From 5190aff93210098168ad0a5ad492f93e6c080e21 Mon Sep 17 00:00:00 2001 From: Robert C Jennings Date: Fri, 6 Mar 2020 14:55:50 +0100 Subject: [PATCH] Ensure a binary hook has not changed the temporary sources.list --- live-build/functions | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/live-build/functions b/live-build/functions index 65c2bc92..b687a5f7 100644 --- a/live-build/functions +++ b/live-build/functions @@ -99,10 +99,19 @@ setup_sourceslist(){ "${mountpoint}/etc/apt/sources.list" sed -i "s#http://security.ubuntu.com/ubuntu#${LB_PARENT_MIRROR_CHROOT}#g" \ "${mountpoint}/etc/apt/sources.list" + + sha256sum "${mountpoint}/etc/apt/sources.list" > sources.list.sha } recover_sourceslist(){ # Remove the build environment apt mirror from the image + + # Check that the sources.list has not changed. If it has changed then the + # binary hook has modified the file that will be discarded. If the build + # fails here the binary hook needs to alter sources.list.tmp and regenerate + # sources.list.sha + sha256sum --check sources.list.sha + mv sources.list.tmp "${mountpoint}/etc/apt/sources.list" }