[ubuntu/oneiric] sbuild 0.62.2-1ubuntu1 (Accepted)
Lorenzo De Liso
blackz at ubuntu.com
Sun May 1 15:50:20 UTC 2011
sbuild (0.62.2-1ubuntu1) oneiric; urgency=low
* Merge from debian unstable, remaining changes:
- debian/patches/do-not-install-debfoster-into-chroots.patch:
do not install debfoster into the chroots because it is in universe and
not needed for package building itself.
- debian/patches/run-pre-build-hooks-as-root.patch:
run pre-build hooks as root (Closes: #607228)
* Now that the package uses a patch system, don't modify the files directly;
instead, put the changes in the respective patches and add the DEP-3
patch tagging guidelines to them.
sbuild (0.62.2-1) unstable; urgency=low
* New release.
* sbuild:
- New options --no-apt-clean, --no-apt-update, --no-apt-upgrade and
--no-apt-distupgrade have been added to allow these actions to be
disabled even when set as the default in the configuration.
- root is not required to be a member of the sbuild group in order
to run schroot via the sbuild-schroot wrapper
(Closes: #619128, #619002).
- Don't require HOME to be set in the environment (Closes: #619288).
- Work around broken build-essential on Ubuntu Lucid
(Closes: #619526). Thanks to Marc Deslauriers.
- --keep-session is replaced by
--purge-session=(always|successful|never). This will allow the
session to be purged for all, successful and no builds,
respectively (Closes: #619332).
- sources.list fragments stored in /etc/apt/sources.list.d have
0644 permissions, so that normal users can run apt-cache in the
chroot during a build (Closes: #620797). Thanks to Julian Andres
Klode for identifying this problem.
- Log filtering may be disabled using $log_filter = 0 in the
configuration (Closes: #620589). The replacement text is now
also surrounded with "«" and "»" so that strings such as CHROOT
and BUILDDIR can't be confused with any actual appearance of the
same string in the build log.
- Log colouring may be disabled using $log_colour = 0 in the
configuration.
- Improve binNMU handling to permit binNMUs for multiarch packages
(Closes: #620112). Currently, binary NMUs use the current date
in the new changelog entry, but co-installable packages require
an identical changelog. To avoid this, take the date from the
previous changelog entry to ensure the same date for all binNMUs.
Thanks to Anders Kaseorg for this patch.
- Abort early if maintainer is not defined when performing a binNMU
or appending a version suffix (Closes: #620758).
* sbuild.conf:
- Don't set a default value for $build_dir (Closes: #619416).
This value is set each run, and so varies between builds when
generating the configuration file. Exclude from the generated
output to prevent unnecessary differences between builds.
- $purge_session uses the same purge modes as $purge_build_deps and
$purge_build_directory, rather than a boolean value.
* buildd:
- Merge latest changes from buildd-0.61.0.
sbuild (0.62.1-1) unstable; urgency=high
* New release.
* Fixed security issue in the sbuild-schroot wrapper program which
did not enforce sbuild group membership in order to allow users
to access the chroots as user sbuild.
sbuild (0.62.0-1) unstable; urgency=low
* New release.
* debian/control:
- Build-Depend upon libexception-class-perl.
* sbuild:
- Resolvers:
+ 'apt' is now the default build dependency resolver. Users should
not see any significant changes compared with the old 'internal'
resolver. Please note that you may need to generate a GPG key
for the local archive created for dependency package
installation, if one does not already exist; see sbuild-update
(--keygen) for further details.
+ The 'internal' build dependency resolver is deprecated. It is
not recommended for future use, and will be removed once it is no
longer used by the buildd infrastructure. Please use the 'apt'
resolver as a drop-in replacement.
+ The 'aptitude' build dependency resolver will, unlike 'apt' and
'internal', consider alternative dependencies by default, rather
than only using the first alternative. This is intended to both
preserve backward compatibility, and make the 'aptitude'
resolver the preferred choice for more complex situations, such
as building for experimental.
+ The aptitude resolver can resolve complex dependencies, e.g.
A | B, where A is uninstallable now correctly falls back to B.
This is not the case for the internal or apt resolvers, which by
intent do not make use of alternatives (they use the first
alternative only. sbuild now has full support for resolving
alternatives, but this is not the default behaviour
(Closes: #403246). Please see #614807 for a proposed description
of autobuilder-imposed build dependency restrictions in Policy.
+ All build dependency resolvers run dpkg with --force-confold.
This means packages with modified conffiles in the chroot to not
cause build failure. This includes /etc/services and
/etc/protocols from netbase (Closes: #576508).
- Logging:
+ Long paths such as the chroot location and the build directory
inside the chroot are now filtered in the build log and replaced
with small, constant, abbreviations (Closes: #605763). This makes
the build logs comparable between builds with tools such as
diff(1).
+ Logging messages have been improved, and important messages are
now coloured when running interactively (does not affect log
files). Errors, warnings and informational messages are coloured
red, yellow and green, respectively. Build status is coloured
green for success and red for all failure conditions.
+ Build log mails are now compressed and mailed in MIME format by
default, together with a copy of the .changes file. The old
behaviour (plain mailing of uncompressed logs) may be restored by
setting $mime_build_log_mails=0 in the configuration, and
compression may also be disabled in the MIME mails by setting
$compress_build_log_mails=0. Note that it is no longer possible
to send compressed log mails unless MIME mailing is enabled.
Thanks to Philipp Kern for implementing this.
- Error handling:
+ In order to handle errors more robustly, the build code now has
initial support for exception handling. Normal operation will
not be affected, but fatal errors may be logged in a different
order than seen previously. Fatal errors will now be seen at the
end of the build log, which should make it easier to spot
problems.
+ sbuild now always cleans up fully when receiving a termination
signal such as SIGINT or SIGTERM. Note that you may need to wait
while the cleanup actions are performed, or the current task is
completed prior to initiating cleanup. When running
interactively, hitting Ctrl-C will sent SIGINT to the entire
process group; doing this while apt-get or aptitude are running
will potentially leave dpkg in an inconsistent state, so aborting
at this point is not recommended. Sending a SIGTERM to the
sbuild process will always work cleanly.
- General:
+ sbuild now performs an apt dist-upgrade at the start of each
build by default, rather than an upgrade. This is to reduce the
amount of manual administration required to keep chroots up to
date, and is not much more risky than upgrade in this context.
+ A new option, --keep-session, has been added (Closes: #609658).
This prevents the automatic removal of session-managed snapshot
chroots. Previously, snapshots would not be deleted if purging
of the build directory or build dependencies was disabled, but
this was not always desirable, hence it is now configurable
separately.
+ Internally, building and other actions in the chroot are
performed by the 'sbuild' system user, where previously the user
invoking sbuild would be used instead. The aim of this change is
to separate privileges to increase security and reduce the chance
of accidental or deliberate tampering of the build environment.
While the latter is not addressed by these changes, this will be
taken care of during future architectural changes.
+ The sbuild package build directory created inside the chroot now
has a reduced name length. It's now /build/packagename-XXXXXX
where XXXXXX are random characters. This helps reduce the chance
of hitting path length restrictions on some architectures,
particularly when using sockets.
* wanna-build:
- The wanna-build database has been removed entirely. This part of
the sbuild package was not used, and was not maintained for some
time. Users wishing to use wanna-build should investigate the
version in the wanna-build.git repository used by the Debian
autobuilding infrastructure. This version is actively maintained
and in continual use.
* sbuild.conf:
- sbuild.conf is now automatically generated from the help text and
defaults in the source code. This means that the examples will
always be syntactically correct, the help text will always be
current, and the defaults will always match the defaults in the
source code (Closes: #609932, #610995).
- Non-scalar (or reference) types are deprecated in sbuild.conf.
This is because it is not possible to tell the difference between
an empty and an undefined value. Values using array or hash
types should use the equivalent array reference or hash
reference, which have been supported for some time. The old
style array and hash values will remain supported for now, but
will be removed in a future release.
* buildd.conf:
- Automatically generated like sbuild.conf. As for sbuild.conf,
non-scalar types are deprecated.
* sbuild.conf.5:
- All of the allowed values in sbuild.conf are now documented in a
new sbuild.conf(5) manual page. Like sbuild.conf, this is
entirely generated from the source code, so will always match the
defaults for the same sbuild version.
* buildd.conf.5:
- New manual page. Like sbuild.conf(5), this documents all allowed
values.
sbuild (0.61.0-1) unstable; urgency=low
* sbuild:
- The apt and aptitude build dependency resolvers now use only the
first alternative in alternative dependencies. The other
alternatives are stripped out entirely. This makes the apt and
aptitude resolvers behave exactly like the internal resolver.
Note that this is configurable with the $resolve_alternatives
option, so alternative resolving may be re-enabled with this
option if desired. This is useful for e.g. backports, but not
for unstable where the strict consistency and reproducibility
offered by only using the first alternative is required.
- The aptitude resolver now runs dpkg with --force-confold, to
match the behaviour of internal and apt. This prevents failure
when installing netbase into the build chroot, for example.
sbuild (0.60.9-1ubuntu3) natty; urgency=low
* lib/Sbuild/Build.pm: work around Lucid issue that has diff listed in
build-essential instead of diffutils. This causes schroots that don't
have universe enabled to fail to install dependencies. (LP: #741897)
Date: Sun, 01 May 2011 16:55:16 +0200
Changed-By: Lorenzo De Liso <blackz at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Lorenzo De Liso <blackzldl at gmail.com>
https://launchpad.net/ubuntu/oneiric/+source/sbuild/0.62.2-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 01 May 2011 16:55:16 +0200
Source: sbuild
Binary: libsbuild-perl sbuild buildd
Architecture: source
Version: 0.62.2-1ubuntu1
Distribution: oneiric
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lorenzo De Liso <blackz at ubuntu.com>
Description:
buildd - Daemon for automatically building Debian binary packages from Deb
libsbuild-perl - Tool for building Debian binary packages from Debian sources
sbuild - Tool for building Debian binary packages from Debian sources
Closes: 403246 576508 605763 607228 609658 609932 610995 619002 619128 619288 619332 619416 619526 620112 620589 620758 620797
Launchpad-Bugs-Fixed: 741897
Changes:
sbuild (0.62.2-1ubuntu1) oneiric; urgency=low
.
* Merge from debian unstable, remaining changes:
- debian/patches/do-not-install-debfoster-into-chroots.patch:
do not install debfoster into the chroots because it is in universe and
not needed for package building itself.
- debian/patches/run-pre-build-hooks-as-root.patch:
run pre-build hooks as root (Closes: #607228)
* Now that the package uses a patch system, don't modify the files directly;
instead, put the changes in the respective patches and add the DEP-3
patch tagging guidelines to them.
.
sbuild (0.62.2-1) unstable; urgency=low
.
* New release.
* sbuild:
- New options --no-apt-clean, --no-apt-update, --no-apt-upgrade and
--no-apt-distupgrade have been added to allow these actions to be
disabled even when set as the default in the configuration.
- root is not required to be a member of the sbuild group in order
to run schroot via the sbuild-schroot wrapper
(Closes: #619128, #619002).
- Don't require HOME to be set in the environment (Closes: #619288).
- Work around broken build-essential on Ubuntu Lucid
(Closes: #619526). Thanks to Marc Deslauriers.
- --keep-session is replaced by
--purge-session=(always|successful|never). This will allow the
session to be purged for all, successful and no builds,
respectively (Closes: #619332).
- sources.list fragments stored in /etc/apt/sources.list.d have
0644 permissions, so that normal users can run apt-cache in the
chroot during a build (Closes: #620797). Thanks to Julian Andres
Klode for identifying this problem.
- Log filtering may be disabled using $log_filter = 0 in the
configuration (Closes: #620589). The replacement text is now
also surrounded with "«" and "»" so that strings such as CHROOT
and BUILDDIR can't be confused with any actual appearance of the
same string in the build log.
- Log colouring may be disabled using $log_colour = 0 in the
configuration.
- Improve binNMU handling to permit binNMUs for multiarch packages
(Closes: #620112). Currently, binary NMUs use the current date
in the new changelog entry, but co-installable packages require
an identical changelog. To avoid this, take the date from the
previous changelog entry to ensure the same date for all binNMUs.
Thanks to Anders Kaseorg for this patch.
- Abort early if maintainer is not defined when performing a binNMU
or appending a version suffix (Closes: #620758).
* sbuild.conf:
- Don't set a default value for $build_dir (Closes: #619416).
This value is set each run, and so varies between builds when
generating the configuration file. Exclude from the generated
output to prevent unnecessary differences between builds.
- $purge_session uses the same purge modes as $purge_build_deps and
$purge_build_directory, rather than a boolean value.
* buildd:
- Merge latest changes from buildd-0.61.0.
.
sbuild (0.62.1-1) unstable; urgency=high
.
* New release.
* Fixed security issue in the sbuild-schroot wrapper program which
did not enforce sbuild group membership in order to allow users
to access the chroots as user sbuild.
.
sbuild (0.62.0-1) unstable; urgency=low
.
* New release.
* debian/control:
- Build-Depend upon libexception-class-perl.
* sbuild:
- Resolvers:
+ 'apt' is now the default build dependency resolver. Users should
not see any significant changes compared with the old 'internal'
resolver. Please note that you may need to generate a GPG key
for the local archive created for dependency package
installation, if one does not already exist; see sbuild-update
(--keygen) for further details.
+ The 'internal' build dependency resolver is deprecated. It is
not recommended for future use, and will be removed once it is no
longer used by the buildd infrastructure. Please use the 'apt'
resolver as a drop-in replacement.
+ The 'aptitude' build dependency resolver will, unlike 'apt' and
'internal', consider alternative dependencies by default, rather
than only using the first alternative. This is intended to both
preserve backward compatibility, and make the 'aptitude'
resolver the preferred choice for more complex situations, such
as building for experimental.
+ The aptitude resolver can resolve complex dependencies, e.g.
A | B, where A is uninstallable now correctly falls back to B.
This is not the case for the internal or apt resolvers, which by
intent do not make use of alternatives (they use the first
alternative only. sbuild now has full support for resolving
alternatives, but this is not the default behaviour
(Closes: #403246). Please see #614807 for a proposed description
of autobuilder-imposed build dependency restrictions in Policy.
+ All build dependency resolvers run dpkg with --force-confold.
This means packages with modified conffiles in the chroot to not
cause build failure. This includes /etc/services and
/etc/protocols from netbase (Closes: #576508).
- Logging:
+ Long paths such as the chroot location and the build directory
inside the chroot are now filtered in the build log and replaced
with small, constant, abbreviations (Closes: #605763). This makes
the build logs comparable between builds with tools such as
diff(1).
+ Logging messages have been improved, and important messages are
now coloured when running interactively (does not affect log
files). Errors, warnings and informational messages are coloured
red, yellow and green, respectively. Build status is coloured
green for success and red for all failure conditions.
+ Build log mails are now compressed and mailed in MIME format by
default, together with a copy of the .changes file. The old
behaviour (plain mailing of uncompressed logs) may be restored by
setting $mime_build_log_mails=0 in the configuration, and
compression may also be disabled in the MIME mails by setting
$compress_build_log_mails=0. Note that it is no longer possible
to send compressed log mails unless MIME mailing is enabled.
Thanks to Philipp Kern for implementing this.
- Error handling:
+ In order to handle errors more robustly, the build code now has
initial support for exception handling. Normal operation will
not be affected, but fatal errors may be logged in a different
order than seen previously. Fatal errors will now be seen at the
end of the build log, which should make it easier to spot
problems.
+ sbuild now always cleans up fully when receiving a termination
signal such as SIGINT or SIGTERM. Note that you may need to wait
while the cleanup actions are performed, or the current task is
completed prior to initiating cleanup. When running
interactively, hitting Ctrl-C will sent SIGINT to the entire
process group; doing this while apt-get or aptitude are running
will potentially leave dpkg in an inconsistent state, so aborting
at this point is not recommended. Sending a SIGTERM to the
sbuild process will always work cleanly.
- General:
+ sbuild now performs an apt dist-upgrade at the start of each
build by default, rather than an upgrade. This is to reduce the
amount of manual administration required to keep chroots up to
date, and is not much more risky than upgrade in this context.
+ A new option, --keep-session, has been added (Closes: #609658).
This prevents the automatic removal of session-managed snapshot
chroots. Previously, snapshots would not be deleted if purging
of the build directory or build dependencies was disabled, but
this was not always desirable, hence it is now configurable
separately.
+ Internally, building and other actions in the chroot are
performed by the 'sbuild' system user, where previously the user
invoking sbuild would be used instead. The aim of this change is
to separate privileges to increase security and reduce the chance
of accidental or deliberate tampering of the build environment.
While the latter is not addressed by these changes, this will be
taken care of during future architectural changes.
+ The sbuild package build directory created inside the chroot now
has a reduced name length. It's now /build/packagename-XXXXXX
where XXXXXX are random characters. This helps reduce the chance
of hitting path length restrictions on some architectures,
particularly when using sockets.
* wanna-build:
- The wanna-build database has been removed entirely. This part of
the sbuild package was not used, and was not maintained for some
time. Users wishing to use wanna-build should investigate the
version in the wanna-build.git repository used by the Debian
autobuilding infrastructure. This version is actively maintained
and in continual use.
* sbuild.conf:
- sbuild.conf is now automatically generated from the help text and
defaults in the source code. This means that the examples will
always be syntactically correct, the help text will always be
current, and the defaults will always match the defaults in the
source code (Closes: #609932, #610995).
- Non-scalar (or reference) types are deprecated in sbuild.conf.
This is because it is not possible to tell the difference between
an empty and an undefined value. Values using array or hash
types should use the equivalent array reference or hash
reference, which have been supported for some time. The old
style array and hash values will remain supported for now, but
will be removed in a future release.
* buildd.conf:
- Automatically generated like sbuild.conf. As for sbuild.conf,
non-scalar types are deprecated.
* sbuild.conf.5:
- All of the allowed values in sbuild.conf are now documented in a
new sbuild.conf(5) manual page. Like sbuild.conf, this is
entirely generated from the source code, so will always match the
defaults for the same sbuild version.
* buildd.conf.5:
- New manual page. Like sbuild.conf(5), this documents all allowed
values.
.
sbuild (0.61.0-1) unstable; urgency=low
.
* sbuild:
- The apt and aptitude build dependency resolvers now use only the
first alternative in alternative dependencies. The other
alternatives are stripped out entirely. This makes the apt and
aptitude resolvers behave exactly like the internal resolver.
Note that this is configurable with the $resolve_alternatives
option, so alternative resolving may be re-enabled with this
option if desired. This is useful for e.g. backports, but not
for unstable where the strict consistency and reproducibility
offered by only using the first alternative is required.
- The aptitude resolver now runs dpkg with --force-confold, to
match the behaviour of internal and apt. This prevents failure
when installing netbase into the build chroot, for example.
.
sbuild (0.60.9-1ubuntu3) natty; urgency=low
.
* lib/Sbuild/Build.pm: work around Lucid issue that has diff listed in
build-essential instead of diffutils. This causes schroots that don't
have universe enabled to fail to install dependencies. (LP: #741897)
Checksums-Sha1:
470ef82ac9a451076eab0e9157809b5376704f93 1814 sbuild_0.62.2-1ubuntu1.dsc
d4cc410d1235521e08b9c99666ae58316230cf5f 543829 sbuild_0.62.2.orig.tar.gz
a1a7bd49ca5963532c8cb9b51826c7d1d4e676f2 54234 sbuild_0.62.2-1ubuntu1.debian.tar.gz
Checksums-Sha256:
86a3958ec75d50702ac913fb7eb14af3376eb0b9748a1a52744f87ded5ec103b 1814 sbuild_0.62.2-1ubuntu1.dsc
d8b745e694b1508c8584aefb60fc70743999d4967bcdfd0cdf916de452d30cfb 543829 sbuild_0.62.2.orig.tar.gz
ca0b144736fb6e1541629da2537caa886ae19e5238ecb3e22b1b261ea2bd1b7b 54234 sbuild_0.62.2-1ubuntu1.debian.tar.gz
Files:
e74c06c6d0c7308c18879b0728c887d7 1814 devel extra sbuild_0.62.2-1ubuntu1.dsc
cbd48939c95c749fb20bd0ec7c8010dd 543829 devel extra sbuild_0.62.2.orig.tar.gz
6928de489d4f0188a78685a32aac0949 54234 devel extra sbuild_0.62.2-1ubuntu1.debian.tar.gz
Original-Maintainer: Debian buildd-tools Developers <buildd-tools-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJNvX/zAAoJECG2nyCsu/UVUhQH/jkMnaW/V6ZUWY2wkk+c9A0T
z52z7azR2GZEigGNKnoppshOeBAz1zuo8gPtJavJIFI6KJw756lvkOMja1EAGwfR
zalnqPqs7hIWYQkVnzl2tOVdAHdp3bb715oT8QiatMCRQZ9p4TsR4T9IaKJ9Kk/A
bgQdzy4TfYHxjKHEqi+2RsUlB3jUTTjbjE/gSliPwB9tMfHZGM+82YEVvtRojoRW
qbOEwEzgEJB9pXVu3zYrbNijK0gfuhrVFwvAL/KZh7wtT3wPSJomTVk5+41qbCEx
iH6AzL5+o/dVvsHEhQw66BBOkcjSmudkA6PEgQrf3VNSAEJuiNgSgSSTDMPysig=
=Fsvk
-----END PGP SIGNATURE-----
More information about the Oneiric-changes
mailing list