12b60c4088
As noted inline, this works around potential issues by being a strong indication you are in a container (e.g. [1]). Since nothing should be changing anything on the host/build system, this is a generically safer way to operate. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1975588 Change-Id: Ic6802c4ffc2e825f129af10717860a2d1770fe80
67 lines
2 KiB
Bash
Executable file
67 lines
2 KiB
Bash
Executable file
#!/bin/bash
|
|
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
#
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -eu
|
|
set -o pipefail
|
|
|
|
# NOTE(SamYaple): Add the keyring deboostrap used if specified
|
|
if [ -n "${DIB_APT_KEYRING:-${DIB_DEBIAN_KEYRING:-}}" ]; then
|
|
cat $DIB_APT_KEYRING | sudo chroot $TARGET_ROOT /usr/bin/apt-key add -
|
|
fi
|
|
|
|
# We should manage this in a betterer way
|
|
# Add "basic" release dist
|
|
sudo bash -c "cat << EOF >$TARGET_ROOT/etc/apt/sources.list
|
|
deb $DIB_DISTRIBUTION_MIRROR $DIB_RELEASE ${DIB_DEBIAN_COMPONENTS//,/ }
|
|
EOF"
|
|
|
|
# Add any extra dists
|
|
for dist in ${DIB_UBUNTU_MIRROR_DISTS//,/ } ; do
|
|
sudo bash -c "cat << EOF >>$TARGET_ROOT/etc/apt/sources.list
|
|
deb $DIB_DISTRIBUTION_MIRROR $DIB_RELEASE-$dist ${DIB_DEBIAN_COMPONENTS//,/ }
|
|
EOF"
|
|
done
|
|
|
|
|
|
sudo mount -t proc none $TARGET_ROOT/proc
|
|
sudo mount -o ro -t sysfs none $TARGET_ROOT/sys
|
|
trap "sudo umount $TARGET_ROOT/proc; sudo umount $TARGET_ROOT/sys" EXIT
|
|
|
|
apt_get="sudo chroot $TARGET_ROOT /usr/bin/apt-get" # dib-lint: safe_sudo
|
|
|
|
# Need to update to retrieve the signed Release file
|
|
$apt_get update
|
|
|
|
$apt_get clean
|
|
$apt_get dist-upgrade -y
|
|
|
|
to_install=""
|
|
|
|
# pre-bionic (18.04) brought this in via debootstrap, but init
|
|
# dependencies have narrowed in the container world, so now we add it
|
|
# explicitly here so it's brought in early.
|
|
if [ $DIB_RELEASE != "trusty" ] && [ $DIB_RELEASE != "xenial" ]; then
|
|
to_install+="systemd-sysv "
|
|
fi
|
|
|
|
# default required
|
|
to_install+="busybox sudo python3 " # dib-lint: safe_sudo
|
|
|
|
$apt_get install -y $to_install
|