public
/
airgap
5
0
Fork 1
Code Issues Pull Requests 3 Packages Projects Releases Wiki Activity

Compare commits

base: public:main
Branches Tags
public:main
public:sam/remove-extra-console-shell
public:release/2024.10.x
public:lance/fix-determinism
public:tpm2vm
public:sam/add-user-partition
public:2024.8.1
public:ryansquared/bump-keyfork-v0.2.3
public:lance/add-external-sigs
public:lance/fix-qemu-bios-boot
public:stagex-rewrite
public:release/2024.03.x
public:ryan/update-buildroot
..
compare: public:lance/fix-qemu-bios-boot
Branches Tags
public:sam/remove-extra-console-shell
public:release/2024.10.x
public:main
public:lance/fix-determinism
public:tpm2vm
public:sam/add-user-partition
public:2024.8.1
public:ryansquared/bump-keyfork-v0.2.3
public:lance/add-external-sigs
public:lance/fix-qemu-bios-boot
public:stagex-rewrite
public:release/2024.03.x
public:ryan/update-buildroot

1 Commits
main ... lance/fix-

Author SHA1 Message Date
Lance Vick a291b72ac8
fix: bios boot order when using virtual sdcard 2024-08-04 23:03:36 -07:00
10 changed files with 109 additions and 160 deletions
Show Stats Expand all files Collapse all files

117
Containerfile
View File

@ -1,56 +1,38 @@
FROM stagex/alsa-lib:sx2024.09.0@sha256:a41b481187f76c1e9ed4e237977f4892c1507a3b8f8f6736ff3fdd5144bd2afb AS alsa-lib FROM stagex/busybox:sx2024.08.0@sha256:8cb9360041cd17e8df33c5cbc6c223875045c0c249254367ed7e0eb445720757 AS busybox
FROM stagex/bash:sx2024.09.0@sha256:cb58f55d268fbe7ef629cda86e3a8af893066e4af7f26ef54748b6ad47bdaa66 AS bash FROM stagex/musl:sx2024.08.0@sha256:f888fcf45fabaaae3d0268bcec902ceb94edba7bf8d09ef6966ebb20e00b7127 AS musl
FROM stagex/bc:sx2024.09.0@sha256:039cc5ac357a17d6374445fe4eed1dac15cc72f615bd9657c17e2c3904d42b62 AS bc FROM stagex/xorriso:sx2024.08.0@sha256:9ab45852aee077b68ea101173025be6e1cdbde93692efa4ee198e1960f02ab52 AS xorriso
FROM stagex/busybox:sx2024.09.0@sha256:d34bfa56566aa72d605d6cbdc154de8330cf426cfea1bc4ba8013abcac594395 AS busybox FROM stagex/syslinux:sx2024.08.0@sha256:909dcabcf13bd39b0138309f6efdeb780e01c00bf17cb1e7ee851e8b8be74d2b AS syslinux
FROM stagex/ccid:sx2024.09.0@sha256:3225dc4a6a1af5f828854157a6b16eb09a0b0f7ebe9d9ee34030afe3966afad1 AS ccid FROM stagex/cpio:sx2024.08.0@sha256:25afad810fbb9b1d02762030c3e43e07259a79627dbea9b66ef7f797f8377a2a AS cpio
FROM stagex/cpio:sx2024.09.0@sha256:abccb58edb5f1f31b3b9c8b61cffa10cd56de3307e337335927b8df4d9112d24 AS cpio FROM stagex/linux-airgap:sx2024.08.0@sha256:a4fac3ca7795e171a4d1b3b634fdae1790d4f8d076f3c1ac8a38f3ece72e1ec5 AS linux-airgap
FROM stagex/curl:sx2024.09.0@sha256:8e5705a77a76c92d058e016184dabd0c4fa2f6117021cc5ff55df35f654cb158 AS curl FROM stagex/mtools:sx2024.08.0@sha256:b6202dc29906ea8d7594bce604cb676f5335cc51e75e3f12b5f619e8fc27cc28 AS mtools
FROM stagex/dtc:sx2024.09.0@sha256:57f8aaa94059c43081b32fccb473ebd2c0cf16878dcf0e24e0e56c910467e93a AS dtc FROM stagex/xz:sx2024.08.0@sha256:f6ca72fc9096ef5f694b6b7f9b7ad323a571d9447eb5cc790042f72e69b9aad8 AS xz
FROM stagex/eudev:sx2024.09.0@sha256:7da7aed7ea7eb73bda86e206e765bdc8e6367c2c2ae535ccd68c7c1b0a936611 AS eudev FROM stagex/eudev:sx2024.08.0@sha256:66020d28246af1d1e5f8fe3b5bca3da3cbfbd1f89cc1c616b7f8d13f61419026 AS eudev
FROM stagex/flashtools:sx2024.09.0@sha256:4e61cc6f0af9aa6116bb93f048c20d00026d75c27dc52b7e8604f0e340c55b80 AS flashtools FROM stagex/ccid:sx2024.08.0@sha256:0f50ff4441d8b20ff73babab652fc0a563bce46385100240de4ae587012c9505 AS ccid
FROM stagex/gcc:sx2024.09.0@sha256:439bf36289ef036a934129d69dd6b4c196427e4f8e28bc1a3de5b9aab6e062f0 AS gcc FROM stagex/libusb:sx2024.08.0@sha256:c67807377fb18d2a874d975b43e37056eb4067a5be74ebf8c1f5e5ec65ae5650 AS libusb
FROM stagex/glib:sx2024.09.0@sha256:d280c18f8b52ce21a26924b0cb1bfb69ea6508b57db73efe22401572e71dbe84 AS glib FROM stagex/keyfork:sx2024.08.0@sha256:1ace822e40987f94a442c76505fbbe7446da5481e57c7e57d5b51d5b8362d65a AS keyfork
FROM stagex/gpg:sx2024.09.0@sha256:f63555b39740db63b34c06894a4a9d5e125d04f5d51e799909d06c490e8ecd42 AS gpg FROM stagex/openpgp-card-tools:sx2024.08.0@sha256:088dbc336e34f16f7a8e323f114918468a7e4b13b190c43593ca7b0dffea54b4 AS openpgp-card-tools
FROM stagex/grub:sx2024.09.0@sha256:a14c60f152c759185e5702e910053cb5c0d9eee11f43d8d5d40a84123aece9fd AS grub FROM stagex/gpg:sx2024.08.0@sha256:b5b0726171f66da437dbd24d2398cd324b96f00115770767b4f72df2547c5323 AS gpg
FROM stagex/ipxe:sx2024.09.0@sha256:5791d9b42c7e9099a0180c4fe6cc4b8e9afc9e6b9ec392099c65c53b71db7908 AS ipxe FROM stagex/bash:sx2024.08.0@sha256:395e85b2f017c3fd30810d12eea5d59b015f6f5387f79bdec808ca01408cfe86 AS bash
FROM stagex/jq:sx2024.09.0@sha256:3e8b44aa54481bdd46406e9d3a63862f4216f81530a1898b3c144e1c38847a82 AS jq FROM stagex/grub:sx2024.08.0@sha256:5f382615881470e0cf9c670bead785507545a2b829b391247313f516c63355e3 AS grub
FROM stagex/jq:sx2024.09.0@sha256:3e8b44aa54481bdd46406e9d3a63862f4216f81530a1898b3c144e1c38847a82 AS jq FROM stagex/npth:sx2024.08.0@sha256:7899c399f2924c5ba0dfbce9ce6f8391e27ecd0564f0341fb85f83ba293e1ebe AS npth
FROM stagex/keyfork:sx2024.09.0@sha256:2288c1d769a0c3c535835019ad4919cc45b094492b5aa959a0eaf1e883a96214 AS keyfork FROM stagex/libksba:sx2024.08.0@sha256:a5aac434ffd8fca96c435756fac9e300b3d06e04a15c707d09e5e8a16c0bcd89 AS libksba
FROM stagex/libaio:sx2024.09.0@sha256:c8d6dd6f3e6fbda73ac0620b2bc4b4cfe6fa504bf7a17eee3bb56e286c394b8b AS libaio FROM stagex/libgpg-error:sx2024.08.0@sha256:e7e4797f38ba1a09ba700c91e2a5c99230f04f31e7961101a72d4e95f653f284 AS libgpg-error
FROM stagex/libassuan:sx2024.09.0@sha256:1f31e888ab3f02634009d1a38acca9f25deb827432eb91392e21fd75128a44aa AS libassuan FROM stagex/libassuan:sx2024.08.0@sha256:1267bb842bcb6e8bff56e2b72599357605a5e141f76629f7e96187ae85a07197 AS libassuan
FROM stagex/libffi:sx2024.09.0@sha256:ab647ebf8464e00cde623f86f716e7f50ce82c30eafde813b7977d917ff7143a AS libffi FROM stagex/libgcrypt:sx2024.08.0@sha256:ea1906215d18688d96fc5329301af649834fe96c5eadda74c9d485623efb1f90 AS libgcrypt
FROM stagex/libgcrypt:sx2024.09.0@sha256:49c84a586969ff625b3304dcf8905a98db0da36fb8704e3d7a0771d271509b68 AS libgcrypt FROM stagex/jq:sx2024.08.0@sha256:0297a099ae95eed13d48bce2d4d624544857680095b6201e9919e1d5da45a6cd AS jq
FROM stagex/libgpg-error:sx2024.09.0@sha256:11c17c1ac41f36c85e538bd34a0095a9f17e116f61c38d560350c02a6929e55a AS libgpg-error FROM stagex/yq:sx2024.08.0@sha256:10e80bd7cec3c6e0a7fd36c65bac13600368bff993ad42b03e3b787d2125e5f0 AS yq
FROM stagex/libksba:sx2024.09.0@sha256:2913b382fdb76f02f9d78ee162066e04953ba782b8f722145111617a842f40a3 AS libksba FROM stagex/bc:sx2024.08.0@sha256:1ecf6029ceed91dd62b08c64e49f00518edcf6c10ac4ab2fe7e8f71943607eef AS bc
FROM stagex/libqrencode:sx2024.09.0@sha256:8c0f523bdf8d315e7b67cadd584e23d22a316dd1973232d49603e127717e4d1a AS libqrencode FROM stagex/zlib:sx2024.08.0@sha256:d0d6eef463a410191e086448c710441109ae72693cb074fe2b795ee033aa6c9d AS zlib
FROM stagex/libseccomp:sx2024.09.0@sha256:f48d783989da9d509cc6b4c12ec34e14074ffc1ab7a4f2d1e322c417d967e12f AS libseccomp FROM stagex/tpm2-tools:sx2024.08.0@sha256:1693d4ef7e0b7df3e9bd60088588d94b7f5bf755fde0c1be695f3c2f00ec2897 AS tpm2-tools
FROM stagex/libslirp:sx2024.09.0@sha256:9dfb87e4a0adba80b862ce6b96112d96f509ffbca25bb71c60ba5bb5693b481d AS libslirp FROM stagex/tpm2-tss:sx2024.08.0@sha256:5e362f43a5e0c49f774605a0e3e1b7523dc6bc775f537c206a3aaa8b8b733c93 AS tpm2-tss
FROM stagex/libtpms:sx2024.09.0@sha256:d909a55137d0bf4a76331c2bf0358ee192d6c93ad77a5099af09ce1bcca2a6cd AS libtpms FROM stagex/openssl:sx2024.08.0@sha256:9bd55ed05263a538e6a23c0262edc356c998a24674f3b8ad008a4b117a4cdf3b AS openssl
FROM stagex/libusb:sx2024.09.0@sha256:6c0dcf2b9519b1a41066ad71d3b597e9dae84fb73e5d031a3bdd2eb40f78ef94 AS libusb FROM stagex/sops:sx2024.08.0@sha256:7d8d51e41c7cab21b8ae75f557961f20405f727a21107d669080e3804d09665c AS sops
FROM stagex/libzstd:sx2024.09.0@sha256:a055f8cd6e11b0b8836b2e5e1d755f672edbd344a4f4b5aba94919a6511be4c3 AS libzstd FROM stagex/pcsc-lite:sx2024.08.0@sha256:fd9b0600f7f73f87d9d678b8b8a7119e0f9b9314c9959bd0d180c31736cb97d6 AS pcsc-lite
FROM stagex/linux-airgap:sx2024.09.0@sha256:efb98b59ab37a7e33db423eda7a49bb7273b087838fda8098ce6736a0860fc73 AS linux-airgap FROM stagex/pcsc-tools:sx2024.08.0@sha256:d83997bda2b9500c8a4567df827a90d65efa842f9a2bb361b6f394589cf167d5 AS pcsc-tools
FROM stagex/lzo:sx2024.09.0@sha256:09c60840e3e3e5835ec027c21283febc9f8cf53ab887576fbe9c38dbdbdfd571 AS lzo FROM stagex/flashtools:sx2024.08.0@sha256:e2ac807475e66201ad50eee09bf9625ad0e97dc136818ff11775cb13a54d764b AS flashtools
FROM stagex/mtools:sx2024.09.0@sha256:c83f7aebce9076903dbf1082aac981d3c0950d9e8952a900e5e072e2a811cda7 AS mtools FROM stagex/libqrencode:sx2024.08.0@sha256:1927d17aaf1ad6a9910380714f0dd12c72c69f9ee1b19668bf4cc5f89cbc2b2d AS libqrencode
FROM stagex/musl:sx2024.09.0@sha256:ad351b875f26294562d21740a3ee51c23609f15e6f9f0310e0994179c4231e1d AS musl FROM stagex/util-linux:sx2024.08.0@sha256:41525597d1f5648dc2318da7779e3c5194b4e6d24cb07f2f616ac539bb094d04 AS util-linux
FROM stagex/npth:sx2024.09.0@sha256:21d50ec1421fe75af4bea240d76022ddb8c114fd2805bfeb06fb938e5a58fc0d AS npth FROM stagex/opensc:sx2024.08.0@sha256:8da704d0078d445d3af0338764b9f3a87ba4841744c396c8eddef15466366553 AS opensc
FROM stagex/numactl:sx2024.09.0@sha256:39e667b966a443f42e1c7a8c944203945bd1808ce759df1706bb3b93b0b674c2 AS numactl
FROM stagex/openpgp-card-tools:sx2024.09.0@sha256:56d4696d111b309e536f1b70980db7098cd7823005432e4130432cb2f625cf9f AS openpgp-card-tools
FROM stagex/opensc:sx2024.09.0@sha256:5117a9d39d3b77655b29bf661d9e04eea2001a5b033b2fd6b4297048330ff6e7 AS opensc
FROM stagex/openssl:sx2024.09.0@sha256:2c1a9d8fcc6f52cb11a206f380b17d74c1079f04cbb08071a4176648b4df52c1 AS openssl
FROM stagex/pcsc-lite:sx2024.09.0@sha256:4fe37671197ac768637e95f7395ae1a18412b3f42359d0c0aa9f4e7f684aef4e AS pcsc-lite
FROM stagex/pcsc-tools:sx2024.09.0@sha256:05046ca5d41a09163eda26785563fd98f0cb1179030c3f4ee3243997a907bb96 AS pcsc-tools
FROM stagex/qemu:sx2024.09.0@sha256:c9b099bc7d810a581e0e0f68061dd525d7efdb5334d119b4253249a459bd907e AS qemu
FROM stagex/seabios:sx2024.09.0@sha256:f4e535fb1bfc2c7ae1756cdaa2404b1572f6ad195ceabba90d87ed0599fd97d7 AS seabios
FROM stagex/sops:sx2024.09.0@sha256:c742fb1f0c5a4f9d9bc9afc37ba686b247d2b17d55d179409d33736b43c9aaa5 AS sops
FROM stagex/swtpm:sx2024.09.0@sha256:c47fb2c4d8690936b4adef832a3f354231bb5a04206bf2fb565218034ce27792 AS swtpm
FROM stagex/syslinux:sx2024.09.0@sha256:a41388558d7f6d9a29847ee2ff5507ab3100bfe9032ef3b99a3d783ad60ed390 AS syslinux
FROM stagex/tpm2-tools:sx2024.09.0@sha256:c2fc693ec68a9d097151e5b3dd5b923f0dcc35fd4e0624b91ade3bf21367162c AS tpm2-tools
FROM stagex/tpm2-tss:sx2024.09.0@sha256:a8bf8c0973e1b5ba62ce5034a6230684ebe5a142da275d09e81fa2f2f9c87411 AS tpm2-tss
FROM stagex/util-linux:sx2024.09.0@sha256:7e3f3c1e748f5c216503e69b9f8f2e9f8084ec675fb29b23f3a6f0ed3b20c54a AS util-linux
FROM stagex/xorriso:sx2024.09.0@sha256:2205a8f53d4fc569880c311061daa085f40c62b2fd94d556e72bd31b4df9e63a AS xorriso
FROM stagex/xz:sx2024.09.0@sha256:b57c5e6144117bc0124855e9538e60c302cc7bf53fafb53e2eef3434015366f1 AS xz
FROM stagex/yq:sx2024.09.0@sha256:bd6882f0f3ea664e9de6cf732cef2fa2781fc2852f5e6502a6aea1e63eb9708b AS yq
FROM stagex/zlib:sx2024.09.0@sha256:96b4100550760026065dac57148d99e20a03d17e5ee20d6b32cbacd61125dbb6 AS zlib
FROM scratch AS base FROM scratch AS base
ARG VERSION development ARG VERSION development
@ -66,29 +48,6 @@ COPY --from=mtools . /
COPY --from=xz . / COPY --from=xz . /
COPY --from=grub . / COPY --from=grub . /
FROM base as dev
COPY --from=gcc . /
COPY --from=glib . /
COPY --from=alsa-lib . /
COPY --from=lzo . /
COPY --from=dtc . /
COPY --from=zlib . /
COPY --from=numactl . /
COPY --from=libaio . /
COPY --from=libseccomp . /
COPY --from=libffi . /
COPY --from=libzstd . /
COPY --from=libslirp . /
COPY --from=seabios . /
COPY --from=ipxe . /
COPY --from=qemu . /
COPY --from=swtpm . /
COPY --from=openssl . /
COPY --from=curl . /
COPY --from=libtpms . /
COPY --from=tpm2-tss . /
COPY --from=tpm2-tools . /
FROM base AS build FROM base AS build
## Kernel ## Kernel
@ -111,7 +70,6 @@ COPY --from=jq . initramfs
COPY --from=yq . initramfs COPY --from=yq . initramfs
COPY --from=bc . initramfs COPY --from=bc . initramfs
COPY --from=flashtools . initramfs COPY --from=flashtools . initramfs
COPY --from=curl . initramfs
COPY --from=tpm2-tools . initramfs COPY --from=tpm2-tools . initramfs
COPY --from=tpm2-tss . initramfs COPY --from=tpm2-tss . initramfs
COPY --from=openssl . initramfs COPY --from=openssl . initramfs
@ -195,10 +153,10 @@ COPY --from=syslinux \
## Build Hybrid EFI/BIOS ISO ## Build Hybrid EFI/BIOS ISO
FROM build AS install FROM build AS install
ENV SOURCE_DATE_EPOCH=1 ENV SOURCE_DATE_EPOCH=1
# --set_all_file_dates='1'
# --modification-date='1970010100000000' \
RUN <<-EOF RUN <<-EOF
set -eux set -eux
dd if=/dev/zero bs=1M count=10 >> user.img
mformat -v user -i user.img -N 0 ::
find iso -exec touch -hcd "@0" "{}" + find iso -exec touch -hcd "@0" "{}" +
xorrisofs \ xorrisofs \
-output airgap.iso \ -output airgap.iso \
@ -218,7 +176,6 @@ RUN <<-EOF
-no-emul-boot \ -no-emul-boot \
-isohybrid-gpt-basdat \ -isohybrid-gpt-basdat \
-follow-links \ -follow-links \
-append_partition 3 0xb user.img \
iso/ iso/
EOF EOF

63
Makefile
View File

@ -40,35 +40,38 @@ out/airgap.iso: Containerfile $(shell git ls-files rootfs)
## Development Targets ## Development Targets
out/dev-shell.digest: Containerfile | out
docker build --target dev -f Containerfile -q . > $@
.PHONY: shell
shell: out/dev-shell.digest
docker run -it $(shell cat $<) /bin/sh
.PHONY: vm .PHONY: vm
vm: out/dev-shell.digest out/airgap.iso out/sdcard.img vm: vm-bios
docker run -it -v ./out:/out $(shell cat $<) sh -c "\
swtpm socket \ .PHONY: vm-bios
--tpmstate dir=. \ vm-bios: out/airgap.iso
--ctrl type=unixio,path=vtpm-sock \ qemu-system-x86_64 \
--tpm2 & \ -m 4G \
qemu-system-x86_64 \ -machine pc \
-m 4G \ -serial stdio \
-machine pc \ -usb \
-chardev socket,id=chrtpm,path=vtpm-sock \ -usbdevice tablet \
-tpmdev emulator,id=tpm0,chardev=chrtpm \ -boot d \
-device tpm-tis,tpmdev=tpm0 \ -drive file=out/airgap.iso,media=cdrom \
-usb \ -device sdhci-pci \
-device sdhci-pci \ -device sd-card,drive=external \
-device sd-card,drive=external \ -drive id=external,if=none,format=raw,file=out/sdcard.img \
-drive id=external,if=none,format=raw,file=out/sdcard.img \ -display gtk,show-menubar=off,zoom-to-fit=on \
-device usb-storage,drive=usbdrive \
-drive id=usbdrive,if=none,format=raw,file=out/airgap.iso \ .PHONY: vm-efi
-boot order=c \ vm-efi: out/airgap.iso
-nographic; \ qemu-system-x86_64 \
" -m 4G \
-machine pc \
-serial stdio \
-bios /usr/share/ovmf/OVMF.fd \
-usb \
-device sdhci-pci \
-device sd-card,drive=external \
-usbdevice tablet \
-drive id=external,if=none,format=raw,file=out/sdcard.img \
-display gtk,show-menubar=off,zoom-to-fit=on \
-cdrom "out/airgap.iso"
## Signing, Verification, and Release Targets ## Signing, Verification, and Release Targets
@ -78,8 +81,8 @@ clean:
.PHONY: release .PHONY: release
release: clean release: clean
$(MAKE) NOCACHE=1 VERSION=$(VERSION)
rm -rf dist/* rm -rf dist/*
$(MAKE) NOCACHE=1 VERSION=$(VERSION)
cp -R out/release.env out/airgap.iso out/manifest.txt dist/ cp -R out/release.env out/airgap.iso out/manifest.txt dist/
.PHONY: sign .PHONY: sign
@ -118,7 +121,7 @@ out/release.env: $(shell git ls-files) | out
echo 'VERSION=$(VERSION)' > out/release.env echo 'VERSION=$(VERSION)' > out/release.env
echo 'GIT_REF=$(GIT_REF)' >> out/release.env echo 'GIT_REF=$(GIT_REF)' >> out/release.env
echo 'GIT_AUTHOR=$(GIT_AUTHOR)' >> out/release.env echo 'GIT_AUTHOR=$(GIT_AUTHOR)' >> out/release.env
echo 'GIT_PUBKEY=$(GIT_PUBKEY)' >> out/release.env echo 'GIT_PUBKEY=$(GIT_PUBKEY)' >> out/release.env
echo 'GIT_TIMESTAMP=$(GIT_TIMESTAMP)' >> out/release.env echo 'GIT_TIMESTAMP=$(GIT_TIMESTAMP)' >> out/release.env
out/manifest.txt: out/airgap.iso out/release.env | out out/manifest.txt: out/airgap.iso out/release.env | out

BIN
dist/airgap.iso (Stored with Git LFS) vendored
View File

Binary file not shown.

26
dist/manifest.36C8AAA9.asc vendored
View File

@ -1,16 +1,16 @@
-----BEGIN PGP SIGNATURE----- -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEZ1U/vaRrtxq9LgsLjkeh7DWhVR0FAma0fbsACgkQjkeh7DWh iQIzBAABCgAdFiEEZ1U/vaRrtxq9LgsLjkeh7DWhVR0FAmav8FIACgkQjkeh7DWh
VR0lYBAAsjKcqgoSM73lck4gSga3CWtTfZ/k7azr98HnUw5InTyTwvna2sRGL3jb VR2ujw//c1eVHC92aVyVyqh5gXdm6JSioEdHRI8bELF47AkfMUgy6aJ2pOnofXA4
Q0pUhrPVQVmjXSyxD/hR/uLuiAfUn2Gyhp1MZS3C7jmFcRsxCJzNbByv/2bUS2+U f9zSFOJLyxxEHbBhRBcAGP6RtpoY4z4gw/s+eAfklEe+BqQiYAKmllZu7ol3nFVD
5TaCoxmM8SdxTqcBIyYylKzZ4ub0t3bCWUt2uPqdSqslgEReeqbzzE3jpmiUfmHE 07QmKgvHcqu1hU5kdK6ID9wpjS4/iR1IcNWRS/gfvHMKx3tLRjBP7p50gpF41LAo
daaZhZa3iPEr7vqq00jUGFuSEdxQCQkty0nZHzfGhHwbliiUGyH6/bb+u4v5eGYH tE3tcNhMabPqCDTQAZd5TNmimA6MeOhria40LJQkBHlygK/N1H+hdQJLgi1SOLvX
VEyRq0CWFgw5sywpSf3UZjR0fkd0do9z6Li1ggN2GV63I4oT3L1LltcMXtgfMp+B PBMjb+8Jm7d6PmjzGGvZXHWSy0+XUjgjkaU7C7+kZXQJ9KUO4eglVKvftolcR+KL
SA3gz7/mJsMqM6H2ZWqUgJAZw/mZCGStftSnOTKdyEtpzagNNeePa5f4kM1ZuHF6 hv0efyYvzCqoaubAGgS5fyvO5Ab2AwF+4XuArWOFd9HyiiCp5R8Fx+YR6MjXg7J2
ehSl1nbnCeCPfedS8+oUm3v8qWiFLXz4tmYvBnfDWaUXIYpNOrvJPtatdinTNRfl sokdFrDkOmwVTiLQ2ovz4XvDIM1lfgt4noMek96KRJzzzLlICuqi8I/VNS9qU9zN
nglyEt6Olc+3vEqkrEl7JFu13Gl92mbuhhelKjM/VDheHBUZ6yrso1aLbyruO+wm BhZGtzNMXDHnf4qzlw6KoIR9Zru2UQcRLc2kEkFDd9ucRzpTPebNhRJW0El0+pzx
RxL3pQSCNfAnIQpSdkXga5gVvbZDDISBast3qHFuZaZFbo2p24hw0HnLAfyCrxgF B/sThigYbsf+l3uaaDkQ60mCnvHkA/WX1lHdHnHnG6wUQSR2gom+C3wmNRUkG1Li
JnN3x2qqRlTzQSrVr4EEXUwUqpt5LlnQ3kDLNVYhXuqTdmyETj1YGnAXkqV/D+Z7 zWcqbImzRFptbOBcCgowNcAZ3qiyrZW0/Rra5rGnww290M42AQVdYabeWCFrP0TO
B7hlDdddXI5d0yDoYPAmF9N7XJCasdfutnO/8IfZ/eE989jYybE= N19Qm1W6T6vzQyV9W5EeaHp0C/WrXdv2q1GXmM9C7+3vEKFsUJw=
=eruT =v/rK
-----END PGP SIGNATURE----- -----END PGP SIGNATURE-----

16
dist/manifest.8E401478A3FBEF72.asc vendored
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEiII6deyqeGsP84sUjkAUeKP773IFAma0f0IACgkQjkAUeKP7
73I33w//SaGbbM9z8SYsWhii1SBnfs6NVQSwdBoO20C4gFdmZkPVDak3QoCAioaC
GjlEOEDb7SXfWi3n2z72P97dswN6dG1IxQKR1N913IWzUUEXGR0phaC+o0P1/f74
MXrcUDLwwJwZsA/0zMV6gHvONEqwgmfEO4WrEB/Ty7ueoJjsmQ2oauWytlh8CVDR
3HFwiVoAjRC2d0vKj0eL2n9pNQNEYKb+oJ/gq3sk2L8qPs1vThQguHADvqmi6V3w
+4tZqviksPXb+sve3VTsKFDbd5AXvcRY4TbPawQ5W7Aa6iK9W/yA10+zXvcHoGrA
6iMR94yI9eprBkqoeoxr2MHPk+8d9xXB16hY/h+OCPibkFFfPST9GDFcp0nk1JFH
b0bbpanBsxwN3IxTAL0a7iD2nxftZHjgiZib1lhdhLg35o9iou1V0fRPwdjepS3o
2TBvKhtNncUW/87ZhxhdkTI/iUvS0iem3KHUQXkM+ziOC5zGf+PYvMCuy2P0oSei
731aVOgxKbpEZHY0pTkuqG7U4+RWZ+KJEnxETcZWoCeY9DW/u2Dx5hukeZJbvmUo
111vBoziyocgKvKi5S3ctZaAwm2wNsE0TU/o5u9+Q5ST1wgsKJF+F0laCUQcDPwM
UyM5VznH31pChrlzRiUcsm0lMvDkx+JfTSBPOgzABMAcQ3YuTSk=
=e+q6
-----END PGP SIGNATURE-----

16
dist/manifest.DC4B7D1F52E0BA4D.asc vendored Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE4QZ4HgB6uRyYnbMyRKhs/x/fDoUFAmav/WEACgkQRKhs/x/f
DoXo2w/+Kcf+6VJW0/dSda+acfXE2qCQogvpXoIe6W68kN1EWvhCl0uFc6ilmeUc
EhVC1opp98mlu30DtN7+ecjViDTPz8QQ/SSgHhGKHzYO4l6eHr0VMeNsTWpMhz6O
HaNARpXziu6ajiriWMIBXO6tIGmMBTv3fHFJctPtDwOqEK9rg/bfQS57WGw73SBE
1xNW7rqrzsZpDwsLT4YH9U+fffKgW7DsU7RIgzFtQ+G0/MFke+OuKI5QXBZoSrUE
Lj9qgcdu06SQ6fJnW35GfBkdn7egfiGroC2/5YovQzxU1qxhwaGGemtJlncqQjCE
LpiipRyJaNB09woj4dEC9KZx9rHDUWbl58iu7cK0W5E3WQs7phu3Yah+QgnWrZIJ
SWMwGGlziZ5SfMw6GX46MHVPOIZVMm/FmKNlkJquJo6mH6cyesvvTq/hJ0nwV5uN
Gqvmrd+lV/F2hks5R21cOno3REiNC3Ev2vnBXSa2OJltosFGco19GyJsyc5bjE33
6h378noFmxKYYABblpACegYaN7C1qeelzqQEzLs4jvliC0P8fRtvN0GSvCCpe40V
++8hlNQyp1UplStPt8v170BS4MJzo2Ls0OGK5CE+Cla+faEsieO6STSJ6l+Mj91y
KLkQ10D7ZTu+8BIvzZn8tuxpA0MBlfKcrupLFWy3c2mgO8m5sZM=
=SH4O
-----END PGP SIGNATURE-----

4
dist/manifest.txt vendored
View File

@ -1,2 +1,2 @@
fe92783ef775ccc5e32baefb26f951b7f37ed26ecbb4601a068e20b31bebadbb airgap.iso a78a023a9532927f0e7af7ce1177b8286fdfa425670d166932f46ee90abcafe8 airgap.iso
b714c963bd8b1f3a38295821f0a3521bc64f97c1023c49d22a2e7433385b1a09 release.env bc742e2b08089bb2e685a71a45e1ab28d7bf6151bf06417e1bc729eb60353e0d release.env

6
dist/release.env vendored
View File

@ -1,5 +1,5 @@
VERSION=2024.8.1 VERSION=2024.8.0
GIT_REF=ea623cc147741b0a753ce4ea7aabe512df9a2ef9 GIT_REF=3cb460b72ed3fb03ac98c737852e19a154e58a7c
GIT_AUTHOR=Lance R. Vick GIT_AUTHOR=Lance R. Vick
GIT_PUBKEY=6B61ECD76088748C70590D55E90A401336C8AAA9 GIT_PUBKEY=6B61ECD76088748C70590D55E90A401336C8AAA9
GIT_TIMESTAMP=2024-08-08 00:34:41 -0700 GIT_TIMESTAMP=2024-08-04 13:29:39 -0700

7
rootfs/etc/inittab
View File

@ -20,13 +20,12 @@ null::sysinit:/bin/ln -sf /proc/self/fd/2 /dev/stderr
# now run any rc scripts # now run any rc scripts
::sysinit:/etc/init.d/rcS ::sysinit:/etc/init.d/rcS
# Put shells on the serial terminal and console # Put a getty on the serial port
console::respawn:-/bin/bash #console::respawn:/sbin/getty -L console 0 vt100 # GENERIC_SERIAL
ttyS0::respawn:-/bin/bash
::respawn:-/bin/bash ::respawn:-/bin/bash
# Stuff to do for the 3-finger salute # Stuff to do for the 3-finger salute
::ctrlaltdel:/sbin/reboot #::ctrlaltdel:/sbin/reboot
# Stuff to do before rebooting # Stuff to do before rebooting
::shutdown:/etc/init.d/rcK ::shutdown:/etc/init.d/rcK

12
rootfs/usr/local/bin/autorun
View File

@ -4,17 +4,7 @@ source /etc/profile
folder=${1?} folder=${1?}
if [ "$folder" == "/media/USER" ] && [ -f "${folder}/autorun.sh" ]; then if [ -f "${folder}/autorun.sh.asc" ]; then
if touch "${folder}/.write_test" 2>/dev/null; then
echo "!! Autorun: Read-only verification failed for /media/USER" >/dev/console
exit 1;
else
echo "" >/dev/console
echo "++ Autorun: Found /media/USER/autorun.sh" >/dev/console;
echo "** Autorun: Executing /media/USER/autorun.sh" >/dev/console
/bin/bash "/media/USER/autorun.sh" >/dev/console
fi
elif [ -f "${folder}/autorun.sh.asc" ]; then
echo "" >/dev/console echo "" >/dev/console
echo "++ Autorun: Found ${folder}/autorun.sh" >/dev/console; echo "++ Autorun: Found ${folder}/autorun.sh" >/dev/console;
gpg --verify "${folder}/autorun.sh.asc" >/dev/null 2>&1 || { gpg --verify "${folder}/autorun.sh.asc" >/dev/null 2>&1 || {