Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.profile.rst8
-rw-r--r--archiso/initcpio/hooks/archiso45
-rw-r--r--archiso/initcpio/hooks/archiso_pxe_http10
-rwxr-xr-xarchiso/mkarchiso32
-rw-r--r--configs/baseline/profiledef.sh1
-rw-r--r--configs/releng/profiledef.sh1
6 files changed, 85 insertions, 12 deletions
diff --git a/README.profile.rst b/README.profile.rst
index 6541bd7..7680628 100644
--- a/README.profile.rst
+++ b/README.profile.rst
@@ -49,9 +49,11 @@ The image file is constructed from some of the variables in **profiledef.sh**: `
- `squashfs`: Create a squashfs image directly from the airootfs work directory
- `ext4+squashfs`: Create an ext4 partition, copy the airootfs work directory to it and create a squashfs image from it
-* `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. Currently only
- `mksquashfs` is supported - see `mksquashfs --help` for all possible options (defaults to `('-comp' 'xz')`).
- - `file_permissions`: An associative array that lists files and/or directories who need specific ownership or
+ - `erofs`: Create an EROFS image for the airootfs work directory
+* `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. `mksquashfs` and
+ `mkfs.erofs` are supported. See `mksquashfs --help` or `mkfs.erofs --help` for all possible options (defaults to
+ `('-comp' 'xz')` for squashfs).
+* `file_permissions`: An associative array that lists files and/or directories who need specific ownership or
permissions. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and
access mode. E.g. `file_permissions=(["/etc/shadow"]="0:0:400")`.
diff --git a/archiso/initcpio/hooks/archiso b/archiso/initcpio/hooks/archiso
index bf98332..1b848ce 100644
--- a/archiso/initcpio/hooks/archiso
+++ b/archiso/initcpio/hooks/archiso
@@ -81,12 +81,36 @@ _mnt_sfs() {
_mnt_dev "${sfs_dev}" "${mnt}" "-r" "defaults"
}
+# args: /path/to/image_file, mountpoint
+_mnt_erofs() {
+ local img="${1}"
+ local mnt="${2}"
+ local img_fullname="${img##*/}"
+ local erofs_dev
+
+ # shellcheck disable=SC2154
+ # defined via initcpio's parse_cmdline()
+ if [ "${copytoram}" = "y" ]; then
+ msg -n ":: Copying EROFS image to RAM..."
+ if ! cp -- "${img}" "/run/archiso/copytoram/${img_fullname}" ; then
+ echo "ERROR: while copy '${img}' to '/run/archiso/copytoram/${img_fullname}'"
+ launch_interactive_shell
+ fi
+ img="/run/archiso/copytoram/${img_fullname}"
+ msg "done."
+ fi
+ erofs_dev="$(losetup --find --show --read-only -- "${img}")"
+ echo "${erofs_dev}" >> /run/archiso/used_block_devices
+ _mnt_dev "${erofs_dev}" "${mnt}" "-r" "defaults" "erofs"
+}
+
# args: device, mountpoint, flags, opts
_mnt_dev() {
local dev="${1}"
local mnt="${2}"
local flg="${3}"
local opts="${4}"
+ local fstype="${5:-auto}"
mkdir -p "${mnt}"
@@ -99,7 +123,7 @@ _mnt_dev() {
launch_interactive_shell
done
- if mount -o "${opts}" "${flg}" "${dev}" "${mnt}"; then
+ if mount -t "${fstype}" -o "${opts}" "${flg}" "${dev}" "${mnt}"; then
msg ":: Device '${dev}' mounted successfully."
else
echo "ERROR; Failed to mount '${dev}'"
@@ -120,8 +144,9 @@ _verify_checksum() {
_verify_signature() {
local _status
+ local sigfile="${1}"
cd "/run/archiso/bootmnt/${archisobasedir}/${arch}" || exit 1
- gpg --homedir /gpg --status-fd 1 --verify airootfs.sfs.sig 2>/dev/null | grep -qE '^\[GNUPG:\] GOODSIG'
+ gpg --homedir /gpg --status-fd 1 --verify "${sigfile}" 2>/dev/null | grep -qE '^\[GNUPG:\] GOODSIG'
_status=$?
cd -- "${OLDPWD}" || exit 1
return ${_status}
@@ -160,6 +185,7 @@ run_hook() {
# args: /path/to/newroot
archiso_mount_handler() {
local newroot="${1}"
+ local sigfile
if ! mountpoint -q "/run/archiso/bootmnt"; then
_mnt_dev "${archisodevice}" "/run/archiso/bootmnt" "-r" "defaults"
@@ -190,15 +216,20 @@ archiso_mount_handler() {
# defined via initcpio's parse_cmdline()
if [ "${verify}" = "y" ]; then
if [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs.sig" ]; then
+ sigfile="airootfs.sfs.sig"
+ elif [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs.sig" ]; then
+ sigfile="airootfs.erofs.sig"
+ fi
+ if [ -n "${sigfile}" ]; then
msg -n ":: Signature verification requested, please wait..."
- if _verify_signature; then
+ if _verify_signature "${sigfile}"; then
msg "done. Signature is OK, continue booting."
else
echo "ERROR: one or more files are corrupted"
launch_interactive_shell
fi
else
- echo "ERROR: verify=y option specified but ${archisobasedir}/${arch}/airootfs.sfs.sig not found"
+ echo "ERROR: verify=y option specified but GPG signature not found in ${archisobasedir}/${arch}/"
launch_interactive_shell
fi
fi
@@ -221,7 +252,11 @@ archiso_mount_handler() {
mkdir -p "/run/archiso/cowspace/${cow_directory}"
chmod 0700 "/run/archiso/cowspace/${cow_directory}"
- _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" "/run/archiso/airootfs"
+ if [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" ]; then
+ _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" "/run/archiso/airootfs"
+ elif [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs" ]; then
+ _mnt_erofs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs" "/run/archiso/airootfs"
+ fi
if [ -f "/run/archiso/airootfs/airootfs.img" ]; then
_mnt_dmsnapshot "/run/archiso/airootfs/airootfs.img" "${newroot}" "/"
else
diff --git a/archiso/initcpio/hooks/archiso_pxe_http b/archiso/initcpio/hooks/archiso_pxe_http
index efae923..43b8b4b 100644
--- a/archiso/initcpio/hooks/archiso_pxe_http
+++ b/archiso/initcpio/hooks/archiso_pxe_http
@@ -39,6 +39,7 @@ _curl_get() {
archiso_pxe_http_mount_handler () {
newroot="${1}"
+ local img_type="sfs"
msg ":: Mounting /run/archiso/httpspace (tmpfs) filesystem, size='${archiso_http_spc}'"
mkdir -p "/run/archiso/httpspace"
@@ -46,7 +47,12 @@ archiso_pxe_http_mount_handler () {
# shellcheck disable=SC2154
# defined via initcpio's parse_cmdline()
- _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs" "/${arch}"
+ if ! curl -L -f -o /dev/null -s -r 0-0 "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs"; then
+ if curl -L -f -o /dev/null -s -r 0-0 "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.erofs"; then
+ img_type="erofs"
+ fi
+ fi
+ _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.${img_type}" "/${arch}"
# shellcheck disable=SC2154
# defined via initcpio's parse_cmdline()
@@ -56,7 +62,7 @@ archiso_pxe_http_mount_handler () {
# shellcheck disable=SC2154
# defined via initcpio's parse_cmdline()
if [ "${verify}" = "y" ]; then
- _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs.sig" "/${arch}"
+ _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.${img_type}.sig" "/${arch}"
fi
mkdir -p "/run/archiso/bootmnt"
diff --git a/archiso/mkarchiso b/archiso/mkarchiso
index 021bcfa..0d7c698 100755
--- a/archiso/mkarchiso
+++ b/archiso/mkarchiso
@@ -200,13 +200,30 @@ _mkairootfs_squashfs() {
install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
_msg_info "Creating SquashFS image, this may take some time..."
_run_mksquashfs "${airootfs_dir}"
+}
+
+# Makes an EROFS file system from a source directory.
+_mkairootfs_erofs() {
+ local fsuuid
+ [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1
+
+ install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
+ local image_path="${isofs_dir}/${install_dir}/${arch}/airootfs.erofs"
+ # Generate reproducible file system UUID from SOURCE_DATE_EPOCH
+ fsuuid="$(uuidgen --sha1 --namespace 93a870ff-8565-4cf3-a67b-f47299271a96 --name "${SOURCE_DATE_EPOCH}")"
+ _msg_info "Creating EROFS image, this may take some time..."
+ mkfs.erofs -U "${fsuuid}" "${airootfs_image_tool_options[@]}" -- "${image_path}" "${airootfs_dir}"
_msg_info "Done!"
}
_mkchecksum() {
_msg_info "Creating checksum file for self-test..."
cd -- "${isofs_dir}/${install_dir}/${arch}"
- sha512sum airootfs.sfs > airootfs.sha512
+ if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then
+ sha512sum airootfs.sfs > airootfs.sha512
+ elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then
+ sha512sum airootfs.erofs > airootfs.sha512
+ fi
cd -- "${OLDPWD}"
_msg_info "Done!"
}
@@ -214,7 +231,11 @@ _mkchecksum() {
_mksignature() {
_msg_info "Signing SquashFS image..."
cd -- "${isofs_dir}/${install_dir}/${arch}"
- gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs
+ if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then
+ gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs
+ elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then
+ gpg --detach-sign --default-key "${gpg_key}" airootfs.erofs
+ fi
cd -- "${OLDPWD}"
_msg_info "Done!"
}
@@ -634,6 +655,13 @@ _validate_requirements_airootfs_image_type_ext4+squashfs() {
_validate_requirements_airootfs_image_type_squashfs
}
+_validate_requirements_airootfs_image_type_erofs() {
+ if ! command -v mkfs.erofs; then
+ (( validation_error=validation_error+1 ))
+ _msg_error "Validating '${airootfs_image_type}': mkfs.erofs is not available on this host. Install 'erofs-utils'!" 0
+ fi
+}
+
# SYSLINUX El Torito
_add_xorrisofs_options_bios.syslinux.eltorito() {
xorrisofs_options+=(
diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh
index de9edfa..7c89c0f 100644
--- a/configs/baseline/profiledef.sh
+++ b/configs/baseline/profiledef.sh
@@ -10,6 +10,7 @@ install_dir="arch"
bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
arch="x86_64"
pacman_conf="pacman.conf"
+airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
file_permissions=(
["/etc/shadow"]="0:0:400"
diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh
index 2d45ebd..d5f8bcb 100644
--- a/configs/releng/profiledef.sh
+++ b/configs/releng/profiledef.sh
@@ -10,6 +10,7 @@ install_dir="arch"
bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
arch="x86_64"
pacman_conf="pacman.conf"
+airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
file_permissions=(
["/etc/shadow"]="0:0:400"