From e196cf729c066b585e0c89d4b29ec49e5507c219 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= Date: Tue, 25 Feb 2025 11:40:34 +0100 Subject: [PATCH] feat(image): switching root --- dbus-broker/default.nix | 1 + image/default.nix | 5 ++ image/mkimage.sh | 112 +++++++++++++++++++++++++++++++++++++--- rootfs/mkinitrd.sh | 50 +++++------------- rootfs/mkrootfs.sh | 12 ++++- 5 files changed, 135 insertions(+), 45 deletions(-) diff --git a/dbus-broker/default.nix b/dbus-broker/default.nix index cad66af..156c490 100644 --- a/dbus-broker/default.nix +++ b/dbus-broker/default.nix @@ -150,6 +150,7 @@ stdenv.mkDerivation (finalAttrs: { mkdir -p $out/usr/share cp -Pr ${pkgs.dbus.out}/share/* $out/usr/share/ cp ${pkgs.dbus.out}/etc/systemd/system/dbus.socket $out/usr/lib/systemd/system/ + mv $out/usr/lib/systemd/system/dbus-broker.service $out/usr/lib/systemd/system/dbus.service find $out/usr/share/ -type d -exec chmod 755 {} \; sed -i 's#/nix/store.*/share#/usr/share#' $out/usr/share/xml/dbus-1/catalog.xml sed -i 's#/nix/store.*/libexec#/usr/bin#' $out/usr/share/dbus-1/system.conf diff --git a/image/default.nix b/image/default.nix index 3d7049b..e116625 100644 --- a/image/default.nix +++ b/image/default.nix @@ -16,9 +16,11 @@ stdenvNoCC.mkDerivation (finalAttrs: { erofs-utils dosfstools mtools + e2fsprogs ]; env = { + # vfat options won't efi won't find the fs otherwise. SYSTEMD_REPART_MKFS_OPTIONS_VFAT = "-S 512 -c"; }; @@ -27,5 +29,8 @@ stdenvNoCC.mkDerivation (finalAttrs: { initrd = patosPkgs.initrd.out; rootfs = patosPkgs.rootfs.out; + #FIXME: use roothash instead of device. + kernelCmdLine = "root=/dev/sda2 console=ttyS0"; + builder = ./mkimage.sh; }) diff --git a/image/mkimage.sh b/image/mkimage.sh index 2ec259f..fc80f9d 100644 --- a/image/mkimage.sh +++ b/image/mkimage.sh @@ -9,17 +9,117 @@ mkdir rootfs cp -prP $rootfs/* rootfs/ find rootfs/ -type d -exec chmod 755 {} \; +# set default target to basic +mkdir rootfs/usr/lib/systemd/system/basic.target.wants +ln -sf basic.target rootfs/usr/lib/systemd/system/default.target + +# enable dbus +ln -sf ../dbus.service rootfs/usr/lib/systemd/system/basic.target.wants/dbus.service +ln -sf ../dbus.socket rootfs/usr/lib/systemd/system/sockets.target.wants/dbus.socket + +# generate machine-id +$systemd/usr/bin/systemd-machine-id-setup --root=rootfs/ + +cat < rootfs/etc/passwd +root::0:0:root:/root:/bin/sh +bin:x:1:1:bin:/bin:/usr/bin/nologin +daemon:x:2:2:daemon:/:/usr/bin/nologin +mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin +ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin +http:x:33:33:http:/srv/http:/usr/bin/nologin +uuidd:x:68:68:uuidd:/:/usr/bin/nologin +messagebus:x:81:81:messagebus:/:/usr/bin/nologin +nobody:x:99:99:nobody:/:/usr/bin/nologin +systemd-coredump:x:151:992::/var/empty:/usr/bin/nologin +systemd-network:x:152:152::/var/empty:/usr/bin/nologin +systemd-resolve:x:153:153::/var/empty:/usr/bin/nologin +systemd-timesync:x:154:154::/var/empty:/usr/bin/nologin +EOF +chmod 644 rootfs/etc/passwd + +cat < rootfs/etc/group +root:x:0:root +bin:x:1:root,bin,daemon +daemon:x:2:root,bin,daemon +sys:x:3:root,bin +adm:x:4:root,daemon +tty:x:5: +disk:x:6:root +lp:x:7:daemon +mem:x:8: +kmem:x:9: +wheel:x:10:root +ftp:x:11: +mail:x:12: +uucp:x:14: +log:x:19:root +utmp:x:20: +locate:x:21: +rfkill:x:24: +smmsp:x:25: +proc:x:26: +http:x:33: +games:x:50: +lock:x:54: +uuidd:x:68: +messagebus:x:81: +systemd-journal:x:62: +systemd-network:x:152: +systemd-resolve:x:153: +systemd-timesync:x:154: +systemd-oom:x:991: +systemd-coredump:x:992: +network:x:90: +video:x:91: +audio:x:92: +optical:x:93: +floppy:x:94: +storage:x:95: +scanner:x:96: +input:x:97: +power:x:98: +nobody:x:99: +EOF +chmod 644 rootfs/etc/group + +# FIXME: remove this later (just to get a shell in the initramfs) +cat < rootfs/usr/lib/systemd/system/demo.service +[Unit] +Description=Debug Shell (/bin/sulogin) +Conflicts=shutdown.target +Before=shutdown.target + +[Service] +Environment=HOME=/root +WorkingDirectory=/root +ExecStart=/bin/sulogin +Type=idle +StandardInput=tty-force +StandardOutput=inherit +StandardError=inherit +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes +Restart=always + +[Install] +WantedBy=basic.target +EOF +ln -sf ../demo.service rootfs/usr/lib/systemd/system/basic.target.wants/demo.service + + $systemd/usr/bin/ukify build \ - --os-release rootfs/etc/os-release \ --linux $kernel/bzImage \ --initrd $initrd/initrd.xz \ - --cmdline "console=ttyS0" \ - -o boot/patos-x64.efi + --os-release rootfs/etc/os-release \ + --stub $systemd/usr/lib/systemd/boot/efi/linuxx64.efi.stub \ + --cmdline "$kernelCmdLine" \ + -o boot/patos.efi cp ${systemd}/usr/lib/systemd/boot/efi/systemd-bootx64.efi boot/ echo "timeout 1" > boot/loader.conf -echo -e "title PatOS Platform\nefi /EFI/Linux/patos-linux.efi" > boot/patos.conf +echo -e "title PatOS Platform\nefi /EFI/Linux/patos.efi" > boot/patos.conf cat < repart.d/10-esp.conf [Partition] @@ -28,7 +128,7 @@ Format=vfat SizeMinBytes=96M SizeMaxBytes=96M CopyFiles=/boot/systemd-bootx64.efi:/EFI/BOOT/BOOTX64.EFI -CopyFiles=/boot/patos-x64.efi:/EFI/Linux/patos-linux.efi +CopyFiles=/boot/patos.efi:/EFI/Linux/patos.efi CopyFiles=/boot/loader.conf:/loader/loader.conf CopyFiles=/boot/patos.conf:/loader/entries/patos.conf EOF @@ -37,8 +137,8 @@ cat < repart.d/10-root.conf [Partition] Type=root Format=erofs -CopyFiles=/rootfs:/ Minimize=best +CopyFiles=/rootfs:/ SplitName=root EOF diff --git a/rootfs/mkinitrd.sh b/rootfs/mkinitrd.sh index 2fe7770..c634b73 100644 --- a/rootfs/mkinitrd.sh +++ b/rootfs/mkinitrd.sh @@ -10,21 +10,12 @@ find . -type d -exec chmod 755 {} \; ### create directories ln -sf ../usr/lib/systemd/systemd init -# set default target to basic -mkdir usr/lib/systemd/system/basic.target.wants -ln -sf basic.target usr/lib/systemd/system/default.target - -# enable dbus broker -ln -sf ../dbus-broker.service usr/lib/systemd/system/basic.target.wants/dbus-broker.service -ln -sf ../dbus.socket usr/lib/systemd/system/sockets.target.wants/dbus.socket +mkdir sysroot ### Create needed files echo patos > ./etc/hostname -cat < ./etc/os-release -NAME="PatOS" -PRETTY_NAME="PatOS Platform" -ID=patos -EOF + +ln -sf /etc/os-release ./etc/initrd-release cat < ./etc/passwd root::0:0:root:/root:/bin/sh @@ -36,6 +27,10 @@ http:x:33:33:http:/srv/http:/usr/bin/nologin uuidd:x:68:68:uuidd:/:/usr/bin/nologin messagebus:x:81:81:messagebus:/:/usr/bin/nologin nobody:x:99:99:nobody:/:/usr/bin/nologin +systemd-coredump:x:151:992::/var/empty:/usr/bin/nologin +systemd-network:x:152:152::/var/empty:/usr/bin/nologin +systemd-resolve:x:153:153::/var/empty:/usr/bin/nologin +systemd-timesync:x:154:154::/var/empty:/usr/bin/nologin EOF chmod 644 ./etc/passwd @@ -65,6 +60,12 @@ games:x:50: lock:x:54: uuidd:x:68: messagebus:x:81: +systemd-journal:x:62: +systemd-network:x:152: +systemd-resolve:x:153: +systemd-timesync:x:154: +systemd-oom:x:991: +systemd-coredump:x:992: network:x:90: video:x:91: audio:x:92: @@ -78,31 +79,6 @@ nobody:x:99: EOF chmod 644 ./etc/group -# FIXME: remove this later (just to get a shell in the initramfs) -cat < usr/lib/systemd/system/demo.service -[Unit] -Description=Debug Shell (/bin/sulogin) -Conflicts=shutdown.target -Before=shutdown.target - -[Service] -Environment=HOME=/root -WorkingDirectory=/root -ExecStart=/bin/sulogin -Type=idle -StandardInput=tty-force -StandardOutput=inherit -StandardError=inherit -KillMode=process -IgnoreSIGPIPE=no -SendSIGHUP=yes -Restart=always - -[Install] -WantedBy=basic.target -EOF -ln -sf ../demo.service usr/lib/systemd/system/basic.target.wants/demo.service - # gen initrd find . -print0 | cpio --null --owner=root:root -o --format=newc | xz -9 --check=crc32 > ../initrd.xz diff --git a/rootfs/mkrootfs.sh b/rootfs/mkrootfs.sh index b850129..68b6d44 100644 --- a/rootfs/mkrootfs.sh +++ b/rootfs/mkrootfs.sh @@ -1,7 +1,7 @@ set -ex -o pipefail mkdir -p $out -mkdir -p $out/etc $out/dev $out/proc $out/sys $out/tmp $out/root +mkdir -p $out/etc $out/dev $out/proc $out/sys $out/tmp $out/root $out/run $out/boot ln -sf ../usr/bin $out/bin ln -sf ../usr/bin $out/sbin ln -sf ../usr/lib $out/lib @@ -18,6 +18,15 @@ rm -f $out/usr/lib/systemd/system/sysinit.target.wants/systemd-firstboot.service # remove vconsole setup rm -f $out/usr/lib/udev/rules.d/90-vconsole.rules +cat < $out/etc/os-release +NAME="PatOS" +PRETTY_NAME="PatOS 0.0.1 (pre-alpha)" +ID=patos +VERSION="0.0.1 (pre-alpha)" +VERSION_CODENAME=pre-alpha +VERSION_ID="0.0.1" +EOF + ### install PatOS glibc cp -P $glibcPatos/lib/*.so* $out/usr/lib/ @@ -51,4 +60,3 @@ patchelf --remove-rpath $out/usr/lib/ld-linux-x86-64.so.2 # strip binaries find $out -type f -executable -exec strip {} \; find $out -type d -exec chmod 755 {} \; -