第 8 章 Sanitization of the source

目录

8.1. Fix with Files-Excluded
8.2. Fix with debian/rules clean
8.3. Fix with extend-diff-ignore
8.4. Fix with tar-ignore
8.5. Fix with git clean -dfx

There are a few cases that require sanitizing the source to prevent contamination of the generated Debian source package.

There are several methods to avoid including undesirable content.

This method is suitable for avoiding non-https://www.debian.org/social_contract.html#guidelines[DFSG] compliant content in the upstream source tarball.

  • debian/copyright 文件中的 Files-Excluded 一节中列出需要移除的文件。
  • debian/watch 文件中列出下载上游源码包(tarball)所使用的 URL。
  • 运行 uscan 命令以下载新的上游源码包(tarball)。

    • Alternatively, use the gbp import-orig --uscan --pristine-tar command.
  • mk-origtargz invoked from uscan removes excluded files from the upstream tarball and repack it as a clean tarball.
  • 最后得到 tarball 的版本编号会附加一个额外的后缀 +dfsg

See COPYRIGHT FILE EXAMPLES in mk-origtargz(1).

This method is suitable for avoiding auto-generated files by removing them in the "debian/rules clean" target.

[注意]注意

The "debian/rules clean" target is called before the "dpkg-source --build" command by the dpkg-buildpackage command. The "dpkg-source --build" command ignores removed files.

This is for the non-native Debian package.

The problem of extraneous diffs can be fixed by ignoring changes made to specific parts of the source tree. This is done by adding the "extend-diff-ignore=…​" line in the debian/source/options file.

debian/source/options to exclude the config.sub, config.guess and Makefile files: 

# Don't store changes on autogenerated files
extend-diff-ignore = "(^|/)(config\.sub|config\.guess|Makefile)$"

[注意]注意

This approach always works, even when you can’t remove the file. It saves you from having to make a backup of the unmodified file just to restore it before the next build.

[提示]提示

If you use the debian/source/local-options file instead, you can hide this setting from the generated source package. This may be useful when local non-standard VCS files interfere with your packaging.

This is for the native Debian package.

You can exclude certain files in the source tree from the generated tarball by adjusting the file glob. Add the "tar-ignore=…​" lines in the debian/source/options or debian/source/local-options files.

[注意]注意

For example, if the source package of a native package needs files with the .o extension as part of the test data, the setting in 第 4.5 节 “devscripts 设置” may be too aggressive. You can work around this by dropping the -I option for DEBUILD_DPKG_BUILDPACKAGE_OPTS in 第 4.5 节 “devscripts 设置” and adding the "tar-ignore=…​" lines in the debian/source/local-options file for each package.

The problem of extraneous content in the second build can be avoided by restoring the source tree. This is done by committing the source tree to the Git repository before the first build.

You can restore the source tree before the second package build. For example:

 $ git reset --hard
 $ git clean -dfx

This works because the dpkg-source command ignores the contents of typical VCS files in the source tree, as specified by the DEBUILD_DPKG_BUILDPACKAGE_OPTS setting in 第 4.5 节 “devscripts 设置””.

[提示]提示

If the source tree is not managed by a VCS, run "git init; git add -A .; git commit" before the first build.