summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid P <megver83@parabola.nu>2021-03-14 17:05:52 -0300
committerDavid P <megver83@parabola.nu>2021-03-14 17:08:04 -0300
commit5425acb5427c39ae7333435c36fa2ca08852509d (patch)
tree0758f029810da984d9e29c5dfaf6ec6a785f370b
parent48ca0e2f0d7ff3e15184dc99148de128a847f4c3 (diff)
sync with archiso
imported changes: bc67933 Support EROFS 711ab4c archiso/initcpio/hooks/archiso: remove redundant /sfs/ from airootfs mount point parabolaiso: * make reflector NM dispatcher script executable in OpenRC profiles Signed-off-by: David P <megver83@parabola.nu>
-rw-r--r--README.profile.rst8
-rw-r--r--configs/baseline/profiledef.sh1
-rw-r--r--configs/lxde-openrc/profiledef.sh2
-rw-r--r--configs/releng-openrc/profiledef.sh2
-rw-r--r--configs/releng/profiledef.sh1
-rw-r--r--parabolaiso/initcpio/hooks/parabolaiso52
-rw-r--r--parabolaiso/initcpio/hooks/parabolaiso_pxe_http10
-rwxr-xr-xparabolaiso/mkparabolaiso33
8 files changed, 94 insertions, 15 deletions
diff --git a/README.profile.rst b/README.profile.rst
index 7eb2c81..f8c3bfa 100644
--- a/README.profile.rst
+++ b/README.profile.rst
@@ -51,9 +51,11 @@ The image file is constructed from some of the variables in **profiledef.sh**: `
- `squashfs`: Create a squashfs image directly from the airootfs work directory
- `ext4+squashfs`: Create an ext4 partition, copy the airootfs work directory to it and create a squashfs image from it
-* `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. Currently only
- `mksquashfs` is supported - see `mksquashfs --help` for all possible options (defaults to `('-comp' 'xz')`).
- - `file_permissions`: An associative array that lists files and/or directories who need specific ownership or
+ - `erofs`: Create an EROFS image for the airootfs work directory
+* `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. `mksquashfs` and
+ `mkfs.erofs` are supported. See `mksquashfs --help` or `mkfs.erofs --help` for all possible options (defaults to
+ `('-comp' 'xz')` for squashfs).
+* `file_permissions`: An associative array that lists files and/or directories who need specific ownership or
permissions. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and
access mode. E.g. `file_permissions=(["/etc/shadow"]="0:0:400")`.
diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh
index e51376d..b715404 100644
--- a/configs/baseline/profiledef.sh
+++ b/configs/baseline/profiledef.sh
@@ -10,6 +10,7 @@ install_dir="parabola"
bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
arch="x86_64"
pacman_conf="pacman.conf"
+airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
file_permissions=(
["/etc/shadow"]="0:0:400"
diff --git a/configs/lxde-openrc/profiledef.sh b/configs/lxde-openrc/profiledef.sh
index 173e46f..62f60d8 100644
--- a/configs/lxde-openrc/profiledef.sh
+++ b/configs/lxde-openrc/profiledef.sh
@@ -10,12 +10,14 @@ install_dir="parabola"
bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.refind.esp' 'uefi-x64.refind.eltorito')
arch="dual"
pacman_conf="pacman.conf"
+airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
file_permissions=(
["/etc/local.d/choose-mirror.start"]="0:0:755"
["/etc/local.d/etc-pacman.d-gnupg.start"]="0:0:755"
["/etc/local.d/livecd-talk.start"]="0:0:755"
["/etc/local.d/pacman-init.start"]="0:0:755"
+ ["/etc/NetworkManager/dispatcher.d/reflector"]="0:0:755"
["/etc/shadow"]="0:0:400"
["/root"]="0:0:750"
["/root/.automated_script.sh"]="0:0:755"
diff --git a/configs/releng-openrc/profiledef.sh b/configs/releng-openrc/profiledef.sh
index b97487b..1d01d56 100644
--- a/configs/releng-openrc/profiledef.sh
+++ b/configs/releng-openrc/profiledef.sh
@@ -10,12 +10,14 @@ install_dir="parabola"
bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.refind.esp' 'uefi-x64.refind.eltorito')
arch="dual"
pacman_conf="pacman.conf"
+airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
file_permissions=(
["/etc/local.d/choose-mirror.start"]="0:0:755"
["/etc/local.d/etc-pacman.d-gnupg.start"]="0:0:755"
["/etc/local.d/livecd-talk.start"]="0:0:755"
["/etc/local.d/pacman-init.start"]="0:0:755"
+ ["/etc/NetworkManager/dispatcher.d/reflector"]="0:0:755"
["/etc/shadow"]="0:0:400"
["/root"]="0:0:750"
["/root/.automated_script.sh"]="0:0:755"
diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh
index f55dcde..5ad616e 100644
--- a/configs/releng/profiledef.sh
+++ b/configs/releng/profiledef.sh
@@ -10,6 +10,7 @@ install_dir="parabola"
bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
arch="dual"
pacman_conf="pacman.conf"
+airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
file_permissions=(
["/etc/shadow"]="0:0:400"
diff --git a/parabolaiso/initcpio/hooks/parabolaiso b/parabolaiso/initcpio/hooks/parabolaiso
index 10ba4e5..8f532c3 100644
--- a/parabolaiso/initcpio/hooks/parabolaiso
+++ b/parabolaiso/initcpio/hooks/parabolaiso
@@ -81,12 +81,36 @@ _mnt_sfs() {
_mnt_dev "${sfs_dev}" "${mnt}" "-r" "defaults"
}
+# args: /path/to/image_file, mountpoint
+_mnt_erofs() {
+ local img="${1}"
+ local mnt="${2}"
+ local img_fullname="${img##*/}"
+ local erofs_dev
+
+ # shellcheck disable=SC2154
+ # defined via initcpio's parse_cmdline()
+ if [ "${copytoram}" = "y" ]; then
+ msg -n ":: Copying EROFS image to RAM..."
+ if ! cp -- "${img}" "/run/parabolaiso/copytoram/${img_fullname}" ; then
+ echo "ERROR: while copy '${img}' to '/run/parabolaiso/copytoram/${img_fullname}'"
+ launch_interactive_shell
+ fi
+ img="/run/parabolaiso/copytoram/${img_fullname}"
+ msg "done."
+ fi
+ erofs_dev="$(losetup --find --show --read-only -- "${img}")"
+ echo "${erofs_dev}" >> /run/parabolaiso/used_block_devices
+ _mnt_dev "${erofs_dev}" "${mnt}" "-r" "defaults" "erofs"
+}
+
# args: device, mountpoint, flags, opts
_mnt_dev() {
local dev="${1}"
local mnt="${2}"
local flg="${3}"
local opts="${4}"
+ local fstype="${5:-auto}"
mkdir -p "${mnt}"
@@ -99,7 +123,7 @@ _mnt_dev() {
launch_interactive_shell
done
- if mount -o "${opts}" "${flg}" "${dev}" "${mnt}"; then
+ if mount -t "${fstype}" -o "${opts}" "${flg}" "${dev}" "${mnt}"; then
msg ":: Device '${dev}' mounted successfully."
else
echo "ERROR; Failed to mount '${dev}'"
@@ -120,8 +144,9 @@ _verify_checksum() {
_verify_signature() {
local _status
+ local sigfile="${1}"
cd "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}" || exit 1
- gpg --homedir /gpg --status-fd 1 --verify airootfs.sfs.sig 2>/dev/null | grep -qE '^\[GNUPG:\] GOODSIG'
+ gpg --homedir /gpg --status-fd 1 --verify "${sigfile}" 2>/dev/null | grep -qE '^\[GNUPG:\] GOODSIG'
_status=$?
cd -- "${OLDPWD}" || exit 1
return ${_status}
@@ -160,6 +185,7 @@ run_hook() {
# args: /path/to/newroot
parabolaiso_mount_handler() {
local newroot="${1}"
+ local sigfile
if ! mountpoint -q "/run/parabolaiso/bootmnt"; then
_mnt_dev "${parabolaisodevice}" "/run/parabolaiso/bootmnt" "-r" "defaults"
@@ -190,15 +216,20 @@ parabolaiso_mount_handler() {
# defined via initcpio's parse_cmdline()
if [ "${verify}" = "y" ]; then
if [ -f "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}/airootfs.sfs.sig" ]; then
+ sigfile="airootfs.sfs.sig"
+ elif [ -f "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}/airootfs.erofs.sig" ]; then
+ sigfile="airootfs.erofs.sig"
+ fi
+ if [ -n "${sigfile}" ]; then
msg -n ":: Signature verification requested, please wait..."
- if _verify_signature; then
+ if _verify_signature "${sigfile}"; then
msg "done. Signature is OK, continue booting."
else
echo "ERROR: one or more files are corrupted"
launch_interactive_shell
fi
else
- echo "ERROR: verify=y option specified but ${parabolaisobasedir}/${arch}/airootfs.sfs.sig not found"
+ echo "ERROR: verify=y option specified but GPG signature not found in ${parabolaisobasedir}/${arch}/"
launch_interactive_shell
fi
fi
@@ -221,15 +252,20 @@ parabolaiso_mount_handler() {
mkdir -p "/run/parabolaiso/cowspace/${cow_directory}"
chmod 0700 "/run/parabolaiso/cowspace/${cow_directory}"
- _mnt_sfs "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}/airootfs.sfs" "/run/parabolaiso/sfs/airootfs"
- if [ -f "/run/parabolaiso/sfs/airootfs/airootfs.img" ]; then
- _mnt_dmsnapshot "/run/parabolaiso/sfs/airootfs/airootfs.img" "${newroot}" "/"
+ if [ -f "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}/airootfs.sfs" ]; then
+ _mnt_sfs "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}/airootfs.sfs" "/run/parabolaiso/airootfs"
+ elif [ -f "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}/airootfs.erofs" ]; then
+ _mnt_erofs "/run/parabolaiso/bootmnt/${parabolaisobasedir}/${arch}/airootfs.erofs" "/run/parabolaiso/airootfs"
+ fi
+ if [ -f "/run/parabolaiso/airootfs/airootfs.img" ]; then
+ _mnt_dmsnapshot "/run/parabolaiso/airootfs/airootfs.img" "${newroot}" "/"
else
- _mnt_overlayfs "/run/parabolaiso/sfs/airootfs" "${newroot}" "/"
+ _mnt_overlayfs "/run/parabolaiso/airootfs" "${newroot}" "/"
fi
if [ "${copytoram}" = "y" ]; then
umount -d /run/parabolaiso/bootmnt
+ rmdir /run/parabolaiso/bootmnt
fi
}
diff --git a/parabolaiso/initcpio/hooks/parabolaiso_pxe_http b/parabolaiso/initcpio/hooks/parabolaiso_pxe_http
index 1fbd921..68eaad6 100644
--- a/parabolaiso/initcpio/hooks/parabolaiso_pxe_http
+++ b/parabolaiso/initcpio/hooks/parabolaiso_pxe_http
@@ -39,6 +39,7 @@ _curl_get() {
parabolaiso_pxe_http_mount_handler () {
newroot="${1}"
+ local img_type="sfs"
msg ":: Mounting /run/parabolaiso/httpspace (tmpfs) filesystem, size='${parabolaiso_http_spc}'"
mkdir -p "/run/parabolaiso/httpspace"
@@ -46,7 +47,12 @@ parabolaiso_pxe_http_mount_handler () {
# shellcheck disable=SC2154
# defined via initcpio's parse_cmdline()
- _curl_get "${parabolaiso_http_srv}${parabolaisobasedir}/${arch}/airootfs.sfs" "/${arch}"
+ if ! curl -L -f -o /dev/null -s -r 0-0 "${parabolaiso_http_srv}${parabolaisobasedir}/${arch}/airootfs.sfs"; then
+ if curl -L -f -o /dev/null -s -r 0-0 "${parabolaiso_http_srv}${parabolaisobasedir}/${arch}/airootfs.erofs"; then
+ img_type="erofs"
+ fi
+ fi
+ _curl_get "${parabolaiso_http_srv}${parabolaisobasedir}/${arch}/airootfs.${img_type}" "/${arch}"
# shellcheck disable=SC2154
# defined via initcpio's parse_cmdline()
@@ -56,7 +62,7 @@ parabolaiso_pxe_http_mount_handler () {
# shellcheck disable=SC2154
# defined via initcpio's parse_cmdline()
if [ "${verify}" = "y" ]; then
- _curl_get "${parabolaiso_http_srv}${parabolaisobasedir}/${arch}/airootfs.sfs.sig" "/${arch}"
+ _curl_get "${parabolaiso_http_srv}${parabolaisobasedir}/${arch}/airootfs.${img_type}.sig" "/${arch}"
fi
mkdir -p "/run/parabolaiso/bootmnt"
diff --git a/parabolaiso/mkparabolaiso b/parabolaiso/mkparabolaiso
index 6d19778..6876396 100755
--- a/parabolaiso/mkparabolaiso
+++ b/parabolaiso/mkparabolaiso
@@ -211,15 +211,37 @@ _mkairootfs_squashfs() {
_mkchecksum() {
_msg_info "Creating checksum file for self-test..."
cd -- "${isofs_dir}/${install_dir}/${arch}"
- sha512sum airootfs.sfs > airootfs.sha512
+ if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then
+ sha512sum airootfs.sfs > airootfs.sha512
+ elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then
+ sha512sum airootfs.erofs > airootfs.sha512
+ fi
cd -- "${OLDPWD}"
_msg_info "Done!"
}
+# Makes an EROFS file system from a source directory.
+_mkairootfs_erofs() {
+ local fsuuid
+ [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1
+
+ install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
+ local image_path="${isofs_dir}/${install_dir}/${arch}/airootfs.erofs"
+ # Generate reproducible file system UUID from SOURCE_DATE_EPOCH
+ fsuuid="$(uuidgen --sha1 --namespace 93a870ff-8565-4cf3-a67b-f47299271a96 --name "${SOURCE_DATE_EPOCH}")"
+ _msg_info "Creating EROFS image, this may take some time..."
+ mkfs.erofs -U "${fsuuid}" "${airootfs_image_tool_options[@]}" -- "${image_path}" "${airootfs_dir}"
+ _msg_info "Done!"
+}
+
_mksignature() {
_msg_info "Signing SquashFS image..."
cd -- "${isofs_dir}/${install_dir}/${arch}"
- gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs
+ if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then
+ gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs
+ elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then
+ gpg --detach-sign --default-key "${gpg_key}" airootfs.erofs
+ fi
cd -- "${OLDPWD}"
_msg_info "Done!"
}
@@ -766,6 +788,13 @@ _validate_requirements_airootfs_image_type_ext4+squashfs() {
_validate_requirements_airootfs_image_type_squashfs
}
+_validate_requirements_airootfs_image_type_erofs() {
+ if ! command -v mkfs.erofs; then
+ (( validation_error=validation_error+1 ))
+ _msg_error "Validating '${airootfs_image_type}': mkfs.erofs is not available on this host. Install 'erofs-utils'!" 0
+ fi
+}
+
# SYSLINUX El Torito
_add_xorrisofs_options_bios.syslinux.eltorito() {
xorrisofs_options+=(