Commit a15b579652 (#775989) dropped an early exit from the
chroot_archives remove step in case the parent mirror chroot and binary
parameters are the same and introduced a regression, as with the
following live-build now fails when the parent mirror is using a file:/
local apt repository (for example when the build worker is offline and
uses a pre-built cache of packages).
Example config:
lb config --mirror-bootstrap "file:/pkgs" \
--mirror-chroot "file:/pkgs/" \
--mirror-binary "file:/pkgs" \
--parent-mirror-bootstrap "file:/pkgs" \
--parent-mirror-chroot "file:/pkgs/" \
--parent-mirror-binary "file:/pkgs" \
...
with /pkgs being a directory with the packages for the installation and
the apt metadata (Packages/Sources/Release).
The problem is that, with such a setup, the /pkgs directory is bind
mounted inside the chroot as an optimisation in the install step,
and umounted as one of the first actions in the remove step for
chroot_archives.
Before that fix, the script terminated immediately. But now it
progresses and at the end it tries to run apt update inside the chroot
which will fail since the repository directory has been umounted, and
thus the packages and the apt metadata are no longer available, while
still being listed in /etc/apt/sources.list.
The proposed solution is to umount the local directory at the end of
the remove step, rather than at the beginning.
Closes: #891206
Up to now we created a temporary GPG key that we registered with apt-key
but with the switch to GnuPG 2 by default, this code broke. Now we stop
doing that but we add the “trusted=yes“ attribute in sources.list so
that APT knows that the repository can be trusted even if it's unsigned.
Signed-off-by: Raphaël Hertzog <hertzog@debian.org>
Future live-build versions will still allow to use casper,
but its configuration will be done differently by a custom
config tree, rather than embedded and maintenance intensive
code in live-build itself.
If a local repository path is given as a mirror URL lets bind it into the
chroot. The local repository will be unmounted while processing "remove" or
latest by the exit function.
When we rebuild an image with changed local archives,
we would preferably remove the already existing preferences files.
However, there's no way to make sure that we remove enough or too
much, hence we don't remove any at all and stay with the dogma:
"If you change something in the config tree affecting $stage,
you need to rebuild that stage from scratch."
So for pinning changes for local archives, this means, since it's
affecting the chroot stage, we'll have to rebuild the chroot stage:
"lb clean --chroot && lb chroot"
Previously, we needed to keep the lb_* prefix as the scripts
could also be executed standalone. Since the lb wrapper is
mandatory since squeeze, we can drop this now.
Luca Boccassi
Raphaël Hertzog
Sophie Brun
Daniel Baumann
Jan Blunck
Jan Blunck
Daniel Baumann