From: Tobias Brunner Date: Tue, 8 Dec 2015 14:22:15 +0000 (+0100) Subject: testing: Install packages like the FIPS-enabled OpenSSL from a custom apt repo X-Git-Tag: 5.5.0dr1~17^2~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f565f954a76d395b378d2c82d75f8636a4978a5a;p=thirdparty%2Fstrongswan.git testing: Install packages like the FIPS-enabled OpenSSL from a custom apt repo --- diff --git a/testing/scripts/build-baseimage b/testing/scripts/build-baseimage index 76e4e81327..3ad836bdd2 100755 --- a/testing/scripts/build-baseimage +++ b/testing/scripts/build-baseimage @@ -19,7 +19,7 @@ INC=$INC,openssl,vim,sqlite3,conntrack,gdb,cmake,libltdl-dev,liblog4cxx10-dev INC=$INC,libboost-thread-dev,libboost-system-dev,git-core,iperf,htop,screen INC=$INC,gnat,gprbuild,acpid,acpi-support-base,libldns-dev,libunbound-dev INC=$INC,dnsutils,hostapd,libsoup2.4-dev,ca-certificates,unzip -INC=$INC,python,python-setuptools,python-dev,python-pip +INC=$INC,python,python-setuptools,python-dev,python-pip,apt-transport-https INC=$INC,libjson0-dev,libxslt1-dev,libapache2-mod-wsgi,iptables-dev case "$BASEIMGSUITE" in wheezy) @@ -86,6 +86,30 @@ execute "debootstrap --arch=$BASEIMGARCH --include=$INC $BASEIMGSUITE $LOOPDIR $ execute "mount -t proc none $LOOPDIR/proc" 0 do_on_exit graceful_umount $LOOPDIR/proc +log_action "Downloading signing key for custom apt repo" +execute_chroot "wget -q $BASEIMGEXTKEY -O /tmp/key" +log_action "Installing signing key for custom apt repo" +execute_chroot "apt-key add /tmp/key" + +log_action "Enabling custom apt repo" +cat > $LOOPDIR/etc/apt/sources.list.d/strongswan.list << EOF +deb $BASEIMGEXTREPO $BASEIMGSUITE main +EOF +log_status $? + +log_action "Prioritize custom apt repo" +cat > $LOOPDIR/etc/apt/preferences.d/strongswan.pref << EOF +Package: * +Pin: origin "$BASEIMGEXTREPOHOST" +Pin-Priority: 1001 +EOF +log_status $? + +log_action "Update package sources" +execute_chroot "apt-get update" +log_action "Install packages from custom repo" +execute_chroot "apt-get -y upgrade" + for service in $SERVICES do log_action "Disabling service $service" diff --git a/testing/scripts/recipes/012_openssl.mk b/testing/scripts/recipes/012_openssl.mk deleted file mode 100644 index 16aec239df..0000000000 --- a/testing/scripts/recipes/012_openssl.mk +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/make - -PV = 1.0.1e -PKG = openssl-$(PV) -SRC = http://download.strongswan.org/testing/openssl-fips/ - -all: install - -$(PKG): - wget -r $(SRC) --no-directories --directory-prefix $(PKG) --accept deb --no-parent - -install: $(PKG) - cd $(PKG) && dpkg -i *.deb diff --git a/testing/testing.conf b/testing/testing.conf index b23cd50ee7..0abebe7a96 100644 --- a/testing/testing.conf +++ b/testing/testing.conf @@ -53,6 +53,9 @@ fi : ${BASEIMGARCH=amd64} : ${BASEIMG=$IMGDIR/debian-$BASEIMGSUITE-$BASEIMGARCH.$IMGEXT} : ${BASEIMGMIRROR=http://http.debian.net/debian} +: ${BASEIMGEXTREPOHOST=download.strongswan.org} +: ${BASEIMGEXTKEY=https://$BASEIMGEXTREPOHOST/testing/repos/strongswan-testing.gpg.key} +: ${BASEIMGEXTREPO=https://$BASEIMGEXTREPOHOST/testing/repos/apt/debian} # Directory shared between host and guests : ${SHAREDDIR=$BUILDDIR/shared/$BASEIMGSUITE}