Fix optional shellcheck warnings

Additionally fix a few code style issues found with shfmt.
This commit is contained in:
nl6720 2022-12-06 14:20:30 +02:00
parent 40dbfcfaf0
commit 28a3a54c5f
No known key found for this signature in database
GPG Key ID: 5CE88535E188D369
7 changed files with 352 additions and 351 deletions

View File

@ -16,6 +16,10 @@ charset = utf-8
indent_style = space indent_style = space
indent_size = 4 indent_size = 4
max_line_length = 120 max_line_length = 120
# for shfmt
switch_case_indent = true
binary_next_line = true
[*.{yml,yaml}] [*.{yml,yaml}]
end_of_line = lf end_of_line = lf
@ -32,3 +36,6 @@ trim_trailing_whitespace = true
charset = utf-8 charset = utf-8
indent_style = space indent_style = space
indent_size = 2 indent_size = 2
[Makefile]
indent_style = tab

View File

@ -35,141 +35,142 @@ ca_key=""
pgp_key_id="" pgp_key_id=""
print_section_start() { print_section_start() {
# gitlab collapsible sections start: https://docs.gitlab.com/ee/ci/jobs/#custom-collapsible-sections # gitlab collapsible sections start: https://docs.gitlab.com/ee/ci/jobs/#custom-collapsible-sections
local _section _title local _section _title
_section="${1}" _section="${1}"
_title="${2}" _title="${2}"
printf "\e[0Ksection_start:%(%s)T:%s\r\e[0K%s\n" '-1' "${_section}" "${_title}" printf "\e[0Ksection_start:%(%s)T:%s\r\e[0K%s\n" '-1' "${_section}" "${_title}"
} }
print_section_end() { print_section_end() {
# gitlab collapsible sections end: https://docs.gitlab.com/ee/ci/jobs/#custom-collapsible-sections # gitlab collapsible sections end: https://docs.gitlab.com/ee/ci/jobs/#custom-collapsible-sections
local _section local _section
_section="${1}" _section="${1}"
printf "\e[0Ksection_end:%(%s)T:%s\r\e[0K\n" '-1' "${_section}" printf "\e[0Ksection_end:%(%s)T:%s\r\e[0K\n" '-1' "${_section}"
} }
cleanup() { cleanup() {
# clean up temporary directories # clean up temporary directories
print_section_start "cleanup" "Cleaning up temporary directory" print_section_start "cleanup" "Cleaning up temporary directory"
if [ -n "${tmpdir_base:-}" ]; then if [[ -n "${tmpdir_base:-}" ]]; then
rm -fr "${tmpdir_base}" rm -fr "${tmpdir_base}"
fi fi
print_section_end "cleanup" print_section_end "cleanup"
} }
create_checksums() { create_checksums() {
# create checksums for files # create checksums for files
# $@: files # $@: files
local _file_path _file_name _current_pwd local _file_path _file_name _current_pwd
_current_pwd="${PWD}" _current_pwd="${PWD}"
print_section_start "checksums" "Creating checksums" print_section_start "checksums" "Creating checksums"
for _file_path in "$@"; do for _file_path in "$@"; do
cd "$(dirname "${_file_path}")" cd "$(dirname "${_file_path}")"
_file_name="$(basename "${_file_path}")" _file_name="$(basename "${_file_path}")"
b2sum "${_file_name}" > "${_file_name}.b2" b2sum "${_file_name}" >"${_file_name}.b2"
md5sum "${_file_name}" > "${_file_name}.md5" md5sum "${_file_name}" >"${_file_name}.md5"
sha1sum "${_file_name}" > "${_file_name}.sha1" sha1sum "${_file_name}" >"${_file_name}.sha1"
sha256sum "${_file_name}" > "${_file_name}.sha256" sha256sum "${_file_name}" >"${_file_name}.sha256"
sha512sum "${_file_name}" > "${_file_name}.sha512" sha512sum "${_file_name}" >"${_file_name}.sha512"
ls -lah "${_file_name}."{b2,md5,sha{1,256,512}} ls -lah "${_file_name}."{b2,md5,sha{1,256,512}}
cat "${_file_name}."{b2,md5,sha{1,256,512}} cat "${_file_name}."{b2,md5,sha{1,256,512}}
done done
cd "${_current_pwd}" cd "${_current_pwd}"
print_section_end "checksums" print_section_end "checksums"
} }
create_zsync_delta() { create_zsync_delta() {
# create zsync control files for files # create zsync control files for files
# $@: files # $@: files
local _file local _file
print_section_start "zsync_delta" "Creating zsync delta" print_section_start "zsync_delta" "Creating zsync delta"
for _file in "$@"; do for _file in "$@"; do
if [[ "${buildmode}" == "bootstrap" ]]; then if [[ "${buildmode}" == "bootstrap" ]]; then
# zsyncmake fails on 'too long between blocks' with default block size on bootstrap image # zsyncmake fails on 'too long between blocks' with default block size on bootstrap image
zsyncmake -v -b 512 -C -u "${_file##*/}" -o "${_file}".zsync "${_file}" zsyncmake -v -b 512 -C -u "${_file##*/}" -o "${_file}".zsync "${_file}"
else else
zsyncmake -v -C -u "${_file##*/}" -o "${_file}".zsync "${_file}" zsyncmake -v -C -u "${_file##*/}" -o "${_file}".zsync "${_file}"
fi fi
done done
print_section_end "zsync_delta" print_section_end "zsync_delta"
} }
create_metrics() { create_metrics() {
local _metrics="${output}/metrics.txt" local _metrics="${output}/metrics.txt"
# create metrics # create metrics
print_section_start "metrics" "Creating metrics" print_section_start "metrics" "Creating metrics"
{ {
# create metrics based on buildmode # create metrics based on buildmode
case "${buildmode}" in case "${buildmode}" in
iso) iso)
printf 'image_size_mebibytes{image="%s"} %s\n' \ printf 'image_size_mebibytes{image="%s"} %s\n' \
"${profile}" \ "${profile}" \
"$(du -m -- "${output}/"*.iso | cut -f1)" "$(du -m -- "${output}/"*.iso | cut -f1)"
printf 'package_count{image="%s"} %s\n' \ printf 'package_count{image="%s"} %s\n' \
"${profile}" \ "${profile}" \
"$(sort -u -- "${tmpdir}/iso/"*/pkglist.*.txt | wc -l)" "$(sort -u -- "${tmpdir}/iso/"*/pkglist.*.txt | wc -l)"
if [[ -e "${tmpdir}/efiboot.img" ]]; then if [[ -e "${tmpdir}/efiboot.img" ]]; then
printf 'eltorito_efi_image_size_mebibytes{image="%s"} %s\n' \ printf 'eltorito_efi_image_size_mebibytes{image="%s"} %s\n' \
"${profile}" \ "${profile}" \
"$(du -m -- "${tmpdir}/efiboot.img" | cut -f1)" "$(du -m -- "${tmpdir}/efiboot.img" | cut -f1)"
fi fi
# shellcheck disable=SC2046 # shellcheck disable=SC2046
# shellcheck disable=SC2183 # shellcheck disable=SC2183
printf 'initramfs_size_mebibytes{image="%s",initramfs="%s"} %s\n' \ printf 'initramfs_size_mebibytes{image="%s",initramfs="%s"} %s\n' \
$(du -m -- "${tmpdir}/iso/"*/boot/**/initramfs*.img | \ $(
awk -v profile="${profile}" \ du -m -- "${tmpdir}/iso/"*/boot/**/initramfs*.img \
'function basename(file) { | awk -v profile="${profile}" \
sub(".*/", "", file) 'function basename(file) {
return file sub(".*/", "", file)
} return file
{ print profile, basename($2), $1 }' }
) { print profile, basename($2), $1 }'
;; )
netboot) ;;
printf 'netboot_size_mebibytes{image="%s"} %s\n' \ netboot)
"${profile}" \ printf 'netboot_size_mebibytes{image="%s"} %s\n' \
"$(du -m -- "${output}/${install_dir}/" | tail -n1 | cut -f1)" "${profile}" \
printf 'netboot_package_count{image="%s"} %s\n' \ "$(du -m -- "${output}/${install_dir}/" | tail -n1 | cut -f1)"
"${profile}" \ printf 'netboot_package_count{image="%s"} %s\n' \
"$(sort -u -- "${tmpdir}/iso/"*/pkglist.*.txt | wc -l)" "${profile}" \
;; "$(sort -u -- "${tmpdir}/iso/"*/pkglist.*.txt | wc -l)"
bootstrap) ;;
printf 'bootstrap_size_mebibytes{image="%s"} %s\n' \ bootstrap)
"${profile}" \ printf 'bootstrap_size_mebibytes{image="%s"} %s\n' \
"$(du -m -- "${output}/"*.tar*(.gz|.xz|.zst) | cut -f1)" "${profile}" \
printf 'bootstrap_package_count{image="%s"} %s\n' \ "$(du -m -- "${output}/"*.tar*(.gz|.xz|.zst) | cut -f1)"
"${profile}" \ printf 'bootstrap_package_count{image="%s"} %s\n' \
"$(sort -u -- "${tmpdir}/"*/bootstrap/root.*/pkglist.*.txt | wc -l)" "${profile}" \
;; "$(sort -u -- "${tmpdir}/"*/bootstrap/root.*/pkglist.*.txt | wc -l)"
esac ;;
} > "${_metrics}" esac
ls -lah "${_metrics}" } >"${_metrics}"
cat "${_metrics}" ls -lah "${_metrics}"
cat "${_metrics}"
print_section_end "metrics" print_section_end "metrics"
} }
create_ephemeral_pgp_key() { create_ephemeral_pgp_key() {
# create an ephemeral PGP key for signing the rootfs image # create an ephemeral PGP key for signing the rootfs image
print_section_start "ephemeral_pgp_key" "Creating ephemeral PGP key" print_section_start "ephemeral_pgp_key" "Creating ephemeral PGP key"
gnupg_homedir="$tmpdir/.gnupg" gnupg_homedir="$tmpdir/.gnupg"
mkdir -p "${gnupg_homedir}" mkdir -p "${gnupg_homedir}"
chmod 700 "${gnupg_homedir}" chmod 700 "${gnupg_homedir}"
cat << __EOF__ > "${gnupg_homedir}"/gpg.conf cat <<__EOF__ >"${gnupg_homedir}"/gpg.conf
quiet quiet
batch batch
no-tty no-tty
@ -180,7 +181,7 @@ armor
no-emit-version no-emit-version
__EOF__ __EOF__
gpg --homedir "${gnupg_homedir}" --gen-key <<EOF gpg --homedir "${gnupg_homedir}" --gen-key <<EOF
%echo Generating ephemeral Arch Linux release engineering key pair... %echo Generating ephemeral Arch Linux release engineering key pair...
Key-Type: default Key-Type: default
Key-Length: 3072 Key-Length: 3072
@ -194,63 +195,63 @@ Expire-Date: 0
%echo Done %echo Done
EOF EOF
pgp_key_id="$( pgp_key_id="$(
gpg --homedir "${gnupg_homedir}" \ gpg --homedir "${gnupg_homedir}" \
--list-secret-keys \ --list-secret-keys \
--with-colons \ --with-colons \
| awk -F':' '{if($1 ~ /sec/){ print $5 }}' | awk -F':' '{if($1 ~ /sec/){ print $5 }}'
)" )"
pgp_sender="Arch Linux Release Engineering (Ephemeral Signing Key) <arch-releng@lists.archlinux.org>" pgp_sender="Arch Linux Release Engineering (Ephemeral Signing Key) <arch-releng@lists.archlinux.org>"
print_section_end "ephemeral_pgp_key" print_section_end "ephemeral_pgp_key"
} }
create_ephemeral_codesigning_keys() { create_ephemeral_codesigning_keys() {
# create ephemeral certificates used for codesigning # create ephemeral certificates used for codesigning
print_section_start "ephemeral_codesigning_key" "Creating ephemeral codesigning keys" print_section_start "ephemeral_codesigning_key" "Creating ephemeral codesigning keys"
# The exact steps in creating a CA with Codesigning being signed was taken from # The exact steps in creating a CA with Codesigning being signed was taken from
# https://jamielinux.com/docs/openssl-certificate-authority/introduction.html # https://jamielinux.com/docs/openssl-certificate-authority/introduction.html
# (slight modifications to the process to not disturb default values of /etc/ssl/openssl.cnf) # (slight modifications to the process to not disturb default values of /etc/ssl/openssl.cnf)
codesigning_dir="${tmpdir}/.codesigning/" codesigning_dir="${tmpdir}/.codesigning/"
local ca_dir="${codesigning_dir}/ca/" local ca_dir="${codesigning_dir}/ca/"
local ca_conf="${ca_dir}/certificate_authority.cnf" local ca_conf="${ca_dir}/certificate_authority.cnf"
local ca_subj="/C=DE/ST=Berlin/L=Berlin/O=Arch Linux/OU=Release Engineering/CN=archlinux.org" local ca_subj="/C=DE/ST=Berlin/L=Berlin/O=Arch Linux/OU=Release Engineering/CN=archlinux.org"
ca_cert="${ca_dir}/cacert.pem" ca_cert="${ca_dir}/cacert.pem"
ca_key="${ca_dir}/private/cakey.pem" ca_key="${ca_dir}/private/cakey.pem"
local codesigning_conf="${codesigning_dir}/code_signing.cnf" local codesigning_conf="${codesigning_dir}/code_signing.cnf"
local codesigning_subj="/C=DE/ST=Berlin/L=Berlin/O=Arch Linux/OU=Release Engineering/CN=archlinux.org" local codesigning_subj="/C=DE/ST=Berlin/L=Berlin/O=Arch Linux/OU=Release Engineering/CN=archlinux.org"
codesigning_cert="${codesigning_dir}/codesign.crt" codesigning_cert="${codesigning_dir}/codesign.crt"
codesigning_key="${codesigning_dir}/codesign.key" codesigning_key="${codesigning_dir}/codesign.key"
mkdir -p "${ca_dir}/"{private,newcerts,crl} mkdir -p "${ca_dir}/"{private,newcerts,crl}
mkdir -p "${codesigning_dir}" mkdir -p "${codesigning_dir}"
cp -- /etc/ssl/openssl.cnf "${codesigning_conf}" cp -- /etc/ssl/openssl.cnf "${codesigning_conf}"
cp -- /etc/ssl/openssl.cnf "${ca_conf}" cp -- /etc/ssl/openssl.cnf "${ca_conf}"
touch "${ca_dir}/index.txt" touch "${ca_dir}/index.txt"
echo "1000" > "${ca_dir}/serial" echo "1000" >"${ca_dir}/serial"
# Prepare the ca configuration for the change in directory # Prepare the ca configuration for the change in directory
sed -i "s#/etc/ssl#${ca_dir}#g" "${ca_conf}" sed -i "s#/etc/ssl#${ca_dir}#g" "${ca_conf}"
# Create the Certificate Authority # Create the Certificate Authority
openssl req \ openssl req \
-newkey rsa:4096 \ -newkey rsa:4096 \
-sha256 \ -sha256 \
-nodes \ -nodes \
-x509 \ -x509 \
-new \ -new \
-sha256 \ -sha256 \
-keyout "${ca_key}" \ -keyout "${ca_key}" \
-config "${ca_conf}" \ -config "${ca_conf}" \
-subj "${ca_subj}" \ -subj "${ca_subj}" \
-out "${ca_cert}" -out "${ca_cert}"
cat << EOF >> "${ca_conf}" cat <<EOF >>"${ca_conf}"
[ v3_intermediate_ca ] [ v3_intermediate_ca ]
# Extensions for a typical intermediate CA ('man x509v3_config'). # Extensions for a typical intermediate CA ('man x509v3_config').
@ -261,7 +262,7 @@ keyUsage = critical, digitalSignature, cRLSign, keyCertSign
EOF EOF
cat << EOF >> "${codesigning_conf}" cat <<EOF >>"${codesigning_conf}"
[codesigning] [codesigning]
keyUsage=digitalSignature keyUsage=digitalSignature
@ -269,65 +270,65 @@ extendedKeyUsage=codeSigning, clientAuth, emailProtection
EOF EOF
openssl req \ openssl req \
-newkey rsa:4096 \ -newkey rsa:4096 \
-keyout "${codesigning_key}" \ -keyout "${codesigning_key}" \
-nodes \ -nodes \
-sha256 \ -sha256 \
-out "${codesigning_cert}.csr" \ -out "${codesigning_cert}.csr" \
-config "${codesigning_conf}" \ -config "${codesigning_conf}" \
-subj "${codesigning_subj}" \ -subj "${codesigning_subj}" \
-extensions codesigning -extensions codesigning
# Sign the code signing certificate with the CA # Sign the code signing certificate with the CA
openssl ca \ openssl ca \
-batch \ -batch \
-config "${ca_conf}" \ -config "${ca_conf}" \
-extensions v3_intermediate_ca \ -extensions v3_intermediate_ca \
-days 3650 \ -days 3650 \
-notext \ -notext \
-md sha256 \ -md sha256 \
-in "${codesigning_cert}.csr" \ -in "${codesigning_cert}.csr" \
-out "${codesigning_cert}" -out "${codesigning_cert}"
print_section_end "ephemeral_codesigning_key" print_section_end "ephemeral_codesigning_key"
} }
run_mkarchiso() { run_mkarchiso() {
# run mkarchiso # run mkarchiso
create_ephemeral_pgp_key create_ephemeral_pgp_key
create_ephemeral_codesigning_keys create_ephemeral_codesigning_keys
print_section_start "mkarchiso" "Running mkarchiso" print_section_start "mkarchiso" "Running mkarchiso"
mkdir -p "${output}/" "${tmpdir}/" mkdir -p "${output}/" "${tmpdir}/"
GNUPGHOME="${gnupg_homedir}" ./archiso/mkarchiso \ GNUPGHOME="${gnupg_homedir}" ./archiso/mkarchiso \
-D "${install_dir}" \ -D "${install_dir}" \
-c "${codesigning_cert} ${codesigning_key} ${ca_cert}" \ -c "${codesigning_cert} ${codesigning_key} ${ca_cert}" \
-g "${pgp_key_id}" \ -g "${pgp_key_id}" \
-G "${pgp_sender}" \ -G "${pgp_sender}" \
-o "${output}/" \ -o "${output}/" \
-w "${tmpdir}/" \ -w "${tmpdir}/" \
-m "${buildmode}" \ -m "${buildmode}" \
-v "configs/${profile}" -v "configs/${profile}"
print_section_end "mkarchiso" print_section_end "mkarchiso"
if [[ "${buildmode}" =~ "iso" ]]; then if [[ "${buildmode}" =~ "iso" ]]; then
create_zsync_delta "${output}/"*.iso create_zsync_delta "${output}/"*.iso
create_checksums "${output}/"*.iso create_checksums "${output}/"*.iso
fi fi
if [[ "${buildmode}" == "bootstrap" ]]; then if [[ "${buildmode}" == "bootstrap" ]]; then
create_zsync_delta "${output}/"*.tar*(.gz|.xz|.zst) create_zsync_delta "${output}/"*.tar*(.gz|.xz|.zst)
create_checksums "${output}/"*.tar*(.gz|.xz|.zst) create_checksums "${output}/"*.tar*(.gz|.xz|.zst)
fi fi
create_metrics create_metrics
print_section_start "ownership" "Setting ownership on output" print_section_start "ownership" "Setting ownership on output"
if [[ -n "${SUDO_UID:-}" ]] && [[ -n "${SUDO_GID:-}" ]]; then if [[ -n "${SUDO_UID:-}" ]] && [[ -n "${SUDO_GID:-}" ]]; then
chown -Rv "${SUDO_UID}:${SUDO_GID}" -- "${output}" chown -Rv "${SUDO_UID}:${SUDO_GID}" -- "${output}"
fi fi
print_section_end "ownership" print_section_end "ownership"
} }
trap cleanup EXIT trap cleanup EXIT

View File

@ -169,7 +169,7 @@ _cleanup_pacstrap_dir() {
# Create /etc/machine-id with special value 'uninitialized': the final id is # Create /etc/machine-id with special value 'uninitialized': the final id is
# generated on first boot, systemd's first-boot mechanism applies (see machine-id(5)) # generated on first boot, systemd's first-boot mechanism applies (see machine-id(5))
rm -f -- "${pacstrap_dir}/etc/machine-id" rm -f -- "${pacstrap_dir}/etc/machine-id"
printf 'uninitialized\n' > "${pacstrap_dir}/etc/machine-id" printf 'uninitialized\n' >"${pacstrap_dir}/etc/machine-id"
_msg_info "Done!" _msg_info "Done!"
} }
@ -204,7 +204,7 @@ _mkairootfs_ext4+squashfs() {
[[ ! "${quiet}" == "y" ]] || mkfs_ext4_options+=('-q') [[ ! "${quiet}" == "y" ]] || mkfs_ext4_options+=('-q')
rm -f -- "${pacstrap_dir}.img" rm -f -- "${pacstrap_dir}.img"
E2FSPROGS_FAKE_TIME="${SOURCE_DATE_EPOCH}" mkfs.ext4 "${mkfs_ext4_options[@]}" -- "${pacstrap_dir}.img" 32G E2FSPROGS_FAKE_TIME="${SOURCE_DATE_EPOCH}" mkfs.ext4 "${mkfs_ext4_options[@]}" -- "${pacstrap_dir}.img" 32G
tune2fs -c 0 -i 0 -- "${pacstrap_dir}.img" > /dev/null tune2fs -c 0 -i 0 -- "${pacstrap_dir}.img" >/dev/null
_msg_info "Done!" _msg_info "Done!"
install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}" install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
@ -245,9 +245,9 @@ _mkchecksum() {
_msg_info "Creating checksum file for self-test..." _msg_info "Creating checksum file for self-test..."
cd -- "${isofs_dir}/${install_dir}/${arch}" cd -- "${isofs_dir}/${install_dir}/${arch}"
if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then
sha512sum airootfs.sfs > airootfs.sha512 sha512sum airootfs.sfs >airootfs.sha512
elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then
sha512sum airootfs.erofs > airootfs.sha512 sha512sum airootfs.erofs >airootfs.sha512
fi fi
cd -- "${OLDPWD}" cd -- "${OLDPWD}"
_msg_info "Done!" _msg_info "Done!"
@ -280,12 +280,12 @@ _run_once() {
# Set up custom pacman.conf with custom cache and pacman hook directories. # Set up custom pacman.conf with custom cache and pacman hook directories.
_make_pacman_conf() { _make_pacman_conf() {
local _cache_dirs _system_cache_dirs _profile_cache_dirs local _cache_dirs _system_cache_dirs _profile_cache_dirs
_system_cache_dirs="$(pacman-conf CacheDir| tr '\n' ' ')" _system_cache_dirs="$(pacman-conf CacheDir | tr '\n' ' ')"
_profile_cache_dirs="$(pacman-conf --config "${pacman_conf}" CacheDir| tr '\n' ' ')" _profile_cache_dirs="$(pacman-conf --config "${pacman_conf}" CacheDir | tr '\n' ' ')"
# Only use the profile's CacheDir, if it is not the default and not the same as the system cache dir. # Only use the profile's CacheDir, if it is not the default and not the same as the system cache dir.
if [[ "${_profile_cache_dirs}" != "/var/cache/pacman/pkg" ]] && \ if [[ "${_profile_cache_dirs}" != "/var/cache/pacman/pkg" ]] \
[[ "${_system_cache_dirs}" != "${_profile_cache_dirs}" ]]; then && [[ "${_system_cache_dirs}" != "${_profile_cache_dirs}" ]]; then
_cache_dirs="${_profile_cache_dirs}" _cache_dirs="${_profile_cache_dirs}"
else else
_cache_dirs="${_system_cache_dirs}" _cache_dirs="${_system_cache_dirs}"
@ -297,9 +297,9 @@ _make_pacman_conf() {
# append CacheDir and HookDir to [options] section # append CacheDir and HookDir to [options] section
# HookDir is *always* set to the airootfs' override directory # HookDir is *always* set to the airootfs' override directory
# see `man 8 pacman` for further info # see `man 8 pacman` for further info
pacman-conf --config "${pacman_conf}" | \ pacman-conf --config "${pacman_conf}" \
sed "/CacheDir/d;/DBPath/d;/HookDir/d;/LogFile/d;/RootDir/d;/\[options\]/a CacheDir = ${_cache_dirs} | sed "/CacheDir/d;/DBPath/d;/HookDir/d;/LogFile/d;/RootDir/d;/\[options\]/a CacheDir = ${_cache_dirs}
/\[options\]/a HookDir = ${pacstrap_dir}/etc/pacman.d/hooks/" > "${work_dir}/${buildmode}.pacman.conf" /\[options\]/a HookDir = ${pacstrap_dir}/etc/pacman.d/hooks/" >"${work_dir}/${buildmode}.pacman.conf"
} }
# Prepare working directory and copy custom root file system files. # Prepare working directory and copy custom root file system files.
@ -314,7 +314,7 @@ _make_custom_airootfs() {
cp -af --no-preserve=ownership,mode -- "${profile}/airootfs/." "${pacstrap_dir}" cp -af --no-preserve=ownership,mode -- "${profile}/airootfs/." "${pacstrap_dir}"
# Set ownership and mode for files and directories # Set ownership and mode for files and directories
for filename in "${!file_permissions[@]}"; do for filename in "${!file_permissions[@]}"; do
IFS=':' read -ra permissions <<< "${file_permissions["${filename}"]}" IFS=':' read -ra permissions <<<"${file_permissions["${filename}"]}"
# Prevent file path traversal outside of $pacstrap_dir # Prevent file path traversal outside of $pacstrap_dir
if [[ "$(realpath -q -- "${pacstrap_dir}${filename}")" != "${pacstrap_dir}"* ]]; then if [[ "$(realpath -q -- "${pacstrap_dir}${filename}")" != "${pacstrap_dir}"* ]]; then
_msg_error "Failed to set permissions on '${pacstrap_dir}${filename}'. Outside of valid path." 1 _msg_error "Failed to set permissions on '${pacstrap_dir}${filename}'. Outside of valid path." 1
@ -355,7 +355,7 @@ _make_packages() {
# Unset TMPDIR to work around https://bugs.archlinux.org/task/70580 # Unset TMPDIR to work around https://bugs.archlinux.org/task/70580
if [[ "${quiet}" = "y" ]]; then if [[ "${quiet}" = "y" ]]; then
env -u TMPDIR pacstrap -C "${work_dir}/${buildmode}.pacman.conf" -c -G -M -- "${pacstrap_dir}" "${buildmode_pkg_list[@]}" &> /dev/null env -u TMPDIR pacstrap -C "${work_dir}/${buildmode}.pacman.conf" -c -G -M -- "${pacstrap_dir}" "${buildmode_pkg_list[@]}" &>/dev/null
else else
env -u TMPDIR pacstrap -C "${work_dir}/${buildmode}.pacman.conf" -c -G -M -- "${pacstrap_dir}" "${buildmode_pkg_list[@]}" env -u TMPDIR pacstrap -C "${work_dir}/${buildmode}.pacman.conf" -c -G -M -- "${pacstrap_dir}" "${buildmode_pkg_list[@]}"
fi fi
@ -399,7 +399,7 @@ _make_customize_airootfs() {
else else
_msg_error "Failed to set permissions on '${pacstrap_dir}${passwd[5]}'. Outside of valid path." 1 _msg_error "Failed to set permissions on '${pacstrap_dir}${passwd[5]}'. Outside of valid path." 1
fi fi
done < "${profile}/airootfs/etc/passwd" done <"${profile}/airootfs/etc/passwd"
_msg_info "Done!" _msg_info "Done!"
fi fi
@ -452,7 +452,7 @@ _make_bootmode_bios.syslinux.mbr() {
s|%ARCHISO_UUID%|${iso_uuid}|g; s|%ARCHISO_UUID%|${iso_uuid}|g;
s|%INSTALL_DIR%|${install_dir}|g; s|%INSTALL_DIR%|${install_dir}|g;
s|%ARCH%|${arch}|g" \ s|%ARCH%|${arch}|g" \
"${_cfg}" > "${isofs_dir}/boot/syslinux/${_cfg##*/}" "${_cfg}" >"${isofs_dir}/boot/syslinux/${_cfg##*/}"
done done
if [[ -e "${profile}/syslinux/splash.png" ]]; then if [[ -e "${profile}/syslinux/splash.png" ]]; then
install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/boot/syslinux/" install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/boot/syslinux/"
@ -527,10 +527,11 @@ _make_efibootimg() {
fi fi
# Convert from bytes to KiB and round up to the next full MiB with an additional MiB for reserved sectors. # Convert from bytes to KiB and round up to the next full MiB with an additional MiB for reserved sectors.
imgsize_kib="$(awk 'function ceil(x){return int(x)+(x>int(x))} imgsize_kib="$(
awk 'function ceil(x){return int(x)+(x>int(x))}
function byte_to_kib(x){return x/1024} function byte_to_kib(x){return x/1024}
function mib_to_kib(x){return x*1024} function mib_to_kib(x){return x*1024}
END {print mib_to_kib(ceil((byte_to_kib($1)+1024)/1024))}' <<< "${imgsize_bytes}" END {print mib_to_kib(ceil((byte_to_kib($1)+1024)/1024))}' <<<"${imgsize_bytes}"
)" )"
# The FAT image must be created with mkfs.fat not mformat, as some systems have issues with mformat made images: # The FAT image must be created with mkfs.fat not mformat, as some systems have issues with mformat made images:
# https://lists.gnu.org/archive/html/grub-devel/2019-04/msg00099.html # https://lists.gnu.org/archive/html/grub-devel/2019-04/msg00099.html
@ -539,7 +540,7 @@ _make_efibootimg() {
if [[ "${quiet}" == "y" ]]; then if [[ "${quiet}" == "y" ]]; then
# mkfs.fat does not have a -q/--quiet option, so redirect stdout to /dev/null instead # mkfs.fat does not have a -q/--quiet option, so redirect stdout to /dev/null instead
# https://github.com/dosfstools/dosfstools/issues/103 # https://github.com/dosfstools/dosfstools/issues/103
mkfs.fat -C -n ARCHISO_EFI "${efibootimg}" "${imgsize_kib}" > /dev/null mkfs.fat -C -n ARCHISO_EFI "${efibootimg}" "${imgsize_kib}" >/dev/null
else else
mkfs.fat -C -n ARCHISO_EFI "${efibootimg}" "${imgsize_kib}" mkfs.fat -C -n ARCHISO_EFI "${efibootimg}" "${imgsize_kib}"
fi fi
@ -553,7 +554,7 @@ _make_common_bootmode_grub_copy_to_isofs() {
local files_to_copy=() local files_to_copy=()
files_to_copy+=("${work_dir}/grub/"*) files_to_copy+=("${work_dir}/grub/"*)
if compgen -G "${profile}/grub/!(*.cfg)" &> /dev/null; then if compgen -G "${profile}/grub/!(*.cfg)" &>/dev/null; then
files_to_copy+=("${profile}/grub/"!(*.cfg)) files_to_copy+=("${profile}/grub/"!(*.cfg))
fi fi
install -d -m 0755 -- "${isofs_dir}/boot/grub" install -d -m 0755 -- "${isofs_dir}/boot/grub"
@ -561,7 +562,7 @@ _make_common_bootmode_grub_copy_to_isofs() {
} }
# Prepare GRUB configuration files # Prepare GRUB configuration files
_make_common_bootmode_grub_cfg(){ _make_common_bootmode_grub_cfg() {
local _cfg search_filename local _cfg search_filename
install -d -- "${work_dir}/grub" install -d -- "${work_dir}/grub"
@ -569,7 +570,7 @@ _make_common_bootmode_grub_cfg(){
# Create a /boot/grub/YYYY-mm-dd-HH-MM-SS-00.uuid file on ISO 9660. GRUB will search for it to find the ISO # Create a /boot/grub/YYYY-mm-dd-HH-MM-SS-00.uuid file on ISO 9660. GRUB will search for it to find the ISO
# volume. This is similar to what grub-mkrescue does, except it places the file in /.disk/, but we opt to use a # volume. This is similar to what grub-mkrescue does, except it places the file in /.disk/, but we opt to use a
# directory that does not start with a dot to avoid it being accidentally missed when copying the ISO's contents. # directory that does not start with a dot to avoid it being accidentally missed when copying the ISO's contents.
: > "${work_dir}/grub/${iso_uuid}.uuid" : >"${work_dir}/grub/${iso_uuid}.uuid"
search_filename="/boot/grub/${iso_uuid}.uuid" search_filename="/boot/grub/${iso_uuid}.uuid"
# Fill GRUB configuration files # Fill GRUB configuration files
@ -579,7 +580,7 @@ _make_common_bootmode_grub_cfg(){
s|%INSTALL_DIR%|${install_dir}|g; s|%INSTALL_DIR%|${install_dir}|g;
s|%ARCH%|${arch}|g; s|%ARCH%|${arch}|g;
s|%ARCHISO_SEARCH_FILENAME%|${search_filename}|g" \ s|%ARCHISO_SEARCH_FILENAME%|${search_filename}|g" \
"${_cfg}" > "${work_dir}/grub/${_cfg##*/}" "${_cfg}" >"${work_dir}/grub/${_cfg##*/}"
done done
# Prepare grub.cfg that will be embedded inside the GRUB binaries # Prepare grub.cfg that will be embedded inside the GRUB binaries
@ -622,7 +623,7 @@ else
fi fi
EOF EOF
grubembedcfg="${grubembedcfg//'%ARCHISO_SEARCH_FILENAME%'/"${search_filename}"}" grubembedcfg="${grubembedcfg//'%ARCHISO_SEARCH_FILENAME%'/"${search_filename}"}"
printf '%s\n' "$grubembedcfg" > "${work_dir}/grub-embed.cfg" printf '%s\n' "$grubembedcfg" >"${work_dir}/grub-embed.cfg"
# Write grubenv # Write grubenv
printf '%.1024s' \ printf '%.1024s' \
@ -634,7 +635,7 @@ EOF
"${arch}" \ "${arch}" \
"${search_filename}" \ "${search_filename}" \
"$(printf '%0.1s' "#"{1..1024})")" \ "$(printf '%0.1s' "#"{1..1024})")" \
> "${work_dir}/grub/grubenv" >"${work_dir}/grub/grubenv"
} }
_make_bootmode_uefi-ia32.grub.esp() { _make_bootmode_uefi-ia32.grub.esp() {
@ -651,12 +652,12 @@ _make_bootmode_uefi-ia32.grub.esp() {
search_fs_file search_fs_uuid search_label serial sleep tpm udf usb usbserial_common usbserial_ftdi \ search_fs_file search_fs_uuid search_label serial sleep tpm udf usb usbserial_common usbserial_ftdi \
usbserial_pl2303 usbserial_usbdebug video xfs zstd) usbserial_pl2303 usbserial_usbdebug video xfs zstd)
grub-mkstandalone -O i386-efi \ grub-mkstandalone -O i386-efi \
--modules="${grubmodules[*]}" \ --modules="${grubmodules[*]}" \
--locales="en@quot" \ --locales="en@quot" \
--themes="" \ --themes="" \
--sbat=/usr/share/grub/sbat.csv \ --sbat=/usr/share/grub/sbat.csv \
--disable-shim-lock \ --disable-shim-lock \
-o "${work_dir}/BOOTIA32.EFI" "boot/grub/grub.cfg=${work_dir}/grub-embed.cfg" -o "${work_dir}/BOOTIA32.EFI" "boot/grub/grub.cfg=${work_dir}/grub-embed.cfg"
# Add GRUB to the list of files used to calculate the required FAT image size. # Add GRUB to the list of files used to calculate the required FAT image size.
efiboot_files+=("${work_dir}/BOOTIA32.EFI" efiboot_files+=("${work_dir}/BOOTIA32.EFI"
"${pacstrap_dir}/usr/share/edk2-shell/ia32/Shell_Full.efi") "${pacstrap_dir}/usr/share/edk2-shell/ia32/Shell_Full.efi")
@ -728,12 +729,12 @@ _make_bootmode_uefi-x64.grub.esp() {
search_fs_file search_fs_uuid search_label serial sleep tpm udf usb usbserial_common usbserial_ftdi \ search_fs_file search_fs_uuid search_label serial sleep tpm udf usb usbserial_common usbserial_ftdi \
usbserial_pl2303 usbserial_usbdebug video xfs zstd) usbserial_pl2303 usbserial_usbdebug video xfs zstd)
grub-mkstandalone -O x86_64-efi \ grub-mkstandalone -O x86_64-efi \
--modules="${grubmodules[*]}" \ --modules="${grubmodules[*]}" \
--locales="en@quot" \ --locales="en@quot" \
--themes="" \ --themes="" \
--sbat=/usr/share/grub/sbat.csv \ --sbat=/usr/share/grub/sbat.csv \
--disable-shim-lock \ --disable-shim-lock \
-o "${work_dir}/BOOTx64.EFI" "boot/grub/grub.cfg=${work_dir}/grub-embed.cfg" -o "${work_dir}/BOOTx64.EFI" "boot/grub/grub.cfg=${work_dir}/grub-embed.cfg"
# Add GRUB to the list of files used to calculate the required FAT image size. # Add GRUB to the list of files used to calculate the required FAT image size.
efiboot_files+=("${work_dir}/BOOTx64.EFI" efiboot_files+=("${work_dir}/BOOTx64.EFI"
"${pacstrap_dir}/usr/share/edk2-shell/x64/Shell_Full.efi") "${pacstrap_dir}/usr/share/edk2-shell/x64/Shell_Full.efi")
@ -866,7 +867,7 @@ _make_bootmode_uefi-x64.systemd-boot.eltorito() {
sed "s|%ARCHISO_LABEL%|${iso_label}|g; sed "s|%ARCHISO_LABEL%|${iso_label}|g;
s|%INSTALL_DIR%|${install_dir}|g; s|%INSTALL_DIR%|${install_dir}|g;
s|%ARCH%|${arch}|g" \ s|%ARCH%|${arch}|g" \
"${_conf}" > "${isofs_dir}/loader/entries/${_conf##*/}" "${_conf}" >"${isofs_dir}/loader/entries/${_conf##*/}"
done done
# edk2-shell based UEFI shell # edk2-shell based UEFI shell
@ -928,13 +929,13 @@ _validate_requirements_bootmode_uefi-x64.systemd-boot.esp() {
fi fi
# Check if mkfs.fat is available # Check if mkfs.fat is available
if ! command -v mkfs.fat &> /dev/null; then if ! command -v mkfs.fat &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${bootmode}': mkfs.fat is not available on this host. Install 'dosfstools'!" 0 _msg_error "Validating '${bootmode}': mkfs.fat is not available on this host. Install 'dosfstools'!" 0
fi fi
# Check if mmd and mcopy are available # Check if mmd and mcopy are available
if ! { command -v mmd &> /dev/null && command -v mcopy &> /dev/null; }; then if ! { command -v mmd &>/dev/null && command -v mcopy &>/dev/null; }; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${bootmode}': mmd and/or mcopy are not available on this host. Install 'mtools'!" 0 _msg_error "Validating '${bootmode}': mmd and/or mcopy are not available on this host. Install 'mtools'!" 0
fi fi
@ -978,7 +979,7 @@ _validate_requirements_bootmode_uefi-x64.systemd-boot.eltorito() {
_validate_requirements_bootmode_uefi-ia32.grub.esp() { _validate_requirements_bootmode_uefi-ia32.grub.esp() {
# Check if GRUB is available # Check if GRUB is available
if ! command -v grub-mkstandalone &> /dev/null; then if ! command -v grub-mkstandalone &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${bootmode}': grub-install is not available on this host. Install 'grub'!" 0 _msg_error "Validating '${bootmode}': grub-install is not available on this host. Install 'grub'!" 0
fi fi
@ -1005,19 +1006,19 @@ _validate_requirements_bootmode_uefi-x64.grub.esp() {
fi fi
# Check if GRUB is available # Check if GRUB is available
if ! command -v grub-mkstandalone &> /dev/null; then if ! command -v grub-mkstandalone &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${bootmode}': grub-install is not available on this host. Install 'grub'!" 0 _msg_error "Validating '${bootmode}': grub-install is not available on this host. Install 'grub'!" 0
fi fi
# Check if mkfs.fat is available # Check if mkfs.fat is available
if ! command -v mkfs.fat &> /dev/null; then if ! command -v mkfs.fat &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${bootmode}': mkfs.fat is not available on this host. Install 'dosfstools'!" 0 _msg_error "Validating '${bootmode}': mkfs.fat is not available on this host. Install 'dosfstools'!" 0
fi fi
# Check if mmd and mcopy are available # Check if mmd and mcopy are available
if ! { command -v mmd &> /dev/null && command -v mcopy &> /dev/null; }; then if ! { command -v mmd &>/dev/null && command -v mcopy &>/dev/null; }; then
_msg_error "Validating '${bootmode}': mmd and/or mcopy are not available on this host. Install 'mtools'!" 0 _msg_error "Validating '${bootmode}': mmd and/or mcopy are not available on this host. Install 'mtools'!" 0
fi fi
@ -1146,14 +1147,14 @@ _sign_netboot_artifacts() {
} }
_validate_requirements_airootfs_image_type_squashfs() { _validate_requirements_airootfs_image_type_squashfs() {
if ! command -v mksquashfs &> /dev/null; then if ! command -v mksquashfs &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${airootfs_image_type}': mksquashfs is not available on this host. Install 'squashfs-tools'!" 0 _msg_error "Validating '${airootfs_image_type}': mksquashfs is not available on this host. Install 'squashfs-tools'!" 0
fi fi
} }
_validate_requirements_airootfs_image_type_ext4+squashfs() { _validate_requirements_airootfs_image_type_ext4+squashfs() {
if ! { command -v mkfs.ext4 &> /dev/null && command -v tune2fs &> /dev/null; }; then if ! { command -v mkfs.ext4 &>/dev/null && command -v tune2fs &>/dev/null; }; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${airootfs_image_type}': mkfs.ext4 and/or tune2fs is not available on this host. Install 'e2fsprogs'!" 0 _msg_error "Validating '${airootfs_image_type}': mkfs.ext4 and/or tune2fs is not available on this host. Install 'e2fsprogs'!" 0
fi fi
@ -1161,22 +1162,22 @@ _validate_requirements_airootfs_image_type_ext4+squashfs() {
} }
_validate_requirements_airootfs_image_type_erofs() { _validate_requirements_airootfs_image_type_erofs() {
if ! command -v mkfs.erofs &> /dev/null; then if ! command -v mkfs.erofs &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating '${airootfs_image_type}': mkfs.erofs is not available on this host. Install 'erofs-utils'!" 0 _msg_error "Validating '${airootfs_image_type}': mkfs.erofs is not available on this host. Install 'erofs-utils'!" 0
fi fi
} }
_validate_common_requirements_buildmode_all() { _validate_common_requirements_buildmode_all() {
if ! command -v pacman &> /dev/null; then if ! command -v pacman &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating build mode '${_buildmode}': pacman is not available on this host. Install 'pacman'!" 0 _msg_error "Validating build mode '${_buildmode}': pacman is not available on this host. Install 'pacman'!" 0
fi fi
if ! command -v find &> /dev/null; then if ! command -v find &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating build mode '${_buildmode}': find is not available on this host. Install 'findutils'!" 0 _msg_error "Validating build mode '${_buildmode}': find is not available on this host. Install 'findutils'!" 0
fi fi
if ! command -v gzip &> /dev/null; then if ! command -v gzip &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating build mode '${_buildmode}': gzip is not available on this host. Install 'gzip'!" 0 _msg_error "Validating build mode '${_buildmode}': gzip is not available on this host. Install 'gzip'!" 0
fi fi
@ -1200,7 +1201,7 @@ _validate_requirements_buildmode_bootstrap() {
fi fi
_validate_common_requirements_buildmode_all _validate_common_requirements_buildmode_all
if ! command -v bsdtar &> /dev/null; then if ! command -v bsdtar &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating build mode '${_buildmode}': bsdtar is not available on this host. Install 'libarchive'!" 0 _msg_error "Validating build mode '${_buildmode}': bsdtar is not available on this host. Install 'libarchive'!" 0
fi fi
@ -1237,15 +1238,15 @@ _validate_common_requirements_buildmode_iso_netboot() {
_msg_error "Two certificates are required for codesigning netboot artifacts, but '${cert_list[*]}' is provided." 0 _msg_error "Two certificates are required for codesigning netboot artifacts, but '${cert_list[*]}' is provided." 0
fi fi
if ! command -v openssl &> /dev/null; then if ! command -v openssl &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating build mode '${_buildmode}': openssl is not available on this host. Install 'openssl'!" 0 _msg_error "Validating build mode '${_buildmode}': openssl is not available on this host. Install 'openssl'!" 0
fi fi
fi fi
# Check if the specified airootfs_image_type is supported # Check if the specified airootfs_image_type is supported
if typeset -f "_mkairootfs_${airootfs_image_type}" &> /dev/null; then if typeset -f "_mkairootfs_${airootfs_image_type}" &>/dev/null; then
if typeset -f "_validate_requirements_airootfs_image_type_${airootfs_image_type}" &> /dev/null; then if typeset -f "_validate_requirements_airootfs_image_type_${airootfs_image_type}" &>/dev/null; then
"_validate_requirements_airootfs_image_type_${airootfs_image_type}" "_validate_requirements_airootfs_image_type_${airootfs_image_type}"
else else
_msg_warning "Function '_validate_requirements_airootfs_image_type_${airootfs_image_type}' does not exist. Validating the requirements of '${airootfs_image_type}' airootfs image type will not be possible." _msg_warning "Function '_validate_requirements_airootfs_image_type_${airootfs_image_type}' does not exist. Validating the requirements of '${airootfs_image_type}' airootfs image type will not be possible."
@ -1265,8 +1266,8 @@ _validate_requirements_buildmode_iso() {
_msg_error "No boot modes specified in '${profile}/profiledef.sh'." 0 _msg_error "No boot modes specified in '${profile}/profiledef.sh'." 0
fi fi
for bootmode in "${bootmodes[@]}"; do for bootmode in "${bootmodes[@]}"; do
if typeset -f "_make_bootmode_${bootmode}" &> /dev/null; then if typeset -f "_make_bootmode_${bootmode}" &>/dev/null; then
if typeset -f "_validate_requirements_bootmode_${bootmode}" &> /dev/null; then if typeset -f "_validate_requirements_bootmode_${bootmode}" &>/dev/null; then
"_validate_requirements_bootmode_${bootmode}" "_validate_requirements_bootmode_${bootmode}"
else else
_msg_warning "Function '_validate_requirements_bootmode_${bootmode}' does not exist. Validating the requirements of '${bootmode}' boot mode will not be possible." _msg_warning "Function '_validate_requirements_bootmode_${bootmode}' does not exist. Validating the requirements of '${bootmode}' boot mode will not be possible."
@ -1277,7 +1278,7 @@ _validate_requirements_buildmode_iso() {
fi fi
done done
if ! command -v awk &> /dev/null; then if ! command -v awk &>/dev/null; then
(( validation_error=validation_error+1 )) (( validation_error=validation_error+1 ))
_msg_error "Validating build mode '${_buildmode}': awk is not available on this host. Install 'awk'!" 0 _msg_error "Validating build mode '${_buildmode}': awk is not available on this host. Install 'awk'!" 0
fi fi
@ -1350,7 +1351,7 @@ _add_xorrisofs_options_uefi-x64.systemd-boot.esp() {
# A valid GPT prevents BIOS booting on some systems, instead use an invalid GPT (without a protective MBR). # A valid GPT prevents BIOS booting on some systems, instead use an invalid GPT (without a protective MBR).
# The attached partition will have the EFI system partition type code in MBR, but in the invalid GPT it will # The attached partition will have the EFI system partition type code in MBR, but in the invalid GPT it will
# have a Microsoft basic partition type code. # have a Microsoft basic partition type code.
if [[ ! " ${bootmodes[*]} " =~ ' uefi-x64.systemd-boot.eltorito ' && ! " ${bootmodes[*]} " =~ ' uefi-ia32.grub.eltorito ' ]]; then if [[ ! " ${bootmodes[*]} " =~ ' uefi-x64.systemd-boot.eltorito ' && ! " ${bootmodes[*]} " =~ ' uefi-ia32.grub.eltorito ' ]]; then
# If '-isohybrid-gpt-basdat' is specified before '-e', then the appended EFI system partition will have the # If '-isohybrid-gpt-basdat' is specified before '-e', then the appended EFI system partition will have the
# EFI system partition type ID/GUID in both MBR and GPT. If '-isohybrid-gpt-basdat' is specified after '-e', # EFI system partition type ID/GUID in both MBR and GPT. If '-isohybrid-gpt-basdat' is specified after '-e',
# the appended EFI system partition will have the Microsoft basic data type GUID in GPT. # the appended EFI system partition will have the Microsoft basic data type GUID in GPT.
@ -1421,7 +1422,7 @@ _add_xorrisofs_options_uefi-x64.grub.esp() {
# A valid GPT prevents BIOS booting on some systems, instead use an invalid GPT (without a protective MBR). # A valid GPT prevents BIOS booting on some systems, instead use an invalid GPT (without a protective MBR).
# The attached partition will have the EFI system partition type code in MBR, but in the invalid GPT it will # The attached partition will have the EFI system partition type code in MBR, but in the invalid GPT it will
# have a Microsoft basic partition type code. # have a Microsoft basic partition type code.
if [[ ! " ${bootmodes[*]} " =~ ' uefi-x64.grub.eltorito ' && ! " ${bootmodes[*]} " =~ ' uefi-ia32.grub.eltorito ' ]]; then if [[ ! " ${bootmodes[*]} " =~ ' uefi-x64.grub.eltorito ' && ! " ${bootmodes[*]} " =~ ' uefi-ia32.grub.eltorito ' ]]; then
# If '-isohybrid-gpt-basdat' is specified before '-e', then the appended EFI system partition will have the # If '-isohybrid-gpt-basdat' is specified before '-e', then the appended EFI system partition will have the
# EFI system partition type ID/GUID in both MBR and GPT. If '-isohybrid-gpt-basdat' is specified after '-e', # EFI system partition type ID/GUID in both MBR and GPT. If '-isohybrid-gpt-basdat' is specified after '-e',
# the appended EFI system partition will have the Microsoft basic data type GUID in GPT. # the appended EFI system partition will have the Microsoft basic data type GUID in GPT.
@ -1488,7 +1489,7 @@ _build_bootstrap_image() {
cd -- "${_bootstrap_parent}" cd -- "${_bootstrap_parent}"
_msg_info "Creating bootstrap image..." _msg_info "Creating bootstrap image..."
bsdtar -cf - "root.${arch}" | gzip -cn9 > "${out_dir}/${image_name}" bsdtar -cf - "root.${arch}" | gzip -cn9 >"${out_dir}/${image_name}"
_msg_info "Done!" _msg_info "Done!"
du -h -- "${out_dir}/${image_name}" du -h -- "${out_dir}/${image_name}"
cd -- "${OLDPWD}" cd -- "${OLDPWD}"
@ -1515,24 +1516,24 @@ _build_iso_image() {
# Add required xorrisofs options for each boot mode # Add required xorrisofs options for each boot mode
for bootmode in "${bootmodes[@]}"; do for bootmode in "${bootmodes[@]}"; do
typeset -f "_add_xorrisofs_options_${bootmode}" &> /dev/null && "_add_xorrisofs_options_${bootmode}" typeset -f "_add_xorrisofs_options_${bootmode}" &>/dev/null && "_add_xorrisofs_options_${bootmode}"
done done
rm -f -- "${out_dir}/${image_name}" rm -f -- "${out_dir}/${image_name}"
_msg_info "Creating ISO image..." _msg_info "Creating ISO image..."
xorriso "${xorriso_options[@]}" -as mkisofs \ xorriso "${xorriso_options[@]}" -as mkisofs \
-iso-level 3 \ -iso-level 3 \
-full-iso9660-filenames \ -full-iso9660-filenames \
-joliet \ -joliet \
-joliet-long \ -joliet-long \
-rational-rock \ -rational-rock \
-volid "${iso_label}" \ -volid "${iso_label}" \
-appid "${iso_application}" \ -appid "${iso_application}" \
-publisher "${iso_publisher}" \ -publisher "${iso_publisher}" \
-preparer "prepared by ${app_name}" \ -preparer "prepared by ${app_name}" \
"${xorrisofs_options[@]}" \ "${xorrisofs_options[@]}" \
-output "${out_dir}/${image_name}" \ -output "${out_dir}/${image_name}" \
"${isofs_dir}/" "${isofs_dir}/"
_msg_info "Done!" _msg_info "Done!"
du -h -- "${out_dir}/${image_name}" du -h -- "${out_dir}/${image_name}"
} }
@ -1592,8 +1593,8 @@ _validate_options() {
# Check if the specified buildmodes are supported # Check if the specified buildmodes are supported
for _buildmode in "${buildmodes[@]}"; do for _buildmode in "${buildmodes[@]}"; do
if typeset -f "_build_buildmode_${_buildmode}" &> /dev/null; then if typeset -f "_build_buildmode_${_buildmode}" &>/dev/null; then
if typeset -f "_validate_requirements_buildmode_${_buildmode}" &> /dev/null; then if typeset -f "_validate_requirements_buildmode_${_buildmode}" &>/dev/null; then
"_validate_requirements_buildmode_${_buildmode}" "_validate_requirements_buildmode_${_buildmode}"
else else
_msg_warning "Function '_validate_requirements_buildmode_${_buildmode}' does not exist. Validating the requirements of '${_buildmode}' build mode will not be possible." _msg_warning "Function '_validate_requirements_buildmode_${_buildmode}' does not exist. Validating the requirements of '${_buildmode}' build mode will not be possible."
@ -1689,12 +1690,12 @@ _make_version() {
_msg_info "Creating version files..." _msg_info "Creating version files..."
# Write version file to system installation dir # Write version file to system installation dir
rm -f -- "${pacstrap_dir}/version" rm -f -- "${pacstrap_dir}/version"
printf '%s\n' "${iso_version}" > "${pacstrap_dir}/version" printf '%s\n' "${iso_version}" >"${pacstrap_dir}/version"
if [[ "${buildmode}" == @("iso"|"netboot") ]]; then if [[ "${buildmode}" == @("iso"|"netboot") ]]; then
install -d -m 0755 -- "${isofs_dir}/${install_dir}" install -d -m 0755 -- "${isofs_dir}/${install_dir}"
# Write version file to ISO 9660 # Write version file to ISO 9660
printf '%s\n' "${iso_version}" > "${isofs_dir}/${install_dir}/version" printf '%s\n' "${iso_version}" >"${isofs_dir}/${install_dir}/version"
fi fi
if [[ "${buildmode}" == "iso" ]]; then if [[ "${buildmode}" == "iso" ]]; then
@ -1704,7 +1705,7 @@ _make_version() {
rm -f -- "${isofs_dir}/${install_dir}/grubenv" rm -f -- "${isofs_dir}/${install_dir}/grubenv"
printf '%.1024s' "$(printf '# GRUB Environment Block\nNAME=%s\nVERSION=%s\n%s' \ printf '%.1024s' "$(printf '# GRUB Environment Block\nNAME=%s\nVERSION=%s\n%s' \
"${iso_name}" "${iso_version}" "$(printf '%0.1s' "#"{1..1024})")" \ "${iso_name}" "${iso_version}" "$(printf '%0.1s' "#"{1..1024})")" \
> "${isofs_dir}/${install_dir}/grubenv" >"${isofs_dir}/${install_dir}/grubenv"
fi fi
# Append IMAGE_ID & IMAGE_VERSION to os-release # Append IMAGE_ID & IMAGE_VERSION to os-release
@ -1716,7 +1717,7 @@ _make_version() {
_msg_warning "os-release file '${_os_release}' is outside of valid path." _msg_warning "os-release file '${_os_release}' is outside of valid path."
else else
[[ ! -e "${_os_release}" ]] || sed -i '/^IMAGE_ID=/d;/^IMAGE_VERSION=/d' "${_os_release}" [[ ! -e "${_os_release}" ]] || sed -i '/^IMAGE_ID=/d;/^IMAGE_VERSION=/d' "${_os_release}"
printf 'IMAGE_ID=%s\nIMAGE_VERSION=%s\n' "${iso_name}" "${iso_version}" >> "${_os_release}" printf 'IMAGE_ID=%s\nIMAGE_VERSION=%s\n' "${iso_name}" "${iso_version}" >>"${_os_release}"
fi fi
# Touch /usr/lib/clock-epoch to give another hint on date and time # Touch /usr/lib/clock-epoch to give another hint on date and time
@ -1730,11 +1731,11 @@ _make_pkglist() {
_msg_info "Creating a list of installed packages on live-enviroment..." _msg_info "Creating a list of installed packages on live-enviroment..."
case "${buildmode}" in case "${buildmode}" in
"bootstrap") "bootstrap")
pacman -Q --sysroot "${pacstrap_dir}" > "${pacstrap_dir}/pkglist.${arch}.txt" pacman -Q --sysroot "${pacstrap_dir}" >"${pacstrap_dir}/pkglist.${arch}.txt"
;; ;;
"iso"|"netboot") "iso"|"netboot")
install -d -m 0755 -- "${isofs_dir}/${install_dir}" install -d -m 0755 -- "${isofs_dir}/${install_dir}"
pacman -Q --sysroot "${pacstrap_dir}" > "${isofs_dir}/${install_dir}/pkglist.${arch}.txt" pacman -Q --sysroot "${pacstrap_dir}" >"${isofs_dir}/${install_dir}/pkglist.${arch}.txt"
;; ;;
esac esac
_msg_info "Done!" _msg_info "Done!"
@ -1763,7 +1764,7 @@ _build_iso_base() {
# Create working directory # Create working directory
_run_once _make_work_dir _run_once _make_work_dir
# Write build date to file if it does not exist already # Write build date to file if it does not exist already
[[ -e "${work_dir}/build_date" ]] || printf '%s\n' "$SOURCE_DATE_EPOCH" > "${work_dir}/build_date" [[ -e "${work_dir}/build_date" ]] || printf '%s\n' "$SOURCE_DATE_EPOCH" >"${work_dir}/build_date"
[[ "${quiet}" == "y" ]] || _show_config [[ "${quiet}" == "y" ]] || _show_config
_run_once _make_pacman_conf _run_once _make_pacman_conf
@ -1848,15 +1849,15 @@ _build() {
while getopts 'c:p:C:L:P:A:D:w:m:o:g:G:vrh?' arg; do while getopts 'c:p:C:L:P:A:D:w:m:o:g:G:vrh?' arg; do
case "${arg}" in case "${arg}" in
p) read -r -a override_pkg_list <<< "${OPTARG}" ;; p) read -r -a override_pkg_list <<<"${OPTARG}" ;;
C) override_pacman_conf="${OPTARG}" ;; C) override_pacman_conf="${OPTARG}" ;;
L) override_iso_label="${OPTARG}" ;; L) override_iso_label="${OPTARG}" ;;
P) override_iso_publisher="${OPTARG}" ;; P) override_iso_publisher="${OPTARG}" ;;
A) override_iso_application="${OPTARG}" ;; A) override_iso_application="${OPTARG}" ;;
D) override_install_dir="${OPTARG}" ;; D) override_install_dir="${OPTARG}" ;;
c) read -r -a override_cert_list <<< "${OPTARG}" ;; c) read -r -a override_cert_list <<<"${OPTARG}" ;;
w) override_work_dir="${OPTARG}" ;; w) override_work_dir="${OPTARG}" ;;
m) read -r -a override_buildmodes <<< "${OPTARG}" ;; m) read -r -a override_buildmodes <<<"${OPTARG}" ;;
o) override_out_dir="${OPTARG}" ;; o) override_out_dir="${OPTARG}" ;;
g) override_gpg_key="${OPTARG}" ;; g) override_gpg_key="${OPTARG}" ;;
G) override_gpg_sender="${OPTARG}" ;; G) override_gpg_sender="${OPTARG}" ;;

View File

@ -1,17 +1,18 @@
#!/usr/bin/env bash #!/usr/bin/env bash
script_cmdline () script_cmdline() {
{
local param local param
for param in $(< /proc/cmdline); do for param in $(</proc/cmdline); do
case "${param}" in case "${param}" in
script=*) echo "${param#*=}" ; return 0 ;; script=*)
echo "${param#*=}"
return 0
;;
esac esac
done done
} }
automated_script () automated_script() {
{
local script rt local script rt
script="$(script_cmdline)" script="$(script_cmdline)"
if [[ -n "${script}" && ! -x /tmp/startup_script ]]; then if [[ -n "${script}" && ! -x /tmp/startup_script ]]; then

View File

@ -4,21 +4,22 @@
get_cmdline() { get_cmdline() {
local param local param
for param in $(< /proc/cmdline); do for param in $(</proc/cmdline); do
case "${param}" in case "${param}" in
$1=*) echo "${param##*=}"; "${1}="*)
return 0 echo "${param##*=}"
;; return 0
;;
esac esac
done done
} }
mirror=$(get_cmdline mirror) mirror="$(get_cmdline mirror)"
[[ $mirror = auto ]] && mirror=$(get_cmdline archiso_http_srv) [[ "$mirror" == 'auto' ]] && mirror="$(get_cmdline archiso_http_srv)"
[[ $mirror ]] || exit 0 [[ -n "$mirror" ]] || exit 0
mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig
cat >/etc/pacman.d/mirrorlist << EOF cat >/etc/pacman.d/mirrorlist <<EOF
# #
# Arch Linux repository mirrorlist # Arch Linux repository mirrorlist
# Generated by archiso # Generated by archiso

View File

@ -3,7 +3,7 @@
# SPDX-License-Identifier: GPL-3.0-or-later # SPDX-License-Identifier: GPL-3.0-or-later
usage() { usage() {
cat <<- _EOF_ cat <<-_EOF_
live cd sound helper script. live cd sound helper script.
Usage: livecdsound [OPTION] Usage: livecdsound [OPTION]
OPTIONS OPTIONS
@ -14,14 +14,13 @@ usage() {
_EOF_ _EOF_
} }
bugout () { bugout() {
printf "/usr/local/bin/livecdsound: programming error" printf "/usr/local/bin/livecdsound: programming error"
stat_fail stat_fail
} }
echo_card_indices() echo_card_indices() {
{ if [[ -f /proc/asound/cards ]]; then
if [ -f /proc/asound/cards ] ; then
sed -n -e's/^[[:space:]]*\([0-7]\)[[:space:]].*/\1/p' /proc/asound/cards sed -n -e's/^[[:space:]]*\([0-7]\)[[:space:]].*/\1/p' /proc/asound/cards
fi fi
} }
@ -33,8 +32,8 @@ echo_card_indices()
# $1 <card id> # $1 <card id>
# $2 <control> # $2 <control>
# $3 <level> # $3 <level>
unmute_and_set_level(){ unmute_and_set_level() {
{ [ "$3" ] &&[ "$2" ] && [ "$1" ] ; } || bugout [[ -n "$3" && -n "$2" && -n "$1" ]] || bugout
systemd-cat -t "livecdsound" printf "Setting: %s on card: %s to %s\n" "$2" "$1" "$3" systemd-cat -t "livecdsound" printf "Setting: %s on card: %s to %s\n" "$2" "$1" "$3"
systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3" unmute systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3" unmute
return 0 return 0
@ -42,9 +41,8 @@ unmute_and_set_level(){
# $1 <card id> # $1 <card id>
# $2 <control> # $2 <control>
mute_and_zero_level() mute_and_zero_level() {
{ [[ -n "$1" && -n "$2" ]] || bugout
{ [ "$1" ] && [ "$2" ] ; } || bugout
systemd-cat -t "livecdsound" printf "Muting control: %s on card: %s\n" "$2" "$1" systemd-cat -t "livecdsound" printf "Muting control: %s on card: %s\n" "$2" "$1"
systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "0%" mute systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "0%" mute
return 0 return 0
@ -53,17 +51,15 @@ mute_and_zero_level()
# $1 <card ID> # $1 <card ID>
# $2 <control> # $2 <control>
# $3 "on" | "off" # $3 "on" | "off"
switch_control() switch_control() {
{ [[ -n "$3" && -n "$1" ]] || bugout
{ [ "$3" ] && [ "$1" ] ; } || bugout
systemd-cat -t "livecdsound" printf "Switching control: %s on card: %s to %s\n" "$2" "$1" "$3" systemd-cat -t "livecdsound" printf "Switching control: %s on card: %s to %s\n" "$2" "$1" "$3"
systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3" systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3"
return 0 return 0
} }
# $1 <card ID> # $1 <card ID>
sanify_levels_on_card() sanify_levels_on_card() {
{
unmute_and_set_level "$1" "Front" "80%" unmute_and_set_level "$1" "Front" "80%"
unmute_and_set_level "$1" "Master" "80%" unmute_and_set_level "$1" "Master" "80%"
unmute_and_set_level "$1" "Master Mono" "80%" unmute_and_set_level "$1" "Master Mono" "80%"
@ -134,94 +130,89 @@ sanify_levels_on_card()
} }
# $1 <card ID> | "all" # $1 <card ID> | "all"
sanify_levels() sanify_levels() {
{
local ttsdml_returnstatus=0 local ttsdml_returnstatus=0
local card local card
case "$1" in case "$1" in
all) all)
for card in $(echo_card_indices) ; do for card in $(echo_card_indices); do
sanify_levels_on_card "$card" || ttsdml_returnstatus=1 sanify_levels_on_card "$card" || ttsdml_returnstatus=1
done done
;; ;;
*) *)
sanify_levels_on_card "$1" || ttsdml_returnstatus=1 sanify_levels_on_card "$1" || ttsdml_returnstatus=1
;; ;;
esac esac
return $ttsdml_returnstatus return "$ttsdml_returnstatus"
} }
# List all cards that *should* be usable for PCM audio. In my experience, # List all cards that *should* be usable for PCM audio. In my experience,
# the console speaker (handled by the pcsp driver) isn't a suitable playback # the console speaker (handled by the pcsp driver) isn't a suitable playback
# device, so we'll exclude it. # device, so we'll exclude it.
list_non_pcsp_cards() list_non_pcsp_cards() {
{
for card in $(echo_card_indices); do for card in $(echo_card_indices); do
local cardfile="/proc/asound/card${card}/id" local cardfile="/proc/asound/card${card}/id"
if [ -r "$cardfile" ] && [ -f "$cardfile" ] && \ if [[ -r "$cardfile" && -f "$cardfile" && "$(cat "$cardfile")" != pcsp ]]; then
[ "$(cat "$cardfile")" != pcsp ]; then
echo "$card" echo "$card"
fi fi
done done
} }
# Properly initialize the sound card so that we have audio at boot. # Properly initialize the sound card so that we have audio at boot.
unmute_all_cards() unmute_all_cards() {
{
sanify_levels all sanify_levels all
} }
is_numeric() { is_numeric() {
local str=$1 local str="$1"
[[ "$str" =~ ^[0-9]+$ ]] [[ "$str" =~ ^[0-9]+$ ]]
} }
set_default_card() { set_default_card() {
local card=$1 local card="$1"
sed -e "s/%card%/$card/g" < /usr/local/share/livecd-sound/asound.conf.in \ sed -e "s/%card%/$card/g" </usr/local/share/livecd-sound/asound.conf.in \
> /etc/asound.conf >/etc/asound.conf
} }
play_on_card() { play_on_card() {
local card=$1 file=$2 local card="$1" file="$2"
aplay -q "-Dplughw:$card,0" "$file" aplay -q "-Dplughw:$card,0" "$file"
} }
# If there are multiple usable sound cards, prompt the user to choose one, # If there are multiple usable sound cards, prompt the user to choose one,
# using auditory feedback. # using auditory feedback.
pick_a_card() pick_a_card() {
{
set -f set -f
usable_cards="$(list_non_pcsp_cards)" usable_cards="$(list_non_pcsp_cards)"
num_usable_cards="$(wc -w <<< "$usable_cards")" num_usable_cards="$(wc -w <<<"$usable_cards")"
if [ "$num_usable_cards" -eq 1 ]; then if (( num_usable_cards == 1 )); then
systemd-cat -t "livecdsound" printf "Only one sound card is detected\n" systemd-cat -t "livecdsound" printf "Only one sound card is detected\n"
exit 0 exit 0
fi fi
systemd-cat -t "livecdsound" printf "multiple sound cards detected\n" systemd-cat -t "livecdsound" printf "multiple sound cards detected\n"
for card in $usable_cards; do for card in "${usable_cards[@]}"; do
if ! is_numeric "$card"; then if ! is_numeric "$card"; then
continue continue
fi fi
play_on_card "$card" /usr/share/livecd-sounds/pick-a-card.wav& play_on_card "$card" /usr/share/livecd-sounds/pick-a-card.wav &
done done
wait wait
sleep 1 sleep 1
for card in $usable_cards; do for card in "${usable_cards[@]}"; do
if ! is_numeric "$card"; then if ! is_numeric "$card"; then
continue continue
fi fi
play_on_card "$card" /usr/share/livecd-sounds/beep.wav play_on_card "$card" /usr/share/livecd-sounds/beep.wav
if read -r -t 10; then if read -r -t 10; then
systemd-cat -t "livecdsound" printf "Selecting %s sound card as default\n" "$card" systemd-cat -t "livecdsound" printf "Selecting %s sound card as default\n" "$card"
set_default_card "$card" set_default_card "$card"
break break
fi fi
done done
} }
if [[ $# -eq 0 ]]; then if (( $# == 0 )); then
echo "error: No argument passed." echo "error: No argument passed."
exit 1 exit 1
fi fi

View File

@ -11,7 +11,6 @@
# - qemu # - qemu
# - edk2-ovmf (when UEFI booting) # - edk2-ovmf (when UEFI booting)
set -eu set -eu
print_help() { print_help() {