12b60c4088
As noted inline, this works around potential issues by being a strong indication you are in a container (e.g. [1]). Since nothing should be changing anything on the host/build system, this is a generically safer way to operate. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1975588 Change-Id: Ic6802c4ffc2e825f129af10717860a2d1770fe80
79 lines
2.4 KiB
Bash
Executable File
79 lines
2.4 KiB
Bash
Executable File
#!/bin/bash
|
|
# Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
|
|
# Copyright (c) 2016 Andreas Florath (andreas@florath.net)
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
#
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# dib-lint: disable=safe_sudo
|
|
|
|
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -eu
|
|
set -o pipefail
|
|
|
|
# NOTE(SamYaple): Add the keyring deboostrap used if specified
|
|
if [ -n "${DIB_APT_KEYRING:-${DIB_DEBIAN_KEYRING:-}}" ]; then
|
|
cat $DIB_APT_KEYRING | sudo chroot $TARGET_ROOT /usr/bin/apt-key add -
|
|
fi
|
|
|
|
# Writes the apt sources files.
|
|
# The description is passed in via line coded elements.
|
|
# (The approach using associative arrays for configuration faild,
|
|
# because it looks that there is no way to handle defaults in
|
|
# this case - and additionally we run with '-u'.)
|
|
function apt_sources_write {
|
|
local APT_SOURCES_CONF="$1"
|
|
|
|
sudo mkdir -p $TARGET_ROOT/etc/apt/sources.list.d
|
|
|
|
echo "${APT_SOURCES_CONF}" \
|
|
| while read line; do
|
|
local name=$(echo ${line} | cut -d ":" -f 1)
|
|
local value=$(echo ${line} | cut -d ":" -f 2-)
|
|
echo "$value" | sudo tee $TARGET_ROOT/etc/apt/sources.list.d/${name}.list
|
|
done
|
|
}
|
|
|
|
sudo mount -t proc none $TARGET_ROOT/proc
|
|
sudo mount -o ro -t sysfs none $TARGET_ROOT/sys
|
|
trap "sudo umount $TARGET_ROOT/proc; sudo umount $TARGET_ROOT/sys" EXIT
|
|
|
|
apt_get="sudo chroot $TARGET_ROOT /usr/bin/apt-get"
|
|
|
|
apt_sources_write "${DIB_APT_SOURCES_CONF}"
|
|
|
|
# Need to update to retrieve the signed Release file
|
|
$apt_get update
|
|
|
|
$apt_get clean
|
|
$apt_get dist-upgrade -y
|
|
|
|
to_install=""
|
|
|
|
# pre-stretch (9.0) brought this in via debootstrap, but init
|
|
# dependencies have narrowed in the container world, so now we add it
|
|
# explicitly here so it's brought in early.
|
|
to_install+="systemd-sysv "
|
|
|
|
# default required
|
|
to_install+="busybox sudo "
|
|
# required for dpkg element to be able to add apt keys
|
|
to_install+="gnupg2 "
|
|
|
|
to_install+="python3 "
|
|
|
|
$apt_get install -y $to_install
|