Patagia/patos
Patagia/patos
1
1
Code Issues 4 Pull requests 4 Activity
patos/pkgs/rootfs/mkrootfs.sh

224 lines
5.5 KiB
Bash
Raw Blame History

set -ex -o pipefail
### create directory structure
mkdir -p $out/etc/repart.d $out/dev $out/proc $out/sys \
$out/tmp $out/root $out/run $out/boot $out/mnt $out/home $out/srv $out/var/tmp
ln -sf /usr/bin $out/bin
ln -sf /usr/bin $out/sbin
ln -sf /usr/lib $out/lib
ln -sf /usr/lib $out/lib64
ln -sf ../proc/self/mounts $out/etc/mtab
### install systemd
echo "Installing systemd"
cp -Pr $systemd/* $out/
find $out -type d -exec chmod 755 {} \;
rm -rf $out/usr/include
rm -rf $out/usr/sbin
ln -sf /usr/bin $out/usr/sbin
rm -f $out/usr/lib/systemd/system/sysinit.target.wants/systemd-firstboot.service
rm -f $out/usr/lib/systemd/ukify
rm -f $out/usr/bin/ukify
rm -f $out/usr/lib/udev/rules.d/90-vconsole.rules
ln -s /run/systemd/resolve/stub-resolv.conf $out/etc/resolv.conf
cat <<EOF > $out/etc/os-release
NAME=PatOS
PRETTY_NAME=PatOS v${version} (Pre-Alpha)
IMAGE_ID=patos
ID=patos
IMAGE_VERSION=${version}
VERSION=${version}
VERSION_ID={version}
BUILD_ID={version}
EOF
cat <<EOF > $out/etc/issue
<<< Welcome to PatOS v${version} (Pre-Alpha) (\m) - \l >>>
EOF
# replace agetty with busybox getty
sed -i 's#ExecStart=.*#ExecStart=-/sbin/getty -L %I 115200 vt100#' $out/usr/lib/systemd/system/serial-getty@.service
sed -i 's#After=\(.*\)#After=sysroot.mount \1#' $out/usr/lib/systemd/system/systemd-repart.service
cat <<EOF > $out/etc/repart.d/10-esp.conf
[Partition]
Type=esp
Format=vfat
EOF
cat <<EOF > $out/etc/repart.d/22-root.conf
[Partition]
Type=root
EOF
mkdir $out/usr/lib/systemd/system/systemd-repart.service.d
cat <<EOF > $out/usr/lib/systemd/system/systemd-repart.service.d/override.conf
[Service]
ExecStart=
ExecStart=systemd-repart --dry-run=no --generate-crypttab=/etc/crypttab
EOF
cat <<EOF > $out/etc/repart.d/40-var.conf
[Partition]
Type=var
UUID=4d21b016-b534-45c2-a9fb-5c16e091fd2d
Format=btrfs
Label=patos-state
Minimize=off
Encrypt=tpm2
EncryptedVolume=patos-state:none:tpm2-device=auto,luks,discard
FactoryReset=yes
SizeMinBytes=1G
SplitName=-
EOF
# cat <<EOF > $out/usr/lib/systemd/system/var.mount
# [Unit]
# Description=Mount for /var
# Before=local-fs.target
# After=systemd-repart.service
#
# [Mount]
# What=/dev/mapper/patos-state
# Where=/var
# Type=btrfs
# Options=defaults
#
# [Install]
# WantedBy=multi-user.target
# EOF
cat <<EOF > $out/usr/lib/systemd/system/etc.mount
[Unit]
Description=Overlay mount for /etc
Before=local-fs.target
[Mount]
What=overlay
Where=/etc
Type=overlay
Options=lowerdir=/etc,upperdir=/run/.rw-etc/upper,workdir=/run/.rw-etc/work
[Install]
WantedBy=local-fs.target
EOF
### install PatOS glibc
cp -P $glibcPatos/lib/*.so* $out/usr/lib/
### install kernel modules
cp -r $kernel/lib/modules $out/usr/lib/
find $out/usr/lib/modules -type d -exec chmod 755 {} \;
### install busybox
cp $busybox/bin/busybox $out/usr/bin/
$out/usr/bin/busybox --list | xargs -I {} ln -sf busybox $out/usr/bin/{}
### install dbus broker
cp -r $dbusBroker/* $out/
### install kexec
cp -Pr ${kexec}/sbin/kexec $out/usr/bin/
### install dmsetup udev rules
cp -P ${lvm2}/usr/bin/dmsetup $out/usr/bin/
cp -P ${lvm2}/lib/libdevmapper.so* $out/usr/lib/
cp -P ${lvm2}/lib/udev/rules.d/* $out/usr/lib/udev/rules.d/
### install btrfs progs
cp -Pr ${btrfs}/bin/* $out/usr/bin/
cp -Pr ${btrfs}/lib/* $out/usr/lib/
### install tpm2 tools
cp -P ${tpm2Tools}/bin/* $out/usr/bin/
cp -P ${tpm2Libs}/lib/*.so* $out/usr/lib/
### install cryptsetup tools
cp -P $cryptsetup/bin/* $out/usr/bin/
### install lib kmod
cp -P $kmodLibs/lib/* $out/usr/lib
cp -P $kmodBin/bin/* $out/usr/bin
### install libbpf
cp -P $libbpf/lib/libbpf* $out/usr/lib
# remove pkgconfig
rm -rf $out/usr/lib/pkgconfig
cat <<EOF > $out/etc/passwd
root::0:0:root:/root:/bin/sh
bin:x:1:1:bin:/bin:/usr/bin/nologin
daemon:x:2:2:daemon:/:/usr/bin/nologin
mail:x:8:12:mail:/var/spool/mail:/usr/bin/nologin
ftp:x:14:11:ftp:/srv/ftp:/usr/bin/nologin
http:x:33:33:http:/srv/http:/usr/bin/nologin
uuidd:x:68:68:uuidd:/:/usr/bin/nologin
messagebus:x:81:81:messagebus:/:/usr/bin/nologin
nobody:x:99:99:nobody:/:/usr/bin/nologin
systemd-coredump:x:151:992::/var/empty:/usr/bin/nologin
systemd-network:x:152:152::/var/empty:/usr/bin/nologin
systemd-resolve:x:153:153::/var/empty:/usr/bin/nologin
systemd-timesync:x:154:154::/var/empty:/usr/bin/nologin
EOF
chmod 644 $out/etc/passwd
cat <<EOF > $out/etc/group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin
adm:x:4:root,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon
mem:x:8:
kmem:x:9:
wheel:x:10:root
ftp:x:11:
mail:x:12:
uucp:x:14:
log:x:19:root
utmp:x:20:
locate:x:21:
rfkill:x:24:
smmsp:x:25:
proc:x:26:
http:x:33:
games:x:50:
lock:x:54:
uuidd:x:68:
messagebus:x:81:
systemd-journal:x:62:
systemd-network:x:152:
systemd-resolve:x:153:
systemd-timesync:x:154:
systemd-oom:x:991:
systemd-coredump:x:992:
network:x:90:
video:x:91:
audio:x:92:
optical:x:93:
floppy:x:94:
storage:x:95:
scanner:x:96:
input:x:97:
power:x:98:
nobody:x:99:
EOF
chmod 644 $out/etc/group
### Find and install all shared libs
find $out -type f -executable -exec ldd {} \; | awk '{print $3}' | grep -v systemd | grep -v glibc | grep -v tpm2 | grep -v devmapper | sort -u | xargs -I {} cp {} $out/usr/lib/
find $out -type f -executable -exec chmod 755 {} \;
# FIXME: ELF patching. Is there a better way?
find $out -type f -executable -exec patchelf --set-rpath /lib:/usr/lib:/usr/lib/systemd:/usr/lib/cryptsetup {} \;
find $out -type f -executable -exec patchelf --set-interpreter /lib/ld-linux-x86-64.so.2 {} \;
patchelf --remove-rpath $out/usr/lib/ld-linux-x86-64.so.2
# strip binaries
find $out -type f -executable -exec strip {} \;
find $out -type d -exec chmod 755 {} \;
Reference in a new issue View git blame Copy permalink