From 70d0a6facccbde0dcb8107447d7e901c5db7c8ad Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Sat, 16 Jul 2016 00:54:06 +0300 Subject: [PATCH 1/7] Security fixes for sunxi legacy kernels UMP patch for sun8i --- .../cedar-remove-insecure-code.patch | 43 +++++++++++++++++++ .../cedar-remove-insecure-code.patch | 43 +++++++++++++++++++ .../cedar-remove-insecure-code.patch | 43 +++++++++++++++++++ .../sun8i-default/0001-Fix-ump-build.patch | 27 ++++++++++++ .../cedar-remove-insecure-code.patch | 43 +++++++++++++++++++ 5 files changed, 199 insertions(+) create mode 100644 patch/kernel/sun4i-default/cedar-remove-insecure-code.patch create mode 100644 patch/kernel/sun5i-default/cedar-remove-insecure-code.patch create mode 100644 patch/kernel/sun7i-default/cedar-remove-insecure-code.patch create mode 100644 patch/kernel/sun8i-default/0001-Fix-ump-build.patch create mode 100644 patch/kernel/sun8i-default/cedar-remove-insecure-code.patch diff --git a/patch/kernel/sun4i-default/cedar-remove-insecure-code.patch b/patch/kernel/sun4i-default/cedar-remove-insecure-code.patch new file mode 100644 index 0000000000..24fd93d85a --- /dev/null +++ b/patch/kernel/sun4i-default/cedar-remove-insecure-code.patch @@ -0,0 +1,43 @@ +From 6964d467510849e3e262518cb87bff7ef92e01f5 Mon Sep 17 00:00:00 2001 +From: yangcaoyuan +Date: Mon, 11 Jul 2016 10:23:00 +0800 +Subject: [PATCH] driver:cedar-ve delete non_secure code + +Change-Id: I6ca0037ea3decd13bb4ab854081f6ae4c576bd47 +--- + drivers/media/cedar-ve/cedar_ve.c | 21 --------------------- + 1 file changed, 21 deletions(-) + +diff --git a/drivers/media/cedar-ve/cedar_ve.c b/drivers/media/cedar-ve/cedar_ve.c +index 0c1be78..a2f4bec 100755 +--- a/drivers/media/cedar-ve/cedar_ve.c ++++ b/drivers/media/cedar-ve/cedar_ve.c +@@ -744,28 +744,7 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + case IOCTL_GET_IC_VER: + { + return 0; +- } +- case IOCTL_READ_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- return readl(reg_para.addr); +- } +- +- case IOCTL_WRITE_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- writel(reg_para.value, reg_para.addr); +- break; + } +- break; + case IOCTL_SET_REFCOUNT: + cedar_devp->ref_count = (int)arg; + break; diff --git a/patch/kernel/sun5i-default/cedar-remove-insecure-code.patch b/patch/kernel/sun5i-default/cedar-remove-insecure-code.patch new file mode 100644 index 0000000000..24fd93d85a --- /dev/null +++ b/patch/kernel/sun5i-default/cedar-remove-insecure-code.patch @@ -0,0 +1,43 @@ +From 6964d467510849e3e262518cb87bff7ef92e01f5 Mon Sep 17 00:00:00 2001 +From: yangcaoyuan +Date: Mon, 11 Jul 2016 10:23:00 +0800 +Subject: [PATCH] driver:cedar-ve delete non_secure code + +Change-Id: I6ca0037ea3decd13bb4ab854081f6ae4c576bd47 +--- + drivers/media/cedar-ve/cedar_ve.c | 21 --------------------- + 1 file changed, 21 deletions(-) + +diff --git a/drivers/media/cedar-ve/cedar_ve.c b/drivers/media/cedar-ve/cedar_ve.c +index 0c1be78..a2f4bec 100755 +--- a/drivers/media/cedar-ve/cedar_ve.c ++++ b/drivers/media/cedar-ve/cedar_ve.c +@@ -744,28 +744,7 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + case IOCTL_GET_IC_VER: + { + return 0; +- } +- case IOCTL_READ_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- return readl(reg_para.addr); +- } +- +- case IOCTL_WRITE_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- writel(reg_para.value, reg_para.addr); +- break; + } +- break; + case IOCTL_SET_REFCOUNT: + cedar_devp->ref_count = (int)arg; + break; diff --git a/patch/kernel/sun7i-default/cedar-remove-insecure-code.patch b/patch/kernel/sun7i-default/cedar-remove-insecure-code.patch new file mode 100644 index 0000000000..24fd93d85a --- /dev/null +++ b/patch/kernel/sun7i-default/cedar-remove-insecure-code.patch @@ -0,0 +1,43 @@ +From 6964d467510849e3e262518cb87bff7ef92e01f5 Mon Sep 17 00:00:00 2001 +From: yangcaoyuan +Date: Mon, 11 Jul 2016 10:23:00 +0800 +Subject: [PATCH] driver:cedar-ve delete non_secure code + +Change-Id: I6ca0037ea3decd13bb4ab854081f6ae4c576bd47 +--- + drivers/media/cedar-ve/cedar_ve.c | 21 --------------------- + 1 file changed, 21 deletions(-) + +diff --git a/drivers/media/cedar-ve/cedar_ve.c b/drivers/media/cedar-ve/cedar_ve.c +index 0c1be78..a2f4bec 100755 +--- a/drivers/media/cedar-ve/cedar_ve.c ++++ b/drivers/media/cedar-ve/cedar_ve.c +@@ -744,28 +744,7 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + case IOCTL_GET_IC_VER: + { + return 0; +- } +- case IOCTL_READ_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- return readl(reg_para.addr); +- } +- +- case IOCTL_WRITE_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- writel(reg_para.value, reg_para.addr); +- break; + } +- break; + case IOCTL_SET_REFCOUNT: + cedar_devp->ref_count = (int)arg; + break; diff --git a/patch/kernel/sun8i-default/0001-Fix-ump-build.patch b/patch/kernel/sun8i-default/0001-Fix-ump-build.patch new file mode 100644 index 0000000000..1a9d8ae537 --- /dev/null +++ b/patch/kernel/sun8i-default/0001-Fix-ump-build.patch @@ -0,0 +1,27 @@ +From ab2ccc6f757c7c49f84a719584b4dde5da431394 Mon Sep 17 00:00:00 2001 +From: Andreas Baierl +Date: Tue, 8 Mar 2016 11:07:58 -0500 +Subject: [PATCH] Fix ump build + +--- + arch/arm/mach-sunxi/include/mach/sun8i/memory-sun8iw7p1.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/arch/arm/mach-sunxi/include/mach/sun8i/memory-sun8iw7p1.h b/arch/arm/mach-sunxi/include/mach/sun8i/memory-sun8iw7p1.h +index afa1202..02c7429 100755 +--- a/arch/arm/mach-sunxi/include/mach/sun8i/memory-sun8iw7p1.h ++++ b/arch/arm/mach-sunxi/include/mach/sun8i/memory-sun8iw7p1.h +@@ -18,6 +18,10 @@ + #define __MEMORY_SUN8I_W5P1_H + + #define PLAT_PHYS_OFFSET UL(0x40000000) ++#define __phys_to_bus(x) ((u32)(x) < PLAT_PHYS_OFFSET ? (x) : \ ++ (x) - PLAT_PHYS_OFFSET) ++#define __bus_to_phys(x) ((x) + PLAT_PHYS_OFFSET) ++ + #ifdef CONFIG_EVB_PLATFORM + #define PLAT_MEM_SIZE SZ_2G + #else +-- +2.7.0 + diff --git a/patch/kernel/sun8i-default/cedar-remove-insecure-code.patch b/patch/kernel/sun8i-default/cedar-remove-insecure-code.patch new file mode 100644 index 0000000000..24fd93d85a --- /dev/null +++ b/patch/kernel/sun8i-default/cedar-remove-insecure-code.patch @@ -0,0 +1,43 @@ +From 6964d467510849e3e262518cb87bff7ef92e01f5 Mon Sep 17 00:00:00 2001 +From: yangcaoyuan +Date: Mon, 11 Jul 2016 10:23:00 +0800 +Subject: [PATCH] driver:cedar-ve delete non_secure code + +Change-Id: I6ca0037ea3decd13bb4ab854081f6ae4c576bd47 +--- + drivers/media/cedar-ve/cedar_ve.c | 21 --------------------- + 1 file changed, 21 deletions(-) + +diff --git a/drivers/media/cedar-ve/cedar_ve.c b/drivers/media/cedar-ve/cedar_ve.c +index 0c1be78..a2f4bec 100755 +--- a/drivers/media/cedar-ve/cedar_ve.c ++++ b/drivers/media/cedar-ve/cedar_ve.c +@@ -744,28 +744,7 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + case IOCTL_GET_IC_VER: + { + return 0; +- } +- case IOCTL_READ_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- return readl(reg_para.addr); +- } +- +- case IOCTL_WRITE_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- { +- return -EFAULT; +- } +- writel(reg_para.value, reg_para.addr); +- break; + } +- break; + case IOCTL_SET_REFCOUNT: + cedar_devp->ref_count = (int)arg; + break; From 9bd426b2dce6d6090b63cc2ab94e75678d65dfd2 Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Sat, 16 Jul 2016 00:59:22 +0300 Subject: [PATCH 2/7] Fix last patches for different kernel sources --- .../cedar-remove-insecure-code.patch | 67 +++++++------------ .../cedar-remove-insecure-code.patch | 67 +++++++------------ .../cedar-remove-insecure-code.patch | 67 +++++++------------ 3 files changed, 78 insertions(+), 123 deletions(-) diff --git a/patch/kernel/sun4i-default/cedar-remove-insecure-code.patch b/patch/kernel/sun4i-default/cedar-remove-insecure-code.patch index 24fd93d85a..5c1143dbdb 100644 --- a/patch/kernel/sun4i-default/cedar-remove-insecure-code.patch +++ b/patch/kernel/sun4i-default/cedar-remove-insecure-code.patch @@ -1,43 +1,28 @@ -From 6964d467510849e3e262518cb87bff7ef92e01f5 Mon Sep 17 00:00:00 2001 -From: yangcaoyuan -Date: Mon, 11 Jul 2016 10:23:00 +0800 -Subject: [PATCH] driver:cedar-ve delete non_secure code - -Change-Id: I6ca0037ea3decd13bb4ab854081f6ae4c576bd47 ---- - drivers/media/cedar-ve/cedar_ve.c | 21 --------------------- - 1 file changed, 21 deletions(-) - -diff --git a/drivers/media/cedar-ve/cedar_ve.c b/drivers/media/cedar-ve/cedar_ve.c -index 0c1be78..a2f4bec 100755 ---- a/drivers/media/cedar-ve/cedar_ve.c -+++ b/drivers/media/cedar-ve/cedar_ve.c -@@ -744,28 +744,7 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) - case IOCTL_GET_IC_VER: - { - return 0; -- } -- case IOCTL_READ_REG: -- { -- struct cedarv_regop reg_para; -- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) -- { -- return -EFAULT; -- } -- return readl(reg_para.addr); -- } +diff --git a/drivers/media/video/sunxi/sunxi_cedar.c b/drivers/media/video/sunxi/sunxi_cedar.c +index f30d086..3c6969e 100644 +--- a/drivers/media/video/sunxi/sunxi_cedar.c ++++ b/drivers/media/video/sunxi/sunxi_cedar.c +@@ -765,23 +765,6 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + cedar_devp->ref_count = (int)arg; + break; + +- case IOCTL_READ_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- return -EFAULT; +- return readl(reg_para.addr); +- } - -- case IOCTL_WRITE_REG: -- { -- struct cedarv_regop reg_para; -- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) -- { -- return -EFAULT; -- } -- writel(reg_para.value, reg_para.addr); -- break; - } -- break; - case IOCTL_SET_REFCOUNT: - cedar_devp->ref_count = (int)arg; +- case IOCTL_WRITE_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- return -EFAULT; +- writel(reg_para.value, reg_para.addr); +- break; +- } +- + default: break; + } diff --git a/patch/kernel/sun5i-default/cedar-remove-insecure-code.patch b/patch/kernel/sun5i-default/cedar-remove-insecure-code.patch index 24fd93d85a..5c1143dbdb 100644 --- a/patch/kernel/sun5i-default/cedar-remove-insecure-code.patch +++ b/patch/kernel/sun5i-default/cedar-remove-insecure-code.patch @@ -1,43 +1,28 @@ -From 6964d467510849e3e262518cb87bff7ef92e01f5 Mon Sep 17 00:00:00 2001 -From: yangcaoyuan -Date: Mon, 11 Jul 2016 10:23:00 +0800 -Subject: [PATCH] driver:cedar-ve delete non_secure code - -Change-Id: I6ca0037ea3decd13bb4ab854081f6ae4c576bd47 ---- - drivers/media/cedar-ve/cedar_ve.c | 21 --------------------- - 1 file changed, 21 deletions(-) - -diff --git a/drivers/media/cedar-ve/cedar_ve.c b/drivers/media/cedar-ve/cedar_ve.c -index 0c1be78..a2f4bec 100755 ---- a/drivers/media/cedar-ve/cedar_ve.c -+++ b/drivers/media/cedar-ve/cedar_ve.c -@@ -744,28 +744,7 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) - case IOCTL_GET_IC_VER: - { - return 0; -- } -- case IOCTL_READ_REG: -- { -- struct cedarv_regop reg_para; -- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) -- { -- return -EFAULT; -- } -- return readl(reg_para.addr); -- } +diff --git a/drivers/media/video/sunxi/sunxi_cedar.c b/drivers/media/video/sunxi/sunxi_cedar.c +index f30d086..3c6969e 100644 +--- a/drivers/media/video/sunxi/sunxi_cedar.c ++++ b/drivers/media/video/sunxi/sunxi_cedar.c +@@ -765,23 +765,6 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + cedar_devp->ref_count = (int)arg; + break; + +- case IOCTL_READ_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- return -EFAULT; +- return readl(reg_para.addr); +- } - -- case IOCTL_WRITE_REG: -- { -- struct cedarv_regop reg_para; -- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) -- { -- return -EFAULT; -- } -- writel(reg_para.value, reg_para.addr); -- break; - } -- break; - case IOCTL_SET_REFCOUNT: - cedar_devp->ref_count = (int)arg; +- case IOCTL_WRITE_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- return -EFAULT; +- writel(reg_para.value, reg_para.addr); +- break; +- } +- + default: break; + } diff --git a/patch/kernel/sun7i-default/cedar-remove-insecure-code.patch b/patch/kernel/sun7i-default/cedar-remove-insecure-code.patch index 24fd93d85a..5c1143dbdb 100644 --- a/patch/kernel/sun7i-default/cedar-remove-insecure-code.patch +++ b/patch/kernel/sun7i-default/cedar-remove-insecure-code.patch @@ -1,43 +1,28 @@ -From 6964d467510849e3e262518cb87bff7ef92e01f5 Mon Sep 17 00:00:00 2001 -From: yangcaoyuan -Date: Mon, 11 Jul 2016 10:23:00 +0800 -Subject: [PATCH] driver:cedar-ve delete non_secure code - -Change-Id: I6ca0037ea3decd13bb4ab854081f6ae4c576bd47 ---- - drivers/media/cedar-ve/cedar_ve.c | 21 --------------------- - 1 file changed, 21 deletions(-) - -diff --git a/drivers/media/cedar-ve/cedar_ve.c b/drivers/media/cedar-ve/cedar_ve.c -index 0c1be78..a2f4bec 100755 ---- a/drivers/media/cedar-ve/cedar_ve.c -+++ b/drivers/media/cedar-ve/cedar_ve.c -@@ -744,28 +744,7 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) - case IOCTL_GET_IC_VER: - { - return 0; -- } -- case IOCTL_READ_REG: -- { -- struct cedarv_regop reg_para; -- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) -- { -- return -EFAULT; -- } -- return readl(reg_para.addr); -- } +diff --git a/drivers/media/video/sunxi/sunxi_cedar.c b/drivers/media/video/sunxi/sunxi_cedar.c +index f30d086..3c6969e 100644 +--- a/drivers/media/video/sunxi/sunxi_cedar.c ++++ b/drivers/media/video/sunxi/sunxi_cedar.c +@@ -765,23 +765,6 @@ long cedardev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) + cedar_devp->ref_count = (int)arg; + break; + +- case IOCTL_READ_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- return -EFAULT; +- return readl(reg_para.addr); +- } - -- case IOCTL_WRITE_REG: -- { -- struct cedarv_regop reg_para; -- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) -- { -- return -EFAULT; -- } -- writel(reg_para.value, reg_para.addr); -- break; - } -- break; - case IOCTL_SET_REFCOUNT: - cedar_devp->ref_count = (int)arg; +- case IOCTL_WRITE_REG: +- { +- struct cedarv_regop reg_para; +- if(copy_from_user(®_para, (void __user*)arg, sizeof(struct cedarv_regop))) +- return -EFAULT; +- writel(reg_para.value, reg_para.addr); +- break; +- } +- + default: break; + } From bc9868c0ba04f709eee4ad6ea8b2ace7ad5ab584 Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Thu, 30 Jun 2016 02:01:30 +0300 Subject: [PATCH 3/7] Trying to fix building in Docker --- general.sh | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/general.sh b/general.sh index 364d5af400..2c8420f189 100644 --- a/general.sh +++ b/general.sh @@ -355,7 +355,18 @@ prepare_host() { apt-key adv --keyserver keys.gnupg.net --recv-keys 9E3E53F19C7DE460 fi - if [[ $codename == xenial ]]; then hostdeps="$hostdeps systemd-container"; fi + if [[ $codename == xenial ]]; then + hostdeps="$hostdeps systemd-container" + if systemd-detect-virt -q; then + display_alert "Running in container" "$(systemd-detect-virt)" "info" + # TODO: force disable ramdisk and apt-cacher-ng by default? + #FORCE_USE_RAMDISK=no + # create device nodes for loop devices + for i in {0..6}; do + mknod -m0660 /dev/loop$i b 7 $i + done + fi + fi # Deboostrap in trusty breaks due too old debootstrap. We are installing Xenial package local debootstrap_version=$(dpkg-query -W -f='${Version}\n' debootstrap | cut -f1 -d'+') From 24338a558bb1bc25ad1a32938f56dd2e636a5484 Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Thu, 30 Jun 2016 02:07:46 +0300 Subject: [PATCH 4/7] Udev is not essential on Xenial? --- general.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/general.sh b/general.sh index 2c8420f189..13384f8dcd 100644 --- a/general.sh +++ b/general.sh @@ -356,7 +356,7 @@ prepare_host() { fi if [[ $codename == xenial ]]; then - hostdeps="$hostdeps systemd-container" + hostdeps="$hostdeps systemd-container udev" if systemd-detect-virt -q; then display_alert "Running in container" "$(systemd-detect-virt)" "info" # TODO: force disable ramdisk and apt-cacher-ng by default? From 99ab3a4c729b488d0c339a938d7f19d369988584 Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Wed, 6 Jul 2016 15:20:22 +0300 Subject: [PATCH 5/7] More workarounds for running in containers --- general.sh | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/general.sh b/general.sh index 13384f8dcd..78ae5ab03b 100644 --- a/general.sh +++ b/general.sh @@ -337,10 +337,6 @@ prepare_host() { nfs-kernel-server btrfs-tools gcc-aarch64-linux-gnu ncurses-term p7zip-full dos2unix dosfstools libc6-dev-armhf-cross libc6-dev-armel-cross\ libc6-dev-arm64-cross curl pdftk" - # warning: apt-cacher-ng will fail if installed and used both on host and in container/chroot environment with shared network - # set NO_APT_CACHER=yes to prevent installation errors in such case - if [[ $NO_APT_CACHER != yes ]]; then hostdeps="$hostdeps apt-cacher-ng"; fi - local codename=$(lsb_release -sc) display_alert "Build host OS release" "${codename:-(unknown)}" "info" if [[ -z $codename || "trusty wily xenial" != *"$codename"* ]]; then @@ -359,8 +355,11 @@ prepare_host() { hostdeps="$hostdeps systemd-container udev" if systemd-detect-virt -q; then display_alert "Running in container" "$(systemd-detect-virt)" "info" - # TODO: force disable ramdisk and apt-cacher-ng by default? - #FORCE_USE_RAMDISK=no + # disable apt-cacher unless NO_APT_CACHER=no is not specified explicitly + if [[ $NO_APT_CACHER != no ]]; then + display_alert "apt-cacher is disabled" + NO_APT_CACHER=yes + fi # create device nodes for loop devices for i in {0..6}; do mknod -m0660 /dev/loop$i b 7 $i @@ -368,6 +367,10 @@ prepare_host() { fi fi + # warning: apt-cacher-ng will fail if installed and used both on host and in container/chroot environment with shared network + # set NO_APT_CACHER=yes to prevent installation errors in such case + if [[ $NO_APT_CACHER != yes ]]; then hostdeps="$hostdeps apt-cacher-ng"; fi + # Deboostrap in trusty breaks due too old debootstrap. We are installing Xenial package local debootstrap_version=$(dpkg-query -W -f='${Version}\n' debootstrap | cut -f1 -d'+') local debootstrap_minimal="1.0.78" From 5c041f7f31196c46c45d66be8d774b144ab4a70c Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Tue, 12 Jul 2016 21:18:34 +0300 Subject: [PATCH 6/7] Improve info messages --- general.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/general.sh b/general.sh index 78ae5ab03b..c62970604e 100644 --- a/general.sh +++ b/general.sh @@ -357,7 +357,7 @@ prepare_host() { display_alert "Running in container" "$(systemd-detect-virt)" "info" # disable apt-cacher unless NO_APT_CACHER=no is not specified explicitly if [[ $NO_APT_CACHER != no ]]; then - display_alert "apt-cacher is disabled" + display_alert "apt-cacher is disabled, set NO_APT_CACHER=no to override" "" "wrn" NO_APT_CACHER=yes fi # create device nodes for loop devices From fd87d16b1356e42ad3e7acccb01eef97720b5684 Mon Sep 17 00:00:00 2001 From: zador-blood-stained Date: Wed, 13 Jul 2016 17:47:30 +0300 Subject: [PATCH 7/7] Update container dependencies --- Dockerfile | 2 +- Vagrantfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 62ded573f0..10da28b825 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu +FROM ubuntu:16.04 RUN apt-get update RUN apt-get install -y git build-essential binutils WORKDIR /root diff --git a/Vagrantfile b/Vagrantfile index 1c66d09646..08416f045f 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -12,7 +12,7 @@ Vagrant.configure(2) do |config| # Every Vagrant development environment requires a box. You can search for # boxes at https://atlas.hashicorp.com/search. - config.vm.box = "ubuntu/trusty64" + config.vm.box = "ubuntu/xenial64" # Disable automatic box update checking. If you disable this, then # boxes will only be checked for updates when the user runs