Debian packaging rules - deb

When I tried to make a link inside the rules file it didn't allow me.How can I make it?
Here is what I did.
#!/usr/bin/make -f
icon = $(CURDIR)/frontpage.png
script = $(CURDIR)/guilotinga.py
launcher = $(CURDIR)/internation.desktop
DEST1 = $(CURDIR)/debian/internation/usr/share/internation
DEST2 = $(CURDIR)/debian/internation/usr/share/applications
build: build-stamp
build-stamp:
dh_testdir
touch build-stamp
clean:
dh_testdir
dh_testroot
rm -f build-stamp
dh_clean
install: build clean $(icon) $(script) $(launcher)
dh_testdir
dh_testroot
dh_prep
dh_installdirs
mkdir -m 755 -p $(DEST1)
mkdir -m 755 -p $(DEST2)
install -m 666 $(icon) $(DEST1)
install -m 777 $(script) $(DEST1)
install -m 777 $(launcher) $(DEST2)
ln -s usr/share/internation/guilotinga.py /usr/bin/internation
(That's where I stopped)
The line above is giving error saying I don't have enough privileges.What was my fault?
binary-indep: build install
dh_testdir
dh_testroot
dh_installchangelogs
dh_installdocs
dh_installexamples
dh_installman
dh_link
dh_compress
dh_fixperms
dh_installdeb
dh_gencontrol
dh_md5sums
dh_builddeb
binary-arch: build install
binary: binary-indep binary-arch
.PHONY: build clean binary-indep binary-arch binary install

I'm assuming that what you wanted was to make a symlink to /usr/bin/internation, and have the link show up as /usr/share/internation/guilotinga.py when the package is installed. If so, you're just giving the link command backwards. You want
ln -s /usr/bin/internation usr/share/internation/guilotinga.py
As a further note, though, symlinks in Debian packages should not ever be absolute, unless you're symlinking one toplevel directory to another (see Debian Policy section 10.5).
In your case, you probably don't need to change anything, since you have a call to dh_link in your build script. That tool will automatically fix noncompliant symlinks in the package build area (unless you're running in a super-ancient debhelper compat mode).
But if you want to avoid potentially confusing readers (or yourself), perhaps you ought to do
ln -s ../../bin/internation usr/share/internation/guilotinga.py

Related

Installing wp plugins after image builds

I'm trying to install wp plugins by executing script right after the wordpress image is built.
Here is my Dockerfile:
FROM wordpress
# Update aptitude with new repo
RUN apt-get update
# Install software
RUN apt-get install -y sudo vim curl less git python-dev python3.5
# Add WP-CLI
RUN curl -o /bin/wp-cli.phar https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
COPY wp-su.sh /bin/wp
RUN chmod +x /bin/wp-cli.phar /bin/wp && chown www-data:www-data /bin/wp-cli.phar /bin/wp
# Copy scripts into the image
COPY install.py /usr/src/wordpress
COPY plugins.json /usr/src/wordpress
COPY wait-for-it.sh /usr/src/wordpress
RUN chmod +x /usr/src/wordpress/install.py
RUN chmod +x /usr/src/wordpress/plugins.json
RUN chmod +x /usr/src/wordpress/wait-for-it.sh
COPY --chown=www-data:www-data uploads/ /usr/src/wordpress/wp-content/uploads
# Cleanup
RUN apt-get clean
RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ENTRYPOINT ["/usr/src/wordpress/wait-for-it.sh", "db:3306", "--", "python" , "/usr/src/wordpress/install.py" ]
CMD ["apache2-foreground"]
Once the scripts runs I get the following error:
Error: This does not seem to be a WordPress installation.
Pass --path=`path/to/wordpress` or run `wp core download`.
I tried doing what the error suggested but it did not work. The wordpress installation from my understanding should be located at /usr/src/wordpress along with all the scripts I copied into it. Is what I'm doing correct ? Should it even be possible to do what I'm attempting ? Any help would be appreciated.
Note: This image is run from docker-compose.yml
UPDATE:
Looks to me like the reason for the above error is because the wordpress installation isn't there yet and by specifying the entrypoint I think I'm overwriting the entry point that is provided by the official wp image in which wordpress installation is copied into /var/www/html directory at runtime. Not sure how to get around this.

Install systemd service on Debian installation

I'm building custom Debian ISO with simple-cdd utility. It worked well till the moment when I attached my own .deb package.
build-simple-cdd --dist stretch --profiles moj --force-root --local-packages /root/iso/deb
build-simple-cdd works properly, because I saw my deb package in tmp directory structure and iso image is created successfully. However debian installation fails
I suspect, that postinst script fails, since it uses systemctl command when it may be unavailable.
#!/bin/sh
set -e
echo $1
if [ "$1" = "configure" ]; then
echo "Configuring privileges..."
chown user:user /usr/bin/Koncentrator
chmod 0755 /usr/bin/Koncentrator
echo "Enabling Koncentrator services..."
systemctl daemon-reload
systemctl enable Xvfb.service
systemctl enable Koncentrator.service
fi
I've added systemd dependency to control file, but it doesn't work.
I made workaround for this issue. simple-cdd allows to prepare post installation script. apt install is called there without problems. Two steps are required to use this solution:
Add deb package to installation disk. This is configured via profile configuration file (moj.conf):
all_extras="$all_extras /root/iso/files/customapackage_0.1.3.deb"
Run apt install in moj.postinst script:
#!/bin/sh
mount /dev/cdrom /media/cdrom
cd /media/cdrom/simple-cdd
apt install ./custompackage_0.1.3.deb
cd /
sync
umount /media/cdrom
If you want to debug your postinst script, you can insert there long sleep:
#!/bin/sh
sleep 10000000
...
And switch terminal (Ctrl+Alt+F1-6) during finish-install phase. Than call chroot /target to switch in-target environemnent

sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set after chmod 755

What i tried is this:
https://stackoverflow.com/a/29903645/4983983
I executed this:
n=$(which node); \
n=${n%/bin/node}; \
chmod -R 755 $n/bin/*; \
sudo cp -r $n/{bin,lib,share} /usr/local
but now i can not execute for example sudo su command, i get following error:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I am not sure how can i redo it ?
EDIT:
Regarding #Bodo answer:
sudo rpm --setperms mkdir
sudo rpm --setugids mkdir
cd /opt
mkdir test13121
mkdir: cannot create directory ‘test13121’: Permission denied
BUT:
sudo chown root:root /usr/bin/mkdir && sudo chmod 4755 /usr/bin/mkdir
mkdir test912121
The difficulty is to find out the normal permissions of the files you have changed.
You can try to reset the file permissions based on the information in the package management.
See e.g. https://www.cyberciti.biz/tips/reset-rhel-centos-fedora-package-file-permission.html
Citation from this page:
Reset the permissions of the all installed RPM packages
You need to use combination of rpm and a shell for loop command as follows:
for p in $(rpm -qa); do rpm --setperms $p; done
for p in $(rpm -qa); do rpm --setugids $p; done
I suggest to read the linked page completely and try this for a single package first.
I guess you can somehow ask rpm to find the package name that contains e.g. /usr/bin/sudo. and try if the commands work for a single package.
Edit: If the setuid or setgid bits are not correct, you can try to change the order of the commands and use --setugids before --setperms. (In some cases chown resets setuid or setgid bits; don't know if this applies to the rpm commands.)
There are sources in the internet that propose to combine --setugids and--setperms in one command or to use option -a instead of a loop like
rpm -a --setperms
Read the documentation. (I don't have an RPM based system where I could test the commands.)

How to download and unzip in Dockerfile

So, I have, it works, but I want to change the way to immediately download the file and unpack it:
Dockerfile
FROM wordpress:fpm
# Copying themes from local
COPY ./wordpress/ /var/www/html/wp-content/themes/wordpress/
RUN chmod -R 777 /var/www/html/
How can I immediately download the file from the site and unzip it to the appropriate folder?
docker-compose.yml
wordpress:
build: .
links:
- db:mysql
nginx:
image: raulr/nginx-wordpress
links:
- wordpress
ports:
- "8080:80"
volumes_from:
- wordpress
db:
image: mariadb
environment:
MYSQL_ROOT_PASSWORD: qwerty
I tried:
#install unzip and wget
RUN \
apt-get update && \
apt-get install unzip wget -y && \
rm -rf /var/lib/apt/lists/*
RUN wget -O /var/www/html/type.zip http://wp-templates.ru/download/2405 \
&& unzip '/var/www/html/type.zip' -d /var/www/html/wp-content/themes/ && rm
/var/www/html/type.zip || true;
Dockerfile has "native command" for copying and extracting .tar.gz files.
So you can change archive type from .zip to .tar.gz (maybe in future versions zip also will be supported, I'm not sure) and use ADD instead of COPY.
Read more about ADD
Best to use a multistage docker build. You will need the latest version of docker and buildkit enabled. Then do something along these lines
# syntax=docker/dockerfile:1
from alpine:latest as unzipper
apk add unzip wget curl
RUN mkdir /opt/ ; \
curl <some-url> | tar xvzf - -C /opt
FROM wordpress:fpm
COPY --from unzipper /opt/ /var/www/html/wp-content/themes/wordpress/
Even better is if there is a Docker image built already with the stuff in you want you just need the 'copy --from' line and give it the image name.
Finally dont worry about any mess in the 1st stage as its discarded when the build completes, so the fact its alpine, and not using no-cache is irrelevant, and none of the installed packages end up in the final image
Found more guidance for remote zipped files in Docker documentation
Because image size matters, using ADD to fetch packages from remote
URLs is strongly discouraged; you should use curl or wget instead.
That way you can delete the files you no longer need after they’ve
been extracted and you don’t have to add another layer in your image.
For example, you should avoid doing things like:
ADD https://example.com/big.tar.xz /usr/src/things/
RUN tar -xJf /usr/src/things/big.tar.xz -C /usr/src/things
RUN make -C /usr/src/things all
And instead, do something like:
RUN mkdir -p /usr/src/things \
&& curl -SL https://example.com/big.tar.xz \
| tar -xJC /usr/src/things \
&& make -C /usr/src/things all

Error installing Meteor on linux x86_64 chrome os

I am trying to install Meteor on the HP14 Chromebook. It is a linx x86_64 chrome os system.
Each time I try to install it I run into errors.
The first time I tried to install it the installer just downloaded the Meteor preengine but never downloaded the tarball or installed the actual meteor application structure.
So, I decided to try as sudo.
sudo curl https://install.meteor.com | /bin/sh
This definitely installed it because you can see it when ls
chronos#localhost ~/projects $ chronos#localhost ~/projects $ ls /home/chronos/user/.meteor/
bash: chronos#localhost: command not found
Now when I try to run meteor --version or meteor create myapp without sudo I get the following error.
````
chronos#localhost ~/projects $ meteor create myapp
'/home/chronos/user/.meteor' exists, but '/home/chronos/user/.meteor/meteor' is not executable.
Remove it and try again.
````
When I try to run sudo meteor --version or sudo meteor create myapp I get this error.
chronos#localhost ~/projects $ sudo meteor create myapp
mkdir: cannot create directory ‘/root/.meteor-install-tmp’: Read-only file system
Any ideas? Thinking I have to make that partition writeable. I made partition 4 writeable.
Put your chrome book into dev mode.
http://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices
Boot into dev mode.
ctrl-alt t to crosh
shell
sudo su -
cd /usr/share/vboot/bin/
./make_dev_ssd.sh --remove_rootfs_verification --partitions 4
reboot
After rebooting
sudo su -
mount -o remount,rw /
mount -o remount,exec /mnt/stateful_partition
Write yourself a read/write script
sudo vim /sbin/rw
#!/bin/bash
echo "Making FS Read/Write"
sudo mount -o remount,rw /
sudo mount -o remount,exec /mnt/stateful_partition
sudo mount -i -o remount,exec /home/chronos/user
echo "You should now have full Read/Write access"
exit
Change permissions on script
sudo chmod a+x /sbin/rw
Run to set read/write root
sudo rw
Install Meteor as indicated on www.meteor.com via curl and meteor create works!
Alternatively you can edit the chomeos_startup though that might not be the best idea. It is probably best to have read/write on demand as illustrated above.
cd /sbin sudo
sudo vim chromeos_startup
Go to lines 51 and 58 and remove the noexec options from the mount command.
Down at the bottom of the script, above the note about ureadahead and below the if statement, add in:
mount -o remount,exec /mnt/stateful_partition
#uncomment this to mount root r/w on boot
mount -o remount,rw /
Again, editing chromeos_startup probably isn't the best idea unless you are so lazy you can't type sudo rw.
Enjoy.
This is super easy to fix!!
Just run this (or put it in .bashrc or .zshrc to make it permanent):
sudo mount -i -o remount,exec /home/chronos/user
Based on your question (you are using sudo) I assume you already have Dev Mode enabled, which is required for the above sudo command to work.
ChromeOS mounts the home folder using the noexec option by default, and this command remounts it with exec instead. And boom, Meteor will work just fine after that (and so will a bunch of other programs running out of your home folder).
Original tip: https://github.com/dnschneid/crouton/issues/928

Resources