1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
|
#!/usr/bin/make -f
# -*- makefile -*-
#export DH_VERBOSE=1
export DH_OPTIONS
export DH_GOPKG := github.com/snapcore/snapd
#export DEB_BUILD_OPTIONS=nocheck
export DH_GOLANG_EXCLUDES=tests
export DH_GOLANG_GO_GENERATE=1
export PATH:=${PATH}:${CURDIR}
# make sure that correct go version is found on trusty
export PATH:=/usr/lib/go-1.6/bin:${PATH}
include /etc/os-release
SYSTEMD_UNITS_DESTDIR=
ifeq (${VERSION_ID},"14.04")
# We are relying on a deputy systemd setup for trusty,
# in which systemd does not run as PID 1. To solve the
# problem of services shipping systemd units and upstart jobs
# being started twice, we altered systemd on trusty to ignore
# /lib/systemd/system and instead consider only selected units from
# /lib/systemd/upstart.
SYSTEMD_UNITS_DESTDIR="lib/systemd/upstart/"
# make sure that trusty's golang-1.6 is picked up correctly.
export PATH:=/usr/lib/go-1.6/bin:${PATH}
else
SYSTEMD_UNITS_DESTDIR="lib/systemd/system/"
endif
# The go tool does not fully support vendoring with gccgo, but we can
# work around that by constructing the appropriate -I flag by hand.
GCCGO := $(shell go tool dist env > /dev/null 2>&1 && echo no || echo yes)
BUILDFLAGS:=-buildmode=pie -pkgdir=$(CURDIR)/_build/std
GCCGOFLAGS=
ifeq ($(GCCGO),yes)
GOARCH := $(shell go env GOARCH)
GOOS := $(shell go env GOOS)
BUILDFLAGS:=
GCCGOFLAGS=-gccgoflags="-I $(CURDIR)/_build/pkg/gccgo_$(GOOS)_$(GOARCH)/$(DH_GOPKG)/vendor"
export DH_GOLANG_GO_GENERATE=0
endif
# check if we need to include the testkeys in the binary
TAGS=
ifneq (,$(filter testkeys,$(DEB_BUILD_OPTIONS)))
TAGS=-tags withtestkeys
endif
# export DEB_BUILD_MAINT_OPTIONS = hardening=+all
# DPKG_EXPORT_BUILDFLAGS = 1
# include /usr/share/dpkg/buildflags.mk
# Currently, we enable confinement for Ubuntu only, not for derivatives,
# because derivatives may have different kernels that don't support all the
# required confinement features and we don't to mislead anyone about the
# security of the system. Discuss a proper approach to this for downstreams
# if and when they approach us
ifeq ($(shell dpkg-vendor --query Vendor),Ubuntu)
VENDOR_ARGS=--enable-nvidia-ubuntu
else
VENDOR_ARGS=--disable-apparmor
endif
%:
dh $@ --buildsystem=golang --with=golang --fail-missing --with systemd --builddirectory=_build
override_dh_fixperms:
dh_fixperms -Xusr/lib/snapd/snap-confine
override_dh_installdeb:
dh_apparmor --profile-name=usr.lib.snapd.snap-confine -psnap-confine
dh_installdeb
override_dh_clean:
ifneq (,$(TEST_GITHUB_AUTOPKGTEST))
# this will be set by the GITHUB webhook to trigger a autopkgtest
# we only need to run "govendor sync" here and then its ready
(export GOPATH="/tmp/go"; \
mkdir -p $$GOPATH/src/github.com/snapcore/; \
cp -ar . $$GOPATH/src/github.com/snapcore/snapd; \
go get -u github.com/kardianos/govendor; \
(cd $$GOPATH/src/github.com/snapcore/snapd ; $$GOPATH/bin/govendor sync); \
cp -ar $$GOPATH/src/github.com/snapcore/snapd/vendor/ .; \
)
endif
dh_clean
# XXX: hacky
$(MAKE) -C cmd distclean || true
override_dh_auto_build:
# usually done via `go generate` but that is not supported on powerpc
./mkversion.sh
# Build golang bits
mkdir -p _build/src/$(DH_GOPKG)/cmd/snap/test-data
cp -a cmd/snap/test-data/*.gpg _build/src/$(DH_GOPKG)/cmd/snap/test-data/
dh_auto_build -- $(BUILDFLAGS) $(TAGS) $(GCCGOFLAGS)
# Build C bits, sadly manually
cd cmd && ( autoreconf -i -f )
cd cmd && ( ./configure --prefix=/usr --libexecdir=/usr/lib/snapd $(VENDOR_ARGS))
$(MAKE) -C cmd all
override_dh_auto_test:
dh_auto_test -- $(GCCGOFLAGS)
# a tested default (production) build should have no test keys
ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
# check that only the main trusted account-key is included
[ $$(strings _build/bin/snapd|grep -c -E "public-key-sha3-384: [a-zA-Z0-9_-]{64}") -eq 1 ]
strings _build/bin/snapd|grep -c "^public-key-sha3-384: -CvQKAwRQ5h3Ffn10FILJoEZUXOv6km9FwA80-Rcj-f-6jadQ89VRswHNiEB9Lxk$$"
endif
ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
# run the snap-confine tests
$(MAKE) -C cmd check
endif
override_dh_systemd_enable:
# enable auto-import
dh_systemd_enable \
-psnapd \
snapd.autoimport.service
# we want the auto-update timer enabled by default
dh_systemd_enable \
-psnapd \
snapd.refresh.timer
# but the auto-update service disabled
dh_systemd_enable \
--no-enable \
-psnapd \
snapd.refresh.service
# enable snapd
dh_systemd_enable \
-psnapd \
snapd.socket
dh_systemd_enable \
-psnapd \
snapd.service
override_dh_systemd_start:
# we want to start the auto-update timer
dh_systemd_start \
-psnapd \
snapd.refresh.timer
# but not start the service
dh_systemd_start \
--no-start \
-psnapd \
snapd.refresh.service
# start snapd
dh_systemd_start \
-psnapd \
snapd.socket
dh_systemd_start \
-psnapd \
snapd.service
# start autoimport
dh_systemd_start \
-psnapd \
snapd.autoimport.service
override_dh_install:
# we do not need this in the package, its just needed during build
rm -rf ${CURDIR}/debian/tmp/usr/bin/xgettext-go
# uboot-go is not shippable
rm -f ${CURDIR}/debian/tmp/usr/bin/uboot-go
# toolbelt is not shippable
rm -f ${CURDIR}/debian/tmp/usr/bin/toolbelt
# we do not like /usr/bin/snappy anymore
rm -f ${CURDIR}/debian/tmp/usr/bin/snappy
# install dev package files
mkdir -p debian/golang-github-snapcore-snapd-dev/usr/share
rm -rf debian/tmp/usr/share/gocode/src/github.com/snapcore/snapd/cmd/snap-confine
cp -R debian/tmp/usr/share/gocode debian/golang-github-snapcore-snapd-dev/usr/share
# install udev stuff, must be installed before 80-udisks
install debian/snapd.autoimport.udev -D debian/snapd/lib/udev/rules.d/66-snapd-autoimport.rules
# install bash completion files
install --mode=0644 data/completion/snap -D debian/snapd/usr/share/bash-completion/completions/snap
# i18n stuff
mkdir -p debian/snapd/usr/share
if [ -d share/locale ]; then \
cp -R share/locale debian/snapd/usr/share; \
fi
# etc/profile.d contains the PATH extension for snap packages
mkdir -p debian/snapd/etc
cp -R etc/profile.d debian/snapd/etc
# etc/X11/Xsession.d will add to XDG_DATA_DIRS so that we have .desktop support
mkdir -p debian/snapd/etc
cp -R etc/X11 debian/snapd/etc
# we conditionally install snapd's systemd units
mkdir -p debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 debian/snapd.refresh.timer debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 debian/snapd.refresh.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 debian/snapd.autoimport.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 debian/*.socket debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 debian/snapd.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
ifeq ($(RELEASE),trusty)
dh_link debian/snapd/$(SYSTEMD_UNITS_DESTDIR)/snapd.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)/multi-user.target.wants/snapd.service
dh_link debian/snapd/$(SYSTEMD_UNITS_DESTDIR)/snapd.autoimport.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)/multi-user.target.wants/snapd.autoimport.service
endif
$(MAKE) -C cmd install DESTDIR=$(CURDIR)/debian/tmp
dh_install
override_dh_auto_install: snap.8
dh_auto_install -O--buildsystem=golang
snap.8:
$(CURDIR)/_build/bin/snap help --man > $@
override_dh_auto_clean:
dh_auto_clean -O--buildsystem=golang
rm -vf snap.8
|
