From 2b9540019a26b5fed441ff85511389531dd7791a Mon Sep 17 00:00:00 2001 From: David P Date: Sat, 1 Aug 2020 20:13:26 -0400 Subject: [talkingparabola] sync with releng, talkingarch is just too slow ;) talkingarch last synced archiso in v44, but releng has changed a lot since then Signed-off-by: David P --- configs/talkingparabola/airootfs/etc/hostname | 2 + configs/talkingparabola/airootfs/etc/locale.conf | 3 + configs/talkingparabola/airootfs/etc/localtime | 1 + .../talkingparabola/airootfs/etc/mkinitcpio.conf | 69 ++++++++++++ .../airootfs/etc/mkinitcpio.d/linux-libre.preset | 11 ++ configs/talkingparabola/airootfs/etc/motd | 17 ++- configs/talkingparabola/airootfs/etc/pam.d/su | 6 -- configs/talkingparabola/airootfs/etc/passwd | 1 + configs/talkingparabola/airootfs/etc/shadow | 1 + .../talkingparabola/airootfs/etc/ssh/sshd_config | 116 +++++++++++++++++++++ .../systemd/journald.conf.d/volatile-storage.conf | 5 + .../etc/systemd/logind.conf.d/do-not-suspend.conf | 7 ++ .../etc/systemd/network/20-ethernet.network | 13 +++ .../etc/systemd/network/20-wireless.network | 13 +++ .../airootfs/etc/systemd/network/ethernet.network | 11 -- .../airootfs/etc/systemd/network/wireless.network | 11 -- .../airootfs/etc/systemd/scripts/choose-mirror | 26 ----- .../airootfs/etc/systemd/system/brltty.service | 1 + .../etc/systemd/system/choose-mirror.service | 5 +- .../system/dbus-org.freedesktop.network1.service | 1 + .../system/dbus-org.freedesktop.resolve1.service | 1 + .../etc/systemd/system/etc-pacman.d-gnupg.mount | 3 + .../system/getty@tty1.service.d/autologin.conf | 3 + .../multi-user.target.wants/choose-mirror.service | 1 + .../system/multi-user.target.wants/iwd.service | 1 + .../multi-user.target.wants/pacman-init.service | 1 + .../multi-user.target.wants/reflector.service | 1 + .../systemd-networkd.service | 1 + .../systemd-resolved.service | 1 + .../systemd-networkd-wait-online.service | 1 + .../etc/systemd/system/pacman-init.service | 6 +- .../airootfs/etc/systemd/system/reflector.service | 44 ++++++++ .../sockets.target.wants/systemd-networkd.socket | 1 + .../wait-for-only-one-interface.conf | 6 ++ .../airootfs/root/.automated_script.sh | 4 +- .../airootfs/root/customize_airootfs.sh | 25 +---- configs/talkingparabola/airootfs/root/install.txt | 2 - .../airootfs/usr/bin/livecd-alsa-unmuter | 4 + .../talkingparabola/airootfs/usr/bin/pick-a-card | 9 +- .../airootfs/usr/local/bin/Installation_guide | 5 + .../airootfs/usr/local/bin/choose-mirror | 28 +++++ 41 files changed, 373 insertions(+), 95 deletions(-) create mode 120000 configs/talkingparabola/airootfs/etc/localtime create mode 100644 configs/talkingparabola/airootfs/etc/mkinitcpio.conf create mode 100644 configs/talkingparabola/airootfs/etc/mkinitcpio.d/linux-libre.preset delete mode 100644 configs/talkingparabola/airootfs/etc/pam.d/su create mode 100644 configs/talkingparabola/airootfs/etc/passwd create mode 100644 configs/talkingparabola/airootfs/etc/shadow create mode 100644 configs/talkingparabola/airootfs/etc/ssh/sshd_config create mode 100644 configs/talkingparabola/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf create mode 100644 configs/talkingparabola/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf create mode 100644 configs/talkingparabola/airootfs/etc/systemd/network/20-ethernet.network create mode 100644 configs/talkingparabola/airootfs/etc/systemd/network/20-wireless.network delete mode 100644 configs/talkingparabola/airootfs/etc/systemd/network/ethernet.network delete mode 100644 configs/talkingparabola/airootfs/etc/systemd/network/wireless.network delete mode 100755 configs/talkingparabola/airootfs/etc/systemd/scripts/choose-mirror create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/brltty.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.network1.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/iwd.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service create mode 100644 configs/talkingparabola/airootfs/etc/systemd/system/reflector.service create mode 120000 configs/talkingparabola/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket create mode 100644 configs/talkingparabola/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf delete mode 100644 configs/talkingparabola/airootfs/root/install.txt create mode 100755 configs/talkingparabola/airootfs/usr/local/bin/Installation_guide create mode 100755 configs/talkingparabola/airootfs/usr/local/bin/choose-mirror (limited to 'configs/talkingparabola/airootfs') diff --git a/configs/talkingparabola/airootfs/etc/hostname b/configs/talkingparabola/airootfs/etc/hostname index 8aaf41b..5178d59 100644 --- a/configs/talkingparabola/airootfs/etc/hostname +++ b/configs/talkingparabola/airootfs/etc/hostname @@ -1 +1,3 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later parabolaiso diff --git a/configs/talkingparabola/airootfs/etc/locale.conf b/configs/talkingparabola/airootfs/etc/locale.conf index 01ec548..9bf7aef 100644 --- a/configs/talkingparabola/airootfs/etc/locale.conf +++ b/configs/talkingparabola/airootfs/etc/locale.conf @@ -1 +1,4 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + LANG=en_US.UTF-8 diff --git a/configs/talkingparabola/airootfs/etc/localtime b/configs/talkingparabola/airootfs/etc/localtime new file mode 120000 index 0000000..0e35b57 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/localtime @@ -0,0 +1 @@ +/usr/share/zoneinfo/UTC \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/mkinitcpio.conf b/configs/talkingparabola/airootfs/etc/mkinitcpio.conf new file mode 100644 index 0000000..aa45b33 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/mkinitcpio.conf @@ -0,0 +1,69 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# vim:set ft=sh +# MODULES +# The following modules are loaded before any boot hooks are +# run. Advanced users may wish to specify all system modules +# in this array. For instance: +# MODULES=(piix ide_disk reiserfs) +MODULES=() + +# BINARIES +# This setting includes any additional binaries a given user may +# wish into the CPIO image. This is run last, so it may be used to +# override the actual binaries included by a given hook +# BINARIES are dependency parsed, so you may safely ignore libraries +BINARIES=() + +# FILES +# This setting is similar to BINARIES above, however, files are added +# as-is and are not parsed in any way. This is useful for config files. +FILES=() + +# HOOKS +# This is the most important setting in this file. The HOOKS control the +# modules and scripts added to the image, and what happens at boot time. +# Order is important, and it is recommended that you do not change the +# order in which HOOKS are added. Run 'mkinitcpio -H ' for +# help on a given hook. +# 'base' is _required_ unless you know precisely what you are doing. +# 'udev' is _required_ in order to automatically load modules +# 'filesystems' is _required_ unless you specify your fs modules in MODULES +# Examples: +## This setup specifies all modules in the MODULES setting above. +## No raid, lvm2, or encrypted root is needed. +# HOOKS=(base) +# +## This setup will autodetect all modules for your system and should +## work as a sane default +# HOOKS=(base udev autodetect block filesystems) +# +## This setup will generate a 'full' image which supports most systems. +## No autodetection is done. +# HOOKS=(base udev block filesystems) +# +## This setup assembles a pata mdadm array with an encrypted root FS. +## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. +# HOOKS=(base udev block mdadm encrypt filesystems) +# +## This setup loads an lvm2 volume group on a usb device. +# HOOKS=(base udev block lvm2 filesystems) +# +## NOTE: If you have /usr on a separate partition, you MUST include the +# usr, fsck and shutdown hooks. +HOOKS=(base udev memdisk parabolaiso_shutdown parabolaiso parabolaiso_loop_mnt parabolaiso_pxe_common parabolaiso_pxe_nbd parabolaiso_pxe_http parabolaiso_pxe_nfs parabolaiso_kms block filesystems keyboard) + +# COMPRESSION +# Use this to compress the initramfs image. By default, gzip compression +# is used. Use 'cat' to create an uncompressed image. +#COMPRESSION="gzip" +#COMPRESSION="bzip2" +#COMPRESSION="lzma" +COMPRESSION="xz" +#COMPRESSION="lzop" +#COMPRESSION="lz4" + +# COMPRESSION_OPTIONS +# Additional options for the compressor +#COMPRESSION_OPTIONS=() diff --git a/configs/talkingparabola/airootfs/etc/mkinitcpio.d/linux-libre.preset b/configs/talkingparabola/airootfs/etc/mkinitcpio.d/linux-libre.preset new file mode 100644 index 0000000..782d1cd --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/mkinitcpio.d/linux-libre.preset @@ -0,0 +1,11 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# mkinitcpio preset file for the 'linux-libre' package on parabolaiso + +PRESETS=('parabolaiso') + +ALL_kver='/boot/vmlinuz-linux-libre' +ALL_config='/etc/mkinitcpio.conf' + +parabolaiso_image="/boot/parabolaiso.img" diff --git a/configs/talkingparabola/airootfs/etc/motd b/configs/talkingparabola/airootfs/etc/motd index e4c893c..4c7a45d 100644 --- a/configs/talkingparabola/airootfs/etc/motd +++ b/configs/talkingparabola/airootfs/etc/motd @@ -1,14 +1,9 @@ +To install Parabola GNU/Linux-libre follow the installation guide: +https://wiki.parabola.nu/Installation_Guide -=============================================================================== +For Wi-Fi, authenticate to the wireless network using the iwctl utility. +Ethernet and Wi-Fi connections using DHCP should work automatically. - Parabola GNU/Linux-libre live media _DATE_ +After connecting to the internet, the installation guide can be accessed +via the convenience script Installation_guide. - To install Parabola, the system must be connected to the internet. - For instructions, enter this command: - less install.txt - - Press the function keys while holding Alt to switch virtual terminals. - This allows entering commands without closing less. - -=============================================================================== - diff --git a/configs/talkingparabola/airootfs/etc/pam.d/su b/configs/talkingparabola/airootfs/etc/pam.d/su deleted file mode 100644 index a291042..0000000 --- a/configs/talkingparabola/airootfs/etc/pam.d/su +++ /dev/null @@ -1,6 +0,0 @@ -#%PAM-1.0 -auth sufficient pam_rootok.so -auth sufficient pam_wheel.so trust use_uid -auth required pam_unix.so -account required pam_unix.so -session required pam_unix.so diff --git a/configs/talkingparabola/airootfs/etc/passwd b/configs/talkingparabola/airootfs/etc/passwd new file mode 100644 index 0000000..2807d5d --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/passwd @@ -0,0 +1 @@ +root:x:0:0:root:/root:/usr/bin/zsh diff --git a/configs/talkingparabola/airootfs/etc/shadow b/configs/talkingparabola/airootfs/etc/shadow new file mode 100644 index 0000000..7edfd69 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/shadow @@ -0,0 +1 @@ +root::14871:::::: diff --git a/configs/talkingparabola/airootfs/etc/ssh/sshd_config b/configs/talkingparabola/airootfs/etc/ssh/sshd_config new file mode 100644 index 0000000..8ef1758 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/ssh/sshd_config @@ -0,0 +1,116 @@ +# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no # pam does that +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib/ssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/configs/talkingparabola/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf b/configs/talkingparabola/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf new file mode 100644 index 0000000..3104779 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf @@ -0,0 +1,5 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Journal] +Storage=volatile diff --git a/configs/talkingparabola/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf b/configs/talkingparabola/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf new file mode 100644 index 0000000..c6b17a4 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf @@ -0,0 +1,7 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Login] +HandleSuspendKey=ignore +HandleHibernateKey=ignore +HandleLidSwitch=ignore diff --git a/configs/talkingparabola/airootfs/etc/systemd/network/20-ethernet.network b/configs/talkingparabola/airootfs/etc/systemd/network/20-ethernet.network new file mode 100644 index 0000000..efa309c --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/network/20-ethernet.network @@ -0,0 +1,13 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Match] +Name=en* +Name=eth* + +[Network] +DHCP=yes +IPv6PrivacyExtensions=yes + +[DHCP] +RouteMetric=512 diff --git a/configs/talkingparabola/airootfs/etc/systemd/network/20-wireless.network b/configs/talkingparabola/airootfs/etc/systemd/network/20-wireless.network new file mode 100644 index 0000000..bf9ab9d --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/network/20-wireless.network @@ -0,0 +1,13 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Match] +Name=wlp* +Name=wlan* + +[Network] +DHCP=yes +IPv6PrivacyExtensions=yes + +[DHCP] +RouteMetric=1024 diff --git a/configs/talkingparabola/airootfs/etc/systemd/network/ethernet.network b/configs/talkingparabola/airootfs/etc/systemd/network/ethernet.network deleted file mode 100644 index 5e9f0b7..0000000 --- a/configs/talkingparabola/airootfs/etc/systemd/network/ethernet.network +++ /dev/null @@ -1,11 +0,0 @@ -[Match] -Name=en* -Name=eth* - -[Network] -DHCP=ipv4 -IPv6PrivacyExtensions=yes -IPv6AcceptRA=false - -[DHCP] -RouteMetric=512 diff --git a/configs/talkingparabola/airootfs/etc/systemd/network/wireless.network b/configs/talkingparabola/airootfs/etc/systemd/network/wireless.network deleted file mode 100644 index 5a6da15..0000000 --- a/configs/talkingparabola/airootfs/etc/systemd/network/wireless.network +++ /dev/null @@ -1,11 +0,0 @@ -[Match] -Name=wlp* -Name=wlan* - -[Network] -DHCP=ipv4 -IPv6PrivacyExtensions=yes -IPv6AcceptRA=false - -[DHCP] -RouteMetric=1024 diff --git a/configs/talkingparabola/airootfs/etc/systemd/scripts/choose-mirror b/configs/talkingparabola/airootfs/etc/systemd/scripts/choose-mirror deleted file mode 100755 index 13c9f69..0000000 --- a/configs/talkingparabola/airootfs/etc/systemd/scripts/choose-mirror +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -get_cmdline() { - local param - for param in $(< /proc/cmdline); do - case "${param}" in - $1=*) echo "${param##*=}"; - return 0 - ;; - esac - done -} - -mirror=$(get_cmdline mirror) -[[ $mirror = auto ]] && mirror=$(get_cmdline parabolaiso_http_srv) -[[ $mirror ]] || exit 0 - -mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig -cat >/etc/pacman.d/mirrorlist << EOF -# -# Parabola GNU/Linux-libre repository mirrorlist -# Generated by parabolaiso -# - -Server = ${mirror%%/}/\$repo/os/\$arch -EOF diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/brltty.service b/configs/talkingparabola/airootfs/etc/systemd/system/brltty.service new file mode 120000 index 0000000..f466627 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/brltty.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/brltty.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/choose-mirror.service b/configs/talkingparabola/airootfs/etc/systemd/system/choose-mirror.service index 1e4d771..b3e4847 100644 --- a/configs/talkingparabola/airootfs/etc/systemd/system/choose-mirror.service +++ b/configs/talkingparabola/airootfs/etc/systemd/system/choose-mirror.service @@ -1,10 +1,13 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + [Unit] Description=Choose mirror from the kernel command line ConditionKernelCommandLine=mirror [Service] Type=oneshot -ExecStart=/etc/systemd/scripts/choose-mirror +ExecStart=/usr/local/bin/choose-mirror [Install] WantedBy=multi-user.target diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.network1.service b/configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.network1.service new file mode 120000 index 0000000..4c158e6 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.network1.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service b/configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service new file mode 120000 index 0000000..4f6ae34 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-resolved.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount b/configs/talkingparabola/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount index 4eab551..f86a91d 100644 --- a/configs/talkingparabola/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount +++ b/configs/talkingparabola/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount @@ -1,3 +1,6 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + [Unit] Description=Temporary /etc/pacman.d/gnupg directory diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf b/configs/talkingparabola/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf index d1d8474..370735f 100644 --- a/configs/talkingparabola/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf +++ b/configs/talkingparabola/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf @@ -1,3 +1,6 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + [Service] ExecStart= ExecStart=-/sbin/agetty --autologin root --noclear %I 38400 linux diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service new file mode 120000 index 0000000..2d8d256 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service @@ -0,0 +1 @@ +../choose-mirror.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/iwd.service b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/iwd.service new file mode 120000 index 0000000..3625abd --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/iwd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/iwd.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service new file mode 120000 index 0000000..d09eec6 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service @@ -0,0 +1 @@ +../pacman-init.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service new file mode 120000 index 0000000..f5071ce --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service @@ -0,0 +1 @@ +../reflector.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service new file mode 120000 index 0000000..4c158e6 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service new file mode 120000 index 0000000..4f6ae34 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-resolved.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service b/configs/talkingparabola/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service new file mode 120000 index 0000000..7d6ad92 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd-wait-online.service \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/pacman-init.service b/configs/talkingparabola/airootfs/etc/systemd/system/pacman-init.service index 3414ebc..6e9b84d 100644 --- a/configs/talkingparabola/airootfs/etc/systemd/system/pacman-init.service +++ b/configs/talkingparabola/airootfs/etc/systemd/system/pacman-init.service @@ -1,3 +1,6 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + [Unit] Description=Initializes Pacman keyring Wants=haveged.service @@ -9,8 +12,7 @@ After=etc-pacman.d-gnupg.mount Type=oneshot RemainAfterExit=yes ExecStart=/usr/bin/pacman-key --init -ExecStart=/usr/bin/pacman-key --populate archlinux -ExecStart=/usr/bin/pacman-key --populate parabola +ExecStart=/usr/bin/pacman-key --populate parabola archlinux archlinux32 [Install] WantedBy=multi-user.target diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/reflector.service b/configs/talkingparabola/airootfs/etc/systemd/system/reflector.service new file mode 100644 index 0000000..4058e36 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/reflector.service @@ -0,0 +1,44 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Unit] +Description=pacman mirrorlist update +Wants=network-online.target +After=network-online.target nss-lookup.target +ConditionKernelCommandLine=!mirror + +[Service] +Type=oneshot +ExecStart=/usr/bin/reflector --protocol https --latest 70 --sort rate --save /etc/pacman.d/mirrorlist +Restart=on-failure +RestartSec=10 +CacheDirectory=reflector +CapabilityBoundingSet=~CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_IPC_OWNER CAP_NET_ADMIN CAP_SYS_TIME CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE CAP_KILL CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_RESOURCE CAP_MAC_ADMIN CAP_MAC_OVERRIDE CAP_SYS_BOOT CAP_LINUX_IMMUTABLE CAP_IPC_LOCK CAP_SYS_CHROOT CAP_BLOCK_SUSPEND CAP_LEASE CAP_SYS_PACCT CAP_SYS_TTY_CONFIG CAP_WAKE_ALARM +Environment=XDG_CACHE_HOME=/var/cache/reflector +LockPersonality=true +MemoryDenyWriteExecute=true +NoNewPrivileges=true +PrivateDevices=true +PrivateTmp=true +PrivateUsers=true +ProtectClock=true +ProtectControlGroups=true +ProtectHome=true +ProtectHostname=true +ProtectKernelTunables=true +ProtectKernelLogs=true +ProtectKernelModules=true +ProtectSystem=strict +ReadWritePaths=/etc/pacman.d/mirrorlist +RemoveIPC=true +RestrictAddressFamilies=~AF_AX25 AF_IPX AF_APPLETALK AF_X25 AF_DECnet AF_KEY AF_NETLINK AF_PACKET AF_RDS AF_PPPOX AF_LLC AF_IB AF_MPLS AF_CAN AF_TIPC AF_BLUETOOTH AF_ALG AF_VSOCK AF_KCM AF_UNIX AF_XDP +RestrictNamespaces=true +RestrictRealtime=true +RestrictSUIDSGID=true +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallFilter=~@resources @privileged +UMask=177 + +[Install] +WantedBy=multi-user.target diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket b/configs/talkingparabola/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket new file mode 120000 index 0000000..51942c8 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd.socket \ No newline at end of file diff --git a/configs/talkingparabola/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf b/configs/talkingparabola/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf new file mode 100644 index 0000000..1b4c091 --- /dev/null +++ b/configs/talkingparabola/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf @@ -0,0 +1,6 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Service] +ExecStart= +ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any diff --git a/configs/talkingparabola/airootfs/root/.automated_script.sh b/configs/talkingparabola/airootfs/root/.automated_script.sh index aaf5583..ed3a924 100755 --- a/configs/talkingparabola/airootfs/root/.automated_script.sh +++ b/configs/talkingparabola/airootfs/root/.automated_script.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash script_cmdline () { @@ -16,7 +16,7 @@ automated_script () script="$(script_cmdline)" if [[ -n "${script}" && ! -x /tmp/startup_script ]]; then if [[ "${script}" =~ ^((http|https|ftp)://) ]]; then - wget "${script}" --retry-connrefused -q -O /tmp/startup_script >/dev/null + curl "${script}" --retry-connrefused -s -o /tmp/startup_script >/dev/null rt=$? else cp "${script}" /tmp/startup_script diff --git a/configs/talkingparabola/airootfs/root/customize_airootfs.sh b/configs/talkingparabola/airootfs/root/customize_airootfs.sh index 66679b2..c72644a 100755 --- a/configs/talkingparabola/airootfs/root/customize_airootfs.sh +++ b/configs/talkingparabola/airootfs/root/customize_airootfs.sh @@ -1,27 +1,12 @@ -#!/bin/bash +#!/usr/bin/env bash +# +# SPDX-License-Identifier: GPL-3.0-or-later set -e -u +echo 'Warning: customize_airootfs.sh is deprecated! Support for it will be removed in a future parabolaiso version.' + sed -i 's/#\(en_US\.UTF-8\)/\1/' /etc/locale.gen locale-gen -ln -sf /usr/share/zoneinfo/UTC /etc/localtime - -usermod -s /usr/bin/zsh root -cp -aT /etc/skel/ /root/ -chmod 700 /root -# unset the root password -passwd -d root - -sed -i 's/#\(PermitRootLogin \).\+/\1yes/' /etc/ssh/sshd_config sed -i "s/#Server/Server/g" /etc/pacman.d/mirrorlist -sed -i 's/#\(Storage=\)auto/\1volatile/' /etc/systemd/journald.conf - -sed -i 's/#\(HandleSuspendKey=\)suspend/\1ignore/' /etc/systemd/logind.conf -sed -i 's/#\(HandleHibernateKey=\)hibernate/\1ignore/' /etc/systemd/logind.conf -sed -i 's/#\(HandleLidSwitch=\)suspend/\1ignore/' /etc/systemd/logind.conf - -systemctl enable multi-user.target pacman-init.service choose-mirror.service systemd-networkd.service systemd-resolved.service livecd-alsa-unmuter.service brltty.service -systemctl set-default multi-user.target - -sed -i "s/_DATE_/$(date +%Y.%m.%d)/" /etc/motd diff --git a/configs/talkingparabola/airootfs/root/install.txt b/configs/talkingparabola/airootfs/root/install.txt deleted file mode 100644 index a594b97..0000000 --- a/configs/talkingparabola/airootfs/root/install.txt +++ /dev/null @@ -1,2 +0,0 @@ -View this installation guide online at -https://wiki.parabola.nu/Installation_Guide diff --git a/configs/talkingparabola/airootfs/usr/bin/livecd-alsa-unmuter b/configs/talkingparabola/airootfs/usr/bin/livecd-alsa-unmuter index 6de05a0..2a0d814 100755 --- a/configs/talkingparabola/airootfs/usr/bin/livecd-alsa-unmuter +++ b/configs/talkingparabola/airootfs/usr/bin/livecd-alsa-unmuter @@ -1,7 +1,11 @@ #!/bin/bash +# +# SPDX-License-Identifier: GPL-3.0-or-later # Properly initialize the sound card so that we have audio at boot. # This script is released under the GNU General Public License. + +# shellcheck disable=SC1091 source /usr/share/livecd-sound/functions preinit_levels all diff --git a/configs/talkingparabola/airootfs/usr/bin/pick-a-card b/configs/talkingparabola/airootfs/usr/bin/pick-a-card index 7f469e8..10f2f79 100755 --- a/configs/talkingparabola/airootfs/usr/bin/pick-a-card +++ b/configs/talkingparabola/airootfs/usr/bin/pick-a-card @@ -1,9 +1,12 @@ #!/bin/bash +# +# SPDX-License-Identifier: GPL-3.0-or-later # If there are multiple usable sound cards, prompt the user to choose one, # using auditory feedback. # This script is released under the GNU General Public License. +# shellcheck disable=SC1091 source /usr/share/livecd-sound/functions nwords() { @@ -12,7 +15,7 @@ nwords() { is_numeric() { local str=$1 - expr match "$str" '[[:digit:]]\+$' > /dev/null 2>&1 + expr "$str" : '[[:digit:]]\+$' > /dev/null 2>&1 } set_default_card() { @@ -28,7 +31,7 @@ play_on_card() { set -f usable_cards="$(list_non_pcsp_cards)" -num_usable_cards=$(nwords $usable_cards) +num_usable_cards=$(nwords "$usable_cards") if [ "$num_usable_cards" -eq 1 ]; then exit 0 @@ -47,7 +50,7 @@ for card in $usable_cards; do continue fi play_on_card "$card" /usr/share/livecd-sound/sounds/beep.wav - if read -t 10; then + if read -rt 10; then set_default_card "$card" break fi diff --git a/configs/talkingparabola/airootfs/usr/local/bin/Installation_guide b/configs/talkingparabola/airootfs/usr/local/bin/Installation_guide new file mode 100755 index 0000000..876fbd2 --- /dev/null +++ b/configs/talkingparabola/airootfs/usr/local/bin/Installation_guide @@ -0,0 +1,5 @@ +#!/bin/sh +# +# SPDX-License-Identifier: GPL-3.0-or-later + +exec lynx 'https://wiki.parabola.nu/Installation_Guide' diff --git a/configs/talkingparabola/airootfs/usr/local/bin/choose-mirror b/configs/talkingparabola/airootfs/usr/local/bin/choose-mirror new file mode 100755 index 0000000..e8f8254 --- /dev/null +++ b/configs/talkingparabola/airootfs/usr/local/bin/choose-mirror @@ -0,0 +1,28 @@ +#!/bin/bash +# +# SPDX-License-Identifier: GPL-3.0-or-later + +get_cmdline() { + local param + for param in $(< /proc/cmdline); do + case "${param}" in + $1=*) echo "${param##*=}"; + return 0 + ;; + esac + done +} + +mirror=$(get_cmdline mirror) +[[ $mirror = auto ]] && mirror=$(get_cmdline parabolaiso_http_srv) +[[ $mirror ]] || exit 0 + +mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig +cat >/etc/pacman.d/mirrorlist << EOF +# +# Parabola GNU/Linux-libre repository mirrorlist +# Generated by parabolaiso +# + +Server = ${mirror%%/}/\$repo/os/\$arch +EOF -- cgit v1.2.2