Version 3 (modified by jdreed, 12 years ago) (diff)


  1. Install either Debian testing (or stable, if it's new enough, but see the note about sbuild below) or the latest Ubuntu release. The build server must be installed with free space in an LVM volume group. The build chroots consume 4GB each.

As of Oct 2012, we're using Precise, and we should prefer an Ubuntu LTS to Debian testing or unstable or experimental, per Ops' preferences.

  1. Install debathena-login as per the the instructions in

add the apt-key (though

  1. apt-key add /afs/

For maximum paranoia, run apt-key export on the old build server and then apt-key add on the new one.

  1. Install the packages listed in scripts/build-server/packages (using "aptitude install").

Or apt-get install, until aptitude becomes less stupid about Multiarch support.

Note that currently the build system uses the latest version of sbuild, so if you have not installed Debian testing, you'll need to set up apt pinning to grab sbuild from there. See the apt_preferences man page. You'll also need to grab schroot from Debian experimental.

Also, WTF, why are these not part of debathena-build-depends or debathena-debian-dev or whatever?

  1. Install the aufs-modules-2.6-amd64 package.

No, we now use overlayfs. Also, both overlayfs and aufs are in the standard kernel packages.

  1. Append to /etc/approx/approx.conf the contents of


Run: /etc/init.d/approx restart

Nope, approx is now run from inetd. Restart that instead

  1. Apply scripts/build-server/mount-defaults.patch and

No, just add the AFS line:

/afs /afs none rw,bind 0 0


Unneeded, schroot ships with the correct pam config.

Ensure that schroot's pam-config is sane (Specifically, that it includes the usual pam stack, e.g. @include common-auth @include common-account @include common-session

TODO: Deal with the /run mess once that's finalized.

  1. For each supported DIST (see scripts/ run:

scripts/build-server/make-chroot DIST i386 scripts/build-server/make-chroot DIST amd64

Example: scripts/build-server/make-chroot intrepid i386

  1. Create a local account for builder with:

adduser --uid 1047 --disabled-password builder

Make the home directory mode 700. Install a daemon/ keytab in the home directory as "keytab". Install a copy of the secret repository-signing key (debathena@…) in the home directory's keyring with something like:

kinit builder gpg --export-secret-keys debathena@… | \

ssh -l builder machinename gpg --import

Create a file named .sbuildrc in builder's homedir containing:

$mailto = undef; $log_dir = '/tmp/sbuild-logs'; $maintainer_name = 'Debathena Project <debathena@…>'; $force_orig_source = 1; $sbuild_mode = "user"; 1;

Create a file named .ssh/config in builder's homedir containing:


User debuildsvn

Add builder to the sbuild group in /etc/group.

Ensure that daemon.(build-server) exists in Kerberos and has a pts id.

Add it to debathena-build-server-acl

Ensure daemon.(build-server) exists in -c sipb (assuming the debathena locker is still in -c sipb)

Copy scripts/build-server/autodebathenify to builder's homedir. Create a file named autodebathenify.config in builder's homedir containing:

error_addr=debathena-root@… scripts_dir=/mit/debathena/bin build_dir=/mit/debathena/packages/third packages="lprng openafs" export DEBATHENA_APT=/mit/debathena/apt

Copy scripts/build-server/autodebathenify.cron to builder's homedir and install it with "crontab autodebathenify.cron".

Copy scripts/build-server/autolivebuilder to builder's homedir. Create a file called autolivebuilder.config in builder's homedir containing:

error_addr=debathena-root@… release_version='9.04' release='jaunty' arch='i386' mirror='' gpg_opts=("-u" "0D8A9E8F") live_dir=/net/

Create a file named .devscripts in builder's homedir containing:


In builder's homedir, append to .bashrc:

add debathena export PATH=$PATH:~/bin export DEBATHENA_APT=/mit/debathena/apt

blah blah copy ~/bin too