Fixes based on feedback in PR #413

Dockerfile

@@ -1,25 +1,54 @@
 # SPDX-FileCopyrightText: 2024 Lance Vick <lance@vick.house>
+# SPDX-FileCopyrightText: 2025 Kevin Nause <kevin@nause.engineering>
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-FROM scratch as build
+ARG ARCH=x86
-ADD target/ /
+ARG USER=user
+ARG UID=1000
+ARG GID=1000
+ARG HOME=/home/${USER}
+
+FROM scratch AS build
+ARG TARGET
+ARG INIT
+COPY ${TARGET} /
+
+FROM build AS build-aarch64
+RUN ["/bootstrap-seeds/POSIX/AArch64/kaem-optional-seed"]
+
+FROM build AS build-amd64
+RUN ["/bootstrap-seeds/POSIX/AMD64/kaem-optional-seed"]
+
+FROM build AS build-riscv32
+RUN ["/bootstrap-seeds/POSIX/riscv32/kaem-optional-seed"]
+
+FROM build AS build-riscv64
+RUN ["/bootstrap-seeds/POSIX/riscv64/kaem-optional-seed"]
+
+FROM build AS build-x86
 RUN ["/bootstrap-seeds/POSIX/x86/kaem-optional-seed"]
 
-FROM build as install
+FROM build-${ARCH} AS install
+ARG USER
+ARG UID
+ARG GID
+ARG HOME
 ENV PATH=/bin:/usr/sbin:/usr/bin
-RUN set -eux; \
+RUN set -eu; \
     rm -rf /usr/lib/python*/__pycache__; \
-    mkdir -p /rootfs/etc /rootfs/home/user; \
+    mkdir -p /rootfs/etc /rootfs/${HOME}; \
     cp -R $(ls -d /etc/* | grep -v '\(resolv.conf\|hosts\)') /rootfs/etc/; \
     cp -R lib usr bin var /rootfs/; \
-    echo "user:x:1000:" > /rootfs/etc/group; \
+    echo "${USER}:x:${GID}:" > /rootfs/etc/group; \
-    echo "user:x:1000:1000::/home/user:/bin/bash" > /rootfs/etc/passwd; \
+    echo "${USER}:x:${UID}:${GID}::${HOME}:/bin/bash" > /rootfs/etc/passwd; \
     find /rootfs -exec touch -hcd "@0" "{}" +
 
-FROM scratch as package
+FROM scratch AS package
+ARG UID
+ARG GID
 COPY --from=install /rootfs /
-USER 1000:1000
+USER ${UID}:${GID}
 ENTRYPOINT ["/bin/bash"]
 ENV TZ=UTC
 ENV LANG=C.UTF-8

README.rst

@@ -33,8 +33,8 @@ Without using Python:
    passing it to ``rootfs.py```).
 1. ``git clone https://github.com/fosslinux/live-bootstrap``
 2. ``git submodule update --init --recursive``
-3. Consider whether you are going to run this in a chroot, in QEMU, or on bare
+3. Consider whether you are going to run this in a chroot, in QEMU, on bare
-   metal. (All of this *can* be automated, but not in a trustable way. See
+   metal, or docker. (All of this *can* be automated, but not in a trustable way. See
    further below.)
 
    a. **chroot:** Create a directory where the chroot will reside, run
@@ -73,6 +73,15 @@ Without using Python:
         (``-nic user,model=e1000``), and ``-machine kernel-irqchip=split``.
    c. **Bare metal:** Follow the same steps as QEMU, but the disks need to be
       two different *physical* disks, and boot from the first disk.
+   d. **Docker:** Follow the same steps as chroot. To debug build errors, see
+      [docker buildx debug](https://docs.docker.com/reference/cli/docker/buildx/debug/).
+
+      ```bash
+      DOCKER_BUILDKIT=1 BUILDX_EXPERIMENTAL=1 \
+      docker buildx debug --invoke /bin/sh build \
+      --build-arg=ARCH=x86 --build-arg=TARGET=target/ --build-arg=SOURCE_DATE_EPOCH=1 \
+      --progress=auto --platform=linux/amd64 --target=install --tag=live-bootstrap-debug .
+      ```
 
 Mirrors
 -------

rootfs.py

@@ -14,6 +14,7 @@ you can run bootstap inside chroot.
 # SPDX-FileCopyrightText: 2021-23 Samuel Tyler <samuel@samuelt.me>
 # SPDX-FileCopyrightText: 2023-24 Gábor Stefanik <netrolller.3d@gmail.com>
 # SPDX-FileCopyrightText: 2024 Lance Vick <lance@vick.house>
+# SPDX-FileCopyrightText: 2025 Kevin Nause <kevin@nause.engineering>
 
 import argparse
 import os
@@ -42,8 +43,8 @@ def create_configuration_file(args):
         config.write(f"FINAL_JOBS={args.cores}\n")
         config.write(f"INTERNAL_CI={args.internal_ci or False}\n")
         config.write(f"INTERACTIVE={args.interactive}\n")
-        config.write(f"BARE_METAL={args.bare_metal}\n")
+        config.write(f"QEMU={args.qemu}\n")
-        config.write(f"EXTERNAL_SOURCES={args.external_sources}\n")
+        config.write(f"BARE_METAL={args.bare_metal or (args.qemu and args.interactive)}\n")
         if (args.bare_metal or args.qemu) and not args.kernel:
             if args.repo or args.external_sources:
                 config.write("DISK=sdb1\n")
@@ -262,15 +263,17 @@ print(shutil.which('chroot'))
         generator.prepare(target, using_kernel=False)
         arch = stage0_arch_map.get(args.arch, args.arch)
         init = os.path.join(os.sep, 'bootstrap-seeds', 'POSIX', arch, 'kaem-optional-seed')
-        print(generator.target_dir, init)
+        target_rel = os.path.relpath(generator.target_dir, os.getcwd())
-        run('env', '-i', 'DOCKER_BUILDKIT=1', 'SOURCE_DATE_EPOCH=1',
+        run('env', '-i', 'DOCKER_BUILDKIT=1',
-                                                 'docker', 'build',
+            'docker', 'build',
-                                                 '--build-arg=SOURCE_DATE_EPOCH=1',
+            '--build-arg=ARCH='+ arch,
-                                                 '--progress=plain',
+            '--build-arg=TARGET=' + target_rel,
-                                                 '--platform=linux/amd64',
+            '--build-arg=SOURCE_DATE_EPOCH=1',
-                                                 '--target=package',
+            '--progress=auto',
-                                                 '--tag', 'local/live-bootstrap',
+            '--platform=linux/amd64',
-                                                 '.')
+            '--target=package',
+            '--tag=live-bootstrap',
+            '.')
 
     elif args.bwrap:
         init = '/init'

steps/improve/finalize_fhs.sh

@@ -16,8 +16,58 @@ mount | grep '/sys' &> /dev/null || (mkdir -p /sys; mount -t sysfs sysfs /sys)
 mount | grep '/tmp' &> /dev/null || (mkdir -p /tmp; mount -t tmpfs tmpfs /tmp)
 mount | grep '/dev/shm' &> /dev/null || (mkdir -p /dev/shm; mount -t tmpfs tmpfs /dev/shm)
 
-if [ "${EXTERNAL_SOURCES}" = "False" ]; then
+if [ "${CHROOT}" = False ]; then
-    # Add /etc/resolv.conf
+    rm /etc/mtab
+    ln -s /proc/mounts /etc/mtab
+fi
+
+# Add /etc/resolv.conf
+if [ ! -e "/etc/resolv.conf" ]; then
     echo 'nameserver 1.1.1.1' > /etc/resolv.conf
+fi
+if [ ! -e "/etc/resolv.conf/head" ]; then
     echo 'nameserver 1.1.1.1' > /etc/resolv.conf.head
 fi
+
+# /etc/passwd -- taken from LFS
+if [ ! -e "/etc/passwd" ]; then
+    cat > /etc/passwd << "EOF"
+root:x:0:0:root:/root:/bin/bash
+bin:x:1:1:bin:/dev/null:/usr/bin/false
+daemon:x:6:6:Daemon User:/dev/null:/usr/bin/false
+messagebus:x:18:18:D-Bus Message Daemon User:/run/dbus:/usr/bin/false
+uuidd:x:80:80:UUID Generation Daemon User:/dev/null:/usr/bin/false
+nobody:x:65534:65534:Unprivileged User:/dev/null:/usr/bin/false
+EOF
+fi
+
+# /etc/group -- taken from LFS
+if [ ! -e "/etc/group" ]; then
+    cat > /etc/group << "EOF"
+root:x:0:
+bin:x:1:daemon
+sys:x:2:
+kmem:x:3:
+tape:x:4:
+tty:x:5:
+daemon:x:6:
+floppy:x:7:
+disk:x:8:
+lp:x:9:
+dialout:x:10:
+audio:x:11:
+video:x:12:
+utmp:x:13:
+usb:x:14:
+cdrom:x:15:
+adm:x:16:
+messagebus:x:18:
+input:x:24:
+mail:x:34:
+kvm:x:61:
+uuidd:x:80:
+wheel:x:97:
+users:x:999:
+nogroup:x:65534:
+EOF
+fi