Source: mmdebstrap Version: 0.7.1-2 Severity: normal User: debian-de...@lists.debian.org Usertags: bullseye-security
coverage.sh and make_mirror.sh currently assume that Debian stable uses
stable/updates rather than stable-security, this will break when Debian
bullseye is released as Debian stable.
mmdebstrap defaults to using /updates unless the codename is bullseye.
Probably a more maintainable way to do this is to use Distro::Info to
find out the Debian version number and if it is 10 or earlier, use the
old style /updates for security and otherwise use -security. It is much
better to use distro-info than to hard-code the release version
numbers. It might even be a good idea to include the security suite
information in distro-info itself and look it up from there.
mmdebstrap-0.7.1 $ grep -rC5 /updates
mmdebstrap- if ( $options->{mode} ne 'chrootless'
mmdebstrap- or not defined $dpkgversion
mmdebstrap- or $dpkgversion < "1.20.0") {
mmdebstrap- push @directories, '/var/lib/dpkg/triggers',
mmdebstrap- '/var/lib/dpkg/info',
'/var/lib/dpkg/alternatives',
mmdebstrap: '/var/lib/dpkg/updates';
mmdebstrap- }
mmdebstrap- }
mmdebstrap- foreach my $dir (@directories) {
mmdebstrap- if (-e "$options->{root}/$dir") {
mmdebstrap- if (!-d "$options->{root}/$dir") {
--
mmdebstrap- # https://lists.debian.org/87r26wqr2a....@43-1.org
mmdebstrap- $sourceslist
mmdebstrap- .= "deb$signedby $secmirror $suite-security" . "
$compstr\n";
mmdebstrap- } else {
mmdebstrap- $sourceslist
mmdebstrap: .= "deb$signedby $secmirror $suite/updates" . "
$compstr\n";
mmdebstrap- }
mmdebstrap- }
mmdebstrap- return $sourceslist;
mmdebstrap-}
mmdebstrap-
--
coverage.sh-cat /etc/apt/sources.list
coverage.sh-$CMD --mode=root --variant=apt stable /tmp/debian-chroot
coverage.sh-cat << SOURCES | cmp /tmp/debian-chroot/etc/apt/sources.list
coverage.sh-deb http://deb.debian.org/debian stable main
coverage.sh-deb http://deb.debian.org/debian stable-updates main
coverage.sh:deb http://security.debian.org/debian-security stable/updates main
coverage.sh-SOURCES
coverage.sh-rm -r /tmp/debian-chroot
coverage.sh-END
coverage.sh-if [ "$HAVE_QEMU" = "yes" ]; then
coverage.sh- ./run_qemu.sh
--
make_mirror.sh- if [ -e "$dir/debian/dists/stable-updates" ];
then
make_mirror.sh- rm --one-file-system --recursive
"$dir/debian/dists/stable-updates"
make_mirror.sh- else
make_mirror.sh- echo "does not exist:
$dir/debian/dists/stable-updates" >&2
make_mirror.sh- fi
make_mirror.sh: if [ -e
"$dir/debian-security/dists/stable/updates" ]; then
make_mirror.sh: rm --one-file-system --recursive
"$dir/debian-security/dists/stable/updates"
make_mirror.sh- else
make_mirror.sh: echo "does not exist:
$dir/debian-security/dists/stable/updates" >&2
make_mirror.sh- fi
make_mirror.sh- fi
make_mirror.sh- done
make_mirror.sh- if [ -e $dir/debian-*.qcow ]; then
make_mirror.sh- rm --one-file-system "$dir"/debian-*.qcow
--
make_mirror.sh- if [ -e "$dir/debian/pool/main" ]; then
make_mirror.sh- rm --one-file-system --recursive "$dir/debian/pool/main"
make_mirror.sh- else
make_mirror.sh- echo "does not exist: $dir/debian/pool/main" >&2
make_mirror.sh- fi
make_mirror.sh: if [ -e "$dir/debian-security/pool/updates/main" ]; then
make_mirror.sh: rm --one-file-system --recursive
"$dir/debian-security/pool/updates/main"
make_mirror.sh- else
make_mirror.sh: echo "does not exist:
$dir/debian-security/pool/updates/main" >&2
make_mirror.sh- fi
make_mirror.sh- for i in $(seq 1 6); do
make_mirror.sh- if [ ! -e "$dir/debian$i" ]; then
make_mirror.sh- continue
make_mirror.sh- fi
--
make_mirror.sh- # packages that we already have
make_mirror.sh- {
make_mirror.sh- get_oldaptnames "$oldmirrordir"
"dists/$dist/main/binary-$nativearch/Packages.gz"
make_mirror.sh- if grep --quiet security.debian.org
"$rootdir/etc/apt/sources.list"; then
make_mirror.sh- get_oldaptnames "$oldmirrordir"
"dists/stable-updates/main/binary-$nativearch/Packages.gz"
make_mirror.sh: get_oldaptnames "$oldcachedir/debian-security"
"dists/stable/updates/main/binary-$nativearch/Packages.gz"
make_mirror.sh- fi
make_mirror.sh- } | sort -u > "$rootdir/oldaptnames"
make_mirror.sh-
make_mirror.sh- pkgs=$(APT_CONFIG="$rootdir/etc/apt/apt.conf" apt-get
indextargets \
make_mirror.sh- --format '$(FILENAME)' 'Created-By: Packages'
"Architecture: $nativearch" \
--
make_mirror.sh- if grep --quiet security.debian.org
"$rootdir/etc/apt/sources.list"; then
make_mirror.sh- mkdir -p
"$newmirrordir/dists/stable-updates/main/binary-$nativearch/"
make_mirror.sh- curl --location "$mirror/dists/stable-updates/Release"
> "$newmirrordir/dists/stable-updates/Release"
make_mirror.sh- curl --location
"$mirror/dists/stable-updates/Release.gpg" >
"$newmirrordir/dists/stable-updates/Release.gpg"
make_mirror.sh- curl --location
"$mirror/dists/stable-updates/main/binary-$nativearch/Packages.gz" >
"$newmirrordir/dists/stable-updates/main/binary-$nativearch/Packages.gz"
make_mirror.sh: mkdir -p
"$newcachedir/debian-security/dists/stable/updates/main/binary-$nativearch/"
make_mirror.sh: curl --location
"$security_mirror/dists/stable/updates/Release" >
"$newcachedir/debian-security/dists/stable/updates/Release"
make_mirror.sh: curl --location
"$security_mirror/dists/stable/updates/Release.gpg" >
"$newcachedir/debian-security/dists/stable/updates/Release.gpg"
make_mirror.sh: curl --location
"$security_mirror/dists/stable/updates/main/binary-$nativearch/Packages.gz" >
"$newcachedir/debian-security/dists/stable/updates/main/binary-$nativearch/Packages.gz"
make_mirror.sh- fi
make_mirror.sh-
make_mirror.sh- # the deb files downloaded by apt must be moved to their right
locations in the
make_mirror.sh- # pool directory
make_mirror.sh- #
--
make_mirror.sh- # This way, it doesn't matter where the mirror ends up storing
the package.
make_mirror.sh- {
make_mirror.sh- get_newaptnames "$newmirrordir"
"dists/$dist/main/binary-$nativearch/Packages.gz";
make_mirror.sh- if grep --quiet security.debian.org
"$rootdir/etc/apt/sources.list"; then
make_mirror.sh- get_newaptnames "$newmirrordir"
"dists/stable-updates/main/binary-$nativearch/Packages.gz"
make_mirror.sh: get_newaptnames "$newcachedir/debian-security"
"dists/stable/updates/main/binary-$nativearch/Packages.gz"
make_mirror.sh- fi
make_mirror.sh- } | sort -u > "$rootdir/newaptnames"
make_mirror.sh-
make_mirror.sh- rm "$rootdir/var/cache/apt/archives/lock"
make_mirror.sh- rmdir "$rootdir/var/cache/apt/archives/partial"
--
make_mirror.sh- fi
make_mirror.sh- cat << END | update_cache "$dist" "$nativearch"
make_mirror.sh-deb [arch=$nativearch] $mirror $dist $components
make_mirror.sh-END
make_mirror.sh- if [ "$dist" = "stable" ]; then
make_mirror.sh: # starting wit bullseye, stable/updates becomes
stable-security
make_mirror.sh- cat << END | update_cache "$dist" "$nativearch"
make_mirror.sh-deb [arch=$nativearch] $mirror $dist $components
make_mirror.sh-deb [arch=$nativearch] $mirror stable-updates main
make_mirror.sh:deb [arch=$nativearch] $security_mirror stable/updates main
make_mirror.sh-END
make_mirror.sh- fi
make_mirror.sh- done
make_mirror.sh-done
make_mirror.sh-
-- System Information:
Debian Release: bullseye/sid
APT prefers testing-debug
APT policy: (900, 'testing-debug'), (900, 'testing'), (800,
'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700,
'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.9.0-1-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8
UTF-8), LANGUAGE=en_AU:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
-- no debconf information
--
bye,
pabs
https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
