Build Environment in an LXC

Owned by Ross Philipson
Last updated: Mar 01, 2016
3 min read

NOTE: This is not an officially supported build environment. It is a rundown on how to get something like this to work. Maybe someday we can fully support it...

Debian Squeeze i386 instructions

The recommended OpenXT build environment is 32-bit debian squeeze. The following Debian Squeeze packages are needed before building:

sudo apt-get install make gcc automake git-core bcc ruby genisoimage libglib2.0-dev libdbus-glib-1-dev libc6-dev initramfs-tools gzip bzip2 g++ file flex bison bin86 gawk rsync iasl ccache gettext libxml-parser-perl libpci-dev smbclient unzip help2man diffstat texi2html texinfo cvs subversion python2.5-dev sun-java6-jdk python-flup python-setuptools python-routes makeself wget build-essential coreutils libsdl1.2-dev docbook-utils diffstat x11-xserver-utils quilt x11proto-core-dev xsltproc xutils-dev expect lib64gcc1 libc6-dev-amd64 genext2fs python-simplejson python-psycopg2 guilt debootstrap ghc gfortran xz-utils zip libtool cproto indent chrpath reprepro lintian

For those that are using 64-bit and/or newer distros, one way to get a debian squeeze build environment up and running is using linux containers (LXC). You may follow the instructions to configure LXC, available at: https://wiki.debian.org/LXC

Debian Jessie x64 instructions

Setup cgroup (not necessary, see https://wiki.debian.org/LXC#Prepare_the_host):

sudo sh -c "echo cgroup /sys/fs/cgroup cgroup defaults 0 0 >> /etc/fstab"

sudo mount /sys/fs/cgroup

Install required packages:

sudo aptitude install lxc

sudo aptitude install bridge-utils libvirt-bin debootstrap

Build 32-bit squeeze container:

sudo MIRROR=http://mirror.steadfast.net/debian lxc-create -n openxt-buildvm-i386 -t debian -- --arch i386 --release squeeze

# You can override the default path for containers in 2 ways

# First by creating /etc/lxc/lxc.conf and setting a path of the form: lxc.lxcpath = <path>

# Or by overriding it during lxc-create (note that if you do this all other command must also use the -P <path> that is used here):

sudo MIRROR=http://mirror.steadfast.net/debian lxc-create -n openxt-buildvm-i386 -P <path> -t debian -- --arch i386 --release squeeze

Alternate networking. If you are using the new build scripts for building OpenXT 6.0 and later, you can add this new container to the private network that those scripts setup. If this is done, skip the network setup instructions on this page. The instructions are here:

Alternate Private Network

Setup NAT networking for container:

sudo apt-get install libvirt-bin

sudo virsh net-start default

sudo sed -i 's/lxc.network.type\ =.*/lxc.network.type\ =\ veth/g' /var/lib/lxc/openxt-buildvm-i386/config

sudo sh -c 'echo "lxc.network.flags = up" >> /var/lib/lxc/openxt-buildvm-i386/config'

sudo sh -c 'echo "lxc.network.link = virbr0" >> /var/lib/lxc/openxt-buildvm-i386/config'

Start the container:

sudo lxc-start --name openxt-buildvm-i386

Login to the container with root/root

Setup networking

sudo dhclient eth0

Get the required packages installed:

apt-get install vim sed wget cvs subversion git-core coreutils unzip texi2html texinfo docbook-utils gawk python-pysqlite2 diffstat help2man make gcc build-essential g++ desktop-file-utils chrpath cpio sudo rpm curl

apt-get install ghc guilt iasl quilt bin86 bcc libsdl1.2-dev liburi-perl genisoimage policycoreutils unzip

Add your user account:

adduser yourusername

Fixup default shell to bash (arrow over to 'No' and press enter when prompted):

dpkg-reconfigure dash

Verify above command set /bin/sh link correctly:

$ ls -l /bin/sh

lrwxrwxrwx 1 root root 4 Jul 23 11:13 /bin/sh -> bash

Fake uname output for packages using it (cough) xen-tools (cough):

mv /bin/uname /bin/uname.real

echo '#!/bin/bash' > /bin/uname

echo '/bin/uname.real $@ | sed 's/amd64/i686/g' | sed 's/x86_64/i686/g'' >> /bin/uname

chmod +x /bin/uname

Switch to your user account:

su yourusername

Download the repo:

git clone git://github.com/OpenXT/openxt.git

cd openxt

cp example-config .config

Generate certs:

mkdir certs # make a certs directory inside the openxt directory

openssl genrsa -out certs/prod-cakey.pem 2048

openssl genrsa -out certs/dev-cakey.pem 2048

openssl req -new -x509 -key certs/prod-cakey.pem -out certs/prod-cacert.pem -days 1095

openssl req -new -x509 -key certs/dev-cakey.pem -out certs/dev-cacert.pem -days 1095

Fixup cert paths in .config:

REPO_PROD_CACERT="/home/yourusername/openxt/certs/prod-cacert.pem"

REPO_DEV_CACERT="/home/yourusername/openxt/certs/dev-cacert.pem"

REPO_DEV_SIGNING_CERT="/home/yourusername/openxt/certs/dev-cacert.pem"

REPO_DEV_SIGNING_KEY="/home/yourusername/openxt/certs/dev-cakey.pem"

Make output directory:

mkdir ~/openxt-build

Setup OE:

./do_build.sh -s setupoe

Make sure OE builds for x32 (running kernel uname shows x86_64):

echo 'BUILD_ARCH="i686"' >> ~/openxt/build/conf/local.conf

Kick off build:

./do_build.sh -d ~/openxt-build | tee -a build.log