Bug#965953: live-build: [PATCH] container hooks

To: submit@bugs.debian.org
Subject: Bug#965953: live-build: [PATCH] container hooks
From: Ronny Standtke <ronny.standtke@gmx.net>
Date: Tue, 21 Jul 2020 13:56:05 +0200
Message-id: <[🔎] 45caee1c-42c7-85c9-403c-b33aea0fbe4c@gmx.net>
Reply-to: Ronny Standtke <ronny.standtke@gmx.net>, 965953@bugs.debian.org

Package: live-build
Version: 1:20191221
Severity: normal
Tags: patch

The department I work for creates live systems for many different
schools and universities. There is so much software that is needed by
these organizations but is not available in the Debian repositories,
that we needed to integrate flatpak support, enable flatpak and install
flatpak applications during build time.

Unfortunately, this is impossible with custom hooks in the current
version of live-build, because flatpak doesn't work in simple chroot
environments. I therefore created the attached patch to live-build that
adds support for "container hooks". These hooks are executed in a simple
container created via systemd-nspawn (from the systemd-container
package). We built literally hundreds of different life systems
including flatpaks in the last months and everything works as expected.
So this patch is somewhat "battle tested".

Best regards

Ronny

diff --git a/scripts/build/chroot_hooks b/scripts/build/chroot_hooks
index ff06eac3e..bbe286229 100755
--- a/scripts/build/chroot_hooks
+++ b/scripts/build/chroot_hooks
@@ -72,12 +72,14 @@ rmdir chroot/root/lb_chroot_hooks
 rmdir --ignore-fail-on-non-empty chroot/root
 
 ## Processing local hooks
-if ls config/hooks/normal/*.chroot config/hooks/live/*.chroot > /dev/null 2>&1
+if ls config/hooks/normal/*.chroot > /dev/null 2>&1 ||
+   ls config/hooks/live/*.chroot > /dev/null 2>&1 ||
+   ls config/hooks/live/*.container > /dev/null 2>&1
 then
 	# Restoring cache
 	Restore_package_cache chroot
 
-	for HOOK in config/hooks/normal/*.chroot config/hooks/live/*.chroot
+	for HOOK in config/hooks/normal/*.chroot config/hooks/live/*.chroot config/hooks/live/*.container
 	do
 		if [ ! -e "${HOOK}" ]
 		then
@@ -94,7 +96,17 @@ then
 		fi
 
 		# Executing hook
-		Chroot chroot "/root/$(basename ${HOOK})" || { Echo_error "${HOOK} failed (exit non-zero). You should check for errors."; exit 1 ;}
+		Echo_message "Executing hook ${HOOK}..."
+		case ${HOOK} in
+			*.container)
+				umount chroot/proc
+				systemd-nspawn --capability=all -D chroot "/root/$(basename ${HOOK})" || { Echo_error "${HOOK} failed (exit non-zero). You should check for errors."; exit 1 ;}
+				mount proc-live -t proc chroot/proc
+				;;
+			*)
+				Chroot chroot "/root/$(basename ${HOOK})" || { Echo_error "${HOOK} failed (exit non-zero). You should check for errors."; exit 1 ;}
+				;;
+		esac
 
 		# Removing hook
 		rm -f chroot/root/"$(basename ${HOOK})"

Reply to:

Prev by Date: (LIVE) Re: Updated Debian 9: 9.13 released
Next by Date: Re: Upcoming stable point release (10.5)
Previous by thread: Re: (LIVE) Re: Updated Debian 9: 9.13 released
Next by thread: Bug#965999: live-task-standard: Please switch netcat-traditional dependency to netcat-openbsd
Index(es):
- Date
- Thread