Merge branch 'master' of github.com:manjaro/manjaro-tools into stable-0.14.x
This commit is contained in:
commit
90a9f635f4
10 changed files with 87 additions and 53 deletions
|
@ -122,6 +122,9 @@ overriding
|
|||
# requires minimum 4.0 kernel on the build host and on iso in profile.conf
|
||||
# use_overlayfs="false"
|
||||
|
||||
# gpg key; leave empty or commented to skip sfs signing
|
||||
# gpgkey=""
|
||||
|
||||
################ deployiso ################
|
||||
|
||||
# the server user
|
||||
|
@ -225,10 +228,12 @@ Usage: buildiso [options]
|
|||
-t <dir> Target directory
|
||||
[default: /var/cache/manjaro-tools/iso]
|
||||
-k <name> Kernel to use
|
||||
[default: linux44]
|
||||
[default: linux49]
|
||||
-i <name> Init system to use
|
||||
[default: systemd]
|
||||
-s Sign the iso
|
||||
-g <key> The gpg key for sfs signing
|
||||
[default: empty]
|
||||
-m Set SquashFS image mode to persistence
|
||||
-c Disable clean work dir
|
||||
-x Build images only
|
||||
-z Generate iso only
|
||||
|
|
|
@ -82,6 +82,7 @@ display_settings(){
|
|||
msg2 "chroots_iso: %s" "${chroots_iso}"
|
||||
msg2 "initsys: %s" "${initsys}"
|
||||
msg2 "kernel: %s" "${kernel}"
|
||||
[[ -n ${gpgkey} ]] && msg2 "gpgkey: %s" "${gpgkey}"
|
||||
|
||||
msg "ARGS:"
|
||||
msg2 "clean_first: %s" "${clean_first}"
|
||||
|
@ -134,6 +135,8 @@ usage() {
|
|||
echo " [default: ${kernel}]"
|
||||
echo ' -i <name> Init system to use'
|
||||
echo " [default: ${initsys}]"
|
||||
echo ' -g <key> The gpg key for sfs signing'
|
||||
echo " [default: ${gpgkey}]"
|
||||
echo ' -m Set SquashFS image mode to persistence'
|
||||
echo ' -c Disable clean work dir'
|
||||
echo ' -x Build images only'
|
||||
|
@ -149,7 +152,7 @@ usage() {
|
|||
|
||||
orig_argv=("$@")
|
||||
|
||||
opts='p:a:b:r:t:k:i:czxmvqh'
|
||||
opts='p:a:b:r:t:k:i:g:czxmvqh'
|
||||
|
||||
while getopts "${opts}" arg; do
|
||||
case "${arg}" in
|
||||
|
@ -160,6 +163,7 @@ while getopts "${opts}" arg; do
|
|||
t) cache_dir_iso="$OPTARG" ;;
|
||||
k) kernel="$OPTARG" ;;
|
||||
i) initsys="$OPTARG" ;;
|
||||
g) gpgkey="$OPTARG" ;;
|
||||
c) clean_first=false ;;
|
||||
x) images_only=true ;;
|
||||
z) iso_only=true ;;
|
||||
|
|
|
@ -71,6 +71,9 @@
|
|||
# requires minimum 4.0 kernel on the build host and on iso in profile.conf
|
||||
# use_overlayfs="false"
|
||||
|
||||
# gpg key; leave empty or commented to skip sfs signing
|
||||
# gpgkey=""
|
||||
|
||||
################ deployiso ################
|
||||
|
||||
# the server user
|
||||
|
|
|
@ -75,7 +75,7 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
|||
<term><option>-p PROFILE...</option></term>
|
||||
|
||||
<listitem><para>Name of the build list or name of the directory
|
||||
you will build. It needs to cantains a existing build list or a
|
||||
you will build. It needs to contain an existing build list or a
|
||||
folder with a valid profile.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -110,9 +110,9 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>-s</option></term>
|
||||
<term><option>-g KEY</option></term>
|
||||
|
||||
<listitem><para>Sign the iso.</para></listitem>
|
||||
<listitem><para>The GPG key to use to sign the sfs images.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
|
@ -241,6 +241,14 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
|||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>gpgkey=</varname></term>
|
||||
|
||||
<listitem><para>If the gpgkey is supplied, the sfs images on iso will be signed.
|
||||
If the key is left empty or commented, signing will be skipped.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><varname>initsys=</varname></term>
|
||||
|
||||
|
|
|
@ -158,35 +158,39 @@ miso_mount_handler() {
|
|||
|
||||
if [[ "${checksum}" == "y" ]]; then
|
||||
for fs in rootfs desktopfs mhwdfs livefs;do
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.md5" ]]; then
|
||||
msg -n ":: Self-test requested, please wait..."
|
||||
if _verify_checksum "${fs}"; then
|
||||
msg "done. Checksum is OK, continue booting."
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs" ]]; then
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.md5" ]]; then
|
||||
msg -n ":: Self-test requested, please wait..."
|
||||
if _verify_checksum "${fs}"; then
|
||||
msg "done. Checksum is OK, continue booting."
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
echo "see /tmp/checksum.log for details"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
echo "see /tmp/checksum.log for details"
|
||||
echo "ERROR: checksum=y option specified but ${misobasedir}/${arch}/${fs}.md5 not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: checksum=y option specified but ${misobasedir}/${arch}/${fs}.md5 not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
if [[ "${verify}" == "y" ]]; then
|
||||
for fs in rootfs desktopfs mhwdfs livefs;do
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs.sig" ]]; then
|
||||
msg -n ":: Signature verification requested, please wait..."
|
||||
if _verify_signature "${fs}"; then
|
||||
msg "done. Signature is OK, continue booting."
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs" ]]; then
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs.sig" ]]; then
|
||||
msg -n ":: Signature verification requested, please wait..."
|
||||
if _verify_signature "${fs}"; then
|
||||
msg "done. Signature is OK, continue booting."
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
echo "ERROR: verify=y option specified but ${misobasedir}/${arch}/${fs}.sfs.sig not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: verify=y option specified but ${misobasedir}/${arch}/${fs}.sfs.sig not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
|
|
@ -163,35 +163,39 @@ miso_mount_handler() {
|
|||
|
||||
if [[ "${checksum}" == "y" ]]; then
|
||||
for fs in rootfs desktopfs mhwdfs livefs;do
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.md5" ]]; then
|
||||
msg -n ":: Self-test requested, please wait..."
|
||||
if _verify_checksum "${fs}"; then
|
||||
msg "done. Checksum is OK, continue booting."
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs" ]]; then
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.md5" ]]; then
|
||||
msg -n ":: Self-test requested, please wait..."
|
||||
if _verify_checksum "${fs}"; then
|
||||
msg "done. Checksum is OK, continue booting."
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
echo "see /tmp/checksum.log for details"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
echo "see /tmp/checksum.log for details"
|
||||
echo "ERROR: checksum=y option specified but ${misobasedir}/${arch}/${fs}.md5 not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: checksum=y option specified but ${misobasedir}/${arch}/${fs}.md5 not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
if [[ "${verify}" == "y" ]]; then
|
||||
for fs in rootfs desktopfs mhwdfs livefs;do
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs.sig" ]]; then
|
||||
msg -n ":: Signature verification requested, please wait..."
|
||||
if _verify_signature "${fs}"; then
|
||||
msg "done. Signature is OK, continue booting."
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs" ]]; then
|
||||
if [[ -f "/run/miso/bootmnt/${misobasedir}/${arch}/${fs}.sfs.sig" ]]; then
|
||||
msg -n ":: Signature verification requested, please wait..."
|
||||
if _verify_signature "${fs}"; then
|
||||
msg "done. Signature is OK, continue booting."
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: one or more files are corrupted"
|
||||
echo "ERROR: verify=y option specified but ${misobasedir}/${arch}/${fs}.sfs.sig not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
else
|
||||
echo "ERROR: verify=y option specified but ${misobasedir}/${arch}/${fs}.sfs.sig not found"
|
||||
launch_interactive_shell
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
|
|
@ -46,10 +46,19 @@ prepare_initramfs(){
|
|||
cp $1/mkinitcpio.conf $2/etc/mkinitcpio-${iso_name}.conf
|
||||
set_mkinicpio_hooks "$2/etc/mkinitcpio-${iso_name}.conf"
|
||||
local _kernver=$(cat $2/usr/lib/modules/*/version)
|
||||
chroot-run $2 \
|
||||
if [[ -n ${gpgkey} ]]; then
|
||||
su ${OWNER} -c "gpg --export ${gpgkey} >${USERCONFDIR}/gpgkey"
|
||||
exec 17<>${USERCONFDIR}/gpgkey
|
||||
fi
|
||||
MISO_GNUPG_FD=${gpgkey:+17} chroot-run $2 \
|
||||
/usr/bin/mkinitcpio -k ${_kernver} \
|
||||
-c /etc/mkinitcpio-${iso_name}.conf \
|
||||
-g /boot/initramfs.img
|
||||
|
||||
if [[ -n ${gpgkey} ]]; then
|
||||
exec 17<&-
|
||||
fi
|
||||
rm ${USERCONFDIR}/gpgkey
|
||||
}
|
||||
|
||||
prepare_boot_extras(){
|
||||
|
|
|
@ -71,7 +71,9 @@ trap_exit() {
|
|||
make_sig () {
|
||||
msg2 "Creating signature file..."
|
||||
cd "$1"
|
||||
gpg --detach-sign --default-key ${gpg_key} $2.sfs
|
||||
user_own "$1"
|
||||
su ${OWNER} -c "gpg --detach-sign --default-key ${gpgkey} $2.sfs"
|
||||
chown -R root "$1"
|
||||
cd ${OLDPWD}
|
||||
}
|
||||
|
||||
|
@ -150,6 +152,10 @@ make_sfs() {
|
|||
make_checksum "${dest}" "${name}"
|
||||
${persist} && rm "${src}.img"
|
||||
|
||||
if [[ -n ${gpgkey} ]];then
|
||||
make_sig "${dest}" "${name}"
|
||||
fi
|
||||
|
||||
show_elapsed_time "${FUNCNAME}" "${timer_start}"
|
||||
}
|
||||
|
||||
|
@ -351,19 +357,8 @@ make_image_boot() {
|
|||
fi
|
||||
|
||||
prepare_initcpio "${path}"
|
||||
|
||||
# if [[ ${gpg_key} ]]; then
|
||||
# gpg --export ${gpg_key} >${work_dir}/gpgkey
|
||||
# exec 17<>${work_dir}/gpgkey
|
||||
# fi
|
||||
# MISO_GNUPG_FD=${gpg_key:+17}
|
||||
|
||||
prepare_initramfs "${profile_dir}" "${path}"
|
||||
|
||||
# if [[ ${gpg_key} ]]; then
|
||||
# exec 17<&-
|
||||
# fi
|
||||
|
||||
mv ${path}/boot/initramfs.img ${boot}/${target_arch}/initramfs.img
|
||||
prepare_boot_extras "${path}" "${boot}"
|
||||
|
||||
|
|
|
@ -297,6 +297,8 @@ init_buildiso(){
|
|||
|
||||
[[ -z ${profile_repo} ]] && profile_repo='iso-profiles'
|
||||
|
||||
[[ -z ${gpgkey} ]] && gpgkey=''
|
||||
|
||||
mhwd_repo="/opt/pkg"
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue