diff options
author | Boris Kolpackov <boris@codesynthesis.com> | 2020-07-30 07:21:08 +0200 |
---|---|---|
committer | Boris Kolpackov <boris@codesynthesis.com> | 2020-07-30 07:21:08 +0200 |
commit | 9014df79b77b131eb45914c0cd5551d18b612045 (patch) | |
tree | 54d4aa428615e36d9377cd3f5902b1680cbfea4f /bootstrap | |
parent | 5845b11792e48c7841b6c0f43f453de57652c255 (diff) |
Upgrade to latest Debian testing
One notable change is the switch from ntp to systemd-timesyncd.
systemd/udev 245.6-2
qemu-system-x86 5.0-13
linux-image-amd64 5.7.6
g++ 9.3.0-15
initramfs-tools 0.137
debootstrap 1.0.123
Sizes (previous):
buildos-image 5572672 (5466496)
buildos-initrd 316454368 (307985422)
Diffstat (limited to 'bootstrap')
-rwxr-xr-x | bootstrap | 58 |
1 files changed, 39 insertions, 19 deletions
@@ -45,19 +45,19 @@ root="$btrfs/$id/buildos" # release="testing" components="main,contrib,non-free" -mirror="http://deb.debian.org/debian/" -#mirror="https://deb.debian.org/debian/" +mirror="http://http.us.debian.org/debian/" +#mirror="https://http.us.debian.org/debian/" base_pkgs="locales,klibc-utils,sudo,systemd-container,udev" base_pkgs+=",kmod,linux-base,firmware-linux-free,irqbalance" base_pkgs+=",intel-microcode,amd64-microcode" base_pkgs+=",pciutils,usbutils,dmidecode,cpuid" base_pkgs+=",hdparm,btrfs-progs" -base_pkgs+=",lm-sensors,smartmontools" +base_pkgs+=",lm-sensors,smartmontools,linux-cpupower" base_pkgs+=",psmisc" base_pkgs+=",net-tools,iproute2,iptables,isc-dhcp-client" -base_pkgs+=",ifupdown,bridge-utils,dnsmasq,ntp,postfix" +base_pkgs+=",ifupdown,bridge-utils,dnsmasq,postfix" base_pkgs+=",iputils-ping,wget,curl,ca-certificates" base_pkgs+=",openssh-client,openssh-server" base_pkgs+=",tftp-hpa,tftpd-hpa" @@ -65,11 +65,11 @@ base_pkgs+=",tftp-hpa,tftpd-hpa" base_pkgs+=",bzip2,xz-utils" base_pkgs+=",less,nano,time" -base_pkgs+=",qemu-kvm,qemu-utils,socat" +base_pkgs+=",qemu-system-x86,qemu-utils,socat" -base_pkgs+=",g++,make,pkg-config" +base_pkgs+=",g++,make" -extra_pkgs="linux-cpupower" +extra_pkgs="" owd="$(pwd)" trap "{ cd '$owd'; exit 1; }" ERR @@ -154,14 +154,28 @@ function nspawn () # <root> <systemd-nspawn-args> local r="$1" shift + # systemd-nspawn appears to carry over the root directory owner into the + # container which then causes other issues (Debian bug#950684). + # + # @@ Looking around didn't reveal any way (e.g., an option) to fix this. + # Perhaps newer systemd-nspawn does the right thing automatically? + # + ug="$(stat --format="%G:%U" "$r")" + sudo chown root:root "$r" + sudo systemd-nspawn --register=no -D "$r" "$@" - # systemd-nspawn may create the /var/lib/machines subvolume which prevents - # the deletion of the containing submodule. So we clean it up. + sudo chown "$ug" "$r" + + # systemd-nspawn may create the /var/lib/{machines,portables} subvolumes + # which prevents the deletion of the containing submodule. So we clean'em + # up. # - if sudo btrfs subvol show "$r/var/lib/machines" 1>/dev/null 2>&1; then - sudo btrfs subvol delete "$r/var/lib/machines" - fi + for s in /var/lib/machines /var/lib/portables; do + if sudo btrfs subvol show "$r$s" 1>/dev/null 2>&1; then + sudo btrfs subvol delete "$r$s" + fi + done } # (Over)write or append to a file in the installation root, for example: @@ -234,7 +248,7 @@ trap "exit 1" ERR set -x # Hack around systemd bug#79306 (changes /etc/localtime) by removing it now -# and making readonly below. +# and making readonly below. @@ See --timezone systemd-nspawn option? # rm /etc/localtime @@ -354,9 +368,8 @@ EOF # Create the kernel build snapshot, write the script that does the build # from within the installation and boot it up via systemd-nspawn --boot. # - # Add this line before shutdown if need to debug/check things. - # - # setsid /bin/bash -c "exec /bin/bash -i <>/dev/console 1>&0 2>&1" + # Add `bash` before shutdown if need to debug/check things. But note that it + # does not work well with `... | tee bootstrap.log`! # subvol_delete "$root-3-kernel" subvol_snapshot "$root" "$root-3-kernel" @@ -375,6 +388,7 @@ apt-get install -y build-essential linux-source apt-get install -y bison flex apt-get install -y libelf-dev apt-get install -y libssl-dev +apt-get install -y rsync cd /usr/src tar xf linux-source-* mv linux-source-*/ linux @@ -383,14 +397,20 @@ cd linux # Adjust configuration. # -echo 'CONFIG_SYSTEM_TRUSTED_KEYS=""' >>.config -echo 'CONFIG_BUILD_SALT=""' >>.config -echo 'CONFIG_MODULE_SIG=n' >>.config +# Note that SECURITY_LOCKDOWN_LSM forces MODULE_SIG ('selects' in Kconfig). +# +scripts/config --disable SECURITY_LOCKDOWN_LSM +scripts/config --disable MODULE_SIG +scripts/config --set-str BUILD_SALT '' +scripts/config --set-str SYSTEM_TRUSTED_KEYS '' # Adjust kernel command line size limit. # sed -i -re 's/^(#define COMMAND_LINE_SIZE ).+\$/\1 4096/' arch/x86/include/asm/setup.h + +#bash make oldconfig + scripts/config --disable DEBUG_INFO make clean |