diff --git a/bin/build.sh b/bin/build.sh index 2d8d472..8a711dd 100755 --- a/bin/build.sh +++ b/bin/build.sh @@ -109,17 +109,17 @@ EOF ## FUNCTIONS ## -source lib/00-im_batman.func.sh -source lib/01-holla_atcha_boi.func.sh -source lib/02-release_me.func.sh -source lib/03-facehugger.func.sh -source lib/04-chroot_wrapper.func.sh -source lib/05-jenny_craig.func.sh -source lib/06-centos_is_stupid.func.sh -source lib/07-will_it_blend.func.sh -source lib/08-stuffy.func.sh -source lib/09-yo_dj.func.sh -source lib/10-mentos.func.sh +source lib/02-im_batman.func.sh +source lib/03-holla_atcha_boi.func.sh +source lib/04-release_me.func.sh +source lib/05-facehugger.func.sh +source lib/06-chroot_wrapper.func.sh +source lib/07-jenny_craig.func.sh +source lib/08-centos_is_stupid.func.sh +source lib/09-will_it_blend.func.sh +source lib/10-stuffy.func.sh +source lib/11-yo_dj.func.sh +source lib/12-mentos.func.sh ## The Business-End(TM) ## diff --git a/lib/00-depcheck.func.sh b/lib/00-depcheck.func.sh new file mode 100755 index 0000000..eb8946c --- /dev/null +++ b/lib/00-depcheck.func.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +# placeholder... diff --git a/lib/01-mk.chroot.func.sh b/lib/01-mk.chroot.func.sh new file mode 100755 index 0000000..466d40e --- /dev/null +++ b/lib/01-mk.chroot.func.sh @@ -0,0 +1,335 @@ +#!/bin/bash + +function mkchroot { + + # just in case we don't inherit. + if [[ -z "${FUNCNAME}" ]]; + then + FUNCNAME='mkchroot-standalone' + fi + + ## Import settings + if [ -f "build.conf" ]; + then + echo "Now importing settings/variables." + set -e + source build.conf + set +e + else + echo "You have not configured a build.conf OR you are not running from the project's root directory (the git repository's working directory)." + echo "If you are indeed in the correct directory, you may copy the sample at ../extra/build.conf.sample," + echo "edit it for appropriate values, and copy to /build.conf" + echo 'This error is fatal. Dying.' + exit 1 + fi + + if [[ ${EUID} -ne 0 ]]; + then + #echo "This script must be run as root" 1>&2 + echo "This script must be run as root." + exit 1 + fi + + if [ -z "${BASEDIR}" ]; + then + echo 'You need to export the directory ("$BASEDIR") which will hold the chroots and the git project directory.' + echo "(don't worry, there's a .gitignore for the chroots)" + echo "e.g. export BASEDIR=\"/opt/dev/work/client-diag-disc/\"" + echo 'Dying.' + exit 1 + fi + + if [ ! -d "${BASEDIR}" ]; + then + echo "You need to make sure ${BASEDIR} is a valid, existing directory. This script does not automatically create it as a sanity measure." + echo 'Dying.' + exit 1 + fi + + if [[ "${EUID}" != "0" ]]; + then + echo "This script must be run as root." + echo 'Dying.' + exit 1 + fi + + if [ -f ${LOCKFILE} ]; + then + echo "Script already running, stale lockfile present, or an error occurred during last run." + echo "Please clear ${LOCKFILE} by hand before attempting another build." + echo -n "Timestamp of lockfile is: " + ls -l ${LOCKFILE} | awk '{print $6" "$7" "$8}' + exit 1 + else + touch ${LOCKFILE} + fi + + if [ -f "/usr/bin/systemd-nspawn" ]; + then + CHROOTCMD="systemd-nspawn -D" + else + CHROOTCMD="${CHROOTDIR64}/bin/arch-chroot" + fi + + cd "${BASEDIR}" + + ## Set some vars. + #MIRROR='http://mirrors.kernel.org/archlinux' + MIRROR='http://mirror.us.leaseweb.net/archlinux' + RLSDIR="${MIRROR}/iso/latest" + + CURRLS64=$(curl -s ${RLSDIR}/sha1sums.txt | grep bootstrap | awk '{print $2}' | grep 'x86_64') + CKSUM64=$(curl -s ${RLSDIR}/sha1sums.txt | grep bootstrap | grep x86_64 | awk '{print $1}') + CURRLS32=$(curl -s ${RLSDIR}/sha1sums.txt | grep bootstrap | awk '{print $2}' | grep 'i686') + CKSUM32=$(curl -s ${RLSDIR}/sha1sums.txt | grep bootstrap | grep i686 | awk '{print $1}') + + ## Fetch latest tarball release + echo "Checking/fetching snapshots..." + if [ -f "latest.64.tar.gz" ]; + then + LOCSUM64=$(sha1sum latest.64.tar.gz | awk '{print $1}') + if [[ "${CKSUM64}" != "${LOCSUM64}" ]]; + then + echo "WARNING: CHECKSUMS DON'T MATCH." + echo "Local: ${LOCSUM64}" + echo "Remote: ${CKSUM64}" + echo "Fetching fresh copy." + curl -o latest.64.tar.gz "${RLSDIR}/${CURRLS64}" + fi + else + curl -o latest.64.tar.gz "${RLSDIR}/${CURRLS64}" + fi + + if [ -f "latest.32.tar.gz" ]; + then + LOCSUM32=$(sha1sum latest.32.tar.gz | awk '{print $1}') + if [[ "${CKSUM32}" != "${LOCSUM32}" ]]; + then + echo "WARNING: CHECKSUMS DON'T MATCH." + echo "Local: ${LOCSUM32}" + echo "Remote: ${CKSUM32}" + echo "Fetching fresh copy." + curl -o latest.32.tar.gz "${RLSDIR}/${CURRLS32}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + else + curl -o latest.32.tar.gz "${RLSDIR}/${CURRLS32}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + + if [ ! -f "${CHROOTDIR32}/etc/pacman.d/gnupg/trustdb.gpg" ] || [ ! -f "${CHROOTDIR64}/etc/pacman.d/gnupg/trustdb.gpg" ]; + then + # Now let's ${BASEDIR}/extract that shit + echo "Extracting snapshots. This will take a while..." + ## 64-bit + tar -xpzf latest.64.tar.gz + ## 32-bit + tar -xpzf latest.32.tar.gz + + # And configure the package manager + echo "Configuring snapshots..." + touch ${LOCKFILE} + sleep 2 + find ${BASEDIR}/extra/pre-build.d/ -exec touch '{}' \; + rsync -a --exclude '/32' --exclude '/64' ${BASEDIR}/extra/pre-build.d/. ${BASEDIR}/root.x86_64/. + rsync -a --exclude '/32' --exclude '/64' ${BASEDIR}/extra/pre-build.d/. ${BASEDIR}/root.i686/. + rsync -a ${BASEDIR}/extra/pre-build.d/64/. ${BASEDIR}/root.x86_64/. + rsync -a ${BASEDIR}/extra/pre-build.d/32/. ${BASEDIR}/root.i686/. + chmod -f 755 ${BASEDIR}/extra/pre-build.d/{32/,64/,}etc/customizepkg.d/* + find ${BASEDIR}/root.x86_64/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + find ${BASEDIR}/root.i686/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + for i in i686 x86_64; + do + cat > ${BASEDIR}/root.${i}/etc/os-release << EOF +NAME="Arch Linux" +ID=arch +PRETTY_NAME="Arch Linux" +ANSI_COLOR="0;36" +HOME_URL="https://www.archlinux.org/" +SUPPORT_URL="https://bbs.archlinux.org/" +BUG_REPORT_URL="https://bugs.archlinux.org/" +EOF + done + + # And make it usable. + echo "Initializing chroots..." + + for i in ${CHROOTDIR32} ${CHROOTDIR64}; + do + # Disable NetworkManager. Fuck that shit. + ln -s /dev/null ${i}/etc/systemd/system/NetworkManager.service + ln -s /dev/null ${i}/etc/systemd/system/NetworkManager-dispatcher.service + # Remove the machine-id file so it's automatically generated. + # NOTE: this kind of fucks things up presently. + #rm -f ${i}/etc/machine-id + # Prep pacman + echo "Prepping ${i}. This will take a while..." + echo -n "...Key initializing..." + ${CHROOTCMD} ${i}/ pacman-key --init >> "${LOGFILE}.${FUNCNAME}" 2>&1 + echo "Done." + echo -n "...Importing keys..." + ${CHROOTCMD} ${i}/ pacman-key --populate archlinux >> "${LOGFILE}.${FUNCNAME}" 2>&1 + echo "Done." + # Prep base building system + echo -n "...Installing base packages..." + #${CHROOTCMD} ${i}/ pacstrap -dGcM base + # if that doesn't work, + ${CHROOTCMD} ${i}/ pacman -Syy >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + ${CHROOTCMD} ${i}/ pacman -S --noconfirm --needed base syslinux wget rsync unzip jshon sed sudo abs xmlto bc docbook-xsl git >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + echo "Done." + echo -n "...Upgrading any outdated packages..." + ${CHROOTCMD} ${i}/ pacman -Syyu --noconfirm >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + echo "Done. Finishing/cleaning up..." + ${CHROOTCMD} ${i}/ pacman -S --noconfirm --needed base-devel >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + # Yaourt is busted because Arch Pacman devs are fucking neasighted closed-minded jackasses. + # If they ever fix their crap, checkout extra/pre-build.d/etc/yaourtrc from git (commit 583a5df84af415990b8c49d7e4ac11dd7b23e0e0) + ## https://github.com/archlinuxfr/yaourt/issues/67 + ## https://projects.archlinux.org/pacman.git/tree/NEWS#n54 + ## https://bugs.archlinux.org/task/43302 + #${CHROOTCMD} ${i}/ pacman -S --noconfirm --needed yaourt >> "${LOGFILE}.${FUNCNAME}" 2>&1 + mkdir -p ${i}/var/tmp/pkg + cp ${BASEDIR}/extra/bootstrap/apacman* ${i}/var/tmp/pkg/apacman.tar.xz + #${CHROOTCMD} ${i} "pacman --noconfirm -U /var/tmp/pkg/apacman.tar.xz" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + ${CHROOTCMD} ${i} bash -c "pacman --noconfirm -U /var/tmp/pkg/apacman.tar.xz && mkdir /var/tmp/apacman && chmod 0750 /var/tmp/apacman && chown root:aurbuild /var/tmp/apacman " >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + ${CHROOTCMD} ${i} bash -c "apacman -S --noconfirm --noedit --skipinteg -S apacman-deps expac" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + #rm -rf ${i}/var/tmp/pkg + #${CHROOTCMD} ${i}/ pacman -S --noconfirm --needed yaourt >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + done + ${CHROOTCMD} ${CHROOTDIR64}/ 'pacman --noconfirm -R gcc-libs libtool' >> "${LOGFILE}.${FUNCNAME}" 2>&1 + ${CHROOTCMD} ${CHROOTDIR64}/ 'pacman --noconfirm -S multilib-devel' >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + + # And let's do some more optimization. + if [[ "${I_AM_A_RACECAR}" == "y" ]]; + then + CPUCNT=$(grep processor /proc/cpuinfo | wc -l) + ((CPUCNT++)) + sed -i -e "/^[[:space:]]*#*MAKEFLAGS=.*$/aMAKEFLAGS=\"-j${CPUCNT}\"" ${CHROOTDIR64}/etc/makepkg.conf + sed -i -e "/^[[:space:]]*#*MAKEFLAGS=.*$/aMAKEFLAGS=\"-j${CPUCNT}\"" ${CHROOTDIR32}/etc/makepkg.conf + fi + + # preprocessing + sed -i -e '/base-devel/d ; /multilib-devel/d' ${BASEDIR}/extra/packages.* + # both + echo "Installing common packages..." + PKGLIST=$(sed -e '/^[[:space:]]*#/d ; /^[[:space:]]*$/d' ${BASEDIR}/extra/packages.both | tr '\n' ' ') + for i in ${CHROOTDIR32} ${CHROOTDIR64}; + do + echo "Running post-build tasks in ${i}..." + ${CHROOTCMD} ${i}/ "/root/post-build.sh" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + set +e + ${CHROOTCMD} ${i}/ /usr/bin/bash -c "apacman --noconfirm --noedit --skipinteg -S --needed linux" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + cp -a ${i}/boot/vmlinuz-linux ${i}/boot/vmlinuz-linux-${PNAME} + cp -a ${i}/boot/initramfs-linux.img ${i}/boot/initramfs-linux-${PNAME}.img + set -e + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + # Uncomment if you wish to use the mkpasswd binary from within the chroot... + #${CHROOTCMD} ${i}/ bash -c "apacman --noconfirm --noedit --skipinteg -S --needed debian-whois-mkpasswd" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + #for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + echo -n "Regular packages..." + set +e + ${CHROOTCMD} ${i}/ bash -c "yes '' | apacman --noconfirm --noedit --skipinteg -S --needed ${PKGLIST}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%%.pacorig} ; done + # User creation + set -e + echo -n "...Creating ${REGUSR} user..." + ${CHROOTCMD} ${i}/ useradd -m -s /bin/bash -c "Default user" ${REGUSR} >> "${LOGFILE}.${FUNCNAME}" 2>&1 + ${CHROOTCMD} ${i}/ usermod -aG users,games,video,audio ${REGUSR} >> "${LOGFILE}.${FUNCNAME}" 2>&1 + ${CHROOTCMD} ${i}/ passwd -d ${REGUSR} >> "${LOGFILE}.${FUNCNAME}" 2>&1 + mkdir -p ${i}/etc/sudoers.d ; chmod 750 ${i}/etc/sudoers.d + echo "${REGUSR} ALL=(ALL) ALL" >> ${i}/etc/sudoers.d/${REGUSR} + if [ -n "${REGUSR_PASS}" ]; + then + #${CHROOTCMD} ${i}/ "/usr/bin/echo ${REGUSR}:${REGUSR_PASS} | chpasswd -e" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + sed -i -e "s|^${REGUSR}::|${REGUSR}:${REGUSR_PASS}:|g" ${i}/etc/shadow + elif [[ "${REGUSR_PASS}" == '{[BLANK]}' ]]; + then + ${CHROOTCMD} ${i}/ passwd -d ${REGUSR} >> "${LOGFILE}.${FUNCNAME}" 2>&1 + else + ${CHROOTCMD} ${i}/ usermod -L ${REGUSR} >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + if [ -n "${ROOT_PASS}" ]; + then + #${CHROOTCMD} ${i}/ "/usr/bin/echo root:${ROOT_PASS} | chpasswd -e" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + sed -i -e "s|^root::|root:${ROOT_PASS}:|g" ${i}/etc/shadow + elif [[ "${ROOT_PASS}" == '{[BLANK]}' ]]; + then + ${CHROOTCMD} ${i}/ passwd -d root >> "${LOGFILE}.${FUNCNAME}" 2>&1 + else + ${CHROOTCMD} ${i}/ usermod -L root >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + # The following is supposed to do the same as the above, but "cleaner". However, it currently fails with "execv() failed: No such file or directory" + ##${CHROOTCMD} ${i}/ usermod -L root >> "${LOGFILE}.${FUNCNAME}" 2>&1 + echo "Done." + done + + for i in ${CHROOTDIR32} ${CHROOTDIR64}; + do + set +e + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%.pacorig} ; done + ${CHROOTCMD} ${i}/ /usr/bin/bash -c "mkinitcpio -p linux" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + cp -a ${i}/boot/initramfs-linux.img ${i}/boot/initramfs-linux-${PNAME}.img + set -e + done + + # 32-bit + echo "Installing packages for 32-bit..." + PKGLIST=$(sed -e '/^[[:space:]]*#/d ; /^[[:space:]]*$/d' ${BASEDIR}/extra/packages.32 | tr '\n' ' ') + if [ -n "${PKGLIST}" ]; + then + ${CHROOTCMD} ${CHROOTDIR32}/ /usr/bin/bash -c "apacman --noconfirm --noedit --skipinteg -S --needed ${PKGLIST}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + set +e + for x in $(find ${CHROOTDIR32}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%.pacorig} ; done + set -e + echo "Done." + + # 64-bit + echo "Installing packages for 64-bit..." + PKGLIST=$(sed -e '/^[[:space:]]*#/d ; /^[[:space:]]*$/d' ${BASEDIR}/extra/packages.64 | tr '\n' ' ') + if [ -n "${PKGLIST}" ]; + then + ${CHROOTCMD} ${CHROOTDIR64}/ /usr/bin/bash -c "apacman --noconfirm --noedit --skipinteg -S --needed ${PKGLIST}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + set +e + for x in $(find ${CHROOTDIR64}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%.pacorig} ; done + set -e + echo "Done." + + echo "Syncing overlay..." + touch ${LOCKFILE} + sleep 2 + find ${BASEDIR}/overlay -exec touch '{}' \; + rsync -a --exclude '/32' --exclude '/64' ${BASEDIR}/overlay/. ${CHROOTDIR64}/. + rsync -a --exclude '/32' --exclude '/64' ${BASEDIR}/overlay/. ${CHROOTDIR32}/. + rsync -a ${BASEDIR}/overlay/32/. ${CHROOTDIR32}/. + rsync -a ${BASEDIR}/overlay/64/. ${CHROOTDIR64}/. + find ${CHROOTDIR64}/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + find ${CHROOTDIR32}/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + chown -R 1000:1000 ${CHROOTDIR32}/home/${REGUSR} + chown -R 1000:1000 ${CHROOTDIR64}/home/${REGUSR} + find ${CHROOTDIR64}/home/${REGUSR}/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR64}/home/${REGUSR}/ -type f -exec chmod 600 '{}' \; + find ${CHROOTDIR32}/home/${REGUSR}/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR32}/home/${REGUSR}/ -type f -exec chmod 600 '{}' \; + find ${CHROOTDIR64}/root/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR64}/root/ -type f -exec chmod 600 '{}' \; + find ${CHROOTDIR32}/root/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR32}/root/ -type f -exec chmod 600 '{}' \; + chmod 600 ${CHROOTDIR64}/etc/ssh/* + chmod 600 ${CHROOTDIR32}/etc/ssh/* + echo "Done." + + + rm -f ${LOCKFILE} + + echo "Chroot setup complete." + +} + +mkchroot diff --git a/lib/02-im_batman.func.sh b/lib/02-im_batman.func.sh new file mode 100644 index 0000000..0cf972a --- /dev/null +++ b/lib/02-im_batman.func.sh @@ -0,0 +1,30 @@ +function im_batman { + set +e # false errors are bad mmk + # Detect the distro and set some vars + if [ -f "/usr/bin/yum" ]; # CentOS/Redhat, etc. + then + OS_STRING='RHEL-like' + DISTRO='RHEL' + INST_CMD='yum -y install ' + elif [ -f "/usr/bin/pacman" ]; # Arch, Manjaro, etc. + then + OS_STRING='Arch-like' + DISTRO='Arch' + INST_CMD='pacman -S ' + elif [ -f "/usr/bin/emerge" ]; # Gentoo + then + OS_STRING='Gentoo-like' + DISTRO='Gentoo' + INST_CMD='emerge ' + elif [ -f "/usr/bin/apt-get" ]; # Debian, Ubuntu (and derivatives), etc. + then + OS_STRING='Debian-like' + DISTRO="Debian" + INST_CMD='apt-get install ' + else + echo 'Sorry, I cannot detect which distro you are running. Please report this along with what distro you are running. Dying now.' + exit 1 + fi + + set -e # and turn this back on lolz +} diff --git a/lib/03-holla_atcha_boi.func.sh b/lib/03-holla_atcha_boi.func.sh new file mode 100644 index 0000000..9ba8209 --- /dev/null +++ b/lib/03-holla_atcha_boi.func.sh @@ -0,0 +1,20 @@ +function holla_atcha_boi { + + if [[ "${I_AM_A_RACECAR}" == "y" ]]; + then + RACECAR_CHK='nice -n -19 ' + else + RACECAR_CHK="" + fi + + + # Do we have an existing chroot set up yet? If not, create. + if [[ ! -d "root.x86_64/root" || ! -d "root.i686/root" ]]; + then + echo "No existing chroot environment found. Creating..." + rm -f ${LOCKFILE} + ${RACECAR_CHK} ${BASEDIR}/lib/01-mk.chroot.func.sh + touch ${LOCKFILE} + fi +} + diff --git a/lib/04-release_me.func.sh b/lib/04-release_me.func.sh new file mode 100644 index 0000000..ae3dafb --- /dev/null +++ b/lib/04-release_me.func.sh @@ -0,0 +1,50 @@ +function release_me () { + ## check for mountpoints from a manual chroot and umount them if they're still mounted. + ## NOTE: you can use findmnt(8) to view a tree of mountpoints, including bindmounts etc. + # Is there an active chroot? + set +e + if [[ "${1}" == "64" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.x86_64" + local BUILDDIR="${BUILDDIR}64" + elif [[ "${1}" == "32" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.i686" + local BUILDDIR="${BUILDDIR}32" + else + echo "WHOOPS. We hit an error that makes no logical sense." + echo 'Dying.' + exit 1 + fi + + echo "Checking for and cleaning up mountpoints from the chroot environment..." + for i in tmp run dev/shm dev/pts dev + do + umount -l ${CHROOTDIR}/${i} + done + # and is it using efivars? + if [ -d ${CHROOTDIR}/sys/firmware/efi/efivars ]; + then + umount -l ${CHROOTDIR}/sys/firmware/efi/efivars + fi + # and finish cleaning up normal chroots + for i in sys proc + do + umount -l ${CHROOTDIR}/${i} + done + # and is it mounted via two mountpoints a la arch-chroot? + mount | awk '{print $3}' | grep -q ${MOUNTPT} + if [[ ${?} == "0" ]]; + then + umount ${MOUNTPT} + fi + if [ -d ${SRCDIR}/efiboot ]; + then + umount -l ${SRCDIR}/efiboot + fi + rm -rf ${SRCDIR}/efiboot + #rm -rf ${TEMPDIR}/* + set -e # and go back to failing on non-0 exit status. + CHROOTDIR="${CHROOTDIR_GLOB}" + BUILDDIR="${BUILDDIR_GLOB}" +} diff --git a/lib/05-facehugger.func.sh b/lib/05-facehugger.func.sh new file mode 100644 index 0000000..c906d0b --- /dev/null +++ b/lib/05-facehugger.func.sh @@ -0,0 +1,39 @@ +function facehugger () { + local ARCHSUFFIX="${1}" + if [[ "${1}" == "64" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.x86_64" + local BUILDDIR="${BUILDDIR}64" + elif [[ "${1}" == "32" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.i686" + local BUILDDIR="${BUILDDIR}32" + else + echo "WHOOPS. We hit an error that makes no logical sense." + echo 'Dying.' + exit 1 + fi + + echo "Creating manual chroot mountpoints." + # Latch on and inject ourself into the environment. Get it? + mount -t proc -o nosuid,noexec,nodev proc ${CHROOTDIR}/proc && + mount -t sysfs -o nosuid,noexec,nodev,ro sys ${CHROOTDIR}/sys && + if [ -d /sys/firmware/efi/efivars ]; + then + mount -t efivarfs -o nosuid,noexec,nodev efivarfs ${CHROOTDIR}/sys/firmware/efi/efivars + fi && + mount -t devtmpfs -o mode=0755,nosuid udev ${CHROOTDIR}/dev && + mount -t devpts -o mode=0620,gid=5,nosuid,noexec devpts ${CHROOTDIR}/dev/pts && + mount -t tmpfs -o mode=1777,nosuid,nodev shm ${CHROOTDIR}/dev/shm && + mount -t tmpfs -o nosuid,nodev,mode=0755 run ${CHROOTDIR}/run && + mount -t tmpfs -o mode=1777,strictatime,nodev,nosuid tmp ${CHROOTDIR}/tmp + echo "======================" + echo "NOW ENTERING CHROOT..." + echo "======================" + chroot ${CHROOTDIR} /bin/bash + rm -f ${CHROOTDIR}/root/chroot + CHROOTDIR="${CHROOTDIR_GLOB}" + BUILDDIR="${BUILDDIR_GLOB}" + release_me ${ARCHSUFFIX} +} + diff --git a/lib/06-chroot_wrapper.func.sh b/lib/06-chroot_wrapper.func.sh new file mode 100644 index 0000000..a36a208 --- /dev/null +++ b/lib/06-chroot_wrapper.func.sh @@ -0,0 +1,29 @@ +function chroot_wrapper () { + local ARCHSUFFIX="${1}" + if [[ "${1}" == "64" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.x86_64" + local BUILDDIR="${BUILDDIR}64" + elif [[ "${1}" == "32" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.i686" + local BUILDDIR="${BUILDDIR}32" + else + echo "WHOOPS. We hit an error that makes no logical sense." + echo 'Dying.' + exit 1 + fi + + if [ -f "/usr/bin/systemd-nspawn" ]; + then + CHROOTCMD="systemd-nspawn -D ${CHROOTDIR}" + else + CHROOTCMD="facehugger ${ARCHSUFFIX}" + fi + + echo "NOW ENTERING ${CHROOTDIR}...." + echo "_____________________________" + ${CHROOTCMD} + CHROOTDIR="${CHROOTDIR_GLOB}" + BUILDDIR="${BUILDDIR_GLOB}" +} diff --git a/lib/07-jenny_craig.func.sh b/lib/07-jenny_craig.func.sh new file mode 100644 index 0000000..2e7d50d --- /dev/null +++ b/lib/07-jenny_craig.func.sh @@ -0,0 +1,67 @@ +function jenny_craig () { + BUILDDIR="${BUILDDIR_GLOB}" + if [[ "${1}" == "64" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.x86_64" + local BUILDDIR="${BUILDDIR}64" + elif [[ "${1}" == "32" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.i686" + local BUILDDIR="${BUILDDIR}32" + else + echo "WHOOPS. We hit an error that makes no logical sense." + echo 'Dying.' + exit 1 + fi + + local _CURDIR=$(pwd) + echo "Syncing important files to ${BUILDDIR} for building the squashed filesystem (this may take some time)..." + + # we have to do this or else the package management from LIVE doesn't really work too hot. + cd ${CHROOTDIR}/var/lib/pacman + echo "Compressing the package DB..." + #rm -f ${CHROOTDIR}/usr/local/pacman.db.tar.xz + tar -cf - local | xz -c9 > ../../../usr/local/pacman.db.tar.xz + cd ${_CURDIR} + + # sync over new changes and trim out the fat + rsync -a --delete ${CHROOTDIR}/. ${BUILDDIR}/. + set +e + cp -af ${BUILDDIR}/usr/share/zoneinfo/EST5EDT ${BUILDDIR}/etc/localtime > /dev/null 2>&1 + cp -af ${CHROOTDIR}/usr/share/zoneinfo/EST5EDT ${CHROOTDIR}/etc/localtime > /dev/null 2>&1 + set -e + cp -af ${BUILDDIR}/usr/share/locale/locale.alias ${BUILDDIR}/tmp/. + echo "Cleaning up unnecessary cruft in ${BUILDDIR}..." + + rm -f ${BUILDDIR}/root/.bash_history + rm -f ${BUILDDIR}/root/.viminfo + #rm -f ${BUILDDIR}/etc/localtime + rm -f ${BUILDDIR}/root/.bashrc + # DISABLE when no longer building custom kernel + #find ${BUILDDIR}/usr/lib/modules/ -maxdepth 1 -iname "*-ARCH" -exec rm -rf '{}' \; + for i in $(ls -1t ${BUILDDIR}/usr/lib/modules | tail -n "+2") ; do rm -rf ${BUILDDIR}/usr/lib/modules/${i} ; done + find ${BUILDDIR}/ -type f -name "*.pacnew" -exec rm -rf '{}' \; + sed -i -e '/^MAKEFLAGS=.*$/d' ${BUILDDIR}/etc/makepkg.conf + rm -rf ${BUILDDIR}/usr/share/locale/* + mv -f ${BUILDDIR}/tmp/locale.alias ${BUILDDIR}/usr/share/locale/. + rm -rf ${BUILDDIR}/var/cache/pacman/* + rm -rf ${BUILDDIR}/var/cache/pkgfile/* + rm -rf ${BUILDDIR}/var/cache/apacman/pkg/* + rm -rf ${BUILDDIR}/var/lib/pacman/* + mkdir -p ${BUILDDIR}/var/lib/pacman/local + rm -rf ${BUILDDIR}/var/abs/local/yaourtbuild/* + rm -rf ${BUILDDIR}/usr/share/zoneinfo + rm -rf ${BUILDDIR}/tmp/* + rm -rf ${BUILDDIR}/var/tmp/* + rm -rf ${BUILDDIR}/var/abs/* + rm -rf ${BUILDDIR}/run/* + rm -rf ${BUILDDIR}/boot/* + #rm -rf ${BUILDDIR}/root/* + rm -rf ${BUILDDIR}/root/post-build.sh + rm -rf ${BUILDDIR}/usr/src/* + rm -rf ${BUILDDIR}/var/log/* + rm -rf ${BUILDDIR}/.git + CHROOTDIR="${CHROOTDIR_GLOB}" + BUILDDIR="${BUILDDIR_GLOB}" +} + diff --git a/lib/08-centos_is_stupid.func.sh b/lib/08-centos_is_stupid.func.sh new file mode 100644 index 0000000..ad0c4dd --- /dev/null +++ b/lib/08-centos_is_stupid.func.sh @@ -0,0 +1,70 @@ +function centos_is_stupid { + echo "Checking for appropriate kernel version and mksquashfs version..." + SQFS_VER=$(mksquashfs -version 2>&1 | head -n1 | awk '{print $3}' | sed -re 's/(^[0-9]*\.[0-9]*).*$/\1/g') + KERN_VER=$(uname -r | cut -f1 -d"-") + SQUASH_OPTS="-noappend -comp xz" + + set +e + ver_check() { + [ "$1" == "$2" ] && return 10 + ver1front=`echo $1 | cut -d "." -f -1` + ver1back=`echo $1 | cut -d "." -f 2-` + ver2front=`echo $2 | cut -d "." -f -1` + ver2back=`echo $2 | cut -d "." -f 2-` + if [ "$ver1front" != "$1" ] || [ "$ver2front" != "$2" ]; then + [ "$ver1front" -gt "$ver2front" ] && return 11 + [ "$ver1front" -lt "$ver2front" ] && return 9 + [ "$ver1front" == "$1" ] || [ -z "$ver1back" ] && ver1back=0 + [ "$ver2front" == "$2" ] || [ -z "$ver2back" ] && ver2back=0 + ver_check "$ver1back" "$ver2back" + return $? + else + [ "$1" -gt "$2" ] && return 11 || return 9 + fi + } + ver_check ${KERN_VER} "2.6.38" + KERNTEST=${?} + ver_check ${SQFS_VER} "4.2" + SQFSTEST=${?} + if [ ${KERNTEST} -lt "10" ]; + then + echo "You need a newer kernel to even think about doing this. (>= 2.6.38)" + echo "If you're on CentOS, there are 3.x branches available via the elrepo repository." + echo "I recommend the 'kernel-lt' package from there." + echo "Bailing out." + exit 1 + #elif [ ${SQFS_VER} -ge "4.2" ] && [ ${KERN_VER} -ge "2.6.38" ]; + elif [ ${SQFSTEST} -ge "10" ] && [ ${KERNTEST} -ge "10" ]; + then + #echo "Awesome; your mksquashfs (if found) is not less than v4.2." + SQUASH_CMD=$(which mksquashfs) + if [ ${?} != "0" ]; + then + echo "...Except you need to install whatever package you need to for mksquashfs." + exit 1 + else + SQUASH_CMD=$(which mksquashfs) + fi + elif [ ${SQFSTEST} -lt "10" ] && [ ${KERNTEST} -ge "10" ]; + then + if [ ! -f ${SRCDIR}/squashfs4.2/squashfs-tools/mksquashfs ]; + then + echo "Boy howdy. We need to compile a custom version of the squashfs-tools because you aren't running a version that supports XZ. Give me a second." + set -e + mkdir -p ${SRCDIR} ${BASEDIR}/bin + cd ${SRCDIR} + #wget --quiet -O squashfs4.2.tar.gz "http://downloads.sourceforge.net/project/squashfs/squashfs/squashfs4.2/squashfs4.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fsquashfs%2Ffiles%2F&ts=1387047818&use_mirror=hivelocity" + curl -o squashfs4.2.tar.gz "http://downloads.sourceforge.net/project/squashfs/squashfs/squashfs4.2/squashfs4.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fsquashfs%2Ffiles%2F&ts=1387047818&use_mirror=hivelocity" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + tar -zxf squashfs4.2.tar.gz + cd squashfs4.2/squashfs-tools + make clean + sed -i -e 's/^#\(XZ_SUPPORT\)/\1/g' Makefile + make + SQUASH_CMD="${SRCDIR}/squashfs4.2/squashfs-tools/mksquashfs" + else + echo "Using custom-compiled mksquashfs from an earlier run." + SQUASH_CMD="${SRCDIR}/squashfs4.2/squashfs-tools/mksquashfs" + fi + fi + set -e +} diff --git a/lib/09-will_it_blend.func.sh b/lib/09-will_it_blend.func.sh new file mode 100644 index 0000000..680feb4 --- /dev/null +++ b/lib/09-will_it_blend.func.sh @@ -0,0 +1,82 @@ +function will_it_blend () { + local ARCHSUFFIX="${1}" + if [[ "${1}" == "64" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.x86_64" + local BUILDDIR="${BUILDDIR}64" + local AIROOT="x86_64" + _CHROOT=${CHROOTDIR} + _BUILD=${BUILDDIR} + _AIROOT=${AIROOT} + elif [[ "${1}" == "32" ]]; + then + local CHROOTDIR="${CHROOTDIR}root.i686" + local BUILDDIR="${BUILDDIR}32" + local AIROOT="i686" + _CHROOT=${CHROOTDIR} + _BUILD=${BUILDDIR} + _AIROOT=${AIROOT} + else + echo "WHOOPS. We hit an error that makes no logical sense." + echo 'Dying.' + exit 1 + fi + + if [[ "${I_AM_A_RACECAR}" == "y" ]]; + then + RACECAR_CHK='nice -n -19 ' + else + RACECAR_CHK="" + fi + + if [ "${CHROOTDIR}/root/.bash_history" -nt "${ARCHBOOT}/${AIROOT}/airootfs.sfs" ] || [ ! -d "${BUILDDIR}/root/" ]; + then + echo "Data is not sync'd to buildroot; syncing..." + CHROOTDIR="${CHROOTDIR_GLOB}" + BUILDDIR="${BUILDDIR_GLOB}" + jenny_craig ${ARCHSUFFIX} + CHROOTDIR="${_CHROOT}" + BUILDDIR="${_BUILD}" + fi + echo "[${ARCHSUFFIX}-bit] Now generating the squashed image (if we need to) and hashes. This may take some time." + BUILDDIR="${BUILDDIR_GLOB}" + local BUILDDIR="${BUILDDIR}${ARCHSUFFIX}" + + # now let's build the squashed image... and generate some checksums as well to verify download integrity. + # are we building split-arch ISOs? do we need the below? + #if [[ "${MULTIARCH}" == "n" ]]; + #then + # rm -rf ${ARCHBOOT} + #fi + mkdir -p ${ARCHBOOT}/${AIROOT} + + if [ ! -f "${ARCHBOOT}/${AIROOT}/airootfs.sfs" ] || [ "${CHROOTDIR}/root/.bash_history" -nt "${ARCHBOOT}/${AIROOT}/airootfs.sfs" ]; + then + echo "[${ARCHSUFFIX}-bit] Squashing filesystem. This can take a while depending on the size of your chroot(s)." + ${RACECAR_CHK}${SQUASH_CMD} ${BUILDDIR} ${ARCHBOOT}/${AIROOT}/airootfs.sfs ${SQUASH_OPTS} >> "${LOGFILE}.${FUNCNAME}" 2>&1 + cd ${ARCHBOOT}/${AIROOT} + ${RACECAR_CHK}sha256sum airootfs.sfs >> airootfs.sha256 + ${RACECAR_CHK}md5sum airootfs.sfs >> airootfs.md5 + cd ${BASEDIR} + else + cd ${BASEDIR} + fi + + # Generate the mtree spec. + # Not really necessary anymore. + #mtree -c -p ${BASEDIR}/chroot -K flags,gid,mode,nlink,uid,link,time,type > ${BASEDIR}/extra/mtree.spec + + # and now we copy stuff into the live directories + echo "[${ARCHSUFFIX}-bit] Copying files for PXE, and ISO building, please be patient." + #rm -rf ${TEMPDIR}/* + cp -af ${BASEDIR}/extra/${UXNAME}.png ${TEMPDIR}/. + cp -af ${BASEDIR}/extra/${UXNAME}.png ${TFTPDIR}/. + mkdir -p ${TEMPDIR}/boot + cp -af ${CHROOTDIR}/boot/initramfs-linux-${PNAME}.img ${TEMPDIR}/boot/${UXNAME}.${ARCHSUFFIX}.img + cp -af ${CHROOTDIR}/boot/vmlinuz-linux-${PNAME} ${TEMPDIR}/boot/${UXNAME}.${ARCHSUFFIX}.kern + cp -af ${CHROOTDIR}/boot/initramfs-linux-${PNAME}.img ${TFTPDIR}/${UXNAME}.${ARCHSUFFIX}.img + cp -af ${CHROOTDIR}/boot/vmlinuz-linux-${PNAME} ${TFTPDIR}/${UXNAME}.${ARCHSUFFIX}.kern + cp -af ${ARCHBOOT}/* ${HTTPDIR}/${DISTNAME}/. + chown -R ${HTTPUSR}:${HTTPGRP} ${HTTPDIR} + chown ${TFTPUSR}:${TFTPGRP} ${TFTPDIR}/${UXNAME}.* +} diff --git a/lib/10-stuffy.func.sh b/lib/10-stuffy.func.sh new file mode 100644 index 0000000..98f1607 --- /dev/null +++ b/lib/10-stuffy.func.sh @@ -0,0 +1,119 @@ +function stuffy { + + cp -f ${BASEDIR}/VERSION_INFO.txt ${TEMPDIR}/. + + if [[ "${I_AM_A_RACECAR}" == "y" ]]; + then + RACECAR_CHK='nice -n -19 ' + else + RACECAR_CHK="" + fi + + echo "Setting up EFI stuff..." + + mkdir -p ${TEMPDIR}/{EFI/{${DISTNAME},boot},loader/entries} + # this stuff comes from the prebootloader pkg and gummiboot pkg. lets us boot on UEFI machines with secureboot still enabled. + cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi ${TEMPDIR}/EFI/boot/bootx64.efi + cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/HashTool.efi ${TEMPDIR}/EFI/boot/. + cp ${BASEDIR}/root.x86_64/usr/lib/gummiboot/gummibootx64.efi ${TEMPDIR}/EFI/boot/loader.efi # TODO: can i use syslinux.efi instead? + + echo "Checking/fetching UEFI shells..." + if [ ! -f "${TEMPDIR}/EFI/shellx64_v2.efi" ]; + then + # EFI Shell 2.0 for UEFI 2.3+ ( http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=UEFI_Shell ) + curl -o ${TEMPDIR}/EFI/shellx64_v2.efi https://svn.code.sf.net/p/edk2/code/trunk/edk2/ShellBinPkg/UefiShell/X64/Shell.efi >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + if [ ! -f "${TEMPDIR}/EFI/shellx64_v1.efi" ]; + then + # EFI Shell 1.0 for non UEFI 2.3+ ( http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=Efi-shell ) + curl -o ${TEMPDIR}/EFI/shellx64_v1.efi https://svn.code.sf.net/p/edk2/code/trunk/edk2/EdkShellBinPkg/FullShell/X64/Shell_Full.efi >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + + # now for setting up loader config/entries. maybe add memtest or something in the future? i dunno. + cat > ${TEMPDIR}/loader/loader.conf << EOF +timeout 3 +default ${UXNAME} +EOF + cat > ${TEMPDIR}/loader/entries/${UXNAME}_ram.conf << EOF +title ${PNAME} (RAM) +linux /boot/${UXNAME}.kern +initrd /boot/${UXNAME}.img +options copytoram archisobasedir=${DISTNAME} archisolabel=${DISTNAME} +EOF + cat > ${TEMPDIR}/loader/entries/${UXNAME}.conf << EOF +title ${PNAME} (Media) +linux /boot/${UXNAME}.kern +initrd /boot/${UXNAME}.img +options archisobasedir=${DISTNAME} archisolabel=${DISTNAME} +EOF + cat > ${TEMPDIR}/loader/entries/uefi2.conf << EOF +title UEFI Shell (v2) +efi /EFI/shellx64_v2.efi +EOF + cat > ${TEMPDIR}/loader/entries/uefi1.conf << EOF +title UEFI Shell (v1) +efi /EFI/shellx64_v1.efi +EOF + + + # create the embedded efiboot FAT stuff + # how big should we make the disk? + echo "Generating the EFI embedded FAT filesystem..." + # are we building split-arch ISOs? + if [[ "${MULTIARCH}" == "n" ]]; + then + rm -f ${TEMPDIR}/EFI/${DISTNAME}/efiboot.img + fi + # now we need to calculate the space for various files we're going to include... + FATSIZE=$(stat --format="%s" ${TEMPDIR}/boot/${UXNAME}.64.kern) # EFI/BDISK/bdisk.efi + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/boot/${UXNAME}.64.img))) # EFI/BDISK/bdisk.img + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi))) # EFI/boot/bootx64.efi + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${BASEDIR}/root.x86_64/usr/lib/prebootloader/HashTool.efi))) # EFI/boot/HashTool.efi + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${BASEDIR}/root.x86_64/usr/lib/gummiboot/gummibootx64.efi))) # EFI/boot/loader.efi + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/EFI/shellx64_v1.efi))) + FATSIZE=$((${FATSIZE} + $(stat --format="%s" ${TEMPDIR}/EFI/shellx64_v2.efi))) + FATSIZE=$((${FATSIZE} + $(du -sb ${TEMPDIR}/loader | tail -n1 | awk '{print $1}'))) # loader/* (okay so i cheated a little here.) + FATSIZE=$((${FATSIZE} + 786432)) # let's give a little wiggle room; 768k should do it. -_- + ${RACECAR_CHK}truncate -s "${FATSIZE}" ${TEMPDIR}/EFI/${DISTNAME}/efiboot.img + ${RACECAR_CHK}mkfs.vfat -F 32 -n ${DISTNAME}_EFI ${TEMPDIR}/EFI/${DISTNAME}/efiboot.img >> "${LOGFILE}.${FUNCNAME}" 2>&1 + mkdir -p ${SRCDIR}/efiboot + mount ${TEMPDIR}/EFI/${DISTNAME}/efiboot.img ${SRCDIR}/efiboot + mkdir -p ${SRCDIR}/efiboot/EFI/${DISTNAME} + cp ${TEMPDIR}/boot/${UXNAME}.64.kern ${SRCDIR}/efiboot/EFI/${DISTNAME}/${UXNAME}.efi + cp ${TEMPDIR}/boot/${UXNAME}.64.img ${SRCDIR}/efiboot/EFI/${DISTNAME}/${UXNAME}.img + mkdir -p ${SRCDIR}/efiboot/{EFI/boot,loader/entries} +# GETTING DEJA VU HERE. + cat > ${SRCDIR}/efiboot/loader/loader.conf << EOF +timeout 3 +default ${UXNAME} +EOF + cat > ${SRCDIR}/efiboot/loader/entries/${UXNAME}_ram.conf << EOF +title ${PNAME} (RAM) +linux /EFI/${DISTNAME}/${UXNAME}.efi +initrd /EFI/${DISTNAME}/${UXNAME}.img +options copytoram archisobasedir=${DISTNAME} archisolabel=${DISTNAME} +EOF + cat > ${SRCDIR}/efiboot/loader/entries/${UXNAME}.conf << EOF +title ${PNAME} (Media) +linux /EFI/${DISTNAME}/${UXNAME}.efi +initrd /EFI/${DISTNAME}/${UXNAME}.img +options archisobasedir=${DISTNAME} archisolabel=${DISTNAME} +EOF + cat > ${SRCDIR}/efiboot/loader/entries/uefi2.conf << EOF +title UEFI Shell (v2) +efi /EFI/shellx64_v2.efi +EOF + cat > ${SRCDIR}/efiboot/loader/entries/uefi1.conf << EOF +title UEFI Shell (v1) +efi /EFI/shellx64_v1.efi +EOF + + cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/PreLoader.efi ${SRCDIR}/efiboot/EFI/boot/bootx64.efi + cp ${BASEDIR}/root.x86_64/usr/lib/prebootloader/HashTool.efi ${SRCDIR}/efiboot/EFI/boot/. + cp ${BASEDIR}/root.x86_64/usr/lib/gummiboot/gummibootx64.efi ${SRCDIR}/efiboot/EFI/boot/loader.efi # TODO: can i use syslinux.efi instead? + cp ${TEMPDIR}/EFI/shellx64_v{1,2}.efi ${SRCDIR}/efiboot/EFI/. + umount ${SRCDIR}/efiboot + echo "EFI configuration complete..." + +} + diff --git a/lib/11-yo_dj.func.sh b/lib/11-yo_dj.func.sh new file mode 100644 index 0000000..3716928 --- /dev/null +++ b/lib/11-yo_dj.func.sh @@ -0,0 +1,353 @@ +function yo_dj () { + ARCH="${1}" + echo "Building the actual .iso image. This may take a while." + im_batman + ISOFILENAME="${UXNAME}-${VERSION}.iso" + #MINIFILENAME="${UXNAME}-${VERSION}-mini.iso" + MINIFILENAME="${UXNAME}-mini.iso" + USBFILENAME="${UXNAME}-mini.usb.img" + if [[ "${MULTIARCH}" == "y" ]]; + then + ISOFILENAME="${UXNAME}-${VERSION}-any.iso" + else + ISOFILENAME="${UXNAME}-${VERSION}-${ARCH}.iso" + fi + + if [[ "${I_AM_A_RACECAR}" == "y" ]]; + then + RACECAR_CHK='nice -n -19 ' + else + RACECAR_CHK="" + fi + + # and why not? generate the ISO. + ## we need to generate the isolinux.cfg + mkdir -p ${TEMPDIR}/isolinux + if [[ "${MULTIARCH}" == "y" ]]; + then + ## MULTIARCH ISO + cat > ${TEMPDIR}/isolinux/isolinux.cfg << EOF +UI vesamenu.c32 +DEFAULT check +PROMPT 0 +TIMEOUT 50 +MENU HIDDEN +#ONTIMEOUT ${UXNAME}_ram +ONTIMEOUT check +MENU TABMSG Press [TAB] to edit options +#MENU TITLE ${PNAME} (ISO edition) +MENU ROWS 16 +MENU TIMEOUTROW 22 +MENU TABMSGROW 24 +MENU CMDLINEROW 24 +MENU HELPMSGROW 26 +MENU WIDTH 78 +MENU MARGIN 6 +MENU IMMEDIATE +# http://www.colorpicker.com/ +MENU color border 0 #00000000 #00000000 none +MENU color title 0 #FFF5B800 #00000000 std +MENU color sel 7;37;40 #FF000000 #FFFFFFFF all +MENU color hotsel 1;7;37;40 #FFFF0000 #FFC0C0C0 all +MENU color hotkey 1;7;37;40 #FF0000CC #FFC0C0C0 all +MENU color tabmsg 1;31;40 #FF808080 #00000000 std +MENU color help 1;31;40 #FFFFFFFF #FF000000 none +MENU color timeout_msg 0 #FFFFB300 #00000000 none +MENU color timeout 0 #FFFF0000 #FF000000 none +MENU color cmdline 0 #FFFFFFFF #FF000000 none +MENU color cmdmark 1;36;40 #C000FFFF #FF000000 std +MENU color scrollbar 30;44 #FF00FF00 #FF000000 std +MENU color msg07 0 #FF000000 #00FFFFFF none +MENU BACKGROUND /${UXNAME}.png + +LABEL check + MENU LABEL Your best supported kernel should be detected automatically. + COM32 ifcpu64.c32 + APPEND ${UXNAME}_64 -- ${UXNAME}_32 + MENU DEFAULT + + + +LABEL local_override + MENU LABEL Local ^Boot + localboot 0 + TEXT HELP + Boot from the local system instead. + ENDTEXT + +LABEL reboot + MENU LABEL ^Reboot + COM32 reboot.c32 + TEXT HELP + Reboot the machine + ENDTEXT + +MENU SEPARATOR + +## 64 BIT +MENU BEGIN 64BIT +MENU LABEL ^1) 64-Bit ... +ONTIMEOUT ${UXNAME}_64 + +LABEL ${UXNAME}_ram_64 + MENU LABEL ^1) ${PNAME} (run from RAM) + LINUX /boot/${UXNAME}.64.kern + INITRD /boot/${UXNAME}.64.img + APPEND copytoram archisobasedir=${DISTNAME} archisolabel=${DISTNAME} + TEXT HELP + 64-bit, run from RAM + ENDTEXT + MENU DEFAULT + +LABEL ${UXNAME}_64 + MENU LABEL ^1) ${PNAME} (Default) + LINUX /boot/${UXNAME}.64.kern + INITRD /boot/${UXNAME}.64.img + APPEND archisobasedir=${DISTNAME} archisolabel=${DISTNAME} + TEXT HELP + Same as the above, except run directly from the CD- + don't copy the image to RAM. (Best for lower-memory boxes) + ENDTEXT + +MENU END + +MENU BEGIN 32BIT +MENU LABEL ^2) 32-Bit ... +ONTIMEOUT ${UXNAME}_32 + +## 32 BIT +LABEL ${UXNAME}_ram_32 + MENU LABEL ^1) ${PNAME} (run from RAM) + LINUX /boot/${UXNAME}.32.kern + INITRD /boot/${UXNAME}.32.img + APPEND copytoram archisobasedir=${DISTNAME} archisolabel=${DISTNAME} + TEXT HELP + 32-bit, run from RAM + ENDTEXT + MENU DEFAULT + +LABEL ${UXNAME}_32 + MENU LABEL ^2) ${PNAME} (Default) + LINUX /boot/${UXNAME}.32.kern + INITRD /boot/${UXNAME}.32.img + APPEND archisobasedir=${DISTNAME} archisolabel=${DISTNAME} + TEXT HELP + Same as the above, except run directly from the CD- + don't copy the image to RAM. (Best for lower-memory boxes) + ENDTEXT + +MENU END +EOF + else + ## ARCH-SPECIFIC ISO + cat > ${TEMPDIR}/isolinux/isolinux.cfg << EOF +UI vesamenu.c32 +DEFAULT check +PROMPT 0 +TIMEOUT 50 +MENU HIDDEN +ONTIMEOUT ${UXNAME}_ram_${ARCH} +MENU TABMSG Press [TAB] to edit options +#MENU TITLE ${PNAME} (ISO edition) +MENU ROWS 16 +MENU TIMEOUTROW 22 +MENU TABMSGROW 24 +MENU CMDLINEROW 24 +MENU HELPMSGROW 26 +MENU WIDTH 78 +MENU MARGIN 6 +MENU IMMEDIATE +# http://www.colorpicker.com/ +MENU color border 0 #00000000 #00000000 none +MENU color title 0 #FFF5B800 #00000000 std +MENU color sel 7;37;40 #FF000000 #FFFFFFFF all +MENU color hotsel 1;7;37;40 #FFFF0000 #FFC0C0C0 all +MENU color hotkey 1;7;37;40 #FF0000CC #FFC0C0C0 all +MENU color tabmsg 1;31;40 #FF808080 #00000000 std +MENU color help 1;31;40 #FFFFFFFF #FF000000 none +MENU color timeout_msg 0 #FFFFB300 #00000000 none +MENU color timeout 0 #FFFF0000 #FF000000 none +MENU color cmdline 0 #FFFFFFFF #FF000000 none +MENU color cmdmark 1;36;40 #C000FFFF #FF000000 std +MENU color scrollbar 30;44 #FF00FF00 #FF000000 std +MENU color msg07 0 #FF000000 #00FFFFFF none +MENU BACKGROUND /${UXNAME}.png + +LABEL local_override + MENU LABEL Local ^Boot + localboot 0 + TEXT HELP + Boot from the local system instead. + ENDTEXT + +LABEL reboot + MENU LABEL ^Reboot + COM32 reboot.c32 + TEXT HELP + Reboot the machine + ENDTEXT + +MENU SEPARATOR + +MENU BEGIN ${ARCH}BIT +MENU LABEL ^1) ${ARCH}-Bit ... +ONTIMEOUT ${UXNAME}_${ARCH} + +LABEL ${UXNAME}_ram_${ARCH} + MENU LABEL ^1) ${PNAME} (run from RAM) + LINUX /boot/${UXNAME}.${ARCH}.kern + INITRD /boot/${UXNAME}.${ARCH}.img + APPEND copytoram archisobasedir=${DISTNAME} archisolabel=${DISTNAME} + TEXT HELP + ${ARCH}-bit, run from RAM + ENDTEXT + MENU DEFAULT + +LABEL ${UXNAME}_${ARCH} + MENU LABEL ^1) ${PNAME} (Default) + LINUX /boot/${UXNAME}.${ARCH}.kern + INITRD /boot/${UXNAME}.${ARCH}.img + APPEND archisobasedir=${DISTNAME} archisolabel=${DISTNAME} + TEXT HELP + Same as the above, except run directly from the CD- + don't copy the image to RAM. (Best for lower-memory boxes) + ENDTEXT + +MENU END +EOF + fi + + stuffy + + rm -f ${ISOFILENAME} + if [ "${ARCHBOOT}" != "${TEMPDIR}/${DISTNAME}" ]; + then + mkdir -p ${TEMPDIR}/${DISTNAME} + rsync -a --delete ${ARCHBOOT}/. ${TEMPDIR}/${DISTNAME}/. + fi + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/isolinux.bin ${TEMPDIR}/isolinux + #cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/isolinux-debug.bin ${TEMPDIR}/isolinux/isolinux.bin #debugging + #cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/* ${TEMPDIR}/isolinux/. #debugging + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/vesamenu.c32 ${TEMPDIR}/isolinux + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/linux.c32 ${TEMPDIR}/isolinux + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/reboot.c32 ${TEMPDIR}/isolinux + if [ -f ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/ldlinux.c32 ]; + then + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/ldlinux.c32 ${TEMPDIR}/isolinux + fi + if [ -f ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/libcom32.c32 ]; + then + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/libcom32.c32 ${TEMPDIR}/isolinux + fi + if [ -f ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/libutil.c32 ]; + then + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/libutil.c32 ${TEMPDIR}/isolinux + fi + if [ -f ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/ifcpu64.c32 ]; + then + cp -af ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/ifcpu64.c32 ${TEMPDIR}/isolinux + fi + cd ${TEMPDIR} + + cd .. + ${RACECAR_CHK}xorriso -as mkisofs \ +`#-quiet` \ +`#-joliet` \ +`#-rock` \ +`#-omit-version-number` \ +`#-disable-deep-relocation` \ +-iso-level 3 \ +-full-iso9660-filenames \ +-volid "${DISTNAME}" \ +-appid "${DISTDESC}" \ +-publisher "${DISTPUB}" \ +`#-preparer "prepared by ${0}"` \ +-preparer "prepared by ${DISTPUB}" \ +-eltorito-boot isolinux/isolinux.bin \ +-eltorito-catalog isolinux/boot.cat \ +`#-isohybrid-mbr ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/isohdpfx.bin` \ +-no-emul-boot \ +-boot-load-size 4 \ +-boot-info-table \ +-isohybrid-mbr ${BASEDIR}/root.x86_64/usr/lib/syslinux/bios/isohdpfx.bin \ +-eltorito-alt-boot \ +-e EFI/${DISTNAME}/efiboot.img \ +-no-emul-boot \ +`#--efi-boot EFI/${DISTNAME}/efiboot.img` \ +-isohybrid-gpt-basdat \ +-output "${ISODIR}/${ISOFILENAME}" "${TEMPDIR}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + + ## Build the mini-ISO ## + if [[ "${BUILDMINI}" == "y" ]]; + then + echo "Now generating the iPXE images; please wait..." + git submodule init >> "${LOGFILE}.${FUNCNAME}" 2>&1 + git submodule update >> "${LOGFILE}.${FUNCNAME}" 2>&1 + cd ${BASEDIR}/src/ipxe/src + git clean -xdf > /dev/null 2>&1 + git reset --hard HEAD >> "${LOGFILE}.${FUNCNAME}" 2>&1 + git checkout master >> "${LOGFILE}.${FUNCNAME}" 2>&1 + git pull >> "${LOGFILE}.${FUNCNAME}" 2>&1 + git checkout master >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for i in $(find ${BASEDIR}/src/ipxe_local/patches/ -type f -iname "*.patch" -printf '%P\n' | sort); + do + patch -Np2 < ${BASEDIR}/src/ipxe_local/patches/${i} >> "${LOGFILE}.${FUNCNAME}" 2>&1 + done + #make everything EMBED="${BASEDIR}/src/ipxe_local/EMBED" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + make bin-i386-efi/ipxe.efi bin-x86_64-efi/ipxe.efi EMBED="${BASEDIR}/src/ipxe_local/EMBED" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + make bin/ipxe.eiso bin/ipxe.usb EMBED="${BASEDIR}/src/ipxe_local/EMBED" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + # Change this to USB-only... + #make all EMBED="${BASEDIR}/src/ipxe_local/EMBED" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + mv -f ${BASEDIR}/src/ipxe/src/bin/ipxe.usb ${ISODIR}/${USBFILENAME} + mv -f ${BASEDIR}/src/ipxe/src/bin/ipxe.eiso ${ISODIR}/${MINIFILENAME} + make clean >> "${LOGFILE}.${FUNCNAME}" 2>&1 + git reset --hard >> "${LOGFILE}.${FUNCNAME}" 2>&1 + git clean -xdf > /dev/null 2>&1 + git checkout master > /dev/null 2>&1 + #git reset --hard HEAD > /dev/null 2>&1 + echo + fi + + #isohybrid ${ISOFILENAME} + cd ${ISODIR} + ${RACECAR_CHK}sha256sum ${ISOFILENAME} > ${ISOFILENAME}.sha256 + if [[ "${BUILDMINI}" == "y" ]]; + then + ${RACECAR_CHK}sha256sum ${MINIFILENAME} > ${MINIFILENAME}.sha256 + ${RACECAR_CHK}sha256sum ${USBFILENAME} > ${USBFILENAME}.sha256 + fi + cd .. + echo "=ISO=" + echo "Size: $(ls -lh ${ISODIR}/${ISOFILENAME} | awk '{print $5}')" + echo "SHA256: $(awk '{print $1}' ${ISODIR}/${ISOFILENAME}.sha256)" + echo "Location: ${ISODIR}/${ISOFILENAME}" + if [[ "${BUILDMINI}" == "y" ]]; + then + echo "=Mini=" + echo "Size: $(ls -lh ${ISODIR}/${MINIFILENAME} | awk '{print $5}')" + echo "SHA256: $(awk '{print $1}' ${ISODIR}/${MINIFILENAME}.sha256)" + echo "Location: ${ISODIR}/${MINIFILENAME}" + echo "=Mini USB=" + echo "Size: $(ls -lh ${ISODIR}/${USBFILENAME} | awk '{print $5}')" + echo "SHA256: $(awk '{print $1}' ${ISODIR}/${USBFILENAME}.sha256)" + echo "Location: ${ISODIR}/${USBFILENAME}" + fi + #rm -rf ${TEMPDIR}/* + + # are we rsyncing? + if [ -n "${RSYNC_HOST}" ]; + then + echo + echo "Now sending to ${RSYNC_HOST} via rsync. This may take a while..." + echo "Sending TFTP files..." + rsync -az --info=progress2 ${TFTPDIR} ${RSYNC_HOST}:${RSYNC_DEST}/. + echo "Sending HTTP files..." + rsync -az --info=progress2 ${HTTPDIR} ${RSYNC_HOST}:${RSYNC_DEST}/. +# rsync -a ${TEMPDIR}/boot/${UXNAME}.* ${RSYNC_HOST}:${RSYNC_DEST}/http/. + echo "Sending the image files..." + rsync -az --info=progress2 ${ISODIR} ${RSYNC_HOST}:${RSYNC_DEST}/. + echo "Sending extra files..." + rsync -az --info=progress2 ${BASEDIR}/extra/packages.* ${RSYNC_HOST}:${RSYNC_DEST}/. + rsync -az --info=progress2 ${BASEDIR}/VERSION_INFO.txt ${RSYNC_HOST}:${RSYNC_DEST}/. + fi +} diff --git a/lib/12-mentos.func.sh b/lib/12-mentos.func.sh new file mode 100644 index 0000000..95e7a32 --- /dev/null +++ b/lib/12-mentos.func.sh @@ -0,0 +1,99 @@ +function mentos { + # Freshen up the chroots to git's HEAD. Package lists, overlay, etc. + sed -i -e '/base-devel/d ; /multilib-devel/d' ${BASEDIR}/extra/packages.* + # both + echo "Installing common packages..." + PKGLIST=$(sed -e '/^[[:space:]]*#/d ; /^[[:space:]]*$/d' ${BASEDIR}/extra/packages.both | tr '\n' ' ') + + if [ -f "/usr/bin/systemd-nspawn" ]; + then + CHROOTCMD="systemd-nspawn -D" + else + CHROOTCMD="${CHROOTDIR64}/bin/arch-chroot" + fi + + if [[ "${I_AM_A_RACECAR}" == "y" ]]; + then + RACECAR_CHK='nice -n -19 ' + else + RACECAR_CHK="" + fi + + if [[ -n $(find ${BASEDIR}/extra/pre-build.d/ -type f -newer ${BASEDIR}/root.x86_64/boot/vmlinuz-linux-${PNAME}) ]]; + then + touch ${LOCKFILE} + sleep 2 + find ${BASEDIR}/extra/pre-build.d/ -exec touch '{}' \; + rsync -a ${BASEDIR}/extra/pre-build.d/64/. ${BASEDIR}/root.x86_64/. + rsync -a ${BASEDIR}/extra/pre-build.d/32/. ${BASEDIR}/root.i686/. + find ${BASEDIR}/root.x86_64/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + find ${BASEDIR}/root.i686/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + fi + + for i in ${CHROOTDIR32} ${CHROOTDIR64}; + do + echo -n "...Packages installing/upgrading to ${i}..." + local INSTKERN=$(file ${i}/boot/vmlinuz-linux-${PNAME} | awk '{print $9}' | cut -f1 -d"-") + local MIRROR=$(egrep '^Server' ${i}/etc/pacman.d/mirrorlist | head -n1 | sed -e 's/^Server\ =\ //g ; s#$repo.*#core/os/x86_64/#g') + local NEWKERN=$(curl -s "${MIRROR}" | grep linux | awk '{print $3}' | cut -f2 -d\" | egrep '^linux-[0-9].*pkg.tar.xz$' | cut -f2 -d"-") + + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%.pacorig} ; done + ${CHROOTCMD} ${i}/ bash -c "${RACECAR_CHK}apacman --noconfirm --noedit --skipinteg -S --needed --purgebuild --ignore linux ${PKGLIST}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + for x in $(find ${i}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%.pacorig} ; done + ${CHROOTCMD} ${i}/ /usr/bin/bash -c "mkinitcpio -p linux" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + #${CHROOTCMD} ${i}/ bash -c "apacman --noconfirm --noedit --skipinteg -S --needed ${PKGLIST}" + cp -a ${i}/boot/vmlinuz-linux ${i}/boot/vmlinuz-linux-${PNAME} + cp -a ${i}/boot/initramfs-linux.img ${i}/boot/initramfs-linux-${PNAME}.img + echo "Done." + done + + # we need to set -e for the following as they may fail. + # 32-bit + echo "Installing packages for 32-bit..." + PKGLIST=$(sed -e '/^[[:space:]]*#/d ; /^[[:space:]]*$/d' ${BASEDIR}/extra/packages.32 | tr '\n' ' ') + if [ -n "${PKGLIST}" ]; + then + ${CHROOTCMD} ${CHROOTDIR32}/ bash -c "yes '' | ${RACECAR_CHK}apacman --noconfirm --noedit --skipinteg -S --needed --purgebuild ${PKGLIST}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + for x in $(find ${CHROOTDIR32}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%.pacorig} ; done + + # 64-bit + echo "Installing packages for 64-bit..." + PKGLIST=$(sed -e '/^[[:space:]]*#/d ; /^[[:space:]]*$/d' ${BASEDIR}/extra/packages.64 | tr '\n' ' ') + if [ -n "${PKGLIST}" ]; + then + ${CHROOTCMD} ${CHROOTDIR64}/ bash -c "yes '' | ${RACECAR_CHK}apacman --noconfirm --noedit --skipinteg -S --needed --purgebuild ${PKGLIST}" >> "${LOGFILE}.${FUNCNAME}" 2>&1 + fi + for x in $(find ${CHROOTDIR64}/etc/ -type f -iname "*.pacorig");do mv -f ${x} ${x%.pacorig} ; done + #${CHROOTCMD} ${CHROOTDIR64}/ bash -c "apacman --noconfirm --noedit --skipinteg -S --needed ${PKGLIST}" + echo "Syncing overlay..." + rsync -a ${BASEDIR}/overlay/64/. ${CHROOTDIR64}/. + echo "Done." + + echo "Syncing overlay..." + touch ${LOCKFILE} + sleep 2 + find ${BASEDIR}/overlay -exec touch '{}' \; + rsync -a --exclude '/32' --exclude '/64' ${BASEDIR}/overlay/. ${CHROOTDIR64}/. + rsync -a --exclude '/32' --exclude '/64' ${BASEDIR}/overlay/. ${CHROOTDIR32}/. + rsync -a ${BASEDIR}/overlay/32/. ${CHROOTDIR32}/. + rsync -a ${BASEDIR}/overlay/64/. ${CHROOTDIR64}/. + find ${CHROOTDIR64}/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + find ${CHROOTDIR32}/ -newer ${LOCKFILE} -exec chown -R root:root '{}' \; + chown -R 1000:1000 ${CHROOTDIR32}/home/${REGUSR} + chown -R 1000:1000 ${CHROOTDIR64}/home/${REGUSR} + find ${CHROOTDIR64}/home/${REGUSR}/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR64}/home/${REGUSR}/ -type f -exec chmod 600 '{}' \; + find ${CHROOTDIR32}/home/${REGUSR}/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR32}/home/${REGUSR}/ -type f -exec chmod 600 '{}' \; + chown -R 0:0 ${CHROOTDIR32}/root + chown -R 0:0 ${CHROOTDIR64}/root + find ${CHROOTDIR64}/root/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR64}/root/ -type f -exec chmod 600 '{}' \; + find ${CHROOTDIR32}/root/ -type d -exec chmod 700 '{}' \; + find ${CHROOTDIR32}/root/ -type f -exec chmod 600 '{}' \; + chmod 600 ${CHROOTDIR64}/etc/ssh/* + chmod 600 ${CHROOTDIR32}/etc/ssh/* + echo "Done." + +}