Note that exim contains tracker-specific configuration

[mirror/dsa-puppet.git] / modules / schroot / files / setup-dchroot

diff --git a/modules/schroot/files/setup-dchroot b/modules/schroot/files/setup-dchroot
index e63d723..7f372fe 100755 (executable)
--- a/modules/schroot/files/setup-dchroot
+++ b/modules/schroot/files/setup-dchroot
@@ -72,6 +72,20 @@ do_cleanup() {
     done
 }
 
+genname() {
+    local suite="$1"; shift
+    local arch="$1"; shift
+
+    if [ -n "$sbuildnames" ]; then
+        local name="${suite}-${arch}-sbuild"
+    else
+        local name="${suite}_${arch}-dchroot"
+    fi
+
+    echo "$name"
+}
+
+
 genschrootconf() {
     local suite="$1"; shift
     local arch="$1"; shift
@@ -83,12 +97,9 @@ genschrootconf() {
         local suite="${suite}-${extra}"
     fi
 
-    if [ -n "$sbuildnames" ]; then
-        local name="${suite}-${arch}-sbuild"
-    else
-        local name="${suite}_${arch}-dchroot"
-    fi
+    local name="$(genname "$suite" "$arch")"
 
+    local fullname="$name"
     case "$arch" in
         kfreebsd-*)
             aliases="$name"
@@ -101,7 +112,7 @@ genschrootconf() {
 
 cat << EOF
 [${name}]
-description=[${name}] Debian $suite chroot for $arch
+description=[${fullname}] Debian $suite chroot for $arch
 type=file
 file=$target
 EOF
@@ -141,7 +152,6 @@ EOF
                 genschrootconf "$suite" "$arch" "$target" "backports"
                 if [ -n "$buildd" ] ; then
                     genschrootconf "$suite" "$arch" "$target" "backports-sloppy"
-                    genschrootconf "$suite" "$arch" "$target" "lts"
                     genschrootconf "$suite" "$arch" "$target" "proposed-updates"
                     genschrootconf "$suite" "$arch" "$target" "security"
                     case "$arch" in
@@ -174,7 +184,8 @@ arch="$THISARCH"
 if [ -e /etc/schroot/dsa/default-mirror ]; then
     mirror=$(cat /etc/schroot/dsa/default-mirror )
 fi
-mirror="${mirror:-http://ftp.debian.org/debian}"
+mirror="${mirror:-https://deb.debian.org/debian}"
+smirror="https://deb.debian.org/debian-security"
 configonly=""
 force=""
 basedir="/srv/chroot"
@@ -185,7 +196,7 @@ sbuildnames=""
 ubuntu=""
 groupuser="Debian,guest,d-i"
 grouproot=""
-include="apt,fakeroot"
+include="apt,fakeroot,ca-certificates"
 users=""
 usersroot=""
 bare=""
@@ -336,12 +347,28 @@ if ! [ -e "$script" ]; then
     fi
 fi
 
+case "$suite" in
+  stretch|jessie|precise|trusty|xenial)
+    include="$include,apt-transport-https"
+    ;;
+esac
+
+bindir=$(mktemp -d)
+cleanup+=("rm -r $bindir")
+cat > "$bindir/wget" << 'EOF'
+#!/bin/sh
+exec /usr/bin/wget --ca-directory=/etc/ssl/ca-global "$@"
+EOF
+chmod +x "$bindir/wget"
+
 set -x
-debootstrap \
+PATH="$bindir:$PATH" \
+  debootstrap \
     --keyring "$keyring" \
     --include="$include" \
     --variant=buildd \
     --arch="$arch" \
+    --no-merged-usr \
     "$suite_alias" "$rootdir" "$mirror" "$script"
 echo "$tuple" > "$rootdir/etc/debian_chroot"
 echo "force-unsafe-io" > "$rootdir/etc/dpkg/dpkg.cfg.d/force-unsafe-io"
@@ -380,6 +407,21 @@ while true; do
 done
 EOF
 chmod +x "$rootdir/usr/local/sbin/policy-rc.d"
+
+case "$suite" in
+  jessie) # LTS updates
+    echo "deb ${smirror} ${suite}/updates main" >> "$rootdir/etc/apt/sources.list"
+    chroot "$rootdir" apt-get update
+    chroot "$rootdir" apt-get dist-upgrade -y
+    ;;
+esac
+if [ -n "$ubuntu" ]; then
+  echo "deb $mirror ${suite}-updates main" >> "$rootdir/etc/apt/sources.list"
+  echo "deb $mirror ${suite}-security main" >> "$rootdir/etc/apt/sources.list"
+  chroot "$rootdir" apt-get update
+  chroot "$rootdir" apt-get dist-upgrade -y
+fi
+
 [ -z "$bare" ] && [ -z "$ubuntu" ] && chroot "$rootdir" apt-get install -y --no-install-recommends locales-all
 chroot "$rootdir" apt-get install -y --no-install-recommends build-essential
 [ -z "$bare" ] && chroot "$rootdir" apt-get install -y --no-install-recommends zsh less vim fakeroot devscripts gdb
@@ -395,7 +437,7 @@ cleanup+=("rm -f $tartmp")
   chmod 0755 "$rootdir"
   tar caf "$tartmp" .
   if ! [ -z "$keep" ]; then
-    savelog -l -c 4 "$target"
+    savelog -l -c 2 "$target"
   fi
   mv "$tartmp" "$target"
 )