From 6c859dbaa866693f0bd50614b0e4140f21663a4e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Mon, 17 Feb 2025 15:15:24 +0100
Subject: [PATCH 1/2] silly uki image with the systemd-ukify tooling
---
.gitignore | 2 +
flake.nix | 103 +++++++++++++++++++++++++++++++++++++++++++-
glibc/default.nix | 57 ++++++++++++++++++++++++
systemd/default.nix | 7 +--
4 files changed, 163 insertions(+), 6 deletions(-)
create mode 100644 glibc/default.nix
diff --git a/.gitignore b/.gitignore
index 08acf41..6833589 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,8 @@
.task
/result
/target
+/out
+/initrd.gz
.*.swp
.*.swo
.nixos-test-history
diff --git a/flake.nix b/flake.nix
index 6a4e60f..b8d7461 100644
--- a/flake.nix
+++ b/flake.nix
@@ -21,11 +21,112 @@
packages = {
default = self.packages.${system}.image;
image = pkgs.writeShellScriptBin "image" ''
- echo "make image here..."
+ echo "make UKI..."
+ echo ${self.packages.${system}.kernel.kernel}/bzImage
+ ${self.packages.${system}.systemd.out}/usr/bin/ukify build \
+ --linux ${self.packages.${system}.kernel.kernel}/bzImage \
+ --initrd ./initrd.gz \
+ --cmdline "console=ttyS0" \
+ -o patos.efi
'';
kernel = pkgs.callPackage ./kernel { };
+ glibc = pkgs.callPackage ./glibc { };
systemd = pkgs.callPackage ./systemd { };
+
+ mkinitrd = pkgs.writeShellScriptBin "mkinitrd" ''
+ echo "make initrd..."
+ mkdir -p out
+ # copy systemd
+ cp -r ${self.packages.${system}.systemd.out}/* out/
+ pushd out
+
+ chmod 755 etc usr/lib
+
+ mkdir -p dev proc sys tmp root
+ ln -sf usr/bin bin
+ ln -sf usr/sbin sbin
+ ln -sf usr/lib lib
+ ln -sf usr/lib lib64
+
+ ln -sf ../proc/self/mounts etc/mtab
+ ln -sf usr/lib/systemd/systemd init
+
+ ln -sf systemd/libsystemd-core-257.so usr/lib/
+ ln -sf systemd/libsystemd-shared-257.so usr/lib/
+
+ echo patos > ./etc/hostname
+ cat <<EOF > ./etc/os-release
+ NAME="Patos"
+ PRETTY_NAME="Patos Platform"
+ ID=patos
+ EOF
+
+ cat <<EOF > ./etc/passwd
+ root::0:0:root:/root:/bin/sh
+ bin:x:1:1:bin:/bin:/usr/bin/nologin
+ daemon:x:2:2:daemon:/:/usr/bin/nologin
+ mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin
+ ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin
+ http:x:33:33:http:/srv/http:/usr/bin/nologin
+ uuidd:x:68:68:uuidd:/:/usr/bin/nologin
+ dbus:x:81:81:dbus:/:/usr/bin/nologin
+ nobody:x:99:99:nobody:/:/usr/bin/nologin
+ EOF
+ chmod 644 ./etc/passwd
+
+ cat <<EOF > ./etc/group
+ root:x:0:root
+ bin:x:1:root,bin,daemon
+ daemon:x:2:root,bin,daemon
+ sys:x:3:root,bin
+ adm:x:4:root,daemon
+ tty:x:5:
+ disk:x:6:root
+ lp:x:7:daemon
+ mem:x:8:
+ kmem:x:9:
+ wheel:x:10:root
+ ftp:x:11:
+ mail:x:12:
+ uucp:x:14:
+ log:x:19:root
+ utmp:x:20:
+ locate:x:21:
+ rfkill:x:24:
+ smmsp:x:25:
+ proc:x:26:
+ http:x:33:
+ games:x:50:
+ lock:x:54:
+ uuidd:x:68:
+ dbus:x:81:
+ network:x:90:
+ video:x:91:
+ audio:x:92:
+ optical:x:93:
+ floppy:x:94:
+ storage:x:95:
+ scanner:x:96:
+ input:x:97:
+ power:x:98:
+ nobody:x:99:
+ EOF
+ chmod 644 ./etc/group
+
+ # get shared libs
+ find . -type f -executable | xargs ldd 2> /dev/null | awk '{print $3}' | grep -v systemd | sort -u | xargs cp -t usr/lib
+ find . -type f -executable | xargs chmod 755
+
+ # FIXME: hacky patch elf patching. Is there a better way????????
+ find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-rpath /lib {} 2> /dev/null
+ find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-interpreter /lib/ld-linux-x86-64.so.2 {} 2> /dev/null
+ cp ${self.packages.${system}.glibc.out}/lib/ld-linux-x86-64.so.2 lib/
+ ${pkgs.lib.getExe pkgs.patchelf} --remove-rpath lib/ld-linux-x86-64.so.2
+
+ # gen initrd
+ find . -print0 | ${pkgs.lib.getExe pkgs.cpio} --null --owner=root:root -o --format=newc | ${pkgs.lib.getExe pkgs.gzip} -9 > ../initrd.gz
+ '';
};
checks = {
diff --git a/glibc/default.nix b/glibc/default.nix
new file mode 100644
index 0000000..65bebc3
--- /dev/null
+++ b/glibc/default.nix
@@ -0,0 +1,57 @@
+{
+ fetchurl,
+ pkgs,
+ stdenv,
+
+ ...
+}:
+let
+ version = "2.40";
+ pname = "glibcStandalone";
+in
+stdenv.mkDerivation (finalAttrs: {
+ inherit version;
+
+ pname = pname;
+
+ src = fetchurl {
+ url = "mirror://gnu/glibc/glibc-${version}.tar.xz";
+ sha256 = "sha256-GaiQF16SY9dI9ieZPeb0sa+c0h4D8IDkv7Oh+sECBaI=";
+ };
+
+ enableParallelBuilding = true;
+
+ configureFlags = [
+ "--prefix=/"
+ "--libdir=/lib"
+ "--bindir=/bin"
+ "--sysconfdir=/etc"
+ ];
+
+ preConfigure =
+ ''
+ export PWD_P=$(type -tP pwd)
+ for i in configure io/ftwtest-sh; do
+ sed -i "$i" -e "s^/bin/pwd^$PWD_P^g"
+ done
+
+ mkdir ../build
+ cd ../build
+
+ configureScript="`pwd`/../$sourceRoot/configure"
+ '';
+
+ nativeBuildInputs = with pkgs; [
+ bison
+ python3Minimal
+ ];
+
+ outputs = [
+ "out"
+ ];
+
+ preInstall = ''
+ export DESTDIR=${placeholder "out"}
+ '';
+
+})
diff --git a/systemd/default.nix b/systemd/default.nix
index 99e4684..a9ae6e8 100644
--- a/systemd/default.nix
+++ b/systemd/default.nix
@@ -137,9 +137,6 @@ stdenv.mkDerivation (finalAttrs: {
postPatch =
''
- substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/"
- ''
- + ''
substituteInPlace meson.build \
--replace "find_program('clang'" "find_program('${stdenv.cc.targetPrefix}clang'"
''
@@ -150,7 +147,7 @@ stdenv.mkDerivation (finalAttrs: {
"'${targetPackages.stdenv.cc.bintools.targetPrefix}readelf'" \
--replace \
"/usr/lib/systemd/boot/efi" \
- "$out/lib/systemd/boot/efi"
+ "$out/usr/lib/systemd/boot/efi"
''
# Finally, patch shebangs in scripts used at build time. This must not patch
# scripts that will end up in the output, to avoid build platform references
@@ -171,7 +168,7 @@ stdenv.mkDerivation (finalAttrs: {
"--sysconfdir=/etc"
"--localstatedir=/var"
"--libdir=/usr/lib"
- "--bindir=/bin"
+ "--bindir=/usr/bin"
"--includedir=/usr/include"
"--localedir=/usr/share/locale"
From a044dcc277d086a8dbe2eb70f1aa5de5c090d27e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lars=20Sj=C3=B6strom?= <lars@radicore.se>
Date: Mon, 17 Feb 2025 15:15:24 +0100
Subject: [PATCH 2/2] silly uki image with the systemd-ukify tooling
---
.gitignore | 2 +
flake.nix | 103 +++++++++++++++++++++++++++++++++++++++++++-
glibc/default.nix | 57 ++++++++++++++++++++++++
systemd/default.nix | 18 +++++---
4 files changed, 174 insertions(+), 6 deletions(-)
create mode 100644 glibc/default.nix
diff --git a/.gitignore b/.gitignore
index 08acf41..6833589 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,8 @@
.task
/result
/target
+/out
+/initrd.gz
.*.swp
.*.swo
.nixos-test-history
diff --git a/flake.nix b/flake.nix
index 6a4e60f..b8d7461 100644
--- a/flake.nix
+++ b/flake.nix
@@ -21,11 +21,112 @@
packages = {
default = self.packages.${system}.image;
image = pkgs.writeShellScriptBin "image" ''
- echo "make image here..."
+ echo "make UKI..."
+ echo ${self.packages.${system}.kernel.kernel}/bzImage
+ ${self.packages.${system}.systemd.out}/usr/bin/ukify build \
+ --linux ${self.packages.${system}.kernel.kernel}/bzImage \
+ --initrd ./initrd.gz \
+ --cmdline "console=ttyS0" \
+ -o patos.efi
'';
kernel = pkgs.callPackage ./kernel { };
+ glibc = pkgs.callPackage ./glibc { };
systemd = pkgs.callPackage ./systemd { };
+
+ mkinitrd = pkgs.writeShellScriptBin "mkinitrd" ''
+ echo "make initrd..."
+ mkdir -p out
+ # copy systemd
+ cp -r ${self.packages.${system}.systemd.out}/* out/
+ pushd out
+
+ chmod 755 etc usr/lib
+
+ mkdir -p dev proc sys tmp root
+ ln -sf usr/bin bin
+ ln -sf usr/sbin sbin
+ ln -sf usr/lib lib
+ ln -sf usr/lib lib64
+
+ ln -sf ../proc/self/mounts etc/mtab
+ ln -sf usr/lib/systemd/systemd init
+
+ ln -sf systemd/libsystemd-core-257.so usr/lib/
+ ln -sf systemd/libsystemd-shared-257.so usr/lib/
+
+ echo patos > ./etc/hostname
+ cat <<EOF > ./etc/os-release
+ NAME="Patos"
+ PRETTY_NAME="Patos Platform"
+ ID=patos
+ EOF
+
+ cat <<EOF > ./etc/passwd
+ root::0:0:root:/root:/bin/sh
+ bin:x:1:1:bin:/bin:/usr/bin/nologin
+ daemon:x:2:2:daemon:/:/usr/bin/nologin
+ mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin
+ ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin
+ http:x:33:33:http:/srv/http:/usr/bin/nologin
+ uuidd:x:68:68:uuidd:/:/usr/bin/nologin
+ dbus:x:81:81:dbus:/:/usr/bin/nologin
+ nobody:x:99:99:nobody:/:/usr/bin/nologin
+ EOF
+ chmod 644 ./etc/passwd
+
+ cat <<EOF > ./etc/group
+ root:x:0:root
+ bin:x:1:root,bin,daemon
+ daemon:x:2:root,bin,daemon
+ sys:x:3:root,bin
+ adm:x:4:root,daemon
+ tty:x:5:
+ disk:x:6:root
+ lp:x:7:daemon
+ mem:x:8:
+ kmem:x:9:
+ wheel:x:10:root
+ ftp:x:11:
+ mail:x:12:
+ uucp:x:14:
+ log:x:19:root
+ utmp:x:20:
+ locate:x:21:
+ rfkill:x:24:
+ smmsp:x:25:
+ proc:x:26:
+ http:x:33:
+ games:x:50:
+ lock:x:54:
+ uuidd:x:68:
+ dbus:x:81:
+ network:x:90:
+ video:x:91:
+ audio:x:92:
+ optical:x:93:
+ floppy:x:94:
+ storage:x:95:
+ scanner:x:96:
+ input:x:97:
+ power:x:98:
+ nobody:x:99:
+ EOF
+ chmod 644 ./etc/group
+
+ # get shared libs
+ find . -type f -executable | xargs ldd 2> /dev/null | awk '{print $3}' | grep -v systemd | sort -u | xargs cp -t usr/lib
+ find . -type f -executable | xargs chmod 755
+
+ # FIXME: hacky patch elf patching. Is there a better way????????
+ find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-rpath /lib {} 2> /dev/null
+ find . -type f -executable -print | xargs -I {} ${pkgs.lib.getExe pkgs.patchelf} --set-interpreter /lib/ld-linux-x86-64.so.2 {} 2> /dev/null
+ cp ${self.packages.${system}.glibc.out}/lib/ld-linux-x86-64.so.2 lib/
+ ${pkgs.lib.getExe pkgs.patchelf} --remove-rpath lib/ld-linux-x86-64.so.2
+
+ # gen initrd
+ find . -print0 | ${pkgs.lib.getExe pkgs.cpio} --null --owner=root:root -o --format=newc | ${pkgs.lib.getExe pkgs.gzip} -9 > ../initrd.gz
+ '';
};
checks = {
diff --git a/glibc/default.nix b/glibc/default.nix
new file mode 100644
index 0000000..65bebc3
--- /dev/null
+++ b/glibc/default.nix
@@ -0,0 +1,57 @@
+{
+ fetchurl,
+ pkgs,
+ stdenv,
+
+ ...
+}:
+let
+ version = "2.40";
+ pname = "glibcStandalone";
+in
+stdenv.mkDerivation (finalAttrs: {
+ inherit version;
+
+ pname = pname;
+
+ src = fetchurl {
+ url = "mirror://gnu/glibc/glibc-${version}.tar.xz";
+ sha256 = "sha256-GaiQF16SY9dI9ieZPeb0sa+c0h4D8IDkv7Oh+sECBaI=";
+ };
+
+ enableParallelBuilding = true;
+
+ configureFlags = [
+ "--prefix=/"
+ "--libdir=/lib"
+ "--bindir=/bin"
+ "--sysconfdir=/etc"
+ ];
+
+ preConfigure =
+ ''
+ export PWD_P=$(type -tP pwd)
+ for i in configure io/ftwtest-sh; do
+ sed -i "$i" -e "s^/bin/pwd^$PWD_P^g"
+ done
+
+ mkdir ../build
+ cd ../build
+
+ configureScript="`pwd`/../$sourceRoot/configure"
+ '';
+
+ nativeBuildInputs = with pkgs; [
+ bison
+ python3Minimal
+ ];
+
+ outputs = [
+ "out"
+ ];
+
+ preInstall = ''
+ export DESTDIR=${placeholder "out"}
+ '';
+
+})
diff --git a/systemd/default.nix b/systemd/default.nix
index 99e4684..7537aeb 100644
--- a/systemd/default.nix
+++ b/systemd/default.nix
@@ -137,9 +137,6 @@ stdenv.mkDerivation (finalAttrs: {
postPatch =
''
- substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/"
- ''
- + ''
substituteInPlace meson.build \
--replace "find_program('clang'" "find_program('${stdenv.cc.targetPrefix}clang'"
''
@@ -150,7 +147,7 @@ stdenv.mkDerivation (finalAttrs: {
"'${targetPackages.stdenv.cc.bintools.targetPrefix}readelf'" \
--replace \
"/usr/lib/systemd/boot/efi" \
- "$out/lib/systemd/boot/efi"
+ "$out/usr/lib/systemd/boot/efi"
''
# Finally, patch shebangs in scripts used at build time. This must not patch
# scripts that will end up in the output, to avoid build platform references
@@ -171,7 +168,7 @@ stdenv.mkDerivation (finalAttrs: {
"--sysconfdir=/etc"
"--localstatedir=/var"
"--libdir=/usr/lib"
- "--bindir=/bin"
+ "--bindir=/usr/bin"
"--includedir=/usr/include"
"--localedir=/usr/share/locale"
@@ -191,6 +188,17 @@ stdenv.mkDerivation (finalAttrs: {
(lib.mesonOption "tty-gid" "3") # tty in NixOS has gid 3
(lib.mesonOption "kmod-path" "/bin/kmod")
+ (lib.mesonOption "debug-shell" "/bin/bash")
+ (lib.mesonOption "pamconfdir" "/etc/pam.d")
+ (lib.mesonOption "shellprofiledir" "/etc/profile.d")
+ (lib.mesonOption "dbuspolicydir" "/usr/share/dbus-1/system.d")
+ (lib.mesonOption "dbussessionservicedir" "/usr/share/dbus-1/services")
+ (lib.mesonOption "dbussystemservicedir" "/usr/share/dbus-1/system-services")
+ (lib.mesonOption "setfont-path" "/bin/setfont")
+ (lib.mesonOption "sulogin-path" "/bin/sulogin")
+ (lib.mesonOption "nologin-path" "/bin/nologin")
+ (lib.mesonOption "mount-path" "/bin/mount")
+ (lib.mesonOption "umount-path" "/bin/umount")
# SBAT
(lib.mesonOption "sbat-distro" "patos")