forked from QubesOS/qubes-builder-debian
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pbuilderrc
187 lines (155 loc) · 6.11 KB
/
pbuilderrc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# pbuilder defaults; edit /etc/pbuilderrc to override these and see
# pbuilderrc.5 for documentation
# Set how much output you want from pbuilder, valid values are
# E => errors only
# W => errors and warnings
# I => errors, warnings and informational
# D => all of the above and debug messages
LOGLEVEL=I
# if positive, some log messagges (errors, warnings, debugs) will be colored
# auto => try automatically detection
# yes => always use colors
# no => never use colors
USECOLORS=auto
case ${DISTRIBUTION} in
stretch|buster|bullseye|bookworm|sid|experimental)
DIST_VENDOR=debian
MIRRORSITE=http://deb.debian.org/debian
;;
trusty|xenial|bionic|focal)
DIST_VENDOR=qubuntu
MIRRORSITE=http://archive.ubuntu.com/ubuntu
;;
*)
echo "Unknown distribution: ${DISTRIBUTION}" >&2
exit 1
esac
BASETGZ="${CHROOT_DIR}/pbuilder/base.tgz"
#EXTRAPACKAGES=""
#export DEBIAN_BUILDARCH=athlon
BUILDPLACE=$CHROOT_DIR/pbuilder/build
# directory inside the chroot where the build happens. See #789404
BUILDDIR=/build
# what be used as value for HOME during builds. See #441052
# The default value prevents builds to write on HOME, which is prevented on
# Debian buildds too. You can set it to $BUILDDIR to get a working HOME, if
# you need to.
BUILD_HOME=/nonexistent
#OTHERMIRROR="deb http://www.home.com/updates/ ./"
#export http_proxy=http://your-proxy:8080/
USEPROC=yes
USEDEVFS=no
USEDEVPTS=yes
USESYSFS=yes
USENETWORK=no
USERUNSHM=yes
BUILDRESULT="${CHROOT_DIR}/pbuilder/results"
# specifying the distribution forces the distribution on "pbuilder update"
#DISTRIBUTION=sid
# specifying the architecture passes --arch= to debootstrap; the default is
# to use the architecture of the host
#ARCHITECTURE=`dpkg --print-architecture`
# specifying the components of the distribution, for instance to enable all
# components on Debian use "main contrib non-free" and on Ubuntu "main
# restricted universe multiverse"
COMPONENTS="main"
#specify the cache for APT
APTCACHE="$CACHEDIR"
APTCACHEHARDLINK="yes"
REMOVEPACKAGES=""
#HOOKDIR="/usr/lib/pbuilder/hooks"
HOOKDIR="$DEBIAN_PLUGIN_DIR/pbuilder-hooks"
EATMYDATA=yes
# make debconf not interact with user
export DEBIAN_FRONTEND="noninteractive"
#for pbuilder debuild
BUILDSOURCEROOTCMD="fakeroot"
PBUILDERROOTCMD="sudo -E"
# use cowbuilder for pdebuild
#PDEBUILD_PBUILDER="cowbuilder"
# additional build results to copy out of the package build area
#ADDITIONAL_BUILDRESULTS=(xunit.xml .coverage)
# command to satisfy build-dependencies; the default is an internal shell
# implementation which is relatively slow; there are two alternate
# implementations, the "experimental" implementation,
# "pbuilder-satisfydepends-experimental", which might be useful to pull
# packages from experimental or from repositories with a low APT Pin Priority,
# and the "aptitude" implementation, which will resolve build-dependencies and
# build-conflicts with aptitude which helps dealing with complex cases but does
# not support unsigned APT repositories
PBUILDERSATISFYDEPENDSCMD="/usr/lib/pbuilder/pbuilder-satisfydepends"
# Arguments for $PBUILDERSATISFYDEPENDSCMD.
# PBUILDERSATISFYDEPENDSOPT=()
# You can optionally make pbuilder accept untrusted repositories by setting
# this option to yes, but this may allow remote attackers to compromise the
# system. Better set a valid key for the signed (local) repository with
# $APTKEYRINGS (see below).
ALLOWUNTRUSTED=no
# Option to pass to apt-get always.
export APTGETOPT=()
# Option to pass to aptitude always.
export APTITUDEOPT=()
# Whether to use debdelta or not. If "yes" debdelta will be installed in the
# chroot
DEBDELTA=no
#Command-line option passed on to dpkg-buildpackage.
#DEBBUILDOPTS="-IXXX -iXXX"
DEBBUILDOPTS="-sa"
#APT configuration files directory
APTCONFDIR=""
export DEB_VENDOR=Qubes
unset MAKEFLAGS
# the username and ID used by pbuilder, inside chroot. Needs fakeroot, really
BUILDUSERNAME=pbuilder
BUILDUSERID=$(grep $BUILDUSERNAME /etc/passwd | cut -d: -f3)
# BINDMOUNTS is a space separated list of things to mount
# inside the chroot.
BINDMOUNTS=""
# Set the debootstrap variant to 'buildd' type.
DEBOOTSTRAPOPTS=(
'--variant=buildd'
'--force-check-gpg'
)
# or unset it to make it not a buildd type.
# unset DEBOOTSTRAPOPTS
DEBOOTSTRAPOPTS+=( "--keyring=${DEBIAN_PLUGIN_DIR}/keys/${DISTRIBUTION}-${DIST_VENDOR}-archive-keyring.gpg" )
# Keyrings to use for package verification with apt, not used for debootstrap
# (use DEBOOTSTRAPOPTS). By default the debian-archive-keyring package inside
# the chroot is used.
if [ -r "${CHROOT_DIR}/pbuilder/qubes-keyring.gpg" ]; then
APTKEYRINGS=( "${CHROOT_DIR}/pbuilder/qubes-keyring.gpg" )
else
APTKEYRINGS=()
fi
# Set the PATH I am going to use inside pbuilder: default is "/usr/sbin:/usr/bin:/sbin:/bin"
export PATH="/usr/sbin:/usr/bin:/sbin:/bin"
# SHELL variable is used inside pbuilder by commands like 'su'; and they need sane values
export SHELL=/bin/bash
# The name of debootstrap command, you might want "cdebootstrap".
DEBOOTSTRAP="debootstrap"
# default file extension for pkgname-logfile
PKGNAME_LOGFILE_EXTENSION="_$(dpkg --print-architecture).build"
# default PKGNAME_LOGFILE
PKGNAME_LOGFILE=""
# default AUTOCLEANAPTCACHE
AUTOCLEANAPTCACHE=""
#default COMPRESSPROG
COMPRESSPROG="gzip"
# pbuilder copies some configuration files (like /etc/hosts or /etc/hostname)
# from the host system into the chroot. If the directory specified here
# exists and contains one of the copied files (without the leading /etc) that
# file will be copied from here instead of the system one
CONFDIR="/etc/pbuilder/conf_files"
# ccache (make sure ccache is installed before uncommenting)
CCACHEDIR=""
# Note: CCACHEDIR is private to pbuilder, ccache uses "CCACHE_DIR"
#CCACHEDIR="/var/cache/pbuilder/ccache"
#export CCACHE_DIR="${CCACHEDIR}"
#export PATH="/usr/lib/ccache:${PATH}"
#EXTRAPACKAGES=ccache
#BINDMOUNTS="${BINDMOUNTS} ${CCACHE_DIR}"
BINDMOUNTS="${BUILDER_REPO_DIR}:/tmp/qubes-deb"
# qubes-builder is the thing building building the final packages, it doesn't
# need to send *_source.changes to be actually built; and two .changes files
# messes things up
SOURCE_ONLY_CHANGES=no