Dpkg-buildpackage and debuild are intricate beasties already, running dozens of programs and scripts in the right order, adjusting their actions according to many command line options and environment variables. They produce packages able to deliver clear cut functionality to millions of machines. But they do have weak points.
With dpkg-buildpackage and debuild, the build host and the package building are too intertwined. The build process will pollute the build host: build dependencies need to be installed. Even if you diligently remove them after building, even on Debian, this is bound to generate cruft over time. The packages already installed on the build host also influence the build process. If you go on after tar with building dozens of other packages, and then you rebuild tar, you may end up with a tar differently built from the first one.
What's worse, if packages on the build host conflict with build dependencies of the package, the package cannot be built at all. To build packages for multiple distributions, one needs multiple build hosts. And keeping the dependency administration tidy becomes even more of a chore when building packages for closely (in MultiArch terms) related architectures.
Wouldn't it be nice to build every package on a newly installed build host?
Enter PBuilder. It can be used to create chroot environments for each distro. Each such environment is a minimal installation. Before the package is built, the chroot is copied, the build dependencies are automatically installed inside the copied chroot. The package is then built insde the copied chroot.
apt-get install pbuilder
Copy your ~/.pbuilderrc
from the Debian PBuilderTricks.
(Be sure to change the mirror locations.)
sudo DIST=trusty pbuilder --create --components "main universe multiverse"
sudo DIST=precise pbuilder --create
apprentice@host:~/packaging$ apt-get source hello
apprentice@host:~/packaging$ cd hello-2.8
apprentice@host:~/packaging/hello-2.8$ DIST=trusty pdebuild
If you create binary packages from source packages that you didn't write or edit (as is the case with source fetched with apt-get source), you will want to specify your own pgp keys for pdebuild to use:
apprentice@host:~/packaging/hello-2.8$ DIST=trusty pdebuild --debsign-k BCB62767
Alternatively, to always sign with out own keys, in ~/.devscripts
put:
DEBSIGN_KEYID=BCB62767
and in ~/.pbuilderrc
:
<skip> AUTO_DEBSIGN=yes
Then just calling DIST=trusty pdebuild will again suffice.
Occasionally (e.g. when this is the first time you upload the package to your own repository,) you may also want to include the orig.tar.gz in the source package:
apprentice@host:~/packaging/hello-2.8$ DIST=trusty pdebuild --debbuildopts -sa