-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
instructions on docker.debian.net incomplete? #169
Comments
❤️!
😅 not having 0.15 in Debian yet is because I've been away from my PGP key for a bit so couldn't test/upload, but I appreciate the reminder! I will get that uploaded to unstable today. In rebuilding When you run I run the tool/scripts via
I love this! I'm happy to support you however I can. 😄 I've done a few experiments where I download not just the tarballs published to GitHub, but the actual image rootfs layers from Docker Hub and with some light repacking via Edit: 👀
|
(I guess I should also note that you should be careful with long-EOL releases outside containers because some of them like to try to do things like |
awesome! just saw the 0.15-1 upload, thank you! will do further tests soon and report back here. (though probably not tomorrow but rather the day after...) |
so, I created a podman bookworm container, upgraded to sid, installed debuerreotype from sid, cloned the git repo and as root ran
./examples/debian.sh --arch amd64 out/ 'bullseye' '@1659312000'
which did some things and then failed with + debuerreotype-init --arch amd64 --debian --keyring /tmp/debuerreotype.bullseye.WScm0RWKCv/debian-archive-bullseye-keyring.gpg --no-merged-usr /tmp/debuerreotype.bullseye.WScm0RWKCv/rootfs bullseye @1659312000 unshare: unshare failed: Operation not permitted I've created the podman container using this command on bullseye:
podman run --rm -it debian:bookworm bash
These are the command I ran in the container: apt update && apt install vim debuerreotype git vi /etc/apt/sources.list # switched to sid apt update && apt upgrade git clone https://github.com/debuerreotype/debuerreotype/ cd debuerreotype/ mkdir out ./examples/debian.sh --arch amd64 out/ 'bullseye' '@1659312000' |
you suggested to use podman, so I any idea what went wrong? inside the container I ran everything as root... |
I mentioned Podman for inclusivity, not because I use or test it 😅 😇 For your sake (:heart:), I spent some time messing with The way I'd normally invoke that command would be something like this: $ ./docker-run.sh ./examples/debian.sh --arch amd64 out/ 'bullseye' '@1659312000' (From the host, which then That being said, if you're willing to have a degree of trust, running as root on a host system should be reasonably safe, especially if you're only going to be trying to build recent releases (buster+ for example is totally safe and reasonable -- it's only down at the levels of slink and potato that I've seen things get really haywire, and that far down things get complicated for other reasons too like being 32bit only and balking at inodes that are too big 😂). |
Thanks for your testing and these suggestions and I'm sorry for the lack of reply here, I got distracted building reproducibility tests for mmdebstrap, debootstrap and cdebootstrap as I found out they all can bootstrap Debian reproducibly too. :) Will soon look into this again! |
first, thanks a lot for debuerreotype and docker.debian.net!
second, https://bugs.debian.org/959446 made me file this issue here.
so, https://docker.debian.net has (very brief) instructions how to rebuild the docker images,
so I tried:
$ git clone https://github.com/debuerreotype/debuerreotype/
$ cd debuerreotype/
$ ./examples/debian.sh --arch amd64 out/ 'bullseye' '@1659312000'
but this fails because debuerrotype-init cannot be found. Looking at the Debian debuerreotype package
(which I havent used because it's 0.14 only and docker.debian.net suggested 0.15 which isnt packaged yet...) I see it resides in /usr/sbin, so long story short, do I need to run the above command as root?
Ultimatively I like to setup a rebuilder for docker.debian.net to independently rebuild those images
while reproducing the same checksum! :-)
The text was updated successfully, but these errors were encountered: