#!/usr/bin/env bash # SPDX-License-Identifier: GPL-2.0-only # Created by Tobias Powalowski build () { ### add virtio modules map add_module virtio? zram? btrfs? zstd? libcrc32c? ### setting up base structure map add_dir "/root" "/mnt" "/sysroot" "/install" "/var/log" "/home" "/var/tmp" add_symlink /var/run ../run add_symlink /var/lock ../run/lock ### add basic apps map add_binary init agetty basename mount umount clear env printf gawk tty bash rbash \ partprobe cp dir du ls mv rm sed grep kill killall more ps pwd rmdir true cat \ mkdir echo false sleep kmod pidof touch chmod find wc uname yes awk halt \ shutdown reboot poweroff insmod modprobe sh dd sort zstd date tee mktemp \ install pgrep mkfs.btrfs rmmod mountpoint gzip ldconfig nscd ln top df cut \ stat tr passwd od tar bsdtar ### add nano add_binary nano add_full_dir /usr/share/nano add_file /etc/nanorc # add syntax highlighting echo "include \"/usr/share/nano/*.nanorc\"" >> "$BUILDROOT/etc/nanorc" ### add machine-id touch "$BUILDROOT/etc/machine-id" ### add file magic file add_file /usr/share/file/misc/magic.mgc add_file "/usr/lib/libkmod.so" add_symlink "/init" "/usr/lib/systemd/systemd" ### adding needed files from running system map add_full_dir "/etc/profile.d" "/usr/share/terminfo" add_symlink /usr/lib/terminfo ../share/terminfo systemfiles="bash.bash_logout bash.bashrc crypttab fstab host.conf hosts \ inputrc mke2fs.conf nscd.conf nsswitch.conf protocols \ request-key.conf securetty services" for i in $systemfiles; do add_file "/etc/$i" done ### adding config files of installation system map add_file "/etc/profile" "/etc/shells" basic_config="os-release hostname modprobe.d/modprobe.conf" for i in $basic_config; do add_file "/usr/share/archboot/base/etc/${i}" "/etc/${i}" done ### add coreutils,cryptsetup,terminfo libs and charmaps map add_full_dir /usr/lib/coreutils /usr/lib/cryptsetup \ /usr/lib/gconv /usr/share/readline ### add locale support map add_binary locale-gen localedef add_file /etc/locale.gen _LANG="be bg cs da de en el es fi fr hu it lt lv mk nl nn pl pt ro ru sk sr sv uk" for i in ${_LANG}; do add_full_dir /usr/share/locale/${i} done add_file /usr/share/locale/locale.alias add_full_dir /usr/share/i18n/locales # only support UTF-8 add_file /usr/share/i18n/charmaps/UTF-8.gz # remove conflicting files from not installed packages: binutils, grub and gdbm find $BUILDROOT/usr/share/locale/ -type f \( -name 'grub*' -o -name 'binutils*' -o -name 'gdbm*' -o -name 'bfd*' \ -o -name 'gettext*' -o -name 'gas*' -o -name 'gold*' -o -name 'gprof*' -o -name 'ld*' \ -o -name 'opcodes*' \) -delete ### add bash configuration # add bash-completion add_full_dir /usr/share/bash-completion # use color bash prompt # unlock and delete root password, if not set by user! # use color grep and ls output for i in custom-bash-options.sh archboot-reset-root-password.sh; do add_file "/usr/share/archboot/base/etc/profile.d/${i}" "/etc/profile.d/${i}" done # add default bash setup for i in .bashrc .bash_profile .bash_logout; do add_file "/etc/skel/${i}" "/root/${i}" done # add custom bash options echo ". /etc/profile.d/custom-bash-options.sh" >> "$BUILDROOT/root/.bashrc" # add /etc/skel add_full_dir /etc/skel ### add kmod related config file(s) add_file "/usr/lib/depmod.d/search.conf" ### fixing network support from glibc map add_file "/lib/libnss_files.so.2" "/lib/libnss_dns.so.2" ### add hwdata add_full_dir /usr/share/hwdata ### add pam map add_binary mkhomedir_helper pam_timestamp_check unix_chkpwd unix_update map add_full_dir "/etc/security" "/etc/default" "/etc/pam.d" "/usr/lib/security" add_file "/etc/environment" ### add shadow map add_binary login nologin add_file "/etc/login.defs" ### add systemd # add systemd kernel modules add_all_modules 'nfs|autofs4|loop' map add_binary mount.nfs4 umount.nfs umount.nfs4 mount.nfs setfont loadkeys #dbus files map add_binary dbus-cleanup-sockets dbus-daemon dbus-launch dbus-monitor dbus-run-session dbus-send dbus-test-tool \ dbus-update-activation-environment dbus-uuidgen /usr/lib/dbus-1.0/dbus-daemon-launch-helper add_dir "/var/lib/dbus" map add_full_dir "/etc/dbus-1" "/usr/share/dbus-1" # tpm2-tss files map add_binary secret-tool pinentry pinentry-curses gpgme-tool gpgme-json map add_full_dir /etc/tpm2-tss /etc/pinentry #systemd files map add_binary systemd-umount busctl bootctl coredumpctl hostnamectl journalctl kernel-install localectl \ loginctl machinectl networkctl systemctl systemd-analyze systemd-ask-password \ systemd-cat systemd-cgls systemd-cgtop \ systemd-delta systemd-detect-virt systemd-escape systemd-firstboot systemd-hwdb systemd-inhibit systemd-machine-id-setup \ systemd-mount systemd-notify systemd-nspawn systemd-path systemd-resolve \ systemd-run systemd-socket-activate systemd-stdio-bridge systemd-sysusers \ systemd-tty-ask-password-agent timedatectl systemd-repart userdbctl homectl oomctl portablectl systemd-creds \ systemd-cryptenroll systemd-dissect systemd-id128 systemd-sysext map add_dir "/etc/tmpfiles.d" "/etc/modules-load.d" "/etc/binfmt.d/" "/var/lib/systemd" map add_full_dir "/etc/sysctl.d/" "/etc/systemd" "/etc/xdg" "/usr/lib/systemd" "/usr/share/systemd" "/usr/share/factory" \ "/usr/share/polkit-1" "/usr/lib/tmpfiles.d" "/usr/lib/modules-load.d" "/usr/lib/sysusers.d" "/usr/lib/sysctl.d" add_file "/usr/share/archboot/base/etc/locale.conf" "/etc/locale.conf" add_file "/usr/share/archboot/base/etc/vconsole.conf" "/etc/vconsole.conf" add_file "/usr/share/archboot/base/etc/systemd/system/getty@.service" "/etc/systemd/system/getty@.service" add_file "/usr/share/archboot/base/etc/systemd/system/serial-getty@.service" "/etc/systemd/system/serial-getty@.service" add_file "/usr/share/archboot/base/etc/systemd/system/autovt@.service" "/etc/systemd/system/autovt@.service" add_file "/usr/share/archboot/base/etc/systemd/system/getty.target.wants/getty@tty1.service" \ "/usr/lib/systemd/system/getty@tty1.service" add_symlink "/etc/systemd/system/getty.target.wants/getty@tty1.service" "/usr/lib/systemd/system/getty@tty1.service" ### add missing libsystemd files map add_file "/usr/lib/libnss_myhostname.so.2" "/usr/lib/libnss_mymachines.so.2" \ "/usr/lib/libnss_resolve.so.2" "/usr/lib/libnss_systemd.so.2" ### fix tmpfiles startup map add_file "/usr/lib/libnss_compat.so.2" "/usr/lib/libnsl.so.1" ## fix for systemd >=245 set default.target # remove initrd-release to allow normal systemd boot without initrd.target rm -f $BUILDROOT/etc/initrd-release add_symlink "/etc/systemd/system/default.target" "/usr/lib/systemd/system/multi-user.target" # mask systemd-gpt-auto-generator, errors out on initramfs usage add_symlink "/etc/systemd/system-generators/systemd-gpt-auto-generator" "/dev/null" ### add udev, which is not covered by udev hook add_binary "logger" # add rule files add_full_dir "/usr/lib/udev" # add schedule rules file add_file "/usr/share/archboot/base/etc/udev/rules.d/60-ioschedulers.rules" "/etc/udev/rules.d/60-ioschedulers.rules" # add swapiness sysctl config file add_file "/usr/share/archboot/base/etc/sysctl.d/99-sysctl.conf" "/etc/sysctl.d/99-sysctl.conf" ### add pacman map add_binary pacman pacman-conf pacman-key pacman-db-upgrade makepkg \ repo-add repo-elephant testpkg vercmp curl gpg-agent gpg \ gpgconf gpg-connect-agent repo-remove archlinux-keyring-wkd-sync map add_dir "/var/cache/pacman/pkg" "/var/lib/pacman" map add_file "/etc/pacman.conf" "/etc/makepkg.conf" "/etc/pacman.d/mirrorlist" # add pacman initialisation of gpg keys add_dir "/etc/pacman.d/gnupg" add_file "/usr/share/archboot/base/etc/systemd/system/pacman-init.service" "/etc/systemd/system/pacman-init.service" #add_symlink "/etc/systemd/system/multi-user.target.wants/pacman-init.service" "/etc/systemd/system/pacman-init.service" map add_full_dir "/usr/share/pacman/keyrings" "/usr/share/makepkg" # add local installed pacman database in container mode if [[ -e "/etc/hostname" ]]; then [[ "$(cat /etc/hostname )" == "archboot" ]] && add_full_dir "/var/lib/pacman/local" else add_full_dir "/var/lib/pacman/local" fi ### add nss p11-kit and ca certificates map add_binary p11-kit trust certutil cmsutil crlutil modutil nss-config pk12util \ shlibsign signtool signver ssltap symkeyutil update-ca-trust cafile="tls-ca-bundle.pem" cert="cert.pem" cert2="ca-certificates.crt" ca_dir="/etc/ca-certificates/extracted" cert_dir="/etc/ssl" cert2_dir="/etc/ssl/certs" map add_full_dir "$ca_dir" "$cert2_dir" /usr/lib/p11-kit /usr/lib/pkcs11 add_symlink "${cert_dir}/${cert}" "../ca-certificates/extracted/$cafile" add_symlink "${cert2_dir}/${cert2}" "../../ca-certificates/extracted/$cafile" add_file /usr/share/ca-certificates/trust-source/mozilla.trust.p11-kit add_file /usr/share/p11-kit/modules/p11-kit-trust.module ### add secure boot MOK add_full_dir /usr/share/archboot/keys ### remove conflicting mkinitcpio files and grub rm ${BUILDROOT}/usr/lib/systemd/system/mkinitcpio-generate-shutdown-ramfs.service \ ${BUILDROOT}/usr/lib/systemd/system/shutdown.target.wants/mkinitcpio-generate-shutdown-ramfs.service \ ${BUILDROOT}/usr/lib/systemd/ukify \ ${BUILDROOT}/usr/lib/tmpfiles.d/mkinitcpio.conf \ ${BUILDROOT}/usr/share/bash-completion/completions/lsinitcpio \ ${BUILDROOT}/usr/share/bash-completion/completions/mkinitcpio \ ${BUILDROOT}/usr/share/bash-completion/completions/grub \ ${BUILDROOT}/usr/lib/modules-load.d/cdrecord.conf ### fix licenses map add_file /usr/share/licenses/shadow/COPYING /usr/share/licenses/iana-etc/LICENSE \ /usr/share/licenses/dbus/COPYING /usr/share/licenses/p11-kit/COPYING } help () { cat <