本篇文章根据How to prepare patches for Debian packages和UsingQuilt整理而成。
quilt的历史非常悠久,具体可以追溯到Alro?(内核-mm tree的维护者)开发然后被应用到kernel开发中,所以说,Debian社区真的很厉害的。好了,废话不多说,直接说主题。
以下阐述是基于 apt source src-pkg 操作下进行的。apt source xx会自动apply patch根据package里面的配置文件。
vimer@unmatched-local:~/04/rust-ring/rust-ring-0.16.9$ cat ~/.quiltrc
QUILT_PATCHES=debian/patches
QUILT_NO_DIFF_INDEX=1
QUILT_NO_DIFF_TIMESTAMPS=1
QUILT_REFRESH_ARGS="-p ab"
QUILT_DIFF_ARGS="--color=auto" # If you want some color when using `quilt diff`.
QUILT_PATCH_OPTS="--reject-format=unified"
QUILT_COLORS="diff_hdr=1;32:diff_add=1;34:diff_rem=1;31:diff_hunk=1;33:diff_ctx=35:diff_cctx=33"
d=. ; while [ ! -d $d/debian -a `readlink -e $d` != / ]; do d=$d/..; done
if [ -d $d/debian ] && [ -z $QUILT_PATCHES ]; then
# if in Debian packaging tree with unset $QUILT_PATCHES
QUILT_PATCHES="debian/patches"
if ! [ -d $d/debian/patches ]; then mkdir $d/debian/patches; fi
fi
quilt push -a # applying all patches onto the source code tree
quilt new xx.patch # 这个意思是新建一个xx.patch
quilt add xx # for example, README, *.c, It can add multi files
quilt refresh # 更新xx.patch
quilt header -e # edits the header in $EDITOR
quilt pop -a # 退出所有的patch,包括刚才新建的patch
此时这个时候在 debian/patches目录下就会有了刚才我们命名为xx.patch的patch,以及在series文件中也有当前的patch.
比如说,我们的前一个patch没有解决问题,那应该怎么办?当然是在前一个patch的基础上去搞定,而不需要新建一个patch。
这里仔细讲解quilt命令的各个用法,这个工具掌握之后,在处理debian的patch时会更加得心用手。
在debian/patch/目录下,有几个patch文件和series文件,其中,series文件就是patch文件的记录文件。我们把上面的quiltrc文件写好后,就可以直接使用了。
vimer@dev:~/$ ls debian/patches/
Don-t-try-SIMD-on-non-x86-processors-not-implemented-yet.patch Don-t-use-RPATH.patch Install-libs-in-multi-arch-path.patch series
然后 series:
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt series
Install-libs-in-multi-arch-path.patch
Don-t-use-RPATH.patch
Don-t-try-SIMD-on-non-x86-processors-not-implemented-yet.patch
说明 quilt可以有这些patches进行操作。
quilt push -a
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt push -a # push all patch into
File series fully applied, ends at patch Don-t-try-SIMD-on-non-x86-processors-not-implemented-yet.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt applied # display patches that was applied
Install-libs-in-multi-arch-path.patch
Don-t-use-RPATH.patch
Don-t-try-SIMD-on-non-x86-processors-not-implemented-yet.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt unapplied display patches that was unapplied
File series fully applied, ends at patch Don-t-try-SIMD-on-non-x86-processors-not-implemented-yet.patch
如果我们想修改第二个patch: Don-t-use-RPATH.patch怎么办,有两种方式:
方式: quilt push -a && push -f patch xx
这种方式会把 -f patch 之前的patch也打上:
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt push Don-t-use-RPATH.patch
Applying patch Install-libs-in-multi-arch-path.patch
patching file CMakeLists.txt
Applying patch Don-t-use-RPATH.patch
patching file CMakeLists.txt
Now at patch Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt applied
Install-libs-in-multi-arch-path.patch
Don-t-use-RPATH.patch
quilt top查看在哪个patch上:
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt top
Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt files Don-t-use-RPATH.patch -lv
[Don-t-use-RPATH.patch] CMakeLists.txt
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt top
Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt add Doxyfile.in
File Doxyfile.in added to patch Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ vim Doxyfile.in
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt refresh
Refreshed patch Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt files Don-t-use-RPATH.patch -vl
[Don-t-use-RPATH.patch] CMakeLists.txt
[Don-t-use-RPATH.patch] Doxyfile.in
如果删除一个文件呢:
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt top
Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt remove Doxyfile.in
File Doxyfile.in removed from patch Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt refresh
Refreshed patch Don-t-use-RPATH.patch
vimer@dev:~/build/05/20_wsclean/wsclean-3.0$ quilt files Don-t-use-RPATH.patch -lv
[Don-t-use-RPATH.patch] CMakeLists.txt
则真就把改动的文件删除了。
quilt header --dep3 -e
# to add DEP-3 meta-information to your patch header.
https://dep-team.pages.debian.net/deps/dep3/
目前的Debian有一个机制,就是如果影响了RC的package,在一定时间内没有修复ftbfs的issue,会自动从testing 队列中删除,具体的邮件参考这里
摘抄如下 :
—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256
As we announced, we are going to start automatic removals from testing of some RC buggy packages, to help lower the number of outstanding RC bugs which affect the jessie release. We would like to emphasise that we obviously prefer to have fixes for the outstanding RC bugs, and that (auto)removing packages is only used as a last resort.
Packages which have RC bugs that are present in both testing and unstable, and which have no recent activity (currently this means no activity in the last 14 days) will be checked for removal.
If the packages are on the list of “key packages”[KEY-PACKAGES], they will be excluded from automatic removal. Also packages which have reverse (build-)dependencies in testing, will currently also be excluded from automatic removal.
Should your package suffer from an RC bug which needs more time to get fixed, the specific bug can be temporarily whitelisted. Please file a bug against release.debian.org with an explanation for the delay; these exceptions will granted on a case-by-case basis.
For packages which are marked for autoremoval 10 days in a row, removal hints will be added. These packages will usually be removed from testing fairly soon after that. You can see if any of your packages might be candidates for removals at [AUTO-RM-CANDIDIATES]. We activated the auto-removals at the time of this announcement, however until the 2013-10-15, the usual autoremoval delay of 10 days will be extended to 15 days, so you have some time to fix any outstanding issues.
If packages get autoremoved from testing, they can get back in when the RC bugs are fixed, using the same rules that apply to other packages. In most cases, this means that the fix can get back into testing after the usual 10-day waiting period.
Please note that packages which are excluded from automatic removal could still be manually removed from testing.
We would like to thank Ivo De Decker writing the actual implementation for finding these auto-removable packages.
Niels, on behalf of the Release Team.
[KEY-PACKAGES] http://udd.debian.org/cgi-bin/key_packages.yaml.cgi
[AUTO-RM-CANDIDATES] http://udd.debian.org/cgi-bin/autoremovals.cgi “dd-list”-like of packages considered for auto removals.
For automatic processing, use http://udd.debian.org/cgi-bin/autoremovals.yaml.cgi —–BEGIN PGP SIGNATURE—–
Debian有很多资料没有document,但是他们开发者自己还是很清楚的,差别就在于他们一直在伴随着DEbian的开发。
其实,开源社区的进展,什么都遵循上面的原理。
这与debian riscv不相关,但是我把它记录在这里了。
之前在使用一些闭源的驱动时,可以安装firmware的方式去做,目前,debian社区对这一议题的讨论再次热闹起来。当然,站在新手的角度看,只能慢慢消化他们在讨论的什么东西 :(
There is a list of libre firmware projects on this page:
https://wiki.debian.org/Firmware/Open
最开始的mail来自这里。
Debian支持non-free的劣势是:
1. Building, testing and publishing two sets of images takes more effort.
2. We don't really want to be providing non-free images at all, from a
philosophy point of view. So we mainly promote and advertise the preferred
official free images. That can be a cause of confusion for users. We do
link to the non-free images in various places, but they're not so easy to
find.
3. Using non-free installation media will cause more installations to use
non-free software by default. That's not a great story for us, and we may
end up with more of our users using non-free software and believing that
it's all part of Debian.
4. A number of users and developers complain that we're wasting their time by
publishing official images that are just not useful for a lot (a majority?)
of users.
开发者给出了几个options:
1. Keep the existing setup. It's horrible, but maybe it's the best we can do?
(I hope not!)
2. We could just stop providing the non-free unofficial images altogether.
That's not really a promising route to follow - we'd be making it even
harder for users to install our software. While ideologically pure, it's
not going to advance the cause of Free Software.
3. We could stop pretending that the non-free images are unofficial, and maybe
move them alongside the normal free images so they're published together.
This would make them easier to find for people that need them, but is
likely to cause users to question why we still make any images without
firmware if they're otherwise identical.
4. The images team technically could simply include non-free into the official
images, and add firmware packages to the input lists for those images.
However, that would still leave us with problem 3 from above (non-free
generally enabled on most installations).
5. We could split out the non-free firmware packages into a new
non-free-firmware component in the archive, and allow a specific exception
only to allow inclusion of those packages on our official media. We would
then generate only one set of official media, including those non-free
firmware packages.
为了提高对debian-ports等相关资源的访问速度,在本地sync debian-ports mirror是一个可选项。
# 添加专属用户
adduser --disabled-password debian_sync
# 创建mirrors目录( 根据实际需要更改)
mkdir -p /home/debian_sync/mirrors/debian
chown -R debian_sync:debian_sync /home/debian_sync/mirrors
su - debian_sync
Debian官方提供一个一套sync的脚本,可以使用deb安装。不过,为了自定义方便配置,我们使用git下载脚本。
git clone [email protected]:mirror-team/archvsync.git
进入debian_sync 的主目录下, 将archvsync目录下的两个目录copy 到debian_sync下的主目录:
cp -r archvsync/etc .
cp -r archvsync/bin .
etc目录是archvsync相关的配置文件,bin目录是相关的执行脚本。因为我们sync的是debian-ports,而ftpsync是原生支持ports的sync,所以,我们需要更改下相关的配置。
首先,创建ftpsync-ports.conf文件:
cp ftpsync.conf ftpsync-ports.conf
接着我们需要配置该文件中的关键信息:
MIRRORNAME=`hostname -f`
TO="/home/debian_sync/mirrors/debian/"
# MAILTO="$LOGNAME"
# HUB=false
########################################################################
## Connection options
########################################################################
RSYNC_HOST=ftp.de.debian.org
RSYNC_PATH=debian-ports
# RSYNC_USER=
# RSYNC_PASSWORD=
########################################################################
## Mirror information options
########################################################################
# INFO_MAINTAINER="Admins <[email protected]>, Person <[email protected]>"
# INFO_SPONSOR="Example <https://example.com>"
# INFO_COUNTRY=DE
# INFO_LOCATION="Example"
# INFO_THROUGHPUT=10Gb
########################################################################
## Include and exclude options
########################################################################
ARCH_INCLUDE="pool-riscv64 source"
#ARCH_EXCLUDE="pool-alpha pool-hppa pool-hurd-i386 pool-ia64 pool-m68k pool-powerpc pool-ppc64 pool-sh4 pool-sparc64 pool-x32 pool-kfreebsd-amd64 pool-kfreebsd-i386"
########################################################################
## Log option
########################################################################
# LOGDIR=
最主要的就是RSYNC_HOST、RSYNC_PATH及 ARCH_INCLUDE的配置,目前如果按照上面的配置是可以sync mirror的,只不过还是sync的整个debian-ports。因为整个debian-ports的确实有点庞大,如何只sync riscv64的mirror还在进一步探索中,其ARCH_INCLUDE及 ARCH_EXCLUDE就可以做到这一点(目前还没有找到正确的配置)。
在主目录下创建log目录:
mkdir log
也就是说,准备完以上条件后,在debian_sync的主目录下,应该最少有bin,etc和log这三个目录。
debian_sync@dev:~$ ./bin/ftpsync sync:archive:ports
此时ftpsync就会sync其配置文件指定的镜像站
可以使用cron。
以下update/指正来自chentianyu同学,感谢!希望能帮助更多需要的人:
上文中:
ARCH_INCLUDE 的部分,我想提醒下,debian-ports 的目录结构和 debian 不一样,目前版本的 ftpsync 的 ARCH_INCLUDE 不适用于 debian-ports。
debian 的目录结构下,所有架构的 .deb 文件都在 pool/ 目录下,而 debian-ports 中,非 Architecture:all 的 .deb 文件是在 pool-${arch}/ 下的,如 pool-riscv64/;而 ftpsync 代码中硬编码了 pool/,没有对 pool-${arch} 的支持,所以使用 ftpsync 目前是无法只同步 debian-ports 的 riscv64 的。
filter 应该是–filter=include_/pool-riscv/** –filter=exclude_/pool-
因为目前正在做autopkgtest的测试,所以这里得简短介绍下lxc的一些基本用法。
root@unmatched:~# lxc-start -n autopkgtest-unstable-riscv64
root@unmatched:~# lxc-ls -f
NAME STATE AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED
autopkgtest-unstable-riscv64 RUNNING 0 - 10.0.3.17 - false
root@unmatched:~# grep net /var/lib/lxc/autopkgtest-unstable-riscv64/config
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0 # 在host上的bridge is lxcbr0
root@unmatched:~# ifconfig lxcbr0
lxcbr0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.3.1 netmask 255.255.255.0 broadcast 10.0.3.255
inet6 fe80::216:3eff:fe00:0 prefixlen 64 scopeid 0x20<link>
ether 00:16:3e:00:00:00 txqueuelen 1000 (Ethernet)
RX packets 454 bytes 46683 (45.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 354 bytes 156485 (152.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lxc-attach -n autopkgtest-unstable-riscv64
root@autopkgtest-unstable-riscv64:~# dpkg --status ifupdown
Package: ifupdown
Status: install ok installed
策略有几个:
是的,可以直接修改 /etc/ssh/sshd_config然后把22端口换成其他的端口。
禁止密码登录是最好的选择,然后使用秘钥登录。
下面就使用这个program试试。
必须使用八位 包含特殊字符的密码
是不是查看 /var/log/auth.log及lastlog去看一下有没有异常情况。
sudo apt install fail2ban