1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
|
.\" $NetBSD: pkg_comp.8,v 1.35 2010/04/15 09:42:45 jmmv Exp $
.\"
.\" pkg_comp - Build packages inside a clean chroot environment
.\" Copyright (c) 2002, 2003, 2004, 2005 Julio M. Merino Vidal <jmmv@NetBSD.org>
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Neither the name of The NetBSD Foundation nor the names of its
.\" contributors may be used to endorse or promote products derived
.\" from this software without specific prior written permission.
.\" 3. Neither the name of author nor the names of its contributors may
.\" be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd April 15, 2010
.Dt PKG_COMP 8
.Os
.Sh NAME
.Nm pkg_comp
.Nd build packages inside a sandbox
.Sh SYNOPSIS
.Nm
.Oo Fl Po
.Cm c Ns \&| Ns Cm C
.Pc
.Ar conf_file
.Oc
.Op Fl Nn
.Ar target
.Op Ar pkg_name ...
.Sh DESCRIPTION
.Nm ,
or
.Em Package Compiler
in its full name,
is a tool that makes easy the compilation of packages inside a clean
sandbox.
This allows an easy tracking of exact dependencies
and the correct behavior of a package in a fresh system installation.
.Pp
The behavior of
.Nm
is controlled through a small configuration file and a target (keep
reading to learn more).
The configuration file tells
.Nm
how to configure the new chroot environment, and the target specifies
which action to take.
.Pp
The following options are recognized:
.Bl -tag -width XcXconf_file
.It Fl C Ar conf_file
Use
.Ar conf_file
as configuration file (full path expected).
.It Fl c Ar conf_file
Use
.Ar conf_file
as configuration file (only base name expected).
.It Fl N
With the exception of
.Pa pkgtools/libkver
(see
.Va NETBSD_RELEASE )
avoid installation of default packages as well as
.Va INSTALL_PACKAGES
and
.Va BUILD_PACKAGES
during the creation of the chroot.
.It Fl n
Avoid installation of
.Va INSTALL_PACKAGES
and
.Va BUILD_PACKAGES
during the creation of the chroot.
.El
.Ss What to use it for?
You can use
.Nm
to achieve many goals when building packages.
Here are some ideas:
.Bl -bullet
.It
Build packages for other system versions.
For example, build packages for
.Nx 4.0
while you are running
.Nx 5.0 .
.It
Build packages using different
.Pa mk.conf
options than your current system, like changing the threading library,
.Sy COPTS ,
placement of configuration files, etc.
.It
Debug the build process of a package, checking if buildlinks work
properly.
.It
Avoid autoconf's side effects by keeping a separate chroot for each
project, like one for GNOME2 and another one for KDE3.
.It
Schedule builds of package sets for several different machines.
.El
.Sh CONTROL DIRECTORY
.Nm
needs to store several pieces of information when it is running.
Instead of using normal system trees, it uses a special directory inside the
chroot to avoid polluting the system.
It stores there scripts, object files, built packages, etc.
This directory is
.Pa $DESTDIR/pkg_comp ;
the symbolic link
.Pa $DESTDIR/p
is automatically created to ease pathnames when working inside the chroot.
.Sh CONFIGURATION
With
.Nm
you can maintain several configuration files so you can work with
different chroot jails easily.
To make this easy, configuration files are stored inside
.Pa $HOME/pkg_comp ,
followed by the configuration file name and the .conf suffix.
The default configuration file is
.Pa $HOME/pkg_comp/default.conf ,
and is always used if you do not specify another one.
The configuration file name is specified by the argument of the
.Fl c
option.
Alternatively you can specify any pathname as a configuration file
with the argument of the
.Fl C
option.
.Pp
Configuration files are simple shell scripts that define
variables.
The default values shown here are those written in the template when
issuing a maketemplate.
.Bl -tag -width indent
.It AUTO_PACKAGES
A list of packages to automatically build during the
.Sy auto
target.
A package is in the form section/name, like misc/colorls.
Defaults to nothing.
.It AUTO_TARGET
The pkgsrc target to use when building packages in an automated fashion
(using the
.Ql auto
target).
Should be set to
.Ql package
or
.Ql bin-install ,
as other values are useless.
Defaults to
.Ql package .
.It BUILD_PACKAGES
A list of packages to automatically build after the
.Sy makeroot
target.
A package is in the form section/name, like misc/colorls.
Defaults to nothing.
.It BUILD_TARGET
The pkgsrc target to use when building packages.
It can contain any target supported by the pkgsrc system, but
reasonable values are:
.Ql install ,
.Ql package
and
.Ql bin-install .
Defaults to
.Ql package .
.It COPYROOTCFG
If set to
.Ql yes ,
all configuration files (not directories) that reside inside
.Pa /root
are copied to
.Sy $DESTDIR/root .
Defaults to
.Ql no .
.It DESTDIR
The chroot jail directory.
Defaults to
.Pa /var/chroot/pkg_comp/default .
.It DISTRIBDIR
This is the directory which holds
.Nb
binary sets and X sets.
Its structure is the same as official release
distributions, that is, tgz files must reside inside
.Pa $DISTRIBDIR/binary/sets .
Defaults to
.Pa /var/pub/NetBSD .
.It EXTRAMK
Specifies a whitespace-separated list of files that must be appended to
.Pa $DESTDIR/etc/mk.conf .
This is useful to add special items to this configuration file.
Defaults to nothing.
.It INSTALL_PACKAGES
A list of packages to automatically install after the
.Sy makeroot
and before installing
.Sy BUILD_PACKAGES .
These are also installed within the sandbox created by the
.Sy auto
target, but before anything is built.
Each name must be the full package name, including the tgz suffix.
Packages are searched inside
.Pa $REAL_PACKAGES/All .
Defaults to nothing.
.It LOCALBASE
Where binary packages get installed.
Defaults to
.Pa /usr/pkg .
.It MKCONF_VARS
A list of variable names that will be appended to the generated
.Pa /etc/mk.conf
file, together with their values set in the configuration file.
Its default value contains all variables listed here.
.It NETBSD_RELEASE
Specifies which version number of
.Nx
is installed inside the chroot.
If set to
.Ql no ,
no special action is taken (this is useful if the system version inside
the chroot matches the outside one).
Otherwise, the package
.Pa pkgtools/libkver
will be installed inside the chroot, in a special purpose
prefix whose value can be set in
.Pa $DESTDIR/etc/mk.conf
via the configuration file
with the
.Va LIBKVER_STANDALONE_PREFIX
variable.
The libkver library will be configured inside the chroot, with the symbolic link
.Pa $DESTDIR/libkver_osrelease
and
.Va LD_PRELOAD
in default shells environments,
so that the
.Nx
version specified in
.Va NETBSD_RELEASE
overrides the host system version.
See
.Xr kver 3
for more information.
Defaults to
.Ql no .
.It PKG_DBDIR
Location of the packages database.
Defaults to
.Pa /var/db/pkg .
.It PKG_SYSCONFBASE
Base directory of configuration files.
Defaults to
.Pa /usr/pkg/etc .
.It PKGSRC_COMPILER
List of values specifying the chain of compilers to invoke when building
packages.
Defaults to
.Ql gcc .
If you are defining
.Va REAL_CCACHE ,
remember to prepend
.Ql ccache
to this variable's value.
.It PKGVULNDIR
Directory where the
.Pa vulnerabilities
file will be installed (inside the chroot).
Defaults to
.Pa /usr/pkg/share .
.It REAL_PKGVULNDIR
Directory where the system-wide
.Pa vulnerabilities
file resides (outside the chroot).
Defaults to
.Pa /usr/pkgsrc/distfiles .
.It ROOTSHELL
The shell of the root user.
Defaults to
.Pa /bin/ksh .
.It SETS
A list of binary sets to be extracted inside
.Sy DESTDIR .
Defaults to
.Ql base.tgz comp.tgz etc.tgz kern-GENERIC.tgz text.tgz .
If no kernel is extracted by these sets, an empty
.Pa /netbsd
file is created inside the chroot.
.It SETS_X11
A list of binary sets of the X Window system.
This has the same behavior
as
.Sy SETS .
If this variable is set to
.Ql no ,
no X Window is configured inside the chroot
jail and no other X variables take effect.
Defaults to
.Ql xbase.tgz xcomp.tgz xetc.tgz xfont.tgz xserver.tgz .
.It SYNC_UMOUNT
If set to
.Ql yes ,
run
.Xr sync 8
three times after all file systems have been unmounted.
Defaults to
.Ql no .
.It USE_AUDIT_PACKAGES
If set to
.Ql yes ,
let
.Nm
handle the
.Pa vulnerabilities
file automatically.
This means that it will install the system-wide
.Pa vulnerabilities
file inside the chroot when needed, keeping both in sync.
Defaults to
.Ql yes .
.It USE_GCC3
If set to
.Ql yes ,
the GNU C Compiler version 3 will be installed inside the chroot
environment and used to build all packages, using the
.Pa lang/gcc3
package.
Defaults to
.Ql no .
.It USE_XPKGWEDGE
If set to
.Ql yes ,
you want xpkgwedge to be compiled and installed automatically inside the
chroot.
This takes care of setting up
.Pa /etc/profile
and
.Pa /etc/csh.login
for xpkgwedge to work.
Has no effect if X is unconfigured.
Defaults to
.Ql yes .
.El
.Ss Mounted file systems
In order to avoid duplicating huge system trees,
.Nm
takes advantage of file system layers.
By default, it uses
.Xr mount_null 8 ,
which duplicates a file system tree into another directory; although
you may want to use
.Xr mount_union 8 ,
or even
.Xr mount_overlay 8 .
If the
content of these variables is empty, that file system is not mounted.
.Pp
You can control which layer to use and which options you want with
special configuration options, as explained below.
.Pp
These file systems are mounted before entering the chroot and unmounted
after exiting.
In order to know if file systems are mounted or not, the
program uses a temporary file, called
.Pa $DESTDIR/pkg_comp/tmp/mount.stat ,
which controls the number of
.Nm
processes using the chroot environment.
If some of them crashes unexpectedly and you notice it does not try
to unmount the file systems, this status file may get out of sync.
Be sure to check that NO file systems are mounted when issuing a
.Sy removeroot .
.Bl -tag -width indent
.It REAL_CCACHE
Specifies where a global ccache directory resides in the real system.
Defaults to nothing, which disables the global cache.
Keep in mind that this is specially useful to keep the cache across
rebuilds of the sandbox, but be very careful if you plan to share a
cache directory between different sandboxes, as this can lead to problems.
.It REAL_DISTFILES
Specifies where distfiles reside in the real system.
Defaults to
.Pa /usr/pkgsrc/distfiles .
.It REAL_DISTFILES_OPTS
Mount options.
Defaults to
.Sy -t null -o rw .
.It REAL_PACKAGES
Specifies where to build binary packages.
This variable is specially useful.
Defaults to
.Pa /usr/pkgsrc/packages .
.It REAL_PACKAGES_OPTS
Mount options.
Defaults to
.Sy -t null -o rw .
.It REAL_PKGSRC
The pkgsrc tree.
This can be useful if you want to use several pkgsrc trees independently.
Defaults to
.Pa /usr/pkgsrc .
.It REAL_PKGSRC_OPTS
Mount options.
Defaults to
.Sy -t null -o ro .
.It REAL_SRC
The src system tree.
Usually useless, but may be needed by some packages, like sysutils/aperture.
Defaults to
.Pa /usr/src .
.It REAL_SRC_OPTS
Mount options.
Defaults to
.Sy -t null -o ro .
.It MAKEROOT_HOOKS
A whitespace separated list of functions or external scripts to be executed
after the sandbox is created.
Two arguments are given to each of them:
.Ar $DESTDIR ,
and the word
.Ar makeroot .
Defaults to nothing.
.It MOUNT_HOOKS
A whitespace separated list of functions or external scripts to be executed
after file systems are mounted.
Two arguments are given to each of them:
.Ar $DESTDIR ,
and the word
.Ar mount .
Defaults to nothing.
.It UMOUNT_HOOKS
A whitespace separated list of functions or external scripts to be executed
before file systems are unmounted.
Two arguments are given to each of them:
.Ar $DESTDIR ,
and the word
.Ar umount .
Defaults to nothing.
.El
.Sh TARGETS
A target specifies what
.Nm
should do (as in make).
The following list describes all supported targets,
in the logical order you should call them.
.Bl -tag -width indent
.It maketemplate
Create a sample
.Ar conf_file .
You should edit it after the creation as you will probably want to change
the default configuration, specially paths.
.It makeroot
Create the chroot environment, based on the specs of the configuration file.
This step is required before trying any other, except maketemplate.
.It build
Builds the specified packages inside the chroot.
You need to pass their names as relative paths inside pkgsrc, like
.Pa pkgtools/pkg_comp .
.It install
Install the specified binary packages into the chroot.
Package names can contain globs.
The package files will be taken from within
.Sy REAL_PACKAGES .
.It chroot
Enters the chroot environment.
If no arguments are given,
.Va ROOTSHELL
is executed, otherwise whatever you typed.
If the first argument begins with a word prefixed by
.Li pkg_ ,
then the
.Ql chroot
argument can be omitted (it is implied).
.It removeroot
Remove the entire chroot tree.
You should do it with this target because it
will take care to umount needed mount points.
.It auto
This executes several targets automatically, using
.Sy AUTO_TARGET
as
.Sy BUILD_TARGET
during the build.
The order is: makeroot, build and removeroot.
This is useful to create binary packages of several pkgsrc and their
dependencies automatically.
For this to be useful, you need to set
.Sy REAL_PACKAGES
and use
.Sy AUTO_PACKAGES
or pass package names through the command line.
.Pp
If the magic word
.Ql resume
is passed as the unique argument to this target,
.Nm
will attempt to resume a previous automatic build for the given configuration.
.El
.Sh NOTES
This program uses nullfs to create virtual copies of real trees inside the
chroot environment.
.Pp
You need to install the
.Pa security/audit-packages
package in the host system (and have an up to date vulnerabilities database)
if you want security checks to work inside the
chroot environment.
.Sh SEE ALSO
.Xr pkg_delete 1 ,
.Xr pkgsrc 7 ,
.Xr mount_null 8 ,
.Xr sync 8 ,
.Xr sysctl 8
.Sh AUTHORS
.An Julio M. Merino Vidal Aq jmmv@NetBSD.org
|