summaryrefslogtreecommitdiff
path: root/helpers/lh_chroot_sources
diff options
context:
space:
mode:
Diffstat (limited to 'helpers/lh_chroot_sources')
-rwxr-xr-xhelpers/lh_chroot_sources455
1 files changed, 455 insertions, 0 deletions
diff --git a/helpers/lh_chroot_sources b/helpers/lh_chroot_sources
new file mode 100755
index 000000000..2aa5fef25
--- /dev/null
+++ b/helpers/lh_chroot_sources
@@ -0,0 +1,455 @@
+#!/bin/sh
+
+# lh_chroot_sources(1) - manage /etc/apt/sources.list
+# Copyright (C) 2006-2009 Daniel Baumann <daniel@debian.org>
+#
+# live-helper comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
+# This is free software, and you are welcome to redistribute it
+# under certain conditions; see COPYING for details.
+
+set -e
+
+# Including common functions
+. "${LH_BASE:-/usr/share/live-helper}"/functions.sh
+
+# Setting static variables
+DESCRIPTION="$(Echo 'manage /etc/apt/sources.list')"
+HELP=""
+USAGE="${PROGRAM} {install|remove} [--force]"
+
+Arguments "${@}"
+
+# Reading configuration files
+Read_conffiles config/all config/common config/bootstrap config/chroot config/binary config/source
+Set_defaults
+
+# Requiring stage file
+Require_stagefile .stage/config .stage/bootstrap
+
+_LH_LOCAL_KEY_EMAIL="live-helper-local-key@invalid"
+
+case "${1}" in
+ install)
+ Echo_message "Configuring file /etc/apt/sources.list"
+
+ # Checking stage file
+ Check_stagefile .stage/chroot_sources
+
+ # Checking lock file
+ Check_lockfile .lock
+
+ # Creating lock file
+ Create_lockfile .lock
+
+ # Configure custom sources.list
+ echo "deb ${LH_MIRROR_CHROOT} ${LH_DISTRIBUTION} ${LH_ARCHIVE_AREAS}" > chroot/etc/apt/sources.list
+
+ if [ "${LH_SOURCE}" = "enabled" ]
+ then
+ echo "deb-src ${LH_MIRROR_CHROOT} ${LH_DISTRIBUTION} ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+ fi
+
+ if [ "${LH_SECURITY}" = "enabled" ]
+ then
+ case "${LH_MODE}" in
+ ubuntu)
+ echo "deb ${LH_MIRROR_CHROOT_SECURITY} ${LH_DISTRIBUTION}-security ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+
+ if [ "${LH_SOURCE}" = "enabled" ]
+ then
+ echo "deb-src ${LH_MIRROR_CHROOT_SECURITY} ${LH_DISTRIBUTION}-security ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+ fi
+ ;;
+
+ *)
+ if [ "${LH_DISTRIBUTION}" != "sid" ] && [ "${LH_DISTRIBUTION}" != "unstable" ]
+ then
+ echo "deb ${LH_MIRROR_CHROOT_SECURITY} ${LH_DISTRIBUTION}/updates ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+
+ if [ "${LH_SOURCE}" = "enabled" ]
+ then
+ echo "deb-src ${LH_MIRROR_CHROOT_SECURITY} ${LH_DISTRIBUTION}/updates ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+ fi
+ fi
+ ;;
+ esac
+ fi
+
+ # Check local sources.list
+ if Find_files config/chroot_sources/*.chroot
+ then
+ echo "" >> chroot/etc/apt/sources.list
+ echo "# Custom repositories" >> chroot/etc/apt/sources.list
+
+ for FILE in config/chroot_sources/*.chroot
+ do
+ cat ${FILE} | grep -v "^##" >> chroot/etc/apt/sources.list
+ done
+ fi
+
+ # Configure local package repository
+ if Find_files config/chroot_local-packages/*.deb
+ then
+ rm -rf chroot/root/local-packages
+ mkdir -p chroot/root/local-packages
+
+ if [ "$(stat --printf %d config/chroot_local-packages)" = "$(stat --printf %d chroot/root/local-packages)" ]
+ then
+ CP_OPTIONS="-l"
+ fi
+
+ # Copy packages
+ if Find_files config/chroot_local-packages/*_"${LH_ARCHITECTURE}".deb
+ then
+ cp ${CP_OPTIONS} config/chroot_local-packages/*_"${LH_ARCHITECTURE}".deb chroot/root/local-packages
+ fi
+
+ if Find_files config/chroot_local-packages/*_all.deb
+ then
+ cp ${CP_OPTIONS} config/chroot_local-packages/*_all.deb chroot/root/local-packages
+ fi
+
+ if Find_files chroot/root/local-packages/*.deb
+ then
+ # If we bootstrapped a minimal chroot, we need
+ # to install apt-utils before we have have
+ # completed all the indices.
+ case "${LH_BOOTSTRAP_FLAVOUR}" in
+ stripped|minimal)
+ Chroot chroot "apt-get update"
+ ;;
+ esac
+
+ # Restoring cache
+ Restore_cache cache/packages_chroot
+
+ # Check depends
+ Check_package chroot/usr/bin/apt-ftparchive apt-utils
+
+ # Installing depends
+ Install_package
+
+ # Generate Packages and Packages.gz
+ echo "cd /root/local-packages && apt-ftparchive packages . > Packages" | Chroot chroot sh
+ gzip -9 -c chroot/root/local-packages/Packages > chroot/root/local-packages/Packages.gz
+
+ # Generate Release
+ echo "cd /root/local-packages && apt-ftparchive \
+ -o APT::FTPArchive::Release::Origin=chroot_local-packages \
+ release . > Release" | Chroot chroot sh
+
+ if [ "${LH_APT_SECURE}" = "enabled" ]
+ then
+ _LH_DOTGNUPG_EXISTED=0
+ if [ -d chroot/root/.gnupg ]
+ then
+ _LH_DOTGNUPG_EXISTED=1
+ fi
+
+ # Ensure ~/.gnupg exists (required for gnupg >= ~1.4.9)
+ mkdir -p chroot/root/.gnupg
+
+ # Temporarily replace /dev/random with /dev/urandom so as not
+ # to block automated image builds; we don't care about the
+ # security of this key anyway.
+ mv chroot/dev/random chroot/dev/random.orig
+ cp -a chroot/dev/urandom chroot/dev/random
+
+ if Find_files cache/local-package-keyring.*
+ then
+ cp cache/local-package-keyring.* chroot/root
+ else
+ # Generate temporary key
+ echo "Key-Type: RSA
+ Key-Length: 1024
+ Subkey-Type: ELG-E
+ Subkey-Length: 1024
+ Name-Real: live-helper local packages key
+ Name-Email: ${_LH_LOCAL_KEY_EMAIL}
+ Expire-Date: 0
+ %secring /root/local-package-keyring.sec
+ %pubring /root/local-package-keyring.pub
+ %commit" | Chroot chroot "gpg --batch --gen-key" || _LH_RET=${?}
+
+ case "${_LH_RET}" in
+ ""|2)
+ # Gnupg sometimes seems to return with a status of 2 when there was not
+ # enough entropy (and key creation blocks temporarily) even if the
+ # operation was ultimately successful.
+ ;;
+ *)
+ Echo_error "GPG exited with error status %s" "${_LH_RET}"
+ exit ${_LH_RET}
+ ;;
+ esac
+
+ # Save keyrings to avoid regeneration
+ cp chroot/root/local-package-keyring.* cache/
+ fi
+
+ # Sign release
+ Chroot chroot "gpg --no-default-keyring --secret-keyring /root/local-package-keyring.sec \
+ --keyring /root/local-package-keyring.pub -abs -o \
+ /root/local-packages/Release.gpg /root/local-packages/Release"
+
+ # Import key
+ Chroot chroot "gpg --no-default-keyring --secret-keyring /root/local-package-keyring.sec \
+ --keyring /root/local-package-keyring.pub --armor \
+ --export ${_LH_LOCAL_KEY_EMAIL}" | Chroot chroot "apt-key add -"
+
+ # Remove temporary keyrings
+ rm chroot/root/local-package-keyring.pub
+ rm chroot/root/local-package-keyring.sec
+
+ # Revert /dev/random
+ mv chroot/dev/random.orig chroot/dev/random
+
+ # Remove /root/.gnupg if we created it during the signing process
+ if [ "${_LH_DOTGNUPG_EXISTED}" -eq 0 ]
+ then
+ rm -rf chroot/root/.gnupg
+ fi
+ fi
+
+ # Add to sources.list
+ echo "" >> chroot/etc/apt/sources.list
+ echo "# Local packages" >> chroot/etc/apt/sources.list
+ echo "deb file:/root/local-packages ./" >> chroot/etc/apt/sources.list
+
+ # Removing depends
+ Remove_package
+
+ # Saving cache
+ Save_cache cache/packages_chroot
+ else
+ Echo_warning "Local packages must be named with suffix '_all.deb' or '_\$architecture.deb'."
+ fi
+ fi
+
+ # Update indices from cache
+ if [ "${LH_CACHE_INDICES}" = "enabled" ] && [ -d cache/indices_bootstrap ]
+ then
+ if Find_files cache/indices_bootstrap/secring.gpg*
+ then
+ cp -f cache/indices_bootstrap/secring.gpg* chroot/etc/apt
+ fi
+
+ if Find_files cache/indices_bootstrap/trusted.gpg*
+ then
+ cp -f cache/indices_bootstrap/trusted.gpg* chroot/etc/apt
+ fi
+
+ if [ -f cache/indices_bootstrap/pkgcache.bin ]
+ then
+ cp -f cache/indices_bootstrap/pkgcache.bin chroot/var/cache/apt
+ fi
+
+ if [ -f cache/indices_bootstrap/srcpkgcache.bin ]
+ then
+ cp -f cache/indices_bootstrap/srcpkgcache.bin chroot/var/cache/apt
+ fi
+
+ if Find_files cache/indices_bootstrap/*_Packages
+ then
+ cp -f cache/indices_bootstrap/*_Packages chroot/var/lib/apt/lists
+ fi
+
+ if Find_files cache/indices_bootstrap/*_Sources
+ then
+ cp -f cache/indices_bootstrap/*_Sources chroot/var/lib/apt/lists
+ fi
+
+ if Find_files cache/indices_bootstrap/*_Release*
+ then
+ cp -f cache/indices_bootstrap/*_Release* chroot/var/lib/apt/lists
+ fi
+
+ if [ "${LH_APT}" = "aptitude" ] && [ ! -x /usr/bin/aptitude ]
+ then
+ Chroot chroot "apt-get ${APT_OPTIONS} install aptitude"
+ fi
+ else # Get fresh indices
+ # Check local gpg keys
+ if Find_files config/chroot_sources/*.chroot.gpg
+ then
+ for FILE in config/chroot_sources/*.chroot.gpg
+ do
+ cp ${FILE} chroot/root
+ Chroot chroot "apt-key add /root/$(basename ${FILE})"
+ rm -f chroot/root/$(basename ${FILE})
+ done
+ fi
+
+ # Check local keyring packages
+ if Find_files config/chroot_sources/*.deb
+ then
+ for PACKAGE in config/chroot_sources/*.deb
+ do
+ cp ${PACKAGE} chroot/root
+ Chroot chroot "dpkg -i /root/$(basename ${PACKAGE})"
+ rm -f chroot/root/$(basename ${PACKAGE})
+ done
+ fi
+
+ # Installing aptitude
+ if [ "${LH_APT}" = "aptitude" ] && [ ! -x /usr/bin/aptitude ]
+ then
+ Chroot chroot "apt-get ${APT_OPTIONS} update"
+ Chroot chroot "apt-get ${APT_OPTIONS} install aptitude"
+ fi
+
+ Apt update
+ Apt upgrade
+ Apt dist-upgrade
+
+ # Installing keyring packages
+ if [ -n "${LH_KEYRING_PACKAGES}" ]
+ then
+ Chroot chroot "apt-get --yes --force-yes install ${LH_KEYRING_PACKAGES}"
+ Apt update
+ fi
+
+ if [ "${LH_CACHE_INDICES}" = "enabled" ]
+ then
+ mkdir -p cache/indices_bootstrap
+
+ cp -f chroot/etc/apt/secring.gpg* cache/indices_bootstrap
+ cp -f chroot/etc/apt/trusted.gpg* cache/indices_bootstrap
+
+ cp -f chroot/var/cache/apt/pkgcache.bin cache/indices_bootstrap
+
+ if Find_files chroot/var/cache/apt/srcpkgcache.bin
+ then
+ cp -f chroot/var/cache/apt/srcpkgcache.bin cache/indices_bootstrap
+ fi
+
+ cp -f chroot/var/lib/apt/lists/*_Packages cache/indices_bootstrap
+
+ if Find_files chroot/var/lib/apt/lists/*_Sources
+ then
+ cp -f chroot/var/lib/apt/lists/*_Sources cache/indices_bootstrap
+ fi
+
+ cp -f chroot/var/lib/apt/lists/*_Release* cache/indices_bootstrap
+ fi
+ fi
+
+ # Creating stage file
+ Create_stagefile .stage/chroot_sources
+ ;;
+
+ remove)
+ Echo_message "Deconfiguring file /etc/apt/sources.list"
+
+ # Checking lock file
+ Check_lockfile .lock
+
+ # Creating lock file
+ Create_lockfile .lock
+
+ # Configure generic indices
+ if [ "${LH_BINARY_INDICES}" = "enabled" ]
+ then
+ # Don't do anything if it's not required
+ if [ "${LH_MIRROR_CHROOT}" = "${LH_MIRROR_BINARY}" ] && \
+ [ "${LH_MIRROR_CHROOT_SECURITY}" = "${LH_MIRROR_BINARY_SECURITY}" ] && \
+ [ ! -d chroot/root/local-packages ]
+ then
+ # Removing stage file
+ rm -f .stage/chroot_sources
+
+ exit 0
+ fi
+
+ # Cleaning apt list cache
+ rm -rf chroot/var/lib/apt/lists
+ mkdir -p chroot/var/lib/apt/lists/partial
+
+ echo "deb ${LH_MIRROR_BINARY} ${LH_DISTRIBUTION} ${LH_ARCHIVE_AREAS}" > chroot/etc/apt/sources.list
+
+ if [ "${LH_SOURCE}" = "enabled" ]
+ then
+ echo "deb-src ${LH_MIRROR_BINARY} ${LH_DISTRIBUTION} ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+ fi
+
+ if [ "${LH_SECURITY}" = "enabled" ]
+ then
+ case "${LH_MODE}" in
+ ubuntu)
+ echo "deb ${LH_MIRROR_BINARY_SECURITY} ${LH_DISTRIBUTION}-security ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+
+ if [ "${LH_SOURCE}" = "enabled" ]
+ then
+ echo "deb-src ${LH_MIRROR_BINARY_SECURITY} ${LH_DISTRIBUTION}-security ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+ fi
+ ;;
+
+ *)
+ if [ "${LH_DISTRIBUTION}" != "sid" ] && [ "${LH_DISTRIBUTION}" != "unstable" ]
+ then
+ echo "deb ${LH_MIRROR_BINARY_SECURITY} ${LH_DISTRIBUTION}/updates ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+
+ if [ "${LH_SOURCE}" = "enabled" ]
+ then
+ echo "deb-src ${LH_MIRROR_BINARY_SECURITY} ${LH_DISTRIBUTION}/updates ${LH_ARCHIVE_AREAS}" >> chroot/etc/apt/sources.list
+ fi
+ fi
+ ;;
+ esac
+ fi
+
+ # Check local sources.list
+ if Find_files config/chroot_sources/*.binary
+ then
+ echo "" >> chroot/etc/apt/sources.list
+ echo "# Custom repositories" >> chroot/etc/apt/sources.list
+
+ for FILE in config/chroot_sources/*.binary
+ do
+ cat ${FILE} | grep -v "^##" >> chroot/etc/apt/sources.list
+ done
+ fi
+
+ # Check local gpg keys
+ if Find_files config/chroot_sources/*.binary.gpg
+ then
+ for FILE in config/chroot_sources/*.binary.gpg
+ do
+ cp ${FILE} chroot/root
+ Chroot chroot "apt-key add /root/$(basename ${FILE})"
+ rm -f chroot/root/$(basename ${FILE})
+ done
+ fi
+
+ # Updating indices
+ Apt update
+ fi
+
+ # Cleaning apt package cache
+ rm -rf chroot/var/cache/apt
+ mkdir -p chroot/var/cache/apt/archives/partial
+
+ # Cleaning apt package lists
+ if [ "${LH_BINARY_INDICES}" = "none" ]
+ then
+ rm -rf chroot/var/lib/apt/lists
+ mkdir -p chroot/var/lib/apt/lists/partial
+ fi
+
+ # Remove local package repository
+ rm -rf chroot/root/local-packages
+
+ # Remove local packages key if it exists
+ if apt-key list | grep -q ${_LH_LOCAL_KEY_EMAIL}
+ then
+ apt-key del ${_LH_LOCAL_KEY_EMAIL}
+ fi
+
+ # Removing stage file
+ rm -f .stage/chroot_sources
+ ;;
+
+ *)
+ Usage
+ ;;
+esac