To create packages the `ipkg-build` script is used which double packs
`control.tar.gz` and `data.tar.gz` to a single package. By default it's
using a verbose username instead of a numeric value for files.
Official OpenWrt images (artifacts) are created within docker containers
which do not seem to contain those verbose usernames and instead
defaults to numeric values.
This becomes a problem when rebuilding public artifacts because other
build environments may offer verbose usernames and there the created
packages is different from the official ones.
With this commit `ipkg-build` always uses numeric values for user/group
and thereby making it easier to reproduce official artifacts.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Set LC_ALL=C environment variable when calling 'sort' as the sort
order otherwise depends on the locale set.
Fixes: 56ce110b73 ("scripts: make sure conffiles are sorted")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
It may happen that conffiles are in different order on different builds.
Make sure they have the same order by sorting them.
FIX: #9612
Signed-off-by: Paul Spooren <mail@aparcar.org>
This commit cleans the `ipkg-build` script via changes suggested by
shellcheck. These are mostly word splitting issues.
Remove the definition of GZIP, this adds three "lookups" of the `gzip`
binary but the rest of the build system doesn't seem to use such
improvements neither.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Use the prepared .packageusergroup file to lookup user and group names
when processing the passed file mode.
Also replace the various subshell/cut invocations with a sequence of
standard variable interpolations which fixes paths with embedded colons
as a side-effect.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
With the introduction of `./tmp/userids` the `ipkg-build` script can now
resolve values of "PKG_FILE_MODES", allowing users to set names rather
than numeric values.
Signed-off-by: Paul Spooren <mail@aparcar.org>
With the new `SOURCE` argument of `get_source_date_epoch` it is possible
to set package timestamps based on actual package changes rather thane
$TOPDIR changes.
This commit adds a new variable PKG_SOURCE_DATE_EPOCH which is used by
the `ipkg` build script. As a fallback the existing SOURCE_DATE_EPOCH is
used or as last resort the current time.
The redundant checks for `.git/` and `.svn/` are removed.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The `ipkg-build` script converts a folder into a `opkg` installable
package. Until now it would use root:root for all packages and try to
preserve file modes.
This has the two drawbacks of packages want to add non-root files or add
SUID files, like the `sudo` package does.
To give more flexibility regarding file modes and avoid init script
hacks, a new variable called `PKG_FILE_MODES`. The variable contains a
list of files modes in the format `path:owner:group:mode`.
An example for the `sudo` package below:
```
PKG_FILE_MODES:=\
/usr/bin/sudo:root:root:4755 \
/etc/sudoers:root:root:0440
```
The `ipkg-build` now runs within a fakeroot environment to set any mode
and directly store it in the resulting `ipk` package archive.
Both options `-o` and `-g` are no longer required due to the introduction
of the more flexible `-m` options, which takes the `PKG_FILE_MODES` as
input.
Lastly the option `-c` is removed as it's unused within the script.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Fix shellcheck SC2230
> which is non-standard. Use builtin 'command -v' instead.
Using `command -v` is POSIX compliant while `which` is not. Also to
mention, `command -v` is a shell builtin whereas `which` is a separate
busybox applet.
Once applied to everything concerning OpenWrt we can disable the busybox
feature `which` and save 3.8kB.
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[also replace cases in zram-swap]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When the SOURCE_DATE_EPOCH environment variable is set, use it to
override the timestamps of .ipk archive contents.
This ensures that .ipk archives built in environments without SCM
metadata (mainly the SDK) are reproducible between different runs.
Ref: https://github.com/openwrt/packages/issues/6954
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When Package/xx/conffiles only contains directories that are empty at
package time, conffiles.resolved will be missing and the following
error messages will appear in the build log.
/home/yousong/git-repo/openwrt/openwrt/scripts/ipkg-build -c -o 0 -g 0 /home/yousong/git-repo/openwrt/openwrt/build_dir/target-mips_24kc_musl/linux-malta_be/openvswitch-2.10.0/ipkg-mips_24kc/openvswitch-common /home/yousong/git-repo/openwrt/openwrt/bin/packages/mips_24kc/packages
mv: cannot stat 'CONTROL/conffiles.resolved': No such file or directory
chmod: cannot access 'CONTROL/conffiles': No such file or directory
It will not break the ipkg-build process. The change is merely cosmetic
to not cause confusion when reading logs
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Move the "which svn" and "which git" calls next to the timestamp commands
using those tools to not prematurely fail on systems where svn or git are
not present.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
According to gzip 1.7 release note:
The GZIP environment variable is now obsolescent; gzip now warns if
it is used, and rejects attempts to use dangerous options or operands.
You can use an alias or script instead.
Fix this warning by using pipe instead
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
several packages reported different file order between builds
make binutils, kmod-sched reproducible
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 46859
As a follow-up to r46026, this commit sets the modification
times of files inside the tarballs to deterministic values.
It uses the date of the last git or svn commit and falls
back to the old behavior if those are not available.
Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
SVN-Revision: 46360
When creating control.tar.gz, data.tar.gz and $package.ipk
tar compresses them with default gzip options.
This includes build timestamps in their gzip headers.
By setting the GZIP env variable to -n, gzip no longer embeds
them, which is a step towards reproducibility.
See also [1] for more detailed motivations.
[1]: https://wiki.debian.org/ReproducibleBuilds/About
Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
SVN-Revision: 46026