This ensures we do not pick up any testing or third party repos from the host. Signed-off-by: Pierre Schmitz <pierre@archlinux.de> --- configs/releng/build.sh | 33 ++++++++-------- configs/releng/pacman.conf | 96 ++++++++++++++++++++++++++++++++++++++++++++++ 2 Dateien geändert, 113 Zeilen hinzugefügt(+), 16 Zeilen entfernt(-) create mode 100644 configs/releng/pacman.conf diff --git a/configs/releng/build.sh b/configs/releng/build.sh index 3cdbbf0..73f80fe 100755 --- a/configs/releng/build.sh +++ b/configs/releng/build.sh @@ -13,16 +13,17 @@ verbose="" cmd_args="" script_path=$(readlink -f ${0%/*}) +pacman_conf="${script_path}/pacman.conf" # Base installation (root-image) make_basefs() { - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" init - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" -p "memtest86+ mkinitcpio-nfs-utils nbd curl" install + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" init + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" -p "memtest86+ mkinitcpio-nfs-utils nbd curl" install } # Additional packages (root-image) make_packages() { - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" -p "$(grep -v ^# ${script_path}/packages.${arch})" install + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" -p "$(grep -v ^# ${script_path}/packages.${arch})" install } # Copy mkinitcpio archiso hooks (root-image) @@ -47,7 +48,7 @@ make_boot() { local _src=${work_dir}/root-image local _dst_boot=${work_dir}/iso/${install_dir}/boot mkdir -p ${_dst_boot}/${arch} - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" \ + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" \ -r 'mkinitcpio -c /etc/mkinitcpio-archiso.conf -k /boot/vmlinuz-linux -g /boot/archiso.img' \ run mv ${_src}/boot/archiso.img ${_dst_boot}/${arch}/archiso.img @@ -139,10 +140,10 @@ make_customize_root_image() { wget -O ${work_dir}/root-image/etc/pacman.d/mirrorlist 'https://www.archlinux.org/mirrorlist/?country=all&protocol=http&use_mirror_status=on' sed -i "s/#Server/Server/g" ${work_dir}/root-image/etc/pacman.d/mirrorlist sed -i 's/#\(en_US\.UTF-8\)/\1/' ${work_dir}/root-image/etc/locale.gen - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" \ + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" \ -r 'locale-gen' \ run - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" \ + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" \ -r 'useradd -m -p "" -g users -G "audio,disk,optical,wheel" arch' \ run : > ${work_dir}/build.${FUNCNAME} @@ -172,12 +173,12 @@ make_core_repo() { mkdir -p ${work_dir}/repo-core-any mkdir -p ${work_dir}/repo-core-${arch} mkdir -p ${work_dir}/pacman.db/var/lib/pacman - pacman -Sy -r ${work_dir}/pacman.db - _pkgs=$(comm -2 -3 <(pacman -Sql -r ${work_dir}/pacman.db core | sort | sed 's@^@core/@') \ + pacman --config "${pacman_conf}" -Sy -r ${work_dir}/pacman.db + _pkgs=$(comm -2 -3 <(pacman --config "${pacman_conf}" -Sql -r ${work_dir}/pacman.db core | sort | sed 's@^@core/@') \ <(grep -v ^# ${script_path}/core.exclude.${arch} | sort | sed 's@^@core/@')) - _urls=$(pacman -Sddp -r ${work_dir}/pacman.db ${_pkgs}) - pacman -Swdd -r ${work_dir}/pacman.db --noprogressbar --noconfirm ${_pkgs} - _cache_dirs=($(pacman -v 2>&1 | grep '^Cache Dirs:' | sed 's/Cache Dirs:\s*//g')) + _urls=$(pacman --config "${pacman_conf}" -Sddp -r ${work_dir}/pacman.db ${_pkgs}) + pacman --config "${pacman_conf}" -Swdd -r ${work_dir}/pacman.db --noprogressbar --noconfirm ${_pkgs} + _cache_dirs=($(pacman --config "${pacman_conf}" -v 2>&1 | grep '^Cache Dirs:' | sed 's/Cache Dirs:\s*//g')) for _url in ${_urls}; do _pkg_name=${_url##*/} _dst=${work_dir}/repo-core-${arch}/${_pkg_name} @@ -199,7 +200,7 @@ make_core_repo() { # Remove old copy of db file rm -f ${work_dir}/repo-core-${arch}/core.db.tar.gz.old mkdir -p ${work_dir}/iso/${install_dir} - pacman -Sp -r ${work_dir}/pacman.db --print-format "%r/%n-%v" ${_pkgs} | sort > ${work_dir}/iso/${install_dir}/pkglist.repo-core.${arch}.txt + pacman --config "${pacman_conf}" -Sp -r ${work_dir}/pacman.db --print-format "%r/%n-%v" ${_pkgs} | sort > ${work_dir}/iso/${install_dir}/pkglist.repo-core.${arch}.txt : > ${work_dir}/build.${FUNCNAME} fi } @@ -216,16 +217,16 @@ make_aitab() { # Build all filesystem images specified in aitab (.fs .fs.sfs .sfs) make_prepare() { - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" pkglist - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" prepare + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" pkglist + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" prepare } # Build ISO # args: $1 (core | netinstall) make_iso() { local _iso_type=${1} - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" checksum - mkarchiso ${verbose} -w "${work_dir}" -D "${install_dir}" -L "${iso_label}" -o "${out_dir}" iso "${iso_name}-${iso_version}-${_iso_type}-${arch}.iso" + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" checksum + mkarchiso ${verbose} -w "${work_dir}" -C "${pacman_conf}" -D "${install_dir}" -L "${iso_label}" -o "${out_dir}" iso "${iso_name}-${iso_version}-${_iso_type}-${arch}.iso" } # Build dual-iso images from ${work_dir}/i686/iso and ${work_dir}/x86_64/iso diff --git a/configs/releng/pacman.conf b/configs/releng/pacman.conf new file mode 100644 index 0000000..821f9a5 --- /dev/null +++ b/configs/releng/pacman.conf @@ -0,0 +1,96 @@ +# +# /etc/pacman.conf +# +# See the pacman.conf(5) manpage for option and repository directives + +# +# GENERAL OPTIONS +# +[options] +# The following paths are commented out with their default values listed. +# If you wish to use different paths, uncomment and update the paths. +#RootDir = / +#DBPath = /var/lib/pacman/ +#CacheDir = /var/cache/pacman/pkg/ +#LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ +HoldPkg = pacman glibc +# If upgrades are available for these packages they will be asked for first +SyncFirst = pacman +#XferCommand = /usr/bin/curl -C - -f %u > %o +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u +#CleanMethod = KeepInstalled +Architecture = auto + +# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup +#IgnorePkg = +#IgnoreGroup = + +#NoUpgrade = +#NoExtract = + +# Misc options +#UseSyslog +#UseDelta +#TotalDownload +# We cannot check disk space from within a chroot environment +#CheckSpace +#VerbosePkgLists + +# By default, pacman accepts packages signed by keys that its local keyring +# trusts (see pacman-key and its man page), as well as unsigned packages. +#SigLevel = Optional TrustedOnly + +# NOTE: You must run `pacman-key --init` before first using pacman; the local +# keyring can then be populated with the keys of all official Arch Linux +# packagers with `pacman-key --populate archlinux`. + +# +# REPOSITORIES +# - can be defined here or included from another file +# - pacman will search repositories in the order defined here +# - local/custom mirrors can be added here or in separate files +# - repositories listed first will take precedence when packages +# have identical names, regardless of version number +# - URLs will have $repo replaced by the name of the current repo +# - URLs will have $arch replaced by the name of the architecture +# +# Repository entries are of the format: +# [repo-name] +# Server = ServerName +# Include = IncludePath +# +# The header [repo-name] is crucial - it must be present and +# uncommented to enable the repo. +# + +# The testing repositories are disabled by default. To enable, uncomment the +# repo name header and Include lines. You can add preferred servers immediately +# after the header, and they will be used before the default mirrors. + +#[testing] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +[core] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +[extra] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +#[community-testing] +#SigLevel = PackageRequired +#Include = /etc/pacman.d/mirrorlist + +[community] +SigLevel = PackageRequired +Include = /etc/pacman.d/mirrorlist + +# An example of a custom package repository. See the pacman manpage for +# tips on creating your own repositories. +#[custom] +#SigLevel = Optional TrustAll +#Server = file:///home/custompkgs + -- 1.7.11