index : archiso32 | |
Archlinux32 iso tools | gitolite user |
summaryrefslogtreecommitdiff |
diff --git a/configs/baseline/airootfs/etc/localtime b/configs/baseline/airootfs/etc/localtime new file mode 120000 index 0000000..0e35b57 --- /dev/null +++ b/configs/baseline/airootfs/etc/localtime @@ -0,0 +1 @@ +/usr/share/zoneinfo/UTC
\ No newline at end of file diff --git a/configs/baseline/airootfs/etc/mkinitcpio.conf b/configs/baseline/airootfs/etc/mkinitcpio.conf deleted file mode 100644 index 34b1a06..0000000 --- a/configs/baseline/airootfs/etc/mkinitcpio.conf +++ /dev/null @@ -1,67 +0,0 @@ -# vim:set ft=sh -# MODULES -# The following modules are loaded before any boot hooks are -# run. Advanced users may wish to specify all system modules -# in this array. For instance: -# MODULES=(piix ide_disk reiserfs) -MODULES=() - -# BINARIES -# This setting includes any additional binaries a given user may -# wish into the CPIO image. This is run last, so it may be used to -# override the actual binaries included by a given hook -# BINARIES are dependency parsed, so you may safely ignore libraries -BINARIES=() - -# FILES -# This setting is similar to BINARIES above, however, files are added -# as-is and are not parsed in any way. This is useful for config files. -FILES=() - -# HOOKS -# This is the most important setting in this file. The HOOKS control the -# modules and scripts added to the image, and what happens at boot time. -# Order is important, and it is recommended that you do not change the -# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for -# help on a given hook. -# 'base' is _required_ unless you know precisely what you are doing. -# 'udev' is _required_ in order to automatically load modules -# 'filesystems' is _required_ unless you specify your fs modules in MODULES -# Examples: -## This setup specifies all modules in the MODULES setting above. -## No raid, lvm2, or encrypted root is needed. -# HOOKS=(base) -# -## This setup will autodetect all modules for your system and should -## work as a sane default -# HOOKS=(base udev autodetect block filesystems) -# -## This setup will generate a 'full' image which supports most systems. -## No autodetection is done. -# HOOKS=(base udev block filesystems) -# -## This setup assembles a pata mdadm array with an encrypted root FS. -## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. -# HOOKS=(base udev block mdadm encrypt filesystems) -# -## This setup loads an lvm2 volume group on a usb device. -# HOOKS=(base udev block lvm2 filesystems) -# -## NOTE: If you have /usr on a separate partition, you MUST include the -# usr, fsck and shutdown hooks. -HOOKS=(base udev modconf archiso block filesystems) - -# COMPRESSION -# Use this to compress the initramfs image. By default, gzip compression -# is used. Use 'cat' to create an uncompressed image. -#COMPRESSION="gzip" -#COMPRESSION="bzip2" -#COMPRESSION="lzma" -#COMPRESSION="xz" -#COMPRESSION="lzop" -#COMPRESSION="lz4" -#COMPRESSION="zstd" - -# COMPRESSION_OPTIONS -# Additional options for the compressor -#COMPRESSION_OPTIONS=() diff --git a/configs/baseline/airootfs/etc/mkinitcpio.conf.d/archiso.conf b/configs/baseline/airootfs/etc/mkinitcpio.conf.d/archiso.conf new file mode 100644 index 0000000..fd9cd48 --- /dev/null +++ b/configs/baseline/airootfs/etc/mkinitcpio.conf.d/archiso.conf @@ -0,0 +1 @@ +HOOKS=(base udev modconf archiso block filesystems) diff --git a/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset index 9f67184..8e85205 100644 --- a/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset +++ b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset @@ -3,6 +3,6 @@ PRESETS=('archiso') ALL_kver='/boot/vmlinuz-linux' -ALL_config='/etc/mkinitcpio.conf' +archiso_config='/etc/mkinitcpio.conf.d/archiso.conf' archiso_image="/boot/initramfs-linux.img" diff --git a/configs/baseline/airootfs/etc/ssh/sshd_config b/configs/baseline/airootfs/etc/ssh/sshd_config deleted file mode 100644 index dc22c11..0000000 --- a/configs/baseline/airootfs/etc/ssh/sshd_config +++ /dev/null @@ -1,116 +0,0 @@ -# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_ecdsa_key -#HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -PermitRootLogin yes -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 -# but this is overridden so installations will only check .ssh/authorized_keys -AuthorizedKeysFile .ssh/authorized_keys - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to no to disable s/key passwords -KbdInteractiveAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the KbdInteractiveAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via KbdInteractiveAuthentication may bypass -# the setting of "PermitRootLogin prohibit-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and KbdInteractiveAuthentication to 'no'. -UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding no -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS no -#PidFile /run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# override default of no subsystems -Subsystem sftp /usr/lib/ssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server diff --git a/configs/baseline/airootfs/etc/ssh/sshd_config.d/10-archiso.conf b/configs/baseline/airootfs/etc/ssh/sshd_config.d/10-archiso.conf new file mode 100644 index 0000000..6ea7b41 --- /dev/null +++ b/configs/baseline/airootfs/etc/ssh/sshd_config.d/10-archiso.conf @@ -0,0 +1,3 @@ +# Allow root login using password authentication +PasswordAuthentication yes +PermitRootLogin yes diff --git a/configs/baseline/airootfs/etc/systemd/network.conf.d/ipv6-privacy-extensions.conf b/configs/baseline/airootfs/etc/systemd/network.conf.d/ipv6-privacy-extensions.conf new file mode 100644 index 0000000..0e9ceb4 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/network.conf.d/ipv6-privacy-extensions.conf @@ -0,0 +1,2 @@ +[Network] +IPv6PrivacyExtensions=yes diff --git a/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network index 4b6a2ab..0e4287b 100644 --- a/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network +++ b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network @@ -5,6 +5,9 @@ Name=en* Name=eth* +[Link] +RequiredForOnline=routable + [Network] DHCP=yes -IPv6PrivacyExtensions=yes +MulticastDNS=yes diff --git a/configs/baseline/airootfs/etc/systemd/resolved.conf.d/archiso.conf b/configs/baseline/airootfs/etc/systemd/resolved.conf.d/archiso.conf new file mode 100644 index 0000000..636f3bd --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/resolved.conf.d/archiso.conf @@ -0,0 +1,4 @@ +# Default systemd-resolved configuration for archiso + +[Resolve] +MulticastDNS=yes diff --git a/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf b/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf index 11624b6..3193768 100644 --- a/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf +++ b/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf @@ -1,4 +1,4 @@ title Arch Linux (x86_64, UEFI) linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img -options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% +options archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% diff --git a/configs/baseline/grub/grub.cfg b/configs/baseline/grub/grub.cfg index ed56578..38164bd 100644 --- a/configs/baseline/grub/grub.cfg +++ b/configs/baseline/grub/grub.cfg @@ -9,28 +9,38 @@ insmod exfat insmod udf # Use graphics-mode output -insmod all_video -insmod font if loadfont "${prefix}/fonts/unicode.pf2" ; then - insmod gfxterm + insmod all_video set gfxmode="auto" terminal_input console - terminal_output gfxterm + terminal_output console fi # Enable serial console +insmod serial +insmod usbserial_common +insmod usbserial_ftdi +insmod usbserial_pl2303 +insmod usbserial_usbdebug if serial --unit=0 --speed=115200; then terminal_input --append serial terminal_output --append serial fi -# Search for the ISO volume -if [ -z "${ARCHISO_UUID}" ]; then - if [ -z "${ARCHISO_HINT}" ]; then - regexp --set=1:ARCHISO_HINT '^\(([^)]+)\)' "${cmdpath}" +# Get a human readable platform identifier +if [ "${grub_platform}" == 'efi' ]; then + archiso_platform='UEFI' + if [ "${grub_cpu}" == 'x86_64' ]; then + archiso_platform="x64 ${archiso_platform}" + elif [ "${grub_cpu}" == 'i386' ]; then + archiso_platform="IA32 ${archiso_platform}" + else + archiso_platform="${grub_cpu} ${archiso_platform}" fi - search --no-floppy --set=root --file '%ARCHISO_SEARCH_FILENAME%' --hint "${ARCHISO_HINT}" - probe --set ARCHISO_UUID --fs-uuid "${root}" +elif [ "${grub_platform}" == 'pc' ]; then + archiso_platform='BIOS' +else + archiso_platform="${grub_cpu} ${grub_platform}" fi # Set default menu entry @@ -41,8 +51,46 @@ timeout_style=menu # Menu entries -menuentry "Arch Linux (x86_64, UEFI)" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' { +menuentry "Arch Linux (%ARCH%, ${archiso_platform})" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' { set gfxpayload=keep - linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisodevice=UUID=${ARCHISO_UUID} - initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img + linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% + initrd /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img +} + +if [ "${grub_platform}" == 'efi' -a "${grub_cpu}" == 'x86_64' -a -f '/boot/memtest86+/memtest.efi' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest.efi + } +fi +if [ "${grub_platform}" == 'pc' -a -f '/boot/memtest86+/memtest' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest + } +fi +if [ "${grub_platform}" == 'efi' ]; then + if [ "${grub_cpu}" == 'x86_64' -a -f '/shellx64.efi' ]; then + menuentry 'UEFI Shell' { + chainloader /shellx64.efi + } + elif [ "${grub_cpu}" == "i386" -a -f '/shellia32.efi' ]; then + menuentry 'UEFI Shell' { + chainloader /shellia32.efi + } + fi + + menuentry 'UEFI Firmware Settings' --id 'uefi-firmware' { + fwsetup + } +fi + +menuentry 'System shutdown' --class shutdown --class poweroff { + echo 'System shutting down...' + halt +} + +menuentry 'System restart' --class reboot --class restart { + echo 'System rebooting...' + reboot } diff --git a/configs/baseline/grub/loopback.cfg b/configs/baseline/grub/loopback.cfg new file mode 100644 index 0000000..dc38fdf --- /dev/null +++ b/configs/baseline/grub/loopback.cfg @@ -0,0 +1,73 @@ +# https://www.supergrubdisk.org/wiki/Loopback.cfg + +# Search for the ISO volume +search --no-floppy --set=archiso_img_dev --file "${iso_path}" +probe --set archiso_img_dev_uuid --fs-uuid "${archiso_img_dev}" + +# Get a human readable platform identifier +if [ "${grub_platform}" == 'efi' ]; then + archiso_platform='UEFI' + if [ "${grub_cpu}" == 'x86_64' ]; then + archiso_platform="x64 ${archiso_platform}" + elif [ "${grub_cpu}" == 'i386' ]; then + archiso_platform="IA32 ${archiso_platform}" + else + archiso_platform="${grub_cpu} ${archiso_platform}" + fi +elif [ "${grub_platform}" == 'pc' ]; then + archiso_platform='BIOS' +else + archiso_platform="${grub_cpu} ${grub_platform}" +fi + +# Set default menu entry +default=archlinux +timeout=15 +timeout_style=menu + + +# Menu entries + +menuentry "Arch Linux (%ARCH%, ${archiso_platform})" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' { + set gfxpayload=keep + linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% img_dev=UUID=${archiso_img_dev_uuid} img_loop="${iso_path}" + initrd /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img +} + +if [ "${grub_platform}" == 'efi' -a "${grub_cpu}" == 'x86_64' -a -f '/boot/memtest86+/memtest.efi' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest.efi + } +fi +if [ "${grub_platform}" == 'pc' -a -f '/boot/memtest86+/memtest' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest + } +fi +if [ "${grub_platform}" == 'efi' ]; then + if [ "${grub_cpu}" == 'x86_64' -a -f '/shellx64.efi' ]; then + menuentry 'UEFI Shell' { + chainloader /shellx64.efi + } + elif [ "${grub_cpu}" == "i386" -a -f '/shellia32.efi' ]; then + menuentry 'UEFI Shell' { + chainloader /shellia32.efi + } + fi + + menuentry 'UEFI Firmware Settings' --id 'uefi-firmware' { + fwsetup + } +fi + +menuentry 'System shutdown' --class shutdown --class poweroff { + echo 'System shutting down...' + halt +} + +menuentry 'System restart' --class reboot --class restart { + echo 'System rebooting...' + reboot +} diff --git a/configs/baseline/pacman.conf b/configs/baseline/pacman.conf index 5ee6c1e..f382fab 100644 --- a/configs/baseline/pacman.conf +++ b/configs/baseline/pacman.conf @@ -70,19 +70,16 @@ LocalFileSigLevel = Optional # repo name header and Include lines. You can add preferred servers immediately # after the header, and they will be used before the default mirrors. -#[testing] +#[core-testing] #Include = /etc/pacman.d/mirrorlist [core] Include = /etc/pacman.d/mirrorlist -[extra] -Include = /etc/pacman.d/mirrorlist - -#[community-testing] +#[extra-testing] #Include = /etc/pacman.d/mirrorlist -[community] +[extra] Include = /etc/pacman.d/mirrorlist # If you want to run 32 bit applications on your x86_64 system, diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index 63acce1..618235a 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -14,7 +14,8 @@ bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' arch="x86_64" pacman_conf="pacman.conf" airootfs_image_type="erofs" -airootfs_image_tool_options=('-zlzma,9' -E ztailpacking) +airootfs_image_tool_options=('-zlzma,109' -E 'ztailpacking,fragments,dedupe') +bootstrap_tarball_compression=(zstd -c -T0 --long -19) file_permissions=( ["/etc/shadow"]="0:0:400" ) diff --git a/configs/baseline/syslinux/syslinux-linux.cfg b/configs/baseline/syslinux/syslinux-linux.cfg index 0311f29..25b9d1b 100644 --- a/configs/baseline/syslinux/syslinux-linux.cfg +++ b/configs/baseline/syslinux/syslinux-linux.cfg @@ -2,4 +2,4 @@ LABEL arch MENU LABEL Arch Linux (x86_64, BIOS) LINUX /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux INITRD /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img -APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% +APPEND archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% diff --git a/configs/releng/airootfs/etc/mkinitcpio.conf b/configs/releng/airootfs/etc/mkinitcpio.conf deleted file mode 100644 index 96a8752..0000000 --- a/configs/releng/airootfs/etc/mkinitcpio.conf +++ /dev/null @@ -1,67 +0,0 @@ -# vim:set ft=sh -# MODULES -# The following modules are loaded before any boot hooks are -# run. Advanced users may wish to specify all system modules -# in this array. For instance: -# MODULES=(piix ide_disk reiserfs) -MODULES=() - -# BINARIES -# This setting includes any additional binaries a given user may -# wish into the CPIO image. This is run last, so it may be used to -# override the actual binaries included by a given hook -# BINARIES are dependency parsed, so you may safely ignore libraries -BINARIES=() - -# FILES -# This setting is similar to BINARIES above, however, files are added -# as-is and are not parsed in any way. This is useful for config files. -FILES=() - -# HOOKS -# This is the most important setting in this file. The HOOKS control the -# modules and scripts added to the image, and what happens at boot time. -# Order is important, and it is recommended that you do not change the -# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for -# help on a given hook. -# 'base' is _required_ unless you know precisely what you are doing. -# 'udev' is _required_ in order to automatically load modules -# 'filesystems' is _required_ unless you specify your fs modules in MODULES -# Examples: -## This setup specifies all modules in the MODULES setting above. -## No raid, lvm2, or encrypted root is needed. -# HOOKS=(base) -# -## This setup will autodetect all modules for your system and should -## work as a sane default -# HOOKS=(base udev autodetect block filesystems) -# -## This setup will generate a 'full' image which supports most systems. -## No autodetection is done. -# HOOKS=(base udev block filesystems) -# -## This setup assembles a pata mdadm array with an encrypted root FS. -## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. -# HOOKS=(base udev block mdadm encrypt filesystems) -# -## This setup loads an lvm2 volume group on a usb device. -# HOOKS=(base udev block lvm2 filesystems) -# -## NOTE: If you have /usr on a separate partition, you MUST include the -# usr, fsck and shutdown hooks. -HOOKS=(base udev modconf kms memdisk archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs block filesystems keyboard) - -# COMPRESSION -# Use this to compress the initramfs image. By default, gzip compression -# is used. Use 'cat' to create an uncompressed image. -#COMPRESSION="gzip" -#COMPRESSION="bzip2" -#COMPRESSION="lzma" -COMPRESSION="xz" -#COMPRESSION="lzop" -#COMPRESSION="lz4" -#COMPRESSION="zstd" - -# COMPRESSION_OPTIONS -# Additional options for the compressor -#COMPRESSION_OPTIONS=() diff --git a/configs/releng/airootfs/etc/mkinitcpio.conf.d/archiso.conf b/configs/releng/airootfs/etc/mkinitcpio.conf.d/archiso.conf new file mode 100644 index 0000000..98dd514 --- /dev/null +++ b/configs/releng/airootfs/etc/mkinitcpio.conf.d/archiso.conf @@ -0,0 +1,2 @@ +HOOKS=(base udev microcode modconf kms memdisk archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs block filesystems keyboard) +COMPRESSION="xz" diff --git a/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset b/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset index 9f67184..8e85205 100644 --- a/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset +++ b/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset @@ -3,6 +3,6 @@ PRESETS=('archiso') ALL_kver='/boot/vmlinuz-linux' -ALL_config='/etc/mkinitcpio.conf' +archiso_config='/etc/mkinitcpio.conf.d/archiso.conf' archiso_image="/boot/initramfs-linux.img" diff --git a/configs/releng/airootfs/etc/ssh/sshd_config b/configs/releng/airootfs/etc/ssh/sshd_config deleted file mode 100644 index dc22c11..0000000 --- a/configs/releng/airootfs/etc/ssh/sshd_config +++ /dev/null @@ -1,116 +0,0 @@ -# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options override the -# default value. - -#Port 22 -#AddressFamily any -#ListenAddress 0.0.0.0 -#ListenAddress :: - -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_ecdsa_key -#HostKey /etc/ssh/ssh_host_ed25519_key - -# Ciphers and keying -#RekeyLimit default none - -# Logging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -PermitRootLogin yes -#StrictModes yes -#MaxAuthTries 6 -#MaxSessions 10 - -#PubkeyAuthentication yes - -# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 -# but this is overridden so installations will only check .ssh/authorized_keys -AuthorizedKeysFile .ssh/authorized_keys - -#AuthorizedPrincipalsFile none - -#AuthorizedKeysCommand none -#AuthorizedKeysCommandUser nobody - -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to no to disable s/key passwords -KbdInteractiveAuthentication no - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes - -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will -# be allowed through the KbdInteractiveAuthentication and -# PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via KbdInteractiveAuthentication may bypass -# the setting of "PermitRootLogin prohibit-password". -# If you just want the PAM account and session checks to run without -# PAM authentication, then enable this but set PasswordAuthentication -# and KbdInteractiveAuthentication to 'no'. -UsePAM yes - -#AllowAgentForwarding yes -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding no -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PermitTTY yes -PrintMotd no -#PrintLastLog yes -#TCPKeepAlive yes -#PermitUserEnvironment no -#Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS no -#PidFile /run/sshd.pid -#MaxStartups 10:30:100 -#PermitTunnel no -#ChrootDirectory none -#VersionAddendum none - -# no default banner path -#Banner none - -# override default of no subsystems -Subsystem sftp /usr/lib/ssh/sftp-server - -# Example of overriding settings on a per-user basis -#Match User anoncvs -# X11Forwarding no -# AllowTcpForwarding no -# PermitTTY no -# ForceCommand cvs server diff --git a/configs/releng/airootfs/etc/ssh/sshd_config.d/10-archiso.conf b/configs/releng/airootfs/etc/ssh/sshd_config.d/10-archiso.conf new file mode 100644 index 0000000..6ea7b41 --- /dev/null +++ b/configs/releng/airootfs/etc/ssh/sshd_config.d/10-archiso.conf @@ -0,0 +1,3 @@ +# Allow root login using password authentication +PasswordAuthentication yes +PermitRootLogin yes diff --git a/configs/releng/airootfs/etc/systemd/network.conf.d/ipv6-privacy-extensions.conf b/configs/releng/airootfs/etc/systemd/network.conf.d/ipv6-privacy-extensions.conf new file mode 100644 index 0000000..0e9ceb4 --- /dev/null +++ b/configs/releng/airootfs/etc/systemd/network.conf.d/ipv6-privacy-extensions.conf @@ -0,0 +1,2 @@ +[Network] +IPv6PrivacyExtensions=yes diff --git a/configs/releng/airootfs/etc/systemd/network/20-ethernet.network b/configs/releng/airootfs/etc/systemd/network/20-ethernet.network index 9ada778..d3a3271 100644 --- a/configs/releng/airootfs/etc/systemd/network/20-ethernet.network +++ b/configs/releng/airootfs/etc/systemd/network/20-ethernet.network @@ -5,9 +5,12 @@ Name=en* Name=eth* +[Link] +RequiredForOnline=routable + [Network] DHCP=yes -IPv6PrivacyExtensions=yes +MulticastDNS=yes # systemd-networkd does not set per-interface-type default route metrics # https://github.com/systemd/systemd/issues/17698 diff --git a/configs/releng/airootfs/etc/systemd/network/20-wlan.network b/configs/releng/airootfs/etc/systemd/network/20-wlan.network index 601d5b8..8b70a95 100644 --- a/configs/releng/airootfs/etc/systemd/network/20-wlan.network +++ b/configs/releng/airootfs/etc/systemd/network/20-wlan.network @@ -1,9 +1,12 @@ [Match] Name=wl* +[Link] +RequiredForOnline=routable + [Network] DHCP=yes -IPv6PrivacyExtensions=yes +MulticastDNS=yes # systemd-networkd does not set per-interface-type default route metrics # https://github.com/systemd/systemd/issues/17698 diff --git a/configs/releng/airootfs/etc/systemd/network/20-wwan.network b/configs/releng/airootfs/etc/systemd/network/20-wwan.network index 9104c24..6e1c8dd 100644 --- a/configs/releng/airootfs/etc/systemd/network/20-wwan.network +++ b/configs/releng/airootfs/etc/systemd/network/20-wwan.network @@ -1,9 +1,11 @@ [Match] Name=ww* +[Link] +RequiredForOnline=routable + [Network] DHCP=yes -IPv6PrivacyExtensions=yes # systemd-networkd does not set per-interface-type default route metrics # https://github.com/systemd/systemd/issues/17698 diff --git a/configs/releng/airootfs/etc/systemd/resolved.conf.d/archiso.conf b/configs/releng/airootfs/etc/systemd/resolved.conf.d/archiso.conf new file mode 100644 index 0000000..636f3bd --- /dev/null +++ b/configs/releng/airootfs/etc/systemd/resolved.conf.d/archiso.conf @@ -0,0 +1,4 @@ +# Default systemd-resolved configuration for archiso + +[Resolve] +MulticastDNS=yes diff --git a/configs/releng/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount b/configs/releng/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount index 0ba0e67..038961e 100644 --- a/configs/releng/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount +++ b/configs/releng/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount @@ -2,7 +2,7 @@ Description=Temporary /etc/pacman.d/gnupg directory [Mount] -What=ramfs +What=tmpfs Where=/etc/pacman.d/gnupg -Type=ramfs -Options=mode=0755 +Type=tmpfs +Options=mode=0755,noswap diff --git a/configs/releng/airootfs/etc/systemd/system/sockets.target.wants/pcscd.socket b/configs/releng/airootfs/etc/systemd/system/sockets.target.wants/pcscd.socket new file mode 120000 index 0000000..3897c63 --- /dev/null +++ b/configs/releng/airootfs/etc/systemd/system/sockets.target.wants/pcscd.socket @@ -0,0 +1 @@ +/usr/lib/systemd/system/pcscd.socket
\ No newline at end of file diff --git a/configs/releng/airootfs/root/.automated_script.sh b/configs/releng/airootfs/root/.automated_script.sh index 52c47e6..0d95012 100755 --- a/configs/releng/airootfs/root/.automated_script.sh +++ b/configs/releng/airootfs/root/.automated_script.sh @@ -1,22 +1,29 @@ #!/usr/bin/env bash -script_cmdline () -{ +script_cmdline() { local param - for param in $(< /proc/cmdline); do + for param in $(</proc/cmdline); do case "${param}" in - script=*) echo "${param#*=}" ; return 0 ;; + script=*) + echo "${param#*=}" + return 0 + ;; esac done } -automated_script () -{ +automated_script() { local script rt script="$(script_cmdline)" if [[ -n "${script}" && ! -x /tmp/startup_script ]]; then - if [[ "${script}" =~ ^((http|https|ftp)://) ]]; then - curl "${script}" --location --retry-connrefused --retry 10 -s -o /tmp/startup_script >/dev/null + if [[ "${script}" =~ ^((http|https|ftp|tftp)://) ]]; then + # there's no synchronization for network availability before executing this script + printf '%s: waiting for network-online.target\n' "$0" + until systemctl --quiet is-active network-online.target; do + sleep 1 + done + printf '%s: downloading %s\n' "$0" "${script}" + curl "${script}" --location --retry-connrefused --retry 10 -s -o /tmp/startup_script rt=$? else cp "${script}" /tmp/startup_script @@ -24,6 +31,9 @@ automated_script () fi if [[ ${rt} -eq 0 ]]; then chmod +x /tmp/startup_script + printf '%s: executing automated script\n' "$0" + # note that script is executed when other services (like pacman-init) may be still in progress, please + # synchronize to "systemctl is-system-running --wait" when your script depends on other services /tmp/startup_script fi fi diff --git a/configs/releng/airootfs/root/.gnupg/scdaemon.conf b/configs/releng/airootfs/root/.gnupg/scdaemon.conf new file mode 100644 index 0000000..e1f3d1f --- /dev/null +++ b/configs/releng/airootfs/root/.gnupg/scdaemon.conf @@ -0,0 +1,4 @@ +disable-ccid +disable-pinpad +pcsc-driver /usr/lib/libpcsclite.so +pcsc-shared diff --git a/configs/releng/airootfs/usr/local/bin/choose-mirror b/configs/releng/airootfs/usr/local/bin/choose-mirror index b021945..d2349de 100755 --- a/configs/releng/airootfs/usr/local/bin/choose-mirror +++ b/configs/releng/airootfs/usr/local/bin/choose-mirror @@ -4,21 +4,22 @@ get_cmdline() { local param - for param in $(< /proc/cmdline); do + for param in $(</proc/cmdline); do case "${param}" in - $1=*) echo "${param##*=}"; - return 0 - ;; + "${1}="*) + echo "${param##*=}" + return 0 + ;; esac done } -mirror=$(get_cmdline mirror) -[[ $mirror = auto ]] && mirror=$(get_cmdline archiso_http_srv) -[[ $mirror ]] || exit 0 +mirror="$(get_cmdline mirror)" +[[ "$mirror" == 'auto' ]] && mirror="$(get_cmdline archiso_http_srv)" +[[ -n "$mirror" ]] || exit 0 mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig -cat >/etc/pacman.d/mirrorlist << EOF +cat >/etc/pacman.d/mirrorlist <<EOF # # Arch Linux repository mirrorlist # Generated by archiso diff --git a/configs/releng/airootfs/usr/local/bin/livecd-sound b/configs/releng/airootfs/usr/local/bin/livecd-sound index baae0d2..b92fcf2 100755 --- a/configs/releng/airootfs/usr/local/bin/livecd-sound +++ b/configs/releng/airootfs/usr/local/bin/livecd-sound @@ -3,7 +3,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later usage() { - cat <<- _EOF_ + cat <<-_EOF_ live cd sound helper script. Usage: livecdsound [OPTION] OPTIONS @@ -14,14 +14,13 @@ usage() { _EOF_ } -bugout () { +bugout() { printf "/usr/local/bin/livecdsound: programming error" stat_fail } -echo_card_indices() -{ - if [ -f /proc/asound/cards ] ; then +echo_card_indices() { + if [[ -f /proc/asound/cards ]]; then sed -n -e's/^[[:space:]]*\([0-7]\)[[:space:]].*/\1/p' /proc/asound/cards fi } @@ -33,8 +32,8 @@ echo_card_indices() # $1 <card id> # $2 <control> # $3 <level> -unmute_and_set_level(){ - { [ "$3" ] &&[ "$2" ] && [ "$1" ] ; } || bugout +unmute_and_set_level() { + [[ -n "$3" && -n "$2" && -n "$1" ]] || bugout systemd-cat -t "livecdsound" printf "Setting: %s on card: %s to %s\n" "$2" "$1" "$3" systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3" unmute return 0 @@ -42,9 +41,8 @@ unmute_and_set_level(){ # $1 <card id> # $2 <control> -mute_and_zero_level() -{ - { [ "$1" ] && [ "$2" ] ; } || bugout +mute_and_zero_level() { + [[ -n "$1" && -n "$2" ]] || bugout systemd-cat -t "livecdsound" printf "Muting control: %s on card: %s\n" "$2" "$1" systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "0%" mute return 0 @@ -53,17 +51,15 @@ mute_and_zero_level() # $1 <card ID> # $2 <control> # $3 "on" | "off" -switch_control() -{ - { [ "$3" ] && [ "$1" ] ; } || bugout +switch_control() { + [[ -n "$3" && -n "$1" ]] || bugout systemd-cat -t "livecdsound" printf "Switching control: %s on card: %s to %s\n" "$2" "$1" "$3" systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3" return 0 } # $1 <card ID> -sanify_levels_on_card() -{ +sanify_levels_on_card() { unmute_and_set_level "$1" "Front" "80%" unmute_and_set_level "$1" "Master" "80%" unmute_and_set_level "$1" "Master Mono" "80%" @@ -134,94 +130,89 @@ sanify_levels_on_card() } # $1 <card ID> | "all" -sanify_levels() -{ +sanify_levels() { local ttsdml_returnstatus=0 local card case "$1" in - all) - for card in $(echo_card_indices) ; do - sanify_levels_on_card "$card" || ttsdml_returnstatus=1 - done - ;; - *) - sanify_levels_on_card "$1" || ttsdml_returnstatus=1 - ;; + all) + for card in $(echo_card_indices); do + sanify_levels_on_card "$card" || ttsdml_returnstatus=1 + done + ;; + *) + sanify_levels_on_card "$1" || ttsdml_returnstatus=1 + ;; esac - return $ttsdml_returnstatus + return "$ttsdml_returnstatus" } # List all cards that *should* be usable for PCM audio. In my experience, # the console speaker (handled by the pcsp driver) isn't a suitable playback # device, so we'll exclude it. -list_non_pcsp_cards() -{ +list_non_pcsp_cards() { for card in $(echo_card_indices); do local cardfile="/proc/asound/card${card}/id" - if [ -r "$cardfile" ] && [ -f "$cardfile" ] && \ - [ "$(cat "$cardfile")" != pcsp ]; then + if [[ -r "$cardfile" && -f "$cardfile" && "$(cat "$cardfile")" != pcsp ]]; then echo "$card" fi done } # Properly initialize the sound card so that we have audio at boot. -unmute_all_cards() -{ +unmute_all_cards() { sanify_levels all } is_numeric() { - local str=$1 + local str="$1" [[ "$str" =~ ^[0-9]+$ ]] } set_default_card() { - local card=$1 - sed -e "s/%card%/$card/g" < /usr/local/share/livecd-sound/asound.conf.in \ - > /etc/asound.conf + local card="$1" + sed -e "s/%card%/$card/g" </usr/local/share/livecd-sound/asound.conf.in \ + >/etc/asound.conf } play_on_card() { - local card=$1 file=$2 + local card="$1" file="$2" aplay -q "-Dplughw:$card,0" "$file" } # If there are multiple usable sound cards, prompt the user to choose one, # using auditory feedback. -pick_a_card() -{ +pick_a_card() { set -f usable_cards="$(list_non_pcsp_cards)" - num_usable_cards="$(wc -w <<< "$usable_cards")" + num_usable_cards="$(wc -w <<<"$usable_cards")" - if [ "$num_usable_cards" -eq 1 ]; then + if (( num_usable_cards == 1 )); then systemd-cat -t "livecdsound" printf "Only one sound card is detected\n" exit 0 fi systemd-cat -t "livecdsound" printf "multiple sound cards detected\n" - for card in $usable_cards; do + for card in "${usable_cards[@]}"; do if ! is_numeric "$card"; then continue fi - play_on_card "$card" /usr/share/livecd-sounds/pick-a-card.wav& + play_on_card "$card" /usr/share/livecd-sounds/pick-a-card.wav & done wait sleep 1 - for card in $usable_cards; do + for card in "${usable_cards[@]}"; do if ! is_numeric "$card"; then continue - fi - play_on_card "$card" /usr/share/livecd-sounds/beep.wav - if read -r -t 10; then - systemd-cat -t "livecdsound" printf "Selecting %s sound card as default\n" "$card" - set_default_card "$card" - break - fi -done + fi + play_on_card "$card" /usr/share/livecd-sounds/beep.wav + if read -r -t 10; then + systemd-cat -t "livecdsound" printf "Selecting %s sound card as default\n" "$card" + set_default_card "$card" + break + fi + done } -if [[ $# -eq 0 ]]; then +if (( $# == 0 )); then echo "error: No argument passed." exit 1 fi diff --git a/configs/releng/efiboot/loader/entries/01-archiso-x86_64-linux.conf b/configs/releng/efiboot/loader/entries/01-archiso-x86_64-linux.conf index 1c2a7a8..bc8ab33 100644 --- a/configs/releng/efiboot/loader/entries/01-archiso-x86_64-linux.conf +++ b/configs/releng/efiboot/loader/entries/01-archiso-x86_64-linux.conf @@ -1,7 +1,5 @@ title Arch Linux install medium (x86_64, UEFI) sort-key 01 linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux -initrd /%INSTALL_DIR%/boot/intel-ucode.img -initrd /%INSTALL_DIR%/boot/amd-ucode.img initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img -options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% +options archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% diff --git a/configs/releng/efiboot/loader/entries/02-archiso-x86_64-speech-linux.conf b/configs/releng/efiboot/loader/entries/02-archiso-x86_64-speech-linux.conf index 64253d3..c0cb1c8 100644 --- a/configs/releng/efiboot/loader/entries/02-archiso-x86_64-speech-linux.conf +++ b/configs/releng/efiboot/loader/entries/02-archiso-x86_64-speech-linux.conf @@ -1,7 +1,5 @@ title Arch Linux install medium (x86_64, UEFI) with speech sort-key 02 linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux -initrd /%INSTALL_DIR%/boot/intel-ucode.img -initrd /%INSTALL_DIR%/boot/amd-ucode.img initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img -options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% accessibility=on +options archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% accessibility=on diff --git a/configs/releng/efiboot/loader/entries/03-archiso-x86_64-memtest86+.conf b/configs/releng/efiboot/loader/entries/03-archiso-x86_64-memtest86+.conf new file mode 100644 index 0000000..d0b305c --- /dev/null +++ b/configs/releng/efiboot/loader/entries/03-archiso-x86_64-memtest86+.conf @@ -0,0 +1,3 @@ +title Memtest86+ +sort-key 03 +efi /boot/memtest86+/memtest.efi diff --git a/configs/releng/grub/grub.cfg b/configs/releng/grub/grub.cfg index 1882e49..25194a3 100644 --- a/configs/releng/grub/grub.cfg +++ b/configs/releng/grub/grub.cfg @@ -9,28 +9,38 @@ insmod exfat insmod udf # Use graphics-mode output -insmod all_video -insmod font if loadfont "${prefix}/fonts/unicode.pf2" ; then - insmod gfxterm + insmod all_video set gfxmode="auto" terminal_input console - terminal_output gfxterm + terminal_output console fi # Enable serial console +insmod serial +insmod usbserial_common +insmod usbserial_ftdi +insmod usbserial_pl2303 +insmod usbserial_usbdebug if serial --unit=0 --speed=115200; then terminal_input --append serial terminal_output --append serial fi -# Search for the ISO volume -if [ -z "${ARCHISO_UUID}" ]; then - if [ -z "${ARCHISO_HINT}" ]; then - regexp --set=1:ARCHISO_HINT '^\(([^)]+)\)' "${cmdpath}" +# Get a human readable platform identifier +if [ "${grub_platform}" == 'efi' ]; then + archiso_platform='UEFI' + if [ "${grub_cpu}" == 'x86_64' ]; then + archiso_platform="x64 ${archiso_platform}" + elif [ "${grub_cpu}" == 'i386' ]; then + archiso_platform="IA32 ${archiso_platform}" + else + archiso_platform="${grub_cpu} ${archiso_platform}" fi - search --no-floppy --set=root --file '%ARCHISO_SEARCH_FILENAME%' --hint "${ARCHISO_HINT}" - probe --set ARCHISO_UUID --fs-uuid "${root}" +elif [ "${grub_platform}" == 'pc' ]; then + archiso_platform='BIOS' +else + archiso_platform="${grub_cpu} ${grub_platform}" fi # Set default menu entry @@ -38,36 +48,41 @@ default=archlinux timeout=15 timeout_style=menu -# GRUB init tune for accessibility -play 600 988 1 1319 4 # Menu entries -menuentry "Arch Linux install medium (x86_64, UEFI)" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' { +menuentry "Arch Linux install medium (%ARCH%, ${archiso_platform})" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' { set gfxpayload=keep - linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisodevice=UUID=${ARCHISO_UUID} - initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img + linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% + initrd /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img } -menuentry "Arch Linux install medium with speakup screen reader (x86_64, UEFI)" --hotkey s --class arch --class gnu-linux --class gnu --class os --id 'archlinux-accessibility' { +menuentry "Arch Linux install medium with speakup screen reader (%ARCH%, ${archiso_platform})" --hotkey s --class arch --class gnu-linux --class gnu --class os --id 'archlinux-accessibility' { set gfxpayload=keep - linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisodevice=UUID=${ARCHISO_UUID} accessibility=on - initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img + linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% accessibility=on + initrd /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img } -if [ "${grub_platform}" == "efi" ]; then - if [ "${grub_cpu}" == "x86_64" ]; then - menuentry "Run Memtest86+ (RAM test)" --class memtest86 --class gnu --class tool { - set gfxpayload=800x600,1024x768 - linux /boot/memtest86+/memtest.efi - } - menuentry "UEFI Shell" { - insmod chain + +if [ "${grub_platform}" == 'efi' -a "${grub_cpu}" == 'x86_64' -a -f '/boot/memtest86+/memtest.efi' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class memtest --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest.efi + } +fi +if [ "${grub_platform}" == 'pc' -a -f '/boot/memtest86+/memtest' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class memtest --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest + } +fi +if [ "${grub_platform}" == 'efi' ]; then + if [ "${grub_cpu}" == 'x86_64' -a -f '/shellx64.efi' ]; then + menuentry 'UEFI Shell' --class efi { chainloader /shellx64.efi } - elif [ "${grub_cpu}" == "i386" ]; then - menuentry "UEFI Shell" { - insmod chain + elif [ "${grub_cpu}" == "i386" -a -f '/shellia32.efi' ]; then + menuentry 'UEFI Shell' --class efi { chainloader /shellia32.efi } fi @@ -77,12 +92,16 @@ if [ "${grub_platform}" == "efi" ]; then } fi -menuentry "System shutdown" --class shutdown --class poweroff { - echo "System shutting down..." +menuentry 'System shutdown' --class shutdown --class poweroff { + echo 'System shutting down...' halt } -menuentry "System restart" --class reboot --class restart { - echo "System rebooting..." +menuentry 'System restart' --class reboot --class restart { + echo 'System rebooting...' reboot } + + +# GRUB init tune for accessibility +play 600 988 1 1319 4 diff --git a/configs/releng/grub/loopback.cfg b/configs/releng/grub/loopback.cfg new file mode 100644 index 0000000..d7d5ece --- /dev/null +++ b/configs/releng/grub/loopback.cfg @@ -0,0 +1,80 @@ +# https://www.supergrubdisk.org/wiki/Loopback.cfg + +# Search for the ISO volume +search --no-floppy --set=archiso_img_dev --file "${iso_path}" +probe --set archiso_img_dev_uuid --fs-uuid "${archiso_img_dev}" + +# Get a human readable platform identifier +if [ "${grub_platform}" == 'efi' ]; then + archiso_platform='UEFI' + if [ "${grub_cpu}" == 'x86_64' ]; then + archiso_platform="x64 ${archiso_platform}" + elif [ "${grub_cpu}" == 'i386' ]; then + archiso_platform="IA32 ${archiso_platform}" + else + archiso_platform="${grub_cpu} ${archiso_platform}" + fi +elif [ "${grub_platform}" == 'pc' ]; then + archiso_platform='BIOS' +else + archiso_platform="${grub_cpu} ${grub_platform}" +fi + +# Set default menu entry +default=archlinux +timeout=15 +timeout_style=menu + + +# Menu entries + +menuentry "Arch Linux install medium (%ARCH%, ${archiso_platform})" --class arch --class gnu-linux --class gnu --class os --id 'archlinux' { + set gfxpayload=keep + linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% img_dev=UUID=${archiso_img_dev_uuid} img_loop="${iso_path}" + initrd /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img +} + +menuentry "Arch Linux install medium with speakup screen reader (%ARCH%, ${archiso_platform})" --hotkey s --class arch --class gnu-linux --class gnu --class os --id 'archlinux-accessibility' { + set gfxpayload=keep + linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux archisobasedir=%INSTALL_DIR% img_dev=UUID=${archiso_img_dev_uuid} img_loop="${iso_path}" accessibility=on + initrd /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux.img +} + + +if [ "${grub_platform}" == 'efi' -a "${grub_cpu}" == 'x86_64' -a -f '/boot/memtest86+/memtest.efi' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class memtest --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest.efi + } +fi +if [ "${grub_platform}" == 'pc' -a -f '/boot/memtest86+/memtest' ]; then + menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class memtest --class gnu --class tool { + set gfxpayload=800x600,1024x768 + linux /boot/memtest86+/memtest + } +fi +if [ "${grub_platform}" == 'efi' ]; then + if [ "${grub_cpu}" == 'x86_64' -a -f '/shellx64.efi' ]; then + menuentry 'UEFI Shell' --class efi { + chainloader /shellx64.efi + } + elif [ "${grub_cpu}" == "i386" -a -f '/shellia32.efi' ]; then + menuentry 'UEFI Shell' --class efi { + chainloader /shellia32.efi + } + fi + + menuentry 'UEFI Firmware Settings' --id 'uefi-firmware' { + fwsetup + } +fi + +menuentry 'System shutdown' --class shutdown --class poweroff { + echo 'System shutting down...' + halt +} + +menuentry 'System restart' --class reboot --class restart { + echo 'System rebooting...' + reboot +} diff --git a/configs/releng/packages.x86_64 b/configs/releng/packages.x86_64 index 5771920..36c929d 100644 --- a/configs/releng/packages.x86_64 +++ b/configs/releng/packages.x86_64 @@ -4,7 +4,9 @@ arch-install-scripts archinstall b43-fwcutter base +bcachefs-tools bind +bolt brltty broadcom-wl btrfs-progs @@ -28,6 +30,7 @@ ethtool exfatprogs f2fs-tools fatresize +foot-terminfo fsarchiver gnu-netcat gpart @@ -43,6 +46,7 @@ iw iwd jfsutils kitty-terminfo +ldns less lftp libfido2 @@ -77,6 +81,7 @@ nvme-cli open-iscsi open-vm-tools openconnect +openpgp-card-tools openssh openvpn partclone @@ -95,6 +100,7 @@ rsync rxvt-unicode-terminfo screen sdparm +sequoia-sq sg3_utils smartmontools sof-firmware @@ -106,6 +112,7 @@ tcpdump terminus-font testdisk tmux +tpm2-tools tpm2-tss udftools usb_modeswitch @@ -114,6 +121,7 @@ usbutils vim virtualbox-guest-utils-nox vpnc +wezterm-terminfo wireless-regdb wireless_tools wpa_supplicant diff --git a/configs/releng/pacman.conf b/configs/releng/pacman.conf index 5296707..f907e66 100644 --- a/configs/releng/pacman.conf +++ b/configs/releng/pacman.conf @@ -70,17 +70,20 @@ LocalFileSigLevel = Optional # repo name header and Include lines. You can add preferred servers immediately # after the header, and they will be used before the default mirrors. -#[testing] -#Include = /etc/pacman.d/mirrorlist +#[core-testing] +#Include = /etc/pacman.d/mirrorlist32 [core] Include = /etc/pacman.d/mirrorlist32 +#[extra-testing] +#Include = /etc/pacman.d/mirrorlist32 + [extra] Include = /etc/pacman.d/mirrorlist32 #[community-testing] -#Include = /etc/pacman.d/mirrorlist +#Include = /etc/pacman.d/mirrorlist32 [community] Include = /etc/pacman.d/mirrorlist32 diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh index 834290b..f84b07b 100644 --- a/configs/releng/profiledef.sh +++ b/configs/releng/profiledef.sh @@ -4,7 +4,7 @@ iso_name="archlinux32" iso_label="ARCH_$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y%m)" iso_publisher="Arch Linux <https://archlinux.org>" -iso_application="Arch Linux Live/Rescue CD" +iso_application="Arch Linux Live/Rescue DVD" iso_version="$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y.%m.%d)" install_dir="arch" buildmodes=('iso') @@ -13,10 +13,12 @@ arch="i686" pacman_conf="pacman.conf" airootfs_image_type="squashfs" airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M') +bootstrap_tarball_compression=('zstd' '-c' '-T0' '--auto-threads=logical' '--long' '-19') file_permissions=( ["/etc/shadow"]="0:0:400" ["/root"]="0:0:750" ["/root/.automated_script.sh"]="0:0:755" + ["/root/.gnupg"]="0:0:700" ["/usr/local/bin/choose-mirror"]="0:0:755" ["/usr/local/bin/Installation_guide"]="0:0:755" ["/usr/local/bin/livecd-sound"]="0:0:755" diff --git a/configs/releng/syslinux/archiso_pxe-linux.cfg b/configs/releng/syslinux/archiso_pxe-linux.cfg index c18333f..6710f3e 100644 --- a/configs/releng/syslinux/archiso_pxe-linux.cfg +++ b/configs/releng/syslinux/archiso_pxe-linux.cfg @@ -5,8 +5,8 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (i686, NBD) LINUX ::/%INSTALL_DIR%/boot/i686/vmlinuz-linux -INITRD ::/%INSTALL_DIR%/boot/intel-ucode.img,::/%INSTALL_DIR%/boot/amd-ucode.img,::/%INSTALL_DIR%/boot/i686/initramfs-linux.img -APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% archiso_nbd_srv=${pxeserver} cms_verify=y +INITRD ::/%INSTALL_DIR%/boot/i686/initramfs-linux.img +APPEND archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% archiso_nbd_srv=${pxeserver} cms_verify=y SYSAPPEND 3 LABEL arch32_nfs @@ -16,7 +16,7 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (i686, NFS) LINUX ::/%INSTALL_DIR%/boot/i686/vmlinuz-linux -INITRD ::/%INSTALL_DIR%/boot/intel-ucode.img,::/%INSTALL_DIR%/boot/amd-ucode.img,::/%INSTALL_DIR%/boot/i686/initramfs-linux.img +INITRD ::/%INSTALL_DIR%/boot/i686/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archiso_nfs_srv=${pxeserver}:/run/archiso/bootmnt cms_verify=y SYSAPPEND 3 @@ -27,6 +27,6 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (i686, HTTP) LINUX ::/%INSTALL_DIR%/boot/i686/vmlinuz-linux -INITRD ::/%INSTALL_DIR%/boot/intel-ucode.img,::/%INSTALL_DIR%/boot/amd-ucode.img,::/%INSTALL_DIR%/boot/i686/initramfs-linux.img +INITRD ::/%INSTALL_DIR%/boot/i686/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archiso_http_srv=http://${pxeserver}/ cms_verify=y SYSAPPEND 3 diff --git a/configs/releng/syslinux/archiso_sys-linux.cfg b/configs/releng/syslinux/archiso_sys-linux.cfg index 907fb25..a81fd41 100644 --- a/configs/releng/syslinux/archiso_sys-linux.cfg +++ b/configs/releng/syslinux/archiso_sys-linux.cfg @@ -5,8 +5,8 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (i686, BIOS) LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux -INITRD /%INSTALL_DIR%/boot/intel-ucode.img,/%INSTALL_DIR%/boot/amd-ucode.img,/%INSTALL_DIR%/boot/i686/initramfs-linux.img -APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% +INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux.img +APPEND archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% # Accessibility boot option LABEL arch32speech @@ -16,5 +16,5 @@ It allows you to install Arch Linux or perform system maintenance with speech fe ENDTEXT MENU LABEL Arch Linux install medium (i686, BIOS) with ^speech LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux -INITRD /%INSTALL_DIR%/boot/intel-ucode.img,/%INSTALL_DIR%/boot/amd-ucode.img,/%INSTALL_DIR%/boot/i686/initramfs-linux.img -APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% accessibility=on +INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux.img +APPEND archisobasedir=%INSTALL_DIR% archisosearchuuid=%ARCHISO_UUID% accessibility=on |