Merge pull request #44 from terceiro/debian-ports

lxc-debian: support debian-ports architectures

configure.ac

@@ -214,7 +214,9 @@ AC_CONFIG_FILES([
 	templates/lxc-sparclinux
 	templates/lxc-voidlinux
 	templates/lxc-sabayon
-])
+	],
+	if test "${ac_file##templates/lxc-}" != "${ac_file}"; then chmod +x $ac_file; fi
+)
 AC_CONFIG_COMMANDS([default],[[]],[[]])
 AC_OUTPUT
 

templates/lxc-debian.in

@@ -36,12 +36,17 @@ done
 export PATH=$PATH:/usr/sbin:/usr/bin:/sbin:/bin
 export GREP_OPTIONS=""
 
-MIRROR=${MIRROR:-http://deb.debian.org/debian}
+DEBIAN_MIRROR=http://deb.debian.org/debian
+DEBIAN_PORTS_MIRROR=${MIRROR:-http://deb.debian.org/debian-ports}
+MIRROR=${MIRROR:-${DEBIAN_MIRROR}}
 SECURITY_MIRROR=${SECURITY_MIRROR:-http://security.debian.org/}
 LOCALSTATEDIR="@LOCALSTATEDIR@"
 LXC_TEMPLATE_CONFIG="@LXCTEMPLATECONFIG@"
 # Allows the lxc-cache directory to be set by environment variable
 LXC_CACHE_PATH=${LXC_CACHE_PATH:-"$LOCALSTATEDIR/cache/lxc"}
+DEBIAN_ARCHIVE_KEYRING=/usr/share/keyrings/debian-archive-keyring.gpg
+DEBIAN_PORTS_ARCHIVE_KEYRING=/usr/share/keyrings/debian-ports-archive-keyring.gpg
+KEYRING=${KEYRING:-${DEBIAN_ARCHIVE_KEYRING}}
 DOWNLOAD_KEYRING=${DOWNLOAD_KEYRING:-1}
 
 find_interpreter()
@@ -264,7 +269,7 @@ install_packages()
     local packages="$*"
 
     if [ -n "${packages}" ] && apt_update_packages; then
-        chroot "${rootfs}" apt-get install --force-yes -y --no-install-recommends ${packages}
+        chroot "${rootfs}" apt-get install -y --no-install-recommends ${packages}
     elif [ -n "${packages}" ]; then
         echo "Apt update failed, not downloading packages"
     fi
@@ -387,13 +392,13 @@ apt-transport-https
     mkdir -p "$cache"
 
     # If debian-archive-keyring isn't installed, fetch GPG keys directly
-    releasekeyring=/usr/share/keyrings/debian-archive-keyring.gpg
+    releasekeyring=${KEYRING}
     lreleasekeyring=/etc/apt/trusted.gpg.d/debian-archive-$release-stable.gpg
     if [ -f "$releasekeyring" ]; then
         apt_gpg_opt="--keyring=${releasekeyring}"
     elif [ -f "$lreleasekeyring" ]; then
         apt_gpg_opt="--keyring=${lreleasekeyring}"
-    elif [ "$DOWNLOAD_KEYRING" = 1 ]; then 
+    elif [ ${releasekeyring}" = "${DEBIAN_ARCHIVE_KEYRING} -a "$DOWNLOAD_KEYRING" = 1 ]; then
         [ ! -d "/etc/apt/trusted.gpg.d" ] && lreleasekeyring="$cache/archive-key.gpg"
         if [[ "$(id -u)" == "0" ]]; then
             case $release in
@@ -609,6 +614,13 @@ EOF
         write_sourceslist "${rootfs}" "${release}"
     fi
 
+    # Copy non-standard keyring inside rootfs
+    local extra_keyring
+    extra_keyring="${rootfs}/etc/apt/trusted.gpg.d/lxc-create-$(basename "${KEYRING}")"
+    if [ "${KEYRING}" != "${DEBIAN_ARCHIVE_KEYRING}" ]; then
+      cp "${KEYRING}" "${extra_keyring}"
+    fi
+
     # Install Packages in container
     if [ -n "${packages}" ]; then
         local pack_list
@@ -660,6 +672,7 @@ Template specific options can be passed to lxc-create after a '--' like this:
 
 Usage: $1 -h|--help -p|--path=<path> [-c|--clean] [-a|--arch=<arch>] [-r|--release=<release>]
                                      [--mirror=<mirror>] [--security-mirror=<security mirror>]
+                                     [--keyring=<keyring>]
                                      [--package=<package_name1,package_name2,...>]
                                      [-I|--interpreter-path=<interpreter path>]
                                      [-F | --flush-cache] [-S|--auth-key=<keyfile>]
@@ -675,6 +688,8 @@ Options :
                          Defaults to current stable.
   --mirror=MIRROR        Debian mirror to use during installation. Overrides the MIRROR
                          environment variable (see below).
+  --keyring=KEYRING      GPG keyring to authenticate the repository against.
+                         Overrides the KEYRING environment variable (see below).
   --security-mirror=SECURITY_MIRROR
                          Debian mirror to use for security updates. Overrides the
                          SECURITY_MIRROR environment variable (see below).
@@ -692,6 +707,7 @@ Environment variables:
                          Defaults to '$MIRROR'
   SECURITY_MIRROR        The Debian package security mirror to use. See also the --security-mirror switch above.
                          Defaults to '$SECURITY_MIRROR'
+  KEYRING                Defaults to '$DEBIAN_ARCHIVE_KEYRING'
   DOWNLOAD_KEYRING       Sets whether to download keyring when missing or ignore keyring checks
                          Defaults to 1
 
@@ -699,7 +715,7 @@ EOF
     return 0
 }
 
-options=$(getopt -o hp:n:a:r:cI:FS: -l arch:,auth-key:,clean,help,enable-non-free,mirror:,name:,packages:,path:,release:,rootfs:,security-mirror:,interpreter-path:,flush-cache -- "$@")
+options=$(getopt -o hp:n:a:r:cI:FS: -l arch:,auth-key:,clean,help,enable-non-free,mirror:keyring:,name:,packages:,path:,release:,rootfs:,security-mirror:,interpreter-path:,flush-cache -- "$@")
 if [ $? -ne 0 ]; then
         usage "$(basename "$0")"
         exit 1
@@ -727,6 +743,7 @@ elif [ "$arch" = "mips64" -a "$littleendian" = "yes" ]; then
     arch="mips64el"
 fi
 hostarch=$arch
+packages=
 mainonly=1
 flushcache=0
 
@@ -743,6 +760,7 @@ do
         -c|--clean)           clean=1; shift 1;;
            --enable-non-free) mainonly=0; shift 1;;
            --mirror)          MIRROR=$2; shift 2;;
+           --keyring)         KEYRING=$2; shift 2;;
         -n|--name)            name=$2; shift 2;;
            --packages)        packages=$2; shift 2;;
         -p|--path)            path=$2; shift 2;;
@@ -767,6 +785,21 @@ if [ "$arch" = "x86_64" ]; then
     arch=amd64
 fi
 
+
+testing_release_file=${DEBIAN_MIRROR}/dists/testing/main/binary-${arch}/Release
+if ! wget -q -O /dev/null "${testing_release_file}"; then
+  echo "${arch} does not look like a release architecture, trying debian ports"
+  # non-release architecture; assume debian-ports architecture
+  if [ "${MIRROR}" = "${DEBIAN_MIRROR}" ]; then
+    MIRROR="${DEBIAN_PORTS_MIRROR}"
+  fi
+  if [ "${KEYRING}" = "${DEBIAN_ARCHIVE_KEYRING}" ]; then
+    KEYRING="${DEBIAN_PORTS_ARCHIVE_KEYRING}"
+  fi
+  packages="debian-ports-archive-keyring,${packages}"
+  release="${release:-unstable}"
+fi
+
 if [ "$interpreter" = "" ] ; then
     if [ $hostarch = "i386" -a $arch = "amd64" ]; then
         echo "can't create $arch container on $hostarch"