summaryrefslogtreecommitdiffstats
path: root/lib/Sbuild
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Sbuild')
-rw-r--r--lib/Sbuild/Build.pm20
-rw-r--r--lib/Sbuild/ChrootSchroot.pm2
-rw-r--r--lib/Sbuild/ChrootUnshare.pm17
-rw-r--r--lib/Sbuild/Conf.pm8
-rw-r--r--lib/Sbuild/Options.pm15
5 files changed, 50 insertions, 12 deletions
diff --git a/lib/Sbuild/Build.pm b/lib/Sbuild/Build.pm
index cca1c89..7a23a85 100644
--- a/lib/Sbuild/Build.pm
+++ b/lib/Sbuild/Build.pm
@@ -640,13 +640,6 @@ END
debug("Error run_chroot_session(): $@") if $@;
- if ($self->get('Pkg Status') ne "successful") {
- if(!$self->run_external_commands("post-build-failed-commands")) {
- Sbuild::Exception::Build->throw(error => "Failed to execute post-build-commands",
- failstage => "run-post-build-failed-commands");
- }
- }
-
# End chroot session
my $session = $self->get('Session');
if (defined $session) {
@@ -833,6 +826,9 @@ sub run_fetch_install_packages {
$self->set('Install Start Time', time);
$self->set('Install End Time', $self->get('Install Start Time'));
my @coredeps = @{$self->get_conf('CORE_DEPENDS')};
+ if ($self->get_conf('CHROOT_MODE') eq 'unshare') {
+ push(@coredeps, 'dumb-init');
+ }
if ($self->get('Host Arch') ne $self->get('Build Arch')) {
my $crosscoredeps = $self->get_conf('CROSSBUILD_CORE_DEPENDS');
if (defined($crosscoredeps->{$self->get('Host Arch')})) {
@@ -1010,6 +1006,13 @@ sub run_fetch_install_packages {
}
}
+ if ($self->get('Pkg Status') ne "successful") {
+ if(!$self->run_external_commands("post-build-failed-commands")) {
+ Sbuild::Exception::Build->throw(error => "Failed to execute post-build-commands",
+ failstage => "run-post-build-failed-commands");
+ }
+ }
+
$self->log_subsection("Cleanup");
my $session = $self->get('Session');
my $resolver = $self->get('Dependency Resolver');
@@ -2593,7 +2596,8 @@ sub build {
PRIORITY => 0,
DIR => $dscdir,
STREAMERR => \*STDOUT,
- DISABLE_NETWORK => 1,
+ ENABLE_NETWORK => $self->get_conf('ENABLE_NETWORK'),
+ BUILD_INSIDE_INIT => 1,
};
my $pipe = $session->pipe_command($command);
diff --git a/lib/Sbuild/ChrootSchroot.pm b/lib/Sbuild/ChrootSchroot.pm
index 8c88284..0dc8a95 100644
--- a/lib/Sbuild/ChrootSchroot.pm
+++ b/lib/Sbuild/ChrootSchroot.pm
@@ -132,7 +132,7 @@ sub get_command_internal {
return if $self->get('Session ID') eq "";
- if (defined($options->{'DISABLE_NETWORK'}) && $options->{'DISABLE_NETWORK'}) {
+ if (defined($options->{'ENABLE_NETWORK'}) && $options->{'ENABLE_NETWORK'} == 0) {
print STDERR "Disabling the network for this command was requested but the schroot backend doesn't support this feature yet: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802849\n" if $self->get_conf('DEBUG');
}
diff --git a/lib/Sbuild/ChrootUnshare.pm b/lib/Sbuild/ChrootUnshare.pm
index 91a7fa4..c4a3064 100644
--- a/lib/Sbuild/ChrootUnshare.pm
+++ b/lib/Sbuild/ChrootUnshare.pm
@@ -271,17 +271,23 @@ sub _get_exec_argv {
my $dir = shift;
my $user = shift;
my $disable_network = shift // 0;
+ my $build_inside_init = shift // 0;
# On systems with libnss-resolve installed there is no need for a
# /etc/resolv.conf. This works around this by adding 127.0.0.53 (default
# for systemd-resolved) in that case.
my $network_setup = '[ -f /etc/resolv.conf ] && cat /etc/resolv.conf > "$rootdir/etc/resolv.conf" || echo "nameserver 127.0.0.53" > "$rootdir/etc/resolv.conf";';
my $unshare = CLONE_NEWNS | CLONE_NEWPID | CLONE_NEWUTS | CLONE_NEWIPC;
+ my $init = "";
if ($disable_network) {
$unshare |= CLONE_NEWNET;
$network_setup = 'ip link set lo up;> "$rootdir/etc/resolv.conf";';
}
+ if ($build_inside_init) {
+ $init = "/usr/bin/dumb-init";
+ }
+
my @bind_mounts = ();
for my $entry (@{$self->get_conf('UNSHARE_BIND_MOUNTS')}) {
push @bind_mounts, $entry->{directory}, $entry->{mountpoint};
@@ -321,7 +327,7 @@ sub _get_exec_argv {
mount -o rbind /sys \"\$rootdir/sys\";
mkdir -p \"\$rootdir/proc\";
mount -t proc proc \"\$rootdir/proc\";
- exec /usr/sbin/chroot \"\$rootdir\" /sbin/runuser -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\";
+ exec /usr/sbin/chroot \"\$rootdir\" $init /sbin/runuser -u \"\$user\" -- sh -c \"cd \\\"\\\$1\\\" && shift && \\\"\\\$@\\\"\" -- \"\$dir\" \"\$@\";
", '--', $self->get('Session ID'), $user, $dir, @bind_mounts, '--'
);
}
@@ -358,11 +364,16 @@ sub get_command_internal {
}
my $disable_network = 0;
- if (defined($options->{'DISABLE_NETWORK'}) && $options->{'DISABLE_NETWORK'}) {
+ if (defined($options->{'ENABLE_NETWORK'}) && $options->{'ENABLE_NETWORK'} == 0) {
$disable_network = 1;
}
- my @cmdline = $self->_get_exec_argv($dir, $user, $disable_network);
+ my $build_inside_init = 0;
+ if (defined($options->{'BUILD_INSIDE_INIT'}) && $options->{'BUILD_INSIDE_INIT'}) {
+ $build_inside_init = 1;
+ }
+
+ my @cmdline = $self->_get_exec_argv($dir, $user, $disable_network, $build_inside_init);
if (ref $command) {
push @cmdline, @$command;
} else {
diff --git a/lib/Sbuild/Conf.pm b/lib/Sbuild/Conf.pm
index 77e3db3..d0e3f6f 100644
--- a/lib/Sbuild/Conf.pm
+++ b/lib/Sbuild/Conf.pm
@@ -295,6 +295,14 @@ sub setup ($) {
HELP => 'Bind mount directories from the outside to a mountpoint inside the chroot in unshare mode.',
EXAMPLE => '$unshare_bind_mounts = [ { directory => "/home/path/outside", mountpoint => "/path/inside" } ];'
},
+ 'ENABLE_NETWORK' => {
+ TYPE => 'STRING',
+ VARNAME => 'enable_network',
+ GROUP => 'Build options',
+ DEFAULT => 0,
+ HELP => 'By default network access is blocked during build (only implemented for the unshare mode). This lifts the restriction.',
+ CLI_OPTIONS => ['--enable-network']
+ },
'AUTOPKGTEST_VIRT_SERVER' => {
TYPE => 'STRING',
VARNAME => 'autopkgtest_virt_server',
diff --git a/lib/Sbuild/Options.pm b/lib/Sbuild/Options.pm
index 8cc70dc..f871cf4 100644
--- a/lib/Sbuild/Options.pm
+++ b/lib/Sbuild/Options.pm
@@ -51,6 +51,7 @@ sub set_options {
my ($opt_run_lintian, $opt_no_run_lintian);
my ($opt_run_piuparts, $opt_no_run_piuparts);
my ($opt_run_autopkgtest, $opt_no_run_autopkgtest);
+ my ($opt_enable_network, $opt_no_enable_network);
my ($opt_make_binnmu, $opt_binnmu, $opt_binnmu_timestamp, $opt_binnmu_changelog, $opt_append_to_version);
$self->add_options("arch=s" => sub {
@@ -505,6 +506,20 @@ sub set_options {
$self->set_conf('RUN_AUTOPKGTEST', 0);
$opt_no_run_autopkgtest = 1;
},
+ "enable-network" => sub {
+ if ($opt_no_enable_network) {
+ die "--enable-network cannot be used together with --no-enable-network";
+ }
+ $self->set_conf('ENABLE_NETWORK', 1);
+ $opt_enable_network = 1;
+ },
+ "no-enable-network" => sub {
+ if ($opt_enable_network) {
+ die "--no-enable-network cannot be used together with --enable-network";
+ }
+ $self->set_conf('ENABLE_NETWORK', 0);
+ $opt_no_enable_network = 1;
+ },
"autopkgtest-opts=s" => sub {
push(@{$self->get_conf('AUTOPKGTEST_OPTIONS')},
split(/\s+/, $_[1]));