diff --git a/usr/bin/archboot-aarch64-server-release.sh b/usr/bin/archboot-aarch64-server-release.sh index 64e62bd28..7088498fd 100755 --- a/usr/bin/archboot-aarch64-server-release.sh +++ b/usr/bin/archboot-aarch64-server-release.sh @@ -58,8 +58,7 @@ rm -r "${_PACMAN_AARCH64}" echo "Finished container tarball." #shellcheck disable=SC2086 sudo -u "${_USER}" gpg ${_GPG} "${_PACMAN_AARCH64_CHROOT}" -chown "${_USER}" ${_PACMAN_AARCH64_CHROOT}{,.sig} -chgrp "${_GROUP}" ${_PACMAN_AARCH64_CHROOT}{,.sig} +chown "${_USER}:${_GROUP}" ${_PACMAN_AARCH64_CHROOT}{,.sig} sudo -u "${_USER}" scp ${_PACMAN_AARCH64_CHROOT}{,.sig} ${_SERVER}:${_PACMAN_AARCH_SERVERDIR} || exit 1 # create release in "${_ISODIR}" cd "${_ISODIR}" || exit 1 diff --git a/usr/bin/archboot-archinstall.sh b/usr/bin/archboot-archinstall.sh new file mode 100755 index 000000000..ba8dc07f9 --- /dev/null +++ b/usr/bin/archboot-archinstall.sh @@ -0,0 +1,39 @@ +#!/bin/bash +_ARCHINSTALL=$(mktemp -d archinstall.XXX) +_USER="tobias" +_GROUP="users" +_GPG="--detach-sign --no-armor --batch --passphrase-file /etc/archboot/gpg.passphrase --pinentry-mode loopback -u 7EDF681F" +_SERVER="pkgbuild.com" +_SHIM_ARCH_SERVERDIR="/home/tpowa/public_html/archboot-helper/archinstall" +### check for root +if ! [[ ${UID} -eq 0 ]]; then + echo "ERROR: Please run as root user!" + exit 1 +fi +### check for tpowa's build server +if [[ ! "$(cat /etc/hostname)" == "T-POWA-LX" ]]; then + echo "This script should only be run on tpowa's build server. Aborting..." + exit 1 +fi +chown "${_USER}:${_GROUP}" "${_ARCHINSTALL}" +cd "${_ARCHINSTALL}" || exit 1 +# download packages from fedora server +echo "Building archinstall C version..." +nuitka3 --standalone /usr/bin/archinstall || exit 1 +mv archinstall.dist/archinstall ./ +# sign files +echo "Sign file and upload ..." +chmod 755 archinstall +chown "${_USER}:${_GROUP}" archinstall +for i in archinstall; do + #shellcheck disable=SC2086 + [[ -f "${i}" ]] && sudo -u "${_USER}" gpg ${_GPG} "${i}" || exit 1 + [[ -f "${i}" ]] && cksum -a sha256 "${i}" >> sha256sum.txt + [[ -f "${i}.sig" ]] && cksum -a sha256 "${i}.sig" >> sha256sum.txt +done +sudo -u "${_USER}" scp archinstall "${_SERVER}:${_SHIM_ARCH_SERVERDIR}" || exit 1 +# cleanup +echo "Remove ${_ARCHINSTALL} directory." +cd .. +rm -r ${_ARCHINSTALL} +echo "Finished archinstall C version." diff --git a/usr/bin/archboot-fedora-shim.sh b/usr/bin/archboot-fedora-shim.sh index a82418e26..c0396e6f9 100755 --- a/usr/bin/archboot-fedora-shim.sh +++ b/usr/bin/archboot-fedora-shim.sh @@ -1,8 +1,7 @@ #!/bin/bash -_FEDORA_SERVER="https://kojipkgs.fedoraproject.org" _SHIM_VERSION="15.4" _SHIM_RELEASE="5" -_SHIM_URL="${_FEDORA_SERVER}/packages/shim/${_SHIM_VERSION}/${_SHIM_RELEASE}" +_SHIM_URL="https://kojipkgs.fedoraproject.org/packages/shim/${_SHIM_VERSION}/${_SHIM_RELEASE}" _SHIM_RPM="x86_64/shim-x64-${_SHIM_VERSION}-${_SHIM_RELEASE}.x86_64.rpm" _SHIM32_RPM="x86_64/shim-ia32-${_SHIM_VERSION}-${_SHIM_RELEASE}.x86_64.rpm" _SHIM_AA64_RPM="aarch64/shim-aa64-${_SHIM_VERSION}-${_SHIM_RELEASE}.aarch64.rpm" @@ -51,8 +50,7 @@ echo "Sign files and upload ..." #shellcheck disable=SC2086 cd shim-fedora/ || exit 1 chmod 644 ./* -chown "${_USER}" ./* -chgrp "${_GROUP}" ./* +chown "${_USER}:${_GROUP}" ./* for i in *.efi; do #shellcheck disable=SC2086 [[ -f "${i}" ]] && sudo -u "${_USER}" gpg ${_GPG} "${i}" || exit 1 diff --git a/usr/lib/initcpio/install/archboot_installer b/usr/lib/initcpio/install/archboot_installer index bd7212f68..b602aab39 100644 --- a/usr/lib/initcpio/install/archboot_installer +++ b/usr/lib/initcpio/install/archboot_installer @@ -3,6 +3,12 @@ build () { + _ARCHINSTALL_URL="https://pkgbuild.com/~tpowa/archboot-helper/archinstall/archinstall" + _ARCHINSTALL=$(mktemp -d /var/tmp/archinstall.XXX) + curl -s --create-dirs -L -O --output-dir "${_ARCHINSTALL}" "${_ARCHINSTALL_URL}" + chmod 755 "${_ARCHINSTALL}/archinstall" + add_binary "${_ARCHINSTALL}/archinstall" "/usr/bin/archinstall" + add_file "${_SHIM}/${i}" "/usr/share/archboot/fedora-shim/${i}" apps="genfstab arch-chroot pacstrap \ archboot-$(uname -m)-release.sh archboot-mktorrent.sh \ archboot-restore-usbstick.sh isoinfo mktorrent archboot-copy-mountpoint.sh \ @@ -23,7 +29,7 @@ build () help () { cat<