This document details the configuration of the gNewSense package building server used for gNewSense v3 (metad/parkes). If parts of it are unclear or out of date please edit the page, or let us know via IRC or email.

Installing dependencies

You should only need to install two packages to run this, the others will be pulled in as dependencies:

apt-get install pbuilder rebuildd

Customising the rebuildd configuration

First up, lets modify the configuration of the rebuildd daemon itself. The configuration file is kept in '/etc/rebuildd/rebuilddrc'.

Much of this configuration is 'customise to taste', but I'll point out a couple of specific items.

The native arch is always built, so if we want to build others we need to specify them here:

-more_archs = any
+more_archs = any i386

We want to upload the packages automagically after a successful build. do to this, we change the post_build command:

-post_build_cmd = 
+post_build_cmd = /usr/local/bin/ ${p} ${v} ${d}

We have a list of dists which the package will be rebuilt for. This is the same list you should put in the maintanance script config file later on (Why its not automatic I'm still confused over).

-dists = etch lenny sid
+dists = parkes

In our setup, source_cmd has been modified as we don't want to take packages from the repository.

-source_cmd = apt-get source -t somethingsomethingsomething (FIXME)
+source_cmd = dcmd cp /srv/autobuilder/incoming/${p}_${v}.dsc /var/cache/pbuilder/build/

Next to them is the build_cmd. If using pbuilder this is the correct default, but we are going to add a new option. This will prevent rebuildd/pbuilder from rebuilding the source package.

-build_cmd = pbuilder build --basetgz /var/cache/pbuilder/${d}-${a}.tgz ${p}_${v}.dsc
+build_cmd = pbuilder build --basetgz /var/cache/pbuilder/${d}-${a}.tgz --binary-arch ${p}_${v}.dsc

Rebuildd update/maintainance script config

We'll finish with this as it should be updated to match the config we create in rebuilddrc.

The file we need to modify is '/etc/default/rebuildd', which is sourced by the rebuildd init script

We've done all the configuration, so we want to set rebuildd to start by changing this to a 1:


We've set the web UI to run as well, since its interesting to look at:


-# PBUILDER_CACHE_PATH="/var/cache/pbuilder" +PBUILDER_CACHE_PATH="/var/cache/pbuilder" }}}

By default pbuilder downloads from Debian, but we want to dogfood our own mirror (this becomes even more important as the packages change)


More Debian oriented default settings. These can be changed to suit your aims, but must match (or be a superset of) the rebuilddrc file. If you have simple needs, a short shell snippet to extract them from the rebuilddrc file would probably do the job.

-ARCHS="$(dpkg --print-architecture)"
-DISTS="etch lenny sid"
+ARCHS="i386 amd64"

Lastly, if you want the chroots to be automatically updated you should set this to be true.


Initialising rebuildd

After all this configuration is complete its time to initalise rebuildd. If all is going well, you can run 'rebuildd-init-build-system' followed by 'rebuildd init' and you'll be set up.

rebuildd init

You should note that 'rebuildd-init-build-system' will download packages from the PBUILDER_MIRROR set in the default/rebuildd configuration file, building a distribution-arch.tgz. These directories will probably be north of 100MB each on fisk - its up to you to make sure you have the download capacity and disk space!

Running rebuildd

To get rebuildd started a simple service invocation should do the job:

service rebuildd start

You can start the HTTPD (web UI) at this point too if you wish.

service rebuildd-httpd start

rebuildd Incoming setup

mkdir -p /srv/autobuilder/incoming

The script to watch incoming lives in /etc/cron.hourly/

Problems you might face

Incorrect GPG key

If debootstrap is failing to download the packages its probably using the wrong gpg keyring. The version we ship uses --keyring by default, and that points at debian-archive-keyring.gpg.

Note: If trying to set up your own buildd, create a gpg keyring file if you don't already have one (you should install it in your distro, btw):

gpg --export keyid > keyid-pub.gpg

After getting sick of trying to make the debootstrap --keyring option work I went the 'big nasty hammer' approach:

bloodnok:/usr/share/keyrings# rm full-list  -r ~/.gnupg/
bloodnok:/usr/share/keyrings# gpg --import debian-archive-keyring.gpg gnewsense-archive-keyring.gpg
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key F42584E6: public key "Lenny Stable Release Key <>" imported
gpg: key 55BE302B: public key "Debian Archive Automatic Signing Key (5.0/lenny) <>" imported
gpg: key 6D849617: public key "Debian-Volatile Archive Automatic Signing Key (5.0/lenny)" imported
gpg: key B98321F9: public key "Squeeze Stable Release Key <>" imported
gpg: key 473041FA: public key "Debian Archive Automatic Signing Key (6.0/squeeze) <>" imported
gpg: key BF119352: public key "gNewSense/mips Automatic Signing Key <>" imported
gpg: Total number processed: 6
gpg:               imported: 6  (RSA: 4)
gpg: no ultimately trusted keys found
bloodnok:/usr/share/keyrings# gpg --export > full-list.gpg
bloodnok:/usr/share/keyrings# mv debian-archive-keyring.gpg debian-archive-keyring.gpg.orig
bloodnok:/usr/share/keyrings# mv full-list.gpg debian-archive-keyring.gpg

Now, as if by magic, the debootstrap is succededing. (And as if by magic, upgrades to that package will fail in future becasue of the nasty hax in use).

Missing source URIs

If your build fails instantly and you get a message similar to this in the build log, you need to change the *hosts* sources.list

Build started at 2012-03-16 00:22:02.556595
Reading package lists...
Building dependency tree...
Reading state information...
E: You must put some 'source' URIs in your sources.list
Finished with status SOURCE_FAILED at 2012-03-16 00:22:04.637361
Build needed 0:00:02.080766

kgoetz/RebuilddSetup (last edited 2012-04-04 10:57:29 by kgoetz)