summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoranonym <anonym@riseup.net>2018-02-11 00:42:41 +0100
committeranonym <anonym@riseup.net>2018-02-11 00:45:10 +0100
commitb61fac548a23f419c7697dbb99bcffed26511aa3 (patch)
tree50de97506be16c17478ec13c425d780e8ac862cc
parent3e887ff98b3e6070423925ee67412154d19c484f (diff)
-rw-r--r--config/chroot_local-includes/usr/share/amnesia/build/mksquashfs-excludes1
-rwxr-xr-xvagrant/definitions/tails-builder/generate-tails-builder-box.sh4
-rwxr-xr-xvagrant/provision/assets/build-tails8
-rwxr-xr-xvagrant/provision/setup-tails-builder2
4 files changed, 15 insertions, 0 deletions
diff --git a/config/chroot_local-includes/usr/share/amnesia/build/mksquashfs-excludes b/config/chroot_local-includes/usr/share/amnesia/build/mksquashfs-excludes
index b5816d8..f198902 100644
--- a/config/chroot_local-includes/usr/share/amnesia/build/mksquashfs-excludes
+++ b/config/chroot_local-includes/usr/share/amnesia/build/mksquashfs-excludes
@@ -2,6 +2,7 @@ boot/initrd.img-*
boot/vmlinux-*
boot/vmlinuz-*
debootstrap/*
+etc/apt/apt.conf.d/50ignore-valid-until
root/.gnupg/S.gpg-agent*
tmp/*
usr/share/amnesia/packages/*
diff --git a/vagrant/definitions/tails-builder/generate-tails-builder-box.sh b/vagrant/definitions/tails-builder/generate-tails-builder-box.sh
index a50e584..8a19454 100755
--- a/vagrant/definitions/tails-builder/generate-tails-builder-box.sh
+++ b/vagrant/definitions/tails-builder/generate-tails-builder-box.sh
@@ -45,6 +45,10 @@ fi
# already exists
rm -f "${TARGET_NAME}".*
+# XXX: we need: Acquire::Check-Valid-Until=false;
+
+# XXX: actually, we cannot use time-based.snapshots.deb.tails.boum.org below, but need to use tagged.snapshots. So this will be way more complicated (we need to record the packages used to generate the builder box and include them...)
+
sudo ${http_proxy:+http_proxy="$http_proxy"} \
LC_ALL=${LC_ALL} \
ARCHITECTURE=${ARCHITECTURE} \
diff --git a/vagrant/provision/assets/build-tails b/vagrant/provision/assets/build-tails
index 6d7fae2..0f2c759 100755
--- a/vagrant/provision/assets/build-tails
+++ b/vagrant/provision/assets/build-tails
@@ -102,6 +102,14 @@ fi
as_root_do rsync -a "${TAILS_GIT_DIR}"/ "${BUILD_DIR}"/
cd "${BUILD_DIR}"
+
+if [ "${TAILS_APT_IGNORE_VALID_UNTIL}" = 1 ]; then
+ cat > config/chroot_local-includes/etc/apt/apt.conf.d/50ignore-valid-until <<-EOF
+# If this file ever ends up inside a Tails build, that is a bug!
+Acquire::Check-Valid-Until=false;
+ EOF
+fi
+
as_root_do lb config --cache false
as_root_do lb build
diff --git a/vagrant/provision/setup-tails-builder b/vagrant/provision/setup-tails-builder
index 331e639..db27a62 100755
--- a/vagrant/provision/setup-tails-builder
+++ b/vagrant/provision/setup-tails-builder
@@ -49,6 +49,8 @@ security_serial="$(latest_serial debian-security)"
sed -i -e "s/${stable_serial}/${security_serial}/g" /etc/apt/sources.list.d/stretch-security.list
cat /etc/apt/sources.list /etc/apt/sources.list.d/*
+# XXX: we need: Acquire::Check-Valid-Until=false;
+
# Upgrade if needed
apt-key add /amnesia.git/config/chroot_sources/tails.binary.gpg
apt-get update