move packaging to packaging/ subdir

generate-packaging-dir

@@ -1,32 +1,8 @@
 #!/bin/sh
 set -eu
 
-fetch1404() (
-    set -u
-    git fetch --quiet "https://github.com/$TRAVIS_PULL_REQUEST_SLUG" "$TRAVIS_PULL_REQUEST_BRANCH-14.04"
-)
+. /etc/os-release
 
-if [ ! -d .git ]; then
-    echo "not running in a git checkout, skipping"
-    exit 0
-fi
+# FIXME: adjust once we have spec files here
+cp -ar packaging/${ID}-${VERSION_ID}/ debian
 
-ID="$1"
-VERSION_ID="$2"
-
-DST="debian-$ID-$VERSION_ID"
-rm -rf "$DST"
-mkdir -p "$DST"
-
-if ! fetch1404 2>/dev/null; then
-    git fetch --quiet https://github.com/snapcore/snapd "$ID/$VERSION_ID"
-fi
-
-git ls-tree -r FETCH_HEAD debian/ | while read _ type hash file; do
-    if [ "$type" != "blob" ]; then
-        continue
-    fi
-    file="$DST/${file#debian/}"
-    mkdir -p "$(dirname "$file")"
-    git cat-file -p "$hash" > "$file"
-done

packaging/ubuntu-14.04/compat

@@ -0,0 +1 @@
+9

packaging/ubuntu-14.04/control

@@ -0,0 +1,121 @@
+Source: snapd
+Section: devel
+Priority: optional
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+Build-Depends: autoconf,
+               automake,
+               autotools-dev,
+               bash-completion,
+               debhelper (>= 9),
+               dh-apparmor,
+               dh-autoreconf,
+               dh-golang (>=1.7),
+               dh-systemd,
+               fakeroot,
+               gettext,
+               grub-common,
+               gnupg2,
+               golang-any (>=2:1.6) | golang-1.6,
+               indent,
+               init-system-helpers,
+               libapparmor-dev,
+               libglib2.0-dev,
+               libseccomp-dev (>= 2.1.1-1ubuntu1~trusty3),
+               libudev-dev,
+               pkg-config,
+               python3,
+               python3-docutils,
+               python3-markdown,
+               squashfs-tools,
+               udev
+Standards-Version: 3.9.7
+Homepage: https://github.com/snapcore/snapd
+Vcs-Browser: https://github.com/snapcore/snapd
+Vcs-Git: https://github.com/snapcore/snapd.git
+
+Package: golang-github-ubuntu-core-snappy-dev
+Architecture: all
+Depends: golang-github-snapcore-snapd-dev, ${misc:Depends}
+Section: oldlibs
+Description: transitional dummy package
+ This is a transitional dummy package. It can safely be removed.
+
+Package: golang-github-snapcore-snapd-dev
+Architecture: all
+Breaks: golang-github-ubuntu-core-snappy-dev (<< 2.0.6),
+        golang-snappy-dev (<< 1.7.3+20160303ubuntu4)
+Replaces: golang-github-ubuntu-core-snappy-dev (<< 2.0.6),
+          golang-snappy-dev (<< 1.7.3+20160303ubuntu4)
+Depends: ${misc:Depends}
+Description: snappy development go packages.
+ Use these to use the snappy API.
+
+Package: snapd
+Architecture: any
+Depends: adduser,
+         apparmor (>= 2.10.95-0ubuntu2.2),
+         ca-certificates,
+         cgroup-lite,
+         gnupg1 | gnupg,
+         linux-generic-lts-xenial,
+         snap-confine (= ${binary:Version}),
+         squashfs-tools,
+# only needed on trusty to pull in the right version.
+         sudo (>= 1.8.9p5-1ubuntu1.3),
+         systemd (>= 204-5ubuntu20.20),
+         ubuntu-core-launcher (= ${binary:Version}),
+# only needed on trusty to pull in the right version.
+         util-linux (>=2.20.1-5.1ubuntu20.9),
+         ${misc:Depends},
+         ${shlibs:Depends}
+Replaces: ubuntu-snappy (<< 1.9), ubuntu-snappy-cli (<< 1.9)
+Breaks: ubuntu-snappy (<< 1.9), ubuntu-snappy-cli (<< 1.9)
+Conflicts: snap (<< 2013-11-29-1ubuntu1)
+Built-Using: ${misc:Built-Using}
+Description: Tool to interact with Ubuntu Core Snappy.
+ Install, configure, refresh and remove snap packages. Snaps are
+ 'universal' packages that work across many different Linux systems,
+ enabling secure distribution of the latest apps and utilities for
+ cloud, servers, desktops and the internet of things.
+ .
+ This is the CLI for snapd, a background service that takes care of
+ snaps on the system. Start with 'snap list' to see installed snaps.
+
+Package: ubuntu-snappy
+Architecture: all
+Depends: snapd, ${misc:Depends}
+Section: oldlibs
+Description: transitional dummy package
+ This is a transitional dummy package. It can safely be removed.
+
+Package: ubuntu-snappy-cli
+Architecture: all
+Depends: snapd, ${misc:Depends}
+Section: oldlibs
+Description: transitional dummy package
+ This is a transitional dummy package. It can safely be removed.
+
+Package: ubuntu-core-snapd-units
+Architecture: all
+Depends: snapd, ${misc:Depends}
+Section: oldlibs
+Description: transitional dummy package
+ This is a transitional dummy package. It can safely be removed.
+
+Package: snap-confine
+Architecture: any
+Breaks: ubuntu-core-launcher (<< 1.0.32)
+Replaces: ubuntu-core-launcher (<< 1.0.32)
+Depends: apparmor (>= 2.10.95-0ubuntu2.2), ${misc:Depends}, ${shlibs:Depends}
+Description: Support executable to apply confinement for snappy apps
+ This package contains an internal tool for applying confinement to snappy app.
+ The executable (snap-confine) is ran internally by snapd to apply confinement
+ to the started application process. The tool is written in C and carefully
+ reviewed to limit the attack surface on the security model of snapd.
+
+Package: ubuntu-core-launcher
+Architecture: any
+Depends: snap-confine (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Pre-Depends: dpkg (>= 1.15.7.2)
+Description: Launcher for ubuntu-core (snappy) apps
+ This package contains the launcher for launching snappy applications

packaging/ubuntu-14.04/copyright

@@ -0,0 +1,22 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: snappy
+Source: https://github.com/snapcore/snapd
+
+Files: *
+Copyright: Copyright (C) 2014,2015 Canonical, Ltd.
+License: GPL-3
+ This program is free software: you can redistribute it and/or modify it
+ under the terms of the the GNU General Public License version 3, as
+ published by the Free Software Foundation.
+ .
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranties of
+ MERCHANTABILITY, SATISFACTORY QUALITY or FITNESS FOR A PARTICULAR
+ PURPOSE.  See the applicable version of the GNU Lesser General Public
+ License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the complete text of the GNU General Public License
+ can be found in `/usr/share/common-licenses/GPL-3'

packaging/ubuntu-14.04/gbp.conf

@@ -0,0 +1,4 @@
+[DEFAULT]
+debian-branch = ubuntu/14.04
+export-dir = ../build-area
+postexport = govendor sync

packaging/ubuntu-14.04/golang-github-snapcore-snapd-dev.install

@@ -0,0 +1 @@
+debian/tmp/usr/share/gocode/src/*

packaging/ubuntu-14.04/not-installed

@@ -0,0 +1 @@
+debian/tmp/usr/bin/uboot-go

packaging/ubuntu-14.04/rules

@@ -0,0 +1,171 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+#export DH_VERBOSE=1
+export DH_OPTIONS
+export DH_GOPKG := github.com/snapcore/snapd
+#export DEB_BUILD_OPTIONS=nocheck
+export DH_GOLANG_EXCLUDES=tests
+export DH_GOLANG_GO_GENERATE=1
+
+export PATH:=${PATH}:${CURDIR}
+# make sure that correct go version is found on trusty
+export PATH:=/usr/lib/go-1.6/bin:${PATH}
+
+include /etc/os-release
+
+SYSTEMD_UNITS_DESTDIR=
+ifeq (${VERSION_ID},"14.04") 
+	# We are relying on a deputy systemd setup for trusty,
+	# in which systemd does not run as PID 1. To solve the
+	# problem of services shipping systemd units and upstart jobs
+	# being started twice, we altered systemd on trusty to ignore
+	# /lib/systemd/system and instead consider only selected units from
+	# /lib/systemd/upstart.
+	SYSTEMD_UNITS_DESTDIR="lib/systemd/upstart/"
+	# make sure that trusty's golang-1.6 is picked up correctly.
+	export PATH:=/usr/lib/go-1.6/bin:${PATH}
+else
+	SYSTEMD_UNITS_DESTDIR="lib/systemd/system/"
+endif
+
+# The go tool does not fully support vendoring with gccgo, but we can
+# work around that by constructing the appropriate -I flag by hand.
+GCCGO := $(shell go tool dist env > /dev/null 2>&1 && echo no || echo yes)
+
+BUILDFLAGS:=-buildmode=pie -pkgdir=$(CURDIR)/_build/std
+GCCGOFLAGS=
+ifeq ($(GCCGO),yes)
+GOARCH := $(shell go env GOARCH)
+GOOS := $(shell go env GOOS)
+BUILDFLAGS:=
+GCCGOFLAGS=-gccgoflags="-I $(CURDIR)/_build/pkg/gccgo_$(GOOS)_$(GOARCH)/$(DH_GOPKG)/vendor"
+export DH_GOLANG_GO_GENERATE=0
+endif
+
+# check if we need to include the testkeys in the binary
+TAGS=
+ifneq (,$(filter testkeys,$(DEB_BUILD_OPTIONS)))
+	TAGS=-tags withtestkeys
+endif
+
+# export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+# DPKG_EXPORT_BUILDFLAGS = 1
+# include /usr/share/dpkg/buildflags.mk
+
+# Currently, we enable confinement for Ubuntu only, not for derivatives,
+# because derivatives may have different kernels that don't support all the
+# required confinement features and we don't to mislead anyone about the
+# security of the system.  Discuss a proper approach to this for downstreams
+# if and when they approach us
+ifeq ($(shell dpkg-vendor --query Vendor),Ubuntu)
+    VENDOR_ARGS=--enable-nvidia-ubuntu
+else
+    VENDOR_ARGS=--disable-apparmor
+endif
+
+%:
+	dh $@ --buildsystem=golang --with=golang --fail-missing --builddirectory=_build
+
+override_dh_fixperms:
+	dh_fixperms -Xusr/lib/snapd/snap-confine
+
+override_dh_installdeb:
+	dh_apparmor --profile-name=usr.lib.snapd.snap-confine -psnap-confine
+	dh_installdeb
+
+override_dh_clean:
+ifneq (,$(TEST_GITHUB_AUTOPKGTEST))
+	# this will be set by the GITHUB webhook to trigger a autopkgtest
+	# we only need to run "govendor sync" here and then its ready
+	(export GOPATH="/tmp/go"; \
+	  mkdir -p $$GOPATH/src/github.com/snapcore/; \
+          cp -ar . $$GOPATH/src/github.com/snapcore/snapd; \
+	  go get -u github.com/kardianos/govendor; \
+	  (cd $$GOPATH/src/github.com/snapcore/snapd ; $$GOPATH/bin/govendor sync); \
+	  cp -ar $$GOPATH/src/github.com/snapcore/snapd/vendor/ .; \
+        )
+endif
+	dh_clean
+	# XXX: hacky
+	$(MAKE) -C cmd distclean || true
+
+override_dh_auto_build:
+	# usually done via `go generate` but that is not supported on powerpc
+	./mkversion.sh
+	# Build golang bits
+	mkdir -p _build/src/$(DH_GOPKG)/cmd/snap/test-data
+	cp -a cmd/snap/test-data/*.gpg _build/src/$(DH_GOPKG)/cmd/snap/test-data/
+	dh_auto_build -- $(BUILDFLAGS) $(TAGS) $(GCCGOFLAGS)
+	# Build C bits, sadly manually
+	cd cmd && ( autoreconf -i -f )
+	cd cmd && ( ./configure --prefix=/usr --libexecdir=/usr/lib/snapd $(VENDOR_ARGS))
+	$(MAKE) -C cmd all
+
+override_dh_auto_test:
+	dh_auto_test -- $(GCCGOFLAGS)
+# a tested default (production) build should have no test keys
+ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
+	# check that only the main trusted account-key is included
+	[ $$(strings _build/bin/snapd|grep -c -E "public-key-sha3-384: [a-zA-Z0-9_-]{64}") -eq 1 ]
+	strings _build/bin/snapd|grep -c "^public-key-sha3-384: -CvQKAwRQ5h3Ffn10FILJoEZUXOv6km9FwA80-Rcj-f-6jadQ89VRswHNiEB9Lxk$$"
+endif
+ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
+	# run the snap-confine tests
+	$(MAKE) -C cmd check
+endif
+
+override_dh_install:
+	# we do not need this in the package, its just needed during build
+	rm -rf ${CURDIR}/debian/tmp/usr/bin/xgettext-go
+	# uboot-go is not shippable
+	rm -f ${CURDIR}/debian/tmp/usr/bin/uboot-go
+	# toolbelt is not shippable
+	rm -f ${CURDIR}/debian/tmp/usr/bin/toolbelt
+	# we do not like /usr/bin/snappy anymore
+	rm -f ${CURDIR}/debian/tmp/usr/bin/snappy
+	# install dev package files
+	mkdir -p debian/golang-github-snapcore-snapd-dev/usr/share
+	rm -rf debian/tmp/usr/share/gocode/src/github.com/snapcore/snapd/cmd/snap-confine
+	cp -R debian/tmp/usr/share/gocode debian/golang-github-snapcore-snapd-dev/usr/share
+	# install udev stuff, must be installed before 80-udisks
+	install debian/snapd.autoimport.udev -D debian/snapd/lib/udev/rules.d/66-snapd-autoimport.rules
+
+	# install bash completion files
+	install --mode=0644 data/completion/snap -D debian/snapd/usr/share/bash-completion/completions/snap
+	# i18n stuff
+	mkdir -p debian/snapd/usr/share
+	if [ -d share/locale ]; then \
+		cp -R share/locale debian/snapd/usr/share; \
+	fi
+	if [ -f data/info ]; then \
+                mkdir -p debian/snapd/usr/lib/snapd; \
+		install --mode=0644 data/info debian/snapd/usr/lib/snapd; \
+	fi
+	# etc/profile.d contains the PATH extension for snap packages
+	mkdir -p debian/snapd/etc
+	cp -R etc/profile.d debian/snapd/etc
+	# etc/X11/Xsession.d will add to XDG_DATA_DIRS so that we have .desktop support
+	mkdir -p debian/snapd/etc
+	cp -R etc/X11 debian/snapd/etc
+	# we install snapd's systemd units
+	mkdir -p debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	install --mode=0644 debian/snapd.refresh.timer debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	install --mode=0644 debian/snapd.refresh.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	install --mode=0644 debian/snapd.autoimport.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	install --mode=0644 debian/*.socket debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	install --mode=0644 debian/snapd.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	install --mode=0644 debian/snap.mount.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	install --mode=0644 debian/snapd.system-shutdown.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
+	$(MAKE) -C cmd install DESTDIR=$(CURDIR)/debian/tmp
+	dh_install
+
+override_dh_auto_install: snap.8
+	dh_auto_install -O--buildsystem=golang
+
+snap.8:
+	$(CURDIR)/_build/bin/snap help --man > $@
+
+override_dh_auto_clean:
+	dh_auto_clean -O--buildsystem=golang
+	rm -vf snap.8

packaging/ubuntu-14.04/snap-confine.install

@@ -0,0 +1,9 @@
+etc/apparmor.d/usr.lib.snapd.snap-confine
+lib/udev/rules.d/80-snappy-assign.rules
+lib/udev/snappy-app-dev
+usr/lib/snapd/snap-confine
+usr/lib/snapd/snap-discard-ns
+usr/lib/snapd/snap-alter-ns
+usr/share/man/man5/snap-confine.5
+usr/share/man/man5/snap-alter-ns.5
+usr/share/man/man5/snap-discard-ns.5

packaging/ubuntu-14.04/snap.mount.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=Apply special mount sharing to /snap directory
+ConditionPathExists=!/run/systemd/initctl/fifo
+Before=snapd.service
+
+[Service]
+Type=oneshot
+ExecStart=/bin/mkdir -p /snap
+ExecStart=/bin/mount -o rbind /snap /snap
+ExecStart=/bin/mount --make-rshared /snap
+ExecStop=/bin/umount -l /snap
+RemainAfterExit=yes
+
+[Install]
+WantedBy=local-fs-pre.target