summaryrefslogtreecommitdiffstats
path: root/arch-nspawn.in
AgeCommit message (Collapse)AuthorFilesLines
2019-08-09arch-nspawn should not take pacman cache from hostBrian Bidulock1-1/+1
Previously, arch-nspawn was using the hosts' pacman cache in the chroot even when the chroot was set up with a different cache by mkarchroot, unless specified with the -c flag. Problem is that makechrootpkg passes no -C, -M nor -c flags to arch-nspawn, so all values must be obtained from the working directory. This change take the cache directories from the pacman.conf specified with the -C option unless the -c option was given (as is the case when the chroot is set up with mkarchroot), and, when neither -C nor -c is given (as is the case when invoked by makechrootpkg), the cache directory is taken from the pacman.conf in the working directory. This wasn't such an issue when i686 was mainline, however, which building packages in a chroot against archlinux32 on an x86_64 platform, the cache of the host should _never_ be used. Rebased by eschwartz on top of cachedir reworking. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2019-08-09arch-nspawn: don't delete the guest gpg configurationEli Schwartz1-1/+2
It's important to ensure the guest has up to date data because updating a chroot after quite some time can potentially rely on updated archlinux-keyring, something which the host machine either kept up to date on or manually fixed, but it kills automation to mess around with chroot configs like that. Alternatively, signed packages added with -I need to work, and we assume the host is configured to accept these. That is *not* a good reason to completely nuke whatever is in the guest, though. A guest might have been manually configured to accept keys which aren't accepted by the host; one example of this happening in practice, is archlinux32 when building 32-bit packages from an archlinux host. The right solution is to append to, rather thna overwrite, the chrooted guest's pacman keyring. To do this, we will use gpg's native facility to dump the keyring from one GNUPGHOME and import it into another. We'd use pacman-key's --import option directly, but this doesn't support passing custom options like --import-options import-local-sigs Finally use pacman-key's native facility to import the trust status from the host. While we are at it, fix a bug where we didn't respect the host's pacman.conf settings for the GpgDir. While it isn't wildly likely a user will choose to customize this, it is a valid and supported use case and we must think about this ourselves. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2019-08-09fixup commit "arch-nspawn: get all mirrors from host"Eli Schwartz1-1/+0
In commit d9b73504484da7e185dc590ef13d5f31942f6051, a line was deleted that had a shellcheck ignore marker, but the marker itself was left in (and had nothing to do). So, remove it. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2019-08-09Migrate pacman.conf CacheDir parsing to pacman-confEli Schwartz1-6/+5
And while we're at it, make this more consistent. Currently we unnecessarily support only one -c /path/to/cachedir option. This requires slightly more thorough handling in mkarchroot to ensure all custom cachedirs are passed on to arch-nspawn. Rework to simply forward all arguments to arch-nspawn (minus final arguments used for pacman -Sy packagelist). Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
2019-03-25arch-nspawn: get all mirrors from hostChristian Hesse1-6/+8
Now that pacconf gives us all mirrors we can use them, instead of just the first one. Signed-off-by: Christian Hesse <mail@eworm.de>
2018-05-13Proper fix for pacman-git returning file urls from the cacheEli Schwartz1-1/+2
It is much nicer to use a proper configuration parser to retrieve the primary mirror, rather than clever hacks using undocumented APIs, especially when their behavior as used then breaks in later releases. Fortunately, pacutils exists now and pacconf handles this quite elegantly. It has since been moved to pacman-git proper. Check if pacman-conf from a new enough version of pacman exists and fallback on pacconf from pacutils.
2018-05-13Revert "arch-nspawn: Work around pacman master returning file-URLs from the ↵Eli Schwartz1-1/+1
cache" This reverts commit eb6b0e3f11279b6512b1469ff042d2982eaaeef4. This never worked, as pacman-git returns file urls from the cache anyway and pacman stable doesn't have any problem at all. Having useless code which makes people think the issue is solved when it really isn't, is bloat, so remove it.
2018-01-21arch-nspawn: Remove pointless $(echo ...) subshellLuke Shumaker1-1/+1
2018-01-21arch-nspawn: make sure that makepkg.conf is always parsed as textLuke Shumaker1-1/+1
https://lists.parabola.nu/pipermail/dev/2017-June/005576.html
2017-09-13Revert "arch-nspawn: Hack to give the inner process a controlling terminal"Jan Alexander Steffens (heftig)1-1/+1
Whoops, this will of course mess with nspawn arguments passed to arch-nspawn.
2017-09-13arch-nspawn: Hack to give the inner process a controlling terminalJan Alexander Steffens (heftig)1-1/+1
This was lost at some point.
2017-09-12arch-nspawn: Pass --as-pid2Jan Alexander Steffens (heftig)1-1/+1
As not all commands we run are capable of reaping processes correctly. For example, pacman is not.
2017-09-11arch-nspawn: Force PATH to be the Arch defaultSébastien Luttringer1-0/+1
systemd-nspawn use a default environ PATH value of: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Since filesystem 2017.08, this is no more overrided by /etc/profile to the Arch default: PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
2017-08-24arch-nspawn: Add --keep-unit to prevent scope conflictsJan Alexander Steffens (heftig)1-1/+1
2017-07-05Add `# shellcheck` directives to quiet shellcheck, add PKGBUILD.protoLuke Shumaker1-0/+2
The added PKGBUILD.proto file is so that shellcheck can know know what to expect that a PKGBUILD sets.
2017-07-05Quote strings that shellcheck warns about.Luke Shumaker1-6/+6
These changes are all strictly "slap some double-quotes in there". Anything more than that is not included in this commit.
2017-07-05Make purely stylistic changes to make shellcheck happier.Luke Shumaker1-4/+4
These are purely stylistic changes that make shellcheck complain less. This does NOT include things like quoting currently unquoted variables.
2017-04-05mkarchroot, arch-nspawn: Add an `-s` flag to inhibit `setarch`.Luke Shumaker1-1/+5
This allows us to run an ARM chroot on an x86 box; as the binfmt runner will set the architecture for us, and the x86 `/usr/bin/setarch` program won't know about the ARM architecture string.
2017-04-05mkarchroot, arch-nspawn: Add an `-f` flag to add files to copy.Luke Shumaker1-1/+11
This allows us to copy in files like `qemu-arm-static`, which is necessary for running an ARM chroot on an x86 box.
2017-04-05Avoid using string interpolation; use printf format strings instead.Luke Shumaker1-1/+1
This involves extending the signature of lib/common.sh's `stat_busy()`, `lock()`, and `slock()`. The `mesg=$1; shift` in stat_busy even suggests that this is what was originally intended from it.
2017-04-05Add a "License:" tag to all code files.Luke Shumaker1-0/+2
In cases where there is no license specified, the file is tagged as "License: Unspecified". Obviously, that is not ideal, but it highlights the fact, and I hope that it encourages whoever has the authority to specify the license to do so. On that note, to anyone who may have the authority to specify the license of files in devtools: the current licence of many files is GPLv2 with no option for later versions; I impore you to re-license them to have the "or any later version" option.
2017-03-07lib/archroot.sh: Simplify check_rootJan Alexander Steffens (heftig)1-3/+1
Move the function and save the orig_argv right along it.
2017-03-07lib/archroot.sh: Move CHROOT_VERSION to a common fileJan Alexander Steffens (heftig)1-2/+1
2017-02-17mkarchroot: Set LANG=en_US.UTF-8Jan Alexander Steffens (heftig)1-1/+1
In order to have an UTF-8 locale in the build root. This is something normally set on real machines but is not set from our chroots. Meson, for example, loudly complains when the locale charset is not UTF-8. I'd like to have C.UTF-8, as most other distributions do. Unfortunately, it's not part of vanilla glibc; en_US.UTF-8 will have to do. mkarchroot already creates roots with both en_US.UTF-8 and de_DE.UTF-8, the latter because builds of gcc (perhaps used to) require it. Bump the CHROOT_VERSION due to the setting change.
2016-05-28arch-nspawn: Work around pacman master returning file-URLs from the cacheJan Alexander Steffens (heftig)1-1/+1
2015-11-29arch-nspawn: preserve systemd-nspawn's stderrEvangelos Foutras1-1/+1
It is passed down to the container when stdin/stdout is not a tty; this is the case when archbuild's output is redirected to a pipe or file.
2014-10-19save and reuse original argv when auto-elevatingDave Reisner1-1/+3
Fixes FS#42277.
2014-09-22arch-nspawn: Fix a grammar mistake (a/an) in an error message.Luke Shumaker1-1/+1
2014-09-22nspawn: skip machine registrationDave Reisner1-4/+1
No need to do this since we don't run an init system in the build root.
2014-05-10Switch to root when started as regular userSébastien Luttringer1-1/+1
In collaborative builder machine, these scripts are often allowed to become root via sudo. This patch avoid to prefix them by sudo each time or call su. Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-08-18arch-nspawn: allow oddly named directoriesDave Reisner1-8/+8
This fixes various errors one might encounter when trying to use a build root or cachedir with whitespace in it. Note that the cachedir fix is not a complete one, as pacman's output is unreliable (and not meant for parsing here). Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-08-18arch-nspawn: avoid escaping mount_argsDave Reisner1-7/+3
eval is no longer involved in the execution of systemd-nspawn, so we no longer need a layer of escaping on the arguments. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-08-08avoid injecting code into the format stringDave Reisner1-2/+2
Now that die() properly forwards arguments to error(), we can expect that the first arg is a format string and not the entirety of the output. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-08-08arch-nspawn: remove leading - from the machine name/hostnameFlorian Pritz1-1/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-05-11arch-nspawn: Quiet systemd-nspawn againJan Alexander Steffens (heftig)1-1/+1
systemd-nspawn always outputs some debug messages over stderr. Both stdout and stderr from inside the chroot are sent through a pty to stdout.
2013-05-06arch-nspawn: setarch to CARCHJan Alexander Steffens (heftig)1-1/+7
Allows calling makechrootpkg without worrying about the architecture
2013-05-03arch-nspawn: Set machine nameJan Alexander Steffens (heftig)1-1/+1
Recent changes to systemd-nspawn have it take the machine name from the chroot dir name, which isn't unique enough for our setup.
2013-05-02mkarchroot: Refactor chroot running into a new scriptJan Alexander Steffens (heftig)1-0/+99
Separates the two features of mkarchroot. Provides users of the new arch-nspawn with the full feature set of systemd-nspawn. For example, this can be used to bind custom directories into the chroot.