github.com/xen-tools.xen-tools
1
0
Fork 0
mirror of synced 2026-05-03 14:58:48 +00:00
Code Releases Activity

Debian DomUs: Distinguish between $dist/updates and $dist-security

Browse Source 
From Debian 11 Bullseye onwards, debian uses $dist-security instead of
$dist/updates as distribution part in /etc/apt/sources.list.

Mark those distributions with the old-style subdirectory path with
"security-subdir" in distributions.conf.

Thanks to Paul Wise for the bug report (and hence reminding me of
this) and for the suggestions on how to implement this (even if I
didn't follow them for the sake of simplicity and no additional
dependencies).

Closes: #972749
This commit is contained in:
Axel Beckert
2020-12-19 05:58:21 +01:00
parent 19399ecc70
commit 2fba5cb90e
4 changed files with 51 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
debian/changelog vendored
View File

@@ -7,6 +7,9 @@ xen-tools (4.8.1~dev-1) UNRELEASED; urgency=medium
release (bookwork → bookworm). release (bookwork → bookworm).
+ Actually install xen-resize-guest tool. (Thanks lintian for the + Actually install xen-resize-guest tool. (Thanks lintian for the
spare-manual-page warning!) spare-manual-page warning!)
+ Distinguish between those Debian releases using $dist/updates for
security updates and those who use $dist-security. Thanks Paul Wise!
(Closes: #972749)
* Recommend deboootstrap ≥ 1.0.110~ for working bootstrapping of Ubuntu * Recommend deboootstrap ≥ 1.0.110~ for working bootstrapping of Ubuntu
6.06 Dapper and 6.10 Edgy (see #659360) and for support of Ubuntu 6.06 Dapper and 6.10 Edgy (see #659360) and for support of Ubuntu

18
etc/distributions.conf
View File

@@ -5,17 +5,17 @@
# codename = distribution and further keywords # codename = distribution and further keywords
# #
# Known distributions: debian, ubuntu # Known distributions: debian, ubuntu
# Known keywords: eol, pygrub, default-keyring, dont-test # Known keywords: eol, pygrub, default-keyring, dont-test, security-subdir
# Known generic keywords: *.gpg (uses the according /usr/share/keyrings/….gpg file) # Known generic keywords: *.gpg (uses the according /usr/share/keyrings/….gpg file)
# #
sarge = debian eol sarge = debian security-subdir eol
etch = debian eol etch = debian security-subdir eol
lenny = debian eol lenny = debian security-subdir eol
squeeze = debian eol default-keyring squeeze = debian security-subdir eol default-keyring
wheezy = debian eol wheezy = debian security-subdir eol
jessie = debian eol jessie = debian security-subdir eol
stretch = debian stretch = debian security-subdir
buster = debian buster = debian security-subdir
bullseye = debian bullseye = debian
bookworm = debian dont-test bookworm = debian dont-test
trixie = debian dont-test trixie = debian dont-test

21
hooks/common.sh
View File

@@ -422,3 +422,24 @@ installGentooPackage ()
logMessage "NOTE: Not doing anything - this is a stub - FIXME" logMessage "NOTE: Not doing anything - this is a stub - FIXME"
} }
#
# findDistributionConf path
#
# returns either a relative or an absolut path to distributions.conf
#
findDistributionsConf ()
{
prefix=$1
if [ -f etc/distributions.conf ]; then
echo etc/distributions.conf
elif [ -f ${prefix:-}/etc/xen-tools/distributions.conf ]; then
echo ${prefix:-}/etc/xen-tools/distributions.conf
elif [ -f /etc/xen-tools/distributions.conf ]; then
echo /etc/xen-tools/distributions.conf
fi
}

21
hooks/debian/20-setup-apt
View File

@@ -20,6 +20,7 @@ else
. ./hooks/common.sh . ./hooks/common.sh
fi fi
distributions_conf=$(findDistributionsConf $prefix)
# #
# Log our start # Log our start
@@ -66,7 +67,9 @@ if ( test "${dist}" "!=" "sid" && test "${dist}" "!=" "unstable" && \
test -e /etc/apt/sources.list && \ test -e /etc/apt/sources.list && \
grep ^deb.*security -r /etc/apt/sources.list /etc/apt/sources.list.d >/dev/null 2>/dev/null ) ; then grep ^deb.*security -r /etc/apt/sources.list /etc/apt/sources.list.d >/dev/null 2>/dev/null ) ; then
cat <<E_O_APT >> ${prefix}/etc/apt/sources.list if fgrep "${dist}" $distributions_conf | fgrep -q security-subdir; then
cat <<E_O_APT >> ${prefix}/etc/apt/sources.list
# #
# Security updates # Security updates
# #
@@ -74,13 +77,25 @@ deb http://security.debian.org/ ${dist}/updates main contrib non-free
deb-src http://security.debian.org/ ${dist}/updates main contrib non-free deb-src http://security.debian.org/ ${dist}/updates main contrib non-free
E_O_APT E_O_APT
else
cat <<E_O_APT >> ${prefix}/etc/apt/sources.list
#
# Security updates
#
deb http://security.debian.org/ ${dist}-security main contrib non-free
deb-src http://security.debian.org/ ${dist}-security main contrib non-free
E_O_APT
fi
else else
cat <<E_O_APT >> ${prefix}/etc/apt/sources.list cat <<E_O_APT >> ${prefix}/etc/apt/sources.list
# #
# Security updates - Uncomment to enable. # Security updates - Uncomment to enable.
# #
# deb http://security.debian.org/ ${dist}/updates main contrib non-free # deb http://security.debian.org/ ${dist}-security main contrib non-free
# deb-src http://security.debian.org/ ${dist}/updates main contrib non-free # deb-src http://security.debian.org/ ${dist}-security main contrib non-free
E_O_APT E_O_APT
fi fi