+# helper functions {{{
+stage() {
+ if [ -n "$2" ] ; then
+ echo "$2" > "$STAGES/$1"
+ return 0
+ elif grep -q 'done' "$STAGES/$1" 2>/dev/null ; then
+ echo " [*] Notice: stage $1 has been executed already, skipping execution therefore.">&2
+ return 1
+ fi
+ echo " Executing stage ${1}"
+ return 0
+}
+
+askpass() {
+ # read -s emulation for dash. result is in $resp.
+ set -o noglob
+ [ -t 0 ] && stty -echo
+ read -r resp
+ [ -t 0 ] && stty echo
+ set +o noglob
+}
+# }}}
+
+# define chroot mirror {{{
+chrootmirror() {
+ if [ "$KEEP_SRC_LIST" = "yes" ] ; then
+ echo "KEEP_SRC_LIST has been enabled, skipping chrootmirror stage."
+ return
+ fi
+
+ if [ -z "$COMPONENTS" ] ; then
+ COMPONENTS='main'
+ fi
+ echo "Using repository components $COMPONENTS"
+
+ if [ -n "$ISO" ] ; then
+ echo "Adjusting sources.list for ISO (${ISO})."
+ echo "deb $ISO $RELEASE $COMPONENTS" > /etc/apt/sources.list
+
+ if [ -n "$MIRROR" ] ; then
+ echo "Adding mirror entry (${MIRROR}) to sources.list."
+ echo "deb $MIRROR $RELEASE $COMPONENTS" >> /etc/apt/sources.list
+ fi
+ else
+ if [ -n "$MIRROR" ] ; then
+ echo "Adjusting sources.list for mirror (${MIRROR})."
+ echo "deb $MIRROR $RELEASE $COMPONENTS" > /etc/apt/sources.list
+ fi
+ fi
+
+ # add security.debian.org:
+ case "$RELEASE" in
+ unstable|sid) ;; # no security pool available
+ jessie|stretch|buster)
+ echo "Adding security.debian.org to sources.list."
+ echo "deb http://security.debian.org ${RELEASE}/updates $COMPONENTS" >> /etc/apt/sources.list
+ ;;
+ *)
+ # bullseye and newer releases use a different repository layout, see
+ # https://lists.debian.org/debian-devel-announce/2019/07/msg00004.html
+ echo "Adding security.debian.org/debian-security to sources.list."
+ echo "deb http://security.debian.org/debian-security ${RELEASE}-security $COMPONENTS" >> /etc/apt/sources.list
+ ;;
+ esac
+}
+# }}}
+
+# remove local chroot mirror {{{
+remove_chrootmirror() {
+ if [ "$KEEP_SRC_LIST" = "yes" ] ; then
+ echo "KEEP_SRC_LIST has been enabled, skipping remove_chrootmirror stage."
+ return
+ fi
+
+ if [ -n "$ISO" ] ; then
+ echo "Removing ISO (${ISO}) from sources.list."
+ TMP_ISO="${ISO//\//\\\/}"
+ sed -i "/deb $TMP_ISO $RELEASE $COMPONENTS/ D" /etc/apt/sources.list
+ else
+ if [ -n "$MIRROR" ] && echo "$MIRROR" | grep -q 'file:' ; then
+ echo "Removing local mirror (${MIRROR}) from sources.list."
+ TMP_MIRROR="${MIRROR//\//\\\/}"
+ sed -i "/deb $TMP_MIRROR $RELEASE $COMPONENTS/ D" /etc/apt/sources.list
+ echo "Adding fallback mirror entry (${FALLBACK_MIRROR}) to sources.list instead."
+ echo "deb $FALLBACK_MIRROR $RELEASE $COMPONENTS" >> /etc/apt/sources.list
+ fi
+ fi
+}
+# }}}
+
+# set up grml repository {{{
+grmlrepos() {
+ if [ -z "$GRMLREPOS" ] ; then
+ return 0
+ fi
+
+ # user might have provided their own apt sources configuration
+ if [ -r /etc/apt/sources.list.d/grml.list ] ; then
+ echo "File /etc/apt/sources.list.d/grml.list exists already, not modifying."
+ else
+ echo "Setting up /etc/apt/sources.list.d/grml.list."
+ cat > /etc/apt/sources.list.d/grml.list << EOF
+# grml: stable repository:
+ deb [signed-by=/usr/share/keyrings/grml-archive-keyring.gpg] http://deb.grml.org/ grml-stable main
+ deb-src [signed-by=/usr/share/keyrings/grml-archive-keyring.gpg] http://deb.grml.org/ grml-stable main
+
+# grml: testing/development repository:
+ deb [signed-by=/usr/share/keyrings/grml-archive-keyring.gpg] http://deb.grml.org/ grml-testing main
+ deb-src [signed-by=/usr/share/keyrings/grml-archive-keyring.gpg] http://deb.grml.org/ grml-testing main
+EOF
+ fi
+
+ # make sure we install packages from Grml's pool only if not available from Debian
+ if [ -r /etc/apt/preferences.d/grml.pref ] ; then
+ echo "File /etc/apt/preferences.d/grml.pref exists already, not modifying."
+ else
+ echo "Setting up /etc/apt/preferences.d/grml.pref."
+ cat > /etc/apt/preferences.d/grml.pref << EOF
+Explanation: use Grml repository only after Debian ones
+Package: *
+Pin: origin deb.grml.org
+Pin-Priority: 100
+EOF
+ fi
+
+ apt-get update -o Acquire::AllowInsecureRepositories=1
+ apt-get -y --allow-unauthenticated install grml-debian-keyring
+ apt-get update
+
+ if [ "$(dpkg-query -f "\${db:Status-Status} \${db:Status-Eflag}" -W grml-debian-keyring 2>/dev/null)" != 'installed ok' ]; then
+ echo "Error: installation of grml-debian-keyring failed." >&2
+ exit 1
+ fi
+}
+# }}}
+
+# feature to provide Debian backports repos {{{
+backportrepos() {
+ if [ -n "$BACKPORTREPOS" ] ; then
+ cat >> /etc/apt/sources.list.d/backports.list << EOF
+# debian backports: ${RELEASE}-backports repository:
+deb ${MIRROR} ${RELEASE}-backports main
+deb-src ${MIRROR} ${RELEASE}-backports main
+EOF
+ fi
+}
+# }}}
+
+# set up kernel-img.conf {{{
+kernelimg_conf() {
+ if ! [ -r /etc/kernel-img.conf ] ; then
+ echo "Setting up /etc/kernel-img.conf"
+ cat > /etc/kernel-img.conf << EOF