diff --git a/functions/chroot.sh b/functions/chroot.sh index 17a137ed7..3804bf88c 100755 --- a/functions/chroot.sh +++ b/functions/chroot.sh @@ -29,7 +29,7 @@ Chroot () fi done - ${_LINUX32} chroot "${CHROOT}" /usr/bin/env -i HOME="/root" PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" TERM="${TERM}" DEBIAN_FRONTEND="${LB_DEBCONF_FRONTEND}" DEBIAN_PRIORITY="${LB_DEBCONF_PRIORITY}" DEBCONF_NONINTERACTIVE_SEEN="true" DEBCONF_NOWARNINGS="true" SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} ${ENV} ${COMMANDS} + ${_LINUX32} chroot "${CHROOT}" /usr/bin/env -i HOME="/root" PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" TERM="${TERM}" DEBIAN_FRONTEND="${LB_DEBCONF_FRONTEND}" DEBIAN_PRIORITY="${LB_DEBCONF_PRIORITY}" DEBCONF_NONINTERACTIVE_SEEN="true" DEBCONF_NOWARNINGS="true" SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} http_proxy=${http_proxy} no_proxy=${no_proxy} ${ENV} ${COMMANDS} return ${?} } diff --git a/functions/configuration.sh b/functions/configuration.sh index 3abac43e3..0c23e5ae2 100755 --- a/functions/configuration.sh +++ b/functions/configuration.sh @@ -787,4 +787,95 @@ Validate_config_dependencies () exit 1 fi fi + + Validate_http_proxy +} + +# Retrieve the proxy settings from the host. Check whether conflicts are present with the command line arguments +Validate_http_proxy () +{ + local HOST_AUTO_APT_PROXY="" + local HOST_AUTO_APT_PROXY_LEGACY="" + local HOST_FIXED_APT_PROXY="" + + # Fetch the proxy, using the various ways the http proxy can be set in apt + if command -v apt-config >/dev/null; then + local APT_CONFIG_OPTIONS + # apt-config only understands --option (-o) and --config-file (-c) of ${APT_OPTIONS} + # Don't report errors when additional options are provided and don't add additional quotes + APT_CONFIG_OPTIONS=$(getopt --quiet --unquoted --options 'c:o:' --long 'config-file:,option:' -- ${APT_OPTIONS} || true) + + # The apt configuration `Acquire::http::Proxy-Auto-Detect` (and the legacy `Acquire::http::ProxyAutoDetect`) + # If the script fails, or the result of the script is `DIRECT` or an empty line, it is considered to be not set (https://sources.debian.org/src/apt/2.3.9/apt-pkg/contrib/proxy.cc/) + local AUTOPROXY + eval "$(apt-config ${APT_CONFIG_OPTIONS} shell AUTOPROXY Acquire::http::Proxy-Auto-Detect)" + if [ -x "${AUTOPROXY}" ]; then + HOST_AUTO_APT_PROXY="$(${AUTOPROXY} || echo '')" + if [ "${HOST_AUTO_APT_PROXY}" = "DIRECT" ]; then + HOST_AUTO_APT_PROXY="" + fi + fi + # Also check the legacy ProxyAutoDetect + eval "$(apt-config ${APT_CONFIG_OPTIONS} shell AUTOPROXY Acquire::http::ProxyAutoDetect)" + if [ -x "$AUTOPROXY" ]; then + HOST_AUTO_APT_PROXY_LEGACY="$(${AUTOPROXY} || echo '')" + if [ "${HOST_AUTO_APT_PROXY_LEGACY}" = "DIRECT" ]; then + HOST_AUTO_APT_PROXY_LEGACY="" + fi + fi + + # The apt configuration `Acquire::http::proxy::URL-host` (https://sources.debian.org/src/apt/2.3.9/methods/http.cc/) + # If set to `DIRECT`, it is considered to be not set + # This configuration allows you to specify different proxies for specific URLs + # This setup is too complex for the purpose of live-build and will silently be ignored + + # The apt configuration `Acquire::http::Proxy` + eval "$(apt-config ${APT_CONFIG_OPTIONS} shell HOST_FIXED_APT_PROXY Acquire::http::Proxy)" + fi + + + # Report all detected settings in debug mode + Echo_debug "Detected proxy settings:" + Echo_debug "--apt-http-proxy: ${LB_APT_HTTP_PROXY}" + Echo_debug "HOST Auto APT PROXY: ${HOST_AUTO_APT_PROXY}" + Echo_debug "HOST Auto APT PROXY (legacy): ${HOST_AUTO_APT_PROXY_LEGACY}" + Echo_debug "HOST Fixed APT PROXY: ${HOST_FIXED_APT_PROXY}" + # The environment variable 'http_proxy' is used when no apt option is set + Echo_debug "HOST http_proxy: ${http_proxy}" + # The environment variable 'no_proxy' contains a list of domains that must not be handled by a proxy, + # it overrides all previous settings by apt and 'http_proxy' + Echo_debug "HOST no_proxy: ${no_proxy}" + + # Check whether any of the provided proxy values conflicts with another + local LAST_SEEN_PROXY_NAME="" + local LAST_SEEN_PROXY_VALUE="" + Validate_http_proxy_source "apt configuration option Acquire::http::Proxy-Auto-Detect" "${HOST_AUTO_APT_PROXY}" + Validate_http_proxy_source "apt configuration option Acquire::http::ProxyAutoDetect" "${HOST_AUTO_APT_PROXY_LEGACY}" + Validate_http_proxy_source "apt configuration option Acquire::http::Proxy" "${HOST_FIXED_APT_PROXY}" + Validate_http_proxy_source "environment variable http_proxy" "${http_proxy}" + Validate_http_proxy_source "command line option --apt-http-proxy" "${LB_APT_HTTP_PROXY}" + + # This is the value to use for the the other scripts in live-build + export http_proxy=${LAST_SEEN_PROXY_VALUE} + if [ ! -z "${http_proxy}" ]; then + Echo_message "Using http proxy: ${http_proxy}" + fi +} + +# Check whether a proxy setting conflicts with a previously set proxy setting +Validate_http_proxy_source () +{ + local NAME=${1} + local VALUE=${2} + + if [ ! -z "${VALUE}" ]; then + if [ ! -z "${LAST_SEEN_PROXY_VALUE}" ]; then + if [ "${VALUE}" != "${LAST_SEEN_PROXY_VALUE}" ]; then + Echo_error "Inconsistent proxy configuration: the value for ${NAME} (${VALUE}) differs from the value for ${LAST_SEEN_PROXY_NAME} (${LAST_SEEN_PROXY_VALUE})" + exit 1 + fi + fi + LAST_SEEN_PROXY_NAME=${NAME} + LAST_SEEN_PROXY_VALUE=${VALUE} + fi } diff --git a/manpages/en/lb_config.1 b/manpages/en/lb_config.1 index 37bbef66b..efde8795d 100644 --- a/manpages/en/lb_config.1 +++ b/manpages/en/lb_config.1 @@ -243,7 +243,7 @@ In addition to its specific options \fBlb config\fR understands all generic live .IP "\fB\-\-apt\fR apt|apt-get|aptitude" 4 defines if apt\-get or aptitude is used to install packages when building the image. The default is apt. .IP "\fB\-\-apt\-http\-proxy\fR \fIURL\fR" 4 -sets the HTTP proxy to be used by apt. By default, this is empty. Note that this variable is only for the proxy that gets used by initial debootstrap, and by apt internally within the chroot. It is not used for anything else. +sets the proxy for HTTP connections. By default, this is empty. It is recommended to use the environment variable \fBhttp_proxy\fR instead. .IP "\fB\-\-apt\-indices\fR true|false" 4 defines if the resulting images should have apt indices or not and defaults to true. .IP "\fB\-\-apt\-options\fR \fIOPTION\fR|""\fIOPTIONS\fR""" 4 diff --git a/scripts/build/bootstrap_debootstrap b/scripts/build/bootstrap_debootstrap index 0b373b56c..e0278844c 100755 --- a/scripts/build/bootstrap_debootstrap +++ b/scripts/build/bootstrap_debootstrap @@ -86,7 +86,7 @@ then Print_breakage Echo_message "Running debootstrap (download-only)..." - /usr/bin/env http_proxy="${LB_APT_HTTP_PROXY}" debootstrap ${DEBOOTSTRAP_OPTIONS} --download-only "${LB_PARENT_DISTRIBUTION_CHROOT}" chroot "${LB_PARENT_MIRROR_BOOTSTRAP}" ${DEBOOTSTRAP_SCRIPT} + debootstrap ${DEBOOTSTRAP_OPTIONS} --download-only "${LB_PARENT_DISTRIBUTION_CHROOT}" chroot "${LB_PARENT_MIRROR_BOOTSTRAP}" ${DEBOOTSTRAP_SCRIPT} # Removing old cache rm -f cache/packages.bootstrap/*.deb diff --git a/scripts/build/chroot_apt b/scripts/build/chroot_apt index fd1f12012..b28de5e44 100755 --- a/scripts/build/chroot_apt +++ b/scripts/build/chroot_apt @@ -41,12 +41,6 @@ case "${_ACTION}" in mkdir -p ${CONFD} - # Configuring apt http proxy - if [ -n "${LB_APT_HTTP_PROXY}" ] - then - echo "Acquire::http::Proxy \"${LB_APT_HTTP_PROXY}\";" > ${CONFD}/00http-proxy - fi - # Configuring apt pipeline if [ -n "${LB_APT_PIPELINE}" ] then @@ -150,9 +144,6 @@ case "${_ACTION}" in # Acquire lock file Acquire_lockfile - # Deconfiguring aptitude http proxy - rm -f ${CONFD}/00http-proxy - # Deconfiguring aptitude pipeline rm -f ${CONFD}/00pipeline diff --git a/scripts/build/config b/scripts/build/config index 25d738abc..804401740 100755 --- a/scripts/build/config +++ b/scripts/build/config @@ -976,7 +976,7 @@ LB_CONFIGURATION_VERSION="${LB_CONFIGURATION_VERSION}" # Set package manager LB_APT="${LB_APT}" -# Set apt/aptitude/debootstrap http proxy +# Set proxy for HTTP connections LB_APT_HTTP_PROXY="${LB_APT_HTTP_PROXY}" # Set apt/aptitude pipeline depth