Differences between revisions 59 and 60
Revision 59 as of 2017-12-17 18:11:33
Size: 10900
Editor: ?josue
Comment: Updates release of backport apt-pinning hook
Revision 60 as of 2018-03-08 09:58:13
Size: 10901
Editor: ?elboulangero
Comment: Add SETENV to the sudoers snippet
Deletions are marked like this. Additions are marked like this.
Line 133: Line 133:
Cmnd_Alias  PBUILDER = /usr/sbin/pbuilder, /usr/bin/pdebuild, /usr/bin/debuild-pbuilder, /usr/sbin/cowbuilder
Defaults!PBUILDER       env_keep+="DIST ARCH"

<your user> ALL=(ALL) PBUILDER
Cmnd_Alias PBUILDER = /usr/sbin/pbuilder, /usr/bin/pdebuild, /usr/bin/debuild-pbuilder, /usr/sbin/cowbuilder
Defaults!PBUILDER env_keep+="DIST ARCH"


Other pbuilder documentation include:

How to include local packages in the build

This is needed when you have to build and upload both a library, then a package depending on it:

  1. Create a directory for your dependencies (say /path/to/the/dir/deps).
  2. Add this to your pbuilder configuration: (the configuration file is usually in /etc/pbuilderrc; If you are using ~/.pbuilderrc instead, then you need to use sudo -E pbuilder ... when updating the chroot below!)

    OTHERMIRROR="deb [trusted=yes] file:///path/to/the/dir/deps ./"
    # the hook dir may already be set/populated!
    # this is necessary for running ''apt-ftparchive'' in the hook below
  3. Create an empty dummy Packages file in your new local repository:
    touch /path/to/the/dir/deps/Packages
  4. Create your base.tgz (e.g. sudo pbuilder create) or update with --override-config (e.g. sudo pbuilder --update --override-config --distribution sid) so pbuilder picks up the sources.list changes.

  5. Put a file like D05deps to your $HOOKDIR, make it executable and put this in there:
    (cd /path/to/the/dir/deps; apt-ftparchive packages . > Packages)
    apt-get update
  6. Build the library.
  7. Copy the resulting debs into /path/to/the/dir/deps.
  8. Build the application.

Next time you start with step 6 :-).

How to build for different distributions

This is workable through the --basetgz parameter of pbuilder. You can pbuilder create --basetgz /var/cache/pbuilder/unstable.tgz --distribution unstable (and so on) to create the base tarballs. When using pdebuild, use pdebuild -- --basetgz /var/cache/pbuilder/<dist>.tgz instead, depending on which distribution you want. It is probably useful to make the default one sid (create without --basetgz and pdebuild without --basetgz).

The following is taken from https://wiki.ubuntu.com/PbuilderHowto

The only thing required to use pbuilder with multiple distributions is an alternate location to store the gzipped tarball that contains the pbuilder environment. On the command line, this can be specified with the 'basetgz' option. However, it is tedious to specify the full path every time pbuilder is run, so it is convenient to place a snippet in ~/.pbuilderrc to automate this:

# Codenames for Debian suites according to their alias. Update these when
# needed.

# List of Debian suites.
    "experimental" "unstable" "testing" "stable")

# List of Ubuntu suites. Update these when needed.
UBUNTU_SUITES=("xenial" "wily" "vivid" "utopic" "trusty")

# Mirrors to use. Update these to your preferred mirror.

# Optionally use the changelog of a package to determine the suite to use if
# none set.
if [ -z "${DIST}" ] && [ -r "debian/changelog" ]; then
    DIST=$(dpkg-parsechangelog --show-field=Distribution)

# Optionally set a default distribution if none is used. Note that you can set
# your own default (i.e. ${DIST:="unstable"}).
: ${DIST:="$(lsb_release --short --codename)"}

# Optionally change Debian codenames in $DIST to their aliases.
case "$DIST" in

# Optionally set the architecture to the host architecture if none set. Note
# that you can set your own default (i.e. ${ARCH:="i386"}).
: ${ARCH:="$(dpkg --print-architecture)"}

if [ -n "${ARCH}" ]; then

if $(echo ${DEBIAN_SUITES[@]} | grep -q $DIST); then
    # Debian configuration
    COMPONENTS="main contrib non-free"
    if $(echo "$STABLE_CODENAME stable" | grep -q $DIST); then
elif $(echo ${UBUNTU_SUITES[@]} | grep -q $DIST); then
    # Ubuntu configuration
    COMPONENTS="main restricted universe multiverse"
    echo "Unknown distribution: $DIST"
    exit 1

Now, if the user sets DIST to another distribution such as hardy when running pbuilder, the tarball location will be changed. The line that sets the DISTRIBUTION only takes effect during the creation of a new base tarball, or if the --override-config option is given, where it specifies the distribution to use for the new base tarball. Setting BUILDRESULT or APTCACHE is optional, but possibly helpful.

Note that there are some optional lines in this snippet that appear after comments that start with "Optionally". These lines can be commented out.

If ARCH is set to a different architecture when running pbuilder, pbuilder will be set to create an environment to build packages for the architecture specified in ARCH.

To make the following example work you have to configure sudo this way :

Cmnd_Alias PBUILDER = /usr/sbin/pbuilder, /usr/bin/pdebuild, /usr/bin/debuild-pbuilder, /usr/sbin/cowbuilder
Defaults!PBUILDER env_keep+="DIST ARCH"


We can now create and use alternate tarballs, as in the following examples:

# Create a base environment for Ubuntu gutsy
sudo DIST=gutsy pbuilder create

# Create a base environment for Debian sid
sudo DIST=sid pbuilder create

# Create a base environment for Ubuntu gutsy under
# the i386 architecture
sudo DIST=gutsy ARCH=i386 pbuilder create

# Update a base environment for Ubuntu gutsy
sudo DIST=gutsy pbuilder update

# Build a package using Ubuntu gutsy as the base
# environment
DIST=gutsy pdebuild

# Build a package using Ubuntu gutsy as the base
# environment under the i386 architecture
DIST=gutsy ARCH=i386 pdebuild


With the above pbuilderrc example, the backports repository for Debian will be enabled for chroots of the Debian stable suite. No packages are installed automatically however until the /etc/apt/preferences file is configured accordingly in the chroot. To enable certain packages from the backports, do the following.

First, create and then specify a hooks directory that pbuilder will use. For example, if you create a hooks directory in /var/cache/pbuilder/hook.d, add this line to your ~/.pbuilderrc file.


Afterwards, create a script of the form 'E<digit><digit><whatever else you want>' in the hooks directory.

Here's an example script named /var/cache/pbuilder/hook.d/E01apt-preferences that enables the packages 'debhelper' and 'lintian' from the backports repository.

set -e


if $(egrep -q "$STABLE_VERSION_REGEX" "/etc/debian_version"); then
cat > "/etc/apt/preferences" << EOF
Package: debhelper
Pin: release a=stretch-backports
Pin-Priority: 999

Package: lintian
Pin: release a=stretch-backports
Pin-Priority: 999

How to use pbuilder to test build with gcc-snapshot

While there are several ways to achieve this, an easy way is to use a hook to remove the existing gcc symlinks and replace them with a wrapper which uses gcc-snapshot. The following hook will do this for gcc, g++ and gfortran (extend it as needed):

aptitude -R -y install gcc-snapshot
cat > /usr/local/bin/gcc-snapshot << EOF
gcc "\$@"
chmod 755 /usr/local/bin/gcc-snapshot
cat > /usr/local/bin/g++-snapshot << EOF
g++ "\$@"
chmod 755 /usr/local/bin/g++-snapshot
cat > /usr/local/bin/gfortran-snapshot << EOF
g++ "\$@"
chmod 755 /usr/local/bin/gfortran-snapshot
rm -f /usr/bin/gcc /usr/bin/g++ /usr/bin/gfortran
ln -s /usr/local/bin/gcc-snapshot /usr/bin/gcc
ln -s /usr/local/bin/g++-snapshot /usr/bin/g++
ln -s /usr/local/bin/gfortran-snapshot /usr/bin/gfortran
#/bin/bash < /dev/tty > /dev/tty

Then, ensure that the environment variable LD_LIBRARY_PATH is set to prefer the libraries belonging to gcc-snapshot by adding the following to your .pbuilderrc:

export LD_LIBRARY_PATH=/usr/lib/gcc-snapshot/lib:$LD_LIBRARY_PATH

Save the file as D20_gcc43 (or something) in your hook directory, and make it executable to use gcc 4.3. Of course, care has to be taken that the build system also uses the gcc, gfortran, g++ etc. found in /usr/bin; otherwise, some extra work needs to be done.

Also, remember to NEVER upload packages produced by gcc-snapshot! :)

How to satisfy experimental dependencies

Pbuilder before version 0.224 (present since stretch onward) used to configure APT with APT::Default-Release = "experimental" for experimental chroots; this caused unappropriated behavior where it would download everything from experimental even when the unstable version was enough.

If you're using pbuilder >= 0.224 you can just create a chroot for experimental with:

# pbuilder create --distribution experimental

For older versions you can workaround its buggy behavior by:

  1. Login from root into the base pbuilder environment to add experimental to the sources.list:

    # pbuilder login --save-after-login
    (chroot) # echo "deb http://httpredir.debian.org/debian experimental main" >> /etc/apt/sources.list
    # exit
  2. Update your pbuilder environment:
    # pbuilder --update

Now you are done, using pdebuild will download packages from experimental when needed.

Unknown GPG keys

If pbuilder fails with "E: Release signed by unknown key (key id <...>)", pass the keyring path as:

  • sudo DIST=jessie pbuilder create --debootstrapopts --keyring=/usr/share/keyrings/debian-archive-keyring.gpg