1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
|
.\" Hey, EMACS: -*- nroff -*-
.\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1)
.TH COWPOKE 1 "April 28, 2008"
.\" Please adjust this date whenever revising the manpage.
.\"
.\" Some roff macros, for reference:
.\" .nh disable hyphenation
.\" .hy enable hyphenation
.\" .ad l left justify
.\" .ad b justify to both left and right margins
.\" .nf disable filling
.\" .fi enable filling
.\" .br insert line break
.\" .sp <n> insert n+1 empty lines
.\" for manpage-specific macros, see man(7)
.SH NAME
cowpoke \- Build a Debian source package in a remote cowbuilder instance
.SH SYNOPSIS
.B cowpoke
.RI [ options ] " packagename.dsc"
.SH DESCRIPTION
Uploads a Debian source package to a \fBcowbuilder\fR host and builds it,
optionally also signing and uploading the result to an incoming queue.
.SH OPTIONS
The following options are available:
.TP
.BI \-\-arch= architecture
Specify the Debian architecture(s) to build for. A space separated list of
architectures may be used to build for all of them in a single pass. Valid
arch names are those returned by \fBdpkg-architecture\fP(1) for
\fBDEB_BUILD_ARCH\fP.
.TP
.BI \-\-dist= distribution
Specify the Debian distribution(s) to build for. A space separated list of
distributions may be used to build for all of them in a single pass. Either
codenames (such as \fBsid\fP, or \fBsqueeze\fP) or distribution names (such as
\fBunstable\fP, or \fBexperimental\fP) may be used, but you should usually stick
to using one or the other consistently as this name may be used in file paths
and to locate old packages for comparison reporting.
.TP
.BI \-\-buildd= host
Specify the remote host to build on.
.TP
.BI \-\-buildd\-user= name
Specify the remote user to build as.
.TP
.B \-\-create
Create the remote \fBcowbuilder\fR root if it does not already exist. If this option
is not passed it is an error for the specified \fB\-\-dist\fP or \fB\-\-arch\fP
to not have an existing \fBcowbuilder\fR root in the expected location.
.TP
.BR \-\-return= [ \fIpath ]
Copy results of the build to \fIpath\fP. If \fIpath\fP is not specified, then return
them to the current directory. The given \fIpath\fP must exist, it will not be created.
.TP
.B \-\-no\-return
Do not copy results of the build to \fBRETURN_DIR\fP (overriding a path set for
it in the configuration files).
.TP
.BI \-\-dpkg\-opts= "'opt1 opt2 ...'"
Specify additional options to be passed to \fBdpkg-buildpackage\fP(1). Multiple
options are delimited with spaces. This will override any options specified in
\fBDEBBUILDOPTS\fP in the build host's \fIpbuilderrc\fP.
.TP
.B \-\-help
Display a brief summary of the available options and current configuration.
.TP
.B \-\-version
Display the current version information.
.SH CONFIGURATION OPTIONS
When \fBcowpoke\fP is run the following configuration options are read from
global, per\-user, and per\-project configuration files if present. File paths
may be absolute or relative, the latter being relative to the \fBBUILDD_USER\fR's
home directory. Since the paths are typically quoted when used, tilde expansion
will \fBnot\fP be performed on them.
.SS Global defaults
These apply to every arch and dist in a single cowpoke invocation.
.TP
.B BUILDD_HOST
The network address or fqdn of the build machine where \fBcowbuilder\fR is configured.
This may be overridden by the \fB\-\-buildd\fP command line option.
.TP
.B BUILDD_USER
The unprivileged user name for operations on the build machine. This defaults
to the local name of the user executing \fBcowpoke\fP (or to a username that is
specified in your SSH configuration for \fBBUILDD_HOST\fR), and may be overridden by the
\fB\-\-buildd\-user\fP command line option.
.TP
.B BUILDD_ARCH
The Debian architecture(s) to build for. This must match the \fBDEB_BUILD_ARCH\fP
of the build chroot being used. It defaults to the local machine architecture where
\fBcowpoke\fP is executed, and may be overridden by the \fB\-\-arch\fP command line
option. A (quoted) space separated list of architectures may be used here to build
for all of them in a single pass.
.TP
.B BUILDD_DIST
The Debian distribution(s) to build for. A (quoted) space separated list of
distributions may be used to build for all of them in a single pass. This may
be overridden by the \fB\-\-dist\fP command line option.
.TP
.B INCOMING_DIR
The directory path on the build machine where the source package will initially
be placed. This must be writable by the \fBBUILDD_USER\fP.
.TP
.B PBUILDER_BASE
The filesystem root for all pbuilder COW and result files. Arch and dist
specific subdirectories will normally be created under this. The apt cache
and temporary build directory will also be located under this path.
.TP
.B SIGN_KEYID
If this option is set, it is expected to contain the gpg key id to pass to
\fBdebsign\fP(1) if the packages are to be remotely signed. You will be prompted
to confirm whether you wish to sign the packages after all builds are complete.
If this option is unset or an empty string, no attempt to sign packages will be
made.
.TP
.B UPLOAD_QUEUE
If this option is set, it is expected to contain a 'host' specification for
\fBdput\fP(1) which will be used to upload them after they are signed. You will
be prompted to confirm whether you wish to upload the packages after they are
signed. If this option is unset or an empty string, no attempt to upload packages
will be made. If \fBSIGN_KEYID\fP is not set, this option will be ignored entirely.
.TP
.B BUILDD_ROOTCMD
The command to use to gain root privileges on the remote build machine. If
unset the default is \fBsudo\fP(8). This is only required to invoke \fBcowbuilder\fR
and allow it to enter its chroot, so you may restrict this user to only being
able to run that command with escalated privileges. Something like this in
sudoers will enable invoking \fBcowbuilder\fR without an additional password entry
required:
.TP
.B " "
.RS 1.5i
youruser ALL = NOPASSWD: /usr/sbin/cowbuilder
.RE
.TP
.B " "
Alternatively you could use SSH with a forwarded key, or whatever other
mechanism suits your local access policy. Using \fBsu \-c\fR isn't really
suitable here due to its quoting requirements being somewhat different to
the rest.
.TP
.B DEBOOTSTRAP
The utility to use when creating a new build root. Alternatives are
.BR debootstrap " or " cdebootstrap .
.TP
.B RETURN_DIR
If set, package files resulting from the build will be copied to the path
(local or remote) that this is set to, after the build completes. The path
must exist, it will not be created. This option is unset by default and can
be overridden with \fB\-\-return\fR or \fB\-\-no-return\fR.
.SS Arch and dist specific options
These are variables of the form: $arch_$dist\fB_VAR\fR which apply only for a
particular target arch/dist build.
.TP
.IB arch _ dist _RESULT_DIR
The directory path on the build machine where the resulting packages (source and
binary) will be found, and where older versions of the package that were built
previously may be found. If any such older packages exist, \fBdebdiff\fP will
be used to compare the new package with the previous version after the build is
complete, and the result will be included in the build log. Files in it must be
readable by the \fBBUILDD_USER\fP for sanity checking with \fBlintian\fP(1) and
\fBdebdiff\fP(1), and for upload with \fBdput\fP(1). If this option is not
specified for some arch and dist combination then it will default to
.I $PBUILDER_BASE/$arch/$dist/result
.TP
.IB arch _ dist _BASE_PATH
The directory where the COW master files are to be found (or created if the
\fB\-\-create\fP command line option was passed). If this option is not specified
for some arch or dist then it will default to
.I $PBUILDER_BASE/$arch/$dist/base.cow
.SH CONFIGURATION FILES
.TP
.I /etc/cowpoke.conf
Global configuration options. Will override hardcoded defaults.
.TP
.I ~/.cowpoke
Per\-user configuration options. Will override any global configuration.
.TP
.I .cowpoke
Per\-project configuration options. Will override any per-user or global
configuration if \fBcowpoke\fP is called from the directory where they exist.
If the environment variable \fBCOWPOKE_CONF\fP is set, it specifies an addtional
configuration file which will override all of those above. Options specified
explicitly on the command line override all configuration files.
.SH COWBUILDER CONFIGURATION
There is nothing particularly special required to configure a \fBcowbuilder\fR instance
for use with \fBcowpoke\fP. Simply create them in the flavour you require with
`\fBcowbuilder \-\-create\fP` according to the \fBcowbuilder\fR documentation, then
configure \fBcowpoke\fP with the user, arch, and path information required to
access it, on the machines you wish to invoke it from (or alternatively configure
\fBcowpoke\fP with the path, arch and distribution information and pass the
\fB\-\-create\fP option to it on the first invocation). The build host running
\fBcowbuilder\fR does not require \fBcowpoke\fP installed locally.
The build machine should have the \fBlintian\fP and \fBdevscripts\fR packages
installed for post-build sanity checking. Upon completion, the build log and
the results of automated checks will be recorded in the \fBINCOMING_DIR\fP.
If you wish to upload signed packages the build machine will also need
\fBdput\fP(1) installed and configured to use the '\fIhost\fP' alias specified
by \fBUPLOAD_QUEUE\fP. If \fBrsync\fP(1) is available on both the local and
build machine, then it will be used to transfer the source package (this may
save on some transfers of the \fIorig.tar.*\fP when building subsequent Debian
revisions).
The user executing \fBcowpoke\fP must have SSH access to the build machine as
the \fBBUILDD_USER\fP. That user must be able to invoke \fBcowbuilder\fR as root by
using the \fBBUILDD_ROOTCMD\fP. Signing keys are not required to be installed
on the build machine (and will be ignored there if they are). If the package
is signed, keys will be expected on the machine that executes \fBcowpoke\fP.
When \fBcowpoke\fP is invoked, it will first attempt to update the \fBcowbuilder\fR
image if that has not already been done on the same day. This is checked by
the presence or absence of a \fIcowbuilder-$arch-$dist-update-log-$date\fP file
in the \fBINCOMING_DIR\fP. You may move, remove, or touch this file if you wish
the image to be updated more or less often than that. Its contents log the
output of \fBcowbuilder\fR during the update (or creation) of the build root.
.SH NOTES
Since \fBcowbuilder\fP creates a chroot, and to do that you need root, \fBcowpoke\fP
also requires some degree of root access. So all the horrible things that can
go wrong with that may well one day rain down upon you. \fBcowbuilder\fR has been
known to accidentally wipe out bind-mounted filesystems outside the chroot, and
worse than that can easily happen. So be careful, keep good backups of things
you don't want to lose on your build machine, and use \fBcowpoke\fP to keep all
that on a machine that isn't your bleeding edge dev box with your last few hours
of uncommitted work.
.SH SEE ALSO
.BR cowbuilder (1),
.BR pbuilder (1),
.BR ssh-agent (1),
.BR sudoers (5).
.SH AUTHOR
.B cowpoke
was written by Ron <\fIron@debian.org\fP>.
|