Bug#389430: override suite for udebs
Here's a patch that implements a slight different approach. The idea
is to allow a user to specify an 'override suite' which is used as an
alternate/preferred suite for udebs.
The reason I chose this approach is its consistency with other aspects
of our derivative distribution, namely its layered approach.
We take an unmodified subset of a stable release, and pair it with
additional suites that include additional packages and some packages
of greater versions (e.g., backports). When we need to create a custom
version of a udeb (lkdi pieces, usually), we can simply add it to the
preseeded override suite and not have to make any changes to the
"pure-debian" main/debian-installer suite.
The changes are minimal, but because it wraps existing code in a loop,
the extra indention inflates the size of the patch. For review
purposes, I'll include the patch without indenting the inner loop[1],
and also with proper indention[2].
[1]
Index: net-retriever
===================================================================
--- net-retriever (revision 49871)
+++ net-retriever (working copy)
@@ -18,6 +18,8 @@
directory="$RET"
db_get mirror/$protocol/proxy
proxy="$RET"
+db_get mirror/udeb/override_suite
+override_suite="$RET"
if [ -n "$proxy" ]; then
if [ "$protocol" = http ]; then
export http_proxy="$proxy"
@@ -107,15 +109,16 @@
codename="$RET"
Release="/tmp/net-retriever-$$-Release"
- fetch "dists/$codename/Release" "$Release" || exit $?
+ for suite in "$codename" "$override_suite"; do
+ fetch "dists/$suite/Release" "$Release" || exit $?
# If gpgv and a keyring are installed, authentication is
# mandatory by default.
if type gpgv >/dev/null && [ -f "$keyring" ]; then
if db_get debian-installer/allow_unauthenticated && [ "$RET" = true ]; then
log "Not verifying Release signature: unauthenticated mode enabled"
else
- if ! fetch "dists/$codename/Release.gpg" "$Release.gpg"; then
- error "dists/$codename/Release is unsigned."
+ if ! fetch "dists/$suite/Release.gpg" "$Release.gpg"; then
+ error "dists/$suite/Release is unsigned."
fi
if ! log-output -t net-retriever --pass-stdout \
gpgv --status-fd 1 --keyring "$keyring" \
@@ -143,7 +146,7 @@
fi
Packages="/tmp/net-retriever-$$-Packages"
rm -f "$Packages"
- fetch "dists/$codename/$pkgfile" "$Packages" || continue
+ fetch "dists/$suite/$pkgfile" "$Packages" || continue
checkmatch "$Release" "$pkgfile" \
"$(md5sum "$Packages" | cut -d' ' -f1)" \
"$(wc -c < "$Packages" | tr -d ' ')"
@@ -156,6 +159,7 @@
break
done
done
+ done
exit $ret
;;
[2]
Index: net-retriever
===================================================================
--- net-retriever (revision 49871)
+++ net-retriever (working copy)
@@ -18,6 +18,8 @@
directory="$RET"
db_get mirror/$protocol/proxy
proxy="$RET"
+db_get mirror/udeb/override_suite
+override_suite="$RET"
if [ -n "$proxy" ]; then
if [ "$protocol" = http ]; then
export http_proxy="$proxy"
@@ -107,53 +109,55 @@
codename="$RET"
Release="/tmp/net-retriever-$$-Release"
- fetch "dists/$codename/Release" "$Release" || exit $?
- # If gpgv and a keyring are installed, authentication is
- # mandatory by default.
- if type gpgv >/dev/null && [ -f "$keyring" ]; then
- if db_get debian-installer/allow_unauthenticated && [ "$RET" = true ]; then
- log "Not verifying Release signature: unauthenticated mode enabled"
+ for suite in "$codename" "$override_suite"; do
+ fetch "dists/$suite/Release" "$Release" || exit $?
+ # If gpgv and a keyring are installed, authentication is
+ # mandatory by default.
+ if type gpgv >/dev/null && [ -f "$keyring" ]; then
+ if db_get debian-installer/allow_unauthenticated && [ "$RET" = true ]; then
+ log "Not verifying Release signature: unauthenticated mode enabled"
+ else
+ if ! fetch "dists/$suite/Release.gpg" "$Release.gpg"; then
+ error "dists/$suite/Release is unsigned."
+ fi
+ if ! log-output -t net-retriever --pass-stdout \
+ gpgv --status-fd 1 --keyring "$keyring" \
+ --ignore-time-conflict \
+ "$Release.gpg" "$Release" | read_gpg_status; then
+ error "Bad signature on $Release."
+ fi
+ fi
else
- if ! fetch "dists/$codename/Release.gpg" "$Release.gpg"; then
- error "dists/$codename/Release is unsigned."
- fi
- if ! log-output -t net-retriever --pass-stdout \
- gpgv --status-fd 1 --keyring "$keyring" \
- --ignore-time-conflict \
- "$Release.gpg" "$Release" | read_gpg_status; then
- error "Bad signature on $Release."
- fi
+ log "Not verifying Release signature: gpgv not available"
fi
- else
- log "Not verifying Release signature: gpgv not available"
- fi
- ARCH=`udpkg --print-architecture`
- components="`grep ^Components: $Release | cut -d' ' -f2-`"
- ret=1
- if [ -z "$components" ]; then
- error "No components listed in $Release."
- fi
- for comp in $components; do
- for ext in '.gz' ''; do
- pkgfile="$comp/debian-installer/binary-$ARCH/Packages$ext"
- line=`grep $pkgfile\$ $Release 2>/dev/null`
- if [ $? != 0 ]; then
- continue
- fi
- Packages="/tmp/net-retriever-$$-Packages"
- rm -f "$Packages"
- fetch "dists/$codename/$pkgfile" "$Packages" || continue
- checkmatch "$Release" "$pkgfile" \
- "$(md5sum "$Packages" | cut -d' ' -f1)" \
- "$(wc -c < "$Packages" | tr -d ' ')"
- if [ "$ext" = '' ]; then
- cat "$Packages" >> "$1"
- elif [ "$ext" = .gz ]; then
- zcat "$Packages" >> "$1"
- fi
- ret=0
- break
+ ARCH=`udpkg --print-architecture`
+ components="`grep ^Components: $Release | cut -d' ' -f2-`"
+ ret=1
+ if [ -z "$components" ]; then
+ error "No components listed in $Release."
+ fi
+ for comp in $components; do
+ for ext in '.gz' ''; do
+ pkgfile="$comp/debian-installer/binary-$ARCH/Packages$ext"
+ line=`grep $pkgfile\$ $Release 2>/dev/null`
+ if [ $? != 0 ]; then
+ continue
+ fi
+ Packages="/tmp/net-retriever-$$-Packages"
+ rm -f "$Packages"
+ fetch "dists/$suite/$pkgfile" "$Packages" || continue
+ checkmatch "$Release" "$pkgfile" \
+ "$(md5sum "$Packages" | cut -d' ' -f1)" \
+ "$(wc -c < "$Packages" | tr -d ' ')"
+ if [ "$ext" = '' ]; then
+ cat "$Packages" >> "$1"
+ elif [ "$ext" = .gz ]; then
+ zcat "$Packages" >> "$1"
+ fi
+ ret=0
+ break
+ done
done
done
exit $ret
Reply to: