diff --git a/extra/packages.both b/extra/packages.both index df52b94..908e1d2 100644 --- a/extra/packages.both +++ b/extra/packages.both @@ -43,7 +43,7 @@ cpio cpuburn cpupower crackpkcs12 -#cryptcat +cryptcat cryptsetup csync2 customizepkg-scripting @@ -148,12 +148,29 @@ lshw #lsiutil # 404'ing on source url at the moment lsof lsscsi -lxde +#lxde # apacman currently doesn't like package groups, so... +gpicview +lxappearance +lxappearance-obconf +lxde-common +lxde-icon-theme +lxdm +lxinput +lxlauncher +lxmusic +lxpanel +lxrandr +lxsession +lxtask +lxterminal +openbox +pcmanfm +# end lxde lynx #lzip macchanger magicrescue -mbr +#mbr # doesn't seem to build anymore mbuffer mcelog mdadm @@ -163,7 +180,7 @@ mdcrack memtester mfoc minicom -mondo +#mondo mtd-utils mtr mtree @@ -213,14 +230,13 @@ pkgfile pkgtools ppp pptpclient -prebootloader procinfo-ng procps-ng progsreiserfs psmisc pwgen pixz -pyrit-svn +pyrit python2-gnuplot python2-pyx rarcrack diff --git a/lib/09-stuffy.func.sh b/lib/09-stuffy.func.sh index e0d3015..1686743 100644 --- a/lib/09-stuffy.func.sh +++ b/lib/09-stuffy.func.sh @@ -15,8 +15,12 @@ function stuffy { mkdir -p ${TEMPDIR}/{EFI/{${DISTNAME},boot},loader/entries} # this stuff comes from the prebootloader pkg and systemd-boot. lets us boot on UEFI machines with secureboot still enabled. - cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi ${TEMPDIR}/EFI/boot/bootx64.efi - cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/HashTool.efi ${TEMPDIR}/EFI/boot/. + # the signed prebootloader binaries, however, have been replaced by non-signed ones. so we need to fetch them. + # fetched from http://blog.hansenpartnership.com/linux-foundation-secure-boot-system-released/ + curl -so ${TEMPDIR}/EFI/boot/bootx64.efi "http://blog.hansenpartnership.com/wp-uploads/2013/PreLoader.efi" # MD5: 4f7a4f566781869d252a09dc84923a82 TODO: implement checksumming check + curl -so ${TEMPDIR}/EFI/boot/HashTool.efi http://blog.hansenpartnership.com/wp-uploads/2013/HashTool.efi + #cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi ${TEMPDIR}/EFI/boot/bootx64.efi + #cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/HashTool.efi ${TEMPDIR}/EFI/boot/. cp ${BASEDIR}/root.x86_64/usr/lib/systemd/boot/efi/systemd-bootx64.efi ${TEMPDIR}/EFI/boot/loader.efi # TODO: can i use syslinux.efi instead? echo "Checking/fetching UEFI shells..." @@ -69,8 +73,9 @@ EOF # now we need to calculate the space for various files we're going to include... FATSIZE=$(stat --format="%s" ${TEMPDIR}/boot/${UXNAME}.64.kern) # EFI/BDISK/bdisk.efi FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/boot/${UXNAME}.64.img))) # EFI/BDISK/bdisk.img - FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi))) # EFI/boot/bootx64.efi - FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${BASEDIR}/root.x86_64/usr/lib/prebootloader/HashTool.efi))) # EFI/boot/HashTool.efi + #FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi))) # EFI/boot/bootx64.efi + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/EFI/boot/bootx64.efi))) # EFI/boot/bootx64.efi + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/EFI/boot/HashTool.efi))) # EFI/boot/HashTool.efi FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${BASEDIR}/root.x86_64/usr/lib/systemd/boot/efi/systemd-bootx64.efi))) # EFI/boot/loader.efi FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/EFI/shellx64_v1.efi))) FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/EFI/shellx64_v2.efi))) @@ -110,8 +115,8 @@ title UEFI Shell (v1) efi /EFI/shellx64_v1.efi EOF - cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi ${SRCDIR}/efiboot/EFI/boot/bootx64.efi - cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/HashTool.efi ${SRCDIR}/efiboot/EFI/boot/. + cp ${TEMPDIR}/EFI/boot/bootx64.efi ${SRCDIR}/efiboot/EFI/boot/bootx64.efi + cp ${TEMPDIR}/EFI/boot/HashTool.efi ${SRCDIR}/efiboot/EFI/boot/. cp ${BASEDIR}/root.x86_64/usr/lib/systemd/boot/efi/systemd-bootx64.efi ${SRCDIR}/efiboot/EFI/boot/loader.efi # TODO: can i use syslinux.efi instead? cp ${TEMPDIR}/EFI/shellx64_v{1,2}.efi ${SRCDIR}/efiboot/EFI/. umount ${SRCDIR}/efiboot diff --git a/lib/10-yo_dj.func.sh b/lib/10-yo_dj.func.sh index 7c1a8da..db221ce 100644 --- a/lib/10-yo_dj.func.sh +++ b/lib/10-yo_dj.func.sh @@ -288,14 +288,19 @@ EOF git submodule init >> "${LOGFILE}.${FUNCNAME}" 2>&1 git submodule update >> "${LOGFILE}.${FUNCNAME}" 2>&1 cd ${BASEDIR}/src/ipxe/src + git checkout master . git clean -xdf > /dev/null 2>&1 git reset --hard HEAD >> "${LOGFILE}.${FUNCNAME}" 2>&1 git checkout master >> "${LOGFILE}.${FUNCNAME}" 2>&1 git pull >> "${LOGFILE}.${FUNCNAME}" 2>&1 git checkout master >> "${LOGFILE}.${FUNCNAME}" 2>&1 # It will not build if we don't do this. Apparently we *need* libiberty. - git revert -n 40a9a0f0 + # ...or do we? + #git revert -n 40a9a0f0 ## Apply our patches. + # This replaces the 0003 and 0004 patches. + # curl -s https://patch-diff.githubusercontent.com/raw/ipxe/ipxe/pull/49.patch > ${BASEDIR}/src/ipxe_local/patches/ipxe-0003-no-PIE.patch 2>/dev/null # this isn't really necessary, I think? If you're dying right around this step, uncomment. + curl -s https://patch-diff.githubusercontent.com/raw/ipxe/ipxe/pull/50.patch > ${BASEDIR}/src/ipxe_local/patches/ipxe-0004-eiso.patch 2>/dev/null for i in $(find ${BASEDIR}/src/ipxe_local/patches/ -type f -iname "*.patch" -printf '%P\n' | sort); do patch --verbose -Np2 < ${BASEDIR}/src/ipxe_local/patches/${i} >> "${LOGFILE}.${FUNCNAME}" 2>&1 @@ -379,9 +384,9 @@ EOF mv -f ${BASEDIR}/src/ipxe/src/bin/ipxe.eiso ${ISODIR}/${MINIFILENAME} make clean >> "${LOGFILE}.${FUNCNAME}" 2>&1 cd ${BASEDIR}/src/ipxe + git checkout master . > /dev/null 2>&1 git clean -xdf > /dev/null 2>&1 git reset --hard >> "${LOGFILE}.${FUNCNAME}" 2>&1 - git checkout master . > /dev/null 2>&1 #git reset --hard HEAD > /dev/null 2>&1 echo fi diff --git a/lib/prereqs/iso.pkgs.lst b/lib/prereqs/iso.pkgs.lst index b879181..d7eba67 100644 --- a/lib/prereqs/iso.pkgs.lst +++ b/lib/prereqs/iso.pkgs.lst @@ -8,6 +8,7 @@ dhcp dhcpcd dosfstools efibootmgr +efitools efivar ethtool file @@ -27,7 +28,6 @@ netctl networkmanager openssh openvpn -prebootloader pv rsync sed diff --git a/src/ipxe b/src/ipxe index 2d42d3c..3bb61c3 160000 --- a/src/ipxe +++ b/src/ipxe @@ -1 +1 @@ -Subproject commit 2d42d3cff6e941c4e04d15dc29ea670f2fdb7b0c +Subproject commit 3bb61c33c2d77ac9a1a512d809576f3444b6b1ed diff --git a/src/ipxe_local/patches/ipxe-0003-iso-efi.patch b/src/ipxe_local/patches/ipxe-0004-eiso.patch similarity index 84% rename from src/ipxe_local/patches/ipxe-0003-iso-efi.patch rename to src/ipxe_local/patches/ipxe-0004-eiso.patch index 830a58b..2105776 100644 --- a/src/ipxe_local/patches/ipxe-0003-iso-efi.patch +++ b/src/ipxe_local/patches/ipxe-0004-eiso.patch @@ -1,19 +1,18 @@ -From d2092664b3cf866b2ab338fe056149d3266d0acc Mon Sep 17 00:00:00 2001 +From 189652b03032305a2db860e76fb58e81e3420c4d Mon Sep 17 00:00:00 2001 From: Christian Hesse -Date: Sun, 19 Apr 2015 13:16:09 +0200 -Subject: [PATCH 1/1] allow to build ISO image with EFI support (ipxe.eiso) +Date: Wed, 24 Feb 2016 09:16:51 +0100 +Subject: [PATCH] allow to build ISO image with EFI support (ipxe.eiso) -Signed-off-by: Christian Hesse --- - src/arch/x86/Makefile.pcbios | 6 ++++++ - src/util/geniso | 52 +++++++++++++++++++++++++++++++++---------- + src/arch/x86/Makefile.pcbios | 6 +++++ + src/util/geniso | 52 ++++++++++++++++++++++++++++++++++---------- 2 files changed, 46 insertions(+), 12 deletions(-) diff --git a/src/arch/x86/Makefile.pcbios b/src/arch/x86/Makefile.pcbios -index 18a6f75..9cb3e0b 100644 +index f8c2253..1e01636 100644 --- a/src/arch/x86/Makefile.pcbios +++ b/src/arch/x86/Makefile.pcbios -@@ -82,6 +82,12 @@ NON_AUTO_MEDIA += iso +@@ -86,6 +86,12 @@ NON_AUTO_MEDIA += iso $(Q)ISOLINUX_BIN=$(ISOLINUX_BIN) LDLINUX_C32=$(LDLINUX_C32) \ VERSION="$(VERSION)" bash util/geniso -o $@ $< @@ -27,7 +26,7 @@ index 18a6f75..9cb3e0b 100644 NON_AUTO_MEDIA += liso %liso: %lkrn util/geniso diff --git a/src/util/geniso b/src/util/geniso -index 521c929..9e8588c 100755 +index ff090d4..7694036 100755 --- a/src/util/geniso +++ b/src/util/geniso @@ -6,16 +6,21 @@ function help() { @@ -89,7 +88,7 @@ index 521c929..9e8588c 100755 fi dir=$(mktemp -d bin/iso.dir.XXXXXX) -@@ -122,6 +135,21 @@ case "${LEGACY}" in +@@ -122,13 +135,28 @@ case "${LEGACY}" in # copy isolinux bootloader cp ${ISOLINUX_BIN} ${dir} @@ -109,9 +108,8 @@ index 521c929..9e8588c 100755 + fi + # syslinux 6.x needs a file called ldlinux.c32 - LDLINUX_C32=$(dirname ${ISOLINUX_BIN})/ldlinux.c32 - if [ -s ${LDLINUX_C32} ]; then -@@ -129,7 +157,7 @@ case "${LEGACY}" in + if [ -n "${LDLINUX_C32}" -a -s "${LDLINUX_C32}" ]; then + cp ${LDLINUX_C32} ${dir} fi # generate the iso image @@ -120,6 +118,3 @@ index 521c929..9e8588c 100755 # isohybrid will be used if available if isohybrid --version >/dev/null 2>/dev/null; then --- -2.3.5 - diff --git a/src/ipxe_local/patches/ipxe-0004-fix-no-pie-workaround.patch b/src/ipxe_local/patches/ipxe-0004-fix-no-pie-workaround.patch deleted file mode 100644 index 6d76601..0000000 --- a/src/ipxe_local/patches/ipxe-0004-fix-no-pie-workaround.patch +++ /dev/null @@ -1,34 +0,0 @@ -From a4f7e3ba395af4cd0a706df635309d4ef837ecf8 Mon Sep 17 00:00:00 2001 -From: Christian Hesse -Date: Wed, 8 Apr 2015 09:51:41 +0200 -Subject: [PATCH 2/2] Fix no-PIE workaround for i386 builds - -This workaround did not work for my version of gcc (4.9.2 20150304) as -no option -nopie exists. - -We take another way: Let's check whether or not the macro __PIE__ is defined -and add -fno-PIE if it is. - -Signed-off-by: Christian Hesse ---- - src/arch/i386/Makefile | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/arch/i386/Makefile b/src/arch/i386/Makefile -index 99f8753..897081b 100644 ---- a/src/arch/i386/Makefile -+++ b/src/arch/i386/Makefile -@@ -75,8 +75,8 @@ CFLAGS += -Ui386 - # output on stderr instead of checking the exit status. - # - ifeq ($(CCTYPE),gcc) --PIE_TEST = [ -z "`$(CC) -fno-PIE -nopie -x c -c /dev/null -o /dev/null 2>&1`" ] --PIE_FLAGS := $(shell $(PIE_TEST) && $(ECHO) '-fno-PIE -nopie') -+PIE_TEST = $(CC) -dM -E - < /dev/null | grep -q '__PIE__' -+PIE_FLAGS := $(shell $(PIE_TEST) && $(ECHO) '-fno-PIE') - WORKAROUND_CFLAGS += $(PIE_FLAGS) - endif - --- -2.3.5 -