XBPS: xbps-src gains new functionality

For the past days I've been working in bringing multiple improvements to the build system: xbps-src. It is a POSIX shell script with some more shell components that will fetch, check and compile source distribution files, to finally make XBPS binary packages.

Basically xbps-src works like the ports system on FreeBSD/OpenBSD or pkgsrc from NetBSD; but rather than running a make(1) command in a directory, you run the xbps-src command in a specific directory. The build template files, that specify how to fetch and build a binary package are shell scripts that understand a few variables (I shall document this in the future).

The structure to build packages is explained in the "building packages from source" document here:
http://xbps.nopcode.org/doc/building-from-source.html. Previously (before the last set of changes) there was a small shell script that required superuser permissions to bind mount /sys, /proc, /dev and the xbps-src main directory; that changed until the other day where I started using POSIX.1e capabilities support from the Linux kernel. They are explained in detail on its manpage capabilities(7).

I made three small C programs to bind mount and umount the required filesystems/mountpoints and another one to chroot into the master directory (the directory to chroot). The two mount programs use the CAP_SYS_ADMIN capability, and the last one uses the CAP_SYS_CHROOT. The programs need to have set those capabilities through the use of setcap(8). I added some security checks to the chroot code to make sure that you can't change root to / or to any other directory that the user doesn't own. With these changes in place you don't need to be the superuser anymore, the only problem is that you have to use a system that supports POSIX.1e capabilities and a filesystem with Extended Attributes... I'm sorry NetBSD you won't be able to use xbps-src.

The other set of changes implements a stow-alike approach while installing the packages in the masterdir (chroot directory), and all package files are now symlinked from its destination directory (if possible). That saves a lot of required space and helps to catch file conflicts and other problems. The master directory is where all packages are built, and stowned. The package is installed into its destination directory (/pkg-destdir) and stowned (symlinked) into the masterdir to be able to resolve dependencies.

[juan@nocturno ~]$ ls -l /storage/masterdir/
total 132
drwxr-xr-x    2 juan juan  4096 abr 28 01:29 bin
drwxr-xr-x    2 juan juan  4096 abr 26 21:52 boot
drwxr-xr-x    2 juan juan  4096 abr 26 05:29 dev
drwxr-xr-x   52 juan juan  4096 abr 28 00:45 etc
drwxr-xr-x    2 juan juan  4096 abr 21 15:26 home
drwxr-xr-x   11 juan juan  4096 abr 28 12:09 lib
lrwxrwxrwx    1 juan juan     3 abr 21 15:26 lib64 -> lib
drwxr-xr-x    2 juan juan  4096 abr 21 15:26 media
drwxr-xr-x    2 juan juan  4096 abr 21 15:26 mnt
drwxr-xr-x    2 juan juan  4096 abr 21 15:26 opt
drwxr-xr-x    4 juan juan  4096 abr 22 16:29 pkg-binpkgs
drwxr-xr-x    2 juan juan  4096 abr 28 12:09 pkg-builddir
drwxr-xr-x 1020 juan juan 40960 abr 28 12:09 pkg-destdir
drwxr-xr-x    2 juan juan  4096 abr 28 01:46 pkg-srcdistdir
drwxr-xr-x    2 juan juan  4096 abr 26 05:29 proc
drwxr-x---    2 juan juan  4096 abr 21 15:26 root
drwxr-xr-x    2 juan juan  4096 abr 28 12:09 sbin
drwxr-xr-x    2 juan juan  4096 abr 26 05:29 sys
drwxrwxrwt    3 juan juan 12288 abr 28 12:09 tmp
drwxr-xr-x    3 juan juan  4096 abr 22 06:19 tools
drwxr-xr-x   10 juan juan  4096 abr 26 21:51 usr
drwxr-xr-x   14 juan juan  4096 abr 28 00:45 var
[juan@nocturno ~]$

[juan@nocturno ~]$ ls -l /storage/masterdir/pkg-destdir/dash-0.5.5.1/
total 28
drwxr-xr-x 2 juan juan 4096 abr 22 12:22 bin
-rw-r--r-- 1 juan juan  399 abr 22 12:22 files.plist
-rwxr-xr-x 1 juan juan  690 abr 22 12:22 INSTALL
-rw-r--r-- 1 juan juan  590 abr 22 12:22 props.plist
-rwxr-xr-x 1 juan juan  689 abr 22 12:22 REMOVE
drwxr-xr-x 3 juan juan 4096 abr 22 12:22 usr
drwxr-xr-x 3 juan juan 4096 abr 22 12:22 var
[juan@nocturno ~]$

[juan@nocturno ~]$ ls -l /storage/masterdir/bin/dash 
lrwxrwxrwx 1 juan juan 34 abr 22 12:22 /storage/masterdir/bin/dash -> /pkg-destdir/dash-0.5.5.1/bin/dash
[juan@nocturno ~]$

xbps-src allows you to unstow (remove its symlinked files from the masterdir, and unregister package from the package database), as well as stowning the package multiple times, the only requirement is that the package must be installed into its destdir (destination directory), acomplished with the 'xbps-src install-destdir' command.

You can see the source code for the three C small programs here (yes, they are in the public domain): chroot.c, mount.c, umount.c.

Some more improvements were made but I'll explain (perhaps) them in another post... enjoy it.