]> git.ipfire.org Git - thirdparty/mkosi.git/commitdiff
Stop using sandbox tree to shovel out list of essential packages
authorDaan De Meyer <daan.j.demeyer@gmail.com>
Fri, 6 Sep 2024 12:01:16 +0000 (14:01 +0200)
committerDaan De Meyer <daan.j.demeyer@gmail.com>
Mon, 9 Sep 2024 16:15:23 +0000 (18:15 +0200)
We don't want to persist changes to the sandbox tree so in preparation
for that let's stop using the sandbox tree as a channel to shovel out
the list of essential packages when building debian images.

mkosi/distributions/debian.py
mkosi/installer/__init__.py
mkosi/installer/apt.py

index a90455e2d1c709a179fd5ba498eda9ada9c373d2..4b1d029e1a30e5da0565879de9498710c3d4cb9c 100644 (file)
@@ -134,21 +134,21 @@ class Installer(DistributionInstaller):
         # By configuring Debug::pkgDpkgPm=1, apt-get install will not actually execute any dpkg commands, so
         # all it does is download the essential debs and tell us their full in the apt cache without actually
         # installing them.
-        Apt.invoke(
-            context,
-            "install",
-            [
-                "-oDebug::pkgDPkgPm=1",
-                # context.sandbox_tree is always mounted writable to /etc so let's use that as a channel to get the
-                # list of essential packages out of the sandbox.
-                "-oDPkg::Pre-Install-Pkgs::=cat >/etc/apt/essential",
-                "?essential",
-                "?exact-name(usr-is-merged)",
-                "base-files",
-            ],
-        )
+        with tempfile.NamedTemporaryFile(mode="r") as f:
+            Apt.invoke(
+                context,
+                "install",
+                [
+                    "-oDebug::pkgDPkgPm=1",
+                    f"-oDPkg::Pre-Install-Pkgs::=cat >{f.name}",
+                    "?essential",
+                    "?exact-name(usr-is-merged)",
+                    "base-files",
+                ],
+                options=["--bind", f.name, f.name],
+            )
 
-        essential = (context.sandbox_tree / "etc/apt/essential").read_text().strip().splitlines()
+            essential = f.read().strip().splitlines()
 
         # Now, extract the debs to the chroot by first extracting the sources tar file out of the deb and
         # then extracting the tar file into the chroot.
index fca89e20ac9572b7449c3c846b72fd858423e6ed..47914ddae3b65e2bd22fb2510758b0f00dbe8ff0 100644 (file)
@@ -1,5 +1,6 @@
 # SPDX-License-Identifier: LGPL-2.1-or-later
 
+from collections.abc import Sequence
 from contextlib import AbstractContextManager
 from pathlib import Path
 
@@ -125,7 +126,13 @@ class PackageManager:
         ]
 
     @classmethod
-    def sandbox(cls, context: Context, *, apivfs: bool) -> AbstractContextManager[list[PathString]]:
+    def sandbox(
+        cls,
+        context: Context,
+        *,
+        apivfs: bool,
+        options: Sequence[PathString] = (),
+    ) -> AbstractContextManager[list[PathString]]:
         return context.sandbox(
             binary=cls.executable(context.config),
             network=True,
@@ -133,6 +140,7 @@ class PackageManager:
                 "--bind", context.root, "/buildroot",
                 *cls.mounts(context),
                 *cls.options(root=context.root, apivfs=apivfs),
+                *options,
             ],
         )
 
index a111dd25bc538494911e4441e8c73192a0013826..c7c983f993f8bdcf648713f35e5904bddb3bc6de 100644 (file)
@@ -209,11 +209,12 @@ class Apt(PackageManager):
         arguments: Sequence[str] = (),
         *,
         apivfs: bool = False,
+        options: Sequence[PathString] = (),
         stdout: _FILE = None,
     ) -> CompletedProcess:
         return run(
             cls.cmd(context) + [operation, *arguments],
-            sandbox=cls.sandbox(context, apivfs=apivfs),
+            sandbox=cls.sandbox(context, apivfs=apivfs, options=options),
             env=cls.finalize_environment(context),
             stdout=stdout,
         )