On 20/08/15 18:33, Thomas Schmitt wrote: > > - https://wiki.debian.org/DebianMentorsFaq#How_do_I_make_my_first_package.3F > "Put a package together, built against a current version of sid." > > I'm on Jessie 8.1. The dependencies of the packages in question > are very basic. The package sources are portable to any X/Open > compliant system. Tested upstream on very old GNU/Linux, FreeBSD, > Solaris, and NetBSD. > I understand i have to submit source packages anyway. > > So is there a way to do my packaging work in Debian 8.1 ? > (The PackagingTutorial says i shall write "9" into > debian/compat. Is that enough of a sid ?) > > Else: Is there a shortcut description how to quickly set up > Debian package development in a virtual machine and how > to keep it up to date ? > (Hardware is plenty but my own VM scripts date back to Debian 6.)
Hi Thomas, Debian actually has ready-made VM scripts for you. You want to take a look at the "sbuild" system, it can create a minimal sid tarball chroot-"virtualmachine" and use it to build packages for you. Using sbuild will be as close as it gets to the official buildd machines, helping you to prevent FTBFS¹. sbuild machines install a bare minimum of packages plus your specified build-dependencies into a throwaway directory, build the package and delete everything except the build log and created .deb, returning to a clean state. Pointer: https://wiki.debian.org/sbuild Once sbuild is setup, you can call either "sbuild --dist sid" from inside the source directory (quick result, but I wouldn't recommend it) or call "debuild -S" on your host machine first: This will create a .debian.tar.xz and a (signed) .dsc file in "..", then you can call "sbuild --dist sid your-package_version.dsc". If that goes through, you know your dsc is good and you can upload it to mentors with "dupload --to mentors my.changes". (That's why I recommend this two-step route, since than you have "this" dsc that built correctly. Btw, the dupload step will check if you signed correctly) For bonus points, if you are on a machine that can chroot different arches (for example amd64 hosts can create a i386 chroot) you can verify it compiles on both. Just call another sbuild-createchroot with --arch i386 and then call "sbuild --dist sid --arch i386 my.dsc" to build on it. Be warned that in addition to where you store the sbuild-tarball, the schroot system will also need enough space to hold the *unpacked* tarball *plus* all temporary installed packages (build-dependencies) at /var/lib/schroot, so make sure to have > 10G space there. > > - I still did not find a hands-on description of fulfilling > the demand of http://mentors.debian.net/intro-maintainers: > "All packages must be signed with the GnuPG key you configured > in your control panel." Set the environment variables DEBNAME="Your Full Name" and DEBEMAIL="your@email.address". Then, when you call debuild -S, gpg will automatically be called with the right options, all you have to do is enter your privatekey password : ) > > http://mentors.debian.net/my has my public key now. I guess > this does the necessary configuration. > But how to use gpg or other programs to sign the packages ? > As GNU maintainer i use on tarballs > gpg -o ...sig -u ... > on announcement messages > gpg --clearsign ... > Suspiciously all newbie tutorials for Debian packaging > propose to use options -us -uc, which i understand prevent > some kind of signing. This is probably since it prevents the gpg-askpass from starting, and personally while testing stuff I also use -uc -us (also good for automated testing, since my privatekey won't be available there). The tutorials should include a little information that -uc -us is not meant for production use. Have fun sbuilding : ) - Danny ¹ Failed To Build From Source. For example, if you don't specify all build-dependencies. Debian buildd/sbuild will also not install "Recommended:" dependencies [after all, they are allowed to be omitted], but end-user systems will by default. PS: Just a word of warning: If your sid builds fail with strange linker messages having to do with std::__cxx11::something, you're out of luck for now and you've ben hit with the GCC-5/libstdc++6-5 transition. Lets hope it won't come to that though : )