From 253fcbf02fe2efe6a1f3ff012346615d7e314734 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Davi=20Ant=C3=B4nio=20da=20Silva=20Santos?=
 <antoniossdavi@gmail.com>
Date: Thu, 4 Sep 2025 21:40:47 -0300
Subject: fix: patch jail creation for Ubuntu Noble

- Update php dependencies to PHP 8.3
- Update the source code to inform version 1.5.23
- Update boca-web maintainer script for PHP 8.3
- Adds Ubuntu mirror to the standard jail
- Patch standard jail fixing debootstrap problems with Ubuntu noble
- Purge the unecessary packages in the jail
- Perform a dist-upgrade after updating the jail
- Quote shell variables o prevent suprise splitting
- Replace obsolete backticks with `$( )`
- Modernise test commands, replacing `[ ]` with `[[ ]]`
---
 debian/boca-web.postinst |  3 +-
 debian/changelog         | 15 +++++++++
 debian/control           |  4 +--
 src/version              |  2 +-
 src/versionnum.php       |  2 +-
 tools/boca-createjail    | 82 +++++++++++++++++++++++++++++++++---------------
 6 files changed, 77 insertions(+), 31 deletions(-)

diff --git a/debian/boca-web.postinst b/debian/boca-web.postinst
index 091905b..460778d 100644
--- a/debian/boca-web.postinst
+++ b/debian/boca-web.postinst
@@ -36,7 +36,8 @@ a2enmod socache_shmcb
 a2enmod proxy_fcgi setenvif
 
 # Enable php-fpm module for apache
-a2enconf php8.1-fpm
+# ALWAYS check for unexpected PHP 8 point releases!!!
+a2enconf php8.3-fpm
 
 # Check the syntax of apache2's configuration file
 # This DOES NOT CATCH ALL ERRORS
diff --git a/debian/changelog b/debian/changelog
index db08d53..847ef1e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+boca (1.5.23-1+ubuntu24.04) noble; urgency=medium
+
+  * Update php dependencies to PHP 8.3
+  * Update the source code to inform version 1.5.23
+  * Update boca-web maintainer script for PHP 8.3
+  * Adds Ubuntu mirror to the standard jail
+  * Patch standard jail fixing debootstrap problems with Ubuntu noble
+  * Purge the unecessary packages in the jail
+  * Perform a dist-upgrade after updating the jail
+  * Quote shell variables o prevent suprise splitting
+  * Replace obsolete backticks with `$( )`
+  * Modernise test commands, replacing `[ ]` with `[[ ]]`
+
+ -- Davi Antônio da Silva Santos <antoniossdavi@gmail.com>  Thu, 28 Aug 2025 23:35:45 -0300
+
 boca (1.5.22-1+ubuntu24.04) noble; urgency=medium
 
   * Fix multiple program versions being reported
diff --git a/debian/control b/debian/control
index adc1fb1..b2c160e 100644
--- a/debian/control
+++ b/debian/control
@@ -32,7 +32,7 @@ Description: BOCA - database
 
 Package: boca-web
 Architecture: all
-Depends: ${misc:Depends}, ${shlibs:Depends}, boca-common, apache2, php8.1-fpm, php8.1, python3-matplotlib
+Depends: ${misc:Depends}, ${shlibs:Depends}, boca-common, apache2, php8.3-fpm, php8.3, python3-matplotlib
 Conflicts: libapache2-mod-php
 Description: BOCA - WEB files
  BOCA is a software created to control a contest with the ACM International
@@ -44,7 +44,7 @@ Description: BOCA - WEB files
 Package: boca-common
 Architecture: all
 Pre-Depends: debconf, makepasswd, sharutils
-Depends: ${misc:Depends}, ${shlibs:Depends}, php8.1-zip, wget, php8.1-cli, php8.1-pgsql, php8.1-gd, postgresql-client, php8.1-xml, openssl, libany-uri-escape-perl
+Depends: ${misc:Depends}, ${shlibs:Depends}, php8.3-zip, wget, php8.3-cli, php8.3-pgsql, php8.3-gd, postgresql-client, php8.3-xml, openssl, libany-uri-escape-perl
 Description: BOCA - Common files
  BOCA is a software created to control a contest with the ACM International
  Collegiate Programming Contest rules. It has been developed in PHP and the
diff --git a/src/version b/src/version
index 6f92667..03f4017 100644
--- a/src/version
+++ b/src/version
@@ -1 +1 @@
-boca-1.5.22
+boca-1.5.23
diff --git a/src/versionnum.php b/src/versionnum.php
index 838c1b4..c0a025e 100644
--- a/src/versionnum.php
+++ b/src/versionnum.php
@@ -1,5 +1,5 @@
 <?php
-$BOCAVERSION='boca-1.5.22';
+$BOCAVERSION='boca-1.5.23';
 $YEAR='2025';
 ?>
 
diff --git a/tools/boca-createjail b/tools/boca-createjail
index 1340282..7e4ec5c 100755
--- a/tools/boca-createjail
+++ b/tools/boca-createjail
@@ -1,23 +1,23 @@
 #!/bin/bash
 homejail=/home/bocajail
-[ "$1" != "" ] && homejail=$1
+[ "$1" != "" ] && homejail="$1"
 echo "================================================================================="
 echo "============= CREATING $homejail (this might take some time) ==============="
 echo "================================================================================="
 for i in setquota ln id chown chmod dirname useradd mkdir cp rm mv apt-get dpkg uname debootstrap schroot; do
-  p=`which $i`
+  p="$(which $i)"
   if [ -x "$p" ]; then
     echo -n ""
   else
-    echo command "$i" not found
+    echo "command $i not found"
     exit 1
   fi
 done
-if [ "`id -u`" != "0" ]; then
+if [[ "$(id -u)" != "0" ]]; then
   echo "Must be run as root"
   exit 1
 fi
-if [ ! -r /etc/lsb-release ]; then
+if [[ ! -r /etc/lsb-release ]]; then
   echo "File /etc/lsb-release not found. Is this a ubuntu or debian-like distro?"
   echo "If so, execute the command"
   echo ""
@@ -27,23 +27,23 @@ if [ ! -r /etc/lsb-release ]; then
   exit 1
 fi
 . /etc/lsb-release
-if [ -d /bocajail/ ]; then
+if [[ -d /bocajail/ ]]; then
   echo "You seem to have already a /bocajail installed"
   echo "If you want to reinstall, remove it first (e.g. rm /bocajail) and then run /etc/icpc/createbocajail.sh"
   exit 1
 fi
 
-if [ -f $homejail/proc/cpuinfo ]; then
+if [[ -f "${homejail}/proc/cpuinfo" ]]; then
   echo "You seem to have already installed /bocajail and the /bocajail/proc seems to be mounted"
-  chroot $homejail umount /sys >/dev/nul 2>/dev/null
-  chroot $homejail umount /proc >/dev/nul 2>/dev/null
+  chroot "$homejail" umount /sys >/dev/nul 2>/dev/null
+  chroot "$homejail" umount /proc >/dev/nul 2>/dev/null
   echo "Please reboot the system to remove such mounted point"
   exit 1
 fi
 
 id -u bocajail >/dev/null 2>/dev/null
-if [ $? != 0 ]; then
- useradd -m -s /bin/bash -d $homejail -g users bocajail
+if [[ $? != 0 ]]; then
+ useradd -m -s /bin/bash -d "$homejail" -g users bocajail
  cat <<EOF > /var/lib/AccountsService/users/bocajail
 [User]
 SystemAccount=true
@@ -57,9 +57,9 @@ fi
 setquota -u bocajail 0 500000 0 10000 -a
 
 rm -rf /bocajail
-mkdir -p $homejail/tmp
-chmod 1777 $homejail/tmp
-ln -s $homejail /bocajail
+mkdir -p "$homejail/tmp"
+chmod 1777 "$homejail/tmp"
+ln -s "$homejail" /bocajail
 #for i in usr lib var bin sbin etc dev; do
 #  [ -d $homejail/$i ] && rm -rf $homejail/$i
 #  cp -ar /$i $homejail
@@ -69,7 +69,7 @@ ln -s $homejail /bocajail
 #mkdir -p $homejail/proc
 #mkdir -p $homejail/sys
 uname -m | grep -q 64
-if [ $? == 0 ]; then
+if [[ $? == 0 ]]; then
   archt=amd64
 else
   archt=i386
@@ -84,21 +84,21 @@ type=directory
 users=bocajail,nobody,root
 FIM
 
-#debootstrap --arch $archt $DISTRIB_CODENAME $homejail
-debootstrap $DISTRIB_CODENAME $homejail
-if [ $? != 0 ]; then
+#debootstrap --arch "$archt" "$DISTRIB_CODENAME" "$homejail"
+debootstrap "$DISTRIB_CODENAME" "$homejail" 'http://archive.ubuntu.com/ubuntu'
+if [[ $? != 0 ]]; then
   echo "bocajail failed to debootstrap"
   exit 1
 else
 schroot -l | grep -q bocajail
-if [ $? == 0 ]; then
+if [[ $? == 0 ]]; then
   echo "bocajail successfully installed at $homejail"
 else
   echo "*** some error has caused bocajail not to install properly -- I will try it again with different parameters"
   echo "location=$homejail" >> /etc/schroot/chroot.d/bocajail.conf
-  debootstrap $DISTRIB_CODENAME $homejail
+  debootstrap "$DISTRIB_CODENAME" "$homejail" 'http://archive.ubuntu.com/ubuntu'
   schroot -l | grep -q bocajail
-  if [ $? == 0 ]; then
+  if [[ $? == 0 ]]; then
     echo "*** bocajail successfully installed at $homejail"
   else
     echo "*** bocajail failed to install"
@@ -107,6 +107,35 @@ else
 fi
 fi
 
+printf "*** Patching broken repositories on Ubuntu noble\n"
+if [[ "$DISTRIB_CODENAME" == 'noble' ]]; then
+  printf '*** Ubuntu %s detected on %s\n' "$DISTRIB_CODENAME" "$homejail"
+
+  if [[ ! -f "${homejail}/etc/apt/sources.list.d/ubuntu.sources" ]]; then
+  printf "*** Sources file missing\n"
+
+cat <<EOF > "${homejail}/etc/apt/sources.list.d/ubuntu.sources"
+Types: deb
+URIs: http://archive.ubuntu.com/ubuntu
+Suites: noble noble-updates noble-backports
+Components: main restricted universe multiverse
+Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
+
+Types: deb
+URIs: http://security.ubuntu.com/ubuntu
+Suites: noble-security
+Components: main restricted universe multiverse
+Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
+EOF
+  printf '*** Patched %s for broken repositories\n' "$homejail"
+  fi
+fi
+
+# We have two PPAs:
+# add-apt-repository -y ppa:icpc-latam/maratona-linux
+# add-apt-repository -y ppa:icpc-latam/unstable
+# Please use only the STABLE one when officially releasing!
+
 echo "*** Populating $homejail"
 cat <<EOF > /home/bocajail/tmp/populate.sh
 #!/bin/bash
@@ -117,21 +146,22 @@ echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
 /usr/sbin/locale-gen
 /usr/sbin/update-locale
 apt-get -y update
-apt-get -y install software-properties-common
+apt-get -y dist-upgrade --purge
+apt-get -y install software-properties-common --no-install-recommends
 add-apt-repository -y ppa:icpc-latam/maratona-linux
 apt-get -y update
-apt-get -y upgrade
 apt-get -y install maratona-linguagens --no-install-recommends --allow-unauthenticated
+apt-get autoremove --purge
 apt-get -y clean
 
 umount /proc
 EOF
 mkdir -p /bocajail/usr/bin
-[ -x /usr/bin/safeexec ] && cp -a /usr/bin/safeexec /bocajail/usr/bin/
-cp -f /etc/apt/sources.list $homejail/etc/apt/
+[[ -x /usr/bin/safeexec ]] && cp -a /usr/bin/safeexec /bocajail/usr/bin/
+cp -f /etc/apt/sources.list "${homejail}/etc/apt/"
 chmod 755 /home/bocajail/tmp/populate.sh
 
 export LC_ALL=en_US.UTF-8
-cd / ; chroot $homejail /tmp/populate.sh
+cd / ; chroot "$homejail" /tmp/populate.sh
 
 
-- 
cgit v1.2.3