From 7c2247f615ecdff8d236ac90c4bec1c3d255a497 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Wed, 12 Aug 2020 19:42:02 +0300 Subject: archiso/mkarchiso: allow choosing boot modes from profiledef.sh Boot mode names are: - bios_syslinux.mbr: SYSLINUX in MBR - bios.syslinux.eltorito: SYSLINUX (ISOLINUX) via El Torito - uefi-x64.systemd-boot.esp: systemd-boot on ESP in MBR - uefi-x64.systemd-boot.eltorito: systemd-boot on ESP via El Torito It is not yet possible to create an ISO with only El Torito or only MBR boot modes! --- configs/baseline/profiledef.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 configs/baseline/profiledef.sh (limited to 'configs/baseline/profiledef.sh') diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh new file mode 100644 index 0000000..9ced69e --- /dev/null +++ b/configs/baseline/profiledef.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +# shellcheck disable=SC2034 + +iso_name="archlinux-baseline" +iso_label="ARCH_$(date +%Y%m)" +iso_publisher="Arch Linux " +iso_application="Arch Linux baseline" +iso_version="$(date +%Y.%m.%d)" +install_dir="arch" +bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito') +arch="x86_64" +pacman_conf="pacman.conf" -- cgit v1.2.3-70-g09d2 From ae0e914114d2ff84e43b4da3b1b2bf855cff01d3 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sun, 4 Oct 2020 17:48:15 +0300 Subject: configs/baseline: support UEFI --- configs/baseline/efiboot/loader/entries/archiso-x86_64-linux.conf | 7 +++++++ configs/baseline/efiboot/loader/loader.conf | 5 +++++ configs/baseline/profiledef.sh | 2 +- configs/baseline/syslinux/syslinux-linux.cfg | 2 +- 4 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 configs/baseline/efiboot/loader/entries/archiso-x86_64-linux.conf create mode 100644 configs/baseline/efiboot/loader/loader.conf (limited to 'configs/baseline/profiledef.sh') diff --git a/configs/baseline/efiboot/loader/entries/archiso-x86_64-linux.conf b/configs/baseline/efiboot/loader/entries/archiso-x86_64-linux.conf new file mode 100644 index 0000000..8dd7a16 --- /dev/null +++ b/configs/baseline/efiboot/loader/entries/archiso-x86_64-linux.conf @@ -0,0 +1,7 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +title Arch Linux (x86_64, UEFI) +linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux +initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img +options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% diff --git a/configs/baseline/efiboot/loader/loader.conf b/configs/baseline/efiboot/loader/loader.conf new file mode 100644 index 0000000..1ea5ce5 --- /dev/null +++ b/configs/baseline/efiboot/loader/loader.conf @@ -0,0 +1,5 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +timeout 3 +default archiso-x86_64-linux.conf diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index 9ced69e..2efd38f 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -7,6 +7,6 @@ iso_publisher="Arch Linux " iso_application="Arch Linux baseline" iso_version="$(date +%Y.%m.%d)" install_dir="arch" -bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito') +bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito') arch="x86_64" pacman_conf="pacman.conf" diff --git a/configs/baseline/syslinux/syslinux-linux.cfg b/configs/baseline/syslinux/syslinux-linux.cfg index c4b015b..21dfbd7 100644 --- a/configs/baseline/syslinux/syslinux-linux.cfg +++ b/configs/baseline/syslinux/syslinux-linux.cfg @@ -2,7 +2,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later LABEL arch -MENU LABEL Arch Linux +MENU LABEL Arch Linux (x86_64, BIOS) LINUX boot/%ARCH%/vmlinuz-linux INITRD boot/%ARCH%/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% -- cgit v1.2.3-70-g09d2 From 42d9e4f983e9dbafb94a6fc52df1b25973afb63a Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sat, 14 Nov 2020 11:43:13 +0200 Subject: Allow specifying ownership and mode of custom airootfs files and directories profiledef.sh can now contain an associative array called file_permissions which can be used to set custom ownership and mode of custom airootfs files. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and access mode. For example: file_permissions=( ["/etc/shadow"]="0:0:400" ) This means that mkarchiso now copies airootfs files (and directores) without permissions and anything that should be owned by a user other than root and/or if the mode should be something other than 644 for files and 755 for directories must to be listed in ${file_permission[@]} in profiledef.sh. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/61 . --- README.profile.rst | 8 ++++++-- archiso/mkarchiso | 41 +++++++++++++++++++---------------------- configs/baseline/profiledef.sh | 3 +++ configs/releng/profiledef.sh | 8 ++++++++ 4 files changed, 36 insertions(+), 24 deletions(-) (limited to 'configs/baseline/profiledef.sh') diff --git a/README.profile.rst b/README.profile.rst index fef34f9..1729319 100644 --- a/README.profile.rst +++ b/README.profile.rst @@ -52,6 +52,9 @@ The image file is constructed from some of the variables in **profiledef.sh**: ` - `ext4+squashfs`: Create an ext4 partition, copy the airootfs work directory to it and create a squashfs image from it * `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. Currently only `mksquashfs` is supported - see `mksquashfs --help` for all possible options (defaults to `('-comp' 'xz')`). + - `file_permissions`: An associative array that lists files and/or directories who need specific ownership or + permissions. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and + access mode. E.g. `file_permissions=(["/etc/shadow"]="0:0:400")`. packages.arch ============= @@ -91,8 +94,9 @@ airootfs This - optional - directory may contain files and directories that will be copied to the work directory of the resulting image's root filesystem. The files are copied before packages are being installed to work directory location. -Ownership of files and directories from the profile's `airootfs` directory are not preserved (permissions are currently -the same as in the profile's `airootfs` - see `#61 `_). +Ownership and permissions of files and directories from the profile's `airootfs` directory are not preserved. The mode +will be `644` for files and `755` for directories, all of them will be owned by root. To set custom ownership and/or +permissions, use `file_permissions` in **profiledef.sh**. With this overlay structure it is possible to e.g. create users and set passwords for them, by providing `airootfs/etc/passwd`, `airootfs/etc/shadow`, `airootfs/etc/gshadow` (see `man 5 passwd`, `man 5 shadow` and `man 5 diff --git a/archiso/mkarchiso b/archiso/mkarchiso index a3b1e53..99c8114 100755 --- a/archiso/mkarchiso +++ b/archiso/mkarchiso @@ -37,6 +37,7 @@ override_pacman_conf="" bootmodes=() airootfs_image_type="squashfs" airootfs_image_tool_options=('-comp' 'xz') +declare -A file_permissions=() # Show an INFO message @@ -257,30 +258,23 @@ _make_pacman_conf() { # Prepare working directory and copy custom airootfs files (airootfs) _make_custom_airootfs() { local passwd=() + local filename permissions install -d -m 0755 -o 0 -g 0 -- "${airootfs_dir}" if [[ -d "${profile}/airootfs" ]]; then - _msg_info "Copying custom airootfs files and setting up user home directories..." - cp -af --no-preserve=ownership -- "${profile}/airootfs/." "${airootfs_dir}" - - [[ -e "${airootfs_dir}/etc/shadow" ]] && chmod -f 0400 -- "${airootfs_dir}/etc/shadow" - [[ -e "${airootfs_dir}/etc/gshadow" ]] && chmod -f 0400 -- "${airootfs_dir}/etc/gshadow" - - # Set up user home directories and permissions - if [[ -e "${airootfs_dir}/etc/passwd" ]]; then - while IFS=':' read -a passwd -r; do - [[ "${passwd[5]}" == '/' ]] && continue - [[ -z "${passwd[5]}" ]] && continue - - if [[ -d "${airootfs_dir}${passwd[5]}" ]]; then - chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}" - chmod -f 0750 -- "${airootfs_dir}${passwd[5]}" - else - install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${airootfs_dir}${passwd[5]}" - fi - done < "${airootfs_dir}/etc/passwd" - fi + _msg_info "Copying custom airootfs files..." + cp -af --no-preserve=ownership,mode -- "${profile}/airootfs/." "${airootfs_dir}" + # Set ownership and mode for files and directories + for filename in "${!file_permissions[@]}"; do + IFS=':' read -ra permissions <<< "${file_permissions["${filename}"]}" + if [[ -e "${airootfs_dir}${filename}" ]]; then + chown -fh -- "${permissions[0]}:${permissions[1]}" "${airootfs_dir}${filename}" + chmod -f -- "${permissions[2]}" "${airootfs_dir}${filename}" + else + _msg_warning "Cannot change permissions of '${airootfs_dir}${filename}'. The file or directory does not exist." + fi + done _msg_info "Done!" fi } @@ -318,10 +312,12 @@ _make_customize_airootfs() { (( passwd[2] >= 1000 && passwd[2] < 60000 )) || continue [[ "${passwd[5]}" == '/' ]] && continue [[ -z "${passwd[5]}" ]] && continue - cp -dnRT --preserve=mode,timestamps,links -- "${airootfs_dir}/etc/skel" "${airootfs_dir}${passwd[5]}" + if [[ ! -d "${airootfs_dir}${passwd[5]}" ]]; then + install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${airootfs_dir}${passwd[5]}" + fi + cp -dnRT --preserve=mode,timestamps,links -- "${airootfs_dir}/etc/skel/." "${airootfs_dir}${passwd[5]}" chmod -f 0750 -- "${airootfs_dir}${passwd[5]}" chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}" - done < "${profile}/airootfs/etc/passwd" _msg_info "Done!" fi @@ -329,6 +325,7 @@ _make_customize_airootfs() { if [[ -e "${airootfs_dir}/root/customize_airootfs.sh" ]]; then _msg_info "Running customize_airootfs.sh in '${airootfs_dir}' chroot..." _msg_warning "customize_airootfs.sh is deprecated! Support for it will be removed in a future archiso version." + chmod -f -- +x "${airootfs_dir}/root/customize_airootfs.sh" eval -- arch-chroot "${airootfs_dir}" "/root/customize_airootfs.sh" rm -- "${airootfs_dir}/root/customize_airootfs.sh" _msg_info "Done! customize_airootfs.sh run successfully." diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index 2efd38f..8705529 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -10,3 +10,6 @@ install_dir="arch" bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito') arch="x86_64" pacman_conf="pacman.conf" +file_permissions=( + ["/etc/shadow"]="0:0:400" +) diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh index 2e74e5f..051a390 100644 --- a/configs/releng/profiledef.sh +++ b/configs/releng/profiledef.sh @@ -11,3 +11,11 @@ bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.e arch="x86_64" pacman_conf="pacman.conf" airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M') +file_permissions=( + ["/etc/shadow"]="0:0:400" + ["/root"]="0:0:750" + ["/root/.automated_script.sh"]="0:0:750" + ["/usr/local/bin/choose-mirror"]="0:0:755" + ["/usr/local/bin/Installation_guide"]="0:0:755" + ["/usr/local/bin/livecd-sound"]="0:0:755" +) -- cgit v1.2.3-70-g09d2 From a178ff44bc9cf00918bb23b1e5f0a0c2395f47e9 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sat, 26 Dec 2020 20:11:06 +0200 Subject: profiledef.sh: Remove www. from archlinux.org See https://lists.archlinux.org/pipermail/arch-devops/2020-December/000474.html . --- configs/baseline/profiledef.sh | 2 +- configs/releng/profiledef.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'configs/baseline/profiledef.sh') diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index 8705529..688a354 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -3,7 +3,7 @@ iso_name="archlinux-baseline" iso_label="ARCH_$(date +%Y%m)" -iso_publisher="Arch Linux " +iso_publisher="Arch Linux " iso_application="Arch Linux baseline" iso_version="$(date +%Y.%m.%d)" install_dir="arch" diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh index d046c9c..2d45ebd 100644 --- a/configs/releng/profiledef.sh +++ b/configs/releng/profiledef.sh @@ -3,7 +3,7 @@ iso_name="archlinux" iso_label="ARCH_$(date +%Y%m)" -iso_publisher="Arch Linux " +iso_publisher="Arch Linux " iso_application="Arch Linux Live/Rescue CD" iso_version="$(date +%Y.%m.%d)" install_dir="arch" -- cgit v1.2.3-70-g09d2 From 221a9211e59653db166b08ce49a1a33fa80ee6a4 Mon Sep 17 00:00:00 2001 From: Michael Vorburger Date: Tue, 29 Dec 2020 21:30:55 +0100 Subject: use same airootfs_image_tool_options in baseline as in releng --- configs/baseline/profiledef.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'configs/baseline/profiledef.sh') diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index 688a354..de9edfa 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -10,6 +10,7 @@ install_dir="arch" bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito') arch="x86_64" pacman_conf="pacman.conf" +airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M') file_permissions=( ["/etc/shadow"]="0:0:400" ) -- cgit v1.2.3-70-g09d2 From bc67933af14c28eb385b537a6afa3aa6e458af59 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sat, 24 Oct 2020 15:53:57 +0300 Subject: Support EROFS EROFS, like Squashfs, is a read-only file system. It can be used to store airootfs in an image file. Its advantage is the support for POSIX ACLs. EROFS downside is that currently it only supports LZ4 compression (LZMA support is not yet fully implemented). A difference from Squashfs is that, EROFS stores change time (ctime) not modification time (mtime). The reverse is true for Squashfs. Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/59 --- README.profile.rst | 8 +++--- archiso/initcpio/hooks/archiso | 45 +++++++++++++++++++++++++++++---- archiso/initcpio/hooks/archiso_pxe_http | 10 ++++++-- archiso/mkarchiso | 32 +++++++++++++++++++++-- configs/baseline/profiledef.sh | 1 + configs/releng/profiledef.sh | 1 + 6 files changed, 85 insertions(+), 12 deletions(-) (limited to 'configs/baseline/profiledef.sh') diff --git a/README.profile.rst b/README.profile.rst index 6541bd7..7680628 100644 --- a/README.profile.rst +++ b/README.profile.rst @@ -49,9 +49,11 @@ The image file is constructed from some of the variables in **profiledef.sh**: ` - `squashfs`: Create a squashfs image directly from the airootfs work directory - `ext4+squashfs`: Create an ext4 partition, copy the airootfs work directory to it and create a squashfs image from it -* `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. Currently only - `mksquashfs` is supported - see `mksquashfs --help` for all possible options (defaults to `('-comp' 'xz')`). - - `file_permissions`: An associative array that lists files and/or directories who need specific ownership or + - `erofs`: Create an EROFS image for the airootfs work directory +* `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. `mksquashfs` and + `mkfs.erofs` are supported. See `mksquashfs --help` or `mkfs.erofs --help` for all possible options (defaults to + `('-comp' 'xz')` for squashfs). +* `file_permissions`: An associative array that lists files and/or directories who need specific ownership or permissions. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and access mode. E.g. `file_permissions=(["/etc/shadow"]="0:0:400")`. diff --git a/archiso/initcpio/hooks/archiso b/archiso/initcpio/hooks/archiso index bf98332..1b848ce 100644 --- a/archiso/initcpio/hooks/archiso +++ b/archiso/initcpio/hooks/archiso @@ -81,12 +81,36 @@ _mnt_sfs() { _mnt_dev "${sfs_dev}" "${mnt}" "-r" "defaults" } +# args: /path/to/image_file, mountpoint +_mnt_erofs() { + local img="${1}" + local mnt="${2}" + local img_fullname="${img##*/}" + local erofs_dev + + # shellcheck disable=SC2154 + # defined via initcpio's parse_cmdline() + if [ "${copytoram}" = "y" ]; then + msg -n ":: Copying EROFS image to RAM..." + if ! cp -- "${img}" "/run/archiso/copytoram/${img_fullname}" ; then + echo "ERROR: while copy '${img}' to '/run/archiso/copytoram/${img_fullname}'" + launch_interactive_shell + fi + img="/run/archiso/copytoram/${img_fullname}" + msg "done." + fi + erofs_dev="$(losetup --find --show --read-only -- "${img}")" + echo "${erofs_dev}" >> /run/archiso/used_block_devices + _mnt_dev "${erofs_dev}" "${mnt}" "-r" "defaults" "erofs" +} + # args: device, mountpoint, flags, opts _mnt_dev() { local dev="${1}" local mnt="${2}" local flg="${3}" local opts="${4}" + local fstype="${5:-auto}" mkdir -p "${mnt}" @@ -99,7 +123,7 @@ _mnt_dev() { launch_interactive_shell done - if mount -o "${opts}" "${flg}" "${dev}" "${mnt}"; then + if mount -t "${fstype}" -o "${opts}" "${flg}" "${dev}" "${mnt}"; then msg ":: Device '${dev}' mounted successfully." else echo "ERROR; Failed to mount '${dev}'" @@ -120,8 +144,9 @@ _verify_checksum() { _verify_signature() { local _status + local sigfile="${1}" cd "/run/archiso/bootmnt/${archisobasedir}/${arch}" || exit 1 - gpg --homedir /gpg --status-fd 1 --verify airootfs.sfs.sig 2>/dev/null | grep -qE '^\[GNUPG:\] GOODSIG' + gpg --homedir /gpg --status-fd 1 --verify "${sigfile}" 2>/dev/null | grep -qE '^\[GNUPG:\] GOODSIG' _status=$? cd -- "${OLDPWD}" || exit 1 return ${_status} @@ -160,6 +185,7 @@ run_hook() { # args: /path/to/newroot archiso_mount_handler() { local newroot="${1}" + local sigfile if ! mountpoint -q "/run/archiso/bootmnt"; then _mnt_dev "${archisodevice}" "/run/archiso/bootmnt" "-r" "defaults" @@ -190,15 +216,20 @@ archiso_mount_handler() { # defined via initcpio's parse_cmdline() if [ "${verify}" = "y" ]; then if [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs.sig" ]; then + sigfile="airootfs.sfs.sig" + elif [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs.sig" ]; then + sigfile="airootfs.erofs.sig" + fi + if [ -n "${sigfile}" ]; then msg -n ":: Signature verification requested, please wait..." - if _verify_signature; then + if _verify_signature "${sigfile}"; then msg "done. Signature is OK, continue booting." else echo "ERROR: one or more files are corrupted" launch_interactive_shell fi else - echo "ERROR: verify=y option specified but ${archisobasedir}/${arch}/airootfs.sfs.sig not found" + echo "ERROR: verify=y option specified but GPG signature not found in ${archisobasedir}/${arch}/" launch_interactive_shell fi fi @@ -221,7 +252,11 @@ archiso_mount_handler() { mkdir -p "/run/archiso/cowspace/${cow_directory}" chmod 0700 "/run/archiso/cowspace/${cow_directory}" - _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" "/run/archiso/airootfs" + if [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" ]; then + _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" "/run/archiso/airootfs" + elif [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs" ]; then + _mnt_erofs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs" "/run/archiso/airootfs" + fi if [ -f "/run/archiso/airootfs/airootfs.img" ]; then _mnt_dmsnapshot "/run/archiso/airootfs/airootfs.img" "${newroot}" "/" else diff --git a/archiso/initcpio/hooks/archiso_pxe_http b/archiso/initcpio/hooks/archiso_pxe_http index efae923..43b8b4b 100644 --- a/archiso/initcpio/hooks/archiso_pxe_http +++ b/archiso/initcpio/hooks/archiso_pxe_http @@ -39,6 +39,7 @@ _curl_get() { archiso_pxe_http_mount_handler () { newroot="${1}" + local img_type="sfs" msg ":: Mounting /run/archiso/httpspace (tmpfs) filesystem, size='${archiso_http_spc}'" mkdir -p "/run/archiso/httpspace" @@ -46,7 +47,12 @@ archiso_pxe_http_mount_handler () { # shellcheck disable=SC2154 # defined via initcpio's parse_cmdline() - _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs" "/${arch}" + if ! curl -L -f -o /dev/null -s -r 0-0 "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs"; then + if curl -L -f -o /dev/null -s -r 0-0 "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.erofs"; then + img_type="erofs" + fi + fi + _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.${img_type}" "/${arch}" # shellcheck disable=SC2154 # defined via initcpio's parse_cmdline() @@ -56,7 +62,7 @@ archiso_pxe_http_mount_handler () { # shellcheck disable=SC2154 # defined via initcpio's parse_cmdline() if [ "${verify}" = "y" ]; then - _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs.sig" "/${arch}" + _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.${img_type}.sig" "/${arch}" fi mkdir -p "/run/archiso/bootmnt" diff --git a/archiso/mkarchiso b/archiso/mkarchiso index 021bcfa..0d7c698 100755 --- a/archiso/mkarchiso +++ b/archiso/mkarchiso @@ -200,13 +200,30 @@ _mkairootfs_squashfs() { install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}" _msg_info "Creating SquashFS image, this may take some time..." _run_mksquashfs "${airootfs_dir}" +} + +# Makes an EROFS file system from a source directory. +_mkairootfs_erofs() { + local fsuuid + [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1 + + install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}" + local image_path="${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" + # Generate reproducible file system UUID from SOURCE_DATE_EPOCH + fsuuid="$(uuidgen --sha1 --namespace 93a870ff-8565-4cf3-a67b-f47299271a96 --name "${SOURCE_DATE_EPOCH}")" + _msg_info "Creating EROFS image, this may take some time..." + mkfs.erofs -U "${fsuuid}" "${airootfs_image_tool_options[@]}" -- "${image_path}" "${airootfs_dir}" _msg_info "Done!" } _mkchecksum() { _msg_info "Creating checksum file for self-test..." cd -- "${isofs_dir}/${install_dir}/${arch}" - sha512sum airootfs.sfs > airootfs.sha512 + if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then + sha512sum airootfs.sfs > airootfs.sha512 + elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then + sha512sum airootfs.erofs > airootfs.sha512 + fi cd -- "${OLDPWD}" _msg_info "Done!" } @@ -214,7 +231,11 @@ _mkchecksum() { _mksignature() { _msg_info "Signing SquashFS image..." cd -- "${isofs_dir}/${install_dir}/${arch}" - gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs + if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then + gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs + elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then + gpg --detach-sign --default-key "${gpg_key}" airootfs.erofs + fi cd -- "${OLDPWD}" _msg_info "Done!" } @@ -634,6 +655,13 @@ _validate_requirements_airootfs_image_type_ext4+squashfs() { _validate_requirements_airootfs_image_type_squashfs } +_validate_requirements_airootfs_image_type_erofs() { + if ! command -v mkfs.erofs; then + (( validation_error=validation_error+1 )) + _msg_error "Validating '${airootfs_image_type}': mkfs.erofs is not available on this host. Install 'erofs-utils'!" 0 + fi +} + # SYSLINUX El Torito _add_xorrisofs_options_bios.syslinux.eltorito() { xorrisofs_options+=( diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index de9edfa..7c89c0f 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -10,6 +10,7 @@ install_dir="arch" bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito') arch="x86_64" pacman_conf="pacman.conf" +airootfs_image_type="squashfs" airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M') file_permissions=( ["/etc/shadow"]="0:0:400" diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh index 2d45ebd..d5f8bcb 100644 --- a/configs/releng/profiledef.sh +++ b/configs/releng/profiledef.sh @@ -10,6 +10,7 @@ install_dir="arch" bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito') arch="x86_64" pacman_conf="pacman.conf" +airootfs_image_type="squashfs" airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M') file_permissions=( ["/etc/shadow"]="0:0:400" -- cgit v1.2.3-70-g09d2 From b7fd696e1ecc66fc8aae424b55d33cf5fbe48446 Mon Sep 17 00:00:00 2001 From: David Runge Date: Sun, 9 May 2021 11:30:06 +0200 Subject: baseline: Add buildmodes to profiledef.sh configs/baseline/profiledef.sh: Add `buildmodes` array with default entry for the 'iso' buildmode. --- configs/baseline/profiledef.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'configs/baseline/profiledef.sh') diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index 7c89c0f..ecea395 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -7,6 +7,7 @@ iso_publisher="Arch Linux " iso_application="Arch Linux baseline" iso_version="$(date +%Y.%m.%d)" install_dir="arch" +buildmodes=('iso') bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito') arch="x86_64" pacman_conf="pacman.conf" -- cgit v1.2.3-70-g09d2 From 0b94b049e900d75f3538917cffd9b19139418f1f Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sun, 14 Mar 2021 21:13:02 +0200 Subject: configs/baseline: use EROFS based image Showcase #59. --- configs/baseline/profiledef.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'configs/baseline/profiledef.sh') diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index ecea395..d376516 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -11,8 +11,8 @@ buildmodes=('iso') bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito') arch="x86_64" pacman_conf="pacman.conf" -airootfs_image_type="squashfs" -airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M') +airootfs_image_type="erofs" +airootfs_image_tool_options=('-zlz4hc,12') file_permissions=( ["/etc/shadow"]="0:0:400" ) -- cgit v1.2.3-70-g09d2