sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
strongswan/testing/scripts/build-strongswan
Tobias Brunner 744955f8ce testing: Whitelist all Git repositories in the root image 
Without this, Git refuses to operate on the build dirs that are mounted
with weird ownership.  When running as root in the chroot, Git checks
SUDO_UID, which won't match.
2023-07-13 10:48:53 +02:00

207 lines
5.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
DIR=$(dirname `readlink -f $0`)
. $DIR/../testing.conf
. $DIR/function.sh
[ `id -u` -eq 0 ] || die "You must be root to run $0"
[ -f "$BASEIMG" ] || die "Base image $BASEIMG not found"
running_any $STRONGSWANHOSTS && die "Please stop test environment before running $0"
check_commands partprobe qemu-img qemu-nbd
load_qemu_nbd
mkdir -p $LOOPDIR
mkdir -p $IMGDIR
usage() {
cat << EOF
Usage:
${0##*/} [--all] [--guest NAME|--no-guests] [--replace] [--clean] [SRCDIR]
${0##*/} [--all] [--guest NAME|--no-guests] [--replace] [--tarball VERSION]
--help (-h) show usage information
--all (-a) build/install all software, not only strongSwan
--clean (-c) use a new strongSwan build directory
--guest NAME (-g) only install in a specific guest image
--no-guests (-n) don't build any guest images after the root image
--replace (-r) replace the root image (implies --all)
--tarball (-t) build strongSwan from a release tarball
EOF
}
ALL_RECIPES=
CLEAN=
GUEST=
NO_GUESTS=
REPLACE=
TARBALL=
while :; do
case $1 in
-h|--help)
usage
exit
;;
-a|--all)
ALL_RECIPES=1
;;
-c|--clean)
CLEAN=1
;;
-g|--guest)
if [ "$2" ]; then
GUEST=$2
shift
else
die "Guest name missing"
fi
;;
-n|--no-guests)
NO_GUESTS=1
;;
-r|--replace)
REPLACE=1
;;
-t|--tarball)
if [ "$2" ]; then
TARBALL=$2
shift
else
die "Release version missing"
fi
;;
*)
break
esac
shift
done
SWANDIR=
if [ -z "$TARBALL" ]; then
check_commands bindfs
SWANDIR=${1:+$(readlink -f $1)}
: ${SWANDIR:=$(readlink -f $DIR/../..)}
[ -f $SWANDIR/src/libstrongswan/asn1/oid.txt ] || die "strongSwan not found in $SWANDIR"
fi
case "$GUEST" in
"")
if [ ! -f "$ROOTIMG" -o "$REPLACE" ]; then
log_action "Creating root image $ROOTIMG"
execute "qemu-img create -b $BASEIMG -f $IMGEXT -F $IMGEXT $ROOTIMG"
ALL_RECIPES=1
fi
log_action "Connecting root image to NBD device $NBDEV"
[ -f "$ROOTIMG" ] || die "Root image $ROOTIMG not found"
execute "qemu-nbd -c $NBDEV $ROOTIMG"
;;
*)
echo $STRONGSWANHOSTS | grep -q "\b$GUEST\b" || die "Guest $GUEST not found"
GUESTIMG="$IMGDIR/$GUEST.$IMGEXT"
[ -f "$GUESTIMG" ] || die "Guest image $GUESTIMG not found"
log_action "Connecting guest image to NBD device $NBDEV"
execute "qemu-nbd -c $NBDEV $GUESTIMG"
;;
esac
do_on_exit qemu-nbd -d $NBDEV
partprobe $NBDEV
log_action "Mounting $NBDPARTITION to $LOOPDIR"
execute "mount $NBDPARTITION $LOOPDIR"
do_on_exit umount $LOOPDIR
log_action "Mounting proc filesystem to $LOOPDIR/proc"
execute "mount -t proc none $LOOPDIR/proc"
do_on_exit umount $LOOPDIR/proc
mkdir -p $SHAREDDIR
mkdir -p $LOOPDIR/root/shared
log_action "Mounting $SHAREDDIR as /root/shared"
execute "mount -o bind $SHAREDDIR $LOOPDIR/root/shared"
do_on_exit umount $LOOPDIR/root/shared
log_action "Copy /etc/resolv.conf"
execute "cp /etc/resolv.conf $LOOPDIR/etc/resolv.conf"
do_on_exit rm $LOOPDIR/etc/resolv.conf
log_action "Remove SWID tags of previous strongSwan versions"
execute_chroot "find /usr/local/share -path '*strongswan*' -name *.swidtag -delete"
if [ -z "$TARBALL" ]; then
SRCUID=$(stat -c '%u' $SWANDIR)
SRCGID=$(stat -c '%g' $SWANDIR)
SRCUSER=$(stat -c '%U' $SWANDIR)
mkdir -p $LOOPDIR/root/strongswan
log_action "Mounting $SWANDIR as /root/strongswan"
execute "bindfs -u $SRCUID -g $SRCGID --create-for-user=$SRCUID --create-for-group=$SRCGID $SWANDIR $LOOPDIR/root/strongswan"
do_on_exit umount $LOOPDIR/root/strongswan
log_action "Determine strongSwan version"
desc=`runuser -u $SRCUSER -- git -C $SWANDIR describe --exclude 'android-*' --dirty`
if [ $? -eq 0 ]; then
version="$desc (`runuser -u $SRCUSER -- git -C $SWANDIR rev-parse --abbrev-ref HEAD`)"
else
version="`cat $SWANDIR/configure.ac | sed -n '/^AC_INIT/{ s/.*,\[\(.*\)\])$/\1/p }'`"
fi
echo "$version" > $SHAREDDIR/.strongswan-version
log_status 0
log_action "Preparing source tree"
execute_chroot 'autoreconf -i /root/strongswan'
fi
RECPDIR=$DIR/recipes
if [ "$ALL_RECIPES" ]; then
echo "Building and installing strongSwan and all other software"
if [ -d "$RECPDIR/patches" ]
then
execute "cp -r $RECPDIR/patches $LOOPDIR/root/shared/compile" 0
fi
RECIPES=`ls $RECPDIR/*.mk | xargs -n1 basename`
log_action "Whitelist all Git repositories"
echo "[safe]" > $LOOPDIR/root/.gitconfig
echo " directory = *" >> $LOOPDIR/root/.gitconfig
log_status 0
else
echo "Building and installing strongSwan"
RECIPES=`ls $RECPDIR/*strongswan.mk | xargs -n1 basename`
fi
if [ "$CLEAN" ]; then
rm -rf $SHAREDDIR/build-strongswan
fi
mkdir -p $SHAREDDIR/build-strongswan
mkdir -p $SHAREDDIR/compile
for r in $RECIPES
do
log_action "Installing from recipe $r"
if [[ $r == *strongswan.mk && -z "$TARBALL" ]]; then
cp $RECPDIR/$r $SHAREDDIR/build-strongswan
execute_chroot "make SRCDIR=/root/strongswan BUILDDIR=/root/shared/build-strongswan -f /root/shared/build-strongswan/$r"
else
cp $RECPDIR/$r ${LOOPDIR}/root/shared/compile
execute_chroot "make SWANVERSION=$TARBALL -C /root/shared/compile -f $r"
fi
done
# rebuild the guest images after we modified the root image
if [ -z "$GUEST" -a -z "$NO_GUESTS" ]; then
# cleanup before mounting guest images
on_exit
# building the guest images without certificates fails on winnetou
if [ ! -f "$DIR/../hosts/winnetou/etc/ca/strongswanCert.pem" ]; then
# this also re-builds the guest images
$DIR/build-certs
else
$DIR/build-guestimages
fi
fi
Reference in New Issue View Git Blame Copy Permalink