Created
May 26, 2021 18:22
-
-
Save popey/8dd8902f9e41f1ed5107a2cb7a013e9d to your computer and use it in GitHub Desktop.
Build a patched snapd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Build snapd with longer time between forced refresh, effectively | |
| # allowing systems to prevent any refreshes at all, "easily". | |
| # While it's possible to defer updates to a later date, like this: | |
| # $ sudo snap set system refresh.hold="$(/usr/bin/date --iso-8601=seconds -d '+30 days')" | |
| # After 60 days, snapd will eventually force refresh, even if you run | |
| # the above command every day to push the refresh time back continuously. | |
| # All this script does is build snapd with a way longer interval between | |
| # 'forced' refreshes. | |
| # To undo this, we patch snapd, rebuild and install it | |
| # Allow us to push updates long into the future (1825 days, 5 years) | |
| # Set maxPostponement = 1825 * 24 * time.hour | |
| # Set maxInhibition = 1825 * 24 * time.Hour | |
| # Patch only on Tuesday | |
| # Set defaultRefreshSchedule = "tue,12:00" | |
| # Temp dir to do the work in | |
| WORKING_DIR="$PWD" | |
| SNAPD_BUILDDIR=$(mktemp -d -p "$WORKING_DIR") | |
| # What snap store channel should we yoink the snapd version from | |
| SNAPD_CHANNEL="latest/candidate" | |
| # Push updates back a ludicrous amount of time. Five years should do. | |
| MAXPOSTPONEMENT="1825" | |
| MAXINHIBITION="1825" | |
| # When should refreshes happen, if they do | |
| # Default is every day, four times a day | |
| REFRESHTIME="tue,12:00" | |
| # Get version in snap store from candidate, we build that | |
| # That way we stay a little ahead of the stable channel, sometimes | |
| CANDIDATE="$(snap info snapd | grep "$SNAPD_CHANNEL" | awk -F ' ' '{print $2}')" | |
| # snap source is in github | |
| SNAPD_SOURCE="https://github.com/snapcore/snapd.git" | |
| # Clone the upstream source | |
| cd "$SNAPD_BUILDDIR" || exit 8 | |
| if git clone -q $SNAPD_SOURCE; then | |
| echo "*** Cloned" | |
| else | |
| echo "*** Failed to clone" | |
| exit 1 | |
| fi | |
| cd snapd || exit 7 | |
| if git checkout -q "$CANDIDATE"; then | |
| echo "*** Checked out $CANDIDATE" | |
| else | |
| echo "*** Failed to check out $CANDIDATE" | |
| exit 2 | |
| fi | |
| # Patch things | |
| if sed -i "s|const maxPostponement = 60|const maxPostponement = $MAXPOSTPONEMENT|" overlord/snapstate/autorefresh.go; then | |
| echo "*** Patched maxPostponement" | |
| else | |
| echo "*** Failed to patch maxPostponement" | |
| exit 3 | |
| fi | |
| if sed -i "s|const maxInhibition = 7|const maxInhibition = $MAXINHIBITION|" overlord/snapstate/autorefresh.go; then | |
| echo "*** Patched maxInhibition" | |
| else | |
| echo "*** Failed to patch maxInhibition" | |
| exit 4 | |
| fi | |
| if sed -i "s|00:00~24:00/4|$REFRESHTIME|" overlord/snapstate/autorefresh.go; then | |
| echo "*** Patched autorefresh default time" | |
| else | |
| echo "*** Failed to patch autorefresh default time" | |
| exit 5 | |
| fi | |
| # Build snapd remotely in the cloud! | |
| # This means it'll build for whatever architecture you run this | |
| # script on, and will not consume resources on your computer. | |
| # In my experience when the builders aren't all busy, it takes | |
| # ~30 minutes to build snapd | |
| # Check it at https://launchpad.net/builders to see builder 'queue' | |
| if snapcraft remote-build --launchpad-accept-public-upload --build-on amd64,armhf,arm64; then | |
| mv snapd_*.snap "$WORKING_DIR" | |
| mv snapd_*.txt "$WORKING_DIR" | |
| # Back from where we came | |
| cd "$WORKING_DIR" || exit 9 | |
| # Remove the build temporary folder | |
| rm -rf "$SNAPD_BUILDDIR" | |
| ls -l1 snapd_* | |
| else | |
| echo "Failed to build" | |
| exit 6 | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment