A new option -g <keyid> is added to build.sh set the key id. If it is set, the squashfs files will be signed
by gpg and the gpg key will be added to archiso.img. In order to use this option, a gpg agent must be running.
Since build.sh is executed as root, it may be necessary to set the GNUPGHOME environment variable, for
example
$ su -c "GNUPGHOME=/home/youruser/.gnupg /path/to/build.sh -g yourkeyid"
I see cases where a stale loop device stays around and fills up my
partition as image file is still in use and does not get unlinked.
Explicitly detach loop device on umount to fix that.
Signed-off-by: Christian Hesse <mail@eworm.de>
Tested only under QEMU using OVMF SecureBoot enabled firmware plus lockdown-ms.
Both loader.efi (gummiboot) and vmlinuz.efi should be hashed before boot in secure mode.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
* Remove the unattended-keyring-init patch as this was applied by upstream with pacamn 4.1
* Update our pacman.conf following the new upstream default
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
* This scripts, now runs only in x86_64.
* build.sh does not require arguments to run (no more build, clean, purge).
* /usr/share split is not done anymore: there are some differences between two arches. (ISO size +60MiB)
* /usr/lib/modules split is not done anymore: this was never enabled officially in aitab.
Tested and works fine. Maybe some small cosmetic changes needed.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Simplify code path.
Previously in "dual" mode is executed when arch=i686, i686 was used as primary source.
This does not change current behaviour of building "dual" on x86_64.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Using a separate shell script to customize live-enviroment,
makes much more readable code.
Move all thing except:
* Need network access (name resolving).
* Need access to some file outside chroot.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
* pacman-init already pulls in services it depends on
* the multi-user.target is the default
* do not rename the getty service so tools like systemd-delta still work
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
A live system should never alter the host system in any way. This includes setting the bios clock.
E.g. if the user runs his system in local time we would do the wrong thing here.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
* Increase size to a safe 31M, (currently we have 400K free since latest changes)
* Also set a filesystem label, can be useful for future usage...
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
This installs zsh and sets it as default for root and the arch user.
grml-zsh-config is installed as a userfriendly default configuration.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
* We use a rc.conf file loser to the upstream default.
* Use the recommend config files to setup hostname, locale, timezone and console
EDIT (Gerardo): Add empty FONT= and use ln -f for localtime
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Download and add the current installation guide as plain text.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
This was made originally using directly pacman-key file,
convert it in a patch form, to be more easy to track it.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Although everything should be fine now (due to the /lib -> /usr/lib symlink),
adjust everything to the proper path.
Edited (Gerardo): Also rename function name and image name to be consisten.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
This ensures we do not pick up any testing or third party repos from the host.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
* Download and add package signatures to the repository database
* Support any number of configured package caches
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>