- VerifyBuild status: build_failed

- Key concerns
  - Running keyd in a container may require /dev/uinput or privileged capabilities; Dockerfile does not request --privileged or mount /dev/uinput.
  - The Dockerfile fetches HEAD when .git is absent, leading to non-deterministic builds (FETCH_HEAD may point to latest remote HEAD).
  - No pinning of a specific commit/tag in source fetch; potential reproducibility issues.
  - Assuming smoke/health scripts exist in the image may be optimistic; if they aren’t installed, smoke tests may be skipped.

- Build error
  - Exact error message and exit code: The following untracked working tree files would be overwritten by checkout: [list of many files]. Please move or remove them before you switch branches. Aborting
  - Failing command/step:
    RUN if [ -d ".git" ]; then         echo "Using existing .git directory";     else         echo "No .git directory found; initializing and fetching remote repository";         rm -rf .git;         git init &&         git remote add origin https://github.com/rvaiya/keyd.git &&         git fetch --depth 1 origin HEAD &&         git checkout FETCH_HEAD;     fi
  - Missing packages or files mentioned: The failure is caused by untracked files that would be overwritten by git checkout FETCH_HEAD (not a missing package). The error lists the conflicting untracked files (see list above).
  - Version mismatch info
    - Base image: gcc:16.1 (sha256:1cfa8769230debf43594ee1b48bc642f9bead8d479f9926bc61d3014bdf3ecc8)
    - Build environment uses Debian trixie (apt sources shown)
    - Git handling indicated “Initialized empty Git repository” and checkout FETCH_HEAD, with a note that master is the default branch. No explicit version mismatch beyond environment details.

- Summary (under 1500 chars)
  The build failed during a Docker-based fetch/checkout step. Key issues: (1) keyd may require privileged container access (e.g., /dev/uinput) not requested by the Dockerfile; (2) the build pulls HEAD when .git is absent, risking non-determinism and no commit pinning; (3) a large set of untracked files would be overwritten by git checkout FETCH_HEAD, aborting the build. The failing command is the RUN block that initializes or uses .git, adds origin https://github.com/rvaiya/keyd.git, fetches HEAD with --depth 1, and checks out FETCH_HEAD. The error lists the conflicting files (e.g., .gitattributes, CONTRIBUTING.md, LICENSE, Makefile, README.md, TODO, data/gnome-extension-*.json/js, data/keyd-*.gz, data/sysusers.d, data/unicode.txt, docs/CHANGELOG.md, docs/DESIGN.md, docs/keyd-*.scdoc, examples/*.conf, keyd.service.in, layouts/..., src/*.c/h, src/*/*.c, src/*/*.h, src/vkbd/*, etc). There is no missing package; the failure is caused by these untracked files. Version info: Base image gcc:16.1 (sha256:1cfa8769230debf43594ee1b48bc642f9bead8d479f9926bc61d3014bdf3ecc8); Debian trixie; Git fetch/checkout behavior noted but no explicit version mismatch beyond environment. Next steps: perform a clean clone or remove conflicting untracked files, or adjust the git fetch/checkout to operate on a clean workspace and pin a specific commit/ tag. Also consider adding necessary privileges or device mounts if keyd requires /dev/uinput in containers.

Concerns: Build may fail if required development libraries are not installed (e.g., libevdev-dev, libudev-dev, libconfig-dev). The Dockerfile only installs build-essential, git, and ca-certificates. Consider adding these -dev packages or a fuller build-deps line., No non-root user is created; running a daemon-like service in a container can be improved with a dedicated user and minimal privileges., Keyd typically interacts with /dev/input devices. In many CI/container environments, access to host input devices may be restricted, which could complicate end-to-end smoke testing.
Smoke [FAIL]: sh -c 'printf "define = smoke\n" > /tmp/keyd.conf; /usr/local/bin/keyd -c /tmp/keyd.conf -d 2>&1 | grep -qi -e "loading" -e "config" && echo PASS || echo FAIL
  Output: sh: 1: Syntax error: Unterminated quoted string

Smoke [FAIL]: sh -c 'if [ -x /usr/local/share/keyd/scripts/smoke.sh ]; then /usr/local/share/keyd/scripts/smoke.sh; else echo NO_SMOKE; fi
  Output: sh: 1: Syntax error: Unterminated quoted string

Smoke [FAIL]: sh -c 'if [ -x /usr/local/bin/keyd ]; then /usr/local/bin/keyd -c /tmp/keyd.conf --dry-run 2>&1 | grep -qi -e "ok" -e "success" && echo PASS || echo FAIL; fi
  Output: sh: 1: Syntax error: Unterminated quoted string

Concerns: No explicit runtime dependency handling or healthcheck in Dockerfile; potential need for a non-root user and/or a dedicated healthcheck., Assumes presence of test/smoke scripts in the repo (smoke.sh, tests, run.sh) which may not exist; tests may fail to run in CI if not present.
Smoke [FAIL]: sh -c 'set -e; if [ -x /src/scripts/smoke.sh ]; then /src/scripts/smoke.sh; else echo NO_SMOKE_SCRIPT; fi
  Output: sh: 1: Syntax error: Unterminated quoted string

Smoke [FAIL]: sh -c 'set -e; if [ -f /src/Makefile ]; then cd /src && make -s test -j2; fi
  Output: sh: 1: Syntax error: Unterminated quoted string

Smoke [FAIL]: sh -c 'set -e; if [ -x /src/examples/run.sh ]; then /src/examples/run.sh; else echo NO_EXAMPLE_RUN; fi
  Output: sh: 1: Syntax error: Unterminated quoted string

Concerns: The entrypoint script creation uses a here-doc with escaped newlines ("\n"), which will likely generate an invalid /entrypoint.sh at build time, causing runtime failures or non-functional entrypoint logic., The image assumes /dev/uinput exists and requires privileged containers to run, which reduces portability and increases security concerns for general use., COPY . . may bring in unnecessary or large source trees and potential build artifacts into the image; consider using a dedicated build context or .dockerignore to limit copied files., The /docker-entrypoint.d directory is created but not used; this might indicate leftover or incomplete intent for extensibility., Relying on /usr/local/bin/keyd being installed by make install assumes a standard install path; if the project’s install path differs across builds, the ENTRYPOINT may fail.

Concerns: EntryPoint only runs keyd if /dev/uinput exists; in typical Docker usage without --privileged and without mounting /dev/uinput, the container will just print a message and exit, which can make smoke tests brittle., The image is built on top of a full gcc toolchain and installs multiple build-time dependencies; consider adding a non-root user and possibly multi-stage builds to reduce final image size., There is no explicit HEALTHCHECK; smoke tests may rely on the presence of /dev/uinput or interactive behavior. Consider adding a lightweight health mode or a non-device smoke mode.
Smoke [FAIL]: sh /src/scripts/smoke.sh
  Output: sh: 0: cannot open /src/scripts/smoke.sh: No such file

Smoke [FAIL]: sh /src/scripts/health.sh
  Output: sh: 0: cannot open /src/scripts/health.sh: No such file

Smoke [FAIL]: sh /src/examples/run.sh
  Output: sh: 0: cannot open /src/examples/run.sh: No such file

Concerns: FROM gcc:16.1 may not be available in all registries or CI environments; consider pinning to a stable, widely available tag (e.g., gcc:12 or gcc:14)., ENTRYPOINT depends on /dev/uinput to run the actual binary; runtime behavior requires privileged access or device mapping, which should be documented for users and CI., COPY . . copies the entire repo into the image; consider using a .dockerignore to avoid shipping large or sensitive files and to speed up builds.
Smoke [PASS]: sh -lc /usr/local/bin/keyd 2>&1 | head -n 1 | grep -q '/dev/uinput not found' && echo PASS || echo FAIL