aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xbootstrap2
-rwxr-xr-xbuildos7
-rw-r--r--buildos.service2
-rw-r--r--doc/manual.cli16
-rwxr-xr-xinit4
5 files changed, 24 insertions, 7 deletions
diff --git a/bootstrap b/bootstrap
index cfbf59a..3805a04 100755
--- a/bootstrap
+++ b/bootstrap
@@ -321,7 +321,7 @@ EOF
#
write <<EOF /usr/lib/systemd/system/buildos-setup.service
[Unit]
-Description=Build OS Setup
+Description=build os setup
After=default.target
Conflicts=console-getty.service
diff --git a/buildos b/buildos
index bb7434e..2e484a2 100755
--- a/buildos
+++ b/buildos
@@ -531,6 +531,8 @@ function toolchain_fetch () # <toolchain-prefix> <line>
# Make the link.
#
+ # Note that the target must be just the file for TFTP chroot to work.
+ #
ln -s "$f" "$tr/$l"
}
@@ -559,6 +561,11 @@ function toolchain_bootstrap () # <toolchain-name>
local tv="$(toolchain_value "$tp" toolchain_ver)" # Should be set by fetch().
local tt="$(toolchain_value "$tp" toolchain_trust)"
+ # Save the repository certificate fingerprint into the trust file (used
+ # by machine bootstrap).
+ #
+ echo "$tt" >"$tr/trust"
+
# Bootstrap in /tmp/toolchain/$tn/, install to /build/toolchain/$tn/.
#
local wd="/tmp/toolchain/$tn"
diff --git a/buildos.service b/buildos.service
index b1aedf1..d4b1950 100644
--- a/buildos.service
+++ b/buildos.service
@@ -1,5 +1,5 @@
[Unit]
-Description=Build OS Monitor
+Description=build os monitor
After=default.target
Conflicts=getty@tty1.service
diff --git a/doc/manual.cli b/doc/manual.cli
index 3abd639..7284c6a 100644
--- a/doc/manual.cli
+++ b/doc/manual.cli
@@ -36,7 +36,9 @@ mode} and receive \i{build tasks} from their respective agents.
Build OS root filesystem (\c{rootfs}) resides entirely in RAM with all changes
(such as installation of the \c{build2} toolchain} discarded on the next
reboot. A small amount of persistent (but not precious) state is stored in
-\c{/state} (see \l{#config-storage-state State}).
+\c{/state} (see \l{#config-storage-state State}). A minimum of 4G of RAM
+is required for Build OS itself (that is, excluding any virtual machines
+and containers).
After booting the kernel, the Build OS execution starts with a custom \c{init}
script which performs low-level configuration and setup and then hands off the
@@ -339,10 +341,18 @@ e723[...]c305 *0.4.0/build2-mingw-0.4.0-x86_64-windows.tar.xz
Based on the checksums file the monitor downloads each file into
\c{/build/tftp/toolchain/<name>/} (the file path is taken as relative to
\c{toolchain_url}), verifies their checksums, and creates \i{predictable name}
-symlinks (names without the version). Continuing with the above example, the
-contents of \c{/build/tftp/toolchain/default/} would be:
+symlinks (names without the version). It also creates the \c{version} which
+contains the toolchain version and the \c{trust} file which contains the
+value of the \c{buildos.toolchain_trust} parameter or the special \c{\"no\"}
+value if none were specified.
+
+Continuing with the above example, the contents of
+\c{/build/tftp/toolchain/default/} would be:
\
+version
+trust
+
build2-toolchain-0.4.0.tar.xz
build2-baseutils-0.4.0-x86_64-windows.zip
build2-mingw-0.4.0-x86_64-windows.tar.xz
diff --git a/init b/init
index 18a6b0b..35838e5 100755
--- a/init
+++ b/init
@@ -32,7 +32,7 @@ export PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/lib/klibc/bin/
# One would expect rootflags=size=Xg to work but it doesn't (perhaps init
# is expected to interpret it)?
#
-mount -o remount,size=1536M /
+mount -o remount,size=2G /
mkdir -p /sys /proc
mount -t sysfs -o nodev,noexec,nosuid sysfs /sys
@@ -379,7 +379,7 @@ fi
# compromized VMs will be able to upload to.
#
mkdir -p /build/tftp
-o="nodev,noexec,nosuid,size=200M"
+o="nodev,noexec,nosuid,size=512M"
o+=",mode=0755,uid=$(id -u build),gid=$(id -g build)"
echo "tmpfs /build/tftp tmpfs $o 0 0" >>$fstab