| Index: src/scripts/dpkg_no_scripts.sh
|
| diff --git a/src/scripts/dpkg_no_scripts.sh b/src/scripts/dpkg_no_scripts.sh
|
| index 90dc377adc7d21bfd865cc9562b9486a80fea63f..c2cc7c345ee01008a225feed7eb581a9389e1342 100755
|
| --- a/src/scripts/dpkg_no_scripts.sh
|
| +++ b/src/scripts/dpkg_no_scripts.sh
|
| @@ -22,6 +22,8 @@
|
| # Flags
|
| DEFINE_string root "" \
|
| "The target rootfs directory in which to install packages."
|
| +DEFINE_boolean dpkg_fallback $FLAGS_TRUE \
|
| + "Run normal dpkg if maintainer scripts are not whitelisted."
|
| DEFINE_string status_fd "" \
|
| "The file descriptor to report status on; ignored."
|
| DEFINE_boolean unpack $FLAGS_FALSE "Is the action 'unpack'?"
|
| @@ -43,52 +45,144 @@ eval set -- "${FLAGS_ARGV}"
|
| # Die on any errors.
|
| set -e
|
|
|
| -if [ $FLAGS_configure -eq $FLAGS_TRUE ]; then
|
| - # We ignore configure requests.
|
| - exit 0
|
| -fi
|
| -if [ $FLAGS_remove -eq $FLAGS_TRUE ]; then
|
| - # We log but ignore remove requests.
|
| - echo "dpkg_no_scripts, remove: $@"
|
| - exit 0
|
| -fi
|
| -if [ $FLAGS_unpack -ne $FLAGS_TRUE ]; then
|
| - # Ignore unknown command line.
|
| - echo "Unexpected command line: $@"
|
| - exit 0
|
| -fi
|
| -if [ -z "$FLAGS_root" ]; then
|
| - echo "Missing root directory."
|
| - exit 0
|
| -fi
|
| +# Returns true if the input file is whitelisted.
|
| +#
|
| +# $1 - The file to check
|
| +is_whitelisted() {
|
| + local whitelist="${SRC_ROOT}/package_scripts/package.whitelist"
|
| + test -f "$whitelist" || return
|
|
|
| -DPKG_STATUS=""
|
| -if [ -d "$FLAGS_root/var/lib/dpkg" ]; then
|
| - DPKG_STATUS="$FLAGS_root/var/lib/dpkg/status"
|
| - DPKG_INFO="$FLAGS_root/var/lib/dpkg/info/"
|
| -fi
|
| + local checksum=$(md5sum "$1" | awk '{ print $1 }')
|
| + local count=$(grep -c "$checksum" "${whitelist}" || /bin/true)
|
| + test $count -ne 0
|
| +}
|
|
|
| -for p in "$@"; do
|
| - echo "Extracting $p"
|
| - dpkg-deb --extract "$p" "$FLAGS_root"
|
| +# Returns true if either of the two given files exist and are not whitelisted.
|
| +#
|
| +# $1 - The package name.
|
| +# $2 - The path to the preinst file if it were to exist.
|
| +# $3 - The path to the postinst file if it were to exist.
|
| +has_missing_whitelist() {
|
| + local package=$1
|
| + local preinst=$2
|
| + local postinst=$3
|
| + local missing_whitelist=0
|
| +
|
| + if [ -f "$preinst" ]; then
|
| + if ! is_whitelisted "$preinst"; then
|
| + missing_whitelist=1
|
| + echo "Warning: Missing whitelist entry for ${package}.preinst"
|
| + fi
|
| + fi
|
| + if [ -f "$postinst" ]; then
|
| + if ! is_whitelisted "$postinst"; then
|
| + missing_whitelist=1
|
| + echo "Warning: Missing whitelist entry for ${package}.postinst"
|
| + fi
|
| + fi
|
| + test $missing_whitelist -ne 0
|
| +}
|
|
|
| - if [ -n "$DPKG_STATUS" ]; then
|
| - TMPDIR=$(mktemp -d)
|
| - dpkg-deb --control "$p" "$TMPDIR"
|
| +do_configure() {
|
| + local dpkg_info="$FLAGS_root/var/lib/dpkg/info/"
|
| + local fallback_packages=""
|
| +
|
| + for p in "$@"; do
|
| + echo "Configuring: $p"
|
| +
|
| + # Make sure that any .preinst or .postinst files are whitelisted.
|
| + local preinst="${dpkg_info}/${p}.preinst"
|
| + local postinst="${dpkg_info}/${p}.postinst"
|
| + if has_missing_whitelist "$p" "$preinst" "$postinst"; then
|
| + if [ $FLAGS_dpkg_fallback -eq $FLAGS_TRUE ]; then
|
| + echo "** Warning: Will run full maintainer scripts for ${p}."
|
| + fallback_packages="$fallback_packages $p"
|
| + continue
|
| + else
|
| + # TODO: Eventually should be upgraded to a full error.
|
| + echo "** Warning: Ignoring missing whitelist for ${p}."
|
| + fi
|
| + fi
|
| +
|
| + # Run our maintainer script for this package if we have one.
|
| + local chromium_postinst="${SRC_ROOT}/package_scripts/${p}.postinst"
|
| + if [ -f "$chromium_postinst" ]; then
|
| + echo "Running: $chromium_postinst"
|
| + ROOT="$FLAGS_root" SRC_ROOT="$SRC_ROOT" sh -x $chromium_postinst
|
| + fi
|
| + done
|
| +
|
| + if [ -n "$fallback_packages" ]; then
|
| + dpkg --root="$FLAGS_root" --configure $fallback_packages
|
| + fi
|
| +}
|
| +
|
| +do_unpack() {
|
| + local dpkg_status="$FLAGS_root/var/lib/dpkg/status"
|
| + local dpkg_info="$FLAGS_root/var/lib/dpkg/info/"
|
| +
|
| + for p in "$@"; do
|
| + local package=$(dpkg-deb --field "$p" Package)
|
| + local tmpdir=$(mktemp -d)
|
| +
|
| + dpkg-deb --control "$p" "$tmpdir"
|
| +
|
| + local preinst="${tmpdir}/preinst"
|
| + local postinst="${tmpdir}/postinst"
|
| + if has_missing_whitelist "$package" "$preinst" "$postinst"; then
|
| + if [ $FLAGS_dpkg_fallback -eq $FLAGS_TRUE ]; then
|
| + echo "** Warning: Running full maintainer scripts for ${package}."
|
| + dpkg --root="$FLAGS_root" --unpack --auto-deconfigure "$p"
|
| + rm -rf "$tmpdir"
|
| + continue
|
| + else
|
| + # TODO: Eventually should be upgraded to a full error.
|
| + echo "** Warning: Ignoring missing whitelist for ${p}."
|
| + fi
|
| + fi
|
|
|
| # Copy the info files
|
| - PACKAGE=$(dpkg-deb --field "$p" Package)
|
| - FILES=$(ls "$TMPDIR" | grep -v control)
|
| - for f in $FILES; do
|
| - cp "${TMPDIR}/$f" "${DPKG_INFO}/$PACKAGE.$f"
|
| + local files=$(ls "$tmpdir" | grep -v control)
|
| + for f in $files; do
|
| + cp "${tmpdir}/${f}" "${dpkg_info}/${package}.${f}"
|
| done
|
| - touch "${DPKG_INFO}/$PACKAGE.list"
|
| + touch "${dpkg_info}/${package}.list" # TODO: Proper .list files.
|
|
|
| # Mark the package as installed successfully.
|
| - echo "Status: install ok installed" >> "$DPKG_STATUS"
|
| - cat "${TMPDIR}/control" >> "$DPKG_STATUS"
|
| - echo "" >> "$DPKG_STATUS"
|
| + echo "Status: install ok installed" >> "$dpkg_status"
|
| + cat "${tmpdir}/control" >> "$dpkg_status"
|
| + echo "" >> "$dpkg_status"
|
|
|
| - rm -rf "$TMPDIR"
|
| - fi
|
| -done
|
| + rm -rf "$tmpdir"
|
| +
|
| + # Run our maintainer script for this package if we have one.
|
| + local chromium_postinst="${SRC_ROOT}/package_scripts/${package}.preinst"
|
| + if [ -f "$chromium_preinst" ]; then
|
| + echo "Running: ${chromium_preinst}"
|
| + ROOT="$FLAGS_root" SRC_ROOT="$SRC_ROOT" $chromium_preinst
|
| + fi
|
| +
|
| + echo "Unpacking: $p"
|
| + dpkg-deb --extract "$p" "$FLAGS_root"
|
| + done
|
| +}
|
| +
|
| +# This script requires at least "--root="
|
| +if [ -z "$FLAGS_root" ]; then
|
| + echo "dpkg_no_scripts: Missing root directory."
|
| + exit 1
|
| +fi
|
| +
|
| +if [ $FLAGS_configure -eq $FLAGS_TRUE ]; then
|
| + do_configure $@
|
| +elif [ $FLAGS_unpack -eq $FLAGS_TRUE ]; then
|
| + do_unpack $@
|
| +elif [ $FLAGS_remove -eq $FLAGS_TRUE ]; then
|
| + # We log but ignore remove requests.
|
| + echo "Ignoring remove: $@"
|
| +else
|
| + echo "dpkg_no_scripts.sh: Unknown or missing command."
|
| + exit 1
|
| +fi
|
| +
|
| +exit 0
|
|
|
Chromium Code Reviews
Issue 549017:
Always use our dpkg wrapper when mastering an image. (Closed)
