${name}${arch_suffix}"
206
# Load customizations
207
if [ -r ~/.mk-sbuild-lv.rc ]; then
160
211
# Does the specified VG exist? (vgdisplay doesn't set error codes...)
161
212
if [ `sudo vgdisplay -c "$VG" | wc -l` -eq 0 ]; then
165
216
# Is the specified release known to debootstrap?
166
if [ ! -f "/usr/lib/debootstrap/scripts/$RELEASE" ]; then
217
if [ ! -r "/usr/share/debootstrap/scripts/$RELEASE" ]; then
167
218
echo "Specified release not known to debootstrap" >&2
170
221
variant_opt="--variant=buildd"
224
BUILD_PKGS="build-essential fakeroot devscripts apt-utils"
225
# Handle distro-specific logic, unknown to debootstrap
228
# are we doing an lpia build?
229
if [ -z "$DEBOOTSTRAP_MIRROR" ] && [ "$arch_opt" = "--arch lpia" ]; then
230
DEBOOTSTRAP_MIRROR="http://ports.ubuntu.com/"
232
if [ -z "$DEBOOTSTRAP_MIRROR" ]; then
233
DEBOOTSTRAP_MIRROR="http://archive.ubuntu.com/ubuntu"
235
if [ -z "$COMPONENTS" ]; then
236
COMPONENTS="main restricted universe multiverse"
238
if [ -z "$SOURCES_SECURITY_SUITE" ]; then
239
SOURCES_SECURITY_SUITE="RELEASE-updates"
241
if [ -z "$SOURCES_SECURITY_URL" ]; then
242
SOURCES_SECURITY_URL="http://security.ubuntu.com/ubuntu"
244
# Add edgy+ buildd tools
245
if [ "$RELEASE" != "breezy" ] && [ "$RELEASE" != "dapper" ]; then
246
# Disable recommends for a smaller chroot (gutsy and later only)
247
BUILD_PKGS="--no-install-recommends $BUILD_PKGS"
249
BUILD_PKGS="$BUILD_PKGS pkg-create-dbgsym pkgbinarymangler"
253
if [ -z "$DEBOOTSTRAP_MIRROR" ]; then
254
DEBOOTSTRAP_MIRROR="http://ftp.debian.org/debian"
256
if [ -z "$COMPONENTS" ]; then
257
COMPONENTS="main non-free contrib"
259
# Debian only performs security updates
261
if [ -z "$SOURCES_SECURITY_SUITE" ]; then
262
SOURCES_SECURITY_SUITE="RELEASE/updates"
264
if [ -z "$SOURCES_SECURITY_URL" ]; then
265
SOURCES_SECURITY_URL="http://security.debian.org/"
267
# Unstable (aka "sid") does not have a security repository
268
if [ "$RELEASE" = 'unstable' ] || [ "$RELEASE" = 'sid' ]; then
273
echo "Unknown --distro '$DISTRO': aborting" >&2
173
278
# Allocate the "golden" chroot LV
174
sudo lvcreate -n "$CHROOT_LV" -L 5G "$VG"
175
sudo mkfs -t ext3 "$CHROOT_PATH"
279
sudo lvcreate -n "$CHROOT_LV" -L "$LV_SIZE" "$VG"
280
sudo mkfs -t ext4 "$CHROOT_PATH"
177
282
# Mount and debootstrap the chroot
178
283
MNT=`mktemp -d -t schroot-XXXXXX`
187
292
cat "$TEMPLATE_SOURCES" > "$TEMP_SOURCES"
189
294
cat > "$TEMP_SOURCES" <<EOM
190
deb http://archive.ubuntu.com/ubuntu RELEASE main restricted universe multiverse
191
deb-src http://archive.ubuntu.com/ubuntu RELEASE main restricted universe multiverse
192
deb http://archive.ubuntu.com/ubuntu RELEASE-updates main restricted universe multiverse
193
deb-src http://archive.ubuntu.com/ubuntu RELEASE-updates main restricted universe multiverse
194
deb http://security.ubuntu.com/ubuntu RELEASE-security main restricted universe multiverse
195
deb-src http://security.ubuntu.com/ubuntu RELEASE-security main restricted universe multiverse
295
deb ${DEBOOTSTRAP_MIRROR} RELEASE ${COMPONENTS}
296
deb-src ${DEBOOTSTRAP_MIRROR} RELEASE ${COMPONENTS}
298
if [ -z "$SKIP_UPDATES" ]; then
299
cat >> "$TEMP_SOURCES" <<EOM
300
deb ${DEBOOTSTRAP_MIRROR} RELEASE-updates ${COMPONENTS}
301
deb-src ${DEBOOTSTRAP_MIRROR} RELEASE-updates ${COMPONENTS}
304
if [ -z "$SKIP_SECURITY" ]; then
305
cat >> "$TEMP_SOURCES" <<EOM
306
deb ${SOURCES_SECURITY_URL} ${SOURCES_SECURITY_SUITE} ${COMPONENTS}
307
deb-src ${SOURCES_SECURITY_URL} ${SOURCES_SECURITY_SUITE} ${COMPONENTS}
198
311
cat "$TEMP_SOURCES" | sed -e "s|RELEASE|$RELEASE|g" | \
199
312
sudo bash -c "cat > $MNT/etc/apt/sources.list"
218
331
source-root-groups=root,sbuild,admin
219
332
device=CHROOT_PATH
220
333
mount-options=-o noatime
221
lvm-snapshot-options=--size 4G
334
lvm-snapshot-options=--size SNAPSHOT_SIZE
222
335
run-setup-scripts=true
223
336
run-exec-scripts=true
339
if [ ! -z "$personality" ]; then
340
echo "personality=$personality" >> "$TEMP_SCHROOTCONF"
342
if [ ! -z "$SCHROOT_CONF_SUFFIX" ]; then
343
echo "$SCHROOT_CONF_SUFFIX" >> "$TEMP_SCHROOTCONF"
226
345
cat "$TEMP_SCHROOTCONF" | sed \
227
346
-e "s|CHROOT_NAME|$CHROOT_NAME|g" \
228
347
-e "s|CHROOT_PATH|$CHROOT_PATH|g" \
348
-e "s|SNAPSHOT_SIZE|$SNAPSHOT_SIZE|g" \
230
350
sudo bash -c "cat >> /etc/schroot/schroot.conf"
231
351
rm -f "$TEMP_SCHROOTCONF"
232
352
# Create image finalization script
233
BUILD_PKGS="build-essential fakeroot devscripts"
234
# Add edgy+ buildd tools
235
if [ "$RELEASE" != "breezy" ] && [ "$RELEASE" != "dapper" ]; then
236
BUILD_PKGS="$BUILD_PKGS pkg-create-dbgsym pkgbinarymangler"
238
353
sudo bash -c "cat >> $MNT/finish.sh" <<EOM
357
export http_proxy=${http_proxy}
242
358
# Reload package lists
243
359
apt-get update || true
244
360
# Pull down signature requirements
245
#apt-get -y --force-yes install gnupg ubuntu-keyring
361
apt-get -y --force-yes install gnupg ${DISTRO}-keyring
246
362
# Reload package lists
247
363
apt-get update || true
248
364
# Disable debconf questions so that automated builds won't prompt
249
365
echo set debconf/frontend Noninteractive | debconf-communicate
250
366
echo set debconf/priority critical | debconf-communicate
251
367
# Install basic build tool set, trying to match buildd
252
apt-get -y install $BUILD_PKGS
368
apt-get -y --force-yes install $BUILD_PKGS
253
369
# Set up expected /dev entries
254
ln -s /proc/self/fd/0 /dev/stdin
255
ln -s /proc/self/fd/1 /dev/stdout
256
ln -s /proc/self/fd/2 /dev/stderr
370
if [ ! -r /dev/stdin ]; then ln -s /proc/self/fd/0 /dev/stdin; fi
371
if [ ! -r /dev/stdout ]; then ln -s /proc/self/fd/1 /dev/stdout; fi
372
if [ ! -r /dev/stderr ]; then ln -s /proc/self/fd/2 /dev/stderr; fi
262
378
sudo umount "$MNT"
264
380
# Run finalization script on the "golden" copy via schroot.
265
(cd / && schroot -c "$CHROOT_NAME"-source -u root /finish.sh)
381
schroot -c "$CHROOT_NAME"-source -u root /finish.sh
269
385
echo "Done building $CHROOT_NAME."
271
echo " To UPDATE the golden image: schroot -c ${CHROOT_NAME}-source -u root"
387
echo " To CHANGE the golden image: schroot -c ${CHROOT_NAME}-source -u root"
272
388
echo " To ENTER an image snapshot: schroot -c ${CHROOT_NAME}"
273
389
echo " To BUILD within a snapshot: sbuild -d ${CHROOT_NAME} PACKAGE*.dsc"