From 7ec82c438ccf4d5dbf9ec3b6a86486e1efe1e9b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Rodr=C3=ADguez=20Hern=C3=A1ndez?= Date: Mon, 1 Jul 2024 13:51:47 +0200 Subject: [PATCH 1/4] Deprecate Debian 10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Carlos Rodríguez Hernández --- README.md | 2 +- buildall | 3 +-- mkimage | 2 -- pushall | 3 +-- pushmanifest | 3 +-- 5 files changed, 4 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 0ce053eb..dedf9958 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ We provide a Makefile to help you build Minideb locally. It should be run on a D $ sudo make ``` -To build an individual release (buster, bullseye, or bookworm) +To build an individual release (bullseye or bookworm) ``` $ sudo make bookworm ``` diff --git a/buildall b/buildall index 0dfcb56a..b57a00c3 100755 --- a/buildall +++ b/buildall @@ -8,8 +8,7 @@ set -o pipefail arch=${1:-"amd64 arm64"} -dist="buster -bullseye +dist="bullseye bookworm " for a in $arch; do diff --git a/mkimage b/mkimage index 0b9280f1..53676a1d 100755 --- a/mkimage +++ b/mkimage @@ -81,8 +81,6 @@ if [ "$DIST" == "bookworm" ]; then elif [ "$DIST" == "bullseye" ]; then echo "deb ${repo_url} $DIST-updates main" >> "$rootfsDir/etc/apt/sources.list" echo "deb ${sec_repo_url_2} $DIST-security main" >> "$rootfsDir/etc/apt/sources.list" -elif [ "$DIST" == "buster" ]; then - echo "deb ${sec_repo_url_2} $DIST/updates main" >> "$rootfsDir/etc/apt/sources.list" fi rootfs_chroot apt-get update diff --git a/pushall b/pushall index b95896dd..226730b8 100755 --- a/pushall +++ b/pushall @@ -4,8 +4,7 @@ set -e set -u set -o pipefail -DISTS="buster -bullseye +DISTS="bullseye bookworm " LATEST=bookworm diff --git a/pushmanifest b/pushmanifest index dd234166..8098d528 100755 --- a/pushmanifest +++ b/pushmanifest @@ -4,8 +4,7 @@ set -e set -u set -o pipefail -DISTS=${DISTS:-"buster -bullseye +DISTS=${DISTS:-"bullseye bookworm latest "} From 5be9570f9fedf68eab31004014052400b8341db0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Rodr=C3=ADguez=20Hern=C3=A1ndez?= Date: Mon, 1 Jul 2024 14:00:49 +0200 Subject: [PATCH 2/4] Change debootstrap MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Carlos Rodríguez Hernández --- debootstrap/bookworm | 2 +- debootstrap/bullseye | 226 ++++++++++++++++++++++++++++++++++++++++++- debootstrap/buster | 226 ------------------------------------------- 3 files changed, 226 insertions(+), 228 deletions(-) mode change 120000 => 100644 debootstrap/bullseye delete mode 100644 debootstrap/buster diff --git a/debootstrap/bookworm b/debootstrap/bookworm index 766a99ab..91bf492f 120000 --- a/debootstrap/bookworm +++ b/debootstrap/bookworm @@ -1 +1 @@ -buster \ No newline at end of file +bullseye \ No newline at end of file diff --git a/debootstrap/bullseye b/debootstrap/bullseye deleted file mode 120000 index 766a99ab..00000000 --- a/debootstrap/bullseye +++ /dev/null @@ -1 +0,0 @@ -buster \ No newline at end of file diff --git a/debootstrap/bullseye b/debootstrap/bullseye new file mode 100644 index 00000000..8258a3e9 --- /dev/null +++ b/debootstrap/bullseye @@ -0,0 +1,225 @@ +mirror_style release +download_style apt +finddebs_style from-indices +variants - container fakechroot +keyring /usr/share/keyrings/debian-archive-keyring.gpg + +if doing_variant fakechroot; then + test "$FAKECHROOT" = "true" || error 1 FAKECHROOTREQ "This variant requires fakechroot environment to be started" +fi + +case $ARCH in + alpha|ia64) LIBC="libc6.1" ;; + kfreebsd-*) LIBC="libc0.1" ;; + hurd-*) LIBC="libc0.3" ;; + *) LIBC="libc6" ;; +esac + +work_out_debs () { + # adduser in case users want to add a user to run as non-root + # base-files as it has many important files + # base-passwd to get user account info + # bash because users will often shell in + # bsdutils because it has some commands used in postinst + # - particularly `logger` for `mysql-server` see + # https://github.com/bitnami/minideb/issues/16 + # coreutils for many very common utilities + # dash for a shell for scripts + # debian-archive-keyring to verify apt packages + # diffutils for diff as required for installing the system + # (could maybe be removed after, but diffing is pretty common in debugging) + # dpkg for dpkg + # findutils for find as required for installing the system + # grep as it is a very common debugging tool + # gzip as decompressing zip is super common + # hostname ? + # libc-bin for ldconfig + # login as su maybe used if run as non root (?) + # lsb-base ? + # mawk as it is used by dpkg + # ncurses-base for terminfo files as docker sets TERM=xterm + # see https://github.com/bitnami/minideb/issues/17 + # passwd for managing user accounts if run as non-root. + # sed as a very commonly used tool + # sysv-rc for update-rc.d, required when installing initscripts in postinsts + # tar as uncompressing tarballs is super common when installing things. + # tzdata for handling timezones + # util-linux for getopt + # mount is required for mounting /proc during debootstrap + required="adduser base-files base-passwd bash bsdutils coreutils dash debian-archive-keyring diffutils dpkg findutils grep gzip hostname init-system-helpers libc-bin login lsb-base mawk ncurses-base passwd sed sysv-rc tar tzdata util-linux mount" + + base="apt" + + if doing_variant fakechroot; then + # ldd.fake needs binutils + required="$required binutils" + fi + + case $MIRRORS in + https://*) + base="$base apt-transport-https ca-certificates" + ;; + esac +} + +first_stage_install () { + extract $required + + mkdir -p "$TARGET/var/lib/dpkg" + : >"$TARGET/var/lib/dpkg/status" + : >"$TARGET/var/lib/dpkg/available" + + setup_etc + if [ ! -e "$TARGET/etc/fstab" ]; then + echo '# UNCONFIGURED FSTAB FOR BASE SYSTEM' > "$TARGET/etc/fstab" + chown 0:0 "$TARGET/etc/fstab"; chmod 644 "$TARGET/etc/fstab" + fi + + setup_devices + + x_feign_install () { + local pkg="$1" + local deb="$(debfor $pkg)" + local ver="$(extract_deb_field "$TARGET/$deb" Version)" + + mkdir -p "$TARGET/var/lib/dpkg/info" + + echo \ +"Package: $pkg +Version: $ver +Maintainer: unknown +Status: install ok installed" >> "$TARGET/var/lib/dpkg/status" + + touch "$TARGET/var/lib/dpkg/info/${pkg}.list" + } + + x_feign_install dpkg +} + +second_stage_install () { + setup_dynamic_devices + + x_core_install () { + smallyes '' | in_target dpkg --force-depends --install $(debfor "$@") + } + + p () { + baseprog="$(($baseprog + ${1:-1}))" + } + + if doing_variant fakechroot; then + setup_proc_fakechroot + else + setup_proc + in_target /sbin/ldconfig + fi + + DEBIAN_FRONTEND=noninteractive + DEBCONF_NONINTERACTIVE_SEEN=true + export DEBIAN_FRONTEND DEBCONF_NONINTERACTIVE_SEEN + + baseprog=0 + bases=7 + + p; progress $baseprog $bases INSTCORE "Installing core packages" #1 + info INSTCORE "Installing core packages..." + + p; progress $baseprog $bases INSTCORE "Installing core packages" #2 + ln -sf mawk "$TARGET/usr/bin/awk" + x_core_install base-passwd + x_core_install base-files + p; progress $baseprog $bases INSTCORE "Installing core packages" #3 + x_core_install dpkg + + if [ ! -e "$TARGET/etc/localtime" ]; then + ln -sf /usr/share/zoneinfo/UTC "$TARGET/etc/localtime" + fi + + if doing_variant fakechroot; then + install_fakechroot_tools + fi + + p; progress $baseprog $bases INSTCORE "Installing core packages" #4 + x_core_install $LIBC + + p; progress $baseprog $bases INSTCORE "Installing core packages" #5 + x_core_install perl-base + + p; progress $baseprog $bases INSTCORE "Installing core packages" #6 + rm "$TARGET/usr/bin/awk" + x_core_install mawk + + p; progress $baseprog $bases INSTCORE "Installing core packages" #7 + if doing_variant -; then + x_core_install debconf + fi + + baseprog=0 + bases=$(set -- $required; echo $#) + + info UNPACKREQ "Unpacking required packages..." + + exec 7>&1 + + smallyes '' | + (repeatn 5 in_target_failmsg UNPACK_REQ_FAIL_FIVE "Failure while unpacking required packages. This will be attempted up to five times." "" \ + dpkg --status-fd 8 --force-depends --unpack $(debfor $required) 8>&1 1>&7 || echo EXITCODE $?) | + dpkg_progress $baseprog $bases UNPACKREQ "Unpacking required packages" UNPACKING + + info CONFREQ "Configuring required packages..." + + echo \ +"#!/bin/sh +exit 101" > "$TARGET/usr/sbin/policy-rc.d" + chmod 755 "$TARGET/usr/sbin/policy-rc.d" + + mv "$TARGET/sbin/start-stop-daemon" "$TARGET/sbin/start-stop-daemon.REAL" + echo \ +"#!/bin/sh +echo +echo \"Warning: Fake start-stop-daemon called, doing nothing\"" > "$TARGET/sbin/start-stop-daemon" + chmod 755 "$TARGET/sbin/start-stop-daemon" + + setup_dselect_method apt + + smallyes '' | + (in_target_failmsg CONF_REQ_FAIL "Failure while configuring required packages." "" \ + dpkg --status-fd 8 --configure --pending --force-configure-any --force-depends 8>&1 1>&7 || echo EXITCODE $?) | + dpkg_progress $baseprog $bases CONFREQ "Configuring required packages" CONFIGURING + + baseprog=0 + bases="$(set -- $base; echo $#)" + + info UNPACKBASE "Unpacking the base system..." + + setup_available $required $base + done_predeps= + while predep=$(get_next_predep); do + # We have to resolve dependencies of pre-dependencies manually because + # dpkg --predep-package doesn't handle this. + predep=$(without "$(without "$(resolve_deps $predep)" "$required")" "$done_predeps") + # XXX: progress is tricky due to how dpkg_progress works + # -- cjwatson 2009-07-29 + p; smallyes '' | + in_target dpkg --force-overwrite --force-confold --skip-same-version --install $(debfor $predep) + base=$(without "$base" "$predep") + done_predeps="$done_predeps $predep" + done + + smallyes '' | + (repeatn 5 in_target_failmsg INST_BASE_FAIL_FIVE "Failure while installing base packages. This will be re-attempted up to five times." "" \ + dpkg --status-fd 8 --force-overwrite --force-confold --skip-same-version --unpack $(debfor $base) 8>&1 1>&7 || echo EXITCODE $?) | + dpkg_progress $baseprog $bases UNPACKBASE "Unpacking base system" UNPACKING + + info CONFBASE "Configuring the base system..." + + smallyes '' | + (repeatn 5 in_target_failmsg CONF_BASE_FAIL_FIVE "Failure while configuring base packages. This will be re-attempted up to five times." "" \ + dpkg --status-fd 8 --force-confold --skip-same-version --configure -a 8>&1 1>&7 || echo EXITCODE $?) | + dpkg_progress $baseprog $bases CONFBASE "Configuring base system" CONFIGURING + + mv "$TARGET/sbin/start-stop-daemon.REAL" "$TARGET/sbin/start-stop-daemon" + rm -f "$TARGET/usr/sbin/policy-rc.d" + + progress $bases $bases CONFBASE "Configuring base system" + info BASESUCCESS "Base system installed successfully." diff --git a/debootstrap/buster b/debootstrap/buster deleted file mode 100644 index 804e9660..00000000 --- a/debootstrap/buster +++ /dev/null @@ -1,226 +0,0 @@ -mirror_style release -download_style apt -finddebs_style from-indices -variants - container fakechroot -keyring /usr/share/keyrings/debian-archive-keyring.gpg - -if doing_variant fakechroot; then - test "$FAKECHROOT" = "true" || error 1 FAKECHROOTREQ "This variant requires fakechroot environment to be started" -fi - -case $ARCH in - alpha|ia64) LIBC="libc6.1" ;; - kfreebsd-*) LIBC="libc0.1" ;; - hurd-*) LIBC="libc0.3" ;; - *) LIBC="libc6" ;; -esac - -work_out_debs () { - # adduser in case users want to add a user to run as non-root - # base-files as it has many important files - # base-passwd to get user account info - # bash because users will often shell in - # bsdutils because it has some commands used in postinst - # - particularly `logger` for `mysql-server` see - # https://github.com/bitnami/minideb/issues/16 - # coreutils for many very common utilities - # dash for a shell for scripts - # debian-archive-keyring to verify apt packages - # diffutils for diff as required for installing the system - # (could maybe be removed after, but diffing is pretty common in debugging) - # dpkg for dpkg - # findutils for find as required for installing the system - # grep as it is a very common debugging tool - # gzip as decompressing zip is super common - # hostname ? - # libc-bin for ldconfig - # login as su maybe used if run as non root (?) - # lsb-base ? - # mawk as it is used by dpkg - # ncurses-base for terminfo files as docker sets TERM=xterm - # see https://github.com/bitnami/minideb/issues/17 - # passwd for managing user accounts if run as non-root. - # sed as a very commonly used tool - # sysv-rc for update-rc.d, required when installing initscripts in postinsts - # tar as uncompressing tarballs is super common when installing things. - # tzdata for handling timezones - # util-linux for getopt - # mount is required for mounting /proc during debootstrap - required="adduser base-files base-passwd bash bsdutils coreutils dash debian-archive-keyring diffutils dpkg findutils grep gzip hostname init-system-helpers libc-bin login lsb-base mawk ncurses-base passwd sed sysv-rc tar tzdata util-linux mount" - - base="apt" - - if doing_variant fakechroot; then - # ldd.fake needs binutils - required="$required binutils" - fi - - case $MIRRORS in - https://*) - base="$base apt-transport-https ca-certificates" - ;; - esac -} - -first_stage_install () { - extract $required - - mkdir -p "$TARGET/var/lib/dpkg" - : >"$TARGET/var/lib/dpkg/status" - : >"$TARGET/var/lib/dpkg/available" - - setup_etc - if [ ! -e "$TARGET/etc/fstab" ]; then - echo '# UNCONFIGURED FSTAB FOR BASE SYSTEM' > "$TARGET/etc/fstab" - chown 0:0 "$TARGET/etc/fstab"; chmod 644 "$TARGET/etc/fstab" - fi - - setup_devices - - x_feign_install () { - local pkg="$1" - local deb="$(debfor $pkg)" - local ver="$(extract_deb_field "$TARGET/$deb" Version)" - - mkdir -p "$TARGET/var/lib/dpkg/info" - - echo \ -"Package: $pkg -Version: $ver -Maintainer: unknown -Status: install ok installed" >> "$TARGET/var/lib/dpkg/status" - - touch "$TARGET/var/lib/dpkg/info/${pkg}.list" - } - - x_feign_install dpkg -} - -second_stage_install () { - setup_dynamic_devices - - x_core_install () { - smallyes '' | in_target dpkg --force-depends --install $(debfor "$@") - } - - p () { - baseprog="$(($baseprog + ${1:-1}))" - } - - if doing_variant fakechroot; then - setup_proc_fakechroot - else - setup_proc - in_target /sbin/ldconfig - fi - - DEBIAN_FRONTEND=noninteractive - DEBCONF_NONINTERACTIVE_SEEN=true - export DEBIAN_FRONTEND DEBCONF_NONINTERACTIVE_SEEN - - baseprog=0 - bases=7 - - p; progress $baseprog $bases INSTCORE "Installing core packages" #1 - info INSTCORE "Installing core packages..." - - p; progress $baseprog $bases INSTCORE "Installing core packages" #2 - ln -sf mawk "$TARGET/usr/bin/awk" - x_core_install base-passwd - x_core_install base-files - p; progress $baseprog $bases INSTCORE "Installing core packages" #3 - x_core_install dpkg - - if [ ! -e "$TARGET/etc/localtime" ]; then - ln -sf /usr/share/zoneinfo/UTC "$TARGET/etc/localtime" - fi - - if doing_variant fakechroot; then - install_fakechroot_tools - fi - - p; progress $baseprog $bases INSTCORE "Installing core packages" #4 - x_core_install $LIBC - - p; progress $baseprog $bases INSTCORE "Installing core packages" #5 - x_core_install perl-base - - p; progress $baseprog $bases INSTCORE "Installing core packages" #6 - rm "$TARGET/usr/bin/awk" - x_core_install mawk - - p; progress $baseprog $bases INSTCORE "Installing core packages" #7 - if doing_variant -; then - x_core_install debconf - fi - - baseprog=0 - bases=$(set -- $required; echo $#) - - info UNPACKREQ "Unpacking required packages..." - - exec 7>&1 - - smallyes '' | - (repeatn 5 in_target_failmsg UNPACK_REQ_FAIL_FIVE "Failure while unpacking required packages. This will be attempted up to five times." "" \ - dpkg --status-fd 8 --force-depends --unpack $(debfor $required) 8>&1 1>&7 || echo EXITCODE $?) | - dpkg_progress $baseprog $bases UNPACKREQ "Unpacking required packages" UNPACKING - - info CONFREQ "Configuring required packages..." - - echo \ -"#!/bin/sh -exit 101" > "$TARGET/usr/sbin/policy-rc.d" - chmod 755 "$TARGET/usr/sbin/policy-rc.d" - - mv "$TARGET/sbin/start-stop-daemon" "$TARGET/sbin/start-stop-daemon.REAL" - echo \ -"#!/bin/sh -echo -echo \"Warning: Fake start-stop-daemon called, doing nothing\"" > "$TARGET/sbin/start-stop-daemon" - chmod 755 "$TARGET/sbin/start-stop-daemon" - - setup_dselect_method apt - - smallyes '' | - (in_target_failmsg CONF_REQ_FAIL "Failure while configuring required packages." "" \ - dpkg --status-fd 8 --configure --pending --force-configure-any --force-depends 8>&1 1>&7 || echo EXITCODE $?) | - dpkg_progress $baseprog $bases CONFREQ "Configuring required packages" CONFIGURING - - baseprog=0 - bases="$(set -- $base; echo $#)" - - info UNPACKBASE "Unpacking the base system..." - - setup_available $required $base - done_predeps= - while predep=$(get_next_predep); do - # We have to resolve dependencies of pre-dependencies manually because - # dpkg --predep-package doesn't handle this. - predep=$(without "$(without "$(resolve_deps $predep)" "$required")" "$done_predeps") - # XXX: progress is tricky due to how dpkg_progress works - # -- cjwatson 2009-07-29 - p; smallyes '' | - in_target dpkg --force-overwrite --force-confold --skip-same-version --install $(debfor $predep) - base=$(without "$base" "$predep") - done_predeps="$done_predeps $predep" - done - - smallyes '' | - (repeatn 5 in_target_failmsg INST_BASE_FAIL_FIVE "Failure while installing base packages. This will be re-attempted up to five times." "" \ - dpkg --status-fd 8 --force-overwrite --force-confold --skip-same-version --unpack $(debfor $base) 8>&1 1>&7 || echo EXITCODE $?) | - dpkg_progress $baseprog $bases UNPACKBASE "Unpacking base system" UNPACKING - - info CONFBASE "Configuring the base system..." - - smallyes '' | - (repeatn 5 in_target_failmsg CONF_BASE_FAIL_FIVE "Failure while configuring base packages. This will be re-attempted up to five times." "" \ - dpkg --status-fd 8 --force-confold --skip-same-version --configure -a 8>&1 1>&7 || echo EXITCODE $?) | - dpkg_progress $baseprog $bases CONFBASE "Configuring base system" CONFIGURING - - mv "$TARGET/sbin/start-stop-daemon.REAL" "$TARGET/sbin/start-stop-daemon" - rm -f "$TARGET/usr/sbin/policy-rc.d" - - progress $bases $bases CONFBASE "Configuring base system" - info BASESUCCESS "Base system installed successfully." -} From d243dd209f4d199191616a3c69768ab057a008c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Rodr=C3=ADguez=20Hern=C3=A1ndez?= Date: Mon, 1 Jul 2024 14:04:15 +0200 Subject: [PATCH 3/4] Remove buster from checks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Carlos Rodríguez Hernández --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1a6104aa..e7895c39 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -41,7 +41,7 @@ jobs: needs: [ shellcheck ] strategy: matrix: - dist: [buster, bullseye, bookworm] + dist: [bullseye, bookworm] arch: [amd64, arm64] name: Build ${{ matrix.dist }} on ${{ matrix.arch }} @@ -81,7 +81,7 @@ jobs: - uses: actions/checkout@v3 - name: Push Manifests run: | - DISTS="buster bullseye bookworm latest" bash pushmanifest + DISTS="bullseye bookworm latest" bash pushmanifest # If the CI Pipeline does not succeed we should notify the interested agents slack-notif: From b41d161498c078656af84960b7aec6064d5757e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Rodr=C3=ADguez=20Hern=C3=A1ndez?= Date: Mon, 1 Jul 2024 16:52:20 +0200 Subject: [PATCH 4/4] Update bullseye MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Carlos Rodríguez Hernández --- debootstrap/bullseye | 1 + 1 file changed, 1 insertion(+) diff --git a/debootstrap/bullseye b/debootstrap/bullseye index 8258a3e9..804e9660 100644 --- a/debootstrap/bullseye +++ b/debootstrap/bullseye @@ -223,3 +223,4 @@ echo \"Warning: Fake start-stop-daemon called, doing nothing\"" > "$TARGET/sbin/ progress $bases $bases CONFBASE "Configuring base system" info BASESUCCESS "Base system installed successfully." +}