glitsj16/clone-firejail.howto

## clone-firejail.howto
#!/bin/sh
#
## build & install firejail from git via checkinstall
#+ assumptions:
#+ expects presence of $HOME/Downloads/deb.control.firejail
#+ which offers a template for creating a nice .deb
#+ content is in comment attched to this gist

### vars
package="firejail"
repo_url="https://github.com/netblue30/firejail.git"


### logic
cd "$HOME"

# compile in tmpfs
bz_tmpfs="/tmp/bz-${package}"
[ ! -d ${bz_tmpfs} ] && mkdir -p ${bz_tmpfs}

cd "$bz_tmpfs"
git clone "$repo_url"

if [ ! $? -eq 0 ]; then
    echo "O.o --> repo cloning failed - aborting"
    exit 1
fi

cd "$package"

# patches go here

# helpers
thisRelease="$(printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" | sed 's/^v//;s/-/./g')"
thisVersion="$(grep -m 1 firejail ./RELNOTES | awk '{split($0,a," "); print a[2]}' | sed 's/(//' | sed 's/)//')"
thisDebVersion="$thisVersion-$thisRelease"

# configure & compile
./configure --prefix=/usr --enable-apparmor
make || exit 1

# initial deb
sudo checkinstall -y --pkgname "$package" --pkgversion "$thisVersion" --pkgrelease "$thisRelease" --install=no

### deb re-assembling magic
dpkg-deb --extract ./*.deb ./tbotnik
dpkg-deb --control ./*.deb ./tbotnik/DEBIAN

# move our template control file into place & modify the version #
cat "${HOME}/Downloads/deb.control.${package}" | sed "s/<version>/${thisDebVersion}/g" > ./tbotnik/DEBIAN/control

# add firejail profiles to DEBIAN/conffiles
ls -1 ./tbotnik/etc/firejail/ > ./tbotnik/DEBIAN/conffiles
sed -i -e 's/^/\/etc\/firejail\//' ./tbotnik/DEBIAN/conffiles

# correct the doc files
rm ./tbotnik/usr/share/doc/firejail/COPYING ./tbotnik/usr/share/doc/firejail/*.md

# gzip the changelog
gzip -c ./tbotnik/usr/share/doc/firejail/RELNOTES > ./tbotnik/usr/share/doc/firejail/changelog.Debian.gz
rm ./tbotnik/usr/share/doc/firejail/RELNOTES

# strip binaries & libs
strip ./tbotnik/usr/bin/firejail
strip ./tbotnik/usr/lib/firejail/libtrace.so

# set correct file ownership inside the deb
sudo chown -R root:root ./tbotnik
# the above drops the setuid root on firejail's binary!
#+ make sure to correct that
sudo chmod 4755 ./tbotnik/usr/bin/firejail

# re-assemble the deb in our Downloads folder
dpkg-deb -b ./tbotnik $HOME/Downloads

### install & notification
if [ $? -eq 0 ]; then
    echo "installing.."
    sudo dpkg -i ${HOME}/Downloads/${package}_*.deb
    if [ $? -eq 0 ]; then
        echo ""
        echo "${package} upgraded"
        rm -f ${HOME}/Downloads/${package}_*.deb > /dev/null 2>&1 &
    else
        echo ""
        echo "${package} ready for manual install via dpkg in ~/Downloads"
    fi
else
    echo ""
    echo "${package} build error"
    exit 1
fi

### post-install commands
cd "$HOME"
# remove tmpfs buildzone
sudo rm -fr "$bz_tmpfs" &

exit 0
	#!/bin/sh
	#
	## build & install firejail from git via checkinstall
	#+ assumptions:
	#+ expects presence of $HOME/Downloads/deb.control.firejail
	#+ which offers a template for creating a nice .deb
	#+ content is in comment attched to this gist

	### vars
	package="firejail"
	repo_url="https://github.com/netblue30/firejail.git"


	### logic
	cd "$HOME"

	# compile in tmpfs
	bz_tmpfs="/tmp/bz-${package}"
	[ ! -d ${bz_tmpfs} ] && mkdir -p ${bz_tmpfs}

	cd "$bz_tmpfs"
	git clone "$repo_url"

	if [ ! $? -eq 0 ]; then
	echo "O.o --> repo cloning failed - aborting"
	exit 1
	fi

	cd "$package"

	# patches go here

	# helpers
	thisRelease="$(printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" \| sed 's/^v//;s/-/./g')"
	thisVersion="$(grep -m 1 firejail ./RELNOTES \| awk '{split($0,a," "); print a[2]}' \| sed 's/(//' \| sed 's/)//')"
	thisDebVersion="$thisVersion-$thisRelease"

	# configure & compile
	./configure --prefix=/usr --enable-apparmor
	make \|\| exit 1

	# initial deb
	sudo checkinstall -y --pkgname "$package" --pkgversion "$thisVersion" --pkgrelease "$thisRelease" --install=no

	### deb re-assembling magic
	dpkg-deb --extract ./*.deb ./tbotnik
	dpkg-deb --control ./*.deb ./tbotnik/DEBIAN

	# move our template control file into place & modify the version #
	cat "${HOME}/Downloads/deb.control.${package}" \| sed "s/<version>/${thisDebVersion}/g" > ./tbotnik/DEBIAN/control

	# add firejail profiles to DEBIAN/conffiles
	ls -1 ./tbotnik/etc/firejail/ > ./tbotnik/DEBIAN/conffiles
	sed -i -e 's/^/\/etc\/firejail\//' ./tbotnik/DEBIAN/conffiles

	# correct the doc files
	rm ./tbotnik/usr/share/doc/firejail/COPYING ./tbotnik/usr/share/doc/firejail/*.md

	# gzip the changelog
	gzip -c ./tbotnik/usr/share/doc/firejail/RELNOTES > ./tbotnik/usr/share/doc/firejail/changelog.Debian.gz
	rm ./tbotnik/usr/share/doc/firejail/RELNOTES

	# strip binaries & libs
	strip ./tbotnik/usr/bin/firejail
	strip ./tbotnik/usr/lib/firejail/libtrace.so

	# set correct file ownership inside the deb
	sudo chown -R root:root ./tbotnik
	# the above drops the setuid root on firejail's binary!
	#+ make sure to correct that
	sudo chmod 4755 ./tbotnik/usr/bin/firejail

	# re-assemble the deb in our Downloads folder
	dpkg-deb -b ./tbotnik $HOME/Downloads

	### install & notification
	if [ $? -eq 0 ]; then
	echo "installing.."
	sudo dpkg -i ${HOME}/Downloads/${package}_*.deb
	if [ $? -eq 0 ]; then
	echo ""
	echo "${package} upgraded"
	rm -f ${HOME}/Downloads/${package}_*.deb > /dev/null 2>&1 &
	else
	echo ""
	echo "${package} ready for manual install via dpkg in ~/Downloads"
	fi
	else
	echo ""
	echo "${package} build error"
	exit 1
	fi

	### post-install commands
	cd "$HOME"
	# remove tmpfs buildzone
	sudo rm -fr "$bz_tmpfs" &

	exit 0