profiledef.sh can now contain an associative array called file_permissions which can be used to set custom ownership and mode of custom airootfs files. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and access mode.
For example:
file_permissions=(
["/etc/shadow"]="0:0:400"
)
This means that mkarchiso now copies airootfs files (and directores) without permissions and anything that should be owned by a user other than root and/or if the mode should be something other than 644 for files and 755 for directories must to be listed in ${file_permission[@]} in profiledef.sh.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/61 .
- fatresize is a utility to resize FAT filesystems using libparted.
- gpart is partition table rescue/guessing tool.
- tmux is a terminal multiplexer. Requested in https://bugs.archlinux.org/task/68252 .
configs/releng/efiboot/loader/loader.conf,
configs/releng/syslinux/archiso_sys.cfg:
Set the bootloader timeout to 15s, as they have been set to an overly generous 30s in !79.
Fixes#80
configs/releng/airootfs/usr/local/bin/livecd-sound:
Replace oldstyle expr with a bash test in `is_numeric()`.
Replace use of `nword()` with call to `wc -w`.
Quote variables in `pick_a_card()`.
Fixes#78
configs/{baseline,releng}/build.sh:
Remove `build.sh` scripts. They were deprecated with v47.
archiso/mkarchiso:
Remove all `build.sh` related functionality (i.e. `command_pkglist()`, `command_iso()`, `command_prepare()`,
`command_install()`, `command_init()`, `command_run()`).
Rename `command_build_profile()` to `_build_profile()` to be more in line with the style of the other function naming.
Change `_show_config()` to only print info about the profile and make no more use of parameters.
Remove all help output related to legacy `build.sh` commands.
Fixes#51
Slightly simplifies adding boot loader configuration for more kernels.
Unfortunately the INCLUDE statement doesn't support wildcards, so each new file must be manually included in the main syslinux configuration file (syslinux.cfg for baseline and archiso_sys.cfg for releng).
**archiso/mkarchiso**:
Change all override option parameters (i.e. `-A`, `-C`, `-D`, `-L`, `-P` and `-g`) to not directly override the global
variable they are tied to, but instead using an `override_` prefixed variable.
Add `_set_overrides()` to use `override_` prefixed variables (if set) to override those without a prefix.
Remove `-B` (a profile directory) from the list of parameters. The profile directory is now provided as separate
non-option parameter.
Add a call to `_read_profile()`, `_set_overrides()` and `command_build_profile()` to the fallthrough option of the
switch-case checking `command_name` - a non-option parameter to mkarchiso. This effectively provides the possibility to
set the profile directory using a non-option parameter, while still maintaining compatibility to legacy named arguments
used in the configs' `build.sh` scripts.
Extend the warning in regards to legacy `build.sh` based commands to mkarchiso by providing an EOL with archiso v49.
Change the help output to reflect the changes and further elaborate on the legacy commands used by `build.sh` scripts.
Change help output to be ordered alphabetically.
Add help output for `-r` and `-g` options.
Call `_set_overrides()` for legacy commands that accept one or more of the overriden options (i.e. `command_init`,
`command_install`, `command_prepare` and `command_iso`).
Various style fixes.
**configs/{baseline,releng}/build.sh**:
Change call to mkarchiso to use the profile's directory as a named argument instead of an option-argument.
**README.rst**:
Fix documentation on how to call mkarchiso with a profile directory.
Fix wording and ordering of option arguments for run_archiso documentation.
Fixes#52
Boot mode names are:
- bios_syslinux.mbr: SYSLINUX in MBR
- bios.syslinux.eltorito: SYSLINUX (ISOLINUX) via El Torito
- uefi-x64.systemd-boot.esp: systemd-boot on ESP in MBR
- uefi-x64.systemd-boot.eltorito: systemd-boot on ESP via El Torito
It is not yet possible to create an ISO with only El Torito or only MBR boot modes!
An ISO's checksum and GPG validation primarily matters when PXE booting, so it would be appropriate to enable these options for releng.
They should protect against booting a corrupt image.
configs/releng/airootfs/etc/systemd/system/reflector.service:
Use the 70 mirrors synced most recently (--latest) instead of a specific time since last sync (--age).
According to FS#67399 using 1hour as sync age is too short, as it sometimes leads to empty list.
configs/releng/airootfs/etc/fstab:
/etc/fstab shipped by the filesystem package has only comments. There is no reason to replace it with an empty file.
configs/releng/airootfs/etc/systemd/system/default.target:
There is no harm in booting to graphical.target. releng does not enable (or even install) any service that has {Required,Wanted}By=graphical.target.
LICENSE:
Add GPL-3.0 license.
{{archiso,configs}/*,.editorconfig,.gitlab-ci.yml}:
Add SPDX license identifier.
Makefile:
Add SPDX license identifier.
Install the `run_archiso.sh` script as global executable `run_archiso`.
Use -D and -t flags to install to install files more generically (without a previous call to install the directory).
README.rst:
Add README outlining the project's scope, how to build images from the profiles and how to test.
AUTHORS.rst:
Add list of all direct contributors to the repository.
CONTRIBUTING.rst:
Add basic contribution guidelines, explaining the linter and the license in use.
Closes#7Closes#3
configs/*:
Copy all files that do not need a rename generically (not specifying a destination file name).
Do not rename vmlinuz-linux to vmlinuz or vmlinuz.efi (as this serves no purpose and makes the scripts more
complicated).
Do not rename microcode (i.e. {amd,intel}-ucode.img) when copying them and change all boot loader configuration files
that assume a renamed microcode image.
Add note and link to Arch Linux wiki to state why memtest.bin is renamed to memtest.
Copy license files for {amd,intel}-ucode and memtest more generically by placing them into subdirectories with the same
name as the package (to circumenvent overwriting one other).
Closes#33
configs/{baseline,releng}/build.sh:
Copy custom files to airootfs before installing packages.
Instead of calling `mkarchiso init`, list all required packages in packages.x86_64 and install them all at once with `mkarchiso install`. The mkdir command which `mkarchiso init` performs is now done by make_custom_airootfs.
configs/releng/build.sh:
Don't copy configs/releng/pacman.conf to airootfs, it is only meant to provide a unmodified pacman.conf durring pacstrap. In airootfs, an unmodified /etc/pacman.conf will be installed with the pacman package.
/usr/local/bin/Installation_guide:
Add a convenience script which opens the installation guide in lynx.
/etc/motd:
Provide a message with minimal instructions for connecting to internet and inform about the Installation_guide convenience script.
configs/releng/syslinux/archiso_tail.cfg:
APM is old and some motherboard firmwares have removed support for it.
reboot.c32 and poweroff.c32 will not work on such firmwares.
Add a help text to "Reboot" and "Power Off" boot menu entries that warns about requiring APM.
When built with CONFIG_FONT_TER16x32, the Linux kernel includes a TER16x32 font based on ter-i32b from terminus-font. The kernel will automatically choose this font on screen resolutions larger than 1920×1080.
The terminus-font package includes fonts for other character sets, which may be useful during installation.
It is enough if one network interface is online, there is no need to wait for all of them.
Without this, when connecting with Wi-Fi and leaving Ethernet disconnected, the network-online.target will get unnecessarily delayed.
archiso/mkarchiso:
Calls to _pacman() need to be done with multiple parameters (e.g. array) instead of one string, as string splitting is
not done in that function anymore.
Turning _iso_efi_boot_args from string into an array to have an easier time of passing it to xorriso.
Calling xorriso within the if statements instead of providing -quiet via variable.
Fixing command_install() to provide packages separately to _pacman()
configs/releng/build.sh:
Replacing all newlines when retrieving the packages from packages.x86_64 with spaces so they will be properly provided
to "mkarchiso install".
{configs/releng/efiboot/loader/entries/archiso-x86_64-{cd,usb}.conf,configs/releng/syslinux/archiso_{pxe,sys}.cfg}:
Standardizing the boot loader entry format by switching all entries to the form:
"Arch Linux install medium (<CARCH>[, <PROPERTY>])".
This removes the distinction between "CD" and "USB" when booting in UEFI "el-torito" (as the information is not useful).
Changing some of the syslinux help text as well to reflect this change. This also drops the specific <CARCH> from the
syslinux help text as it is duplicated information.
Closes#24
archiso/mkarchiso:
Quoting all variables.
Changing pkg_list to be an array instead of a string for easier
handling. Using read to properly populate pkg_list from OPTARG with
stripped whitespaces.
Not exporting iso_label anymore as there seems to be no reason to do so.
Introducing line breaks.
.editorconfig:
Setting max_line_length to 120.
Adding a section for YAML files (e.g. .gitlab-ci.yml).
configs/releng/build.sh
Quting nearly all variables.
Introducing line breaks.
configs/baseline/build.sh:
Quoting all variables.
Introducing line breaks.
.gitlab-ci.yml:
Adding gitlab CI for shelleck linting of the config build scripts, mkarchiso and startup scripts in releng.
Closes#19
configs/releng/airootfs/etc/systemd/network/20-{ethernet,wirless}.network:
Making sure that systemd-networkd enables DHCP capabilities also for
IPv6 ('DHCP=yes' and unsetting IPv6AcceptRA - see `man 5
systemd.network` for further information).
Closes#23
configs/releng/packages.x86_64:
Due to dropping netctl from the image, no packgae currently directly
pulls in a resolvconf provider.
The systemd-resolvconf package is compatible with systemd-resolved which
is in use on the image now and the preferred choice.
Closes#22
configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/iwd.service:
Adding a symlink to /usr/lib/systemd/system/iwd.service to enable iwd in
airootfs (and thus on the image).
Closes#18
configs/releng/packages.x86_64:
Removing packages:
* grub :rescue/ installation actions for grub should be run from within
a chroot
* lsscsi: lsblk provides the same functionality
* netctl: we have systemd-networkd enabled by default
* ntp: we have systemd-timesyncd
* refind: rescue/ installation actions for refind should be run from
within a chroot
* vi: we have vim
Closes#15
configs/releng/build.sh:
Fixing wrong ownership of files when copying overlay modifications from
the config's airootfs directory to the working directory in
make_customize_airootfs() by using the cp flag
'--no-preserve=ownership'.
Thanks to Marcos Mello and Francois Dupoux of sysresccd
(https://gitlab.com/fdupoux/sysresccd-src) for making this fix
available.
Closes#11
configs/releng/packages.x86_64:
Adding nvme-cli to the list of packages for working with NVME drives in
a live environment (as discussed in FS#63769).
Closes#20
configs/releng/airootfs/root/.automated_script.sh:
Replacing wget with curl for the use-case of downloading a
pre-specified remote startup script (changing flags where needed).
configs/releng/packages.x86_64:
Removing wget from the list of installed packages, as
.automated_script.sh was the only reason for it being installed.
Closes#16
Adding a numerical prefix ('20-') to the ethernet.network and
wireless.network configuration files for systemd-networkd.
This way overriding them can become more predictable e.g. by providing
files with a '30-' prefix.
Closes#13
configs/releng/build.sh:
Copying the edk2-shell based Shell_Full.efi to the root of the iso/ efi
image as 'shellx64.efi' is automatically picked up by certain hardware
and by systemd-boot.
This makes all custom UEFI shell configuration obsolete.
configs/releng/efiboot/loader/entries/uefi-shell-*.conf:
Removing obsolete custom UEFI shell boot loader configuration.
Closes#14
configs/releng/build.sh:
Removing the efitools based PreLoader.efi and HashTool.efi, as they are
dead weight due to not allowing secure boot (FS#59487).
Future secure boot functionality (most probably based on shim) is being
discussed in FS#53864.
Closes#17
configs/releng/airootfs/etc/udev/rules.d/81-dhcpcd.rules:
Removing the udev rule for starting dhcpcd@.service on interfaces of the
form eth* and en*.
configs/releng/airootfs/etc/systemd/network/{ethernet,wireless}.network:
Adding default DHCP configurations for en*, eth*, wlp* and wlan*
interfaces.
configs/releng/airootfs/etc/resolv.conf:
Adding a symlink from /run/systemd/resolve/stub-resolv.conf to
/etc/resolv.conf (in airootfs).
configs/releng/airootfs/root/customize_airootfs.sh:
Adding systemd-networkd and systemd-resolved to the list of services
that are being enabled during airootfs customization.
configs/releng/efiboot/loader/loader.conf:
The 'default' bootloader selection of systemd-boot is based on a glob
pattern. The previous pattern was not sufficient to select anything,
which is why it is now made explicit (pointing to archiso-x86_64.conf).
configs/releng/build.sh:
Instead of downloading UDK2018 based edk2 UEFI shell, use the Shell
binaries from the edk2-shell package.
This effectively makes the use of EFI shell v1 obsolete.
configs/releng/efiboot/loader/entries/uefi-shell-v*:
Renaming UEFI shell entries to match the packaged edk2-shell based UEFI
shell binaries.
configs/releng/build.sh:
Renaming the systemd-boot bootloader entries for UEFI shell (normal and
full version) to reflect their file names, which are derived from the
binary names in the edk2-shell package.
Copying the edk2-shell based UEFI shell binaries for normal efiboot and
.iso based "el-torito" efiboot mode.
docs/README.build:
Adding edk2-shell to the requirements in the documentation, as the
package is now used to provide UEFI shell.
configs/releng/packages.x86_64:
As the refind-efi package has been renamed to refind, the package
required for the releng image needs to be renamed as well.
The package linux-firmware has a new split package amd-ucode. Do not
build the image manually but use the package.
Signed-off-by: Christian Hesse <mail@eworm.de>
extract `uname -r` from the contents of vmlinuz-linux rather than make
assumptions about the kernel EXTRAVERSION.
This is trivially customizable by changing the chosen kernel image.
Fixes FS#59496
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>