aboutsummaryrefslogtreecommitdiff
path: root/bootstrap
diff options
context:
space:
mode:
authorBoris Kolpackov <boris@codesynthesis.com>2020-07-30 07:21:08 +0200
committerBoris Kolpackov <boris@codesynthesis.com>2020-07-30 07:21:08 +0200
commit9014df79b77b131eb45914c0cd5551d18b612045 (patch)
tree54d4aa428615e36d9377cd3f5902b1680cbfea4f /bootstrap
parent5845b11792e48c7841b6c0f43f453de57652c255 (diff)
Upgrade to latest Debian testing
One notable change is the switch from ntp to systemd-timesyncd. systemd/udev 245.6-2 qemu-system-x86 5.0-13 linux-image-amd64 5.7.6 g++ 9.3.0-15 initramfs-tools 0.137 debootstrap 1.0.123 Sizes (previous): buildos-image 5572672 (5466496) buildos-initrd 316454368 (307985422)
Diffstat (limited to 'bootstrap')
-rwxr-xr-xbootstrap58
1 files changed, 39 insertions, 19 deletions
diff --git a/bootstrap b/bootstrap
index 7aec0f9..dc00947 100755
--- a/bootstrap
+++ b/bootstrap
@@ -45,19 +45,19 @@ root="$btrfs/$id/buildos"
#
release="testing"
components="main,contrib,non-free"
-mirror="http://deb.debian.org/debian/"
-#mirror="https://deb.debian.org/debian/"
+mirror="http://http.us.debian.org/debian/"
+#mirror="https://http.us.debian.org/debian/"
base_pkgs="locales,klibc-utils,sudo,systemd-container,udev"
base_pkgs+=",kmod,linux-base,firmware-linux-free,irqbalance"
base_pkgs+=",intel-microcode,amd64-microcode"
base_pkgs+=",pciutils,usbutils,dmidecode,cpuid"
base_pkgs+=",hdparm,btrfs-progs"
-base_pkgs+=",lm-sensors,smartmontools"
+base_pkgs+=",lm-sensors,smartmontools,linux-cpupower"
base_pkgs+=",psmisc"
base_pkgs+=",net-tools,iproute2,iptables,isc-dhcp-client"
-base_pkgs+=",ifupdown,bridge-utils,dnsmasq,ntp,postfix"
+base_pkgs+=",ifupdown,bridge-utils,dnsmasq,postfix"
base_pkgs+=",iputils-ping,wget,curl,ca-certificates"
base_pkgs+=",openssh-client,openssh-server"
base_pkgs+=",tftp-hpa,tftpd-hpa"
@@ -65,11 +65,11 @@ base_pkgs+=",tftp-hpa,tftpd-hpa"
base_pkgs+=",bzip2,xz-utils"
base_pkgs+=",less,nano,time"
-base_pkgs+=",qemu-kvm,qemu-utils,socat"
+base_pkgs+=",qemu-system-x86,qemu-utils,socat"
-base_pkgs+=",g++,make,pkg-config"
+base_pkgs+=",g++,make"
-extra_pkgs="linux-cpupower"
+extra_pkgs=""
owd="$(pwd)"
trap "{ cd '$owd'; exit 1; }" ERR
@@ -154,14 +154,28 @@ function nspawn () # <root> <systemd-nspawn-args>
local r="$1"
shift
+ # systemd-nspawn appears to carry over the root directory owner into the
+ # container which then causes other issues (Debian bug#950684).
+ #
+ # @@ Looking around didn't reveal any way (e.g., an option) to fix this.
+ # Perhaps newer systemd-nspawn does the right thing automatically?
+ #
+ ug="$(stat --format="%G:%U" "$r")"
+ sudo chown root:root "$r"
+
sudo systemd-nspawn --register=no -D "$r" "$@"
- # systemd-nspawn may create the /var/lib/machines subvolume which prevents
- # the deletion of the containing submodule. So we clean it up.
+ sudo chown "$ug" "$r"
+
+ # systemd-nspawn may create the /var/lib/{machines,portables} subvolumes
+ # which prevents the deletion of the containing submodule. So we clean'em
+ # up.
#
- if sudo btrfs subvol show "$r/var/lib/machines" 1>/dev/null 2>&1; then
- sudo btrfs subvol delete "$r/var/lib/machines"
- fi
+ for s in /var/lib/machines /var/lib/portables; do
+ if sudo btrfs subvol show "$r$s" 1>/dev/null 2>&1; then
+ sudo btrfs subvol delete "$r$s"
+ fi
+ done
}
# (Over)write or append to a file in the installation root, for example:
@@ -234,7 +248,7 @@ trap "exit 1" ERR
set -x
# Hack around systemd bug#79306 (changes /etc/localtime) by removing it now
-# and making readonly below.
+# and making readonly below. @@ See --timezone systemd-nspawn option?
#
rm /etc/localtime
@@ -354,9 +368,8 @@ EOF
# Create the kernel build snapshot, write the script that does the build
# from within the installation and boot it up via systemd-nspawn --boot.
#
- # Add this line before shutdown if need to debug/check things.
- #
- # setsid /bin/bash -c "exec /bin/bash -i <>/dev/console 1>&0 2>&1"
+ # Add `bash` before shutdown if need to debug/check things. But note that it
+ # does not work well with `... | tee bootstrap.log`!
#
subvol_delete "$root-3-kernel"
subvol_snapshot "$root" "$root-3-kernel"
@@ -375,6 +388,7 @@ apt-get install -y build-essential linux-source
apt-get install -y bison flex
apt-get install -y libelf-dev
apt-get install -y libssl-dev
+apt-get install -y rsync
cd /usr/src
tar xf linux-source-*
mv linux-source-*/ linux
@@ -383,14 +397,20 @@ cd linux
# Adjust configuration.
#
-echo 'CONFIG_SYSTEM_TRUSTED_KEYS=""' >>.config
-echo 'CONFIG_BUILD_SALT=""' >>.config
-echo 'CONFIG_MODULE_SIG=n' >>.config
+# Note that SECURITY_LOCKDOWN_LSM forces MODULE_SIG ('selects' in Kconfig).
+#
+scripts/config --disable SECURITY_LOCKDOWN_LSM
+scripts/config --disable MODULE_SIG
+scripts/config --set-str BUILD_SALT ''
+scripts/config --set-str SYSTEM_TRUSTED_KEYS ''
# Adjust kernel command line size limit.
#
sed -i -re 's/^(#define COMMAND_LINE_SIZE ).+\$/\1 4096/' arch/x86/include/asm/setup.h
+
+#bash
make oldconfig
+
scripts/config --disable DEBUG_INFO
make clean