summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.profile.rst21
-rw-r--r--configs/baseline/isolinux/isolinux.cfg9
-rw-r--r--configs/baseline/profiledef.sh3
-rw-r--r--configs/baseline/syslinux/syslinux-linux-libre.cfg4
-rw-r--r--configs/baseline/syslinux/syslinux.cfg4
-rw-r--r--configs/lxde-openrc/isolinux/isolinux.cfg6
-rw-r--r--configs/lxde-openrc/profiledef.sh8
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso.cfg14
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_head.cfg4
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg12
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg12
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_pxe_32_inc.cfg6
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_pxe_both_inc.cfg8
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_pxe_choose.cfg6
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg4
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg4
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_sys_32_inc.cfg6
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_sys_both_inc.cfg8
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_sys_choose.cfg6
-rw-r--r--configs/lxde-openrc/syslinux/parabolaiso_tail.cfg12
-rw-r--r--configs/lxde-openrc/syslinux/syslinux.cfg14
-rw-r--r--configs/releng-openrc/isolinux/isolinux.cfg6
-rw-r--r--configs/releng-openrc/profiledef.sh8
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso.cfg14
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_head.cfg4
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg12
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg12
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_pxe_32_inc.cfg6
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_pxe_both_inc.cfg8
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_pxe_choose.cfg6
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg4
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg4
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_sys_32_inc.cfg6
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_sys_both_inc.cfg8
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_sys_choose.cfg6
-rw-r--r--configs/releng-openrc/syslinux/parabolaiso_tail.cfg12
-rw-r--r--configs/releng-openrc/syslinux/syslinux.cfg14
-rw-r--r--configs/releng/isolinux/isolinux.cfg9
-rw-r--r--configs/releng/profiledef.sh8
-rw-r--r--configs/releng/syslinux/parabolaiso.cfg14
-rw-r--r--configs/releng/syslinux/parabolaiso_head.cfg4
-rw-r--r--configs/releng/syslinux/parabolaiso_pxe32-linux-libre.cfg12
-rw-r--r--configs/releng/syslinux/parabolaiso_pxe64-linux-libre.cfg12
-rw-r--r--configs/releng/syslinux/parabolaiso_pxe_32_inc.cfg6
-rw-r--r--configs/releng/syslinux/parabolaiso_pxe_both_inc.cfg8
-rw-r--r--configs/releng/syslinux/parabolaiso_pxe_choose.cfg6
-rw-r--r--configs/releng/syslinux/parabolaiso_sys32-linux-libre.cfg8
-rw-r--r--configs/releng/syslinux/parabolaiso_sys64-linux-libre.cfg8
-rw-r--r--configs/releng/syslinux/parabolaiso_sys_32_inc.cfg6
-rw-r--r--configs/releng/syslinux/parabolaiso_sys_both_inc.cfg8
-rw-r--r--configs/releng/syslinux/parabolaiso_sys_choose.cfg6
-rw-r--r--configs/releng/syslinux/parabolaiso_tail.cfg12
-rw-r--r--configs/releng/syslinux/syslinux.cfg15
-rwxr-xr-xparabolaiso/mkparabolaiso132
54 files changed, 259 insertions, 316 deletions
diff --git a/README.profile.rst b/README.profile.rst
index a34d557..7eb2c81 100644
--- a/README.profile.rst
+++ b/README.profile.rst
@@ -9,7 +9,6 @@ A parabolaiso profile consists of several configuration files and a directory fo
profile
|- airootfs/
|- efiboot/
- |- isolinux/
|- syslinux/
|- packages.arch
|- pacman.conf
@@ -54,6 +53,9 @@ The image file is constructed from some of the variables in **profiledef.sh**: `
- `ext4+squashfs`: Create an ext4 partition, copy the airootfs work directory to it and create a squashfs image from it
* `airootfs_image_tool_options`: An array of options to pass to the tool to create the airootfs image. Currently only
`mksquashfs` is supported - see `mksquashfs --help` for all possible options (defaults to `('-comp' 'xz')`).
+ - `file_permissions`: An associative array that lists files and/or directories who need specific ownership or
+ permissions. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and
+ access mode. E.g. `file_permissions=(["/etc/shadow"]="0:0:400")`.
packages.arch
=============
@@ -94,8 +96,9 @@ airootfs
This - optional - directory may contain files and directories that will be copied to the work directory of the resulting
image's root filesystem.
The files are copied before packages are being installed to work directory location.
-Ownership of files and directories from the profile's `airootfs` directory are not preserved (permissions are currently
-the same as in the profile's `airootfs` - see `#61 <https://gitlab.archlinux.org/archlinux/archiso/-/issues/73>`_).
+Ownership and permissions of files and directories from the profile's `airootfs` directory are not preserved. The mode
+will be `644` for files and `755` for directories, all of them will be owned by root. To set custom ownership and/or
+permissions, use `file_permissions` in **profiledef.sh**.
With this overlay structure it is possible to e.g. create users and set passwords for them, by providing
`airootfs/etc/passwd`, `airootfs/etc/shadow`, `airootfs/etc/gshadow` (see `man 5 passwd`, `man 5 shadow` and `man 5
@@ -134,21 +137,13 @@ The *custom template identifiers* are **only** understood in the boot loader ent
The same happens when the `uefi-x64.refind.esp` or `uefi-x64.refind.eltorito` bootmodes are selected.
-isolinux
---------
-
-This directory is mandatory when the `bios.syslinux.eltorito` bootmode is selected in **profiledef.sh**.
-It contains configuration for `isolinux <https://wiki.syslinux.org/wiki/index.php?title=ISOLINUX>`_ used in the resuling
-image.
-
-The *custom template identifiers* are understood in all `.cfg` files in this directory.
-
syslinux
--------
This directory is mandatory when the `bios.syslinux.mbr` or the `bios.syslinux.eltorito` bootmodes are selected in
**profiledef.sh**.
-It contains configuration files for `syslinux <https://wiki.syslinux.org/wiki/index.php?title=SYSLINUX>`_ or `pxelinux
+It contains configuration files for `syslinux <https://wiki.syslinux.org/wiki/index.php?title=SYSLINUX>`_ or `isolinux
+<https://wiki.syslinux.org/wiki/index.php?title=ISOLINUX>`_ , or `pxelinux
<https://wiki.syslinux.org/wiki/index.php?title=PXELINUX>`_ used in the resuling image.
The *custom template identifiers* are understood in all `.cfg` files in this directory.
diff --git a/configs/baseline/isolinux/isolinux.cfg b/configs/baseline/isolinux/isolinux.cfg
deleted file mode 100644
index e078ce3..0000000
--- a/configs/baseline/isolinux/isolinux.cfg
+++ /dev/null
@@ -1,9 +0,0 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-PATH /%INSTALL_DIR%/boot/syslinux/
-DEFAULT loadconfig
-
-LABEL loadconfig
- CONFIG /%INSTALL_DIR%/boot/syslinux/syslinux.cfg
- APPEND /%INSTALL_DIR%/
diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh
index c922493..8a3dbb4 100644
--- a/configs/baseline/profiledef.sh
+++ b/configs/baseline/profiledef.sh
@@ -10,3 +10,6 @@ install_dir="parabola"
bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
arch="x86_64"
pacman_conf="pacman.conf"
+file_permissions=(
+ ["/etc/shadow"]="0:0:400"
+)
diff --git a/configs/baseline/syslinux/syslinux-linux-libre.cfg b/configs/baseline/syslinux/syslinux-linux-libre.cfg
index e47c780..056be58 100644
--- a/configs/baseline/syslinux/syslinux-linux-libre.cfg
+++ b/configs/baseline/syslinux/syslinux-linux-libre.cfg
@@ -3,6 +3,6 @@
LABEL parabola
MENU LABEL Parabola GNU/Linux-libre (x86_64, BIOS)
-LINUX boot/%ARCH%/vmlinuz-linux-libre
-INITRD boot/%ARCH%/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL%
diff --git a/configs/baseline/syslinux/syslinux.cfg b/configs/baseline/syslinux/syslinux.cfg
index 5eb5adf..e965abb 100644
--- a/configs/baseline/syslinux/syslinux.cfg
+++ b/configs/baseline/syslinux/syslinux.cfg
@@ -1,11 +1,11 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-UI boot/syslinux/menu.c32
+UI menu.c32
MENU TITLE Parabola GNU/Linux-libre
MENU CLEAR
DEFAULT parabola
TIMEOUT 30
-INCLUDE boot/syslinux/syslinux-linux-libre.cfg
+INCLUDE syslinux-linux-libre.cfg
diff --git a/configs/lxde-openrc/isolinux/isolinux.cfg b/configs/lxde-openrc/isolinux/isolinux.cfg
deleted file mode 100644
index 10472fb..0000000
--- a/configs/lxde-openrc/isolinux/isolinux.cfg
+++ /dev/null
@@ -1,6 +0,0 @@
-PATH /%INSTALL_DIR%/boot/syslinux/
-DEFAULT loadconfig
-
-LABEL loadconfig
- CONFIG /%INSTALL_DIR%/boot/syslinux/parabolaiso.cfg
- APPEND /%INSTALL_DIR%/
diff --git a/configs/lxde-openrc/profiledef.sh b/configs/lxde-openrc/profiledef.sh
index fa6f4df..1ea7f43 100644
--- a/configs/lxde-openrc/profiledef.sh
+++ b/configs/lxde-openrc/profiledef.sh
@@ -11,3 +11,11 @@ bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.refind.esp' 'u
arch="dual"
pacman_conf="pacman.conf"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
+file_permissions=(
+ ["/etc/shadow"]="0:0:400"
+ ["/root"]="0:0:750"
+ ["/root/.automated_script.sh"]="0:0:755"
+ ["/usr/local/bin/choose-mirror"]="0:0:755"
+ ["/usr/local/bin/Installation_guide"]="0:0:755"
+# ["/usr/local/bin/livecd-sound"]="0:0:755"
+)
diff --git a/configs/lxde-openrc/syslinux/parabolaiso.cfg b/configs/lxde-openrc/syslinux/parabolaiso.cfg
deleted file mode 100644
index e38642c..0000000
--- a/configs/lxde-openrc/syslinux/parabolaiso.cfg
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-DEFAULT select
-
-LABEL select
-COM32 boot/syslinux/whichsys.c32
-APPEND -pxe- pxe -sys- sys -iso- sys
-
-LABEL pxe
-CONFIG boot/syslinux/parabolaiso_pxe_choose.cfg
-
-LABEL sys
-CONFIG boot/syslinux/parabolaiso_sys_choose.cfg
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_head.cfg b/configs/lxde-openrc/syslinux/parabolaiso_head.cfg
index f1f7635..d3c18d6 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_head.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_head.cfg
@@ -2,9 +2,9 @@
# SPDX-License-Identifier: GPL-3.0-or-later
SERIAL 0 38400
-UI boot/syslinux/vesamenu.c32
+UI vesamenu.c32
MENU TITLE Parabola GNU/Linux-libre
-MENU BACKGROUND boot/syslinux/splash.png
+MENU BACKGROUND splash.png
MENU WIDTH 78
MENU MARGIN 4
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg b/configs/lxde-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg
index 2cc63f1..8f1a5ac 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg
@@ -7,8 +7,8 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using NBD).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (NBD)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% parabolaiso_nbd_srv=${pxeserver} checksum verify
SYSAPPEND 3
@@ -18,8 +18,8 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using NFS).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (NFS)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_nfs_srv=${pxeserver}:/run/parabolaiso/bootmnt checksum verify
SYSAPPEND 3
@@ -29,7 +29,7 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using HTTP).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (HTTP)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_http_srv=http://${pxeserver}/ checksum verify
SYSAPPEND 3
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg b/configs/lxde-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg
index 0fd9fa6..3e46234 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg
@@ -7,8 +7,8 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using NBD).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (NBD)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% parabolaiso_nbd_srv=${pxeserver} checksum verify
SYSAPPEND 3
@@ -18,8 +18,8 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using NFS).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (NFS)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_nfs_srv=${pxeserver}:/run/parabolaiso/bootmnt checksum verify
SYSAPPEND 3
@@ -29,7 +29,7 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using HTTP).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (HTTP)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_http_srv=http://${pxeserver}/ checksum verify
SYSAPPEND 3
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_pxe_32_inc.cfg b/configs/lxde-openrc/syslinux/parabolaiso_pxe_32_inc.cfg
index c5c00e6..6b0cd85 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_pxe_32_inc.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_pxe_32_inc.cfg
@@ -1,6 +1,6 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe32.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_pxe32.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_pxe_both_inc.cfg b/configs/lxde-openrc/syslinux/parabolaiso_pxe_both_inc.cfg
index 0c5be94..ea72b27 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_pxe_both_inc.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_pxe_both_inc.cfg
@@ -1,7 +1,7 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe64.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe32.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_pxe64.cfg
+INCLUDE parabolaiso_pxe32.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_pxe_choose.cfg b/configs/lxde-openrc/syslinux/parabolaiso_pxe_choose.cfg
index 079fd7d..ad5a822 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_pxe_choose.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_pxe_choose.cfg
@@ -4,11 +4,11 @@
DEFAULT choose
LABEL choose
-COM32 boot/syslinux/ifcpu64.c32
+COM32 ifcpu64.c32
APPEND have64 -- nohave64
LABEL have64
-CONFIG boot/syslinux/parabolaiso_pxe_both_inc.cfg
+CONFIG parabolaiso_pxe_both_inc.cfg
LABEL nohave64
-CONFIG boot/syslinux/parabolaiso_pxe_32_inc.cfg
+CONFIG parabolaiso_pxe_32_inc.cfg
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg b/configs/lxde-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg
index 80fcca0..2729002 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg
@@ -9,6 +9,6 @@ Boot the Parabola GNU/Linux-libre (i686) live medium.
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL%
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg b/configs/lxde-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg
index 853bb8d..25f43c2 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg
@@ -10,6 +10,6 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium.
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL%
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_sys_32_inc.cfg b/configs/lxde-openrc/syslinux/parabolaiso_sys_32_inc.cfg
index 402ab61..99f22cf 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_sys_32_inc.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_sys_32_inc.cfg
@@ -1,6 +1,6 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_sys32-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_sys32-linux-libre.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_sys_both_inc.cfg b/configs/lxde-openrc/syslinux/parabolaiso_sys_both_inc.cfg
index 0febc5a..cd77b43 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_sys_both_inc.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_sys_both_inc.cfg
@@ -1,7 +1,7 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_sys64-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_sys32-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_sys64-linux-libre.cfg
+INCLUDE parabolaiso_sys32-linux-libre.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_sys_choose.cfg b/configs/lxde-openrc/syslinux/parabolaiso_sys_choose.cfg
index 2d41bb9..cf814d9 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_sys_choose.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_sys_choose.cfg
@@ -4,11 +4,11 @@
DEFAULT choose
LABEL choose
-COM32 boot/syslinux/ifcpu64.c32
+COM32 ifcpu64.c32
APPEND have64 -- nohave64
LABEL have64
-CONFIG boot/syslinux/parabolaiso_sys_both_inc.cfg
+CONFIG parabolaiso_sys_both_inc.cfg
LABEL nohave64
-CONFIG boot/syslinux/parabolaiso_sys_32_inc.cfg
+CONFIG parabolaiso_sys_32_inc.cfg
diff --git a/configs/lxde-openrc/syslinux/parabolaiso_tail.cfg b/configs/lxde-openrc/syslinux/parabolaiso_tail.cfg
index 685e1c8..f7a27a2 100644
--- a/configs/lxde-openrc/syslinux/parabolaiso_tail.cfg
+++ b/configs/lxde-openrc/syslinux/parabolaiso_tail.cfg
@@ -7,19 +7,19 @@ Boot an existing operating system.
Press TAB to edit the disk and partition number to boot.
ENDTEXT
MENU LABEL Boot existing OS
-COM32 boot/syslinux/chain.c32
+COM32 chain.c32
APPEND hd0 0
# http://www.memtest.org/
LABEL memtest
MENU LABEL Run Memtest86+ (RAM test)
-LINUX boot/memtest
+LINUX /%INSTALL_DIR%/boot/memtest
# http://hdt-project.org/
LABEL hdt
MENU LABEL Hardware Information (HDT)
-COM32 boot/syslinux/hdt.c32
-APPEND modules_alias=boot/syslinux/hdt/modalias.gz pciids=boot/syslinux/hdt/pciids.gz
+COM32 hdt.c32
+APPEND modules_alias=hdt/modalias.gz pciids=boot/syslinux/hdt/pciids.gz
LABEL reboot
TEXT HELP
@@ -27,7 +27,7 @@ Reboot computer.
The computer's firmware must support APM.
ENDTEXT
MENU LABEL Reboot
-COM32 boot/syslinux/reboot.c32
+COM32 reboot.c32
LABEL poweroff
TEXT HELP
@@ -35,4 +35,4 @@ Power off computer.
The computer's firmware must support APM.
ENDTEXT
MENU LABEL Power Off
-COM32 boot/syslinux/poweroff.c32
+COM32 poweroff.c32
diff --git a/configs/lxde-openrc/syslinux/syslinux.cfg b/configs/lxde-openrc/syslinux/syslinux.cfg
index f0239ac..7cb63ed 100644
--- a/configs/lxde-openrc/syslinux/syslinux.cfg
+++ b/configs/lxde-openrc/syslinux/syslinux.cfg
@@ -1,8 +1,14 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-DEFAULT loadconfig
+DEFAULT select
-LABEL loadconfig
- CONFIG parabolaiso.cfg
- APPEND ../../
+LABEL select
+COM32 whichsys.c32
+APPEND -pxe- pxe -sys- sys -iso- sys
+
+LABEL pxe
+CONFIG parabolaiso_pxe_choose.cfg
+
+LABEL sys
+CONFIG parabolaiso_sys_choose.cfg
diff --git a/configs/releng-openrc/isolinux/isolinux.cfg b/configs/releng-openrc/isolinux/isolinux.cfg
deleted file mode 100644
index 10472fb..0000000
--- a/configs/releng-openrc/isolinux/isolinux.cfg
+++ /dev/null
@@ -1,6 +0,0 @@
-PATH /%INSTALL_DIR%/boot/syslinux/
-DEFAULT loadconfig
-
-LABEL loadconfig
- CONFIG /%INSTALL_DIR%/boot/syslinux/parabolaiso.cfg
- APPEND /%INSTALL_DIR%/
diff --git a/configs/releng-openrc/profiledef.sh b/configs/releng-openrc/profiledef.sh
index c640752..cc13953 100644
--- a/configs/releng-openrc/profiledef.sh
+++ b/configs/releng-openrc/profiledef.sh
@@ -11,3 +11,11 @@ bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.refind.esp' 'u
arch="dual"
pacman_conf="pacman.conf"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
+file_permissions=(
+ ["/etc/shadow"]="0:0:400"
+ ["/root"]="0:0:750"
+ ["/root/.automated_script.sh"]="0:0:755"
+ ["/usr/local/bin/choose-mirror"]="0:0:755"
+ ["/usr/local/bin/Installation_guide"]="0:0:755"
+# ["/usr/local/bin/livecd-sound"]="0:0:755"
+)
diff --git a/configs/releng-openrc/syslinux/parabolaiso.cfg b/configs/releng-openrc/syslinux/parabolaiso.cfg
deleted file mode 100644
index e38642c..0000000
--- a/configs/releng-openrc/syslinux/parabolaiso.cfg
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-DEFAULT select
-
-LABEL select
-COM32 boot/syslinux/whichsys.c32
-APPEND -pxe- pxe -sys- sys -iso- sys
-
-LABEL pxe
-CONFIG boot/syslinux/parabolaiso_pxe_choose.cfg
-
-LABEL sys
-CONFIG boot/syslinux/parabolaiso_sys_choose.cfg
diff --git a/configs/releng-openrc/syslinux/parabolaiso_head.cfg b/configs/releng-openrc/syslinux/parabolaiso_head.cfg
index f1f7635..d3c18d6 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_head.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_head.cfg
@@ -2,9 +2,9 @@
# SPDX-License-Identifier: GPL-3.0-or-later
SERIAL 0 38400
-UI boot/syslinux/vesamenu.c32
+UI vesamenu.c32
MENU TITLE Parabola GNU/Linux-libre
-MENU BACKGROUND boot/syslinux/splash.png
+MENU BACKGROUND splash.png
MENU WIDTH 78
MENU MARGIN 4
diff --git a/configs/releng-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg b/configs/releng-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg
index 2cc63f1..8f1a5ac 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_pxe32-linux-libre.cfg
@@ -7,8 +7,8 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using NBD).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (NBD)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% parabolaiso_nbd_srv=${pxeserver} checksum verify
SYSAPPEND 3
@@ -18,8 +18,8 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using NFS).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (NFS)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_nfs_srv=${pxeserver}:/run/parabolaiso/bootmnt checksum verify
SYSAPPEND 3
@@ -29,7 +29,7 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using HTTP).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (HTTP)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_http_srv=http://${pxeserver}/ checksum verify
SYSAPPEND 3
diff --git a/configs/releng-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg b/configs/releng-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg
index 0fd9fa6..3e46234 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_pxe64-linux-libre.cfg
@@ -7,8 +7,8 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using NBD).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (NBD)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% parabolaiso_nbd_srv=${pxeserver} checksum verify
SYSAPPEND 3
@@ -18,8 +18,8 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using NFS).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (NFS)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_nfs_srv=${pxeserver}:/run/parabolaiso/bootmnt checksum verify
SYSAPPEND 3
@@ -29,7 +29,7 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using HTTP).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (HTTP)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_http_srv=http://${pxeserver}/ checksum verify
SYSAPPEND 3
diff --git a/configs/releng-openrc/syslinux/parabolaiso_pxe_32_inc.cfg b/configs/releng-openrc/syslinux/parabolaiso_pxe_32_inc.cfg
index c5c00e6..6b0cd85 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_pxe_32_inc.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_pxe_32_inc.cfg
@@ -1,6 +1,6 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe32.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_pxe32.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng-openrc/syslinux/parabolaiso_pxe_both_inc.cfg b/configs/releng-openrc/syslinux/parabolaiso_pxe_both_inc.cfg
index 0c5be94..ea72b27 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_pxe_both_inc.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_pxe_both_inc.cfg
@@ -1,7 +1,7 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe64.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe32.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_pxe64.cfg
+INCLUDE parabolaiso_pxe32.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng-openrc/syslinux/parabolaiso_pxe_choose.cfg b/configs/releng-openrc/syslinux/parabolaiso_pxe_choose.cfg
index 079fd7d..ad5a822 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_pxe_choose.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_pxe_choose.cfg
@@ -4,11 +4,11 @@
DEFAULT choose
LABEL choose
-COM32 boot/syslinux/ifcpu64.c32
+COM32 ifcpu64.c32
APPEND have64 -- nohave64
LABEL have64
-CONFIG boot/syslinux/parabolaiso_pxe_both_inc.cfg
+CONFIG parabolaiso_pxe_both_inc.cfg
LABEL nohave64
-CONFIG boot/syslinux/parabolaiso_pxe_32_inc.cfg
+CONFIG parabolaiso_pxe_32_inc.cfg
diff --git a/configs/releng-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg b/configs/releng-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg
index 80fcca0..2729002 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_sys32-linux-libre.cfg
@@ -9,6 +9,6 @@ Boot the Parabola GNU/Linux-libre (i686) live medium.
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL%
diff --git a/configs/releng-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg b/configs/releng-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg
index 853bb8d..25f43c2 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_sys64-linux-libre.cfg
@@ -10,6 +10,6 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium.
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL%
diff --git a/configs/releng-openrc/syslinux/parabolaiso_sys_32_inc.cfg b/configs/releng-openrc/syslinux/parabolaiso_sys_32_inc.cfg
index 402ab61..99f22cf 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_sys_32_inc.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_sys_32_inc.cfg
@@ -1,6 +1,6 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_sys32-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_sys32-linux-libre.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng-openrc/syslinux/parabolaiso_sys_both_inc.cfg b/configs/releng-openrc/syslinux/parabolaiso_sys_both_inc.cfg
index 0febc5a..cd77b43 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_sys_both_inc.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_sys_both_inc.cfg
@@ -1,7 +1,7 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_sys64-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_sys32-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_sys64-linux-libre.cfg
+INCLUDE parabolaiso_sys32-linux-libre.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng-openrc/syslinux/parabolaiso_sys_choose.cfg b/configs/releng-openrc/syslinux/parabolaiso_sys_choose.cfg
index 2d41bb9..cf814d9 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_sys_choose.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_sys_choose.cfg
@@ -4,11 +4,11 @@
DEFAULT choose
LABEL choose
-COM32 boot/syslinux/ifcpu64.c32
+COM32 ifcpu64.c32
APPEND have64 -- nohave64
LABEL have64
-CONFIG boot/syslinux/parabolaiso_sys_both_inc.cfg
+CONFIG parabolaiso_sys_both_inc.cfg
LABEL nohave64
-CONFIG boot/syslinux/parabolaiso_sys_32_inc.cfg
+CONFIG parabolaiso_sys_32_inc.cfg
diff --git a/configs/releng-openrc/syslinux/parabolaiso_tail.cfg b/configs/releng-openrc/syslinux/parabolaiso_tail.cfg
index 685e1c8..f7a27a2 100644
--- a/configs/releng-openrc/syslinux/parabolaiso_tail.cfg
+++ b/configs/releng-openrc/syslinux/parabolaiso_tail.cfg
@@ -7,19 +7,19 @@ Boot an existing operating system.
Press TAB to edit the disk and partition number to boot.
ENDTEXT
MENU LABEL Boot existing OS
-COM32 boot/syslinux/chain.c32
+COM32 chain.c32
APPEND hd0 0
# http://www.memtest.org/
LABEL memtest
MENU LABEL Run Memtest86+ (RAM test)
-LINUX boot/memtest
+LINUX /%INSTALL_DIR%/boot/memtest
# http://hdt-project.org/
LABEL hdt
MENU LABEL Hardware Information (HDT)
-COM32 boot/syslinux/hdt.c32
-APPEND modules_alias=boot/syslinux/hdt/modalias.gz pciids=boot/syslinux/hdt/pciids.gz
+COM32 hdt.c32
+APPEND modules_alias=hdt/modalias.gz pciids=boot/syslinux/hdt/pciids.gz
LABEL reboot
TEXT HELP
@@ -27,7 +27,7 @@ Reboot computer.
The computer's firmware must support APM.
ENDTEXT
MENU LABEL Reboot
-COM32 boot/syslinux/reboot.c32
+COM32 reboot.c32
LABEL poweroff
TEXT HELP
@@ -35,4 +35,4 @@ Power off computer.
The computer's firmware must support APM.
ENDTEXT
MENU LABEL Power Off
-COM32 boot/syslinux/poweroff.c32
+COM32 poweroff.c32
diff --git a/configs/releng-openrc/syslinux/syslinux.cfg b/configs/releng-openrc/syslinux/syslinux.cfg
index f0239ac..7cb63ed 100644
--- a/configs/releng-openrc/syslinux/syslinux.cfg
+++ b/configs/releng-openrc/syslinux/syslinux.cfg
@@ -1,8 +1,14 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-DEFAULT loadconfig
+DEFAULT select
-LABEL loadconfig
- CONFIG parabolaiso.cfg
- APPEND ../../
+LABEL select
+COM32 whichsys.c32
+APPEND -pxe- pxe -sys- sys -iso- sys
+
+LABEL pxe
+CONFIG parabolaiso_pxe_choose.cfg
+
+LABEL sys
+CONFIG parabolaiso_sys_choose.cfg
diff --git a/configs/releng/isolinux/isolinux.cfg b/configs/releng/isolinux/isolinux.cfg
deleted file mode 100644
index a1ffe2e..0000000
--- a/configs/releng/isolinux/isolinux.cfg
+++ /dev/null
@@ -1,9 +0,0 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-PATH /%INSTALL_DIR%/boot/syslinux/
-DEFAULT loadconfig
-
-LABEL loadconfig
- CONFIG /%INSTALL_DIR%/boot/syslinux/parabolaiso.cfg
- APPEND /%INSTALL_DIR%/
diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh
index 00885fe..a7b7a4c 100644
--- a/configs/releng/profiledef.sh
+++ b/configs/releng/profiledef.sh
@@ -11,3 +11,11 @@ bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-x64.systemd-boot.e
arch="dual"
pacman_conf="pacman.conf"
airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
+file_permissions=(
+ ["/etc/shadow"]="0:0:400"
+ ["/root"]="0:0:750"
+ ["/root/.automated_script.sh"]="0:0:755"
+ ["/usr/local/bin/choose-mirror"]="0:0:755"
+ ["/usr/local/bin/Installation_guide"]="0:0:755"
+ ["/usr/local/bin/livecd-sound"]="0:0:755"
+)
diff --git a/configs/releng/syslinux/parabolaiso.cfg b/configs/releng/syslinux/parabolaiso.cfg
deleted file mode 100644
index e38642c..0000000
--- a/configs/releng/syslinux/parabolaiso.cfg
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-DEFAULT select
-
-LABEL select
-COM32 boot/syslinux/whichsys.c32
-APPEND -pxe- pxe -sys- sys -iso- sys
-
-LABEL pxe
-CONFIG boot/syslinux/parabolaiso_pxe_choose.cfg
-
-LABEL sys
-CONFIG boot/syslinux/parabolaiso_sys_choose.cfg
diff --git a/configs/releng/syslinux/parabolaiso_head.cfg b/configs/releng/syslinux/parabolaiso_head.cfg
index 0c3ac66..17b77e9 100644
--- a/configs/releng/syslinux/parabolaiso_head.cfg
+++ b/configs/releng/syslinux/parabolaiso_head.cfg
@@ -2,9 +2,9 @@
# SPDX-License-Identifier: GPL-3.0-or-later
SERIAL 0 38400
-UI boot/syslinux/vesamenu.c32
+UI vesamenu.c32
MENU TITLE Parabola GNU/Linux-libre
-MENU BACKGROUND boot/syslinux/splash.png
+MENU BACKGROUND splash.png
MENU WIDTH 78
MENU MARGIN 4
diff --git a/configs/releng/syslinux/parabolaiso_pxe32-linux-libre.cfg b/configs/releng/syslinux/parabolaiso_pxe32-linux-libre.cfg
index 2cc63f1..8f1a5ac 100644
--- a/configs/releng/syslinux/parabolaiso_pxe32-linux-libre.cfg
+++ b/configs/releng/syslinux/parabolaiso_pxe32-linux-libre.cfg
@@ -7,8 +7,8 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using NBD).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (NBD)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% parabolaiso_nbd_srv=${pxeserver} checksum verify
SYSAPPEND 3
@@ -18,8 +18,8 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using NFS).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (NFS)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_nfs_srv=${pxeserver}:/run/parabolaiso/bootmnt checksum verify
SYSAPPEND 3
@@ -29,7 +29,7 @@ Boot the Parabola GNU/Linux-libre (i686) live medium (Using HTTP).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (i686) (HTTP)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_http_srv=http://${pxeserver}/ checksum verify
SYSAPPEND 3
diff --git a/configs/releng/syslinux/parabolaiso_pxe64-linux-libre.cfg b/configs/releng/syslinux/parabolaiso_pxe64-linux-libre.cfg
index 0fd9fa6..3e46234 100644
--- a/configs/releng/syslinux/parabolaiso_pxe64-linux-libre.cfg
+++ b/configs/releng/syslinux/parabolaiso_pxe64-linux-libre.cfg
@@ -7,8 +7,8 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using NBD).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (NBD)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% parabolaiso_nbd_srv=${pxeserver} checksum verify
SYSAPPEND 3
@@ -18,8 +18,8 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using NFS).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (NFS)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_nfs_srv=${pxeserver}:/run/parabolaiso/bootmnt checksum verify
SYSAPPEND 3
@@ -29,7 +29,7 @@ Boot the Parabola GNU/Linux-libre (x86_64) live medium (Using HTTP).
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Boot Parabola GNU/Linux-libre (x86_64) (HTTP)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaiso_http_srv=http://${pxeserver}/ checksum verify
SYSAPPEND 3
diff --git a/configs/releng/syslinux/parabolaiso_pxe_32_inc.cfg b/configs/releng/syslinux/parabolaiso_pxe_32_inc.cfg
index c5c00e6..6b0cd85 100644
--- a/configs/releng/syslinux/parabolaiso_pxe_32_inc.cfg
+++ b/configs/releng/syslinux/parabolaiso_pxe_32_inc.cfg
@@ -1,6 +1,6 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe32.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_pxe32.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng/syslinux/parabolaiso_pxe_both_inc.cfg b/configs/releng/syslinux/parabolaiso_pxe_both_inc.cfg
index 549fd4c..ed898b5 100644
--- a/configs/releng/syslinux/parabolaiso_pxe_both_inc.cfg
+++ b/configs/releng/syslinux/parabolaiso_pxe_both_inc.cfg
@@ -1,7 +1,7 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe64-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_pxe32-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_head.cfg
+INCLUDE parabolaiso_pxe64-linux-libre.cfg
+INCLUDE parabolaiso_pxe32-linux-libre.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng/syslinux/parabolaiso_pxe_choose.cfg b/configs/releng/syslinux/parabolaiso_pxe_choose.cfg
index 079fd7d..ad5a822 100644
--- a/configs/releng/syslinux/parabolaiso_pxe_choose.cfg
+++ b/configs/releng/syslinux/parabolaiso_pxe_choose.cfg
@@ -4,11 +4,11 @@
DEFAULT choose
LABEL choose
-COM32 boot/syslinux/ifcpu64.c32
+COM32 ifcpu64.c32
APPEND have64 -- nohave64
LABEL have64
-CONFIG boot/syslinux/parabolaiso_pxe_both_inc.cfg
+CONFIG parabolaiso_pxe_both_inc.cfg
LABEL nohave64
-CONFIG boot/syslinux/parabolaiso_pxe_32_inc.cfg
+CONFIG parabolaiso_pxe_32_inc.cfg
diff --git a/configs/releng/syslinux/parabolaiso_sys32-linux-libre.cfg b/configs/releng/syslinux/parabolaiso_sys32-linux-libre.cfg
index b2de1ca..b2c943c 100644
--- a/configs/releng/syslinux/parabolaiso_sys32-linux-libre.cfg
+++ b/configs/releng/syslinux/parabolaiso_sys32-linux-libre.cfg
@@ -9,8 +9,8 @@ Boot the Parabola GNU/Linux-libre install medium on BIOS.
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Parabola GNU/Linux-libre install medium (i686, BIOS)
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL%
# Accessibility boot option
@@ -20,6 +20,6 @@ Boot the Parabola GNU/Linux-libre install medium on BIOS with speakup screen rea
It allows you to install Parabola GNU/Linux-libre or perform system maintenance with speech feedback.
ENDTEXT
MENU LABEL Parabola GNU/Linux-libre install medium (i686, BIOS) with ^speech
-LINUX boot/i686/vmlinuz-linux-libre
-INITRD boot/i686/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/i686/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/i686/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% accessibility=on
diff --git a/configs/releng/syslinux/parabolaiso_sys64-linux-libre.cfg b/configs/releng/syslinux/parabolaiso_sys64-linux-libre.cfg
index 18a66d3..b173f93 100644
--- a/configs/releng/syslinux/parabolaiso_sys64-linux-libre.cfg
+++ b/configs/releng/syslinux/parabolaiso_sys64-linux-libre.cfg
@@ -7,8 +7,8 @@ Boot the Parabola GNU/Linux-libre install medium on BIOS.
It allows you to install Parabola GNU/Linux-libre or perform system maintenance.
ENDTEXT
MENU LABEL Parabola GNU/Linux-libre install medium (x86_64, BIOS)
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL%
# Accessibility boot option
@@ -18,6 +18,6 @@ Boot the Parabola GNU/Linux-libre install medium on BIOS with speakup screen rea
It allows you to install Parabola GNU/Linux-libre or perform system maintenance with speech feedback.
ENDTEXT
MENU LABEL Parabola GNU/Linux-libre install medium (x86_64, BIOS) with ^speech
-LINUX boot/x86_64/vmlinuz-linux-libre
-INITRD boot/x86_64/initramfs-linux-libre.img
+LINUX /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre
+INITRD /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img
APPEND parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% accessibility=on
diff --git a/configs/releng/syslinux/parabolaiso_sys_32_inc.cfg b/configs/releng/syslinux/parabolaiso_sys_32_inc.cfg
index 566b822..b9306ed 100644
--- a/configs/releng/syslinux/parabolaiso_sys_32_inc.cfg
+++ b/configs/releng/syslinux/parabolaiso_sys_32_inc.cfg
@@ -1,11 +1,11 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
+INCLUDE parabolaiso_head.cfg
DEFAULT parabola32
TIMEOUT 150
-INCLUDE boot/syslinux/parabolaiso_sys32-linux-libre.cfg
+INCLUDE parabolaiso_sys32-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng/syslinux/parabolaiso_sys_both_inc.cfg b/configs/releng/syslinux/parabolaiso_sys_both_inc.cfg
index 9c982da..afb027d 100644
--- a/configs/releng/syslinux/parabolaiso_sys_both_inc.cfg
+++ b/configs/releng/syslinux/parabolaiso_sys_both_inc.cfg
@@ -1,13 +1,13 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-INCLUDE boot/syslinux/parabolaiso_head.cfg
+INCLUDE parabolaiso_head.cfg
DEFAULT parabola64
TIMEOUT 150
-INCLUDE boot/syslinux/parabolaiso_sys64-linux-libre.cfg
+INCLUDE parabolaiso_sys64-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_sys32-linux-libre.cfg
+INCLUDE parabolaiso_sys32-linux-libre.cfg
-INCLUDE boot/syslinux/parabolaiso_tail.cfg
+INCLUDE parabolaiso_tail.cfg
diff --git a/configs/releng/syslinux/parabolaiso_sys_choose.cfg b/configs/releng/syslinux/parabolaiso_sys_choose.cfg
index 2d41bb9..cf814d9 100644
--- a/configs/releng/syslinux/parabolaiso_sys_choose.cfg
+++ b/configs/releng/syslinux/parabolaiso_sys_choose.cfg
@@ -4,11 +4,11 @@
DEFAULT choose
LABEL choose
-COM32 boot/syslinux/ifcpu64.c32
+COM32 ifcpu64.c32
APPEND have64 -- nohave64
LABEL have64
-CONFIG boot/syslinux/parabolaiso_sys_both_inc.cfg
+CONFIG parabolaiso_sys_both_inc.cfg
LABEL nohave64
-CONFIG boot/syslinux/parabolaiso_sys_32_inc.cfg
+CONFIG parabolaiso_sys_32_inc.cfg
diff --git a/configs/releng/syslinux/parabolaiso_tail.cfg b/configs/releng/syslinux/parabolaiso_tail.cfg
index 685e1c8..af172c0 100644
--- a/configs/releng/syslinux/parabolaiso_tail.cfg
+++ b/configs/releng/syslinux/parabolaiso_tail.cfg
@@ -7,19 +7,19 @@ Boot an existing operating system.
Press TAB to edit the disk and partition number to boot.
ENDTEXT
MENU LABEL Boot existing OS
-COM32 boot/syslinux/chain.c32
+COM32 chain.c32
APPEND hd0 0
# http://www.memtest.org/
LABEL memtest
MENU LABEL Run Memtest86+ (RAM test)
-LINUX boot/memtest
+LINUX /%INSTALL_DIR%/boot/memtest
# http://hdt-project.org/
LABEL hdt
MENU LABEL Hardware Information (HDT)
-COM32 boot/syslinux/hdt.c32
-APPEND modules_alias=boot/syslinux/hdt/modalias.gz pciids=boot/syslinux/hdt/pciids.gz
+COM32 hdt.c32
+APPEND modules_alias=hdt/modalias.gz pciids=hdt/pciids.gz
LABEL reboot
TEXT HELP
@@ -27,7 +27,7 @@ Reboot computer.
The computer's firmware must support APM.
ENDTEXT
MENU LABEL Reboot
-COM32 boot/syslinux/reboot.c32
+COM32 reboot.c32
LABEL poweroff
TEXT HELP
@@ -35,4 +35,4 @@ Power off computer.
The computer's firmware must support APM.
ENDTEXT
MENU LABEL Power Off
-COM32 boot/syslinux/poweroff.c32
+COM32 poweroff.c32
diff --git a/configs/releng/syslinux/syslinux.cfg b/configs/releng/syslinux/syslinux.cfg
index f0239ac..187eea5 100644
--- a/configs/releng/syslinux/syslinux.cfg
+++ b/configs/releng/syslinux/syslinux.cfg
@@ -1,8 +1,15 @@
#
# SPDX-License-Identifier: GPL-3.0-or-later
-DEFAULT loadconfig
+DEFAULT select
+
+LABEL select
+COM32 whichsys.c32
+APPEND -pxe- pxe -sys- sys -iso- sys
+
+LABEL pxe
+CONFIG parabolaiso_pxe_choose.cfg
+
+LABEL sys
+CONFIG parabolaiso_sys_choose.cfg
-LABEL loadconfig
- CONFIG parabolaiso.cfg
- APPEND ../../
diff --git a/parabolaiso/mkparabolaiso b/parabolaiso/mkparabolaiso
index b88ea34..97462ed 100755
--- a/parabolaiso/mkparabolaiso
+++ b/parabolaiso/mkparabolaiso
@@ -37,6 +37,7 @@ override_pacman_conf=""
bootmodes=()
airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz')
+declare -A file_permissions=()
# Show an INFO message
@@ -279,30 +280,27 @@ _make_pacman_conf() {
# Prepare working directory and copy custom airootfs files (airootfs)
_make_custom_airootfs() {
local passwd=()
+ local filename permissions
install -d -m 0755 -o 0 -g 0 -- "${airootfs_dir}"
if [[ -d "${profile}/airootfs" ]]; then
- _msg_info "Copying custom airootfs files and setting up user home directories..."
- cp -af --no-preserve=ownership -- "${profile}/airootfs/." "${airootfs_dir}"
-
- [[ -e "${airootfs_dir}/etc/shadow" ]] && chmod -f 0400 -- "${airootfs_dir}/etc/shadow"
- [[ -e "${airootfs_dir}/etc/gshadow" ]] && chmod -f 0400 -- "${airootfs_dir}/etc/gshadow"
-
- # Set up user home directories and permissions
- if [[ -e "${airootfs_dir}/etc/passwd" ]]; then
- while IFS=':' read -a passwd -r; do
- [[ "${passwd[5]}" == '/' ]] && continue
- [[ -z "${passwd[5]}" ]] && continue
-
- if [[ -d "${airootfs_dir}${passwd[5]}" ]]; then
- chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}"
- chmod -f 0750 -- "${airootfs_dir}${passwd[5]}"
- else
- install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${airootfs_dir}${passwd[5]}"
- fi
- done < "${airootfs_dir}/etc/passwd"
- fi
+ _msg_info "Copying custom airootfs files..."
+ cp -af --no-preserve=ownership,mode -- "${profile}/airootfs/." "${airootfs_dir}"
+ # Set ownership and mode for files and directories
+ for filename in "${!file_permissions[@]}"; do
+ IFS=':' read -ra permissions <<< "${file_permissions["${filename}"]}"
+ # Prevent file path traversal outside of $airootfs_dir
+ if [[ "$(realpath -q -- "${airootfs_dir}${filename}")" != "$(realpath -q -- "${airootfs_dir}")"* ]]; then
+ _msg_error "Failed to set permissions on '${airootfs_dir}${filename}'. Outside of valid path." 1
+ # Warn if the file does not exist
+ elif [[ ! -e "${airootfs_dir}${filename}" ]]; then
+ _msg_warning "Cannot change permissions of '${airootfs_dir}${filename}'. The file or directory does not exist."
+ else
+ chown -fh -- "${permissions[0]}:${permissions[1]}" "${airootfs_dir}${filename}"
+ chmod -f -- "${permissions[2]}" "${airootfs_dir}${filename}"
+ fi
+ done
_msg_info "Done!"
fi
}
@@ -340,13 +338,22 @@ _make_customize_airootfs() {
if [[ -e "${profile}/airootfs/etc/passwd" ]]; then
_msg_info "Copying /etc/skel/* to user homes..."
while IFS=':' read -a passwd -r; do
+ # Only operate on UIDs in range 1000–59999
(( passwd[2] >= 1000 && passwd[2] < 60000 )) || continue
+ # Skip invalid home directories
[[ "${passwd[5]}" == '/' ]] && continue
[[ -z "${passwd[5]}" ]] && continue
- cp -dnRT --preserve=mode,timestamps,links -- "${airootfs_dir}/etc/skel" "${airootfs_dir}${passwd[5]}"
- chmod -f 0750 -- "${airootfs_dir}${passwd[5]}"
- chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}"
-
+ # Prevent path traversal outside of $airootfs_dir
+ if [[ "$(realpath -q -- "${airootfs_dir}${passwd[5]}")" == "${airootfs_dir}"* ]]; then
+ if [[ ! -d "${airootfs_dir}${passwd[5]}" ]]; then
+ install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${airootfs_dir}${passwd[5]}"
+ fi
+ cp -dnRT --preserve=mode,timestamps,links -- "${airootfs_dir}/etc/skel/." "${airootfs_dir}${passwd[5]}"
+ chmod -f 0750 -- "${airootfs_dir}${passwd[5]}"
+ chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}"
+ else
+ _msg_error "Failed to set permissions on '${airootfs_dir}${passwd[5]}'. Outside of valid path." 1
+ fi
done < "${profile}/airootfs/etc/passwd"
_msg_info "Done!"
fi
@@ -354,6 +361,7 @@ _make_customize_airootfs() {
if [[ -e "${airootfs_dir}/root/customize_airootfs.sh" ]]; then
_msg_info "Running customize_airootfs.sh in '${airootfs_dir}' chroot..."
_msg_warning "customize_airootfs.sh is deprecated! Support for it will be removed in a future parabolaiso version."
+ chmod -f -- +x "${airootfs_dir}/root/customize_airootfs.sh"
eval -- arch-chroot "${airootfs_dir}" "/root/customize_airootfs.sh"
rm -- "${airootfs_dir}/root/customize_airootfs.sh"
_msg_info "Done! customize_airootfs.sh run successfully."
@@ -377,33 +385,33 @@ _make_boot_on_iso9660() {
_msg_info "Done!"
}
-# Prepare /${install_dir}/boot/syslinux
+# Prepare /syslinux
_make_bootmode_bios.syslinux.mbr() {
_msg_info "Setting up SYSLINUX for BIOS booting from a disk..."
- install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/syslinux"
+ install -d -m 0755 -- "${isofs_dir}/syslinux"
for _cfg in "${profile}/syslinux/"*.cfg; do
sed "s|%PARABOLAISO_LABEL%|${iso_label}|g;
s|%INSTALL_DIR%|${install_dir}|g;
s|%ARCH%|${arch}|g" \
- "${_cfg}" > "${isofs_dir}/${install_dir}/boot/syslinux/${_cfg##*/}"
+ "${_cfg}" > "${isofs_dir}/syslinux/${_cfg##*/}"
done
if [[ -e "${profile}/syslinux/splash.png" ]]; then
- install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/${install_dir}/boot/syslinux/"
+ install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/syslinux/"
fi
- install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/"*.c32 "${isofs_dir}/${install_dir}/boot/syslinux/"
- install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/lpxelinux.0" "${isofs_dir}/${install_dir}/boot/syslinux/"
- install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/memdisk" "${isofs_dir}/${install_dir}/boot/syslinux/"
+ install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/"*.c32 "${isofs_dir}/syslinux/"
+ install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/lpxelinux.0" "${isofs_dir}/syslinux/"
+ install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/memdisk" "${isofs_dir}/syslinux/"
_run_dual '_run_once _make_boot_on_iso9660'
- if [[ -e "${isofs_dir}/${install_dir}/boot/syslinux/hdt.c32" ]]; then
- install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/syslinux/hdt"
+ if [[ -e "${isofs_dir}/syslinux/hdt.c32" ]]; then
+ install -d -m 0755 -- "${isofs_dir}/syslinux/hdt"
if [[ -e "${airootfs_dir}/usr/share/hwdata/pci.ids" ]]; then
gzip -c -9 "${airootfs_dir}/usr/share/hwdata/pci.ids" > \
- "${isofs_dir}/${install_dir}/boot/syslinux/hdt/pciids.gz"
+ "${isofs_dir}/syslinux/hdt/pciids.gz"
fi
find "${airootfs_dir}/usr/lib/modules" -name 'modules.alias' -print -exec gzip -c -9 '{}' ';' -quit > \
- "${isofs_dir}/${install_dir}/boot/syslinux/hdt/modalias.gz"
+ "${isofs_dir}/syslinux/hdt/modalias.gz"
fi
# Add other aditional/extra files to ${install_dir}/boot/
@@ -417,21 +425,14 @@ _make_bootmode_bios.syslinux.mbr() {
_msg_info "Done! SYSLINUX set up for BIOS booting from a disk successfully."
}
-# Prepare /isolinux
+# Prepare /syslinux for El-Torito booting
_make_bootmode_bios.syslinux.eltorito() {
_msg_info "Setting up SYSLINUX for BIOS booting from an optical disc..."
- install -d -m 0755 -- "${isofs_dir}/isolinux"
- for _cfg in "${profile}/isolinux/"*".cfg"; do
- sed "s|%PARABOLAISO_LABEL%|${iso_label}|g;
- s|%INSTALL_DIR%|${install_dir}|g;
- s|%ARCH%|${arch}|g" \
- "${_cfg}" > "${isofs_dir}/isolinux/${_cfg##*/}"
- done
- install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isolinux.bin" "${isofs_dir}/isolinux/"
- install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isohdpfx.bin" "${isofs_dir}/isolinux/"
- install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/ldlinux.c32" "${isofs_dir}/isolinux/"
+ install -d -m 0755 -- "${isofs_dir}/syslinux"
+ install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isolinux.bin" "${isofs_dir}/syslinux/"
+ install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isohdpfx.bin" "${isofs_dir}/syslinux/"
- # isolinux.cfg loads syslinux.cfg
+ # ISOLINUX and SYSLINUX installation is shared
_run_once _make_bootmode_bios.syslinux.mbr
_msg_info "Done! SYSLINUX set up for BIOS booting from an optical disc successfully."
@@ -640,34 +641,7 @@ _validate_requirements_bootmode_bios.syslinux.mbr() {
}
_validate_requirements_bootmode_bios.syslinux.eltorito() {
- # Check if the syslinux package is in the package list
- # shellcheck disable=SC2076
- if [[ ! " ${pkg_list[*]} " =~ ' syslinux ' ]]; then
- (( validation_error=validation_error+1 ))
- _msg_error "Validating '${bootmode}': The 'syslinux' package is missing from the package list!" 0
- fi
-
- # Check if isolinux configuration files exist
- if [[ ! -d "${profile}/isolinux" ]]; then
- (( validation_error=validation_error+1 ))
- _msg_error "Validating '${bootmode}': The '${profile}/isolinux' directory is missing!" 0
- else
- local cfgfile
- for cfgfile in "${profile}/isolinux/"*'.cfg'; do
- if [[ -e "${cfgfile}" ]]; then
- break
- else
- (( validation_error=validation_error+1 ))
- _msg_error "Validating '${bootmode}': No configuration file found in '${profile}/isolinux/'!" 0
- fi
- done
- fi
-
- # Check for optional packages
- # shellcheck disable=SC2076
- if [[ ! " ${pkg_list[*]} " =~ ' memtest86+ ' ]]; then
- _msg_info "Validating '${bootmode}': 'memtest86+' is not in the package list. Memory testing will not be available from syslinux."
- fi
+ _validate_requirements_bootmode_bios.syslinux.mbr
}
_validate_requirements_bootmode_uefi-x64.systemd-boot.esp() {
@@ -798,9 +772,9 @@ _validate_requirements_airootfs_image_type_ext4+squashfs() {
_add_xorrisofs_options_bios.syslinux.eltorito() {
xorrisofs_options+=(
# El Torito boot image for x86 BIOS
- '-eltorito-boot' 'isolinux/isolinux.bin'
+ '-eltorito-boot' 'syslinux/isolinux.bin'
# El Torito boot catalog file
- '-eltorito-catalog' 'isolinux/boot.cat'
+ '-eltorito-catalog' 'syslinux/boot.cat'
# Required options to boot with ISOLINUX
'-no-emul-boot' '-boot-load-size' '4' '-boot-info-table'
)
@@ -809,8 +783,8 @@ _add_xorrisofs_options_bios.syslinux.eltorito() {
# SYSLINUX MBR
_add_xorrisofs_options_bios.syslinux.mbr() {
xorrisofs_options+=(
- # SYSLINUX MBR bootstrap code; does not work without "-eltorito-boot isolinux/isolinux.bin"
- '-isohybrid-mbr' "${isofs_dir}/isolinux/isohdpfx.bin"
+ # SYSLINUX MBR bootstrap code; does not work without "-eltorito-boot syslinux/isolinux.bin"
+ '-isohybrid-mbr' "${isofs_dir}/syslinux/isohdpfx.bin"
# When GPT is used, create an additional partition in the MBR (besides 0xEE) for sectors 0–1 (MBR
# bootstrap code area) and mark it as bootable
# This violates the UEFI specification, but may allow booting on some systems