net/test/rootfs/stretch.sh - kernel/tests - Git at Google

 #!/bin/bash
 #
 # Copyright (C) 2018 The Android Open Source Project
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #

 set -e

 SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd -P)

 . $SCRIPT_DIR/common.sh

 chroot_sanity_check

 cd /root

 # Add the needed debian sources
 cat >/etc/apt/sources.list <<EOF
 deb http://ftp.debian.org/debian stretch main
 deb-src http://ftp.debian.org/debian stretch main
 deb http://ftp.debian.org/debian stretch-backports main
 deb-src http://ftp.debian.org/debian stretch-backports main
 deb http://ftp.debian.org/debian buster main
 deb-src http://ftp.debian.org/debian buster main
 EOF

 # Make sure apt doesn't want to install from buster by default
 cat >/etc/apt/apt.conf.d/80default <<EOF
 APT::Default-Release "stretch";
 EOF

 # Disable the automatic installation of recommended packages
 cat >/etc/apt/apt.conf.d/90recommends <<EOF
 APT::Install-Recommends "0";
 EOF

 # Deprioritize buster, so it must be specified manually
 cat >/etc/apt/preferences.d/90buster <<EOF
 Package: *
 Pin: release a=buster
 Pin-Priority: 90
 EOF

 # Update for the above changes
 apt-get update

 # Install python-scapy from buster, because stretch's version is broken
 apt-get install -y -t buster python-scapy

 # Note what we have installed; we will go back to this
 LANG=C dpkg --get-selections | sort >originally-installed

 # Install everything needed from stretch to build iptables
 apt-get install -y \
   build-essential \
   autoconf \
   automake \
   bison \
   debhelper \
   devscripts \
   fakeroot \
   flex \
   libmnl-dev \
   libnetfilter-conntrack-dev \
   libnfnetlink-dev \
   libnftnl-dev \
   libtool

 # Install newer linux-libc headers (these are from 4.16)
 apt-get install -y -t stretch-backports linux-libc-dev

 # We are done with apt; reclaim the disk space
 apt-get clean

 # Construct the iptables source package to build
 iptables=iptables-1.6.1
 mkdir -p /usr/src/$iptables

 cd /usr/src/$iptables
 # Download a specific revision of iptables from AOSP
 aosp_iptables=android-wear-p-preview-2
 wget -qO - \
   https://android.googlesource.com/platform/external/iptables/+archive/$aosp_iptables.tar.gz | \
   tar -zxf -
 # Download a compatible 'debian' overlay from Debian salsa
 # We don't want all of the sources, just the Debian modifications
 debian_iptables=1.6.1-2_bpo9+1
 debian_iptables_dir=pkg-iptables-debian-$debian_iptables
 wget -qO - \
   https://salsa.debian.org/pkg-netfilter-team/pkg-iptables/-/archive/debian/$debian_iptables/$debian_iptables_dir.tar.gz | \
   tar --strip-components 1 -zxf - \
   $debian_iptables_dir/debian
 cd -

 cd /usr/src
 # Generate a source package to leave in the filesystem. This is done for license
 # compliance and build reproducibility.
 tar --exclude=debian -cf - $iptables | \
   xz -9 >`echo $iptables | tr -s '-' '_'`.orig.tar.xz
 cd -

 cd /usr/src/$iptables
 # Build debian packages from the integrated iptables source
 dpkg-buildpackage -F -us -uc
 cd -

 # Record the list of packages we have installed now
 LANG=C dpkg --get-selections | sort >installed

 # Compute the difference, and remove anything installed between the snapshots
 dpkg -P `comm -3 originally-installed installed | sed -e 's,install,,' -e 's,\t,,' | xargs`

 cd /usr/src
 # Find any packages generated, resolve to the debian package name, then
 # exclude any compat, header or symbol packages
 packages=`find -maxdepth 1 -name '*.deb' | colrm 1 2 | cut -d'_' -f1 |
           grep -ve '-compat$\|-dbg$\|-dbgsym$\|-dev$' | xargs`
 # Install the patched iptables packages, and 'hold' then so
 # "apt-get dist-upgrade" doesn't replace them
 dpkg -i `
 for package in $packages; do
   echo ${package}_*.deb
 done | xargs`
 for package in $packages; do
   echo "$package hold" | dpkg --set-selections
 done
 # Tidy up the mess we left behind, leaving just the source tarballs
 rm -rf $iptables *.buildinfo *.changes *.deb *.dsc
 cd -

 # Ensure a getty is spawned on ttyS0, if booting the image manually
 ln -s /lib/systemd/system/serial-getty\@.service \
   /etc/systemd/system/getty.target.wants/serial-getty\@ttyS0.service

 # systemd needs some directories to be created
 mkdir -p /var/lib/systemd/coredump /var/lib/systemd/rfkill

 # Finalize and tidy up the created image
 chroot_cleanup
	#!/bin/bash
	#
	# Copyright (C) 2018 The Android Open Source Project
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	#

	set -e

	SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd -P)

	. $SCRIPT_DIR/common.sh

	chroot_sanity_check

	cd /root

	# Add the needed debian sources
	cat >/etc/apt/sources.list <<EOF
	deb http://ftp.debian.org/debian stretch main
	deb-src http://ftp.debian.org/debian stretch main
	deb http://ftp.debian.org/debian stretch-backports main
	deb-src http://ftp.debian.org/debian stretch-backports main
	deb http://ftp.debian.org/debian buster main
	deb-src http://ftp.debian.org/debian buster main
	EOF

	# Make sure apt doesn't want to install from buster by default
	cat >/etc/apt/apt.conf.d/80default <<EOF
	APT::Default-Release "stretch";
	EOF

	# Disable the automatic installation of recommended packages
	cat >/etc/apt/apt.conf.d/90recommends <<EOF
	APT::Install-Recommends "0";
	EOF

	# Deprioritize buster, so it must be specified manually
	cat >/etc/apt/preferences.d/90buster <<EOF
	Package: *
	Pin: release a=buster
	Pin-Priority: 90
	EOF

	# Update for the above changes
	apt-get update

	# Install python-scapy from buster, because stretch's version is broken
	apt-get install -y -t buster python-scapy

	# Note what we have installed; we will go back to this
	LANG=C dpkg --get-selections \| sort >originally-installed

	# Install everything needed from stretch to build iptables
	apt-get install -y \
	build-essential \
	autoconf \
	automake \
	bison \
	debhelper \
	devscripts \
	fakeroot \
	flex \
	libmnl-dev \
	libnetfilter-conntrack-dev \
	libnfnetlink-dev \
	libnftnl-dev \
	libtool

	# Install newer linux-libc headers (these are from 4.16)
	apt-get install -y -t stretch-backports linux-libc-dev

	# We are done with apt; reclaim the disk space
	apt-get clean

	# Construct the iptables source package to build
	iptables=iptables-1.6.1
	mkdir -p /usr/src/$iptables

	cd /usr/src/$iptables
	# Download a specific revision of iptables from AOSP
	aosp_iptables=android-wear-p-preview-2
	wget -qO - \
	https://android.googlesource.com/platform/external/iptables/+archive/$aosp_iptables.tar.gz \| \
	tar -zxf -
	# Download a compatible 'debian' overlay from Debian salsa
	# We don't want all of the sources, just the Debian modifications
	debian_iptables=1.6.1-2_bpo9+1
	debian_iptables_dir=pkg-iptables-debian-$debian_iptables
	wget -qO - \
	https://salsa.debian.org/pkg-netfilter-team/pkg-iptables/-/archive/debian/$debian_iptables/$debian_iptables_dir.tar.gz \| \
	tar --strip-components 1 -zxf - \
	$debian_iptables_dir/debian
	cd -

	cd /usr/src
	# Generate a source package to leave in the filesystem. This is done for license
	# compliance and build reproducibility.
	tar --exclude=debian -cf - $iptables \| \
	xz -9 >`echo $iptables \| tr -s '-' '_'`.orig.tar.xz
	cd -

	cd /usr/src/$iptables
	# Build debian packages from the integrated iptables source
	dpkg-buildpackage -F -us -uc
	cd -

	# Record the list of packages we have installed now
	LANG=C dpkg --get-selections \| sort >installed

	# Compute the difference, and remove anything installed between the snapshots
	dpkg -P `comm -3 originally-installed installed \| sed -e 's,install,,' -e 's,\t,,' \| xargs`

	cd /usr/src
	# Find any packages generated, resolve to the debian package name, then
	# exclude any compat, header or symbol packages
	packages=`find -maxdepth 1 -name '*.deb' \| colrm 1 2 \| cut -d'_' -f1 \|
	grep -ve '-compat$\\|-dbg$\\|-dbgsym$\\|-dev$' \| xargs`
	# Install the patched iptables packages, and 'hold' then so
	# "apt-get dist-upgrade" doesn't replace them
	dpkg -i `
	for package in $packages; do
	echo ${package}_*.deb
	done \| xargs`
	for package in $packages; do
	echo "$package hold" \| dpkg --set-selections
	done
	# Tidy up the mess we left behind, leaving just the source tarballs
	rm -rf $iptables .buildinfo .changes .deb .dsc
	cd -

	# Ensure a getty is spawned on ttyS0, if booting the image manually
	ln -s /lib/systemd/system/serial-getty\@.service \
	/etc/systemd/system/getty.target.wants/serial-getty\@ttyS0.service

	# systemd needs some directories to be created
	mkdir -p /var/lib/systemd/coredump /var/lib/systemd/rfkill

	# Finalize and tidy up the created image
	chroot_cleanup