Commit Graph

1366 Commits

Author SHA1 Message Date
Michael Vorburger
94dd194c22 add SSH server to baseline
inspired by https://wiki.archlinux.org/index.php/Archiso#Prepare_an_ISO_for_an_installation_via_SSH
2021-01-27 14:16:43 +00:00
Michael Vorburger
221a9211e5 use same airootfs_image_tool_options in baseline as in releng 2021-01-27 14:16:43 +00:00
nl6720
4f4047a3f8
configs/releng: move the mirror uncommenting sed command from customize_airootfs.sh to a pacman hook
After pacman-mirrorlist is installed, /etc/pacman.d/hooks/uncomment-mirrors.hook will run a sed command which uncomments all Server lines in /etc/pacman.d/mirrorlist.
This brings us another step closer to the complete removal of customize_airootfs.sh.

Related to https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
2021-01-27 00:07:45 +02:00
Christian Hesse
a2c8dd3173 archiso_pxe_common: remove resolv.conf before copy
Booting via PXE we want to keep our DNS configuration. So remove
/etc/resolv.conf in new root before copying the current file.

Without this systemd-resolved fallback nameservers are used and we see an
error message when the root ships a symbolic link to systemd-resolved's
stub-resolv.conf:

cp: not writing through dangling symlink '/new_root/etc/resolv.conf'
2021-01-26 21:59:01 +00:00
Christian Hesse
b30d1cad9b mkarchiso: add version information
To date the iso version was used for iso volume information and iso file name.
In my custom builds I do use it a lot more:

* Inside the root fs: The system knows about its own version. I use this to:
  -> report the version to a server (poor man's inventory)
  -> let the system update itself

* On the iso fs: The files are served via rsync, running systems transfer
  version file first to check for available update.

* A grub environment file on the iso fs: Booting the iso from grub allows
  to create cow directory per version:

    loopback loop archlinux.iso
    load_env -f (loop)/arch/grubenv
    linux (loop)/arch/boot/x86_64/vmlinuz-linux ... \
        cow_directory=archlinux/${VERSION} ...

So let's just create these files.
2021-01-26 10:00:38 +01:00
Christian Hesse
d153b48613 mkarchiso: fix typos 2021-01-23 21:04:17 +01:00
Michael Vorburger
0ae5cd961e lint ALL (future) scripts/*.sh, not just run_archiso.sh 2021-01-23 19:23:38 +00:00
Michael Vorburger
608d1100c8 add -c => -cdrom cloud-init.iso support to run_archiso.sh
Co-authored-by: nl6720 <nl6720@gmail.com>
2021-01-23 16:43:55 +00:00
Michael Vorburger
88304719d0 add cloud-init files to .gitignore (and loosen out/ and work/) 2021-01-23 16:07:36 +00:00
Michael Vorburger
955343925b make run_archiso forward VM's port 22 to host 60022, for easy SSH testing 2021-01-23 16:02:50 +00:00
Michael Vorburger
833cbd5e72 enable SSH server in releng profile 2021-01-23 15:54:31 +00:00
Michael Vorburger
9b03e0b08a add cloud-init to releng 2021-01-23 15:54:31 +00:00
Michael Vorburger
e556491c27
add VNC support to run_archiso.sh
Usage: Launch run_archiso.sh -v ..., and then use a VNC viewer
(e.g. from https://wiki.archlinux.org/index.php/List_of_applications/Internet#Remote_desktop)
to connect (typically to `localhost`) on the default VNC port (5900).

This enables using run_archiso in a "headless" session; e.g. when SSH logged in
to the CLI of a VM, without a local display attached.  This is handy e.g. when
playing https://en.wikipedia.org/wiki/Inception and running an archlinux*.iso
on any non-Arch (say Fedora workstation), on which one built a new ISO, that you
then "run_archiso", inside which you could build another ISO, which you could
itself start inside the nested VM... ;-)

Jokes apart, this could also be used to run automated CI/CD tests of the built ISO,
which is particularly interesting in combination with the cloud-init support;
see https://wiki.archlinux.org/index.php/Cloud-init.

see https://bugs.archlinux.org/task/69142
2021-01-23 14:50:06 +01:00
nl6720
64091a1802
Combine sed commands to reduce file writes 2021-01-07 14:33:28 +02:00
nl6720
a178ff44bc
profiledef.sh: Remove www. from archlinux.org
See https://lists.archlinux.org/pipermail/arch-devops/2020-December/000474.html .
2020-12-26 20:11:06 +02:00
nl6720
8ba2870829
configs/releng/syslinux/archiso_pxe-linux.cfg: add missing /boot to initrd file path
Fixes https://bugs.archlinux.org/task/68803 .
2020-12-01 07:12:31 +02:00
David Runge
c10004dfec
Fix issues with file ownerships/modes
archiso/mkarchiso:
Make sure to always compare absolute paths in `_make_custom_airootfs()` (as `realpath` is used).
Remove `echo` calls that prevent the setting of actual file ownerships and modes.

configs/releng/profiledef.sh:
Set file mode of /root/.automated_script.sh to 755.

Fixes #82
2020-11-30 21:48:08 +01:00
nl6720
863247d0a6
Keep all SYSLINUX files in /syslinux
This gets rid of the duplicate ldlinux.c32 and the useless isolinux.cfg which only points to syslinux.cfg.

Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/46 .
2020-11-30 16:00:15 +02:00
nl6720
183ae52792
Prevent path traversal outside of $airootfs_dir 2020-11-30 09:21:35 +02:00
nl6720
42d9e4f983
Allow specifying ownership and mode of custom airootfs files and directories
profiledef.sh can now contain an associative array called file_permissions which can be used to set custom ownership and mode of custom airootfs files. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and access mode.
For example:

    file_permissions=(
      ["/etc/shadow"]="0:0:400"
    )

This means that mkarchiso now copies airootfs files (and directores) without permissions and anything that should be owned by a user other than root and/or if the mode should be something other than 644 for files and 755 for directories must to be listed in ${file_permission[@]} in profiledef.sh.

Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/61 .
2020-11-30 08:46:24 +02:00
fdupoux
2c99df5c9b Reset network interfaces at the end of the PXE boot to allow DHCP to run 2020-11-18 21:16:27 +00:00
David Runge
3160db0e9e
Fix evaluation bugs in mkarchiso
archiso/mkarchiso:
Guard the call to `_mksignature()` in `_prepare_airootfs_image()` by an if statement.
Using the `&&` logic leads to `_prepare_airootfs_image()` evaluating to false if `$gpg_key` is not set.

Add `_msg_info()` calls to `_set_override()` which prevent the function from evaluating to false if no override is
being done. Additionally this is great for debugging purposes.

Add `_msg_info()` calls to `_read_profile()` (which is great for debugging purposes).

Fixes #81
2020-11-18 19:24:02 +01:00
Sven-Hendrik Haase
6c397136fd Use official archlinux Docker image
archlinux/base is being deprecated anyway.
2020-11-17 11:35:46 +00:00
nl6720
96ac5e2454
mkarchiso: add xorrisofs options from boot mode specific functions instead of hardcoding them in _build_iso 2020-11-14 15:36:45 +02:00
nl6720
4dfb473748
mkarchiso: validate profile right after reading it
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/76 .
2020-11-14 15:29:51 +02:00
nl6720
57d510fe7f
mkarchiso: general cleanup and simplification
- Remove remnants of the now removed legacy commands.
- Improve readability by getting rid of some "if" statements when performing string comparisons.
- Rename functions to make their purpose more clear.
- Move some conditions from functions to their invocations.
2020-11-14 14:49:33 +02:00
Sven-Hendrik Haase
bb91fd52d9
Use better xz options
Default: 732M
With these options: 675M
2020-11-03 21:17:20 +01:00
nl6720
cc169d7e31
configs/releng/packages.x86_64: add fatresize, gpart and tmux
- fatresize is a utility to resize FAT filesystems using libparted.
- gpart is partition table rescue/guessing tool.
- tmux is a terminal multiplexer. Requested in https://bugs.archlinux.org/task/68252 .
2020-11-01 19:46:32 +02:00
David Runge
40ae3ba97c
Set syslinux bootloader timeout to 15s
configs/releng/syslinux/archiso_sys.cfg:
Set the syslinux bootloader timeout to 15s.
In !97 it has accidentally been set to 1.5s.
2020-10-31 19:12:44 +01:00
David Runge
ee6c5faa86
Set bootloader timeouts to 15s
configs/releng/efiboot/loader/loader.conf,
configs/releng/syslinux/archiso_sys.cfg:

Set the bootloader timeout to 15s, as they have been set to an overly generous 30s in !79.

Fixes #80
2020-10-31 17:53:40 +01:00
fdupoux
9f16862acd Configure the image type and image creation options using profiles (#54) 2020-10-30 21:33:08 +00:00
Alexander Epaneshnikov
e369ade17d fix a typo, add myself in AUTHORS.rst 2020-10-29 16:55:16 +00:00
David Runge
e748a770b1
Add accessibility support based on option flag
scripts/run_archiso.sh:
Add the `-a` option flag to add accessibility support on demand for `run_archiso`.

Add accessibility specific options to qemu in `run_image()`.

Not providing the specific braille chardev hardware otherwise blocks running run_archiso with
`qemu-system-x86_64: -chardev braille,id=brltty: brlapi__openConnection: connect: No such file or directory`.

Fixes #77
2020-10-29 16:57:04 +01:00
David Runge
8bb3e8c12f
Fix linter errors in livecd-sound
configs/releng/airootfs/usr/local/bin/livecd-sound:
Replace oldstyle expr with a bash test in `is_numeric()`.

Replace use of `nword()` with call to `wc -w`.

Quote variables in `pick_a_card()`.

Fixes #78
2020-10-29 15:48:51 +01:00
Alexander Epaneshnikov
6a39300b0f implement accessibility support in archiso
this fixes #67
2020-10-29 12:30:37 +00:00
nl6720
6820f2cb69
Add modconf to HOOKS array in mkinitcpio.conf
The default mkinitcpio.conf includes modconf in HOOKS.
2020-10-29 13:36:27 +02:00
nl6720
3caa30fa2a
configs/releng/packages.x86_64: add squashfs-tools and udftools
- squashfs-tools can be used for system backup. https://wiki.archlinux.org/index.php/Full_system_backup_with_SquashFS
- udftools is needed to format UDF file systems.
2020-10-29 13:34:37 +02:00
David Runge
1bd944ee7c
Remove build.sh support from profiles and mkarchiso
configs/{baseline,releng}/build.sh:
Remove `build.sh` scripts. They were deprecated with v47.

archiso/mkarchiso:
Remove all `build.sh` related functionality (i.e. `command_pkglist()`, `command_iso()`, `command_prepare()`,
`command_install()`, `command_init()`, `command_run()`).

Rename `command_build_profile()` to `_build_profile()` to be more in line with the style of the other function naming.

Change `_show_config()` to only print info about the profile and make no more use of parameters.

Remove all help output related to legacy `build.sh` commands.

Fixes #51
2020-10-29 12:32:48 +01:00
David Runge
bff36764d3
Add documentation about how to create profiles
README.profile.rst:
Add information on all necessary components of a profile:

* profiledef.sh
* packages.arch
* airootfs/
* efiboot/
* isolinux/
* syslinux/

Fix wording for pacman.conf documentation

README.rst:
Add a link to README.profile.rst.

Fixes #38
2020-10-29 11:36:40 +01:00
Alexander Epaneshnikov
551edcd56d
run_archiso: fixup !86
forgot to enable USB support.
2020-10-25 00:14:46 +03:00
Alexander Epaneshnikov
cc2d9bbf8e run_archiso: add braille support
necessary for testing brltty in archiso
2020-10-24 19:22:31 +00:00
nl6720
ae0e914114
configs/baseline: support UEFI 2020-10-24 19:57:30 +03:00
David Runge
f3af569205
Set CacheDir and HookDir for profile more sanely
archiso/mkarchiso:
Change `_pacman()` to use the *modified* pacman.conf from the work_dir, instead of using the *unmodified* pacman.conf from
the profile.

Change `_make_pacman_conf()` to compare the system's and the profile's CacheDir setting and use the profile's CacheDir
setting only if it's not the default and not the same as the system's.

Always set the HookDir to the airootfs' override directory, so that no hooks from the host system are being run.

Remove DBPath, LogFile and RootDir settings from the work_dir pacman.conf as they are otherwise referring to the host
system, **even if** pacman is being called with the `-r` flag.

Fix a typo in _make_custom_airootfs().

README.profile.rst:
Add information about the pacman.conf in a profile and how configuration options behave, when used by mkarchiso.

Fixes #73
Fixes #74
2020-10-24 17:00:59 +02:00
nl6720
729d16b48c
Move FAT image to a separate partition outside the ISO 9660 file system
Support bios.syslinux.eltorito boot mode without bios.syslinux.mbr.
bios.syslinux.mbr does not work without bios.syslinux.eltorito because -isohybrid-mbr requires the El Torito boot image.

Support uefi-x64.systemd-boot.esp boot mode without uefi-x64.systemd-boot.eltorito and vice versa.
If uefi-x64.systemd-boot.eltorito is used without uefi-x64.systemd-boot.esp, the El Torito boot image will be placed in the ISO 9660 file system as before.
Note that an ISO created with only uefi-x64.systemd-boot.eltorito will still be bootable as a "hard disk" on OVMF. OVMF will boot the El Torito image.

This change has the following effect on the partition tables:

- *.eltorito options add El Torito boot catalog entries. MBR and GPT are not affected.
- uefi-x64.systemd-boot.esp creates a protective MBR partition table and a GPT table that includes a Linux filesystem data partition for the ISO 9660 volume, an EFI system partition and a Microsoft basic data partition that maps the 300 KiB padding added by xorriso.
- bios.syslinux.mbr (without uefi-x64.systemd-boot.esp): adds a MBR partition table and maps the ISO 9660 volume as a partition of type 0x83. No GPT is produced.
- bios.syslinux.mbr (with uefi-x64.systemd-boot.esp): adds an second partition in the MBR (after 0xEE) starting from sector 0 to sector 1 with type 0 and marks it as bootable. This violates the GPT specification, but allows some systems to succesfully boot in BIOS mode from GPT.

Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/49
2020-10-24 13:15:37 +03:00
Alexander Epaneshnikov
5f4260fcb1 add sound support in run_archiso.sh
also included serial output on stdio it helps in debugging without sight.
2020-10-10 13:03:02 +00:00
David Runge
2c66cd45e0
Add Contribute section to README
README.rst:
Add Contribute section to README to provide information about code of conduct, contributing guide and contact
information (mailing list and IRC).

Fixes #72
2020-10-10 11:32:20 +02:00
nl6720
bfab360529
Ensure that _make_boot_uefi-x64.systemd-boot.esp can be re-run if it fails
Remove efiboot.img if it exists so that mkfs.fat does not fail.
2020-10-07 11:42:08 +03:00
nl6720
f45fc29fe0
Save SOURCE_DATE_EPOCH to a file and read it from the file when resuming a build
Print the build date.
Don't re-run mksquashfs if it succeeded, but the failure was in gpg signing. For example, if the gpg pinentry timed out.
2020-10-07 11:42:08 +03:00
nl6720
455e2b94c0
Check command line parameter count instead of option count, and do it after evaluating option arguments
Fixes b6241cb1d0 .
2020-10-07 11:33:56 +03:00
nl6720
b6241cb1d0
Don't require root privileges just to show a "No command specified" error
Check if a profile or command is specified before looking at EUID.
2020-10-04 11:31:14 +03:00