The `ipkg-build` script converts a folder into a `opkg` installable
package. Until now it would use root:root for all packages and try to
preserve file modes.
This has the two drawbacks of packages want to add non-root files or add
SUID files, like the `sudo` package does.
To give more flexibility regarding file modes and avoid init script
hacks, a new variable called `PKG_FILE_MODES`. The variable contains a
list of files modes in the format `path:owner:group:mode`.
An example for the `sudo` package below:
```
PKG_FILE_MODES:=\
/usr/bin/sudo:root:root:4755 \
/etc/sudoers:root:root:0440
```
The `ipkg-build` now runs within a fakeroot environment to set any mode
and directly store it in the resulting `ipk` package archive.
Both options `-o` and `-g` are no longer required due to the introduction
of the more flexible `-m` options, which takes the `PKG_FILE_MODES` as
input.
Lastly the option `-c` is removed as it's unused within the script.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Fix shellcheck SC2230
> which is non-standard. Use builtin 'command -v' instead.
Using `command -v` is POSIX compliant while `which` is not. Also to
mention, `command -v` is a shell builtin whereas `which` is a separate
busybox applet.
Once applied to everything concerning OpenWrt we can disable the busybox
feature `which` and save 3.8kB.
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[also replace cases in zram-swap]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When the SOURCE_DATE_EPOCH environment variable is set, use it to
override the timestamps of .ipk archive contents.
This ensures that .ipk archives built in environments without SCM
metadata (mainly the SDK) are reproducible between different runs.
Ref: https://github.com/openwrt/packages/issues/6954
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When Package/xx/conffiles only contains directories that are empty at
package time, conffiles.resolved will be missing and the following
error messages will appear in the build log.
/home/yousong/git-repo/openwrt/openwrt/scripts/ipkg-build -c -o 0 -g 0 /home/yousong/git-repo/openwrt/openwrt/build_dir/target-mips_24kc_musl/linux-malta_be/openvswitch-2.10.0/ipkg-mips_24kc/openvswitch-common /home/yousong/git-repo/openwrt/openwrt/bin/packages/mips_24kc/packages
mv: cannot stat 'CONTROL/conffiles.resolved': No such file or directory
chmod: cannot access 'CONTROL/conffiles': No such file or directory
It will not break the ipkg-build process. The change is merely cosmetic
to not cause confusion when reading logs
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Move the "which svn" and "which git" calls next to the timestamp commands
using those tools to not prematurely fail on systems where svn or git are
not present.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
According to gzip 1.7 release note:
The GZIP environment variable is now obsolescent; gzip now warns if
it is used, and rejects attempts to use dangerous options or operands.
You can use an alias or script instead.
Fix this warning by using pipe instead
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
several packages reported different file order between builds
make binutils, kmod-sched reproducible
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
SVN-Revision: 46859
As a follow-up to r46026, this commit sets the modification
times of files inside the tarballs to deterministic values.
It uses the date of the last git or svn commit and falls
back to the old behavior if those are not available.
Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
SVN-Revision: 46360
When creating control.tar.gz, data.tar.gz and $package.ipk
tar compresses them with default gzip options.
This includes build timestamps in their gzip headers.
By setting the GZIP env variable to -n, gzip no longer embeds
them, which is a step towards reproducibility.
See also [1] for more detailed motivations.
[1]: https://wiki.debian.org/ReproducibleBuilds/About
Signed-off-by: Reiner Herrmann <reiner@reiner-h.de>
SVN-Revision: 46026