forked from Minki/linux
d1889589a4
Building 5.10-rc1 in a setgid directory failed with the following
error:
dpkg-deb: error: control directory has bad permissions 2755 (must be
>=0755 and <=0775)
When building with fakeroot, the earlier chown call would have removed
the setgid bits, but in a rootless build they remain.
Fixes: 3e85418036
("builddeb: Enable rootless builds")
Cc: Guillem Jover <guillem@hadrons.org>
Signed-off-by: Sven Joachim <svenjoac@gmx.de>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
238 lines
7.1 KiB
Bash
Executable File
238 lines
7.1 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# builddeb 1.3
|
|
# Copyright 2003 Wichert Akkerman <wichert@wiggy.net>
|
|
#
|
|
# Simple script to generate a deb package for a Linux kernel. All the
|
|
# complexity of what to do with a kernel after it is installed or removed
|
|
# is left to other scripts and packages: they can install scripts in the
|
|
# /etc/kernel/{pre,post}{inst,rm}.d/ directories (or an alternative location
|
|
# specified in KDEB_HOOKDIR) that will be called on package install and
|
|
# removal.
|
|
|
|
set -e
|
|
|
|
is_enabled() {
|
|
grep -q "^$1=y" include/config/auto.conf
|
|
}
|
|
|
|
if_enabled_echo() {
|
|
if is_enabled "$1"; then
|
|
echo -n "$2"
|
|
elif [ $# -ge 3 ]; then
|
|
echo -n "$3"
|
|
fi
|
|
}
|
|
|
|
create_package() {
|
|
local pname="$1" pdir="$2"
|
|
local dpkg_deb_opts
|
|
|
|
mkdir -m 755 -p "$pdir/DEBIAN"
|
|
mkdir -p "$pdir/usr/share/doc/$pname"
|
|
cp debian/copyright "$pdir/usr/share/doc/$pname/"
|
|
cp debian/changelog "$pdir/usr/share/doc/$pname/changelog.Debian"
|
|
gzip -n -9 "$pdir/usr/share/doc/$pname/changelog.Debian"
|
|
sh -c "cd '$pdir'; find . -type f ! -path './DEBIAN/*' -printf '%P\0' \
|
|
| xargs -r0 md5sum > DEBIAN/md5sums"
|
|
|
|
# Fix ownership and permissions
|
|
if [ "$DEB_RULES_REQUIRES_ROOT" = "no" ]; then
|
|
dpkg_deb_opts="--root-owner-group"
|
|
else
|
|
chown -R root:root "$pdir"
|
|
fi
|
|
chmod -R go-w "$pdir"
|
|
# in case we are in a restrictive umask environment like 0077
|
|
chmod -R a+rX "$pdir"
|
|
# in case we build in a setuid/setgid directory
|
|
chmod -R ug-s "$pdir"
|
|
|
|
# Create the package
|
|
dpkg-gencontrol -p$pname -P"$pdir"
|
|
dpkg-deb $dpkg_deb_opts ${KDEB_COMPRESS:+-Z$KDEB_COMPRESS} --build "$pdir" ..
|
|
}
|
|
|
|
deploy_kernel_headers () {
|
|
pdir=$1
|
|
|
|
rm -rf $pdir
|
|
|
|
(
|
|
cd $srctree
|
|
find . arch/$SRCARCH -maxdepth 1 -name Makefile\*
|
|
find include scripts -type f -o -type l
|
|
find arch/$SRCARCH -name Kbuild.platforms -o -name Platform
|
|
find $(find arch/$SRCARCH -name include -o -name scripts -type d) -type f
|
|
) > debian/hdrsrcfiles
|
|
|
|
{
|
|
if is_enabled CONFIG_STACK_VALIDATION; then
|
|
echo tools/objtool/objtool
|
|
fi
|
|
|
|
find arch/$SRCARCH/include Module.symvers include scripts -type f
|
|
|
|
if is_enabled CONFIG_GCC_PLUGINS; then
|
|
find scripts/gcc-plugins -name \*.so
|
|
fi
|
|
} > debian/hdrobjfiles
|
|
|
|
destdir=$pdir/usr/src/linux-headers-$version
|
|
mkdir -p $destdir
|
|
tar -c -f - -C $srctree -T debian/hdrsrcfiles | tar -xf - -C $destdir
|
|
tar -c -f - -T debian/hdrobjfiles | tar -xf - -C $destdir
|
|
rm -f debian/hdrsrcfiles debian/hdrobjfiles
|
|
|
|
# copy .config manually to be where it's expected to be
|
|
cp $KCONFIG_CONFIG $destdir/.config
|
|
|
|
mkdir -p $pdir/lib/modules/$version/
|
|
ln -s /usr/src/linux-headers-$version $pdir/lib/modules/$version/build
|
|
}
|
|
|
|
deploy_libc_headers () {
|
|
pdir=$1
|
|
|
|
rm -rf $pdir
|
|
|
|
$MAKE -f $srctree/Makefile headers
|
|
$MAKE -f $srctree/Makefile headers_install INSTALL_HDR_PATH=$pdir/usr
|
|
|
|
# move asm headers to /usr/include/<libc-machine>/asm to match the structure
|
|
# used by Debian-based distros (to support multi-arch)
|
|
host_arch=$(dpkg-architecture -a$(cat debian/arch) -qDEB_HOST_MULTIARCH)
|
|
mkdir $pdir/usr/include/$host_arch
|
|
mv $pdir/usr/include/asm $pdir/usr/include/$host_arch/
|
|
}
|
|
|
|
version=$KERNELRELEASE
|
|
tmpdir=debian/linux-image
|
|
dbg_dir=debian/linux-image-dbg
|
|
packagename=linux-image-$version
|
|
dbg_packagename=$packagename-dbg
|
|
|
|
if [ "$ARCH" = "um" ] ; then
|
|
packagename=user-mode-linux-$version
|
|
fi
|
|
|
|
# Not all arches have the same installed path in debian
|
|
# XXX: have each arch Makefile export a variable of the canonical image install
|
|
# path instead
|
|
case $ARCH in
|
|
um)
|
|
installed_image_path="usr/bin/linux-$version"
|
|
;;
|
|
parisc|mips|powerpc)
|
|
installed_image_path="boot/vmlinux-$version"
|
|
;;
|
|
*)
|
|
installed_image_path="boot/vmlinuz-$version"
|
|
esac
|
|
|
|
BUILD_DEBUG=$(if_enabled_echo CONFIG_DEBUG_INFO Yes)
|
|
|
|
# Setup the directory structure
|
|
rm -rf "$tmpdir" "$dbg_dir" debian/files
|
|
mkdir -m 755 -p "$tmpdir/DEBIAN"
|
|
mkdir -p "$tmpdir/lib" "$tmpdir/boot"
|
|
|
|
# Install the kernel
|
|
if [ "$ARCH" = "um" ] ; then
|
|
mkdir -p "$tmpdir/usr/lib/uml/modules/$version" "$tmpdir/usr/bin" "$tmpdir/usr/share/doc/$packagename"
|
|
cp System.map "$tmpdir/usr/lib/uml/modules/$version/System.map"
|
|
cp $KCONFIG_CONFIG "$tmpdir/usr/share/doc/$packagename/config"
|
|
gzip "$tmpdir/usr/share/doc/$packagename/config"
|
|
else
|
|
cp System.map "$tmpdir/boot/System.map-$version"
|
|
cp $KCONFIG_CONFIG "$tmpdir/boot/config-$version"
|
|
fi
|
|
cp "$($MAKE -s -f $srctree/Makefile image_name)" "$tmpdir/$installed_image_path"
|
|
|
|
if is_enabled CONFIG_OF_EARLY_FLATTREE; then
|
|
# Only some architectures with OF support have this target
|
|
if [ -d "${srctree}/arch/$SRCARCH/boot/dts" ]; then
|
|
$MAKE -f $srctree/Makefile INSTALL_DTBS_PATH="$tmpdir/usr/lib/$packagename" dtbs_install
|
|
fi
|
|
fi
|
|
|
|
if is_enabled CONFIG_MODULES; then
|
|
INSTALL_MOD_PATH="$tmpdir" $MAKE -f $srctree/Makefile modules_install
|
|
rm -f "$tmpdir/lib/modules/$version/build"
|
|
rm -f "$tmpdir/lib/modules/$version/source"
|
|
if [ "$ARCH" = "um" ] ; then
|
|
mv "$tmpdir/lib/modules/$version"/* "$tmpdir/usr/lib/uml/modules/$version/"
|
|
rmdir "$tmpdir/lib/modules/$version"
|
|
fi
|
|
if [ -n "$BUILD_DEBUG" ] ; then
|
|
for module in $(find $tmpdir/lib/modules/ -name *.ko -printf '%P\n'); do
|
|
module=lib/modules/$module
|
|
mkdir -p $(dirname $dbg_dir/usr/lib/debug/$module)
|
|
# only keep debug symbols in the debug file
|
|
$OBJCOPY --only-keep-debug $tmpdir/$module $dbg_dir/usr/lib/debug/$module
|
|
# strip original module from debug symbols
|
|
$OBJCOPY --strip-debug $tmpdir/$module
|
|
# then add a link to those
|
|
$OBJCOPY --add-gnu-debuglink=$dbg_dir/usr/lib/debug/$module $tmpdir/$module
|
|
done
|
|
|
|
# resign stripped modules
|
|
if is_enabled CONFIG_MODULE_SIG_ALL; then
|
|
INSTALL_MOD_PATH="$tmpdir" $MAKE -f $srctree/Makefile modules_sign
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
# Install the maintainer scripts
|
|
# Note: hook scripts under /etc/kernel are also executed by official Debian
|
|
# kernel packages, as well as kernel packages built using make-kpkg.
|
|
# make-kpkg sets $INITRD to indicate whether an initramfs is wanted, and
|
|
# so do we; recent versions of dracut and initramfs-tools will obey this.
|
|
debhookdir=${KDEB_HOOKDIR:-/etc/kernel}
|
|
for script in postinst postrm preinst prerm ; do
|
|
mkdir -p "$tmpdir$debhookdir/$script.d"
|
|
cat <<EOF > "$tmpdir/DEBIAN/$script"
|
|
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
# Pass maintainer script parameters to hook scripts
|
|
export DEB_MAINT_PARAMS="\$*"
|
|
|
|
# Tell initramfs builder whether it's wanted
|
|
export INITRD=$(if_enabled_echo CONFIG_BLK_DEV_INITRD Yes No)
|
|
|
|
test -d $debhookdir/$script.d && run-parts --arg="$version" --arg="/$installed_image_path" $debhookdir/$script.d
|
|
exit 0
|
|
EOF
|
|
chmod 755 "$tmpdir/DEBIAN/$script"
|
|
done
|
|
|
|
if [ "$ARCH" != "um" ]; then
|
|
if is_enabled CONFIG_MODULES; then
|
|
deploy_kernel_headers debian/linux-headers
|
|
create_package linux-headers-$version debian/linux-headers
|
|
fi
|
|
|
|
deploy_libc_headers debian/linux-libc-dev
|
|
create_package linux-libc-dev debian/linux-libc-dev
|
|
fi
|
|
|
|
create_package "$packagename" "$tmpdir"
|
|
|
|
if [ -n "$BUILD_DEBUG" ] ; then
|
|
# Build debug package
|
|
# Different tools want the image in different locations
|
|
# perf
|
|
mkdir -p $dbg_dir/usr/lib/debug/lib/modules/$version/
|
|
cp vmlinux $dbg_dir/usr/lib/debug/lib/modules/$version/
|
|
# systemtap
|
|
mkdir -p $dbg_dir/usr/lib/debug/boot/
|
|
ln -s ../lib/modules/$version/vmlinux $dbg_dir/usr/lib/debug/boot/vmlinux-$version
|
|
# kdump-tools
|
|
ln -s lib/modules/$version/vmlinux $dbg_dir/usr/lib/debug/vmlinux-$version
|
|
create_package "$dbg_packagename" "$dbg_dir"
|
|
fi
|
|
|
|
exit 0
|