Dear Maintainer, trying to build a package for Kali Linux, for the kali-experimental suite, in unshare mode with automatic chroot creation. Since version 0.91.8, sbuild matches on '-experimental' (before it would march 'experimental' only), so it matches kali-experimental, and as a result: ``` I: (?^:^(.*)-(experimental|rc-buggy|backports|backports-sloppy|proposed-updates|updates|unreleased)$) matched kali-experimental -- adding extra arguments: --setup-hook=echo "deb http://deb.debian.org/debian kali-experimental main" > "$1"/etc/apt/sources.list.d/kali-experimental.list ``` So it seems that commit bbbd19427db901faeedb4cafacb93e3d8c3a4950 needs to be reworked, maybe split the regex in two regexes like it was before? Thanks, Arnaud
Actually bbbd19427db901faeedb4cafacb93e3d8c3a4950 also broke proper handling of Debian experimental, given that now the regex matches -experimental. Easy to see, I try to build a Debian package with `experimental` in the d/changelog: ``` E: Chroot for distribution experimental, architecture amd64 not found I: Applied base distribution name mangle rule s/(?^:^(experimental|rc-buggy|unreleased|UNRELEASED.*)$)/unstable/ turning "experimental" into "unstable" I: Creating new chroot tarball: mmdebstrap --variant=buildd --arch=amd64 --skip=output/mknod --format=tar unstable /home/arno/.cache/sbuild/experimental-amd64.tar --aptopt=Acquire::HTTP::Proxy "http://localhost:9999"; I: automatically chosen mode: unshare [...] ``` The name mangle rule matched, however the regex for UNSHARE_MMDEBSTRAP_EXTRA_ARGS didn't. Now if I inspect the chroot that was created, I see that there's only "unstable" in the APT sources: ``` $ cat experimental-amd64/etc/apt/*.list experimental-amd64/etc/apt/sources.list.d/* deb http://deb.debian.org/debian unstable main cat: 'experimental-amd64/etc/apt/sources.list.d/*': No such file or directory ```
Hello Arnaud, I had a quick chat with Jochen on IRC. https://bugs.debian.org/1133265 is the bug that lead to the problematic change: https://salsa.debian.org/debian/sbuild/-/merge_requests/231 And it's on your request :-) Jochen would appreciate a MR to fix the issue if you have time for it. It looks like the correct fix is to revert the merge of both entries in DEFAULT for UNSHARE_MMDEBSTRAP_EXTRA_ARGS. Have one for qr/^(.*)-(backports|backports-sloppy|proposed-updates|updates|unreleased)$/ and one for qr/^(experimental|rc-buggy)$/ I wonder whether we should also drop "unreleased" in the first regex. Because I don't know of any "CODENAME-unreleased" repository that is available on deb.debian.org (maybe it's available on ports.debian.org?). Cheers,
Hello Raphael, Thanks for the suggestion, I opened a MR at https://salsa.debian.org/debian/sbuild/-/merge_requests/240 I dropped unreleased from the first regex, in the absence of any explanation I assume it was a mistake. Cheers, Arnaud
Hello, Bug #1137071 in sbuild reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/debian/sbuild/-/commit/47d98aa4c627c911e0fbfda92721e02a37006d87 ------------------------------------------------------------------------ Fix default value for UNSHARE_MMDEBSTRAP_EXTRA_ARGS Partially revert commit bbbd194: - revert the merge of to regex into one, that lead to #1137071 - retain the fix, which was to drop security from the regex Additionally, (try to) handle the 'unreleased' properly, ie. proper match (^unreleased$) and proper mirror url (debian-ports). This suite is documented at https://www.ports.debian.org/archive, and it seems that it should be present in the build environment, for packages that target unreleased in their d/changelog. It's also seems to be setup that way in the build infrastructure, if I'm reading correctly this one: https://salsa.debian.org/debian-ports-team/dsa-puppet I tested a build with d/changelog set to experimental, and I can confirm that it fixes #1137071. Closes: #1137071 ------------------------------------------------------------------------ (this message was generated automatically) -- Greetings https://bugs.debian.org/1137071
We believe that the bug you reported is fixed in the latest version of sbuild, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1137071@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jochen Sprickerhof <jspricke@debian.org> (supplier of updated sbuild package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) Format: 1.8 Date: Sat, 27 Jun 2026 12:06:03 +0200 Source: sbuild Architecture: source Version: 0.91.10 Distribution: unstable Urgency: medium Maintainer: sbuild maintainers <sbuild@packages.debian.org> Changed-By: Jochen Sprickerhof <jspricke@debian.org> Closes: 1135581 1137071 Changes: sbuild (0.91.10) unstable; urgency=medium . [ Luca Boccassi ] * Install and use sysusers.d/tmpfiles.d config files . [ Arnaud Rebillout ] * Fix default value for UNSHARE_MMDEBSTRAP_EXTRA_ARGS (Closes: #1137071) . [ Tianyu Chen ] * Add ; for examples in sbuild.conf . [ Benjamin Drung ] * Map *-proposed pocket to base suite * Mark autopkgtests needing Internet access * Support chroot in /usr/bin (LP: #2133900) . [ Philippe SWARTVAGHER ] * Fix running autopkgtest with --extra-package=/dir/ . [ Jochen Sprickerhof ] * Add --apt-distclean commandline option (Closes: #1135581) * Drop duplicated build dependency * Fix some groff warnings * Add d/clean * Deprecate the buildd package * Drop optional priority * Drop R³ * Bump policy version (no changes) . [ Johannes Schauer Marin Rodrigues ] * man/sbuild.1.in: move the unshare backend docs to the top Checksums-Sha1: d7fcffa20dac861bb691e8f12f6cdbc9bfc4dd56 2784 sbuild_0.91.10.dsc ea7975656031e2872b7d230076e99f3e2981f93b 265004 sbuild_0.91.10.tar.xz Checksums-Sha256: 76d465d831f3ea546675880d6ee0987b1e94362973370f0ed2912a3a7d77791c 2784 sbuild_0.91.10.dsc 5568f5a87ece0669dfe3910e907ef63f0b75a3d7cab82e904e7ec97761ad8fb4 265004 sbuild_0.91.10.tar.xz Files: 8467f5143b9901d52e32bda1eaca1559 2784 devel optional sbuild_0.91.10.dsc 6f60bf3c7ee4465fd9ce40f6b69d6797 265004 devel optional sbuild_0.91.10.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEc7KZy9TurdzAF+h6W//cwljmlDMFAmo/oLQACgkQW//cwljm lDMGcQ//SpXMX00pxzFkXi4mYgZO3u0308L5e5GTDDTN5RISyabGW8zy6jcKaLXL 39hZMjrg5LvD9wHQtN4cZxVDEbQ8ojawIWeTzXoYL9A5ubJGG3Zfz67/D1PKDq4L PdGsRcmY5b40mKNwaaRT2xhE8pSt1OZAx1tSbjupJ7M3y3vMIMtxKIGWWR5dENha Mt1utWUPlY0KqPBOs4kilBQOBqCTUsGcKXPKxiaBWFcZWb92c5QRygv48VbULblS gL9YMRB8RjE5cbSkaxxK2V9bTGdwmEFRWCJJ8IcIIpZRJ0PD6wj/EAB9v7cQz3ot bAdE+mLleBLnzwcyaOpwsa+mYzphGgKm5bK3yUboFFPnWpCwXz2mIqowsrMQJqyc HJGgCHmQ0fD7lkLase+8vUwvkjP4KcxAX2GwMOH54J+R5ZisfXe/bNSbOPYh8P/F jLh4d3ay5kIy5Oug5SOaT1tv+CnCxP406d0VQKA3/eesFOO1Cvffz/XMbIYAeh2I wxIujtseUz5a89cBxBfrzfcqHpkcOA/9WTqVFkerNS4gWH+e9ijOFabez4rXU/h5 vQf8nZ5R0hDJ40Da4dq693f1ipcbHWVUxJuY5xMb0N1U/YnJRjReENXF80GnbLPg 9boxmuzkGVhALPiLeCI1pZLkyjuj9Kqe9yFhMeu5O5lWePVyMXI= =N/rJ -----END PGP SIGNATURE-----