Update for xbps>=0.35 which contains xbps-uchroot.

That means that the Makefile and xbps-src generated files are not required
anymore, and the xbps-src script can be used as is.

Bump xbps requirement to 0.35 and enable XBPS_INSTALL_ARGS by default.

Makefile

@@ -1,34 +0,0 @@
-# xbps-packages top-level Makefile.
-#
-# MUTABLE VARIABLES
-PRIVILEGED_GROUP ?= xbuilder
-
-# INMUTABLE VARIABLES
-VERSION	= 112
-GITVER	:= $(shell git rev-parse --short HEAD)
-SHAREDIR = common/xbps-src/shutils
-LIBEXECDIR = common/xbps-src/libexec
-
-CHROOT_C = uchroot.c
-CHROOT_BIN = xbps-src-chroot-helper
-CFLAGS += -O2 -Wall -Werror
-
-.PHONY: all setup clean
-
-all:
-	sed -e "s|@@XBPS_SRC_VERSION@@|$(VERSION) ($(GITVER))|g"	\
-		${CURDIR}/common/xbps-src/xbps-src.sh > ${CURDIR}/xbps-src
-	$(CC) $(CFLAGS) ${LIBEXECDIR}/$(CHROOT_C) -o ${LIBEXECDIR}/$(CHROOT_BIN)
-	chmod 755 xbps-src
-	@echo "Ignoring changes to etc/conf for local overrides."
-	@git update-index --assume-unchanged etc/conf
-	@echo
-	@echo "The chroot helper must be a setgid binary (4750) for the group '$(PRIVILEGED_GROUP)'."
-	@echo "Please run 'sudo make setup' to set appropiate permissions."
-
-setup:
-	chown root:$(PRIVILEGED_GROUP) $(LIBEXECDIR)/$(CHROOT_BIN)
-	chmod 4750 $(LIBEXECDIR)/$(CHROOT_BIN)
-
-clean:
-	rm -f xbps-src $(LIBEXECDIR)/$(CHROOT_BIN)

README.md

@@ -1,27 +1,18 @@
 ## The XBPS packages collection
 
-This repository contains the XBPS package collection to build binary packages
+This repository contains the XBPS source packages collection to build binary packages
 for the Void Linux distribution.
 
 To start using it first you'll need some external dependencies:
 
-- GNU make
-- GNU bash
-- C compiler
+- bash
 - fakeroot
-- xbps >= 0.33
+- xbps >= 0.35
 
-The `xbps-src` utility and its helpers must be built first:
+Make sure your user is added to the `xbuilder` group to be able to use `xbps-uchroot`,
+otherwise `xbps-src` won't work correctly.
 
-     $ make
-
-The `xbps-src` chroot helper required to chroot and setup the bind mounts must
-be a setgid binary that can only be executed by a special group, by default `xbuilder`.
-To set the appropiate permissions run the `setup` target:
-
-     $ sudo make setup
-
-After that you can run:
+The `xbps-src` utility will allow you to generate XBPS binary packages, type
 
      $ ./xbps-src -h
 
@@ -29,7 +20,7 @@ to see all available targets/options and start building any available package
 in the `srcpkgs` directory.
 
 The `etc/defaults.conf` file contains the possible settings that can be overrided
-through `etc/conf` configuration file for the `xbps-src` utility.
+through the `etc/conf` configuration file for the `xbps-src` utility.
 
 See [Manual](https://github.com/voidlinux/xbps-packages/blob/master/Manual.md)
 for documentation to create and learn about the source packages.

common/environment/setup/0000-REQUIREMENTS.sh

@@ -5,6 +5,7 @@
 # =========================================================
 # DO NOT MODIFY THIS FILE WITHOUT PRIOR WRITTEN PERMISSION!
 # =========================================================
+# OBSOLETE WITH XBPS>=0.35, KEEP THIS FOR COMPAT.
 
 set -a
 

common/xbps-src/libexec/uchroot.c

@@ -1,273 +0,0 @@
-/*-
- * Copyright (c) 2014 Juan Romero Pardines.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This is based on linux-user-chroot by Colin Walters, but has been adapted
- * specifically for xbps-src use:
- *
- * 	- This bind mounts exactly what we need, no support for additional mounts.
- * 	- This uses IPC/PID/mount namespaces, nothing more.
- * 	- Disables namespace features if running in OpenVZ containers.
- */
-#define _GNU_SOURCE
-#include <sys/types.h>
-#include <sys/prctl.h>
-#include <sys/fsuid.h>
-#include <sys/mount.h>
-#include <sys/syscall.h>
-#include <sys/wait.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <stdarg.h>
-#include <string.h>
-#include <assert.h>
-#include <stdlib.h>
-#include <sched.h>
-#include <limits.h>	/* PATH_MAX */
-
-#ifndef SECBIT_NOROOT
-#define SECBIT_NOROOT (1 << 0)
-#endif
-
-#ifndef SECBIT_NOROOT_LOCKED
-#define SECBIT_NOROOT_LOCKED (1 << 1)
-#endif
-
-#ifndef PR_SET_NO_NEW_PRIVS
-#define PR_SET_NO_NEW_PRIVS	38
-#endif
-
-static void
-die(const char *fmt, ...)
-{
-	va_list ap;
-	int save_errno = errno;
-
-	va_start(ap, fmt);
-	fprintf(stderr, "ERROR ");
-	vfprintf(stderr, fmt, ap);
-	fprintf(stderr, " (%s)\n", strerror(save_errno));
-	va_end(ap);
-	exit(EXIT_FAILURE);
-}
-
-static void
-usage(const char *p)
-{
-	printf("Usage: %s [-D dir] [-H dir] [-S dir] <chrootdir> <command>\n\n"
-	    "-D <distdir> Directory to be bind mounted at <chrootdir>/xbps-packages\n"
-	    "-H <hostdir> Directory to be bind mounted at <chrootdir>/host\n"
-	    "-S <shmdir>  Directory to be bind mounted at <chrootdir>/<shmdir>\n", p);
-	exit(EXIT_FAILURE);
-}
-
-static int
-fsuid_chdir(uid_t uid, const char *path)
-{
-	int saveerrno, rv;
-
-	(void)setfsuid(uid);
-	rv = chdir(path);
-	saveerrno = errno;
-	(void)setfsuid(0);
-	errno = saveerrno;
-
-	return rv;
-}
-
-static int
-openvz_container(void)
-{
-	if ((!access("/proc/vz/vzaquota", R_OK)) &&
-	    (!access("/proc/user_beancounters", R_OK)))
-		return 1;
-
-	return 0;
-}
-
-static void
-bindmount(uid_t ruid, const char *chrootdir, const char *dir, const char *dest)
-{
-	char mountdir[PATH_MAX-1];
-
-	snprintf(mountdir, sizeof(mountdir), "%s/%s", chrootdir, dest ? dest : dir);
-
-	if (fsuid_chdir(ruid, dir) == -1)
-		die("Couldn't chdir to %s", dir);
-	if (mount(".", mountdir, NULL, MS_BIND|MS_PRIVATE, NULL) == -1)
-		die("Failed to bind mount %s at %s", dir, mountdir);
-}
-
-int
-main(int argc, char **argv)
-{
-	uid_t ruid, euid, suid;
-	gid_t rgid, egid, sgid;
-	const char *chrootdir, *distdir, *hostdir, *shmdir, *cmd, *argv0;
-	char **cmdargs, mountdir[PATH_MAX-1];
-	int aidx = 0, clone_flags, child_status = 0;
-	pid_t child;
-
-	chrootdir = distdir = hostdir = shmdir = cmd = NULL;
-	argv0 = argv[0];
-	argc--;
-	argv++;
-
-	if (argc < 2)
-		usage(argv0);
-
-	while (aidx < argc) {
-		if (strcmp(argv[aidx], "-D") == 0) {
-			/* distdir */
-			distdir = argv[aidx+1];
-			aidx += 2;
-		} else if (strcmp(argv[aidx], "-H") == 0) {
-			/* hostdir */
-			hostdir = argv[aidx+1];
-			aidx += 2;
-		} else if (strcmp(argv[aidx], "-S") == 0) {
-			/* shmdir */
-			shmdir = argv[aidx+1];
-			aidx += 2;
-		} else {
-			break;
-		}
-	}
-	if ((argc - aidx) < 2)
-		usage(argv0);
-
-	chrootdir = argv[aidx];
-	cmd = argv[aidx+1];
-	cmdargs = argv + aidx + 1;
-
-	/* Never allow chrootdir == / */
-	if (strcmp(chrootdir, "/") == 0)
-		die("/ is not allowed to be used as chrootdir");
-
-	if (getresgid(&rgid, &egid, &sgid) == -1)
-		die("getresgid");
-
-	if (getresuid(&ruid, &euid, &suid) == -1)
-		die("getresuid");
-
-	if (rgid == 0)
-		rgid = ruid;
-
-	clone_flags = (SIGCHLD|CLONE_NEWNS|CLONE_NEWIPC|CLONE_NEWUTS|CLONE_NEWPID);
-	if (openvz_container()) {
-		/*
-		 * If running in a OpenVZ container simply disable all namespace
-		 * features.
-		 */
-		clone_flags &= ~(CLONE_NEWNS|CLONE_NEWIPC|CLONE_NEWUTS|CLONE_NEWPID);
-	}
-
-	/* Issue the clone(2) syscall with our settings */
-	if ((child = syscall(__NR_clone, clone_flags, NULL)) == -1)
-		die("clone");
-
-	if (child == 0) {
-		/*
-		 * Restrict privileges on the child.
-		 */
-		if (prctl(PR_SET_NO_NEW_PRIVS, 1) == -1 && errno != EINVAL) {
-			die("prctl PR_SET_NO_NEW_PRIVS");
-		} else if (prctl (PR_SET_SECUREBITS,
-			SECBIT_NOROOT|SECBIT_NOROOT_LOCKED) == -1) {
-			die("prctl SECBIT_NOROOT");
-		}
-		if (!openvz_container()) {
-			/* Make / a private mount */
-			if (mount(NULL, "/", "none", MS_PRIVATE|MS_REC, NULL) == -1)
-				die("mount(/, MS_PRIVATE|MS_REC)");
-			/* Remount / with nosuid just in case */
-			if (mount (NULL, "/", "none", MS_PRIVATE|MS_REMOUNT|MS_NOSUID, NULL) == -1)
-				die("mount(/, MS_PRIVATE|MS_REMOUNT|MS_NOSUID");
-		}
-
-		/* mount /proc */
-		snprintf(mountdir, sizeof(mountdir), "%s/proc", chrootdir);
-		if (mount("proc", mountdir, "proc", MS_MGC_VAL|MS_PRIVATE, NULL) == -1)
-			die("Failed to mount %s", mountdir);
-
-		/* bind mount /sys */
-		bindmount(ruid, chrootdir, "/sys", NULL);
-
-		/* bind mount /dev */
-		bindmount(ruid, chrootdir, "/dev", NULL);
-
-		/* bind mount hostdir if set */
-		if (hostdir)
-			bindmount(ruid, chrootdir, hostdir, "/host");
-
-		/* bind mount distdir (if set) */
-		if (distdir)
-			bindmount(ruid, chrootdir, distdir, "/xbps-packages");
-
-		/* bind mount shmdir (if set) */
-		if (shmdir)
-			bindmount(ruid, chrootdir, shmdir, NULL);
-
-		/* move chrootdir to / and chroot to it */
-		if (fsuid_chdir(ruid, chrootdir) == -1)
-			die("Failed to chdir to %s", chrootdir);
-
-		if (mount(".", ".", NULL, MS_BIND|MS_PRIVATE, NULL) == -1)
-			die("Failed to bind mount %s", chrootdir);
-
-		if (mount(chrootdir, "/", NULL, MS_MOVE, NULL) == -1)
-			die("Failed to move %s as rootfs", chrootdir);
-
-		if (chroot(".") == -1)
-			die("Failed to chroot to %s", chrootdir);
-
-		/* Switch back to the gid/uid of invoking process */
-		if (setgid(rgid) == -1)
-			die("setgid child");
-		if (setuid(ruid) == -1)
-			die("setuid child");
-
-		if (execvp(cmd, cmdargs) == -1)
-			die("Failed to execute command %s", cmd);
-	}
-	/* Switch back to the gid/uid of invoking process also in the parent */
-	if (setgid(rgid) == -1)
-		die("setgid child");
-	if (setuid(ruid) == -1)
-		die("setuid child");
-
-	/* Wait until the child terminates */
-	while (waitpid(child, &child_status, 0) < 0) {
-		if (errno != EINTR)
-			die("waitpid");
-	}
-
-	if (!WIFEXITED(child_status))
-		return -1;
-
-	return WEXITSTATUS(child_status);
-}

etc/conf

@@ -1,11 +0,0 @@
-# Configuration file for xbps-src.
-#
-# Load the defaults in from defaults.conf (if it's readable).
-# These can be overridden below.
-#
-if [ -r ${XBPS_DISTDIR}/etc/defaults.conf ]; then
-	. ${XBPS_DISTDIR}/etc/defaults.conf
-fi
-
-# Add your local overrides below
-#

etc/defaults.conf

@@ -44,7 +44,7 @@
 # Enable optional arguments to xbps-install. This is useful when you use
 # static binaries and when you need to specify arguments.
 # NOTE: This is only used with the binary-bootstrap target!
-#XBPS_INSTALL_ARGS="--repository=http://repo.voidlinux.eu/current"
+XBPS_INSTALL_ARGS="--repository=http://repo.voidlinux.eu/current"
 
 # [OPTIONAL]
 # Compilation flags for C and C++.

xbps-src

@@ -173,34 +173,14 @@ check_build_requirements() {
     for f in $XBPS_SHUTILSDIR/*.sh; do
 	    [ -r $f ] && . $f
     done
-    for f in $XBPS_COMMONDIR/environment/setup/*.sh; do
-	    [ -r $f ] && . $f
-    done
-
-    if [ -z "$XBPS_SRC_REQ" -o -z "$XBPS_UTILS_REQ" -o -z "$XBPS_UTILS_API_REQ" ]; then
-	    echo "ERROR: cannot satisfy xbps requirements!"
-    exit 1
-    fi
     case "$XBPS_TARGET" in
         *bootstrap*) found=1;;
         *) ;;
     esac
     if [ -z "$found" ]; then
-        xbps-uhelper cmpver $(echo "$XBPS_SRC_VERSION"|awk '{print $1}') "$XBPS_SRC_REQ"
+	    xbps-uhelper cmpver "$XBPS_VERSION" "$XBPS_VERSION_REQ"
 	    if [ $? -eq 255 ]; then
-		    echo "ERROR: this xbps-src version is outdated! (>=$XBPS_SRC_REQ is required)"
-		    echo "Bootstrap packages must be updated with 'xbps-src bootstrap-update'"
-		    exit 1
-	    fi
-	    xbps-uhelper cmpver "$XBPS_VERSION" "$XBPS_UTILS_REQ"
-	    if [ $? -eq 255 ]; then
-		    echo "ERROR: requires xbps-$XBPS_UTILS_REQ API: $XBPS_UTILS_API_REQ"
-		    echo "Bootstrap packages must be updated with 'xbps-src bootstrap-update'"
-		    exit 1
-	    fi
-	    xbps-uhelper cmpver "$XBPS_APIVER" "$XBPS_UTILS_API_REQ"
-	    if [ $? -eq 255 ]; then
-		    echo "ERROR: requires xbps-$XBPS_UTILS_REQ API: $XBPS_UTILS_API_REQ"
+		    echo "ERROR: requires xbps>=${XBPS_VERSION_REQ}"
 		    echo "Bootstrap packages must be updated with 'xbps-src bootstrap-update'"
 		    exit 1
 	    fi
@@ -288,9 +268,11 @@ read_pkg() {
     setup_pkg $XBPS_TARGET_PKG $XBPS_CROSS_BUILD
 }
 
+# Requires xbps>=0.35
+readonly XBPS_VERSION_REQ="0.35"
+
 readonly XBPS_VERSION=$(xbps-uhelper -V|awk '{print $2}')
-readonly XBPS_APIVER=$(xbps-uhelper -V|awk '{print $4}')
-readonly XBPS_SRC_VERSION="@@XBPS_SRC_VERSION@@"
+readonly XBPS_SRC_VERSION="113"
 readonly FAKEROOT_CMD="fakeroot --"
 readonly XBPS_MACHINE=$(uname -m)
 
@@ -345,6 +327,10 @@ else
     else
         readonly XBPS_DISTDIR="${_distdir}"
     fi
+    # Read defaults and then the local configuration file
+    if [ -f $XBPS_DISTDIR/etc/defaults.conf ]; then
+        . $XBPS_DISTDIR/etc/defaults.conf
+    fi
     readonly XBPS_CONFIG_FILE=$XBPS_DISTDIR/etc/conf
 fi
 
@@ -384,7 +370,7 @@ readonly XBPS_TRIGGERSDIR=$XBPS_SRCPKGDIR/xbps-triggers/files
 readonly XBPS_CROSSPFDIR=$XBPS_COMMONDIR/cross-profiles
 readonly XBPS_BUILDSTYLEDIR=$XBPS_COMMONDIR/build_style
 readonly XBPS_LIBEXECDIR=$XBPS_COMMONDIR/xbps-src/libexec
-readonly CHROOT_CMD=$XBPS_LIBEXECDIR/xbps-src-chroot-helper
+readonly CHROOT_CMD=xbps-uchroot
 
 # XBPS_FETCH_CMD can be overriden
 export XBPS_FETCH_CMD="xbps-uhelper fetch"