--- /dev/null
+#!/bin/bash
+
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+##
+
+# Copyright (c) 2013 Peter Palfrader
+#
+# Permission is hereby granted, free of charge, to any person
+# obtaining a copy of this software and associated documentation
+# files (the "Software"), to deal in the Software without
+# restriction, including without limitation the rights to use,
+# copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following
+# conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+# OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+# HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+
+THISARCH=$(dpkg --print-architecture)
+
+usage()
+{
+cat << EOF
+usage: $0 <suite>
+
+OPTIONS:
+ -a ARCH debootstrap arch [$arch]
+ -m MIRROR http mirror to use [$mirror]
+ -b basedir place where to put the tarball [$basedir]
+ -B install less stuff into chroot [$bare]
+ -c write config only
+ -D set up a buildd schroot - changes conffile name and
+ various defaults. Run -D -h. Also creates more aliases.
+ -d dir place where to build the chroot [${builddir:-$basedir}]
+ -f overwrite config and target tarball
+ -g GROUPS groups that should have access to the schroot [$groupuser]
+ -K keep old tarballs around for a while (4 iterations)
+ -k KEYRING use an alternate keyring [$keyring]
+ -o USER users that should have access to the schroot [$users]
+ -O USER users that should have root in the schroot [$usersroot]
+ -p PERS use a different sbuild personality [$personality]
+ -r GROUPS groups that should have root in the schroot [$grouproot]
+ -s use sbuild compatible naming scheme [$sbuildnames]
+ -S SUFFIX conffile suffix [$suffix]
+ -u Ubuntu target
+ -h this help
+EOF
+}
+
+die() {
+ echo >&2 "$*"
+ exit 1
+}
+
+do_cleanup() {
+ local cnt
+ cnt=$((${#cleanup[*]}-1))
+ for i in $(seq ${cnt} -1 0); do
+ ${cleanup[$i]} || true
+ done
+}
+
+genschrootconf() {
+ local suite="$1"; shift
+ local arch="$1"; shift
+ local target="$1"; shift
+ local extra="${1:-}"; shift || true
+
+ if [ -n "$extra" ]; then
+ local suite="${suite}-${extra}"
+ fi
+
+ if [ -n "$sbuildnames" ]; then
+ local name="${suite}-${arch}-sbuild"
+ else
+ local name="${suite}_${arch}-dchroot"
+ fi
+
+
+cat << EOF
+[${name}]
+description=[${name}] Debian $suite chroot for $arch
+type=file
+file=$target
+EOF
+[ -n "$groupuser" ] && echo "groups=$groupuser"
+[ -n "$grouproot" ] && echo "root-groups=$grouproot"
+[ -n "$users" ] && echo "users=$users"
+[ -n "$usersroot" ] && echo "root-users=$usersroot"
+
+ echo "profile=$personality"
+
+ if [ "$THISARCH" = "$arch" ] && [ -z "$buildd" ]; then
+ echo "aliases=$suite"
+ fi
+ case "$arch" in
+ armel|armhf|i386|powerpc|s390|sparc)
+ echo "personality=linux32"
+ ;;
+ esac
+ echo
+
+ case "$suite" in
+ sid)
+ genschrootconf "experimental" "$arch" "$target"
+ ;;
+ #experimental|jessie)
+ experimental)
+ :
+ ;;
+ *)
+ if [ -z "$extra" ] && [ -z "$ubuntu" ]; then
+ genschrootconf "$suite" "$arch" "$target" "backports"
+ [ -n "$buildd" ] && genschrootconf "$suite" "$arch" "$target" "backports-sloppy"
+ [ -n "$buildd" ] && genschrootconf "$suite" "$arch" "$target" "lts"
+ [ -n "$buildd" ] && genschrootconf "$suite" "$arch" "$target" "proposed-updates"
+ [ -n "$buildd" ] && genschrootconf "$suite" "$arch" "$target" "security"
+ fi
+ esac
+}
+
+do_config() {
+ local tmpschrootconf=$(tempfile)
+ cleanup+=("rm -f $tmpschrootconf")
+ genschrootconf "$suite" "$arch" "$target" > "$tmpschrootconf"
+ if ! [ -e "$schrootconfig" ] || ! diff "$schrootconfig" "$tmpschrootconf" > /dev/null; then
+ mv "$tmpschrootconf" "$schrootconfig"
+ chmod 644 "$schrootconfig"
+ fi
+}
+
+
+set -e
+set -u
+
+arch="$THISARCH"
+if [ -e /etc/schroot/dsa/default-mirror ]; then
+ mirror=$(cat /etc/schroot/dsa/default-mirror )
+fi
+mirror="${mirror:-http://cdn.debian.net/debian}"
+configonly=""
+force=""
+basedir="/srv/chroot"
+builddir=""
+keyring=/usr/share/keyrings/debian-archive-keyring.gpg
+personality="dsa"
+sbuildnames=""
+ubuntu=""
+groupuser="Debian,guest"
+grouproot=""
+users=""
+usersroot=""
+bare=""
+keep=""
+suffix="dchroot"
+declare -a cleanup
+cleanup+=(":")
+trap do_cleanup EXIT
+buildd=""
+
+while getopts "a:b:Bcd:Dfg:hKk:m:o:O:p:r:sS:u" OPTION
+do
+ case $OPTION in
+ a)
+ arch="$OPTARG"
+ ;;
+ b)
+ basedir="$OPTARG"
+ ;;
+ B)
+ bare="1"
+ ;;
+ c)
+ configonly="1"
+ ;;
+ D)
+ buildd="1"
+ sbuildnames="0"
+ bare="1"
+ groupuser=""
+ grouproot=""
+ users="buildd"
+ usersroot="buildd"
+ personality="buildd"
+ suffix="sbuild"
+ ;;
+ d)
+ builddir="$OPTARG"
+ ;;
+ f)
+ force="1"
+ ;;
+ g)
+ groupuser="$OPTARG"
+ ;;
+ h)
+ usage
+ exit 0
+ ;;
+ K)
+ keep="4"
+ ;;
+ k)
+ keyring="$OPTARG"
+ ;;
+ m)
+ mirror="$OPTARG"
+ ;;
+ o)
+ users="$OPTARG"
+ ;;
+ O)
+ usersroot="$OPTARG"
+ ;;
+ p)
+ personality="$OPTARG"
+ ;;
+ r)
+ grouproot="$OPTARG"
+ ;;
+ s)
+ sbuildnames="1"
+ ;;
+ S)
+ suffix="$OPTARG"
+ ;;
+ u)
+ ubuntu="1"
+ ;;
+ *)
+ usage >&2
+ exit 1
+ ;;
+ esac
+done
+shift $(($OPTIND - 1))
+
+if [ "$#" != 1 ]; then
+ usage >&2
+ exit 1
+fi
+suite="$1"; shift
+tuple="${suite}_${arch}"
+
+builddir=${builddir:-$basedir}
+[ -d "$basedir" ] || die "Error: $basedir does not exist (or is not a directory)."
+[ -d "$builddir" ] || die "Error: $builddir does not exist (or is not a directory)."
+
+target="$basedir/$tuple.tar.gz"
+! [ -e "$target" ] || [ -n "$force" ] || die "Error: $target already exists."
+
+schrootconfig="/etc/schroot/chroot.d/${tuple}-$suffix"
+! [ -e "$schrootconfig" ] || [ -n "$force" ] || die "Error: $schrootconfig already exists."
+
+
+#
+# let's go
+#
+
+if [ -n "$configonly" ]; then
+ do_config
+ exit 0
+fi
+
+rootdir=$(mktemp -d "$builddir/create-$suite-XXXXXX")
+cleanup+=("rm -r $rootdir")
+cleanup+=("umount $rootdir/sys")
+script=/usr/share/debootstrap/scripts/"$suite"
+if ! [ -e "$script" ]; then
+ if [ -z "$ubuntu" ]; then
+ script=/usr/share/debootstrap/scripts/sid
+ else
+ script=/usr/share/debootstrap/scripts/gutsy
+ fi
+fi
+
+set -x
+debootstrap \
+ --keyring "$keyring" \
+ --include="apt" \
+ --variant=buildd \
+ --arch="$arch" \
+ "$suite" "$rootdir" "$mirror" "$script"
+echo "$tuple" > "$rootdir/etc/debian_chroot"
+echo "force-unsafe-io" > "$rootdir/etc/dpkg/dpkg.cfg.d/force-unsafe-io"
+echo "force-confnew" > "$rootdir/etc/dpkg/dpkg.cfg.d/force-confnew"
+
+cleanup+=("umount $rootdir/dev")
+case "$(uname -s)" in
+ Linux)
+ ;;
+ GNU/kFreeBSD)
+ mount -t devfs none "$rootdir/dev"
+ ;;
+ *)
+ echo >&2 "Warning: Unexpected uname -s output."
+ ;;
+esac
+
+
+chroot "$rootdir" apt-get update
+chroot "$rootdir" apt-get install -y --force-yes --no-install-recommends policyrcd-script-zg2
+cat > "$rootdir/usr/local/sbin/policy-rc.d" << 'EOF'
+#!/bin/sh
+
+# policy-rc.d script for chroots.
+# Copyright (c) 2007 Peter Palfrader <peter@palfrader.org>
+
+while true; do
+ case "$1" in
+ -*) shift ;;
+ makedev) exit 0;;
+ *)
+ echo "Not running services in chroot."
+ exit 101
+ ;;
+ esac
+done
+EOF
+chmod +x "$rootdir/usr/local/sbin/policy-rc.d"
+[ -z "$bare" ] && [ -z "$ubuntu" ] && chroot "$rootdir" apt-get install -y --force-yes --no-install-recommends locales-all
+chroot "$rootdir" apt-get install -y --force-yes --no-install-recommends build-essential
+[ -z "$bare" ] && chroot "$rootdir" apt-get install -y --force-yes --no-install-recommends zsh less vim fakeroot devscripts gdb
+rm -f "$rootdir/etc/apt/sources.list" "$rootdir/etc/apt/sources.list.d/*"
+chroot "$rootdir" apt-get clean
+umount "$rootdir/dev" 2>/dev/null || true
+umount "$rootdir/sys" 2>/dev/null || true
+
+tartmp=$(tempfile --directory "$basedir" --suffix=".tar.gz")
+cleanup+=("rm -f $tartmp")
+(
+ cd "$rootdir"
+ tar caf "$tartmp" .
+ if ! [ -z "$keep" ]; then
+ savelog -l -c 4 "$target"
+ fi
+ mv "$tartmp" "$target"
+)
+
+do_config