kylekrein/live-bootstrap
1
0
Fork 0
mirror of https://github.com/fosslinux/live-bootstrap.git synced 2026-03-23 03:26:31 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add minimal unprivileged bootstrap

Browse source
This commit is contained in:
MaxHearnden 2024-09-10 05:57:49 +01:00
parent 1f272f9050
commit f3828e44db
7 changed files with 66 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

9
lib/generator.py
View file

@ -42,7 +42,7 @@ class Generator():
self.external_dir = os.path.join(self.target_dir, 'external') self.external_dir = os.path.join(self.target_dir, 'external')
self.distfiles() self.distfiles()
def prepare(self, target, using_kernel=False, kernel_bootstrap=False, target_size=0): def prepare(self, target, using_kernel=False, kernel_bootstrap=False, wrap=False, target_size=0):
""" """
Prepare basic media of live-bootstrap. Prepare basic media of live-bootstrap.
/steps -- contains steps to be built /steps -- contains steps to be built
@ -82,7 +82,7 @@ class Generator():
os.path.join(self.target_dir, 'kaem.x86')) os.path.join(self.target_dir, 'kaem.x86'))
else: else:
self.stage0_posix(kernel_bootstrap) self.stage0_posix(kernel_bootstrap)
self.seed() self.seed(wrap)
os.makedirs(self.external_dir) os.makedirs(self.external_dir)
@ -134,12 +134,15 @@ class Generator():
'kaem-optional-seed') 'kaem-optional-seed')
shutil.copy2(kaem_optional_seed, os.path.join(self.target_dir, 'init')) shutil.copy2(kaem_optional_seed, os.path.join(self.target_dir, 'init'))
def seed(self): def seed(self, wrap):
"""Copy in extra seed files""" """Copy in extra seed files"""
seed_dir = os.path.join(self.git_dir, 'seed') seed_dir = os.path.join(self.git_dir, 'seed')
for entry in os.listdir(seed_dir): for entry in os.listdir(seed_dir):
if os.path.isfile(os.path.join(seed_dir, entry)): if os.path.isfile(os.path.join(seed_dir, entry)):
shutil.copy2(os.path.join(seed_dir, entry), os.path.join(self.target_dir, entry)) shutil.copy2(os.path.join(seed_dir, entry), os.path.join(self.target_dir, entry))
if wrap:
shutil.copy2(os.path.join(seed_dir, 'after-wrap.kaem'), os.path.join(self.target_dir, 'after.kaem'))
shutil.copy2(os.path.join(seed_dir, 'after.kaem'), os.path.join(self.target_dir, 'after-wrapped.kaem'))
def distfiles(self): def distfiles(self):
"""Copy in distfiles""" """Copy in distfiles"""

19
rootfs.py
View file

@ -31,7 +31,7 @@ def create_configuration_file(args):
config.write(f"ARCH={args.arch}\n") config.write(f"ARCH={args.arch}\n")
config.write(f"ARCH_DIR={stage0_arch_map.get(args.arch, args.arch)}\n") config.write(f"ARCH_DIR={stage0_arch_map.get(args.arch, args.arch)}\n")
config.write(f"FORCE_TIMESTAMPS={args.force_timestamps}\n") config.write(f"FORCE_TIMESTAMPS={args.force_timestamps}\n")
config.write(f"CHROOT={args.chroot or args.bwrap}\n") config.write(f"CHROOT={args.chroot or args.bwrap or args.wrap}\n")
config.write(f"UPDATE_CHECKSUMS={args.update_checksums}\n") config.write(f"UPDATE_CHECKSUMS={args.update_checksums}\n")
config.write(f"JOBS={args.cores}\n") config.write(f"JOBS={args.cores}\n")
config.write(f"SWAP_SIZE={args.swap}\n") config.write(f"SWAP_SIZE={args.swap}\n")
@ -63,6 +63,8 @@ def main():
default="x86") default="x86")
parser.add_argument("-c", "--chroot", help="Run inside chroot", parser.add_argument("-c", "--chroot", help="Run inside chroot",
action="store_true") action="store_true")
parser.add_argument("-w", "--wrap", help="Run inside a minimal sandbox",
action="store_true")
parser.add_argument("-bw", "--bwrap", help="Run inside a bwrap sandbox", parser.add_argument("-bw", "--bwrap", help="Run inside a bwrap sandbox",
action="store_true") action="store_true")
parser.add_argument("-t", "--target", help="Target directory", parser.add_argument("-t", "--target", help="Target directory",
@ -127,15 +129,18 @@ def main():
count += 1 count += 1
if args.bwrap: if args.bwrap:
count += 1 count += 1
if args.wrap:
count += 1
if args.bare_metal: if args.bare_metal:
count += 1 count += 1
return count return count
if check_types() > 1: if check_types() > 1:
raise ValueError("No more than one of qemu, chroot, bwrap, bare metal" raise ValueError("No more than one of qemu, chroot, bwrap, wrap, bare "
"may be used.") "metal may be used.")
if check_types() == 0: if check_types() == 0:
raise ValueError("One of qemu, chroot, bwrap, or bare metal must be selected.") raise ValueError("One of qemu, chroot, bwrap, wrap, or bare metal must"
" be selected.")
# Arch validation # Arch validation
if args.arch != "x86": if args.arch != "x86":
@ -237,6 +242,12 @@ print(shutil.which('chroot'))
'--tmpfs', '/tmp', '--tmpfs', '/tmp',
init) init)
elif args.wrap:
generator.prepare(target, wrap = True)
arch = stage0_arch_map.get(args.arch, args.arch)
init = os.path.join('bootstrap-seeds', 'POSIX', arch, 'kaem-optional-seed')
run(init, cwd = generator.target_dir)
elif args.bare_metal: elif args.bare_metal:
if args.kernel: if args.kernel:
generator.prepare(target, using_kernel=True, target_size=size) generator.prepare(target, using_kernel=True, target_size=size)

19
seed/after-wrap.kaem Normal file
View file

@ -0,0 +1,19 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2024 Max Hearnden maxoscarhearnden@gmail.com
#
# SPDX-License-Identifier: GPL-3.0-or-later
set -ex
# detect wether we are in a rootfs.py environment
if ./${ARCH_DIR}/bin/catm steps/env-saved steps/env; then
./${ARCH_DIR}/bin/wrap /${ARCH_DIR}/bin/kaem --file after-wrapped.kaem
else
# leave seed/stage0-posix
cd ../..
ARCH_DIR=seed/stage0-posix/${ARCH_DIR}
./${ARCH_DIR}/bin/wrap /${ARCH_DIR}/bin/kaem --file seed/after.kaem
fi

15
seed/after.kaem
View file

@ -11,5 +11,18 @@ set -ex
PATH=/${ARCH_DIR}/bin PATH=/${ARCH_DIR}/bin
catm seed-full.kaem /steps/bootstrap.cfg /steps/env seed.kaem if catm seed-full.kaem /steps/bootstrap.cfg /steps/env seed.kaem; then
else
replace --file /steps/env --output /steps/env --match-on /external/distfiles --replace-with /distfiles
cp /seed/wrap-bootstrap.cfg /steps/bootstrap.cfg
catm seed-full.kaem /steps/bootstrap.cfg /steps/env /seed/seed.kaem
cp /seed/configurator.c configurator.c
cp /seed/configurator.${ARCH}.checksums configurator.${ARCH}.checksums
cp /seed/script-generator.c script-generator.c
cp /seed/script-generator.${ARCH}.checksums script-generator.${ARCH}.checksums
# placeholder value
FINAL_JOBS=1
fi
kaem --file seed-full.kaem kaem --file seed-full.kaem

7
seed/seed.kaem
View file

@ -64,7 +64,12 @@ MES_PKG=mes-0.27
MES_PREFIX=${SRCDIR}/${MES_PKG}/build/${MES_PKG} MES_PREFIX=${SRCDIR}/${MES_PKG}/build/${MES_PKG}
GUILE_LOAD_PATH=${MES_PREFIX}/mes/module:${MES_PREFIX}/module:${SRCDIR}/${MES_PKG}/build/${NYACC_PKG}/module GUILE_LOAD_PATH=${MES_PREFIX}/mes/module:${MES_PREFIX}/module:${SRCDIR}/${MES_PKG}/build/${NYACC_PKG}/module
M2-Mesoplanet --architecture ${ARCH} -f configurator.c -o configurator if M2-Mesoplanet --architecture ${ARCH} -f configurator.c -o configurator; then
else
# using lightweight wrapper
M2LIBC_PATH=/seed/stage0-posix/M2libc
M2-Mesoplanet --architecture ${ARCH} -f configurator.c -o configurator
fi
# Checksums # Checksums
if match x${UPDATE_CHECKSUMS} xTrue; then if match x${UPDATE_CHECKSUMS} xTrue; then
sha256sum -o configurator.${ARCH}.checksums configurator sha256sum -o configurator.${ARCH}.checksums configurator

5
seed/wrap-bootstrap.cfg Normal file
View file

@ -0,0 +1,5 @@
CHROOT=True
DISK=sda1
KERNEL_BOOTSTRAP=False
BUILD_KERNELS=False
JOBS=${FINAL_JOBS}

2
steps/improve/setup_repo.sh
View file

@ -6,4 +6,4 @@
# #
mkdir -p /external/repo mkdir -p /external/repo
tar -cf - --exclude='/external/repo/*' --exclude='/external/repo-preseeded/*' --exclude='/external/distfiles/*' --exclude='/dev/*' --exclude='/proc/*' --exclude='/sys/*' --exclude='/tmp/*' / | bzip2 --best > /external/repo/base.tar.bz2 tar -cf - --exclude='/external/repo/*' --exclude='/external/repo-preseeded/*' --exclude='/external/distfiles/*' --exclude='/distfiles/*' --exclude='/dev/*' --exclude='/proc/*' --exclude='/sys/*' --exclude='/tmp/*' / | bzip2 --best > /external/repo/base.tar.bz2