Removal of pacwrap-create, updated pacwrap-utils and pacwrap-common to
interoperate container creation with pacwrap-rust
This commit is contained in:
parent
547c40fe7b
commit
ece2fda0c8
3 changed files with 9 additions and 363 deletions
|
|
@ -46,7 +46,7 @@ VER="v0.9.19 "
|
|||
|
||||
MAN_SCRIPT="pacwrap-man"
|
||||
EXEC_SCRIPT="pacwrap"
|
||||
CREATE_SCRIPT="pacwrap-create"
|
||||
CREATE_SCRIPT="pacwrap"
|
||||
UTILS_SCRIPT="pacwrap-utils"
|
||||
SYNC_SCRIPT="pacwrap"
|
||||
PS_SCRIPT="pacwrap-ps"
|
||||
|
|
|
|||
|
|
@ -1,355 +0,0 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# PacWrap -- Chroot Initialisation Utility
|
||||
#
|
||||
# Copyright (C) 2023 Xavier R.M.
|
||||
# sapphirus(at)azorium(dot)net
|
||||
#
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, with only version 3 of the License.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
source pacwrap-common
|
||||
export PACWRAP_CREATE=1
|
||||
|
||||
main () {
|
||||
trap exit INT
|
||||
|
||||
parse_args "$@"
|
||||
init $PACWRAP_UTILS
|
||||
|
||||
local instance=$INSTANCE
|
||||
|
||||
log "$BAR_GREEN Initializing container $INSTANCE..." \
|
||||
"Initializing container $INSTANCE running '$RUNTIME_EXEC $RUNTIME_ARGS'"
|
||||
|
||||
check_tarball
|
||||
init_struct
|
||||
init_chroot
|
||||
|
||||
log "$BAR_GREEN Finalizing container..." \
|
||||
"Finalizing container"
|
||||
|
||||
finalise
|
||||
|
||||
log "$BAR_GREEN Process complete!" \
|
||||
"Finished creation of $INSTANCE container"
|
||||
printf " %s\n" \
|
||||
"Use pacwrap -Esr $BOLD$INSTANCE$RESET to configure the the container."
|
||||
}
|
||||
|
||||
parse_args () {
|
||||
for var in "$@"; do case $var in
|
||||
-v|--verbose) SWITCH+="v";;
|
||||
-V|--version) SWITCH="V";;
|
||||
--env=*) ENV_VARS="${var:6}";;
|
||||
--dep=*) DEPEND="${var:6}";;
|
||||
--dbus=*) PERMISSIONS_DBUS="${var:7}";;
|
||||
--concur=*) CONCURRENCY_LIMIT="${var:9}";;
|
||||
--perms=*) PERMISSIONS="${var:14}";;
|
||||
--mount=*) MOUNT="${var:8}";;
|
||||
--is-dep) SWITCH+="d";;
|
||||
--is-base) SWITCH+="b";;
|
||||
-C*) SWITCH+="${var:2}";;
|
||||
*) ARGS+=("$var");;
|
||||
esac; CLI_INVOCATION+="$var "; done
|
||||
}
|
||||
|
||||
script_init () {
|
||||
INSTANCE=${ARGS[0]}
|
||||
|
||||
check_root 1 $INSTANCE
|
||||
|
||||
[[ $DEPEND ]] && check_root $DEPEND
|
||||
|
||||
INSTANCE_ROOT="$INSTANCE_ROOT_DIR/$INSTANCE"
|
||||
INSTANCE_HOME="$INSTANCE_HOME_DIR/$INSTANCE"
|
||||
INSTANCE_CONFIG_FILE="$INSTANCE_CONFIG_DIR/$INSTANCE"
|
||||
DEPEND_CONFIG_FILE="$INSTANCE_CONFIG_DIR/$DEPEND.yml"
|
||||
INSTANCE_DEPEND_ROOT=$INSTANCE_ROOT_DIR/$DEPEND
|
||||
ARCHLINUX_TARBALL="archlinux-bootstrap-x86_64.tar.gz"
|
||||
ARCHLINUX_TARBALL_CACHE="$PACWRAP_CACHE_DIR/$ARCHLINUX_TARBALL"
|
||||
|
||||
PARAMS="$INSTANCE --exec --root --command"
|
||||
MACHINE_ID=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 32 | head -n 1)
|
||||
|
||||
case $SWITCH in
|
||||
*d*) C_TYPE="DEP";;
|
||||
*b*) C_TYPE="BASE";;
|
||||
*) C_TYPE="ROOT";;
|
||||
esac
|
||||
|
||||
[[ ! $DEPEND ]] && [[ $C_TYPE != "BASE" ]] &&
|
||||
log_error $LOG_ERR_HELP "Dependency not specified." 1
|
||||
|
||||
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_TYPE]=$C_TYPE
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_DEPS]=""
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_PKGS]=""
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_CONCURRENT_LIMIT]=$CONCURRENCY_LIMIT
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_MOUNT]=$MOUNT
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_PERMS]=$PERMISSIONS
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_ENV]=$ENV_VARS
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_DBUS]=$PERMISSIONS_DBUS
|
||||
|
||||
[[ ${#ARGS[@]} -gt 1 ]] && ARGS[0]=""
|
||||
|
||||
touch $LOCK_FILE
|
||||
trap on_exit EXIT
|
||||
}
|
||||
|
||||
select_mirror () {
|
||||
log "$ARROW Selecting mirror..."
|
||||
|
||||
local mirrors=$(cat $INSTANCE_PACMAN_MIRRORLIST | grep Server)
|
||||
|
||||
for mirror_candidate in $mirrors; do
|
||||
[[ $mirror_candidate != *http* ]] && continue
|
||||
mirror_candidate="${mirror_candidate%'$repo'/*}iso/latest"
|
||||
local response=$(curl -s -o /dev/null -w "%{http_code}" $mirror_candidate/)
|
||||
[[ $? == 0 ]] && [[ $response == 200 ]] && MIRROR=$mirror_candidate && break
|
||||
log "$ARROW_RED $mirror_candidate is unavailable."
|
||||
done
|
||||
|
||||
if [[ ! $MIRROR ]]; then
|
||||
log_error $ARROW_RED "All candidate mirrors are unavailable." "Operation aborted." 1
|
||||
fi
|
||||
|
||||
log_to_file "Selected $MIRROR/"
|
||||
}
|
||||
|
||||
obtain_tarball() {
|
||||
log "$ARROW Downloading bootstrap tarball..." \
|
||||
"Downloading bootstrap tarball"
|
||||
curl --output-dir "$PACWRAP_CACHE_DIR" \
|
||||
-O "$MIRROR/$ARCHLINUX_TARBALL" \
|
||||
-O "$MIRROR/$ARCHLINUX_TARBALL.sig"
|
||||
[[ $? != 0 ]] && log_error $ARROW_RED "Download of bootstrap tarball failed." \
|
||||
"Operation aborted." 1
|
||||
}
|
||||
|
||||
check_tarball () {
|
||||
local key_exec=($(type -P pacman-key gpg))
|
||||
local date_current=$(date +%Y.%m --date='this month')
|
||||
local date_cache=
|
||||
|
||||
if [[ ! -f $ARCHLINUX_TARBALL_CACHE ]]; then
|
||||
select_mirror
|
||||
obtain_tarball
|
||||
fi
|
||||
|
||||
log "$ARROW Verifying bootstrap tarball..." \
|
||||
"Verifying bootstrap tarball"
|
||||
|
||||
${key_exec[0]} --verify "$ARCHLINUX_TARBALL_CACHE.sig" 1>>"$OUTPUT_DEST" 2>>"$OUTPUT_DEST"
|
||||
|
||||
if [[ $? == 0 ]]; then
|
||||
local date=$(tar --occurrence=1 -axOf "$ARCHLINUX_TARBALL_CACHE" root.x86_64/version)
|
||||
date_cache=$(date +%Y.%m -d $(echo $date | sed -e 's/\./\-/g'))
|
||||
log_to_file "Successful verification of tarball version $date"
|
||||
else
|
||||
log_error $ARROW_RED "Checksum failure occurred. Check pacwrap -Uvl for further details." \
|
||||
"Operation aborted." 1
|
||||
fi
|
||||
|
||||
if [[ $date_cache != $date_current ]]; then
|
||||
log "$ARROW Tarball is out of date: $BOLD$date_cache$RESET != $BOLD$date_current$RESET"
|
||||
|
||||
[[ ! $MIRROR ]] && select_mirror
|
||||
|
||||
local remote_sum=$(curl -s "$MIRROR/sha256sums.txt" | tail -n1)
|
||||
local sum=$(sha256sum "$ARCHLINUX_TARBALL_CACHE" 2>/dev/null)
|
||||
|
||||
if [[ "${remote_sum% *}" != "${sum% *}" ]]; then
|
||||
obtain_tarball
|
||||
check_tarball
|
||||
return
|
||||
else
|
||||
log_error $ARROW_RED "Upstream mirror is out of date." \
|
||||
"Skipping..."
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
init_struct () {
|
||||
log "$ARROW Pre-initializing structures..." \
|
||||
"Pre-initializing structures"
|
||||
|
||||
mkdir -p "$INSTANCE_ROOT" "$INSTANCE_HOME" \
|
||||
"$INSTANCE_ROOT/etc" \
|
||||
"$INSTANCE_ROOT/var/lib/pacman" \
|
||||
"$INSTANCE_ROOT/etc/pacman.d/hooks" \
|
||||
"$INSTANCE_ROOT/usr/share/libalpm/hooks" \
|
||||
"$INSTANCE_ROOT/usr/share/ca-certificates"
|
||||
|
||||
ln -s ../usr/share/ca-certificates $INSTANCE_ROOT/etc/ca-certificates
|
||||
|
||||
([[ ! -d $INSTANCE_ROOT ]] || [[ ! -d $INSTANCE_HOME ]]) &&
|
||||
log_error "Directory creation failed." 2
|
||||
|
||||
local pacman_hooks=('20-systemd-sysusers'
|
||||
'30-systemd-tmpfiles'
|
||||
'30-systemd-daemon-reload'
|
||||
'30-systemd-sysctl'
|
||||
'30-systemd-catalog'
|
||||
'30-systemd-update'
|
||||
'30-systemd-udev-reload'
|
||||
'30-systemd-hwdb'
|
||||
'dbus-reload')
|
||||
|
||||
for pacman_hook in ${pacman_hooks[@]}; do
|
||||
ln -s /dev/null "$INSTANCE_ROOT/etc/pacman.d/hooks/$pacman_hook.hook"; done
|
||||
|
||||
if [[ $C_TYPE == "BASE" ]]; then
|
||||
echo -e $(cat << _CONFIG
|
||||
[Trigger]
|
||||
\nOperation = Install
|
||||
\nOperation = Upgrade
|
||||
\nOperation = Remove
|
||||
\nType = Path
|
||||
\nTarget = usr/share/ca-certificates/trust-source/*
|
||||
|
||||
\n\n[Action]
|
||||
\nDescription = Permissing certificate store...
|
||||
\nWhen = PostTransaction
|
||||
\nExec = /usr/bin/chmod -R 755 /usr/share/ca-certificates
|
||||
_CONFIG
|
||||
) > $INSTANCE_ROOT/usr/share/libalpm/hooks/42-trust-permission.hook
|
||||
echo -e $(cat << _CONFIG
|
||||
[Trigger]
|
||||
\nOperation = Install
|
||||
\nOperation = Upgrade
|
||||
\nType = Path
|
||||
\nTarget = usr/share/ca-certificates/trust-source/*
|
||||
|
||||
\n\n[Action]
|
||||
\nDescription = Symlinking certificate store...
|
||||
\nWhen = PostTransaction
|
||||
\nExec = /usr/bin/sh -c "if [[ ! -d /etc/ca-certificates/ ]]; then ln -s ../usr/share/ca-certificates/ /etc/ca-certificates; fi"
|
||||
_CONFIG
|
||||
) > $INSTANCE_ROOT/usr/share/libalpm/hooks/38-link-etc-cert.hook
|
||||
fi
|
||||
|
||||
echo "$LANG ${LANG#*.}" > "$INSTANCE_ROOT/etc/locale.gen"
|
||||
echo "LANG=$LANG" > "$INSTANCE_ROOT/etc/locale.conf"
|
||||
echo "user:x:1000:1000::/home/user:/bin/bash" >> "$INSTANCE_ROOT/etc/passwd"
|
||||
echo $(dbus-uuidgen) > "$INSTANCE_ROOT/etc/machine-id"
|
||||
echo 'PS1="'$INSTANCE'> "' > "$INSTANCE_HOME/.bashrc"
|
||||
|
||||
populate_deps
|
||||
generate_config
|
||||
}
|
||||
|
||||
populate_deps() {
|
||||
if [[ $C_TYPE != "BASE" ]]; then
|
||||
if [[ -f $DEPEND_CONFIG_FILE ]]; then
|
||||
local instance=$DEPEND
|
||||
source_configuration
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_DEPS]="${INSTANCE_CONFIG[$instance,$CONF_DEPS]} $DEPEND"
|
||||
else
|
||||
INSTANCE_CONFIG[$INSTANCE,$CONF_DEPS]="$DEPEND"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
init_chroot () {
|
||||
local exclude_params="
|
||||
--exclude=etc/credstore*
|
||||
--exclude=version
|
||||
--exclude=pkglist.x86_64.txt
|
||||
--exclude=sys
|
||||
--exclude=opt
|
||||
--exclude=run
|
||||
--exclude=boot
|
||||
--exclude=mnt"
|
||||
|
||||
[[ $DEPEND ]] && exclude_params+=" --exclude=usr"
|
||||
|
||||
log_to_file "Extracting bootstrap tarball"
|
||||
echo -n $ARROW "Extracting bootstrap tarball"
|
||||
tar xkf "$PACWRAP_CACHE_DIR/archlinux-bootstrap-x86_64.tar.gz" --strip-components=1 \
|
||||
-C "$INSTANCE_ROOT" --checkpoint=.15000 $exclude_params 2>>/dev/null
|
||||
echo
|
||||
|
||||
$SYNC_SCRIPT -Syyyy -t $INSTANCE
|
||||
|
||||
local gnupg=$(get_directory_pop "$INSTANCE_PACMAN_GNUPG")
|
||||
local sync=$(get_directory_pop "$INSTANCE_PACMAN_SYNC")
|
||||
|
||||
[[ $sync == 0 ]] && cp -vr "$INSTANCE_ROOT/var/lib/pacman/sync" \
|
||||
"$INSTANCE_DATA_DIR/pacman" 1>>"$OUTPUT_DEST" 2>>"$OUTPUT_DEST"
|
||||
[[ $gnupg == 0 ]] && init_trust
|
||||
}
|
||||
|
||||
get_directory_pop() {
|
||||
local array=$(ls $1)
|
||||
echo ${#array}
|
||||
}
|
||||
|
||||
init_trust () {
|
||||
log "$BAR_GREEN Initializing pacman trust database..." \
|
||||
"Initializing pacman trust database"
|
||||
$EXEC_SCRIPT $PARAMS pacman-key --init 1>>"$OUTPUT_DEST" 2>>"$OUTPUT_DEST"
|
||||
log "$ARROW Populating pacman trust database..."
|
||||
$EXEC_SCRIPT $PARAMS pacman-key --populate 1>>"$OUTPUT_DEST" 2>>"$OUTPUT_DEST"
|
||||
}
|
||||
|
||||
finalise () {
|
||||
## TODO: Make configurable or merge into sync_foreign_elements
|
||||
log "$ARROW Generating locale..."
|
||||
$EXEC_SCRIPT $PARAMS locale-gen 1>>"$OUTPUT_DEST" 2>>"$OUTPUT_DEST"
|
||||
[[ $C_TYPE != "BASE" ]] && sync_foreign_elements
|
||||
[[ $C_TYPE == "BASE" ]] && sync_base_packages
|
||||
[[ ${#ARGS[@]} -gt 1 ]] && install_packages
|
||||
}
|
||||
|
||||
install_packages () {
|
||||
[[ $SWITCH != *n* ]] && echo -e "$BAR Install specified packages \n$BOLD\n${ARGS[@]}\n"
|
||||
|
||||
if [[ ! $(query_confirm_Yn "Proceed with installation?") ]]; then
|
||||
log_error $ARROW_RED "Installation aborted by user." "Operation cancelled."
|
||||
return
|
||||
fi
|
||||
|
||||
log_to_file "Installing specified packages"
|
||||
$EXEC_SCRIPT -Suyo -t $INSTANCE ${ARGS[@]} --noconfirm
|
||||
if [[ $? != 0 ]]; then
|
||||
log_error $ARROW_RED "Installation failed." \
|
||||
"Use pacwrap -Cv and examine stdout for details."
|
||||
else
|
||||
generate_config ${ARGS[@]}
|
||||
log " Installation of specified packages is complete!" \
|
||||
"Installation complete"
|
||||
fi
|
||||
}
|
||||
|
||||
sync_base_packages () {
|
||||
log "$ARROW Some housekeeping..." "Removing arch-install-scripts"
|
||||
$EXEC_SCRIPT -R -t $INSTANCE arch-install-scripts 2>/dev/null 1>>$VERBOSE
|
||||
log "$BAR_GREEN Checking $INSTANCE for updates..." "Checking $INSTANCE for updates"
|
||||
$EXEC_SCRIPT -Suyo -t $INSTANCE --noconfirm
|
||||
}
|
||||
|
||||
sync_foreign_elements() {
|
||||
log "$ARROW Synchronizing mutable filesystem elements..." \
|
||||
"Synchronizing mutable filesystem elements"
|
||||
|
||||
rm -r "$INSTANCE_ROOT/var/lib/pacman/local"
|
||||
cp -rn "$INSTANCE_DEPEND_ROOT/etc" "$INSTANCE_ROOT/" 2>/dev/null
|
||||
cp -rn "$INSTANCE_DEPEND_ROOT/var" "$INSTANCE_ROOT/" 2>/dev/null
|
||||
}
|
||||
|
||||
on_exit() {
|
||||
[[ ! $PACWRAP_UTILS ]] && [[ -f $LOCK_FILE ]] && rm $LOCK_FILE
|
||||
}
|
||||
|
||||
main $@
|
||||
|
|
@ -353,7 +353,7 @@ replicate_instance() {
|
|||
|
||||
local depend=
|
||||
local type=$(return_type)
|
||||
local params="-Cn"
|
||||
local params="c"
|
||||
|
||||
[[ $SWITCH == *v* ]] && params+="v"
|
||||
[[ $type != BASE ]] && depend=$(return_dependency)
|
||||
|
|
@ -371,12 +371,13 @@ replicate_instance() {
|
|||
return;;
|
||||
esac
|
||||
|
||||
export CONCURRENCY_LIMIT=${INSTANCE_CONFIG[$instance,$CONF_CONCURRENT_LIMIT]} \
|
||||
ENV_VARS="${INSTANCE_CONFIG[$instance,$CONF_ENV]}" \
|
||||
MOUNT="${INSTANCE_CONFIG[$instance,$CONF_MOUNT]}" \
|
||||
PERMISSIONS="${INSTANCE_CONFIG[$instance,$CONF_PERMS]}" \
|
||||
PERMISSIONS_DBUS="${INSTANCE_CONFIG[$instance,$CONF_DBUS]}" \
|
||||
DEPEND=$depend; $CREATE_SCRIPT $params $instance $(return_packages)
|
||||
local depend_params
|
||||
|
||||
for dep in $(return_dependencies); do
|
||||
depend_params+="-t $dep "
|
||||
done
|
||||
|
||||
$CREATE_SCRIPT -Syut$params --noconfirm $instance $depend_params $(return_packages)
|
||||
|
||||
if [[ $? == 0 ]]; then
|
||||
printf " %s$RESET\n" "Replication of $BOLD$instance$RESET complete!"
|
||||
|
|
|
|||
Loading…
Reference in a new issue