diff --git a/.travis.yml b/.travis.yml index 2456314..defc99b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,19 +2,23 @@ services: docker env: - - SUITE=stable CODENAME=jessie TIMESTAMP=2017-01-01T00:00:00Z SHA256=6b84f7ecfc0e6c399d0673e80c81b7f3d28e8655bede70d13651221e3453a18a - - SUITE=jessie CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=6b84f7ecfc0e6c399d0673e80c81b7f3d28e8655bede70d13651221e3453a18a - - SUITE=testing CODENAME=stretch TIMESTAMP=2017-01-01T00:00:00Z SHA256=31f686a39f685a0368839b0681d286d596aa5133cfc5d214210b271300e01b8e - - SUITE=stretch CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=31f686a39f685a0368839b0681d286d596aa5133cfc5d214210b271300e01b8e - - SUITE=unstable CODENAME=sid TIMESTAMP=2017-01-01T00:00:00Z SHA256=a10b1a69246d42352f7b30d1de2539b7e478625803b9a7f5302b89401f052379 - - SUITE=sid CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=a10b1a69246d42352f7b30d1de2539b7e478625803b9a7f5302b89401f052379 - - SUITE=oldstable CODENAME=wheezy TIMESTAMP=2017-01-01T00:00:00Z SHA256=15e13bcde2b5cc73664540d5484bbc8a363b824182c0bcf33340b9a72bc546d7 - - SUITE=wheezy CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=15e13bcde2b5cc73664540d5484bbc8a363b824182c0bcf33340b9a72bc546d7 + - SUITE=stable CODENAME=jessie TIMESTAMP=2017-01-01T00:00:00Z SHA256=c3f1697c699487382d5d15e4462c0e84b3069d3fc29ca100914c20258aa8ecc3 + - SUITE=jessie CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=c3f1697c699487382d5d15e4462c0e84b3069d3fc29ca100914c20258aa8ecc3 + - SUITE=testing CODENAME=stretch TIMESTAMP=2017-01-01T00:00:00Z SHA256=c4e7b05a8a3e0d6af65b976bd249cc4a31ba301ebbea524b5412b5e07ae3b460 + - SUITE=stretch CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=c4e7b05a8a3e0d6af65b976bd249cc4a31ba301ebbea524b5412b5e07ae3b460 + - SUITE=unstable CODENAME=sid TIMESTAMP=2017-01-01T00:00:00Z SHA256=427a4be9f69b4bb24069f97b60e9a66d5d6f7c978b924afe3cdb868709756e93 + - SUITE=sid CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=427a4be9f69b4bb24069f97b60e9a66d5d6f7c978b924afe3cdb868709756e93 + - SUITE=oldstable CODENAME=wheezy TIMESTAMP=2017-01-01T00:00:00Z SHA256=59387392aa63da1f77ea28be581a4b2d8e7e9720121d1d563a3f0cb4356f9856 + - SUITE=wheezy CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=59387392aa63da1f77ea28be581a4b2d8e7e9720121d1d563a3f0cb4356f9856 # EOL suites testing - - SUITE=eol CODENAME=etch TIMESTAMP=2017-01-01T00:00:00Z SHA256=416a70ca3a8375d139c840996d5bbcae7f1e3e8a5cffab98dd6ecb5d9347aa00 - - SUITE=eol CODENAME=woody ARCH=i386 TIMESTAMP=2017-01-01T00:00:00Z SHA256=36eecde5411e245927745043e3c20651d3ed41c7aad47404d39d1ee97ae80f09 + - SUITE=eol CODENAME=etch TIMESTAMP=2017-01-01T00:00:00Z SHA256=928f3c7fcc580360e7f9af7f1d43d65e856ffb6417eae77df78fcd9fe1a72e9a + - SUITE=eol CODENAME=woody ARCH=i386 TIMESTAMP=2017-01-01T00:00:00Z SHA256=fd6d9fe8da1a695c5a0b9880b72a9d14929bdd57ed54daff86c01addb31b984d # qemu-debootstrap testing - - ARCH=arm64 SUITE=jessie CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=27daa0fd15340367965e689e75bff4839e63a44cc2db48196b99bc9257bf3277 + - ARCH=arm64 SUITE=jessie CODENAME= TIMESTAMP=2017-01-01T00:00:00Z SHA256=a54b0b74f32d2c03f4036e7c305672471553ac18682ba109d9481da31069dc94 + # a few entries for "today" to try and catch issues like https://github.com/debuerreotype/debuerreotype/issues/41 sooner + - SUITE=unstable CODENAME= TIMESTAMP="today 00:00:00" SHA256= + - SUITE=stable CODENAME= TIMESTAMP="today 00:00:00" SHA256= + - SUITE=oldstable CODENAME= TIMESTAMP="today 00:00:00" SHA256= addons: apt: diff --git a/Dockerfile b/Dockerfile index 6c566d6..1e71c17 100644 --- a/Dockerfile +++ b/Dockerfile @@ -37,9 +37,9 @@ # debuerreotype-init test-stretch stretch 2017-05-08T00:00:00Z # debuerreotype-tar test-stretch test-stretch.tar # md5sum test-stretch.tar -# 983b79e9c4ba158e269ef9964dbab60b +# 14206d5b9b2991e98f5214c3d310e4fa # debuerreotype-init test-jessie jessie 2017-05-08T00:00:00Z # debuerreotype-tar test-jessie test-jessie.tar # md5sum test-jessie.tar -# 93ad9886b0e0da17aae584d3a0236d0c +# 57f98d3636000630080e5ba208508e10 diff --git a/README.md b/README.md index c6311c3..33df3e6 100644 --- a/README.md +++ b/README.md @@ -89,7 +89,7 @@ $ debuerreotype-gen-sources-list rootfs stretch http://deb.debian.org/debian http://security.debian.org/debian-security $ debuerreotype-tar rootfs - | sha256sum -799e1d60e516d6ba41a17a6cfe7c26c0e5749721efe18f30618e799f41c9cd65 - +745b94242ba9427bd0991b2fadb23e328170e7e59d441c08dde971eef257767a - $ # try it! you should get that same sha256sum value! ``` diff --git a/VERSION b/VERSION index eb49d7c..aec258d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.7 +0.8 diff --git a/scripts/debuerreotype-chroot b/scripts/debuerreotype-chroot index b2e17a3..ceb209b 100755 --- a/scripts/debuerreotype-chroot +++ b/scripts/debuerreotype-chroot @@ -31,5 +31,6 @@ mount --rbind "/$dir" "$targetDir/$dir" fi done + mount --rbind --read-only /etc/resolv.conf "$targetDir/etc/resolv.conf" exec chroot "$targetDir" /usr/bin/env -i PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" TZ="$TZ" LC_ALL="$LC_ALL" SOURCE_DATE_EPOCH="$epoch" "$@" ' -- "$cmd" "$@" diff --git a/scripts/debuerreotype-gen-sources-list b/scripts/debuerreotype-gen-sources-list index 7749688..9014993 100755 --- a/scripts/debuerreotype-gen-sources-list +++ b/scripts/debuerreotype-gen-sources-list @@ -54,10 +54,11 @@ ;; *) + # https://salsa.debian.org/installer-team/apt-setup/tree/d7a642fb5fc76e4f0b684db53984bdb9123f8360/generators + deb "$mirror" "$suite" "$comp" # "50mirror" + deb "$secmirror" "$suite/updates" "$comp" # "91security" + deb "$mirror" "$suite-updates" "$comp" # "92updates" # https://wiki.debian.org/SourcesList#Example_sources.list - deb "$mirror" "$suite" "$comp" - deb "$mirror" "$suite-updates" "$comp" - deb "$secmirror" "$suite/updates" "$comp" ;; esac } > "$targetDir/etc/apt/sources.list" diff --git a/scripts/debuerreotype-init b/scripts/debuerreotype-init index b44cf91..2237de6 100755 --- a/scripts/debuerreotype-init +++ b/scripts/debuerreotype-init @@ -157,8 +157,9 @@ | cut -f1 -d' ' \ > "$targetDir/etc/machine-id" # TODO should we only do this if "/etc/machine-id" already exists? { - echo 'nameserver 8.8.8.8' - echo 'nameserver 8.8.4.4' + echo '# https://1.1.1.1 (privacy-focused, highly-available DNS service)' + echo 'nameserver 1.1.1.1' + echo 'nameserver 1.0.0.1' } > "$targetDir/etc/resolv.conf" chmod 0644 \ "$targetDir/etc/hostname" \ diff --git a/scripts/debuerreotype-minimizing-config b/scripts/debuerreotype-minimizing-config index 55bc876..dd874ea 100755 --- a/scripts/debuerreotype-minimizing-config +++ b/scripts/debuerreotype-minimizing-config @@ -118,13 +118,20 @@ Acquire::GzipIndexes "true"; EOF - if [[ "$aptVersion" == 0.* ]] || "$thisDir/debuerreotype-chroot" "$targetDir" dpkg --compare-versions "$aptVersion" '<<' '1.0.9.2~'; then + # https://github.com/debuerreotype/debuerreotype/issues/41 + isDebianJessie="$([ -f "$targetDir/etc/os-release" ] && source "$targetDir/etc/os-release" && [ "${ID:-}" = 'debian' ] && [ "${VERSION_ID:-}" = '8' ] && echo '1')" || : + if [ -n "$isDebianJessie" ] || [[ "$aptVersion" == 0.* ]] || "$thisDir/debuerreotype-chroot" "$targetDir" dpkg --compare-versions "$aptVersion" '<<' '1.0.9.2~'; then cat >> "$targetDir/etc/apt/apt.conf.d/docker-gzip-indexes" <<-'EOF' # https://salsa.debian.org/apt-team/apt/commit/b0f4b486e6850c5f98520ccf19da71d0ed748ae4; released in src:apt 1.0.9.2, 2014-10-02 # prior to src:apt 1.0.9.2, "Acquire::GzipIndexes" _only_ applied to gzip-compressed list files, so we need to prefer those on older releases Acquire::CompressionTypes::Order:: "gz"; EOF + if [ -n "$isDebianJessie" ]; then + cat >> "$targetDir/etc/apt/apt.conf.d/docker-gzip-indexes" <<-'EOF' + # see also https://github.com/debuerreotype/debuerreotype/issues/41 (details of a bug that's apparently specific to Debian Jessie) + EOF + fi fi chmod 0644 "$targetDir/etc/apt/apt.conf.d/docker-gzip-indexes"