From 43d8518d8b20e799238fe8918ef0cad2edfb3b7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= Date: Mon, 17 Feb 2025 15:15:24 +0100 Subject: [PATCH] silly uki image with the systemd-ukify tooling --- flake.nix | 141 +++++++++++++++++++++++++++++++++++++++++++- systemd/default.nix | 7 +-- 2 files changed, 141 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index 6a4e60f..4f004d2 100644 --- a/flake.nix +++ b/flake.nix @@ -15,16 +15,153 @@ flake-utils.lib.eachDefaultSystem ( system: let - pkgs = import nixpkgs { inherit system; }; + pkgs = import nixpkgs { + inherit system; + }; in { packages = { default = self.packages.${system}.image; + + glibc = pkgs.stdenv.mkDerivation { + src = pkgs.fetchurl { + url = "mirror://gnu/glibc/glibc-2.40.tar.xz"; + sha256 = "sha256-GaiQF16SY9dI9ieZPeb0sa+c0h4D8IDkv7Oh+sECBaI="; + }; + name = "glibcStandalone"; + enableParallelBuilding = true; + configureFlags = [ + "--prefix=/" + "--libdir=/lib" + "--bindir=/bin" + "--sysconfdir=/etc" + ]; + preConfigure = + '' + export PWD_P=$(type -tP pwd) + for i in configure io/ftwtest-sh; do + sed -i "$i" -e "s^/bin/pwd^$PWD_P^g" + done + + mkdir ../build + cd ../build + + configureScript="`pwd`/../$sourceRoot/configure" + ''; + nativeBuildInputs = [ pkgs.bison pkgs.python3Minimal]; + + outputs = [ + "out" + ]; + preInstall = '' + export DESTDIR=${placeholder "out"} + ''; + }; + image = pkgs.writeShellScriptBin "image" '' - echo "make image here..." + echo "make UKI..." + echo ${self.packages.${system}.kernel.kernel}/bzImage + ${self.packages.${system}.systemd.out}/usr/bin/ukify build \ + --linux ${self.packages.${system}.kernel.kernel}/bzImage \ + --initrd ./initrd.gz \ + --cmdline "console=ttyS0" \ + -o patos.efi ''; kernel = pkgs.callPackage ./kernel { }; + mkinitrd = pkgs.writeShellScriptBin "mkinitrd" '' + echo "make initrd..." + mkdir -p out + # copy systemd + cp -r ${self.packages.${system}.systemd.out}/* out/ + pushd out + + chmod 755 etc usr/lib + + mkdir -p dev proc sys tmp root + ln -sf usr/bin bin + ln -sf usr/sbin sbin + ln -sf usr/lib lib + ln -sf usr/lib lib64 + + ln -sf ../proc/self/mounts etc/mtab + ln -sf usr/lib/systemd/systemd init + + ln -sf systemd/libsystemd-core-257.so usr/lib/ + ln -sf systemd/libsystemd-shared-257.so usr/lib/ + + echo patos > ./etc/hostname + cat < ./etc/os-release + NAME="Patos" + PRETTY_NAME="Patos Platform" + ID=patos + EOF + + cat < ./etc/passwd + root::0:0:root:/root:/bin/sh + bin:x:1:1:bin:/bin:/usr/bin/nologin + daemon:x:2:2:daemon:/:/usr/bin/nologin + mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin + ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin + http:x:33:33:http:/srv/http:/usr/bin/nologin + uuidd:x:68:68:uuidd:/:/usr/bin/nologin + dbus:x:81:81:dbus:/:/usr/bin/nologin + nobody:x:99:99:nobody:/:/usr/bin/nologin + EOF + chmod 644 ./etc/passwd + + cat < ./etc/group + root:x:0:root + bin:x:1:root,bin,daemon + daemon:x:2:root,bin,daemon + sys:x:3:root,bin + adm:x:4:root,daemon + tty:x:5: + disk:x:6:root + lp:x:7:daemon + mem:x:8: + kmem:x:9: + wheel:x:10:root + ftp:x:11: + mail:x:12: + uucp:x:14: + log:x:19:root + utmp:x:20: + locate:x:21: + rfkill:x:24: + smmsp:x:25: + proc:x:26: + http:x:33: + games:x:50: + lock:x:54: + uuidd:x:68: + dbus:x:81: + network:x:90: + video:x:91: + audio:x:92: + optical:x:93: + floppy:x:94: + storage:x:95: + scanner:x:96: + input:x:97: + power:x:98: + nobody:x:99: + EOF + chmod 644 ./etc/group + + # get shared libs + find . -type f -executable | xargs ldd | awk '{print $3}' | grep -v systemd | sort -u | xargs cp -t usr/lib + find . -type f -executable | xargs chmod 755 + + # FIXME: hacky patch elf patching. Is there a better way???????? + find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-rpath /lib {} 2> /dev/null + find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-interpreter /lib/ld-linux-x86-64.so.2 {} 2> /dev/null + cp ${self.packages.${system}.glibc.out}/lib/ld-linux-x86-64.so.2 lib/ + ${pkgs.lib.getExe pkgs.patchelf} --remove-rpath lib/ld-linux-x86-64.so.2 + + # gen initrd + find . -print0 | ${pkgs.lib.getExe pkgs.cpio} --null --owner=root:root -o --format=newc | ${pkgs.lib.getExe pkgs.gzip} -9 > ../initrd.gz + ''; systemd = pkgs.callPackage ./systemd { }; }; diff --git a/systemd/default.nix b/systemd/default.nix index 99e4684..a9ae6e8 100644 --- a/systemd/default.nix +++ b/systemd/default.nix @@ -137,9 +137,6 @@ stdenv.mkDerivation (finalAttrs: { postPatch = '' - substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" - '' - + '' substituteInPlace meson.build \ --replace "find_program('clang'" "find_program('${stdenv.cc.targetPrefix}clang'" '' @@ -150,7 +147,7 @@ stdenv.mkDerivation (finalAttrs: { "'${targetPackages.stdenv.cc.bintools.targetPrefix}readelf'" \ --replace \ "/usr/lib/systemd/boot/efi" \ - "$out/lib/systemd/boot/efi" + "$out/usr/lib/systemd/boot/efi" '' # Finally, patch shebangs in scripts used at build time. This must not patch # scripts that will end up in the output, to avoid build platform references @@ -171,7 +168,7 @@ stdenv.mkDerivation (finalAttrs: { "--sysconfdir=/etc" "--localstatedir=/var" "--libdir=/usr/lib" - "--bindir=/bin" + "--bindir=/usr/bin" "--includedir=/usr/include" "--localedir=/usr/share/locale"