[buildd-tools-devel] [GIT] sbuild branch, master, updated. debian/sbuild-0.61.0-1-106-g690c24b
Roger Leigh
rleigh at alioth.debian.org
Thu Mar 10 00:49:01 UTC 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "sbuild".
The branch, master has been updated
via 690c24bea7b3ee436ab3947cb166f040da1d6513 (commit)
via 35a80fb0e6ee4c28e4a266abbe2da1281e8a8b25 (commit)
via a634b464889693c9170f73c56d03d8c37046d2ac (commit)
via d2a2d43a7e3ea2d7ce109172299d3e5f7cadf01d (commit)
via 5342feb52ef29b803bcccf5a8a56e14017d5ee1d (commit)
via d260a28f26a1ef2693343a7b92bf1d80a6a75bcf (commit)
via b485bb3e5a213a4a7bf40547327d6dacc02c3439 (commit)
via c6887d7e28ceafda86c915dea54379125a3d070f (commit)
via ee04dc8f8cff2d7a3ee200c50bd695f2c801a25a (commit)
via ce5254cbf8e2b962b0c4ce2aaf67fbd4977087c4 (commit)
via 2e366ac92eb597be2f399fde716f49006a34ac06 (commit)
via 6d43309aedaf0712f0c79c348bfe0d9b0169382c (commit)
via 162ce402b1f4ae2346815f1812920380fe0b06e5 (commit)
via 3dd5f7659cb0aa679a5df69c0d4168af9fb90850 (commit)
via 6d7c7eee0eb496c850ba5b9b6a5ac8249e6760d1 (commit)
via 2699a5c80b17b8bb96feb30c9428683ce5951b06 (commit)
via a7bcb3b86198aaaecbb161fdef08e8e5913b3ddb (commit)
via 6ece8b6899a3d2304983cfe0bbd485fd6aaab38a (commit)
via a6c0a057fe7269d9959b7cf9b8b1c537020901b5 (commit)
via 6fe66218642eb128d5ba0e7cc83ac4c007148674 (commit)
via c533951b86d51f8c00e8e5598750a0eadf89209e (commit)
via 0580049fa2344260c739371a176aef94e21fbd58 (commit)
via 06049e6177c2e15ffa74b56eeb607db903af9230 (commit)
via 11c9c7eca504748408c57f96aacbf5f58e51336c (commit)
via 99e127e446470810057960b8886288a222be7fa9 (commit)
from 8180f64ddead777c63778c671c417e57799a9b7d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 690c24bea7b3ee436ab3947cb166f040da1d6513
Merge: ce5254c 35a80fb
Author: Roger Leigh <rleigh at debian.org>
Date: Thu Mar 10 00:46:52 2011 +0000
Merge branch 'master' into exception-handling
Conflicts:
lib/Sbuild/Build.pm
commit 35a80fb0e6ee4c28e4a266abbe2da1281e8a8b25
Author: Roger Leigh <rleigh at debian.org>
Date: Thu Mar 10 00:38:37 2011 +0000
debian: Document sbuild user and privilege separation
commit a634b464889693c9170f73c56d03d8c37046d2ac
Author: Roger Leigh <rleigh at debian.org>
Date: Thu Mar 10 00:38:19 2011 +0000
NEWS: Document sbuild user and privilege separation
commit d2a2d43a7e3ea2d7ce109172299d3e5f7cadf01d
Author: Roger Leigh <rleigh at debian.org>
Date: Thu Mar 10 00:29:44 2011 +0000
sbuild: Use sbuild user for building
Rather than using the user invoking sbuild, everything inside the
chroot is done either as root or sbuild. The intention behind this
is to increase the privilege separation between the user and sbuild,
with the ultimate aim being the user having no access to the build
chroot; all access will be mediated via sbuild. The current change
has several implications:
- a wrapper program, sbuild-schroot is used to run schroot. This
handles switching to the sbuild user inside the chroot.
- all files created inside the chroot must be owned and writable
by user and group sbuild. The user ownership is required so that
the sbuild user can create and delete files. The group ownership
is so that the user can create and delete files.
- group write access is removed during the build stage, to prevent
external tampering.
Note that due to the architecture of sbuild, the user may still
interfere with the process themselves, and gain root inside the
chroot either via schroot or sbuild-schroot. These loopholes will
be closed by future changes. The current changes do prevent
accidental tampering, but not deliberate interference.
commit 5342feb52ef29b803bcccf5a8a56e14017d5ee1d
Author: Roger Leigh <rleigh at debian.org>
Date: Wed Mar 9 22:34:11 2011 +0000
debian: Install sbuild-schroot wrapper
sbuild is now an arch-any package
Also add build-arch/indep and install-arch/indep rules.
commit d260a28f26a1ef2693343a7b92bf1d80a6a75bcf
Author: Roger Leigh <rleigh at debian.org>
Date: Wed Mar 9 22:31:34 2011 +0000
Sbuild::Conf: Allow consistency checks to be avoided for dumpconfig
sbuild-dumpconfig should be able to dump the defaults whether or
not the system or user configuration is sane. Here, we don't load
the system configuration, and avoid validation of everything else.
Also, print 1; at the end of the configuration output to make it
valid Perl.
commit b485bb3e5a213a4a7bf40547327d6dacc02c3439
Author: Roger Leigh <rleigh at debian.org>
Date: Wed Mar 9 22:30:07 2011 +0000
debian: libexecdir is /usr/lib
commit c6887d7e28ceafda86c915dea54379125a3d070f
Author: Roger Leigh <rleigh at debian.org>
Date: Wed Mar 9 22:29:16 2011 +0000
build: Use datadir rather than libexecdir for scripts
commit ee04dc8f8cff2d7a3ee200c50bd695f2c801a25a
Author: Roger Leigh <rleigh at debian.org>
Date: Wed Mar 9 22:14:08 2011 +0000
wrapper: Wrap schroot invocation to run as sbuild user
commit ce5254cbf8e2b962b0c4ce2aaf67fbd4977087c4
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 23:50:55 2011 +0000
Sbuild::Build: Fail Stage only set in run() functions
commit 2e366ac92eb597be2f399fde716f49006a34ac06
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 23:48:43 2011 +0000
Sbuild::Build: Throw exceptions doing hack binNMU
commit 6d43309aedaf0712f0c79c348bfe0d9b0169382c
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 23:44:22 2011 +0000
Sbuild::Build: Throw exception in build version check
commit 162ce402b1f4ae2346815f1812920380fe0b06e5
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 23:37:27 2011 +0000
Sbuild::Build: build does not remove build tree
There's no need to remove a dirty tree before unpacking; we now always
build in a unique temporary directory, so this is a no longer existing
problem. We also don't remove the build tree on failure--this has
been taken care of by the top-level cleanup routines for ages.
commit 3dd5f7659cb0aa679a5df69c0d4168af9fb90850
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 23:35:20 2011 +0000
Sbuild::Build: Throw exceptions in open_build_log and build
commit 6d7c7eee0eb496c850ba5b9b6a5ac8249e6760d1
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 23:24:52 2011 +0000
Sbuild::Build: chroot_arch throws exception on failure
commit 2699a5c80b17b8bb96feb30c9428683ce5951b06
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 23:21:09 2011 +0000
Sbuild::Build: Split source packing and chroot update from run()
commit a7bcb3b86198aaaecbb161fdef08e8e5913b3ddb
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 22:49:28 2011 +0000
Sbuild::Build: Add exceptions for arch and space checks
commit 6ece8b6899a3d2304983cfe0bbd485fd6aaab38a
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 22:49:00 2011 +0000
Sbuild::Build: Remove unused 'Pkg Fail Stage' setting
commit a6c0a057fe7269d9959b7cf9b8b1c537020901b5
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 22:48:18 2011 +0000
Sbuild::Build: Log exceptions prior to closing build log
commit 6fe66218642eb128d5ba0e7cc83ac4c007148674
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 22:46:29 2011 +0000
Sbuild::Exception: Add status field
commit c533951b86d51f8c00e8e5598750a0eadf89209e
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 21:59:32 2011 +0000
sbuild: Add exception handler around Sbuild::Build::run
commit 0580049fa2344260c739371a176aef94e21fbd58
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 21:59:12 2011 +0000
Sbuild::Build: set_dsc throws exception on failure
commit 06049e6177c2e15ffa74b56eeb607db903af9230
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 22:19:38 2011 +0000
Sbuild::Build: Add exceptions to run()
run() currently uses a number of gotos and labels to clean up on
error. Unfortunately, this logic is both complex and fragile;
cleanup tasks need doing in the correct order, or not at all.
run() has been split up into separate functions to make the nested
logic explicit, and now throws exceptions on failure; cleanup can
be done before or inside the exception handlers, and the exceptions
may be rethrown to allow cleanup back up the call stack.
commit 11c9c7eca504748408c57f96aacbf5f58e51336c
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 22:12:44 2011 +0000
debian: Build-Depend upon libexception-class-perl
commit 99e127e446470810057960b8886288a222be7fa9
Author: Roger Leigh <rleigh at debian.org>
Date: Tue Mar 8 22:19:00 2011 +0000
Sbuild::Exception: New exception classes
Add exception classes using Exception::Class.
-----------------------------------------------------------------------
Summary of changes:
Makefile.am | 2 +-
NEWS | 8 +
bin/Makefile.am | 46 +-
bin/sbuild | 52 ++-
configure.ac | 33 +-
debian/changelog | 12 +-
debian/control | 6 +-
debian/rules | 32 +-
debian/sbuild.install | 1 +
debian/sbuild.postinst | 17 +-
lib/Buildd/Conf.pm | 5 +-
lib/Sbuild/Build.pm | 687 +++++++++++++++++----------
lib/Sbuild/ChrootSetup.pm | 16 +-
lib/Sbuild/Conf.pm | 10 +-
lib/Sbuild/ConfBase.pm | 15 +-
bin/sbuild-clean => lib/Sbuild/Exception.pm | 18 +-
lib/Sbuild/InternalResolver.pm | 4 +-
lib/Sbuild/Makefile.am | 1 +
lib/Sbuild/ResolverBase.pm | 50 ++-
lib/Sbuild/Sysconfig.pm.in | 2 +
tools/sbuild-dumpconfig | 11 +-
{lib/WannaBuild => wrapper}/Makefile.am | 19 +-
wrapper/util.cc | 250 ++++++++++
wrapper/util.h | 194 ++++++++
wrapper/wrapper.cc | 188 ++++++++
25 files changed, 1313 insertions(+), 366 deletions(-)
copy bin/sbuild-clean => lib/Sbuild/Exception.pm (70%)
mode change 100755 => 100644
copy {lib/WannaBuild => wrapper}/Makefile.am (75%)
create mode 100644 wrapper/util.cc
create mode 100644 wrapper/util.h
create mode 100644 wrapper/wrapper.cc
hooks/post-receive
--
sbuild
More information about the Buildd-tools-devel
mailing list