Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/archiso
AgeCommit message (Collapse)Author
2021-05-10mkarchiso: Add buildmode to export netboot artifactsDavid Runge
archiso/mkarchiso: Implement a buildmode to export artifacts required for netboot with IPXE. When providing the buildmode 'netboot' via profiledef.sh or the `-m` option, all targets necessary to create an ISO medium are built, but the components required for netboot are exported to the output dir. Optionally, it is possible to provide a set of certificates for codsigning using the `-c` option, where the first file is considered as the signer certificate and the second as the key. Add `_export_netboot_artifacts()` to copy build artifacts to the output directory. Add `_sign_netboot_artifacts()` to codesign the netboot artifacts in the work directory. Add `_validate_requirements_buildmode_netboot()` to check for openssl. Add `_build_iso_base()` to implement common function calls between the 'iso' and the 'netboot' buildmodes. Add `_build_buildmode_netboot()` to make use of `_build_iso_base()`, (optionally) `_sign_netboot_artifacts()` and `_export_netboot_artifacts()`. Change `_build_buildmode_iso()` to make use of `_build_iso_base()`. Add `-c` as an option to mkarchiso to read in a list of file names. Unify the output of `_usage()` by using the same definition style for lists of strings provided to options that accept them (e.g. `-c`, `-m`, `-p`). Closes #128
2021-05-09mkarchiso: Implement buildmodes that allow building bootstrap imagesDavid Runge
archiso/mkarchiso: Introduce a buildmodes array, that can be used to build towards more than one output artifact type. Add a buildmode for building a bootstrap image (a compressed file containing a very minimal Arch installation). The buildmodes can be set either using a `buildmodes` array in a `profiledef.sh` or by using the `-m` option flag to mkarchiso and providing a space delimited, quoted list. The 'iso' buildmode is always the default if no buildmodes are setup. Implement building a bootstrap image, when using the 'bootstrap' `buildmode`, which uses a profile's 'bootstrap_packages.$arch' file to install packages using pacstrap and compressing it to a bootstrap image. The name of the output file is currently constructed from the `iso_name` value by appending `-bootstrap`. Replace the uses of `airootfs_dir` with the more generic `pacstrap_dir`, as the location denotes where pacstrap is being used. Replace uses of `img_name` with `image_name` and removing it from the global scope, so that it can be overridden per each buildmode. Rename `_cleanup_airootfs_dir()` to `_cleanup_pacstrap_dir()`. Make `_run_once()` more generic by prepending the state files with a string defined by `run_once_mode`. Add `_validate_requirements_buildmode_all()`, `_validate_requirements_buildmode_bootstrap()` and `_validate_requirements_buildmode_iso()` to validate the general requirements of the different buildmodes. Add `_build_bootstrap_image()` to generate the bootstrap image using bsdtar. Rename `_build_iso()` to `_build_iso_image()` to fit the naming of the respective bootstrap function. Extend `_read_profile()` to include the reading of bootstrap image specific packages from a file. Extend `_validate_options()` to include testing of the bootstrap packages and running of validation functions for all buildmodes. Change `_set_overrides()` to override the buildmodes if they are specified via the `-m` option flag. Change `_make_version()` to be used generically in all buildmodes. Change `_make_pkglist()` to be used generically in all buildmodes. Rename `_build_profile()` to `_build_buildmode_iso()` and set local variables that are specific to the buildmode, such as `image_name`, `pacstrap_dir`, `run_once_mode` , `buildmode_packages` and `buildmode_pkg_list`. Add `_build_buildmode_bootstrap()` and set local variables that are specific to the buildmode, such as `image_name`, `pacstrap_dir`, `run_once_mode` , `buildmode_packages` and `buildmode_pkg_list`. Add the `-m` option flag to the list of flags. Closes #127
2021-05-01Set more generic output for signaturesDavid Runge
archiso/mkarchiso: Change the help output to reflect that the `-g` option is generically signing a rootfs (which may be e.g. squashfs or erofs). Change the output of `_mksignature()` to be more generic, as it signs any type of understood rootfs image (which may be e.g. squashfs or erofs).
2021-05-01Force PGP signature file extensionDavid Runge
archiso/mkarchiso: Force the file extension in use for the PGP signatures of the rootfs to always be .sig. When gnupg's 'armor' configuration option is used, the output otherwise defaults to using .asc. As the verification hook in mkinitcpio-archiso expects the .sig file extension, verifying the rootfs will fail in that scenario.
2021-04-30mkarchiso: create reproducible gzip archivesnl6720
Use the gzip option -n/--no-name to prevent saving the original file name and timestamp. Fixes #104.
2021-04-30mkarchiso: make sure to remove potentially preexisting files from ↵nl6720
$airootfs_dir before creating them with output redirection mkarchiso creates "${airootfs_dir}/etc/machine-id" by using output redirection. If this file is an existing symlink, then the printf output would be written to the symlink target. It can be a big issue in case the symlink resolves to a path outside ${airootfs_dir}. Fixes #121.
2021-04-30mkarchiso: append IMAGE_ID and IMAGE_VERSION to /etc/os-releasenl6720
This provides the ISO version information in the os-release file. * IMAGE_ID is set to the value of $iso_name. * IMAGE_VERSION is set to the value of $iso_version. Implements #116.
2021-04-30Ignore SC3060 in initcpio hookDavid Runge
archiso/initcpio/hooks/archiso_pxe_common: Disable shellcheck's SC3060, as ash is able to do bash-like string replacements.
2021-04-07mkarchiso: also add iso name in grub environment blockChristian Hesse
2021-04-07mkarchiso: use -isohybrid-gpt-basdat instead of -appended_part_as_gpt for ↵nl6720
ISOs that will support BIOS booting Some hardware, like Lenovo Thinkpad T420, will not BIOS boot if the disk has a valid GPT. See https://bbs.archlinux.org/viewtopic.php?id=264096 . Instead of a valid GPT, change to a valid MBR and invalid GPT similar to what was used before 729d16b48c99c5d9b23a89123ecde4ecacfa8705. That layout, despite having crazy partition tables, boots everywhere. The difference is that -append_partition is still kept and specified before -isohybrid-gpt-basdat. Thus the appended partition will be listed as EFI system partition in MBR and as Microsoft basic partition in the invalid GPT. Fixes #102.
2021-03-26mkarchiso: do not set default mksquashfs optionsnl6720
Remove hardcoded '-comp xz', it prevents using mksquashfs defaults. Fixes #112.
2021-03-21Recursively change file permissions for folders listed in profiledef.shMichael Gilchrist
- if a folder listed in the associative array ends with a "/", recursively apply chmod and chown.
2021-03-09Support EROFSnl6720
EROFS, like Squashfs, is a read-only file system. It can be used to store airootfs in an image file. Its advantage is the support for POSIX ACLs. EROFS downside is that currently it only supports LZ4 compression (LZMA support is not yet fully implemented). A difference from Squashfs is that, EROFS stores change time (ctime) not modification time (mtime). The reverse is true for Squashfs. Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/59
2021-03-09archiso/initcpio/hooks/archiso: remove redundant /sfs/ from airootfs mount pointnl6720
Remove /run/archiso/bootmnt directory if nothing is mounted there. An empty directory is just confusing.
2021-01-29Support setting more variables in profiledef.sh and rework the way overrides ↵nl6720
are applied - Apply overrides before validating the options. - Parse all paths with realpath. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/84 .
2021-01-26archiso_pxe_common: remove resolv.conf before copyChristian Hesse
Booting via PXE we want to keep our DNS configuration. So remove /etc/resolv.conf in new root before copying the current file. Without this systemd-resolved fallback nameservers are used and we see an error message when the root ships a symbolic link to systemd-resolved's stub-resolv.conf: cp: not writing through dangling symlink '/new_root/etc/resolv.conf'
2021-01-26mkarchiso: add version informationChristian Hesse
To date the iso version was used for iso volume information and iso file name. In my custom builds I do use it a lot more: * Inside the root fs: The system knows about its own version. I use this to: -> report the version to a server (poor man's inventory) -> let the system update itself * On the iso fs: The files are served via rsync, running systems transfer version file first to check for available update. * A grub environment file on the iso fs: Booting the iso from grub allows to create cow directory per version: loopback loop archlinux.iso load_env -f (loop)/arch/grubenv linux (loop)/arch/boot/x86_64/vmlinuz-linux ... \ cow_directory=archlinux/${VERSION} ... So let's just create these files.
2021-01-23mkarchiso: fix typosChristian Hesse
2021-01-07Combine sed commands to reduce file writesnl6720
2020-11-30Fix issues with file ownerships/modesDavid Runge
archiso/mkarchiso: Make sure to always compare absolute paths in `_make_custom_airootfs()` (as `realpath` is used). Remove `echo` calls that prevent the setting of actual file ownerships and modes. configs/releng/profiledef.sh: Set file mode of /root/.automated_script.sh to 755. Fixes #82
2020-11-30Keep all SYSLINUX files in /syslinuxnl6720
This gets rid of the duplicate ldlinux.c32 and the useless isolinux.cfg which only points to syslinux.cfg. Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/46 .
2020-11-30Prevent path traversal outside of $airootfs_dirnl6720
2020-11-30Allow specifying ownership and mode of custom airootfs files and directoriesnl6720
profiledef.sh can now contain an associative array called file_permissions which can be used to set custom ownership and mode of custom airootfs files. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and access mode. For example: file_permissions=( ["/etc/shadow"]="0:0:400" ) This means that mkarchiso now copies airootfs files (and directores) without permissions and anything that should be owned by a user other than root and/or if the mode should be something other than 644 for files and 755 for directories must to be listed in ${file_permission[@]} in profiledef.sh. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/61 .
2020-11-18Reset network interfaces at the end of the PXE boot to allow DHCP to runfdupoux
2020-11-18Fix evaluation bugs in mkarchisoDavid Runge
archiso/mkarchiso: Guard the call to `_mksignature()` in `_prepare_airootfs_image()` by an if statement. Using the `&&` logic leads to `_prepare_airootfs_image()` evaluating to false if `$gpg_key` is not set. Add `_msg_info()` calls to `_set_override()` which prevent the function from evaluating to false if no override is being done. Additionally this is great for debugging purposes. Add `_msg_info()` calls to `_read_profile()` (which is great for debugging purposes). Fixes #81
2020-11-14mkarchiso: add xorrisofs options from boot mode specific functions instead ↵nl6720
of hardcoding them in _build_iso
2020-11-14mkarchiso: validate profile right after reading itnl6720
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/76 .
2020-11-14mkarchiso: general cleanup and simplificationnl6720
- Remove remnants of the now removed legacy commands. - Improve readability by getting rid of some "if" statements when performing string comparisons. - Rename functions to make their purpose more clear. - Move some conditions from functions to their invocations.
2020-10-30Configure the image type and image creation options using profiles (#54)fdupoux
2020-10-29Remove build.sh support from profiles and mkarchisoDavid Runge
configs/{baseline,releng}/build.sh: Remove `build.sh` scripts. They were deprecated with v47. archiso/mkarchiso: Remove all `build.sh` related functionality (i.e. `command_pkglist()`, `command_iso()`, `command_prepare()`, `command_install()`, `command_init()`, `command_run()`). Rename `command_build_profile()` to `_build_profile()` to be more in line with the style of the other function naming. Change `_show_config()` to only print info about the profile and make no more use of parameters. Remove all help output related to legacy `build.sh` commands. Fixes #51
2020-10-24Set CacheDir and HookDir for profile more sanelyDavid Runge
archiso/mkarchiso: Change `_pacman()` to use the *modified* pacman.conf from the work_dir, instead of using the *unmodified* pacman.conf from the profile. Change `_make_pacman_conf()` to compare the system's and the profile's CacheDir setting and use the profile's CacheDir setting only if it's not the default and not the same as the system's. Always set the HookDir to the airootfs' override directory, so that no hooks from the host system are being run. Remove DBPath, LogFile and RootDir settings from the work_dir pacman.conf as they are otherwise referring to the host system, **even if** pacman is being called with the `-r` flag. Fix a typo in _make_custom_airootfs(). README.profile.rst: Add information about the pacman.conf in a profile and how configuration options behave, when used by mkarchiso. Fixes #73 Fixes #74
2020-10-24Move FAT image to a separate partition outside the ISO 9660 file systemnl6720
Support bios.syslinux.eltorito boot mode without bios.syslinux.mbr. bios.syslinux.mbr does not work without bios.syslinux.eltorito because -isohybrid-mbr requires the El Torito boot image. Support uefi-x64.systemd-boot.esp boot mode without uefi-x64.systemd-boot.eltorito and vice versa. If uefi-x64.systemd-boot.eltorito is used without uefi-x64.systemd-boot.esp, the El Torito boot image will be placed in the ISO 9660 file system as before. Note that an ISO created with only uefi-x64.systemd-boot.eltorito will still be bootable as a "hard disk" on OVMF. OVMF will boot the El Torito image. This change has the following effect on the partition tables: - *.eltorito options add El Torito boot catalog entries. MBR and GPT are not affected. - uefi-x64.systemd-boot.esp creates a protective MBR partition table and a GPT table that includes a Linux filesystem data partition for the ISO 9660 volume, an EFI system partition and a Microsoft basic data partition that maps the 300 KiB padding added by xorriso. - bios.syslinux.mbr (without uefi-x64.systemd-boot.esp): adds a MBR partition table and maps the ISO 9660 volume as a partition of type 0x83. No GPT is produced. - bios.syslinux.mbr (with uefi-x64.systemd-boot.esp): adds an second partition in the MBR (after 0xEE) starting from sector 0 to sector 1 with type 0 and marks it as bootable. This violates the GPT specification, but allows some systems to succesfully boot in BIOS mode from GPT. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/49
2020-10-07Ensure that _make_boot_uefi-x64.systemd-boot.esp can be re-run if it failsnl6720
Remove efiboot.img if it exists so that mkfs.fat does not fail.
2020-10-07Save SOURCE_DATE_EPOCH to a file and read it from the file when resuming a buildnl6720
Print the build date. Don't re-run mksquashfs if it succeeded, but the failure was in gpg signing. For example, if the gpg pinentry timed out.
2020-10-07Check command line parameter count instead of option count, and do it after ↵nl6720
evaluating option arguments Fixes b6241cb1d07fe38128a67ae73e1ee57085085eaf .
2020-10-04Don't require root privileges just to show a "No command specified" errornl6720
Check if a profile or command is specified before looking at EUID.
2020-10-03Replace bash arithmetic with awk functionsDavid Runge
archiso/mkarchiso: The bash arithmethics in _make_boot_uefi-x64.systemd-boot.esp() introduced rounding issues, that can lead to insufficient FAT image size for the files. Conversion functions for awk now replace the bash arithmetics and additionally a ceil() function rounds the calculated size up to the next full MiB. Add an info message about the size of the created FAT image. Fixes #70
2020-09-29Fix info message for legacy commandDavid Runge
archiso/mkarchiso: Change the way _show_config() displays information about the build environment, as displaying a profile directory as a legacy command to mkarchiso is confusing. The function now prints a deprecation message if '$command_name' is not a directory (i.e. not a profile). Remove 'command_' prefix from help output for legacy commands (the prefix is only in use for internal functions). Relates to !69 Fixes #60
2020-09-27Calculate required efiboot.img size instead of hardcoding itnl6720
Use du to count the file size of the kernel(s), initramfs images and boot loader (and its configuration). This allows to compress initramfs with something other than xz, or have more than one kernel installed. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/62 .
2020-09-27archiso/mkarchiso: do not hardcode the kernel and initramfs file namesnl6720
All kernels and initramfs images from airootfs are copied to ${install_dir}/boot/ on both ISO 9660 and FAT. This allows providing multiple kernels. The kernel package needs to be added to packages.x86_64 and the boot loader configuration files created/adjusted appropriately. Support all possible microcode initrd file names.
2020-09-27Use the same file paths in both ISO 9660 and FATnl6720
This allows to use only one systemd-boot configuration file per kernel. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/44 .
2020-09-27Do not rename the initramfs imagenl6720
This is a breaking change. archweb, archiso-manager and various documentation must be updated. * https://github.com/archlinux/archweb/blob/master/templates/releng/archlinux.ipxe * https://github.com/pierres/archiso-manager/blob/master/Makefile
2020-09-05Do not overwrite existing files when copying from /etc/skel/nl6720
Copy /etc/skel/ only for users with UID in range 1000–60000. Correct user home directory permission after copying files. Fixes all /etc/skel issues from https://bugs.archlinux.org/task/67729 .
2020-09-02Create directories and copy files to the FAT image using mtools instead of ↵nl6720
mounting the file system - mtools supports SOURCE_DATE_EPOCH. - The image file is operated on directly instead of mounting the file system. This is a prerequisite to limit the commands that run with root privileges. Related to https://gitlab.archlinux.org/archlinux/archiso/-/issues/40 . - Add a reminder comment to not get rid of the dosfstools dependency, since a mformat made FAT image can fail to boot on some systems.
2020-08-25Add missing declaration of override_install_dirDavid Runge
**archiso/mkarchiso**: In d90184a the unbound variable `override_install_dir` was introduced by accident. It is required to be set to empty string to provide override functionality for `install_dir`. Fixes #57
2020-08-25Pass profile directory as parameter to mkarchisoDavid Runge
**archiso/mkarchiso**: Change all override option parameters (i.e. `-A`, `-C`, `-D`, `-L`, `-P` and `-g`) to not directly override the global variable they are tied to, but instead using an `override_` prefixed variable. Add `_set_overrides()` to use `override_` prefixed variables (if set) to override those without a prefix. Remove `-B` (a profile directory) from the list of parameters. The profile directory is now provided as separate non-option parameter. Add a call to `_read_profile()`, `_set_overrides()` and `command_build_profile()` to the fallthrough option of the switch-case checking `command_name` - a non-option parameter to mkarchiso. This effectively provides the possibility to set the profile directory using a non-option parameter, while still maintaining compatibility to legacy named arguments used in the configs' `build.sh` scripts. Extend the warning in regards to legacy `build.sh` based commands to mkarchiso by providing an EOL with archiso v49. Change the help output to reflect the changes and further elaborate on the legacy commands used by `build.sh` scripts. Change help output to be ordered alphabetically. Add help output for `-r` and `-g` options. Call `_set_overrides()` for legacy commands that accept one or more of the overriden options (i.e. `command_init`, `command_install`, `command_prepare` and `command_iso`). Various style fixes. **configs/{baseline,releng}/build.sh**: Change call to mkarchiso to use the profile's directory as a named argument instead of an option-argument. **README.rst**: Fix documentation on how to call mkarchiso with a profile directory. Fix wording and ordering of option arguments for run_archiso documentation. Fixes #52
2020-08-21archiso/mkarchiso: reduce duplication and add more info messagesnl6720
Fixes to issues introduced in https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/59 : - _make_boot_on_fat(): copy initramfs from "${airootfs_dir}/boot/" not "${isofs_dir}/". Otherwise UEFI-only ISOs cannot be built. Some general fixes: - Replace mkdir with install. Unlike mkdir, install does not complain when the target exists. - Reduce excess newlines produced by messages. - Ensure FAT image gets unmounted in case the script is interrupted. - Create the ext4 image with mkfs.ext4 instead of truncate. - Do not rely on user and group names for chown commands. Use numeric UID and GID instead. - Minimize the times stderr is redirected to /dev/null. - Add missing '?' to getopts. - Standardize function definitions by removing spaces between the function name and () .
2020-08-18archiso/mkarchiso: correct the path of airootfs/etc/machine-idnl6720
Use "${airootfs_dir}". Fixes a mistake introduced when rebasing https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/64 .
2020-08-18Add Joliet file system to the ISOnl6720
Joliet ensures correct file names capitalization on operating systems that support Joliet but not support Rock Ridge. Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/45 .
2020-08-18archiso/mkarchiso: create an empty /etc/machine-idnl6720
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/42 .