debian: use real apt repo for qubes packages installation

2014-07-26 04:33:49 +02:00 · 2014-07-26 04:33:49 +02:00 · 290a8a65f8
commit 290a8a65f8
parent 68b7313f8d
4 changed files with 42 additions and 7 deletions
--- a/scripts_debian/04_install_qubes.sh
+++ b/scripts_debian/04_install_qubes.sh
@ -30,13 +30,38 @@ xen /proc/xen xenfs defaults 0 0
 EOF

 echo "--> Installing qubes packages"
-export CUSTOMREPO="$PWD/yum_repo_qubes/debian"
-mkdir -p $INSTALLDIR/tmp/qubesdebs
-find $CUSTOMREPO/apt -name '*.deb' -exec cp -t $INSTALLDIR/tmp/qubesdebs '{}' \;
-chroot $INSTALLDIR /bin/sh -c 'dpkg -i /tmp/qubesdebs/*.deb'
-rm -rf $INSTALLDIR/tmp/qubesdebs
-# Install dependencies for qubes packages
-chroot $INSTALLDIR apt-get -f -y install
+export CUSTOMREPO="$PWD/yum_repo_qubes/$DIST/apt"
+
+if ! [ -e $CACHEDIR/repo-secring.gpg ]; then
+    mkdir -p $CACHEDIR
+    gpg --gen-key --batch <<EOF
+Key-Type: RSA
+Key-Length: 1024
+Key-Usage: sign
+Name-Real: Qubes builder
+Expire-Date: 0
+%pubring $CACHEDIR/repo-pubring.gpg
+%secring $CACHEDIR/repo-secring.gpg
+%commit
+EOF
+fi
+gpg -abs --no-default-keyring \
+        --secret-keyring $CACHEDIR/repo-secring.gpg \
+        --keyring $CACHEDIR/repo-pubring.gpg \
+        -o $CUSTOMREPO/dists/$DIST/Release.gpg \
+        $CUSTOMREPO/dists/$DIST/Release
+
+mkdir -p $INSTALLDIR/tmp/qubes_repo
+mount --bind $CUSTOMREPO $INSTALLDIR/tmp/qubes_repo
+cat > $INSTALLDIR/etc/apt/sources.list.d/qubes-builder.list <<EOF
+deb file:/tmp/qubes_repo $DEBIANVERSION main
+EOF
+cp $CACHEDIR/repo-pubring.gpg $INSTALLDIR/etc/apt/trusted.gpg.d/qubes-builder.gpg
+chroot $INSTALLDIR apt-get update || { umount $INSTALLDIR/tmp/qubes_repo; exit 1; }
+chroot $INSTALLDIR apt-get -y install `cat $SCRIPTSDIR/packages_qubes.list` || { umount $INSTALLDIR/tmp/qubes_repo; exit 1; }
+umount $INSTALLDIR/tmp/qubes_repo
+rm -f $INSTALLDIR/etc/apt/sources.list.d/qubes-builder.list
+chroot $INSTALLDIR apt-get update || exit 1

 # Remove temporary policy layer so services can start normally in the
 # deployed template.
--- a/scripts_debian/09_cleanup.sh
+++ b/scripts_debian/09_cleanup.sh
@ -3,5 +3,8 @@

 rm -f $INSTALLDIR/var/cache/apt/archives/*

+rm -f $INSTALLDIR/etc/apt/sources.list.d/qubes-builder.list
+rm -f $INSTALLDIR/etc/apt/trusted.gpg.d/qubes-builder.gpg
+
 rm -rf buildchroot

--- a/scripts_debian/packages_qubes.list
+++ b/scripts_debian/packages_qubes.list
@ -0,0 +1,2 @@
+qubes-core-agent
+qubes-gui-agent
--- a/yum_repo_qubes/.gitignore
+++ b/yum_repo_qubes/.gitignore
@ -1,2 +1,7 @@
 fc*
 archlinux*
+jessie
+wheezy
+squeeze
+sid
+