documentation in progress ($Id: pbuilder-doc.xml,v 1.47 2005/01/04 01:47:18 dancer Exp $)
Table of Contents
Table of Contents
pbuilder stands for Personal Builder, and it is a automatic Debian Package Building system for personal environments. pbuilder aims to be an easy-to-setup system for auto-building Debian packages inside a clean-room environment, so that it is possible to verify that a package can be built on most Debian installations. The clean-room environment is achieved through the use of a chroot image, so that only minimal packages will be installed inside the chroot.
The Debian distribution consists of free software accompanied with source. The source code within Debian's "main" section must build within Debian "main", with only the explicitly specified build-dependencies installed.
The primary aim of pbuilder is different from other auto-building systems in Debian in that its aim is not to try to build as many packages as possible. It does not try to guess what a package needs, and in most cases it tries the worst choice of all if there is a choice to be made.
In this way, pbuilder tries to ensure that packages tested against pbuilder will build properly in most Debian installations, hopefully resulting in a good overall Debian source-buildability.
The goal of making Debian buildable from source is somewhat accomplished, and has seen good progress. It is known that Debian 3.0 is not quite buildable from source, but the next version should be better, and the version after.
Table of Contents
pbuilder create will create a base chroot image. The distribution code-name needs to be specified with the --distribution command-line option. Usually, "sid" is used, and the default is now sid.
debootstrap is used to create the bare minimum Debian installation, and then build-essential packages are installed on top of the minimum installation using apt-get inside the chroot.
For fuller documentation of command-line options, see the pbuilder.8 manual page. Some configuration will be required for /etc/pbuilderrc for the mirror site [1] to use, and proxy configuration may be required to allow access through HTTP. See the pbuilderrc.5 manual page for details.
pbuilder update will update the chroot image. It will extract the chroot, invoke apt-get update and apt-get dist-upgrade inside the chroot, and then recreate the base tarball.
It is possible to switch the distribution which the chroot tarball is targeted at at this point. Specify --distribution sid --override-config to change the distribution to sid. [2]
For fuller documentation of command-line options, see the pbuilder.8 manual page
To build a package inside the chroot, invoke pbuilder build whatever.dsc. pbuilder will extract the chroot image to a temporary working directory, and satisfy the build-dependencies inside the chroot, and build the package. The built packages will be moved to a directory specified with the --buildresult command-line option.
The --basetgz option can be used to specify which chroot image to use.
pbuilder will extract a fresh chroot image created with pbuilder build and updated with pbuilder update, and populate the chroot with build-dependencies by parsing debian/control and invoking apt-get.
For fuller documentation of command-line options, see the pbuilder.8 manual page
pdebuild is a little wrapper script that does the most frequent of all tasks. A Debian Developer may try to do debuild, and build a package, inside a Debian source directory. pdebuild will allow similar control, and allow package to be built inside the chroot, to check that the current source tree will build happily inside the chroot.
pdebuild calls dpkg-source to build the source packages, and then invokes pbuilder on the resulting source package. However, unlike debuild, the resulting deb files will be found in the --buildresult directory.
See the pdebuild.1 manual page for more details.
There is a slightly different mode of operation available in pdebuild since version 0.97. pdebuild usually runs debian/rules clean outside of the chroot; however, it is possible to change the behavior to run it inside the chroot with the --use-pdebuild-internal. It will try to bind mount the working directory inside chroot, and run dpkg-buildpackage inside. It has the following characteristics, and thus cannot be made default.
The working directory is modified from inside the chroot.
Building with pdebuild does not guarantee that it works with pbuilder.
If making the source package fails, the session using the chroot is wasted (chroot creation takes a bit of time).
Does not work in the same manner as it used to; for example, --buildresult does not have any effect.
It is possible to specify all settings by command-line options. However, for typing convenience, it is possible to use a configuration file.
/etc/pbuilderrc and ${HOME}/.pbuilderrc are read in when pbuilder is invoked. The possible options are documented in the pbuilderrc.5 manual page.
It is useful to use --configfile option to load up a pre-set configuration file when switching between configuration files for different distributions.
pbuilder requires full root privilege when it is satisfying the build-dependencies, but most packages do not need root privilege, or fail to build when they are root. pbuilder can create a user which is only used inside pbuilder and use that user id when building, and use the fakeroot command when root privilege is required.
BUILDUSERID configuration option should be set to a value for a user id that does not already exist on the system, so that it is more difficult for packages that are being built with pbuilder to affect the environment outside the chroot. When BUILDUSERNAME configuration option is also set, pbuilder will use the specified user name and fakeroot for building packages, instead of running as root inside chroot.
Even when using the fakerooting method, pbuilder will run with root privilege when it is required. For example, when installing packages to the chroot, pbuilder will run under root privilege.
To be able to invoke pbuilder without being root, you need to use user-mode-linux, as explained in Chapter 3, Using User-mode-linux with pbuilder.
pbuilder can be used for back-porting software from the latest Debian distribution to the older stable distribution, by using a chroot that contains an image of the older distribution, and building packages inside the chroot. There are several points to consider, and due to the following reasons, automatic back-porting is usually not possible, and manual interaction is required:
The package from the unstable distribution may depend on packages or versions of packages which are only available in unstable. Thus, it may not be possible to satisfy Build-Depends: on stable (without additional backporting work).
The stable distribution may have bugs that have been fixed in unstable which need to be worked around.
The package in the unstable distribution may have problems building even on unstable.
pbuilder can be automated, because its operations are non-interactive. It is possible to run pbuilder through multiple packages non-interactively. Several such scripts are known to exist. Junichi Uekawa has been running such a script since 2001, and has been filing bugs on packages that fail the test of pbuilder. There were several problems with auto-building:
Build-Dependencies need to install non-interactively, but some packages are so broken that they cannot install without interaction (like postgresql).
When a library package breaks, or gcc/gcj/g++ breaks, or even bison, a large number of build failures are reported. (gcj-3.0 which had no "javac", bison which got more strict, etc.)
Some people were quite hostile against build failure reports.
But most of these problems are now getting solved. Only about 10% of Debian now fails to build from source (29 Dec 2002).
A script that was used by Junichi Uekawa is now included in the pbuilder distribution, as pbuildd.sh. It is available in /usr/share/doc/pbuilder/examples/pbuildd/ and its configuration is in /etc/pbuilder/pbuildd-config.sh. It should be easy enough to set up for people who are used to pbuilder. It has been running for quite a while, and it should be possible to set the application up on your system also. However, it is a new introduction, and please file bugs to the Debian BTS if you know of possible problems, or improved on the script considerably.
To set up pbuildd, there are some points to be aware of.
A file ./avoidlist needs to be available with the list of packages to avoid building.
It will try building anything, even packages which are not aimed for your architecture.
Because you are running random build scripts, it is better to use the fakeroot option of pbuilder, to avoid running the build under root privilege.
Because not all builds are guaranteed to finish in a finite time, setting a timeout is probably necessary, or pbuildd may stall with a bad build.
Some packages require a lot of disk space, around 2GB seems to be sufficient for the largest packages for the time being. If you find otherwise, please inform the maintainer of this documentation.
There are some people who use pbuilder to automatically back-port a subset of packages to the stable distribution.
I would like some information on how people are doing it, I would appreciate any feedback or information on how you are doing, or any examples.
pbuilder can be used for automated testing of packages. It has the feature of allowing hooks to be placed, and these hooks can try to install packages inside the chroot, or run them, or whatever else that can be done. Some known tests and ideas:
Automatic install-remove-upgrade-remove-install-purge-upgrade-purge testsuite (distributed as an example, B91dpkg-i), or just check that everything installs somewhat (execute_installtest.sh).
Automatically running lintian/linda (distributed as an example in /usr/share/doc/pbuilder/examples/B90linda).
Automatic debian-test of the package? The debian-test package has been removed from Debian. Someone please reintroduce it.
Most packages are compiled with gcc or g++ and using the default compiler version, which was gcc 2.95 for Debian GNU/Linux 3.0 (i386). However, Debian 3.0 was distributed with other compilers, under package names such as gcc-3.2 for gcc compiler version 3.2. It was therefore possible to try compiling packages against different compiler versions. pentium-builder provides an infrastructure for using a different compiler for building packages than the default gcc, by providing a wrapper script called gcc which calls the real gcc. To use pentium-builder in pbuilder, it is possible to set up the following in the configuration:
EXTRAPACKAGES="pentium-builder gcc-3.2 g++-3.2" export DEBIAN_BUILDARCH=athlon export DEBIAN_BUILDGCCVER=3.2
It will instruct pbuilder to install the pentium-builder package and also the GCC 3.2 compiler packages inside the chroot, and set the environment variables required for pentium-builder to function.
Table of Contents
It is possible to use user-mode-linux by invoking pbuilder-uml instead of pbuilder. pbuilder-uml doesn't require root privileges, and it uses the copy-on-write (COW) disk access method of User-mode-linux which typically makes it much faster than the traditional pbuilder.
User-mode-linux is a somewhat less proven platform than the standard Unix tools which pbuilder relies on (chroot, tar, and gzip) but mature enough to support pbuilder-uml since its version 0.59. And since then, pbuilder-uml has seen a rapid evolution.
The configuration of pbuilder-uml goes in three steps:
Configuration of user-mode-linux
Configuration of rootstrap
Configuration of pbuilder-uml
UML isn't completely trivial to set up. It would probably be useful to acquaint yourself with it a bit before attempting to use rootstrap or pbuilder-uml. For details, read /usr/share/doc/uml-utilities/README.Debian and the user-mode-linux documentation. (It's in a separate package, user-mode-linux-doc.)
user-mode-linux requires the user to be in the uml-net group in order to configure the network unless you are using slirp.
If you compile your own kernel, you may want to verify that you enable TUN/TAP support, and you might want to consider the SKAS patch.
rootstrap is a wrapper around debootstrap. It creates a Debian disk image for use with UML. To configure rootstrap, there are several requirements.
Install the rootstrap package.
TUN/TAP only: add the user to the uml-net group to allow access to the network
adduser dancer uml-net
TUN/TAP only: Check that the kernel supports the TUN/TAP interface, or recompile the kernel if necessary.
Set up /etc/rootstrap/rootstrap.conf. For example, if the current host is 192.168.1.2, changing following entries to something like this seems to work.
transport=tuntap interface=eth0 gateway=192.168.1.1 mirror=http://192.168.1.2:8081/debian host=192.168.1.198 uml=192.168.1.199 netmask=255.255.255.0
Some experimentation with configuration and running rootstrap ~/test.uml to actually test it would be handy.
Using slirp requires less configuration. The default configuration comes with a working example.
The following needs to happen:
Install the pbuilder-uml package.
Set up the configuration file /etc/pbuilder/pbuilder-uml.conf in the following manner. It will be different for slirp.
MY_ETH0=tuntap,,,192.168.1.198 UML_IP=192.168.1.199 UML_NETMASK=255.255.255.0 UML_NETWORK=192.168.1.0 UML_BROADCAST=255.255.255.255 UML_GATEWAY=192.168.1.1 PBUILDER_UML_IMAGE="/home/dancer/uml-image"
Also, it needs to match the rootstrap configuration.
Make sure BUILDPLACE is writable by the user. Change BUILDPLACE in the configuration file to a place where the user has access.
Run pbuilder-user-mode-linux create --distribution sid to create the image.
Try running pbuilder-user-mode-linux build.
pbuilder-user-mode-linux emulates most of pbuilder, but there are some differences.
pbuilder-user-mode-linux does not support all options of pbuilder properly yet. This is a problem, and will be addressed as specific areas are discovered.
/tmp is handled differently inside pbuilder-uml. In pbuilder-uml, /tmp is mounted as tmpfs inside UML, so accessing files under /tmp from outside user-mode-linux does not work. It affects options like --configfile, and when trying to build packages placed under /tmp.
To run pbuilder-uml in parallel on a system, there are a few things to bear in mind.
The create and update methods must not be run when a build is in progress, or the COW file will be invalidated.
If you are not using slirp, UML processes which are running in parallel need to have different IP addresses. Just trying to run the pbuilder-uml several times will result in failure to access the network. But something like the following will work:
for IP in 102 103 104 105; do
xterm -e pbuilder-user-mode-linux build --uml-ip 192.168.0.$IP \
20030107/whizzytex_1.1.1-1.dsc &
done
When using slirp, this problem does not exist.
It is possible to use pbuilder-uml for other uses than just building Debian packages. pbuilder-user-mode-linux login will let a user use a shell inside the user-mode-linux pbuilder base image, and pbuilder-user-mode-linux execute will allow the user to execute a script inside the image.
You can use the script to install ssh and add a new user, so that it is possible to access inside the UML through ssh.
Note that it is not possible to use a script from /tmp due to the way pbuilder-uml mounts a tmpfs at /tmp.
The following example script may be useful in starting a sshd inside uml.
#!/bin/bash
apt-get install -y ssh xbase-clients xterm
echo "enter root password"
passwd
cp /etc/ssh/sshd_config{,-}
sed 's/X11Forwarding.*/X11Forwarding yes/' /etc/ssh/sshd_config- > /etc/ssh/sshd_config
/etc/init.d/ssh restart
ifconfig
echo "Hit enter to finish"
read
Table of Contents
Here, known problems and frequently asked questions are documented. This portion was initially available in README.Debian file, but moved here.
It often happens that pbuilder cannot create the latest chroot. Try upgrading pbuilder and debootstrap. It is currently only possible to create software that handles the past. Future prediction is a feature which may be added later after we have become comfortable with the past.
There are people who occasionally backport debootstrap to stable versions; hunt for them.
When there are errors with the debootstrap phase, the debootstrap script needs to be fixed. pbuilder does not provide a way to work around debootstrap.
Because of the way pbuilder works, there are several directories which cannot be bind-mounted when running pbuilder. The directories include /tmp, /var/cache/pbuilder, and system directories such as /etc and /usr. The recommendation is to use directories under the user's home directory for bind-mounts.
It is sometimes necessary to modify the chroot environment. login will remove the contents of the chroot after logout. It is possible to invoke a shell using hook scripts. pbuilder update executes 'E' scripts, and a sample for invoking a shell is provided as C10shell.
$ mkdir ~/loginhooks
$ cp C10shell ~/loginhooks/E10shell
$ sudo pbuilder update --hookdir ~/loginhooks/E10shell
It is also possible to add --save-after-exec and/or --save-after-login options to the pbuilder login session to accomplish the goal. It is possible to add the --uml-login-nocow option to pbuilder-user-mode-linux login session as well.
It is possible to set BUILDRESULTUID=$SUDO_UID in pbuilderrc to set the proper BUILDRESULTUID when using sudo.
If you are setting $TMPDIR to an unusual value, of other than /tmp, you will find that some errors may occur inside the chroot, such as dpkg-source failing.
There are two options, you may install a hook to create that directory, or set
export TMPDIR=/tmp
in pbuilderrc. Take your pick.
An example script is provided as examples/D10tmp with pbuilder.
When working with multiple chroots, it would be nice to work with scripts that reduce the amount of typing. An example script pbuilder-distribution.sh is provided as an example. Invoking the script as pbuilder-woody will invoke pbuilder with a woody chroot.
If you have some very specialized requirements on your apt setup inside pbuilder, it is possible to specify that through the --othermirror option. Try something like: --othermirror "deb http://local/mirror stable main|deb-src http://local/source/repository ./"
To use the local filesystem instead of http, it is necessary to do bind-mounting. --bindmounts is a command-line option useful for such cases.
You can use hook scripts for this. D scripts are run before satisfying build-dependency.
To make distinguishing bash prompts inside pbuilder easier, it is possible to set environment variables such as PS1 inside pbuilderrc
With versions of bash more recent than 2.05b-2-15, the value of the debian_chroot variable, if set, is included in the value of PS1 (the Bash prompt) inside the chroot. In prior versions of bash,[3] setting PS1 in pbuilderrc worked.
example of debian_chroot
export debian_chroot="pbuild$$"
example os PS1
export PS1="pbuild chroot 32165 # "
For the help of low-bandwidth systems, it is possible to use /var/cache/apt/archives as the package cache. Just specify it instead of the default /var/cache/pbuilder/aptcache.
It is however not possible to do so currently with the user-mode-linux version of pbuilder, because /var/cache/apt/archives is usually only writable by root.
Use of dedicated tools such as apt-proxy is recommended, since caching of packages would benefit the system outside the scope of pbuilder.
It is known that Brian May does a backport of pbuilder, available at:
deb http://www.microcomaustralia.com.au/debian/ woody main
You might see a lot of warning messages when running pbuilder.
dpkg-genchanges: warning: no utmp entry available and LOGNAME not defined; using uid of process (1234)
It is currently safe to ignore this warning message. Please report back if you find any problem with having LOGNAME unset. Setting LOGNAME caused a few problems when invoking chroot.
pbuilder does not currently allow Build-Conflicts against essential packages. It should be obvious that essential packages should not be removed from a working Debian system, and a source package should not try to force removal of such packages on people building the package.
By default, pbuilder uses hard links to manage the pbuilder package cache. It is not possible to make hard links across different devices; and thus this error will occur, depending on your set up. If this happens, set
APTCACHEHARDLINK=no
in your pbuilderrc file.
It is possible to use fakechroot instead of being root to run pbuilder; however, several things make this impractical. fakechroot overrides library loads and tries to override default libc functions when providing the functionality of virtual chroot. However, some binaries do no use libc to function, or override the overriding provided by fakechroot. One example is ldd. Inside fakechroot, ldd will check the library dependency outside of the chroot, which is not the expected behavior.
To work around the problem, fakechroot provides a patch for debootstrap. Use that, so that ldd and ldconfig are overridden.
Make sure you have set your path correctly, as described in /usr/share/doc/fakechroot/README.Debian
To use debconf inside pbuilder, setting DEBIAN_FRONTEND to “readline” in pbuilderrc should work. Setting it to “dialog” should also work, but make sure whiptail or dialog is installed inside the chroot.
If you see messages such as this when building a chroot, you are mounting the filesystem with the nodev option.
/var/lib/dpkg/info/base-files.postinst: /dev/null: Permission denied
You will also have problems if you mount the filesystem with the noexec option, or nosuid. Make sure you do not have these flags set when mounting the filesystem for /var/cache/pbuilder or $BUILDPLACE.
This is not a problem when using User-mode-linux.
pbuilder is often slow. The slowest part of pbuilder is extracting the tar.gz every time pbuilder is invoked. That can be avoided by using pbuilder-user-mode-linux. pbuilder-user-mode-linux uses COW filesystem, and thus does not need to clean up and recreate the root filesystem.
pbuilder-user-mode-linux is slower in executing the actual build system, due to the usual user-mode-linux overhead for system calls. It is more friendly to the hard drive.
You may want a sign that you are inside a chroot, when working with chroot. Check out the examples/F90chrootmemo hook script. It will create a file called /CHROOT inside your chroot.
Table of Contents
There are cases when some small experimenting is required, and you do not want to damage the main system, like when installing experimental library packages, or compiling with experimental compilers. For such cases, the pbuilder login command is available.
pbuilder login is a debugging feature for pbuilder itself, but it also allows users to have a temporary chroot.
Note that the chroot is cleaned after logging out of the shell, and mounting file systems inside it is considered harmful.
To facilitate using pbuilder for other uses, pbuilder execute is available. pbuilder execute will take a script specified in the command-line argument, and invoke the script inside the chroot.
The script can be useful for sequences of operations such as installing ssh and adding a new user inside the chroot.
Table of Contents
There are some advanced features, above that of the basic feature of pbuilder, for some specific purposes.
LVM has a snapshot function that features Copy-on-write images. That could be used for pbuilder just as it can be used for the user-mode-linux pbuilder port. It may prove to be faster, but it is not implemented yet, and so no measurement has been made, yet.
Since user-mode-linux port seems to be more interesting, this is abandoned.
The --no-targz option of pbuilder will allow usage of pbuilder in a different way from conventional usage. It will try to use an existing chroot, and will not try to clean up after working on it. It is an operation mode more like sbuild.
It should be possible to create chroot images for dchroot with the following commands:
# pbuilder create --distribution potato --no-targz --basetgz /chroot/potato # pbuilder create --distribution woody --no-targz --basetgz /chroot/woody # pbuilder create --distribution sid --no-targz --basetgz /chroot/sid
Table of Contents
This document was started on 28 Dec 2002 by Junichi Uekawa, trying to document what is known about pbuilder.
This documentation is available from the pbuilder source tarball, and from the CVS repository of pbuilder (web-based acces is possible). A copy of this documentation can be found on the Netfort page for pbuilder. The homepage for pbuilder is http://www.netfort.gr.jp/~dancer/software/pbuilder.html
The following is a most possibly inaccurate account of how pbuilder came to happen, and other attempts to make something like pbuilder happen. This part of the document was originally in the AUTHORS file, to give credit to those who existed before pbuilder.
There was once dbuild, which was a shell script to build Debian packages from source. Lars Wirzenius wrote that script, and it was good, short, and simple (probably). There was nothing like build-depends then (I think), and it was simple. It could have been improved, I could only find references and no actual source.
debbuild was probably written by James Troup. I don't know it because I have never seen the actual code, I could only find some references to it on the net, and mailing list logs.
sbuild is a perl script to build Debian packages from source. It parses Build-Depends, and performs other miscellaneous checks, and has a lot of hacks to actually get things building, including a table of what package to use when virtual packages are specified (does it do that still?). It supports the use of a local database for packages which do not have build-dependencies. It was written by Ronan Hodek, and I think it was patched and fixed and extended by several people. It is part of wanna-build, and used extensively in the Debian buildd system. I think it was maintained mostly by Ryan Murray.
wanna-build (sbuild) was (at the time of year 2001) quite difficult to set up, and it was never a Debian package. dbuild was something that predated Build-Depends.
Building packages from source using Build-Depends information within a chroot sounded trivial; and pbuilder was born. It was initially a shell script with only a few lines, which called debootstrap and chroot and dpkg-buildpackage in the same run, but soon, it was decided that that's too slow.
Yes, and it took almost an year to get things somewhat right, and in the middle of the process, Debian 3.0 was released. Yay. Debian 3.0 wasn't completely buildable with pbuilder, but the amount of packages which are not buildable is steadily decreasing. (I hope)
Someone wanted pbuilder to not run as root, and as User-mode-linux has become more useful as time passed, I've started experimenting with pbuilder-uml. pbuilder-uml has not been able to run as often as it should, and bootstrapping user-mode-linux environment has been pretty hard.
The third and fourth year is already here. pbuilder is widely adopted, and activity is focused on fixing minor problems. Some features have been added, but most of the work has been filling in the missing portions of the user-mode-linux port.