#!/usr/bin/env zsh # the example schroot.conf file found in /usr/share/schroot/example-schroot.conf # has sections that should really be split and put in chroot.d # this function puts only defaults for all chroots that cannot be added in the # sbuild-createchroot command. conf_print_schroot_header() { fn set_schroot_header cat <<-EOF # schroot chroot definitions. # See schroot.conf(5) for complete documentation of the file format. # # Please take note that you should not add untrusted users to # root-groups, because they will essentially have full root access # to your system. They will only have root access inside the chroot, # but that's enough to cause malicious damage. # # Per chroot configuration should be put in /etc/schroot/chroot.d/ # and this file reserved for default values for all chroots. # # This is mostly for sbuild created chroots who's creation time # settings are limited. # EOF } conf_print_schroot() { fn set_schroot_defaults cat <<-EOF [*] type=directory union-type=overlay command-prefix=eatmydata users=default source-users=default script-config=/etc/schroot/default/config preserve-environment=true EOF } # conf_print_schroot_header | sudo tee /etc/schroot/schroot.conf >/dev/null # conf_print_schroot | sudo tee -a /etc/schroot/schroot.conf >/dev/null conf_print_schroot_copyfiles() { fn conf_print_schroot_copyfiles cat <<-EOF # Files to copy into the chroot from the host system. # # [ ] /etc/resolv.conf /etc/hosts /etc/sudoers EOF } # conf_print_schroot_copyfiles | sudo tee /etc/schroot/${schroot_config}/copyfiles >/dev/null conf_print_schroot_fstab() { fn conf_print_schroot_fstab req=(sources_dir sources_dest) ckreq || return 1 cat <<-EOF # fstab: static file system information for chroots. # Note that the mount point will be prefixed by the chroot path # (CHROOT_PATH) # # /proc /proc none rw,bind 0 0 /sys /sys none rw,bind 0 0 /dev /dev none rw,bind 0 0 /dev/pts /dev/pts none rw,bind 0 0 ${sources_dir} ${sources_dest} none rw,bind 0 0 /tmp /tmp none rw,bind 0 0 # It may be desirable to have access to /run, especially if you wish # to run additional services in the chroot. However, note that this # may potentially cause undesirable behaviour on upgrades, such as # killing services on the host. #/run /run none rw,bind 0 0 #/run/lock /run/lock none rw,bind 0 0 #/dev/shm /dev/shm none rw,bind 0 0 #/run/shm /run/shm none rw,bind 0 0 EOF } # conf_print_schroot_fstab | sudo tee /etc/schroot/${schroot_config}/fstab >/dev/null conf_print_schroot_nssdatabases() { fn conf_print_schroot_nssdatabases cat <<-EOF # System databases to copy into the chroot from the host system. # # passwd shadow group gshadow services protocols networks hosts EOF } # conf_print_schroot_nssdatabases | sudo tee /etc/schroot/${schroot_config}/nssdatabases >/dev/null ## DEPRECATED: use profile instead of script-config in the chroot.conf # conf_print_schroot_config() { # fn conf_print_schroot_config # req=(schroot_config) # ckreq || return 1 # # cat <<-EOF # # Filesystems to mount inside the chroot. # FSTAB="/etc/schroot/${schroot_config}/fstab" # # # Files to copy from the host system into the chroot. # COPYFILES="/etc/schroot/${schroot_config}/copyfiles" # # # System NSS databases to copy into the chroot. # NSSDATABASES="/etc/schroot/${schroot_config}/nssdatabases" # EOF # } # conf_print_schroot_config | sudo tee /etc/schroot/${schroot_config}/config >/dev/null conf_print_chroot_d() { fn conf_print_chroot_d req=(strapdir arch release schroot_config) ckreq || return 1 cat <<-EOF [${release}_${arch}] description=${release} (${arch}) for devuan arm-sdk type=directory directory=${strapdir} union-type=overlay command-prefix=eatmydata users=default source-users=default profile=${schroot_config} preserve-environment=true EOF } # conf_print_chroot_d | sudo tee /etc/schroot/chroot.d/${release}_${arch} >/dev/null