Introduction

This page describes how I build packages for personal use. Others can copy this method for their own use, and use it on sources written by me for programs that are not (yet) included in Debian.

This page does not describe how to create the contents of the debian/ directory; only how to build a package.

Build procedure

A Debian package is built using dpkg-buildpackage. I normally use the debuild wrapper, which is in the devscripts package. It needs several components:

  1. The sources of what's being packaged, of course
  2. A debian/ directory in there, with package building information
  3. An original source tarball

The idea is that you take a piece of software from the web, unpack it, add a debian/ directory, and build a package out of it. When doing that, it is clear where all those pieces come from, and which pieces you have write as part of packaging this software (everything in debian/, nothing else).

The problem

But I want to create packages from my own software. And more specifically, I want to create them as part of testing the software. That means I don't want to prepare a release before every package build. The debian/ directory can simply be part of my source. But where do I get my original source tarball?

The solution

The answer is simple: Technically, I do make a release before every build. I wrote a script which does the following:

  1. Make a copy of the source
  2. Run fakeroot debian/rules clean in it
  3. Remove *.swp, CVS, .git, .svn
  4. Remove the debian/ directory
  5. Pack this directory into an appropriately named original source tarball
  6. Copy the debian/ directory back
  7. Run debuild

After running this script, the resulting package files are in /tmp. They can be installed by running dpkg --install /tmp/packagename.deb as root.

The script

If you want to use this method, the script is available for download. Put it in your path for convenience.

Security considerations

Note that this script is intended for use on single user systems. It is vulnerable to a so called symlink attack, where a malicious person can make a symbolic link in /tmp, which will cause this script to overwrite data that it points to. If you want to run it on a multi user system with untrusted other users, be sure to change the value of the dir variable to point to a location that is only writable by yourself.

Comments

If you have any comments, please send them to Bas Wijnen <wijnen@debian.org>.