From b64d76b60df2cefe3b68d69b2a1b77b681087055 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 14 Apr 2025 15:35:03 -0700 Subject: [PATCH] wip --- Containerfile | 240 ++++++++++++------ Makefile | 5 +- rootfs/.gnupg/gpg.conf | 1 - src/guest/config/syslinux.cfg | 8 + .../rootfs/etc/git/base-hooks/post-receive | 6 + .../rootfs/etc/git/base-hooks/pre-receive | 2 + src/guest/rootfs/etc/git/base-hooks/update | 3 + src/guest/rootfs/etc/group | 47 ++++ src/guest/rootfs/etc/hosts | 4 + src/guest/rootfs/etc/init.d/S01syslogd | 55 ++++ src/guest/rootfs/etc/init.d/S02klogd | 55 ++++ .../guest/rootfs}/etc/init.d/S02sysctl | 0 .../guest/rootfs}/etc/init.d/S03keymap | 0 .../guest/rootfs}/etc/init.d/S10udev | 0 .../guest/rootfs}/etc/init.d/S20urandom | 0 {rootfs => src/guest/rootfs}/etc/init.d/rcK | 0 {rootfs => src/guest/rootfs}/etc/init.d/rcS | 0 src/guest/rootfs/etc/inittab | 54 ++++ {rootfs => src/guest/rootfs}/etc/modules | 0 src/guest/rootfs/etc/passwd | 4 + src/guest/rootfs/etc/profile | 5 + src/guest/rootfs/etc/resolv.conf | 2 + {rootfs => src/guest/rootfs}/init | 0 {config => src/host/config}/grub.cfg | 0 {config => src/host/config}/grub_early.cfg | 0 {config => src/host/config}/syslinux.cfg | 0 .../host/rootfs}/etc/init.d/S01syslogd | 0 .../host/rootfs}/etc/init.d/S02klogd | 0 .../host/rootfs}/etc/init.d/S02modules | 0 src/host/rootfs/etc/init.d/S02sysctl | 94 +++++++ src/host/rootfs/etc/init.d/S03keymap | 22 ++ .../rootfs}/etc/init.d/S04cbfs-key-import | 0 src/host/rootfs/etc/init.d/S10udev | 24 ++ .../host/rootfs}/etc/init.d/S12pcscd | 0 src/host/rootfs/etc/init.d/S20urandom | 70 +++++ src/host/rootfs/etc/init.d/rcK | 27 ++ src/host/rootfs/etc/init.d/rcS | 27 ++ {rootfs => src/host/rootfs}/etc/inittab | 0 src/host/rootfs/etc/modules | 1 + {rootfs => src/host/rootfs}/etc/profile | 0 src/host/rootfs/init | 2 + .../usr/lib/udev/rules.d/sdcard-autorun.rules | 0 .../host/rootfs}/usr/local/bin/autorun | 0 43 files changed, 681 insertions(+), 77 deletions(-) delete mode 100644 rootfs/.gnupg/gpg.conf create mode 100644 src/guest/config/syslinux.cfg create mode 100755 src/guest/rootfs/etc/git/base-hooks/post-receive create mode 100755 src/guest/rootfs/etc/git/base-hooks/pre-receive create mode 100755 src/guest/rootfs/etc/git/base-hooks/update create mode 100644 src/guest/rootfs/etc/group create mode 100644 src/guest/rootfs/etc/hosts create mode 100755 src/guest/rootfs/etc/init.d/S01syslogd create mode 100755 src/guest/rootfs/etc/init.d/S02klogd rename {rootfs => src/guest/rootfs}/etc/init.d/S02sysctl (100%) rename {rootfs => src/guest/rootfs}/etc/init.d/S03keymap (100%) rename {rootfs => src/guest/rootfs}/etc/init.d/S10udev (100%) rename {rootfs => src/guest/rootfs}/etc/init.d/S20urandom (100%) rename {rootfs => src/guest/rootfs}/etc/init.d/rcK (100%) rename {rootfs => src/guest/rootfs}/etc/init.d/rcS (100%) create mode 100644 src/guest/rootfs/etc/inittab rename {rootfs => src/guest/rootfs}/etc/modules (100%) create mode 100644 src/guest/rootfs/etc/passwd create mode 100644 src/guest/rootfs/etc/profile create mode 100644 src/guest/rootfs/etc/resolv.conf rename {rootfs => src/guest/rootfs}/init (100%) rename {config => src/host/config}/grub.cfg (100%) rename {config => src/host/config}/grub_early.cfg (100%) rename {config => src/host/config}/syslinux.cfg (100%) rename {rootfs => src/host/rootfs}/etc/init.d/S01syslogd (100%) rename {rootfs => src/host/rootfs}/etc/init.d/S02klogd (100%) rename {rootfs => src/host/rootfs}/etc/init.d/S02modules (100%) create mode 100755 src/host/rootfs/etc/init.d/S02sysctl create mode 100755 src/host/rootfs/etc/init.d/S03keymap rename {rootfs => src/host/rootfs}/etc/init.d/S04cbfs-key-import (100%) create mode 100755 src/host/rootfs/etc/init.d/S10udev rename {rootfs => src/host/rootfs}/etc/init.d/S12pcscd (100%) create mode 100755 src/host/rootfs/etc/init.d/S20urandom create mode 100755 src/host/rootfs/etc/init.d/rcK create mode 100755 src/host/rootfs/etc/init.d/rcS rename {rootfs => src/host/rootfs}/etc/inittab (100%) create mode 100644 src/host/rootfs/etc/modules rename {rootfs => src/host/rootfs}/etc/profile (100%) create mode 100755 src/host/rootfs/init rename {rootfs => src/host/rootfs}/usr/lib/udev/rules.d/sdcard-autorun.rules (100%) rename {rootfs => src/host/rootfs}/usr/local/bin/autorun (100%) diff --git a/Containerfile b/Containerfile index 58d7458..94ce920 100644 --- a/Containerfile +++ b/Containerfile @@ -1,65 +1,74 @@ -FROM stagex/user-alsa-lib:sx2025.02.0@sha256:5e29d15860ea2f01b7b4a614d2ffbc6bb41b87b8892138a93b4adca206105593 AS user-alsa-lib -FROM stagex/core-bash:sx2025.02.0@sha256:ae98e66f8623629151d79fd2b574442778b50bd37511dea8da4237d4c18ce04c AS core-bash -FROM stagex/core-bc:sx2025.02.0@sha256:8f0a8d3e86a2221f5179a1817f482013dbc5b5f8f985c1a3404a6f3975c5eda9 AS core-bc -FROM stagex/core-busybox:sx2025.02.0@sha256:01b31cc07543733fbf6889e596427af943aba2780bc2f514a3d30bb290da7e2a AS core-busybox -FROM stagex/user-ccid:sx2025.02.0@sha256:a2ab2199974a60fc711e881e8cda43007bd39482213fd9fa50c9580e027d6fa8 AS user-ccid -FROM stagex/user-cpio:sx2025.02.0@sha256:d8837d12a89ef7e35c72115a7919224a3246a2e17a685b684628cc03957726ac AS user-cpio -FROM stagex/core-curl:sx2025.02.0@sha256:b65975066d7b2256c51601749d947fa54ce9a23d4f2b46f4de7daf6f11f9730f AS core-curl -FROM stagex/user-dtc:sx2025.02.0@sha256:39231aa3e2ca4e3ac46aa7faea4e7aee5733f425c35ae5ca83e54ce5b3629f89 AS user-dtc -FROM stagex/user-eudev:sx2025.02.0@sha256:292ece79a82c2d2dc422d44a0d4e65dd6dde0304566a40f286e8e2ff62b59c52 AS user-eudev -FROM stagex/user-flashtools:sx2025.02.0@sha256:1d3aa7c7e6f061e2f738b9bf01d9584786c9b96ae5f0e84d302278ae687a58cc AS user-flashtools -FROM stagex/core-gcc:sx2025.02.0@sha256:02896413375c15cbff666fbab7c534caefc8936d53e167a6ea457a05c27e8096 AS core-gcc -FROM stagex/user-glib:sx2025.02.0@sha256:b7e6e23e3d95b95f1e9183f3571bba21ebc2304c3ce5b545962651d29706f901 AS user-glib -FROM stagex/core-gmp:sx2025.02.0@sha256:dfff470ef36b4383854435429fc5896b8e4f953fe7d0ec3ccff5422a651d0115 AS core-gmp -FROM stagex/user-gpg:sx2025.02.0@sha256:df188d540aa18e8b9684941bff9a591270765141f0ad5a87a0e1d7cd9961da7a AS user-gpg -FROM stagex/user-grub:sx2025.02.0@sha256:f2a574d88520fbc37ac233e3380d6cc89ce969e0abd36626fb04179355cf1d92 AS user-grub -FROM stagex/user-icepick:sx2025.02.0@sha256:1d26fbf252a2ae7469b3dc4358fe11e17a54403ab184b58283798566c7f5972f AS user-icepick -FROM stagex/user-ipxe:sx2025.02.0@sha256:bac91399972e5a12b534ee92ac6be103a9d28758c609926f168924eb9a175e4b AS user-ipxe -FROM stagex/user-jq:sx2025.02.0@sha256:c6b5baceb4c171859d7a75c2919f12558fee7951db3fd87dae76076ac9d85fda AS user-jq -FROM stagex/user-keyfork:sx2025.02.0@sha256:fbd40df303d57d7bc6209a7f59a64ec8ddddb2c607564591cdbae5b2acf70d2c AS user-keyfork -FROM stagex/user-libaio:sx2025.02.0@sha256:6ec20e9f3a77c555a6bfcecd5b3461740fc6d3faa9a0f81b97ca3606819ef26b AS user-libaio -FROM stagex/user-libassuan:sx2025.02.0@sha256:3aa891c65990114ba697d1bcf90c51515947daf932ce96d8861658391206c8c7 AS user-libassuan -FROM stagex/core-libffi:sx2025.02.0@sha256:8b22d8fa8aa4da590fcc7257aba1b6a2eb74598f5f60a95900050bf00ce470ac AS core-libffi -FROM stagex/user-libgcrypt:sx2025.02.0@sha256:2281a0b1093d2bc60f4208f3a34f7e01440c3dac31f122ed9b42a2417d4085c8 AS user-libgcrypt -FROM stagex/user-libgpg-error:sx2025.02.0@sha256:902cfc4a40cc69e003dec008f4bbf86338f5984847d11f0d422f06a797e656b4 AS user-libgpg-error -FROM stagex/user-libksba:sx2025.02.0@sha256:e6b7bd3a005a881b545b6b4066dc6392d741e1f062718428f9115db1a1edf23a AS user-libksba -FROM stagex/user-libqrencode:sx2025.02.0@sha256:e6ed8097b670b0ea79018a50efc0cdde3968a2165b9ff3b7b96af92fc8a43b45 AS user-libqrencode -FROM stagex/user-libseccomp:sx2025.02.0@sha256:632684b54847814367247b8d1247832fa56bb0dd8300495c342b0585cca47c10 AS user-libseccomp -FROM stagex/user-libslirp:sx2025.02.0@sha256:29d98f357f98f91e634659b945ccbe834d37f4c9c7e243aeb8d47ed438df741d AS user-libslirp -FROM stagex/user-libtpms:sx2025.02.0@sha256:09b410b27db7e3adbf61019fbdb6bb09fad597cb32de37f869b2f157332c771b AS user-libtpms -FROM stagex/core-libunwind:sx2025.02.0@sha256:99e2574ace4f7dfa3d8bfc93ab69e1fd5f559924a80f5372b74ed868299e7131 AS core-libunwind -FROM stagex/user-libusb:sx2025.02.0@sha256:b78ca9194fdb8dfb7b7177d16a156fac21e6c9822a0c35a17841400bc1a27f68 AS user-libusb -FROM stagex/user-libzbar:sx2025.02.0@sha256:44ad89a661bc395d6b49d89a0367846f7bee40b198780777c5c7b1b3c0d49a0e AS user-libzbar -FROM stagex/core-libzstd:sx2025.02.0@sha256:23cd975a27e218c5398efd17e1f8c491d31969ab674d3468dbf8b75ba40611ad AS core-libzstd -FROM stagex/user-linux-airgap:sx2025.02.0@sha256:a2dbeace3ce085ba487e88b3968fea1ec29ce392f691d28c4b183e1ed9c0df4d AS user-linux-airgap -FROM stagex/user-lzo:sx2025.02.0@sha256:b71c2944073f3fbc1fe543b9e4dfc4f59ec013a763a6209ded77b8f8bd0a33b4 AS user-lzo -FROM stagex/user-mtools:sx2025.02.0@sha256:ea76e5f82f9833274a4438e9706779afd9b1c0b197c984c9d54c9887163ffb42 AS user-mtools -FROM stagex/core-musl:sx2025.02.0@sha256:23d0614f60449015add2369959c89a6ea08e208302773b9a0811ce1195afc3a4 AS core-musl -FROM stagex/user-nettle:sx2025.02.0@sha256:ec81bb00c990ceee3047632216387d350d1e753cc2a150f3d12c27872832c9ff AS user-nettle -FROM stagex/user-npth:sx2025.02.0@sha256:82462e0c12a8d3e3196ea8b3a647e75efd6d1cc0a84b091a0bb844e0c623d9be AS user-npth -FROM stagex/user-numactl:sx2025.02.0@sha256:b89612d78567874127522af2c73d5d0a7d5fffbb37bf4b2193affa679d7f367c AS user-numactl -FROM stagex/user-openpgp-card-tools:sx2025.02.0@sha256:77d9f2d949548c22badbf29ff8e43a3329ef568c77c66ddbde8d9e2e2dfecb1b AS user-openpgp-card-tools -FROM stagex/user-opensc:sx2025.02.0@sha256:985c0ea0d7ca91b0ed3b2f72c736b75f6d8a392e826f62859f2056a7222f7b75 AS user-opensc -FROM stagex/core-openssl:sx2025.02.0@sha256:b3371fba4b4c61ddd02d97e81d0406d122a552a59f474d23822b099874690af0 AS core-openssl -FROM stagex/user-pcsc-lite:sx2025.02.0@sha256:825708912c41d93dd38230f6f481f5876acb5b2959461504bdaa02a942f8c7b4 AS user-pcsc-lite -FROM stagex/user-pcsc-tools:sx2025.02.0@sha256:dc609b2eb7ba44f877b481633baa86873e99739573f81fe10d5485eb5a1b4f9d AS user-pcsc-tools -FROM stagex/user-qemu:sx2025.02.0@sha256:47653f32fb5874d91969a4b206e8f46f26f056dc2adfc88758d57208a6659b03 AS user-qemu -FROM stagex/user-canokey-qemu:sx2025.02.0@sha256:aba3be44d4b0da2f4ee52fdc2e2cd5b4f6dd05162323015745d2fd194d3074a7 AS user-canokey-qemu -FROM stagex/user-sdtool:sx2025.02.0@sha256:7543bbfdc39efd94820484ffdc984ec16aac29523d0533c19887d907828e7a9a AS user-sdtool -FROM stagex/user-seabios:sx2025.02.0@sha256:03eeb1344ad5f94dccdedbb3379906b272b62e246972e9334011746c79f234cf AS user-seabios -FROM stagex/user-sops:sx2025.02.0@sha256:dba1b3e27b0700d5160c470e2225cfe0734fe25dd1c1aef187d69e31cbb1f35e AS user-sops -FROM stagex/core-zlib:sx2025.02.0@sha256:15860e0789afa0f3ed1bd4e9d771ecb34fbab399064f6aa69c05e71cb8822156 AS core-zlib -FROM stagex/user-sequoia-sq:sx2025.02.0@sha256:48b9a0f425604f46a0587e6dcbf81576f32145363dcfbdb86a9c46af659996a6 AS user-sequoia-sq -FROM stagex/user-sequoia-sq-wot:sx2025.02.0@sha256:aeedcfbe20ff38937a0157fa2047a831f187a53deb319d8bee7848cf52b0cd5f AS user-sequoia-sq-wot -FROM stagex/core-sqlite3:sx2025.02.0@sha256:ca0e3274fbd2cdfcb418088f7147e865abe025a1cec043c1bade0f4b99185296 AS core-sqlite3 -FROM stagex/user-swtpm:sx2025.02.0@sha256:a13468396caeba89123a414500364967ac90af9541bf01b84821db487d7c7cc9 AS user-swtpm -FROM stagex/user-syslinux:sx2025.02.0@sha256:b5e74e7384e6b1f21641296e5188073b65761724a91ae55ecaba9b7164de8c3a AS user-syslinux -FROM stagex/user-tpm2-tools:sx2025.02.0@sha256:bf5d0c4b62dda736043843a5c59d1ed7c7aaf5e50cbcdb3976025e03384eb709 AS user-tpm2-tools -FROM stagex/user-tpm2-tss:sx2025.02.0@sha256:816caefc95cadd4b0eaeccd0c2ee45a6093ff49ca8fa49dd3970284629523fd7 AS user-tpm2-tss -FROM stagex/user-util-linux:sx2025.02.0@sha256:bf03b1aaa92a3877f2d2a35d2c27cf453f95545bc7c355b7d4971b58eddbf7a3 AS user-util-linux -FROM stagex/user-xorriso:sx2025.02.0@sha256:f3b9f1eebdbc6f2e62a9d4345abb87ea81219fc4afdbdc0412a8a2110282a1a1 AS user-xorriso -FROM stagex/core-xz:sx2025.02.0@sha256:34824f16967f6bd8ecf24c320e36dfc9cd58d5746d3c524e1b896ebdf5a2e760 AS core-xz -FROM stagex/user-yq:sx2025.02.0@sha256:e817e39f34a7417fd151b4fb9d0d21e21242fe8dc19c0e248677426f2e478cce AS user-yq +FROM stagex/user-alsa-lib@sha256:eeaee84f8012865bb33d68287bccfddc6fd04e9082687b8c31008dd07b8e07b8 AS user-alsa-lib +FROM stagex/core-bash@sha256:ae47fcd4247bef0ca4af762a76cb8871a5c868472cab67eed829a55364a8f1fa AS core-bash +FROM stagex/core-bc@sha256:03e1c729223e9d45f087660f65034b4f6fac91aefb94fb7ccbc85d1ab7e88c1d AS core-bc +FROM stagex/core-busybox@sha256:cac5d773db1c69b832d022c469ccf5f52daf223b91166e6866d42d6983a3b374 AS core-busybox +FROM stagex/user-ccid@sha256:313259fb6b059179ff69f4189c57d98b8d468ebf17f14c6f431d7001c8801e1c AS user-ccid +FROM stagex/user-cpio@sha256:2695e1b42f93ec3ea0545e270f0fda4adca3cb48d0526da01954efae1bce95c4 AS user-cpio +FROM stagex/core-curl@sha256:63a5963a4e7852b5482824953d18ea73c7d192fed654eb1236f8b97a6f67cbcc AS core-curl +FROM stagex/user-dtc@sha256:3877063ca1068d48e0b92fcdf5083b707e009e96a6db4bd3536924c9f440cb08 AS user-dtc +FROM stagex/user-eudev@sha256:709f6f949e93a3a91770b7323fd87eec52714677e4bed88954cadd60506cbce3 AS user-eudev +FROM stagex/user-flashtools@sha256:f3524d889e9476acbe268b289a3e43f5766da9d3d999009b0bb8e6bddcd9dc5c AS user-flashtools +FROM stagex/core-gcc@sha256:125bd6306e7f37e57d377d5a189c0e499388aff42b22cc79acee6097357c617f AS core-gcc +FROM stagex/user-glib@sha256:41fb9409b0bea2421feaee788c88efcf2778f2008634dde00b50f2b6afd2ed11 AS user-glib +FROM stagex/core-gmp@sha256:4387f9389ef656ef2305719ac1dbcc3d92631deb816da4c7101c0bdc75e57564 AS core-gmp +FROM stagex/user-gpg@sha256:92946bb4143ecbd53999cd520fbcb958aecacbac7a85bd58a758be1b57086a9c AS user-gpg +FROM stagex/user-grub@sha256:f3c9ff298c02ee3349496c3b5520079bbd115af0a347525410ba6a34170d4b4c AS user-grub +FROM stagex/user-icepick@sha256:4a63fee5c52067091ab988afb661462bb3773fdeec21b61a1ec89b728bbf3437 AS user-icepick +FROM stagex/user-ipxe@sha256:b98dea039f0a14a614f035d848d9cfa8b9ad472e6dc24b2e3099f2f8ae209abe AS user-ipxe +FROM stagex/user-jq@sha256:ced6213c21b570dde1077ef49966b64cbf83890859eff83f33c82620520b563e AS user-jq +FROM stagex/user-keyfork@sha256:2f108f6cf5aa289407df7b2ff5696d4c1f3efca45ca191da7138ebf10a9b02bf AS user-keyfork +FROM stagex/user-libaio@sha256:3e21cfd5dc07a7300546e4896a81628741c23c4728a68d36e0bb3d8a096f7742 AS user-libaio +FROM stagex/user-libassuan@sha256:dea35799659be7b85e523312c55621007b1918ff3590631155ecf2c699ca470f AS user-libassuan +FROM stagex/core-libffi@sha256:9acd18e59ca11fa727670725e69a976d96f85a00704dea6ad07870bff2bd4e8b AS core-libffi +FROM stagex/user-libgcrypt@sha256:384f0e703afad6f8885ec77fb814ef182a08600a2032183d231fee5c048a7d2d AS user-libgcrypt +FROM stagex/user-libgpg-error@sha256:6d7c09e3a7d055a6722910439c533f2babc8eda24b636bf4dfb2b29a3ed6327a AS user-libgpg-error +FROM stagex/user-libksba@sha256:c165fb5b7949473cb00b0fe59add90663346b33c6c682309ca0fcccdcf78d569 AS user-libksba +FROM stagex/user-libqrencode@sha256:c51271723df184012d7842c3bc2a2a5513121a9911f9d624d1b9b6f9cecd570e AS user-libqrencode +FROM stagex/user-libseccomp@sha256:7a397b5261c24aa745fe9158499e0db1ba21df415354bbbe77c90a6a3fd4c517 AS user-libseccomp +FROM stagex/user-libslirp@sha256:e72ebf587c366e1d0a9a42c74216dd2b9f560d52df3eb8148a2e31821415b082 AS user-libslirp +FROM stagex/user-libtpms@sha256:3fde6f85f3ce637b3d7b98e4fc74c2c57d31adf9c9ca068b3826eb7ebf16f5ba AS user-libtpms +FROM stagex/core-libunwind@sha256:4f3ead61255c1e58e7dc43a33043f297f8730ec88e068a4460e5fff09e503781 AS core-libunwind +FROM stagex/user-libusb@sha256:53d499555164f12d9e87118a6d44e1d07f0b1cc9081a29eb66975662be818a00 AS user-libusb +FROM stagex/user-libzbar@sha256:8b4ec291f772a10f372c538180f889a46837f2dd97756d1949c5c86111241fa9 AS user-libzbar +FROM stagex/core-libzstd@sha256:35ae8f0433cf1472f8fb25e74dc631723e9f458ca3e9544976beb724690adea8 AS core-libzstd +FROM stagex/user-lzo@sha256:9d141a7686fbb027366df80d4f254fb13f4c4524ba4d5cff6ea176b0b4c36cd5 AS user-lzo +FROM stagex/user-mtools@sha256:023169be123693e326d2fd97739fe0efa19638ce616cbcc52476e6f14f0a83cc AS user-mtools +FROM stagex/core-musl@sha256:d5f86324920cfc7fc34f0163502784b73161543ba0a312030a3ddff3ef8ab2f8 AS core-musl +FROM stagex/user-nettle@sha256:249bec1a4273f6461b39ef849d1d8b4ec2d4a3693930f9147cee6c37eef0794a AS user-nettle +FROM stagex/user-npth@sha256:6ac9a90ca714ba01911c1f617553a5b23b96e9e37ec4a21e5ba132c4886a70e9 AS user-npth +FROM stagex/user-numactl@sha256:4046b643293cf9e82f1d29e92c61f0b12210b65987711ddd7c6813f27f3c1bfd AS user-numactl +FROM stagex/user-openpgp-card-tools@sha256:369c13ba0a772b1aef31321c0ebbb2a6fcd512491ace003e48c6f18f258905cc AS user-openpgp-card-tools +FROM stagex/user-opensc@sha256:f8a1b5d07b6b594b964b63a2572fd10b44e79c3699efb97dfefc2f1dde054a6c AS user-opensc +FROM stagex/core-openssl@sha256:8670a22fb76965f31bda1b61cd75ae39a96e1008deffe289a5d94ee4337b1cb2 AS core-openssl +FROM stagex/user-pcsc-lite@sha256:0f06c2e73fabc6f9484bb39362d4084a45ffe88c862764813a62a75840b10cfc AS user-pcsc-lite +FROM stagex/user-pcsc-tools@sha256:366867b9c29664264224db7651b710cd70761b67c41ce9c27b9d2829e18b5a30 AS user-pcsc-tools +FROM stagex/user-qemu@sha256:768024466eb41de11f270c891257814aa6292b44ec2b5da4cff75f0dbcae65c8 AS user-qemu +FROM stagex/user-canokey-qemu@sha256:3f949f099194d2b721914d9d308c699818f83833b07db1d2e504ee16bfdfa348 AS user-canokey-qemu +FROM stagex/user-sdtool@sha256:f4be5c2fe87fa3dd8742f91be5a368b6833ceb7156d33192e5339869629aa06a AS user-sdtool +FROM stagex/user-seabios@sha256:4adf4c3f70a6c69cb1c925a832363547cfb73ef5a7d75ff65885624916aace90 AS user-seabios +FROM stagex/user-sops@sha256:d14c34ca5d537253f673fb0573fc47c9efd73c76e5a6927a820ee5abfadec557 AS user-sops +FROM stagex/core-zlib@sha256:b35b643642153b1620093cfe2963f5fa8e4d194fb2344a5786da5717018976c2 AS core-zlib +FROM stagex/user-sequoia-sq@sha256:b7197adb937e3ee0fc8e8edc041acb836da9b2958cbe4bb3b1797b73b50205f7 AS user-sequoia-sq +FROM stagex/user-sequoia-sq-wot@sha256:7e914c221d65a4cda9683591082e9f5c70d8d31d6a415c1b98e75f4d89f985c5 AS user-sequoia-sq-wot +FROM stagex/core-sqlite3@sha256:3c9318b8fae8471113a229f12cb8956cf8b0119177997ba69c4ead5e97efcdf4 AS core-sqlite3 +FROM stagex/user-swtpm@sha256:fc72e5089c08476cfbfd863daf80b3ea86016c27f5c5cf8d497baf9aa0d23a78 AS user-swtpm +FROM stagex/user-syslinux@sha256:6a92128218d68d25d6e10a534776473d805923a318cccb303555f730c7b7410e AS user-syslinux +FROM stagex/user-tpm2-tools@sha256:f25049635ae36e17281c651e0fd6d949abc407185c1013887a0d4feab09ababf AS user-tpm2-tools +FROM stagex/user-tpm2-tss@sha256:58f4d393d6b51746a464ad4eb4a13867c8323c175e0798de9d27be171a088cfa AS user-tpm2-tss +FROM stagex/user-util-linux@sha256:ec5ec2dfd1803dc897a9c0589f12e7ccff3058be4048af3076ff33069f993dd8 AS user-util-linux +FROM stagex/user-xorriso@sha256:6649dab95928e8eeb0199f7bd27852e6fa2682949f3c8f2b7a03978a5ff15b10 AS user-xorriso +FROM stagex/core-xz@sha256:75b657032c8a47eabc3805bae944302c3eeab524e853d6d209285d4347cba0c7 AS core-xz +FROM stagex/user-yq@sha256:47a39bfdeffff4344f41d60aa81671c7fd30c3e5e6d21ced21a05a5d836f3d34 AS user-yq +FROM stagex/user-edk2@sha256:db24be51d35117d264dccfc44f0ca331f59d738083170cd9bb86b49a5c06abff AS user-edk2 +FROM stagex/core-ca-certificates@sha256:d6fca6c0080e8e5360cd85fc1c4bd3eab71ce626f40602e38488bfd61fd3e89d AS core-ca-certificates +FROM stagex/user-linux-guest-net@sha256:994b6fe49dd4331b32b0854055bff31b06db5eabdeafb32b2c0d55465b7ccf45 AS user-linux-guest-net +FROM stagex/user-linux-airgap@sha256:c8575c92aa63544ee92a820a97034fcc203abf2671c0e7e21d0c4e20daef8827 AS user-linux-airgap +FROM stagex/user-libimobiledevice-glue@sha256:3ce674285cbc04b694b7e400703868fcaac65401f2f2ca2aa2b720b3e0efee3c AS user-libimobiledevice-glue +FROM stagex/user-libimobiledevice@sha256:fcda68bdc397213fa76bd893472a304b093522aaac28e36f458275b93bb1af34 AS user-libimobiledevice +FROM stagex/user-libplist@sha256:2d776cb4eca3689a8bd6ac755a23f492850bf6c7b0c72e3525db6135e4d6e0bc AS user-libplist +FROM stagex/user-libusb@sha256:53d499555164f12d9e87118a6d44e1d07f0b1cc9081a29eb66975662be818a00 AS user-libusb +FROM stagex/user-libusbmuxd@sha256:1e97f0a2ede0ee5fac9b056d0395e12b77c9f0bf550f9d0c20734ce0617eb51f AS user-libusbmuxd +FROM stagex/user-usbmuxd@sha256:90f687d2368328b76141badc382a21873a5b44d4ddccf851c017caf1e78af418 AS user-usbmuxd FROM scratch AS base ARG VERSION development @@ -98,13 +107,79 @@ COPY --from=core-curl . / COPY --from=user-libtpms . / COPY --from=user-tpm2-tss . / COPY --from=user-tpm2-tools . / +COPY --from=user-edk2 . / + +FROM base AS build-guest +COPY --from=user-linux-guest-net /bzImage iso/boot/vmlinuz +COPY --from=core-busybox . initramfs +COPY --from=user-eudev . initramfs +COPY --from=core-musl . initramfs +COPY --from=core-zlib . initramfs +COPY --from=core-openssl . initramfs +COPY --from=core-ca-certificates . initramfs +COPY --from=user-linux-guest-net . initramfs +COPY --from=user-linux-airgap . initramfs +COPY --from=user-libimobiledevice-glue . initramfs +COPY --from=user-libimobiledevice . initramfs +COPY --from=user-libplist . initramfs +COPY --from=user-libusb . initramfs +COPY --from=user-libusbmuxd . initramfs +COPY --from=user-usbmuxd . initramfs + +COPY src/guest/rootfs/ initramfs +RUN <<-EOF + set -eux + cd initramfs + mkdir -p home/git + chmod 755 home + chown -R 1000:1000 home/git + find . -exec touch -hcd "@0" "{}" + + find . -print0 \ + | sort -z \ + | cpio \ + --null \ + --create \ + --verbose \ + --reproducible \ + --format=newc \ + | gzip --best \ + > ../iso/boot/initramfs +EOF +COPY src/guest/config/syslinux.cfg iso/boot/syslinux/ +COPY --from=user-syslinux \ + /usr/share/syslinux/isohdpfx.bin \ + /usr/share/syslinux/isolinux.bin \ + /usr/share/syslinux/ldlinux.c32 \ + /usr/share/syslinux/libutil.c32 \ + /usr/share/syslinux/libcom32.c32 \ + /usr/share/syslinux/mboot.c32 \ + iso/boot/syslinux/ +ENV SOURCE_DATE_EPOCH=1 +RUN <<-EOF + set -eux + find iso -exec touch -hcd "@0" "{}" + + xorrisofs \ + -output guest.img \ + -full-iso9660-filenames \ + -joliet \ + -rational-rock \ + -sysid LINUX \ + -volid "repros" \ + -isohybrid-mbr iso/boot/syslinux/isohdpfx.bin \ + -eltorito-boot boot/syslinux/isolinux.bin \ + -eltorito-catalog boot/syslinux/boot.cat \ + -no-emul-boot \ + -boot-load-size 4 \ + -boot-info-table \ + -no-emul-boot \ + -isohybrid-gpt-basdat \ + -follow-links \ + iso/ +EOF FROM base AS build - -## Kernel COPY --from=user-linux-airgap /bzImage iso/boot/vmlinuz - -## Initramfs +COPY --from=build-guest /guest.img initramfs/ COPY --from=core-busybox . initramfs COPY --from=user-eudev . initramfs COPY --from=core-musl . initramfs @@ -135,17 +210,34 @@ COPY --from=user-nettle . initramfs COPY --from=user-opensc . initramfs COPY --from=user-util-linux . initramfs COPY --from=user-sops . initramfs -COPY --from=core-gcc /usr/lib/libgcc* initramfs/usr/lib/ +COPY --from=core-gcc /usr/lib/. initramfs/usr/lib/ COPY --from=core-sqlite3 . initramfs COPY --from=user-sdtool . initramfs RUN chmod +x initramfs/usr/bin/sdtool COPY --from=user-openpgp-card-tools . initramfs COPY --from=user-sequoia-sq . initramfs COPY --from=user-sequoia-sq-wot . initramfs +COPY --from=user-libslirp . initramfs +COPY --from=user-seabios . initramfs +COPY --from=user-ipxe . initramfs +COPY --from=user-glib . initramfs +COPY --from=user-numactl . initramfs +COPY --from=core-libzstd . initramfs +COPY --from=user-alsa-lib . initramfs +COPY --from=user-lzo . initramfs +COPY --from=user-dtc . initramfs +COPY --from=user-libaio . initramfs +COPY --from=user-libseccomp . initramfs +COPY --from=core-libffi . initramfs +COPY --from=core-libzstd . initramfs +COPY --from=user-libslirp . initramfs +COPY --from=user-seabios . initramfs +COPY --from=user-canokey-qemu . initramfs +COPY --from=user-qemu . initramfs COPY --from=user-libzbar . initramfs COPY --from=user-keyfork . initramfs COPY --from=user-icepick . initramfs -COPY rootfs/ initramfs +COPY src/host/rootfs/ initramfs COPY <<-EOF initramfs/etc/environment export VERSION="$VERSION" export GIT_TIMESTAMP="$GIT_TIMESTAMP" @@ -170,8 +262,8 @@ RUN <<-EOF EOF ## Grub (EFI Boot) -COPY config/grub.cfg iso/boot/grub/grub.cfg -COPY config/grub_early.cfg grub_early.cfg +COPY src/host/config/grub.cfg iso/boot/grub/grub.cfg +COPY src/host/config/grub_early.cfg grub_early.cfg RUN <<-EOF set -eux mkdir -p efi/boot @@ -203,7 +295,7 @@ RUN <<-EOF EOF ## Syslinux (BIOS Boot) -COPY config/syslinux.cfg iso/boot/syslinux/ +COPY src/host/config/syslinux.cfg iso/boot/syslinux/ COPY --from=user-syslinux \ /usr/share/syslinux/isohdpfx.bin \ /usr/share/syslinux/isolinux.bin \ @@ -213,8 +305,6 @@ COPY --from=user-syslinux \ /usr/share/syslinux/mboot.c32 \ iso/boot/syslinux/ -## Build Hybrid EFI/BIOS ISO -FROM build AS install ENV SOURCE_DATE_EPOCH=1 RUN <<-EOF set -eux @@ -253,5 +343,5 @@ RUN <<-EOF EOF FROM scratch AS package -COPY --from=install /sdcard.img / -COPY --from=install /airgap.iso / +COPY --from=build /sdcard.img / +COPY --from=build /airgap.iso / diff --git a/Makefile b/Makefile index bfc0f29..44633d0 100644 --- a/Makefile +++ b/Makefile @@ -60,7 +60,7 @@ vm: out/dev-shell.digest out/airgap.iso out/sdcard.img --tpm2 & \ qemu-system-x86_64 \ -m 4G \ - -machine pc \ + -machine q35,kernel-irqchip=split \ -chardev socket,id=chrtpm,path=vtpm-sock \ -usb -device canokey,file=/out/canokey-file \ -tpmdev emulator,id=tpm0,chardev=chrtpm \ @@ -70,6 +70,9 @@ vm: out/dev-shell.digest out/airgap.iso out/sdcard.img -device sd-card,drive=external \ -drive id=external,if=none,format=raw,file=out/sdcard.img \ -device usb-storage,drive=usbdrive \ + -device intel-iommu,intremap=on \ + -netdev user,id=net0 \ + -device e1000,netdev=net0 \ $(if $(filter $(EFI),true) ,\ -bios /usr/share/ovmf/OVMF.fd \ -drive id=boot$(,)if=virtio$(,)format=raw$(,)file=out/airgap.iso \ diff --git a/rootfs/.gnupg/gpg.conf b/rootfs/.gnupg/gpg.conf deleted file mode 100644 index 065d80c..0000000 --- a/rootfs/.gnupg/gpg.conf +++ /dev/null @@ -1 +0,0 @@ -pinentry-mode loopback diff --git a/src/guest/config/syslinux.cfg b/src/guest/config/syslinux.cfg new file mode 100644 index 0000000..20170fe --- /dev/null +++ b/src/guest/config/syslinux.cfg @@ -0,0 +1,8 @@ +TIMEOUT 2 +PROMPT -1 +DEFAULT ReprOS +LABEL ReprOS + MENU LABEL Linux ReprOS + KERNEL /boot/vmlinuz + INITRD /boot/initramfs + APPEND init=/init vga=normal console=ttyAMA0,115200 console=tty highres=off console=ttyS0 console=tty0 ro diff --git a/src/guest/rootfs/etc/git/base-hooks/post-receive b/src/guest/rootfs/etc/git/base-hooks/post-receive new file mode 100755 index 0000000..164b1e3 --- /dev/null +++ b/src/guest/rootfs/etc/git/base-hooks/post-receive @@ -0,0 +1,6 @@ +#!/bin/bash +set -eu +echo "hook -> post-receive" +while read oldrev newrev refname; do + git --work-tree=".." checkout -f "$newrev" +done diff --git a/src/guest/rootfs/etc/git/base-hooks/pre-receive b/src/guest/rootfs/etc/git/base-hooks/pre-receive new file mode 100755 index 0000000..585f80d --- /dev/null +++ b/src/guest/rootfs/etc/git/base-hooks/pre-receive @@ -0,0 +1,2 @@ +#!/bin/bash +echo "hook -> pre-receive" diff --git a/src/guest/rootfs/etc/git/base-hooks/update b/src/guest/rootfs/etc/git/base-hooks/update new file mode 100755 index 0000000..bd5e0e5 --- /dev/null +++ b/src/guest/rootfs/etc/git/base-hooks/update @@ -0,0 +1,3 @@ +#!/bin/bash + +echo "Firing update hook" diff --git a/src/guest/rootfs/etc/group b/src/guest/rootfs/etc/group new file mode 100644 index 0000000..6570d3a --- /dev/null +++ b/src/guest/rootfs/etc/group @@ -0,0 +1,47 @@ +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +adm:x:4: +tty:x:5: +disk:x:6: +lp:x:7:lp +mem:x:8: +kmem:x:9: +wheel:x:10:root +floppy:x:11:root +mail:x:12:mail +news:x:13:news +uucp:x:14:uucp +man:x:15:man +cron:x:16:cron +console:x:17: +audio:x:18: +cdrom:x:19: +dialout:x:20:root +ftp:x:21: +sshd:x:22: +input:x:23: +at:x:25:at +tape:x:26:root +video:x:27:root +netdev:x:28: +readproc:x:30: +squid:x:31:squid +xfs:x:33:xfs +kvm:x:34:kvm +games:x:35: +shadow:x:42: +cdrw:x:80: +www-data:x:82: +usb:x:85: +vpopmail:x:89: +users:x:100:games +ntp:x:123: +nofiles:x:200: +smmsp:x:209:smmsp +locate:x:245: +abuild:x:300: +utmp:x:406: +ping:x:999: +git:x:1000: diff --git a/src/guest/rootfs/etc/hosts b/src/guest/rootfs/etc/hosts new file mode 100644 index 0000000..9b1a20a --- /dev/null +++ b/src/guest/rootfs/etc/hosts @@ -0,0 +1,4 @@ +127.0.0.1 localhost +::1 localhost ip6-localhost ip6-loopback repros +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters diff --git a/src/guest/rootfs/etc/init.d/S01syslogd b/src/guest/rootfs/etc/init.d/S01syslogd new file mode 100755 index 0000000..d331993 --- /dev/null +++ b/src/guest/rootfs/etc/init.d/S01syslogd @@ -0,0 +1,55 @@ +#!/bin/sh + +DAEMON="syslogd" +PIDFILE="/var/run/$DAEMON.pid" + +SYSLOGD_ARGS="" + +# shellcheck source=/dev/null +[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON" + +# BusyBox' syslogd does not create a pidfile, so pass "-n" in the command line +# and use "-m" to instruct start-stop-daemon to create one. +start() { + printf 'Starting %s: ' "$DAEMON" + # shellcheck disable=SC2086 # we need the word splitting + start-stop-daemon -b -m -S -q -p "$PIDFILE" -x "/bin/$DAEMON" \ + -- -n $SYSLOGD_ARGS + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +stop() { + printf 'Stopping %s: ' "$DAEMON" + start-stop-daemon -K -q -p "$PIDFILE" + status=$? + if [ "$status" -eq 0 ]; then + rm -f "$PIDFILE" + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +restart() { + stop + sleep 1 + start +} + +case "$1" in + start|stop|restart) + "$1";; + reload) + # Restart, since there is no true "reload" feature. + restart;; + *) + echo "Usage: $0 {start|stop|restart|reload}" + exit 1 +esac diff --git a/src/guest/rootfs/etc/init.d/S02klogd b/src/guest/rootfs/etc/init.d/S02klogd new file mode 100755 index 0000000..85246f1 --- /dev/null +++ b/src/guest/rootfs/etc/init.d/S02klogd @@ -0,0 +1,55 @@ +#!/bin/sh + +DAEMON="klogd" +PIDFILE="/var/run/$DAEMON.pid" + +KLOGD_ARGS="" + +# shellcheck source=/dev/null +[ -r "/etc/default/$DAEMON" ] && . "/etc/default/$DAEMON" + +# BusyBox' klogd does not create a pidfile, so pass "-n" in the command line +# and use "-m" to instruct start-stop-daemon to create one. +start() { + printf 'Starting %s: ' "$DAEMON" + # shellcheck disable=SC2086 # we need the word splitting + start-stop-daemon -b -m -S -q -p "$PIDFILE" -x "/bin/$DAEMON" \ + -- -n $KLOGD_ARGS + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +stop() { + printf 'Stopping %s: ' "$DAEMON" + start-stop-daemon -K -q -p "$PIDFILE" + status=$? + if [ "$status" -eq 0 ]; then + rm -f "$PIDFILE" + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +restart() { + stop + sleep 1 + start +} + +case "$1" in + start|stop|restart) + "$1";; + reload) + # Restart, since there is no true "reload" feature. + restart;; + *) + echo "Usage: $0 {start|stop|restart|reload}" + exit 1 +esac diff --git a/rootfs/etc/init.d/S02sysctl b/src/guest/rootfs/etc/init.d/S02sysctl similarity index 100% rename from rootfs/etc/init.d/S02sysctl rename to src/guest/rootfs/etc/init.d/S02sysctl diff --git a/rootfs/etc/init.d/S03keymap b/src/guest/rootfs/etc/init.d/S03keymap similarity index 100% rename from rootfs/etc/init.d/S03keymap rename to src/guest/rootfs/etc/init.d/S03keymap diff --git a/rootfs/etc/init.d/S10udev b/src/guest/rootfs/etc/init.d/S10udev similarity index 100% rename from rootfs/etc/init.d/S10udev rename to src/guest/rootfs/etc/init.d/S10udev diff --git a/rootfs/etc/init.d/S20urandom b/src/guest/rootfs/etc/init.d/S20urandom similarity index 100% rename from rootfs/etc/init.d/S20urandom rename to src/guest/rootfs/etc/init.d/S20urandom diff --git a/rootfs/etc/init.d/rcK b/src/guest/rootfs/etc/init.d/rcK similarity index 100% rename from rootfs/etc/init.d/rcK rename to src/guest/rootfs/etc/init.d/rcK diff --git a/rootfs/etc/init.d/rcS b/src/guest/rootfs/etc/init.d/rcS similarity index 100% rename from rootfs/etc/init.d/rcS rename to src/guest/rootfs/etc/init.d/rcS diff --git a/src/guest/rootfs/etc/inittab b/src/guest/rootfs/etc/inittab new file mode 100644 index 0000000..e4c0ee1 --- /dev/null +++ b/src/guest/rootfs/etc/inittab @@ -0,0 +1,54 @@ +# /etc/inittab + +# Format for each entry: ::: +# +# id == tty to run on, or empty for /dev/console +# runlevels == ignored +# action == one of sysinit, respawn, askfirst, wait, and once +# process == program to run + +# Startup the system +::sysinit:/bin/mount -t devtmpfs devtmpfs /dev +::sysinit:/bin/mkdir -p /proc /run /dev/pts /dev/shm /sys +::sysinit:/bin/mount -t sysfs sysfs /sys +::sysinit:/bin/mount -t devpts devpts /dev/pts +::sysinit:/bin/mount -t cgroup cgroup /sys/fs/cgroup +::sysinit:/bin/mount -t proc proc /proc +::sysinit:/bin/mount -o remount,rw / +::sysinit:/bin/mkdir /var/log +::sysinit:/bin/hostname -F /etc/hostname +null::sysinit:/bin/ln -sf /proc/self/fd /dev/fd +null::sysinit:/bin/ln -sf /proc/self/fd/0 /dev/stdin +null::sysinit:/bin/ln -sf /proc/self/fd/1 /dev/stdout +null::sysinit:/bin/ln -sf /proc/self/fd/2 /dev/stderr + +# Stuff to do for the 3-finger salute +::ctrlaltdel:/usr/bin/reboot + +# now run any rc scripts +::sysinit:/etc/init.d/rcS + +# Spawn shells on serial terminal and default console +::respawn:-/usr/bin/login -f root +ttyS0::respawn:-/usr/bin/login -f root + +# Stuff to do before rebooting +::shutdown:/etc/init.d/rcK +::shutdown:/bin/umount -a -r +::sysinit:/bin/hostname -F /etc/hostname +null::sysinit:/bin/ln -sf /proc/self/fd /dev/fd +null::sysinit:/bin/ln -sf /proc/self/fd/0 /dev/stdin +null::sysinit:/bin/ln -sf /proc/self/fd/1 /dev/stdout +null::sysinit:/bin/ln -sf /proc/self/fd/2 /dev/stderr +# now run any rc scripts +::sysinit:/etc/init.d/rcS + +# Put a getty on the serial port +ttyS0::respawn:-/usr/bin/login -f root + +# Stuff to do for the 3-finger salute +#::ctrlaltdel:/sbin/reboot + +# Stuff to do before rebooting +::shutdown:/etc/init.d/rcK +::shutdown:/bin/umount -a -r diff --git a/rootfs/etc/modules b/src/guest/rootfs/etc/modules similarity index 100% rename from rootfs/etc/modules rename to src/guest/rootfs/etc/modules diff --git a/src/guest/rootfs/etc/passwd b/src/guest/rootfs/etc/passwd new file mode 100644 index 0000000..19f1e64 --- /dev/null +++ b/src/guest/rootfs/etc/passwd @@ -0,0 +1,4 @@ +root::0:0:root:/root:/bin/sh +sshd:x:22:22:sshd:/dev/null:/sbin/nologin +git::1000:1000::/home/git:/bin/git-shell +nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin diff --git a/src/guest/rootfs/etc/profile b/src/guest/rootfs/etc/profile new file mode 100644 index 0000000..8ecac5d --- /dev/null +++ b/src/guest/rootfs/etc/profile @@ -0,0 +1,5 @@ +export EDITOR=/bin/vi +export PATH="/usr/local/bin:/bin:/sbin:/usr/bin:/usr/sbin" +export PS1="[\h \t] \\$ " +export GNUPGHOME=/.gnupg +cd /root diff --git a/src/guest/rootfs/etc/resolv.conf b/src/guest/rootfs/etc/resolv.conf new file mode 100644 index 0000000..bb27186 --- /dev/null +++ b/src/guest/rootfs/etc/resolv.conf @@ -0,0 +1,2 @@ +nameserver 1.1.1.1 +nameserver 8.8.8.8 diff --git a/rootfs/init b/src/guest/rootfs/init similarity index 100% rename from rootfs/init rename to src/guest/rootfs/init diff --git a/config/grub.cfg b/src/host/config/grub.cfg similarity index 100% rename from config/grub.cfg rename to src/host/config/grub.cfg diff --git a/config/grub_early.cfg b/src/host/config/grub_early.cfg similarity index 100% rename from config/grub_early.cfg rename to src/host/config/grub_early.cfg diff --git a/config/syslinux.cfg b/src/host/config/syslinux.cfg similarity index 100% rename from config/syslinux.cfg rename to src/host/config/syslinux.cfg diff --git a/rootfs/etc/init.d/S01syslogd b/src/host/rootfs/etc/init.d/S01syslogd similarity index 100% rename from rootfs/etc/init.d/S01syslogd rename to src/host/rootfs/etc/init.d/S01syslogd diff --git a/rootfs/etc/init.d/S02klogd b/src/host/rootfs/etc/init.d/S02klogd similarity index 100% rename from rootfs/etc/init.d/S02klogd rename to src/host/rootfs/etc/init.d/S02klogd diff --git a/rootfs/etc/init.d/S02modules b/src/host/rootfs/etc/init.d/S02modules similarity index 100% rename from rootfs/etc/init.d/S02modules rename to src/host/rootfs/etc/init.d/S02modules diff --git a/src/host/rootfs/etc/init.d/S02sysctl b/src/host/rootfs/etc/init.d/S02sysctl new file mode 100755 index 0000000..85d9ed5 --- /dev/null +++ b/src/host/rootfs/etc/init.d/S02sysctl @@ -0,0 +1,94 @@ +#!/bin/sh +# +# This script is used by busybox and procps-ng. +# +# With procps-ng, the "--system" option of sysctl also enables "--ignore", so +# errors are not reported via syslog. Use the run_logger function to mimic the +# --system behavior, still reporting errors via syslog. Users not interested +# on error reports can add "-e" to SYSCTL_ARGS. +# +# busybox does not have a "--system" option neither reports errors via syslog, +# so the scripting provides a consistent behavior between the implementations. +# Testing the busybox sysctl exit code is fruitless, as at the moment, since +# its exit status is zero even if errors happen. Hopefully this will be fixed +# in a future busybox version. + +PROGRAM="sysctl" + +SYSCTL_ARGS="" + +# shellcheck source=/dev/null +[ -r "/etc/default/$PROGRAM" ] && . "/etc/default/$PROGRAM" + +# Files are read from directories in the SYSCTL_SOURCES list, in the given +# order. A file may be used more than once, since there can be multiple +# symlinks to it. No attempt is made to prevent this. +SYSCTL_SOURCES="/etc/sysctl.d/ /usr/local/lib/sysctl.d/ /usr/lib/sysctl.d/ /lib/sysctl.d/ /etc/sysctl.conf" + +# If the logger utility is available all messages are sent to syslog, except +# for the final status. The file redirections do the following: +# +# - stdout is redirected to syslog with facility.level "kern.info" +# - stderr is redirected to syslog with facility.level "kern.err" +# - file dscriptor 4 is used to pass the result to the "start" function. +# +run_logger() { + # shellcheck disable=SC2086 # we need the word splitting + find $SYSCTL_SOURCES -maxdepth 1 -name '*.conf' -print0 2> /dev/null | \ + xargs -0 -r -n 1 readlink -f | { + prog_status="OK" + while :; do + read -r file || { + echo "$prog_status" >&4 + break + } + echo "* Applying $file ..." + /sbin/sysctl -p "$file" $SYSCTL_ARGS || prog_status="FAIL" + done 2>&1 >&3 | /usr/bin/logger -t sysctl -p kern.err + } 3>&1 | /usr/bin/logger -t sysctl -p kern.info +} + +# If logger is not available all messages are sent to stdout/stderr. +run_std() { + # shellcheck disable=SC2086 # we need the word splitting + find $SYSCTL_SOURCES -maxdepth 1 -name '*.conf' -print0 2> /dev/null | \ + xargs -0 -r -n 1 readlink -f | { + prog_status="OK" + while :; do + read -r file || { + echo "$prog_status" >&4 + break + } + echo "* Applying $file ..." + /sbin/sysctl -p "$file" $SYSCTL_ARGS || prog_status="FAIL" + done + } +} + +if [ -x /usr/bin/logger ]; then + run_program="run_logger" +else + run_program="run_std" +fi + +start() { + printf '%s %s: ' "$1" "$PROGRAM" + status=$("$run_program" 4>&1) + echo "$status" + if [ "$status" = "OK" ]; then + return 0 + fi + return 1 +} + +case "$1" in + start) + start "Running";; + restart|reload) + start "Rerunning";; + stop) + :;; + *) + echo "Usage: $0 {start|stop|restart|reload}" + exit 1 +esac diff --git a/src/host/rootfs/etc/init.d/S03keymap b/src/host/rootfs/etc/init.d/S03keymap new file mode 100755 index 0000000..c84b376 --- /dev/null +++ b/src/host/rootfs/etc/init.d/S03keymap @@ -0,0 +1,22 @@ +#!/bin/sh + +case "${1}" in + start) + keymap="$( \ + awk -F 'keymap=' '{sub(/ .*$/, "", $2); print $2}' /proc/cmdline \ + )" + if [[ ! -z "$keymap" ]]; then + printf 'Loading Keymap %s: ' "${keymap}" + loadkeys "$keymap" + if [ $? -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + fi + ;; + *) + echo "Usage: ${0} {start}" + exit 1 + ;; +esac diff --git a/rootfs/etc/init.d/S04cbfs-key-import b/src/host/rootfs/etc/init.d/S04cbfs-key-import similarity index 100% rename from rootfs/etc/init.d/S04cbfs-key-import rename to src/host/rootfs/etc/init.d/S04cbfs-key-import diff --git a/src/host/rootfs/etc/init.d/S10udev b/src/host/rootfs/etc/init.d/S10udev new file mode 100755 index 0000000..cf7dce9 --- /dev/null +++ b/src/host/rootfs/etc/init.d/S10udev @@ -0,0 +1,24 @@ +#!/bin/sh + +case "$1" in + start) + printf "Populating %s using udev: " "${udev_root:-/dev}" + [ -e /proc/sys/kernel/hotplug ] && printf '\000\000\000\000' > /proc/sys/kernel/hotplug + /sbin/udevd -d || { echo "FAIL"; exit 1; } + udevadm trigger --type=subsystems --action=add + udevadm trigger --type=devices --action=add + udevadm settle --timeout=30 || echo "udevadm settle failed" + echo "done" + ;; + stop) + # Stop execution of events + udevadm control --stop-exec-queue + killall udevd + ;; + *) + echo "Usage: $0 {start|stop}" + exit 1 + ;; +esac + +exit 0 diff --git a/rootfs/etc/init.d/S12pcscd b/src/host/rootfs/etc/init.d/S12pcscd similarity index 100% rename from rootfs/etc/init.d/S12pcscd rename to src/host/rootfs/etc/init.d/S12pcscd diff --git a/src/host/rootfs/etc/init.d/S20urandom b/src/host/rootfs/etc/init.d/S20urandom new file mode 100755 index 0000000..6c6aea9 --- /dev/null +++ b/src/host/rootfs/etc/init.d/S20urandom @@ -0,0 +1,70 @@ +#! /bin/sh +# +# Preserve the random seed between reboots. See urandom(4). +# + +# Quietly do nothing if /dev/urandom does not exist +[ -c /dev/urandom ] || exit 0 + +URANDOM_SEED="/var/lib/random-seed" + +# shellcheck source=/dev/null +[ -r "/etc/default/urandom" ] && . "/etc/default/urandom" + +if pool_bits=$(cat /proc/sys/kernel/random/poolsize 2> /dev/null); then + pool_size=$((pool_bits/8)) +else + pool_size=512 +fi + +init_rng() { + [ -f "$URANDOM_SEED" ] || return 0 + printf 'Initializing random number generator: ' + dd if="$URANDOM_SEED" bs="$pool_size" of=/dev/urandom count=1 2> /dev/null + status=$? + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + return "$status" +} + +save_random_seed() { + printf 'Saving random seed: ' + status=1 + if touch "$URANDOM_SEED.new" 2> /dev/null; then + old_umask=$(umask) + umask 077 + dd if=/dev/urandom of="$URANDOM_SEED.tmp" bs="$pool_size" count=1 2> /dev/null + cat "$URANDOM_SEED" "$URANDOM_SEED.tmp" 2>/dev/null \ + | sha256sum \ + | cut -d ' ' -f 1 > "$URANDOM_SEED.new" && \ + mv "$URANDOM_SEED.new" "$URANDOM_SEED" && status=0 + rm -f "$URANDOM_SEED.tmp" + umask "$old_umask" + if [ "$status" -eq 0 ]; then + echo "OK" + else + echo "FAIL" + fi + + else + echo "SKIP (read-only file system detected)" + fi + return "$status" +} + +case "$1" in + start|restart|reload) + # Carry a random seed from start-up to start-up + # Load and then save the whole entropy pool + init_rng && save_random_seed;; + stop) + # Carry a random seed from shut-down to start-up + # Save the whole entropy pool + save_random_seed;; + *) + echo "Usage: $0 {start|stop|restart|reload}" + exit 1 +esac diff --git a/src/host/rootfs/etc/init.d/rcK b/src/host/rootfs/etc/init.d/rcK new file mode 100755 index 0000000..59e9c54 --- /dev/null +++ b/src/host/rootfs/etc/init.d/rcK @@ -0,0 +1,27 @@ +#!/bin/sh + + +# Stop all init scripts in /etc/init.d +# executing them in reversed numerical order. +# +for i in $(ls -r /etc/init.d/S??*) ;do + + # Ignore dangling symlinks (if any). + [ ! -f "$i" ] && continue + + case "$i" in + *.sh) + # Source shell script for speed. + ( + trap - INT QUIT TSTP + set stop + . $i + ) + ;; + *) + # No sh extension, so fork subprocess. + $i stop + ;; + esac +done + diff --git a/src/host/rootfs/etc/init.d/rcS b/src/host/rootfs/etc/init.d/rcS new file mode 100755 index 0000000..de41153 --- /dev/null +++ b/src/host/rootfs/etc/init.d/rcS @@ -0,0 +1,27 @@ +#!/bin/sh + + +# Start all init scripts in /etc/init.d +# executing them in numerical order. +# +for i in /etc/init.d/S??* ;do + + # Ignore dangling symlinks (if any). + [ ! -f "$i" ] && continue + + case "$i" in + *.sh) + # Source shell script for speed. + ( + trap - INT QUIT TSTP + set start + . $i + ) + ;; + *) + # No sh extension, so fork subprocess. + $i start + ;; + esac +done + diff --git a/rootfs/etc/inittab b/src/host/rootfs/etc/inittab similarity index 100% rename from rootfs/etc/inittab rename to src/host/rootfs/etc/inittab diff --git a/src/host/rootfs/etc/modules b/src/host/rootfs/etc/modules new file mode 100644 index 0000000..03e2c07 --- /dev/null +++ b/src/host/rootfs/etc/modules @@ -0,0 +1 @@ +i915 diff --git a/rootfs/etc/profile b/src/host/rootfs/etc/profile similarity index 100% rename from rootfs/etc/profile rename to src/host/rootfs/etc/profile diff --git a/src/host/rootfs/init b/src/host/rootfs/init new file mode 100755 index 0000000..15bd0d1 --- /dev/null +++ b/src/host/rootfs/init @@ -0,0 +1,2 @@ +#!/bin/sh +exec /bin/init diff --git a/rootfs/usr/lib/udev/rules.d/sdcard-autorun.rules b/src/host/rootfs/usr/lib/udev/rules.d/sdcard-autorun.rules similarity index 100% rename from rootfs/usr/lib/udev/rules.d/sdcard-autorun.rules rename to src/host/rootfs/usr/lib/udev/rules.d/sdcard-autorun.rules diff --git a/rootfs/usr/local/bin/autorun b/src/host/rootfs/usr/local/bin/autorun similarity index 100% rename from rootfs/usr/local/bin/autorun rename to src/host/rootfs/usr/local/bin/autorun