Changeset 1564


Ignore:
Timestamp:
May 22, 2012, 11:46:10 AM (7 years ago)
Author:
bruno
Message:
  • Fix typo n rpmbootstrap preventing it to run
  • Fix the detection of setarch call with a more correct regexp
  • New mageia mirror used (similar as mandriva)
  • Add a test script to have a full regression suite before publishing a new version
Location:
devel
Files:
2 added
6 edited

Legend:

Unmodified
Added
Removed
  • devel/pb-doc/SECURITY

    r1179 r1564  
    44This is done by calls to sudo.
    55However, by default all actions are performed with an unpriviledge user (the one using pb or the pb user if working on VM/VE/RM)
    6 Security is not considered a constaint when pb is generating the build environment itself, such as for VM and VE. So, in these cases, the sudo configuration allows the pb user to do all commands without password in the VM or to perform locally all actions for the VE management, by geing granted full local access.
     6Security is not considered a constaint when pb is generating the build environment itself, such as for VM and VE. So, in these cases, the sudo configuration allows the pb user to do all commands without password in the VM or to perform locally all actions for the VE management, by being granted full local access.
    77However, when using pb with RM, as the systems may pre-exist and be used for other tasks, a strict analysis of the actions performed is required, in order to restrict precisely the commands called with sudo priviledges, as these are done without password request to automate generation.
    88
    9 In the Distributions.pm module there are sudo calls, corresponding to the abilty to configure automatically additional repositories. That feature may not be used on RM and solved manually without problem. In case this is used, and sudo isn't configured accordingly, then the additional repo will NOT be added and the build will probably fail.
     9In the Distributions.pm module there are sudo calls, corresponding to the abilty to configure automatically additional repositories. That feature may not be used on RM or solved manually without problem. In case this is used, and sudo isn't configured accordingly, then the additional repo will NOT be added and the build will probably fail.
    1010
    11 In the default pb.conf main configuration files, parameters for osupd and osins for the various distributions call sudo to make the installation of missing packages. These calls are done as 'pb' user' by default (or the account configured as rmlogin in the configuration file). In case this is used, and sudo isn't configured accordingly, then the additional required packages will NOT be added and the build will probably fail.
     11In the default pb.conf main configuration files, parameters for osupd and osins for the various distributions call sudo to make the installation of missing packages. These calls are done as 'pb' user by default (or the account configured as rmlogin in the configuration file). In case this is used, and sudo isn't configured accordingly, then the additional required packages will NOT be added and the build will probably fail.
    1212For RM, we may consider that all required packages for the build are already installed on the system, or give rpm/yum/apt/urpmi/zypper... sudo rights to the build account manually.
    1313Recommended for a manual setup (not using rmsetup): Add manually to your system sudo access for the pb account to the local package install and update command such as /bin/rpm e.g:
     
    2020
    2121All:
    22 sudo $vntpcmd $vntp (Commande extraite d'un fichier de conf local => Potential Security issue for RM)
     22sudo $vntpcmd $vntp (Command extracted from a local conf file => Potential Security issue for RM)
    2323sudo /bin/date
    2424
     
    4646sudo rm -f $vepath->{$ENV{'PBPROJ'}}/$pbos->{'name'}-$pbos->{'version'}-$pbos->{'arch'}.tar.gz
    4747
    48 Here is a list of commands called locally to build in some Linux distributins special cases:
     48Here is a list of commands called locally to build on some Linux distributions special cases:
    4949For gentoo: sudo sh -c 'echo PORTDIR_OVERLAY=\"$ENV{'HOME'}/portage\" >> /etc/make.conf'
    5050For Slackware (TBC): sudo /sbin/makepkg -p -l y -c y $pbpkg
  • devel/pb-modules/etc/pb.conf

    r1545 r1564  
    407407# pbos->{'arch'} == i586 for i386 repo
    408408rbsmirrorsrv mandriva = http://mirrors.kernel.org/mandriva/Mandrakelinux/official/$pbos->{'version'}/$pbos->{'arch'}/media/main/release/
    409 rbsmirrorsrv mageia = http://distrib-coffee.ipsl.jussieu.fr/pub/linux/Mageia/distrib/$pbos->{'version'}/$pbos->{'arch'}/media/core/release/
     409rbsmirrorsrv mageia = http://mirrors.kernel.org/mageia/distrib/$pbos->{'version'}/$pbos->{'arch'}/media/core/release/
     410#rbsmirrorsrv mageia = http://distrib-coffee.ipsl.jussieu.fr/pub/linux/Mageia/distrib/$pbos->{'version'}/$pbos->{'arch'}/media/core/release/
    410411#rbsmirrorsrv debian = http://ftp.us.debian.org/debian/
    411412#rbsmirrorsrv ubuntu = http://us.releases.ubuntu.com/releases/
  • devel/pb-modules/lib/ProjectBuilder/Base.pm

    r1558 r1564  
    425425my $arch = `uname -m`;
    426426chomp($arch);
    427 $arch =~ s/i.86/i386/;
     427$arch =~ s/i[3456]86/i386/;
    428428# For Solaris
    429429$arch =~ s/i86pc/i386/;
  • devel/pb-modules/lib/ProjectBuilder/VE.pm

    r1530 r1564  
    108108        }
    109109    }
     110
    110111    # Handle cross arch on Intel based platforms
    111     $sudocmd = "setarch i386 $sudocmd" if (($pbos->{arch} =~ /i?86/) && ($arch eq 'x86_64'));
     112    $sudocmd = "setarch i386 $sudocmd" if (($pbos->{'arch'} =~ /i[3456]86/) && ($arch eq 'x86_64'));
    112113
    113114    my $root = pb_path_expand($vepath->{$ENV{PBPROJ}});
  • devel/pb/bin/pb

    r1561 r1564  
    22592259            $shcmd = "schroot $tp -u $mac -- ";
    22602260        }
    2261         $shcmd = "setarch i386 $shcmd" if (($pbos->{'arch'} =~ /i?86/) && ($arch eq 'x86_64'));
     2261        $shcmd = "setarch i386 $shcmd" if (($pbos->{'arch'} =~ /i[3456]86/) && ($arch eq 'x86_64'));
    22622262        $cpcmd = "sudo /bin/cp -r ";
    22632263        # We need to get the home dir of the target account to deliver in the right place
  • devel/rpmbootstrap/bin/rpmbootstrap

    r1534 r1564  
    472472#
    473473pb_mkdir_p("$vepath/proc");
    474 pb_system("mount -o bind /proc $vepath/proc","Mounting /proc") unless (-d "$vepath/proc/$$";);
     474pb_system("mount -o bind /proc $vepath/proc","Mounting /proc") unless (-d "$vepath/proc/$$");
    475475
    476476#
Note: See TracChangeset for help on using the changeset viewer.