#!/bin/bash # # This is the equivalent of trigger.often for security. # # Calling convention: trigger.security $basedist # (i.e. the dist should not have a -security suffix) # if [ -n "$SSH_ORIGINAL_COMMAND" ] then set -- $SSH_ORIGINAL_COMMAND # The name of the script will be put into $1 instead of $0, # so shift the arguments to discard our name. shift fi LANG=C BASE_DIST="$1" SECMASTERBUILDD=http://security-master.debian.org/buildd BASEDIR="/org/wanna-build" TMPDIR="$BASEDIR/tmp" LIBTRIGGER="$BASEDIR/libtrigger.sh" LOCKFILE="$TMPDIR/DB_Maintenance_In_Progress" MERGELOG="$BASEDIR/db/merge.log" . "$LIBTRIGGER" if [ -z "$BASE_DIST" ]; then echo "E: no base suite specified." fi if lockfile -! -l 3600 "$LOCKFILE"; then echo "Cannot lock $LOCKFILE" exit 1 fi cleanup() { rm -f "$LOCKFILE" } trap cleanup 0 umask 027 exec 3<&1 >> "$MERGELOG" 2>&1 echo "security merge triggered for ${BASE_DIST}: `date`" cd "$TMPDIR" d="${BASE_DIST}-security" archs=ARCHS_${BASE_DIST} ARCHS=${!archs} echo "fetching $SECMASTERBUILDD/${BASE_DIST}/Sources.gz..." curl_index "$SECMASTERBUILDD/${BASE_DIST}/Sources.gz" "Sources-$d.accepted.gz" "Sources.$d.accepted" # NB: There is only one Packages file in the directory, with all # already built packages of all architectures in it. It could thus # be reused for every one of them afterwards and quinn-diff will # pick the right information. echo "fetching $SECMASTERBUILDD/${BASE_DIST}/Packages.gz..." curl_index "$SECMASTERBUILDD/${BASE_DIST}/Packages.gz" "Packages-$d.accepted.gz" "Packages.$d.accepted" for a in $ARCHS; do echo "processing $d/$a..." quinn-diff -i -A $a -a "/srv/buildd.debian.org/web/quinn-diff/${BASE_DIST}/Packages-arch-specific" -s "Sources.$d.accepted" -p "Packages.$d.accepted" >> "quinn-$d.$a.accepted" 2>/dev/null wanna-build -d $d -b $a/build-db --merge-partial-quinn < "quinn-$d.$a.accepted" wanna-build -d $d -b $a/build-db -A $a --merge-packages < "Packages.$d.accepted" done echo "security merge for ${BASE_DIST} ended: `date`" exit 0