diff -Nru pbuilder-0.206ubuntu2/debian/changelog pbuilder-0.208ubuntu1/debian/changelog --- pbuilder-0.206ubuntu2/debian/changelog 2012-02-22 00:46:49.000000000 +0000 +++ pbuilder-0.208ubuntu1/debian/changelog 2012-03-14 14:44:35.000000000 +0000 @@ -1,3 +1,52 @@ +pbuilder (0.208ubuntu1) precise; urgency=low + + * Merge from Debian unstable (LP: #952938) + Remaining changes: + - pbuilderrc, debian/pbuilder.config: Set default archive mirror to + "archive.ubuntu.com/ubuntu". + - pbuilderrc: Set default distribution to "precise" and the default + keyring to the Ubuntu one. + - pbuilderrc: change how we pass keyring in DEBOOTSTRAPOPTS + - debian/rules: install temporary locale so man page tests don't cause + FTBFS. + + -- Maarten Bezemer Wed, 14 Mar 2012 14:54:09 +0100 + +pbuilder (0.208) unstable; urgency=low + + [ Guido Günther ] + * Allow to copy additional files out of the build + directory (closes: 652634) + + [ Junichi Uekawa ] + * fix space handling in additional-buildresults. + * fix logging message and conditionality to make it less lines. + * factor out common code for apt key rings. + + [ Thorsten Glaser ] + * pbuilder-satisfydepends failed due to --check- + key deprecation bug (closes: 663283) + + -- Junichi Uekawa Tue, 13 Mar 2012 19:11:00 +0900 + +pbuilder (0.207) unstable; urgency=low + + [ Maarten Bezemer ] + * Bug#659581: pbuilder: does not autocomplete filename in all cases + correctly + * Bug#660838: pbuilder: Add complete bash_autocompletion for all flags + and arguments + * Bug#659703: pbuilder: Typo in error message + + [ Junichi Uekawa ] + * Bug#660386: pbuilder: Remove /usr/X11R6/bin from default PATH + * make longer lines wrap so reading patch files aren't as painful. + + [ Simon Ruderich ] + * Bug#579028: pbuilder: installs untrusted packages without asking + + -- Junichi Uekawa Sat, 10 Mar 2012 09:40:35 +0900 + pbuilder (0.206ubuntu2) precise; urgency=low * Auto complete flags and required file/directory names (Closes: #933339) diff -Nru pbuilder-0.206ubuntu2/debian/NEWS pbuilder-0.208ubuntu1/debian/NEWS --- pbuilder-0.206ubuntu2/debian/NEWS 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/debian/NEWS 2012-03-08 22:54:41.000000000 +0000 @@ -1,3 +1,22 @@ +pbuilder (0.207) unstable; urgency=low + + The default configuration will now only install trusted packages. This + prevents building packages with manipulated sources or a system compromise + due to a man-in-the-middle attack. + + However this also prevents installing packages from unsigned repositories by + default. + + If you really want to continue using unsigned repositories, you have to set + ALLOWUNTRUSTED=yes in your .pbuilderrc or use the --allow-untrusted option. + But if possible use a signed repository and set the used keys with the new + --keyring option (can be passed multiple times). + + Due to this change the PBUILDERSATISFYDEPENDSOPT option --check-key is no + longer necessary and thus deprecated. + + -- Simon Ruderich Tue, 06 Mar 2012 02:02:38 +0100 + pbuilder (0.197) unstable; urgency=low The default configuration will now enable ccache. To disable installation diff -Nru pbuilder-0.206ubuntu2/debian/pbuilder-test/00_prepinstall pbuilder-0.208ubuntu1/debian/pbuilder-test/00_prepinstall --- pbuilder-0.206ubuntu2/debian/pbuilder-test/00_prepinstall 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/debian/pbuilder-test/00_prepinstall 2012-03-08 22:54:41.000000000 +0000 @@ -1,4 +1,4 @@ #!/bin/bash # Prepare and install packages used in the tests. -apt-get install -y --force-yes sudo +apt-get install -y sudo diff -Nru pbuilder-0.206ubuntu2/pbuilder.8 pbuilder-0.208ubuntu1/pbuilder.8 --- pbuilder-0.206ubuntu2/pbuilder.8 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder.8 2012-03-08 22:54:41.000000000 +0000 @@ -361,7 +361,7 @@ .B """/srv /somedir /someotherdir""" .TP -.BI "\-\-debootstrapopts " "\-\-variant=buildd" +.BI "\-\-debootstrapopts " "\-\-variant=buildd" " " "\-\-keyring" " " "/usr/share/keyrings/debian\-archive\-keyring.gpg" Add extra command-line options to debootstrap. Specify multiple options through multiple instance of this @@ -380,6 +380,24 @@ .B debootstrap. .TP +.BI "\-\-allow\-untrusted " +Allow untrusted (no key installed) and unsigned repositories. +.BI Warning: +Enabling this option may allow remote attackers to compromise the system. +Better use signed repositories and +.B "\-\-keyring" +to add the key(s). + +.TP +.BI "\-\-keyring " "path/to/keyring" +Additional keyrings to use for package verification with apt, not used for +debootstrap (use +.B "\-\-debootstrapopts" +). Use this to add (local) signed repositories. By default the +debian-archive-keyring package inside the chroot is used. Can be specified +multiple times. + +.TP .BI "\-\-save\-after\-login " .TP .BI "\-\-save\-after\-exec " diff -Nru pbuilder-0.206ubuntu2/pbuilder-buildpackage pbuilder-0.208ubuntu1/pbuilder-buildpackage --- pbuilder-0.206ubuntu2/pbuilder-buildpackage 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-buildpackage 2012-03-13 08:25:15.000000000 +0000 @@ -27,7 +27,7 @@ PACKAGENAME="$1" if [ ! -f "$PACKAGENAME" ]; then - log "E: Command line parameter [$PACKAGENAME] is does not exist" + log "E: Command line parameter [$PACKAGENAME] does not exist" exit 1; fi; @@ -171,6 +171,10 @@ cp -p ${FILE} "${BUILDRESULT}" || true fi done + for FILE in "${ADDITIONAL_BUILDRESULTS[@]}"; do + log "I: Trying to save additional result ${FILE}" + cp -a "${BUILDPLACE}/tmp/buildd/"*"/${FILE}" "${BUILDRESULT}" || true + done else log "E: BUILDRESULT=[$BUILDRESULT] is not a directory." fi diff -Nru pbuilder-0.206ubuntu2/pbuilder-checkparams pbuilder-0.208ubuntu1/pbuilder-checkparams --- pbuilder-0.206ubuntu2/pbuilder-checkparams 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-checkparams 2012-03-08 22:54:41.000000000 +0000 @@ -207,6 +207,14 @@ DEBOOTSTRAP="$2"; shift; shift; ;; + --allow-untrusted) + ALLOWUNTRUSTED=yes; + shift; + ;; + --keyring) + APTKEYRINGS[${#APTKEYRINGS[@]}]="$2"; + shift; shift; + ;; --save-after-login|--save-after-exec) SAVE_AFTER_LOGIN=yes; shift; @@ -312,3 +320,13 @@ # sort BINDMOUNTS to ensure that deeper directories are mounted last BINDMOUNTS="$(for i in $BINDMOUNTS; do echo $i; done | sort -u)" + +if [ "$ALLOWUNTRUSTED" = "yes" ]; then + PBUILDERSATISFYDEPENDSOPT[${#PBUILDERSATISFYDEPENDSOPT[@]}]='--allow-untrusted' + # Also duplicated in pbuilder-satisfydepends-checkparams! + # apt flag to accept untrusted packages + APTGETOPT[${#APTGETOPT[@]}]='--force-yes' + # aptitude flag to accept untrusted packages + APTITUDEOPT[${#APTITUDEOPT[@]}]='-o' + APTITUDEOPT[${#APTITUDEOPT[@]}]='Aptitude::CmdLine::Ignore-Trust-Violations=true' +fi diff -Nru pbuilder-0.206ubuntu2/pbuilder-createbuildenv pbuilder-0.208ubuntu1/pbuilder-createbuildenv --- pbuilder-0.206ubuntu2/pbuilder-createbuildenv 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-createbuildenv 2012-03-13 08:08:19.000000000 +0000 @@ -65,7 +65,14 @@ # FIXME if the end-user passes another --include= to debootstrap in # DEBOOTSTRAPOPTS, it will override the --include=apt one and apt might not be # installed -if ! ( cd "$BUILDPLACE" && "${DEBOOTSTRAP}" ${ARCHITECTURE:+--arch=$ARCHITECTURE} --include=apt "${DEBOOTSTRAPOPTS[@]}" "$DISTRIBUTION" . "$MIRRORSITE" $DEBOOTSTRAPSCRIPT ) ; then +if ! ( cd "$BUILDPLACE" && \ + "${DEBOOTSTRAP}" ${ARCHITECTURE:+--arch=$ARCHITECTURE} \ + --include=apt \ + "${DEBOOTSTRAPOPTS[@]}" \ + "$DISTRIBUTION" \ + . \ + "$MIRRORSITE" \ + $DEBOOTSTRAPSCRIPT ) ; then log "E: $DEBOOTSTRAP failed" exit 1 fi @@ -78,7 +85,7 @@ copy_local_configuration installaptlines - +add_additional_aptkeyrings executehooks "G" log "I: Refreshing the base.tgz " @@ -111,7 +118,10 @@ fi recover_aptcache $CHROOTEXEC /usr/bin/apt-get -q -y "${APTGETOPT[@]}" "${FORCE_CONFNEW[@]}" dist-upgrade -$CHROOTEXEC /usr/bin/apt-get -q -y "${APTGETOPT[@]}" install build-essential dpkg-dev $EXTRAPACKAGES +$CHROOTEXEC /usr/bin/apt-get -q -y "${APTGETOPT[@]}" install \ + build-essential \ + dpkg-dev \ + $EXTRAPACKAGES save_aptcache executehooks "E" diff -Nru pbuilder-0.206ubuntu2/pbuilder-loadconfig pbuilder-0.208ubuntu1/pbuilder-loadconfig --- pbuilder-0.206ubuntu2/pbuilder-loadconfig 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-loadconfig 2012-03-08 23:05:38.000000000 +0000 @@ -20,7 +20,10 @@ export PBUILDER_PKGDATADIR="${PBUILDER_PKGDATADIR:-$PBUILDER_ROOT/usr/share/pbuilder}" export PBUILDER_SYSCONFDIR="${PBUILDER_SYSCONFDIR:-$PBUILDER_ROOT/etc}" -for RCFILE in "$PBUILDER_PKGDATADIR"/pbuilderrc "$PBUILDER_SYSCONFDIR"/pbuilderrc "$HOME"/.pbuilderrc; do +for RCFILE in \ + "$PBUILDER_PKGDATADIR"/pbuilderrc \ + "$PBUILDER_SYSCONFDIR"/pbuilderrc \ + "$HOME"/.pbuilderrc; do if [ -f "$RCFILE" ]; then . "$RCFILE" else diff -Nru pbuilder-0.206ubuntu2/pbuilder-modules pbuilder-0.208ubuntu1/pbuilder-modules --- pbuilder-0.206ubuntu2/pbuilder-modules 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-modules 2012-03-13 08:09:46.000000000 +0000 @@ -135,11 +135,13 @@ log "W: $mountpoint isn't a directory" return 1 fi - if [ -r "$BUILDPLACE/proc/mounts" ] && grep -q "^[^ ]* $mountpoint " "$BUILDPLACE/proc/mounts"; then + if [ -r "$BUILDPLACE/proc/mounts" ] && \ + grep -q "^[^ ]* $mountpoint " "$BUILDPLACE/proc/mounts"; then log "W: $mountpoint is mounted according to build place's /proc/mounts" return 1 fi - if [ -r "/proc/mounts" ] && grep -q "^[^ ]* $BUILDPLACE/$mountpoint " "/proc/mounts"; then + if [ -r "/proc/mounts" ] && \ + grep -q "^[^ ]* $BUILDPLACE/$mountpoint " "/proc/mounts"; then log "W: $mountpoint is mounted according to system's /proc/mounts" return 1 fi @@ -580,6 +582,15 @@ fi } +function add_additional_aptkeyrings() { +# To support package verification inside the repository we may have to import +# additional keys. + for KEY in "${APTKEYRINGS[@]}"; do + log "I: adding apt key file ${KEY}." + $CHROOTEXEC /usr/bin/apt-key add - < "${KEY}" > /dev/null + done +} + #Setting environmental variables that are really required: #required for some packages to install... export LANG=C diff -Nru pbuilder-0.206ubuntu2/pbuilderrc pbuilder-0.208ubuntu1/pbuilderrc --- pbuilder-0.206ubuntu2/pbuilderrc 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilderrc 2012-03-14 14:44:35.000000000 +0000 @@ -42,6 +42,8 @@ # use cowbuilder for pdebuild #PDEBUILD_PBUILDER="cowbuilder" +# additional build results to copy out of the package build area +#ADDITIONAL_BUILDRESULTS=(xunit.xml .coverage) # command to satisfy build-dependencies; the default is an internal shell # implementation which is relatively slow; there are two alternate @@ -53,11 +55,19 @@ # not support unsigned APT repositories PBUILDERSATISFYDEPENDSCMD="/usr/lib/pbuilder/pbuilder-satisfydepends" -# You can optionally make pbuilder check key by setting the following flags -# PBUILDERSATISFYDEPENDSOPT=('--check-key') -# unset PBUILDERSATISFYDEPENDSOPT -# option to pass to apt-get always. -export APTGETOPT=('--force-yes') +# Arguments for $PBUILDERSATISFYDEPENDSCMD. +# PBUILDERSATISFYDEPENDSOPT=() + +# You can optionally make pbuilder accept untrusted repositories by setting +# this option to yes, but this may allow remote attackers to compromise the +# system. Better set a valid key for the signed (local) repository with +# $APTKEYRINGS (see below). +ALLOWUNTRUSTED=no + +# Option to pass to apt-get always. +export APTGETOPT=() +# Option to pass to aptitude always. +export APTITUDEOPT=() #Command-line option passed on to dpkg-buildpackage. #DEBBUILDOPTS="-IXXX -iXXX" @@ -82,8 +92,13 @@ # or unset it to make it not a buildd type. # unset DEBOOTSTRAPOPTS -# Set the PATH I am going to use inside pbuilder: default is "/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin" -export PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/X11R6/bin" +# Keyrings to use for package verification with apt, not used for debootstrap +# (use DEBOOTSTRAPOPTS). By default the debian-archive-keyring package inside +# the chroot is used. +APTKEYRINGS=() + +# Set the PATH I am going to use inside pbuilder: default is "/usr/sbin:/usr/bin:/sbin:/bin" +export PATH="/usr/sbin:/usr/bin:/sbin:/bin" # SHELL variable is used inside pbuilder by commands like 'su'; and they need sane values export SHELL=/bin/bash diff -Nru pbuilder-0.206ubuntu2/pbuilderrc.5 pbuilder-0.208ubuntu1/pbuilderrc.5 --- pbuilder-0.206ubuntu2/pbuilderrc.5 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilderrc.5 2012-03-13 08:11:43.000000000 +0000 @@ -178,17 +178,25 @@ The default value is to build source and binary package. .TP -.BI "DEBOOTSTRAPOPTS=" "( '\-\-variant=buildd' )" +.BI "DEBOOTSTRAPOPTS=" "( '\-\-variant=buildd' '\-\-keyring' '/usr/share/keyrings/debian\-archive\-keyring.gpg' )" When this option is set to .B "\-\-variant=buildd" .B "pbuilder" will invoke .B "$DEBOOTSTRAP" -with "\-\-variant=buildd" +with +.B "\-\-variant=buildd" option, which results in debootstrap creating a minimal chroot for buildd instead of trying to create a minimal installation chroot. -.B "DEBOOTSTRAP" -is another directive in this file. +.B "\-\-keyring" +is used to specify a keyring for debootstrap. +.TP +.BI "APTKEYRINGS=" "()" +Additional keyrings to use for package verification with apt, not used for +debootstrap (use +.B "$DEBOOTSTRAPOPTS" +). Use this to add (local) signed repositories. By default the +debian-archive-keyring package inside the chroot is used. .TP .BI "DEBOOTSTRAP=" "debootstrap" Use this option to switch the implementation of @@ -329,15 +337,25 @@ The default is now "aptitude". .TP -.BI "PBUILDERSATISFYDEPENDSOPT=" "('\-\-check\-key')" +.BI "PBUILDERSATISFYDEPENDSOPT=" "()" Array of flags to give to pbuilder\-satisfydepends. -Specifying \-\-check\-key here will try to verify key signatures. .TP -.BI "APTGETOPT=" "('\-\-force\-yes')" +.BI "ALLOWUNTRUSTED=" "no" +Allow untrusted (no key installed) and unsigned repositories. +.BI Warning: +Enabling this option may allow remote attackers to compromise the system. +Better use signed repositories and +.B "$APTKEYRINGS" +to add the key(s). + +.TP +.BI "APTGETOPT=" "()" Extra flags to give to apt\-get. -Default is \-\-force\-yes, which will skip key verification of packages -to be installed. Unset if you want to enable key verification. + +.TP +.BI "APTITUDEGETOPT=" "()" +Extra flags to give to aptitude. .TP .BI "REMOVEPACKAGES=" "lilo" @@ -379,6 +397,10 @@ software which fail miserably when there is no .B /proc being mounted. +.TP +.BI "ADDITIONAL_BUILDRESULTS=""" +Array of additional files to copy out of the build area. + .SH "AUTHOR" Initial coding, and main maintenance is done by Junichi Uekawa . diff -Nru pbuilder-0.206ubuntu2/pbuilder-satisfydepends-aptitude pbuilder-0.208ubuntu1/pbuilder-satisfydepends-aptitude --- pbuilder-0.206ubuntu2/pbuilder-satisfydepends-aptitude 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-satisfydepends-aptitude 2012-03-08 23:07:29.000000000 +0000 @@ -88,8 +88,20 @@ fi $CHROOTEXEC sh -c "cat \"$BUILD_DEP_DEB_CONTROL\"" $CHROOTEXEC sh -c "dpkg-deb -b \"$BUILD_DEP_DEB_DIR/pbuilder-satisfydepends-dummy\"" - $CHROOTEXEC dpkg --force-depends --force-conflicts -i "$BUILD_DEP_DEB_DIR/pbuilder-satisfydepends-dummy.deb" || true - $CHROOTEXEC aptitude -y --without-recommends -o APT::Install-Recommends=false "${PBUILDER_APTITUDE_CHECK_OPTS[@]}" -o Aptitude::ProblemResolver::StepScore=100 -o "Aptitude::ProblemResolver::Hints::KeepDummy=reject pbuilder-satisfydepends-dummy :UNINST" -o Aptitude::ProblemResolver::Keep-All-Level=55000 -o Aptitude::ProblemResolver::Remove-Essential-Level=maximum install pbuilder-satisfydepends-dummy + $CHROOTEXEC dpkg \ + --force-depends \ + --force-conflicts \ + -i "$BUILD_DEP_DEB_DIR/pbuilder-satisfydepends-dummy.deb" || true + $CHROOTEXEC aptitude \ + -y \ + --without-recommends -o APT::Install-Recommends=false \ + "${APTITUDEOPT[@]}" \ + -o Aptitude::ProblemResolver::StepScore=100 \ + -o "Aptitude::ProblemResolver::Hints::KeepDummy=reject pbuilder-satisfydepends-dummy :UNINST" \ + -o Aptitude::ProblemResolver::Keep-All-Level=55000 \ + -o Aptitude::ProblemResolver::Remove-Essential-Level=maximum \ + install \ + pbuilder-satisfydepends-dummy # check whether the aptitude's resolver kept the package if ! $CHROOTEXEC dpkg -l pbuilder-satisfydepends-dummy 2>/dev/null | grep -q ^ii; then echo "Aptitude couldn't satisfy the build dependencies" diff -Nru pbuilder-0.206ubuntu2/pbuilder-satisfydepends-checkparams pbuilder-0.208ubuntu1/pbuilder-satisfydepends-checkparams --- pbuilder-0.206ubuntu2/pbuilder-satisfydepends-checkparams 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-satisfydepends-checkparams 2012-03-13 10:09:21.000000000 +0000 @@ -26,13 +26,7 @@ FORCEVERSION="" CONTINUE_FAIL="no" CHROOTEXEC_AFTER_INTERNAL_CHROOTEXEC=no - -# aptitude flag to ignore key verification -PBUILDER_APTITUDE_CHECK_OPTS=( - '-o' - 'Aptitude::CmdLine::Ignore-Trust-Violations=true' ) -# apt flag to ignore key verification -PBUILDER_APT_GET_CHECK_OPTS="--force-yes" +ALLOWUNTRUSTED=no while [ -n "$1" ]; do case "$1" in @@ -80,8 +74,11 @@ shift; ;; --check-key) - unset PBUILDER_APTITUDE_CHECK_OPTS - unset PBUILDER_APT_GET_CHECK_OPTS + ALLOWUNTRUSTED=no + shift; + ;; + --allow-untrusted) + ALLOWUNTRUSTED=yes shift; ;; --help|-h|*) @@ -91,4 +88,13 @@ esac done +if [ $ALLOWUNTRUSTED = yes ]; then + # Also duplicated in pbuilder-checkparams! + # apt flag to accept untrusted packages + APTGETOPT[${#APTGETOPT[@]}]='--force-yes' + # aptitude flag to accept untrusted packages + APTITUDEOPT[${#APTITUDEOPT[@]}]='-o' + APTITUDEOPT[${#APTITUDEOPT[@]}]='Aptitude::CmdLine::Ignore-Trust-Violations=true' +fi + checkbuilddep_internal diff -Nru pbuilder-0.206ubuntu2/pbuilder-satisfydepends-funcs pbuilder-0.208ubuntu1/pbuilder-satisfydepends-funcs --- pbuilder-0.206ubuntu2/pbuilder-satisfydepends-funcs 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-satisfydepends-funcs 2012-03-08 23:11:32.000000000 +0000 @@ -154,7 +154,8 @@ checkbuilddep_provides() { local PACKAGENAME="$1" # PROVIDED needs to be used outside of this function. - PROVIDED=$($CHROOTEXEC /usr/bin/apt-cache showpkg $PACKAGENAME | awk '{p=0}/^Reverse Provides:/,/^$/{p=1}{if(p && ($0 !~ "Reverse Provides:")){PACKAGE=$1}} END{print PACKAGE}') + PROVIDED=$($CHROOTEXEC /usr/bin/apt-cache showpkg $PACKAGENAME \ + | awk '{p=0}/^Reverse Provides:/,/^$/{p=1}{if(p && ($0 !~ "Reverse Provides:")){PACKAGE=$1}} END{print PACKAGE}') } # returns either "package=version", to append to an apt-get install line, or diff -Nru pbuilder-0.206ubuntu2/pbuilder-uml-checkparams pbuilder-0.208ubuntu1/pbuilder-uml-checkparams --- pbuilder-0.206ubuntu2/pbuilder-uml-checkparams 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-uml-checkparams 2012-03-08 23:12:07.000000000 +0000 @@ -21,7 +21,11 @@ # requires # . /usr/lib/pbuilder/pbuilder-loadconfig -for SYSTEM_CONFIG in /usr/share/pbuilder/pbuilder-uml.conf /etc/pbuilder/pbuilder-uml.conf ${HOME}/.pbuilderrc ${HOME}/.pbuilder-umlrc; do +for SYSTEM_CONFIG in \ + /usr/share/pbuilder/pbuilder-uml.conf \ + /etc/pbuilder/pbuilder-uml.conf \ + ${HOME}/.pbuilderrc \ + ${HOME}/.pbuilder-umlrc; do if [ -f ${SYSTEM_CONFIG} ]; then . ${SYSTEM_CONFIG} fi diff -Nru pbuilder-0.206ubuntu2/pbuilder-updatebuildenv pbuilder-0.208ubuntu1/pbuilder-updatebuildenv --- pbuilder-0.206ubuntu2/pbuilder-updatebuildenv 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pbuilder-updatebuildenv 2012-03-13 08:08:46.000000000 +0000 @@ -69,8 +69,12 @@ # support autoremove. TODO: Do not ignore error when etch is no longer # supported. $CHROOTEXEC /usr/bin/apt-get -q -y "${APTGETOPT[@]}" autoremove || true -$CHROOTEXEC /usr/bin/apt-get -q -y "${APTGETOPT[@]}" install build-essential dpkg-dev $EXTRAPACKAGES +$CHROOTEXEC /usr/bin/apt-get -q -y "${APTGETOPT[@]}" install \ + build-essential \ + dpkg-dev \ + $EXTRAPACKAGES save_aptcache +add_additional_aptkeyrings # optionally auto-clean apt-cache if [ "${AUTOCLEANAPTCACHE}" = "yes" -a -n "$APTCACHE" ]; then diff -Nru pbuilder-0.206ubuntu2/pdebuild pbuilder-0.208ubuntu1/pdebuild --- pbuilder-0.206ubuntu2/pdebuild 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pdebuild 2012-03-13 08:25:00.000000000 +0000 @@ -44,12 +44,29 @@ export BUILDRESULTGID=$(id -g) if [ "${USE_PDEBUILD_INTERNAL}" = 'yes' ]; then - ${PBUILDERROOTCMD} ${PDEBUILD_PBUILDER} --execute ${EXTRA_CONFIGFILE[@]/#/--configfile } --bindmounts $(readlink -f ..) "$@" -- /usr/lib/pbuilder/pdebuild-internal ${PWD} --debbuildopts "" --debbuildopts "${DEBBUILDOPTS}" --uid "${BUILDRESULTUID}" --gid "${BUILDRESULTGID}" --pbuildersatisfydepends "$PBUILDERSATISFYDEPENDSCMD" + ${PBUILDERROOTCMD} \ + ${PDEBUILD_PBUILDER} \ + --execute \ + ${EXTRA_CONFIGFILE[@]/#/--configfile } \ + --bindmounts $(readlink -f ..) \ + "$@" \ + -- \ + /usr/lib/pbuilder/pdebuild-internal \ + ${PWD} \ + --debbuildopts "" \ + --debbuildopts "${DEBBUILDOPTS}" \ + --uid "${BUILDRESULTUID}" \ + --gid "${BUILDRESULTGID}" \ + --pbuildersatisfydepends "$PBUILDERSATISFYDEPENDSCMD" if [ -d "${BUILDRESULT}" ]; then for files in $(sed -rn '/^Files:/,${s/^ .* ([^ ]+)$/\1/p}' ../${CHANGES}); do conditional_cp_a ../"$files" "${BUILDRESULT}" done conditional_cp_a ../${CHANGES} "${BUILDRESULT}" + for files in "${ADDITIONAL_BUILDRESULTS[@]}"; do + log "I: Trying to save additional result ${files}" + conditional_cp_a "${files}" "${BUILDRESULT}" || true + done else log "E: BUILDRESULT=[$BUILDRESULT] is not a directory." exit 1 @@ -58,8 +75,18 @@ if ! dpkg-checkbuilddeps -B ; then log "W: Unmet build-dependency in source" fi - echo "dpkg-buildpackage -S -us -uc -r${BUILDSOURCEROOTCMD} $DEBBUILDOPTS" | perl -pe 's/(^|\s)-[AbBF](\s|$)/$1$2/g' | /bin/bash - ${PBUILDERROOTCMD} ${PDEBUILD_PBUILDER} --build ${EXTRA_CONFIGFILE[@]/#/--configfile } --buildresult "${BUILDRESULT}" --debbuildopts "" --debbuildopts "${DEBBUILDOPTS}" "$@" ../"${PKG_SOURCENAME}_${PKG_VERSION}".dsc + echo "dpkg-buildpackage -S -us -uc -r${BUILDSOURCEROOTCMD} $DEBBUILDOPTS" | \ + perl -pe 's/(^|\s)-[AbBF](\s|$)/$1$2/g' | \ + /bin/bash + ${PBUILDERROOTCMD} \ + ${PDEBUILD_PBUILDER} \ + --build \ + ${EXTRA_CONFIGFILE[@]/#/--configfile } \ + --buildresult "${BUILDRESULT}" \ + --debbuildopts "" \ + --debbuildopts "${DEBBUILDOPTS}" \ + "$@" \ + ../"${PKG_SOURCENAME}_${PKG_VERSION}".dsc fi # do signing with optional key specifier diff -Nru pbuilder-0.206ubuntu2/pdebuild-user-mode-linux pbuilder-0.208ubuntu1/pdebuild-user-mode-linux --- pbuilder-0.206ubuntu2/pdebuild-user-mode-linux 2012-02-22 00:44:43.000000000 +0000 +++ pbuilder-0.208ubuntu1/pdebuild-user-mode-linux 2012-03-08 23:13:41.000000000 +0000 @@ -41,7 +41,14 @@ echo "E: Cannot find .. dir from PWD=$(pwd)" >&2 exit 1 fi - pbuilder-user-mode-linux execute "$@" --bindmounts $(readlink -f ..) /usr/lib/pbuilder/pdebuild-internal ${PWD} --debbuildopts "" --debbuildopts "${DEBBUILDOPTS}" + pbuilder-user-mode-linux \ + execute \ + "$@" \ + --bindmounts $(readlink -f ..) \ + /usr/lib/pbuilder/pdebuild-internal \ + ${PWD} \ + --debbuildopts "" \ + --debbuildopts "${DEBBUILDOPTS}" else if ! dpkg-checkbuilddeps -B; then echo "W: Unmet build-dependency in source" >&2 @@ -49,7 +56,10 @@ CMD="dpkg-buildpackage -S -us -uc -r${BUILDSOURCEROOTCMD} $DEBBUILDOPTS" echo "I: Running $CMD" >&2 echo "$CMD" | /bin/bash - pbuilder-user-mode-linux build "$@" --buildresult "${UML_BUILDRESULT}" ../"${PKG_SOURCENAME}_${PKG_VERSION}".dsc + pbuilder-user-mode-linux build \ + "$@" \ + --buildresult "${UML_BUILDRESULT}" \ + ../"${PKG_SOURCENAME}_${PKG_VERSION}".dsc fi # do signing with optional key specifier