chromium/src
0
Fork 0
Code Activity
Files
android_webview
apps
ash
base
build
build_overrides
buildtools
cc
chrome
chromecast
chromeos
clank
codelabs
components
content
crypto
dbus
device
docs
accessibility
autofill
chromeos
design
enterprise
experiments
fuchsia
gpu
graphics
images
infra
intl
ios
linux
build_instructions.md
building_debug_gtk.md
cast_build_instructions.md
cert_management.md
chromium_arm.md
chromium_packages.md
crash_dumping.md
debugging.md
debugging_gtk.md
debugging_minidump.md
debugging_ssl.md
dependencies.md
dev_build_as_default_browser.md
development.md
eclipse_dev.md
graphics_pipeline.md
gtk_theme_integration.md
hw_video_decode.md
instrumented_libraries.md
minidump_to_core.md
ozone_drm.md
password_storage.md
pid_namespace_support.md
plugins.md
profiling.md
proxy_config.md
sandbox_ipc.md
suid_sandbox_development.md
sysroot.md
using_a_chroot.md
zygote.md
login
mac
media
memory
memory-infra
patterns
privacy
privacy_budget
process
security
speed
speed_metrics
standards
telemetry_extension
testing
transcripts
ui
updater
webapps
website
webui
workflow
DIR_METADATA
OWNERS
README.md
accessibility.md
ad_tagging.md
adding_to_third_party.md
android_accessing_cpp_enums_in_java.md
android_accessing_cpp_features_in_java.md
android_accessing_cpp_switches_in_java.md
android_build_instructions.md
android_cast_build_instructions.md
android_debugging_instructions.md
android_dynamic_feature_modules.md
android_emulator.md
android_isolated_splits.md
android_jni_ownership_best_practices.md
android_logging.md
android_native_libraries.md
android_studio.md
angle_in_chromium.md
api_keys.md
asan.md
atom.md
benchmark_performance_regressions.md
bfcache.md
bitmap_pipeline.md
branch_gardener.md
building_old_revisions.md
callback.md
ccache_mac.md
chrome_browser_design_principles.md
chrome_os_logging.md
chrome_settings.md
chromedriver_status.md
chromeos_build_instructions.md
chromeos_glossary.md
chromium_browser_vs_google_chrome.md
cipd_and_3pp.md
cl_respect.md
cl_tips.md
clang.md
clang_code_coverage_wrapper.md
clang_format.md
clang_gardening.md
clang_sheriffing.md
clang_static_analyzer.md
clang_tidy.md
clang_tool_refactoring.md
clangd.md
clion.md
closure_compilation.md
cocoa_tips_and_tricks.md
code_review_owners.md
code_reviews.md
commit_checklist.md
component_build.md
configuration.md
contributing.md
cq_fault_attribution.md
cr_respect.md
cr_user_manual.md
cross_platform_ui.md
cygwin_dll_remapping_failure.md
dangling_ptr.md
dangling_ptr_guide.md
dbus_mojo_connection_service.md
debugging_with_crash_keys.md
dependencies.md
deterministic_builds.md
disassemble_code.md
documentation_best_practices.md
documentation_guidelines.md
early-hints.md
eclipse.md
emacs.md
erc_irc.md
flag_expiry.md
flag_guarding_guidelines.md
flag_ownership.md
frame_trees.md
gardener.md
gcs_dependencies.md
gdbinit.md
gerrit_guide.md
get_the_code.md
git_cookbook.md
git_submodules.md
git_tips.md
google_chrome_branded_builds.md
google_play_services.md
graphical_debugging_aid_chromium_views.md
gwp_asan.md
history_manipulation_intervention.md
how_cc_works.md
how_to_add_your_feature_flag.md
how_to_extend_web_test_framework.md
idn.md
initialize_blink_features.md
inlined_stack_traces.md
installation_at_vmware.md
ios_build_instructions.md
ios_infra.md
ios_voiceover.md
kiosk_mode.md
life_of_a_frame.md
lldbinit.md
mac_arm64.md
mac_build_instructions.md
mac_lld.md
modifying_session_history_serialization.md
modules.md
mojo_and_services.md
mojo_ipc_conversion.md
mojo_testing.md
native_relocations.md
navbar.md
navigation-request-navigation-state.gv
navigation-request-navigation-state.png
navigation.md
navigation_concepts.md
network_traffic_annotations.md
no_sources_assignment_filter.md
orderfile.md
origin_trials_integration.md
ozone_overview.md
parsing_test_results.md
pgo.md
piranha_plant.md
process_model_and_site_isolation.md
profiling.md
profiling_content_shell_on_android.md
proxy_auto_config.md
qtcreator.md
release_branch_guidance.md
render-frame-host-lifecycle-state.gv
render-frame-host-lifecycle-state.png
render_document.md
rust-ffi.md
rust.md
seccomp_sandbox_crash_dumping.md
servicification.md
session_history.md
sheriff.md
shutdown.md
special_case_urls.md
static_initializers.md
sublime_ide.md
system_hardening_features.md
tab_helpers.md
threading_and_tasks.md
threading_and_tasks_faq.md
threading_and_tasks_testing.md
toolchain_support.md
tour_of_luci_ui.md
tpm_quick_ref.md
translation_screenshots.md
unretained_dangling_ptr_guide.md
unsafe_buffers.md
updating_clang.md
updating_clang_format_binaries.md
use_counter_wiki.md
useful_urls.md
user_data_dir.md
user_data_storage.md
user_handle_mapping.md
vanilla_msysgit_workflow.md
vscode.md
vscode_python.md
webview_policies.md
win_cross.md
win_order_files.md
windows_build_instructions.md
windows_native_window_occlusion_tracking.md
windows_pwa_integration.md
windows_shortcut_and_taskbar_handling.md
windows_split_dll.md
windows_virtual_desktop_handling.md
wmax_tokens.md
working_remotely_with_android.md
writing_clang_plugins.md
extensions
fuchsia_web
gin
google_apis
gpu
headless
infra
internal
ios
ios_internal
ipc
media
mojo
native_client
native_client_sdk
net
pdf
ppapi
printing
remoting
rlz
sandbox
services
signing_keys
skia
sql
storage
styleguide
testing
third_party
tools
ui
url
v8
webkit
.clang-format
.clang-tidy
.clangd
.git-blame-ignore-revs
.gitallowed
.gitattributes
.gitignore
.gitmodules
.gn
.mailmap
.rustfmt.toml
.vpython3
.yapfignore
ATL_OWNERS
AUTHORS
BUILD.gn
CODE_OF_CONDUCT.md
CPPLINT.cfg
CRYPTO_OWNERS
DEPS
DIR_METADATA
LICENSE
LICENSE.chromium_os
OWNERS
PRESUBMIT.py
PRESUBMIT_test.py
PRESUBMIT_test_mocks.py
README.md
WATCHLISTS
codereview.settings
e1e02fde482ca40c13f2029aee27b67b2de1acea
src/docs/linux/sysroot.md
Tom Anderson ad01fbd448 [Sysroot] Port sysroot-creator.sh to Python 
R=thestig

Bug: None
Change-Id: I951ec800463624ece45b1460c631e08429c37d03
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5027933
Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1226243}
2023-11-17 18:52:30 +00:00

2.8 KiB
Raw Blame History

Linux sysroot images

The chromium build system for Linux will (by default) use a sysroot image rather than building against the libraries installed on the host system. This serves several purposes. Firstly, it ensures that binaries will run on all supported linux systems independent of the packages installed on the build machine. Secondly, it makes the build more hermetic, preventing issues that arise for variations among developers' systems.

The sysroot consists of a minimal installation of Debian/stable (or old-stable) to ensure maximum compatibility. Pre-built sysroot images are stored in Google Cloud Storage and downloaded during gclient runhooks

Installing the sysroot images

Installation of the sysroot is performed by build/linux/sysroot_scripts/install-sysroot.py.

This script can be run manually but is normally run as part of gclient hooks. When run from hooks this script in a no-op on non-linux platforms.

Rebuilding the sysroot image

The pre-built sysroot images occasionally needs to be rebuilt. For example, when security updates to Debian are released, or when a new package is needed by the chromium build. If you just want to update the sysroots without adding any new packages, skip to Using build_and_upload.py.

Adding new packages

To add a new package, edit the sysroot_creator.py script and modify the DEBIAN_PACKAGES list.

Rebuilding

To rebuild the images (without any changes) run the following command for each desired architecture:

$ build/linux/sysroot_scripts/sysroot_creator.py build <arch>

This command on its own should be a no-op and produce an image identical to the one on Google Cloud Storage.

Uploading new images

To upload image to Google Cloud Storage run the following command:

$ build/linux/sysroot_scripts/sysroot_creator.py upload <arch>

Here you should use the SHA1 of the git revision at which the images were created.

Uploading new images to Google Clound Storage requires write permission on the chrome-linux-sysroot bucket.

Rolling the sysroot version used by chromium

Once new images have been uploaded, the sysroots.json file needs to be updated to reference the new versions. This process is manual and involves updating the Revision and Sha1Sum values in the file.

Using build-and-upload.py

The build_and_upload.py script automates the above four steps. It is recommended to use this just before you're ready to submit your CL, after you've already tested one of the updated sysroots on your local configuration. Build or upload failures will not produce detailed output, but will list the script and arguments that caused the failure. To debug this, you must run the failing command manually. This script requires Google Cloud Storage write permission on the chrome-linux-sysroot bucket.