new bin builder setup packages and chroot ~~~~~~~~~~~~~~~~~~~ 1. install pld-builder from th repoeistory on target host 2. create chroot /srv/chroot (you can symlink to real dest for the sake of copy-paste from here) mkdir -p /srv/chroot - if you're using rpm < 4.5-29, make system rpmdb linked to target rpmdb, as rpm gets it all very messy. see LP#395177. mv /var/lib/rpm{,-host} ln -s /srv/chroot/var/lib/rpm /var/lib/rpm install -d /srv/chroot/var/lib/rpm rpm -r /srv/chroot --initdb therwise it's just: rpm -r /srv/chroot --initdb - install distro gpg key as default th config packages are signed and sign verify enabled in config: rpm -r /srv/chroot --import /etc/pki/rpm-gpg/PLD-*.asc - setup minimal /dev install -d /srv/chroot/dev cp -a /dev/{full,null,random,urandom,zero} /srv/chroot/dev - install vserver-packages, but as it is usually hidden, so you must unhide it with --noignore: poldek -r /srv/chroot -u vserver-packages -Q --noignore - install pld-builder-chroot from th repos poldek -r /srv/chroot -u pld-builder-chroot -Q --sn th --sn th-ready - make rpmdb readable for builder user chmod -R a+rX /srv/chroot/var/lib/rpm - setup /srv/chroot/etc/resolv.conf so if you enter manually you can work with poldek cat /etc/resolv.conf > /srv/chroot/etc/resolv.conf - restore rpmdb hack rm -f /var/lib/rpm mv /var/lib/rpm{-host,} gpg keys ~~~~~~~~ 1. import src builder key to bin builder so it can download queue.gz src-builder$ gpg --export builder-th-src@pld-linux.org --armor > th-src.asc bin-builder$ gpg --import < th-src.asc 2. generate new key for bin builder and import it to src builder so it can accept spool/notify messages 3. import that public key to src builder keyring bin-builder$ gpg --gen-key bin-builder$ gpg --export KEYID --armor > th-i686.asc src-builder$ gpg --import < th-i686.asc ssh keys ~~~~~~~~ generate key on bin builder and add it to authorized_keys of ftp account i.e account where you push your uploads: [th-i686] ftp_url = scp://fpldth@ep09.pld-linux.org:ftp/.tree/.incoming/i686/ bin-builder$ ssh-keygen bin-builder$ ssh-copy-id -i .ssh/id_rsa.pub fpldth@ep09.pld-linux.org buildlogs ~~~~~~~~~ buildlogs are copied with rsync. ask buildlogs.pld-linux.org admin to allow your ip also you need to setup password that is used to authenticate in rsync-passwords sudo access ~~~~~~~~~~~ make sure builder user (who runs crons) can sudo chroot to the chroots: builder ALL=(ALL) NOPASSWD: /usr/sbin/chroot /home/users/builder/chroot-th * testing ~~~~~~~ keep /var/lib/pld-builder/spool/log running with tail -f run the cronjobs under builder account.