r00t2
/
bdisk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Compare commits

base: r00t2:master
Branches Tags
r00t2:master
r00t2:4.x_rewrite
r00t2:features
r00t2:bash_OBSOLETE
r00t2:python_rewrite
r00t2:v3.10
r00t2:v3.09
r00t2:v3.08
r00t2:v3.07
r00t2:v3.06
r00t2:v3.05
r00t2:v3.04
r00t2:v3.03
r00t2:v3.03-BETA
r00t2:v3.02
r00t2:v3.01
r00t2:v3.00
r00t2:v3.00-BETA
r00t2:v2.70
r00t2:v2.63
r00t2:v2.62
r00t2:v2.61
r00t2:v2.60
r00t2:v2.51
r00t2:v2.50
r00t2:v2.01
r00t2:v2.00
r00t2:v1.60
r00t2:v1.52
r00t2:v1.51
r00t2:v1.50
r00t2:v1.20
r00t2:v1.13
r00t2:v1.12
r00t2:v1.11
r00t2:v1.10
r00t2:v1.09
r00t2:v1.08
r00t2:OverlayFS
r00t2:v1.07-ALPHA
r00t2:v1.06-BETA
r00t2:AUFS3
r00t2:v1.05
r00t2:v1.04
r00t2:v1.03
r00t2:v1.02
r00t2:v1.01
r00t2:v1.00
r00t2:v0.06-ALPHA
r00t2:v0.05-ALPHA
r00t2:v0.04-ALPHA
r00t2:v0.03-ALPHA
r00t2:v0.02-ALPHA
r00t2:v0.01-ALPHA
..
compare: r00t2:features
Branches Tags
r00t2:4.x_rewrite
r00t2:master
r00t2:features
r00t2:bash_OBSOLETE
r00t2:python_rewrite
r00t2:v3.10
r00t2:v3.09
r00t2:v3.08
r00t2:v3.07
r00t2:v3.06
r00t2:v3.05
r00t2:v3.04
r00t2:v3.03
r00t2:v3.03-BETA
r00t2:v3.02
r00t2:v3.01
r00t2:v3.00
r00t2:v3.00-BETA
r00t2:v2.70
r00t2:v2.63
r00t2:v2.62
r00t2:v2.61
r00t2:v2.60
r00t2:v2.51
r00t2:v2.50
r00t2:v2.01
r00t2:v2.00
r00t2:v1.60
r00t2:v1.52
r00t2:v1.51
r00t2:v1.50
r00t2:v1.20
r00t2:v1.13
r00t2:v1.12
r00t2:v1.11
r00t2:v1.10
r00t2:v1.09
r00t2:v1.08
r00t2:OverlayFS
r00t2:v1.07-ALPHA
r00t2:v1.06-BETA
r00t2:AUFS3
r00t2:v1.05
r00t2:v1.04
r00t2:v1.03
r00t2:v1.02
r00t2:v1.01
r00t2:v1.00
r00t2:v0.06-ALPHA
r00t2:v0.05-ALPHA
r00t2:v0.04-ALPHA
r00t2:v0.03-ALPHA
r00t2:v0.02-ALPHA
r00t2:v0.01-ALPHA

No commits in common. "master" and "features" have entirely different histories.
master ... features

59 changed files with 528 additions and 947 deletions
Show Stats Expand all files Collapse all files

10
.gitignore vendored
View File

@ -1,19 +1,14 @@
# We don't want local build settings in case someone's using
# the git dir as a place to store their build.ini
/build.ini
/build.ini.*
/dist.build.ini
*.bak

# These are user-controlled.
/overlay
#/overlay/*
!/overlay/x86_64
!/overlay/i686
!/overlay/etc
extra/templates/overlay
!extra/templates/overlay/x86_64
!extra/templates/overlay/i686
!extra/templates/overlay/etc
!/overlay/etc/
# The default doesn't store these in the git working dir,
# but better safe than sorry.
/root.x86_64
@ -40,6 +35,7 @@ extra/templates/overlay
**/etc/systemd/system/multi-user.target.wants/openvpn@*
**/etc/ssh
**/home
**/root
**ssl/
!**ssl/.keepme
!**ssl/openssl.cnf

110
bdisk/bGPG.py
View File

@ -12,15 +12,8 @@ def genGPG(conf):
dlpath = build['dlpath']
bdisk = conf['bdisk']
gpghome = conf['gpg']['mygpghome']
distkeys = []
gpgkeyserver = []
for a in conf['build']['arch']:
keysrv = conf['src'][a]['gpgkeyserver']
distkey = conf['src'][a]['gpgkey']
if keysrv and (keysrv not in gpgkeyserver):
gpgkeyserver.append(keysrv)
if distkey and(distkey not in distkeys):
distkeys.append(distkey)
distkey = build['gpgkey']
gpgkeyserver = build['gpgkeyserver']
templates_dir = '{0}/extra/templates'.format(build['basedir'])
mykey = False
pkeys = []
@ -35,30 +28,28 @@ def genGPG(conf):
if gpghome == '':
# We'll generate a key if we can't find one here.
gpghome = build['dlpath'] + '/.gnupg'
killStaleAgent(conf)
os.environ['GNUPGHOME'] = gpghome
gpg = gpgme.Context()
# do we need to add a keyserver?
if len(gpgkeyserver) != 0:
if gpgkeyserver != '':
dirmgr = '{0}/dirmngr.conf'.format(gpghome)
for s in gpgkeyserver:
if os.path.isfile(dirmgr):
with open(dirmgr, 'r+') as f:
findme = any(s in line for line in f)
if not findme:
f.seek(0, os.SEEK_END)
f.write("\n# Added by {0}.\nkeyserver {1}\n".format(
bdisk['pname'],
s))
if os.path.isfile(dirmgr):
with open(dirmgr, 'r+') as f:
findme = any(gpgkeyserver in line for line in f)
if not findme:
f.seek(0, os.SEEK_END)
f.write("\n# Added by {0}.\nkeyserver {1}\n".format(
bdisk['pname'],
gpgkeyserver))
if mykey:
try:
pkeys.append(gpg.get_key(mykey, True))
privkey = gpg.get_key(mykey, True)
except:
exit('{0}: ERROR: You specified using {1} but we have no secret key for that ID!'.format(
datetime.datetime.now(),
mykey))
else:
for key in gpg.keylist(None, True):
for key in gpg.keylist(None,True):
if key.can_sign:
pkeys.append(key)
break
@ -71,43 +62,46 @@ def genGPG(conf):
privkey = gpg.get_key(gpg.genkey(tpl_out).fpr, True)
pkeys.append(privkey)
# do we need to add a keyserver? this is for the freshly-generated GNUPGHOME
if len(gpgkeyserver) != 0:
if build['gpgkeyserver'] != '':
dirmgr = '{0}/dirmngr.conf'.format(gpghome)
for s in gpgkeyserver:
with open(dirmgr, 'r+') as f:
findme = any(s in line for line in f)
if not findme:
f.seek(0, os.SEEK_END)
f.write("\n# Added by {0}.\nkeyserver {1}\n".format(
bdisk['pname'],
s))
with open(dirmgr, 'r+') as f:
findme = any(gpgkeyserver in line for line in f)
if not findme:
f.seek(0, os.SEEK_END)
f.write("\n# Added by {0}.\nkeyserver {1}\n".format(
bdisk['pname'],
build['gpgkeyserver']))
gpg.signers = pkeys
# Now we try to find and add the key for the base image.
gpg.keylist_mode = gpgme.KEYLIST_MODE_EXTERN # remote (keyserver)
if len(distkeys) > 0: # testing
for k in distkeys:
key = gpg.get_key(k)
importkey = key.subkeys[0].fpr
gpg.keylist_mode = gpgme.KEYLIST_MODE_LOCAL # local keyring (default)
DEVNULL = open(os.devnull, 'w')
print('{0}: [GPG] Importing {1} and signing it for verification purposes...'.format(
datetime.datetime.now(),
distkey))
cmd = ['/usr/bin/gpg',
'--recv-keys',
'--batch',
'--yes',
'0x{0}'.format(importkey)]
subprocess.call(cmd, stdout = DEVNULL, stderr = subprocess.STDOUT)
sigkeys = []
for i in gpg.get_key(importkey).subkeys:
sigkeys.append(i.fpr)
cmd = ['/usr/bin/gpg',
'--batch',
'--yes',
'--lsign-key',
'0x{0}'.format(importkey)]
subprocess.call(cmd, stdout = DEVNULL, stderr = subprocess.STDOUT)
if distkey: # testing
#try:
key = gpg.get_key(distkey)
#except:
# exit('{0}: ERROR: We cannot find key ID {1}!'.format(
# datetime.datetime.now(),
# distkey))
importkey = key.subkeys[0].fpr
gpg.keylist_mode = gpgme.KEYLIST_MODE_LOCAL # local keyring (default)
DEVNULL = open(os.devnull, 'w')
print('{0}: [GPG] Importing {1} and signing it for verification purposes...'.format(
datetime.datetime.now(),
distkey))
cmd = ['/usr/bin/gpg',
'--recv-keys',
'--batch',
'--yes',
'0x{0}'.format(importkey)]
subprocess.call(cmd, stdout = DEVNULL, stderr = subprocess.STDOUT)
sigkeys = []
for k in gpg.get_key(importkey).subkeys:
sigkeys.append(k.fpr)
cmd = ['/usr/bin/gpg',
'--batch',
'--yes',
'--lsign-key',
'0x{0}'.format(importkey)]
subprocess.call(cmd, stdout = DEVNULL, stderr = subprocess.STDOUT)
# We need to expose this key to the chroots, too, so we need to export it.
with open('{0}/gpgkey.pub'.format(dlpath), 'wb') as f:
gpg.export(pkeys[0].subkeys[0].keyid, f)
@ -117,13 +111,13 @@ def killStaleAgent(conf):
# Kill off any stale GPG agents running.
# Probably not even needed, but good to have.
chrootdir = conf['build']['chrootdir']
gpgpath = conf['gpg']['mygpghome']
dlpath = conf['build']['dlpath']
procs = psutil.process_iter()
plst = []
for p in procs:
if (p.name() in ('gpg-agent', 'dirmngr') and p.uids()[0] == os.getuid()):
pd = psutil.Process(p.pid).as_dict()
for d in (chrootdir, gpgpath):
for d in (chrootdir, dlpath):
if pd['cwd'].startswith('{0}'.format(d)):
plst.append(p.pid)
if len(plst) >= 1:
@ -131,7 +125,7 @@ def killStaleAgent(conf):
psutil.Process(p).terminate()

def signIMG(path, conf):
if conf['build']['sign']:
if conf['build']['gpg']:
# Do we want to kill off any stale gpg-agents? (So we spawn a new one)
# Requires further testing.
#killStaleAgent()

9
bdisk/bchroot.py
View File

@ -138,12 +138,11 @@ def chrootTrim(build):
humanize.naturalsize(
os.path.getsize(tarball)),
dbdir))
#for d in ('etc/pacman.d/gnupg', 'var/empty/.gnupg'): # actually, we should probably keep these.
# they don't take much space, and it's a PITA to pacman-key --init && pacman-key --populate again on boot.
# if os.path.isdir('{0}/root.{1}/{2}'.format(chrootdir, a, d)):
# shutil.rmtree('{0}/root.{1}/{2}'.format(chrootdir, a, d))
for d in ('etc/pacman.d/gnupg', 'var/empty/.gnupg'):
if os.path.isdir('{0}/root.{1}/{2}'.format(chrootdir, a, d)):
shutil.rmtree('{0}/root.{1}/{2}'.format(chrootdir, a, d))
# TODO: move the self-cleanup in pre-build.sh to here.
delme = [#'/root/.gnupg', # see above
delme = ['/root/.gnupg',
'/root/.bash_history',
#'/var/log/chroot_install.log', # disable for now. maybe always disable if debug is enabled? TODO.
'/.git',

34
bdisk/bdisk.py
View File

@ -1,6 +1,4 @@
#!/bin/env python3

import argparse
import host
import prep
import bchroot
@ -10,17 +8,14 @@ import bSSL
import ipxe
import bsync
import bGPG
import os


def bdisk(args):
# we also need to figure out how to implement "mentos" (old bdisk) like functionality, letting us reuse an
# existing chroot install if possible to save time for future builds.
# if not, though, it's no big deal.
if os.getuid() != 0:
exit('{0}: ERROR: BDisk *must* be run as the root user or with sudo!'.format(datetime.datetime.now()))
# we need to:
# we also need to figure out how to implement "mentos" (old bdisk) like functionality, letting us reuse an existing chroot install if possible to save time for future builds.
# if not, though, it's no big deal.
# still on the todo: iPXE
if __name__ == '__main__':
print('{0}: Starting.'.format(datetime.datetime.now()))
conf = host.parseConfig(host.getConfig(conf_file = args['buildini']))[1]
conf = host.parseConfig(host.getConfig())[1]
prep.dirChk(conf)
conf['gpgobj'] = bGPG.genGPG(conf)
prep.buildChroot(conf, keep = False)
@ -52,20 +47,3 @@ def bdisk(args):
bsync.git(conf)
bsync.rsync(conf)
print('{0}: Finish.'.format(datetime.datetime.now()))

def parseArgs():
args = argparse.ArgumentParser(description = 'BDisk - a tool for building live/rescue media.',
epilog = 'brent s. || 2017 || https://bdisk.square-r00t.net')
args.add_argument('buildini',
metavar = '/path/to/build.ini',
default = '/etc/bdisk/build.ini',
nargs = '?',
help = 'The full/absolute path to the build.ini to use for this run. The default is /etc/bdisk/build.ini, but see https://bdisk.square-r00t.net/#the_code_build_ini_code_file.')
return(args)

def main():
args = vars(parseArgs().parse_args())
bdisk(args)

if __name__ == '__main__':
main()

9
bdisk/bsync.py
View File

@ -32,12 +32,12 @@ def http(conf):
datetime.datetime.now(),
httpdir))
for a in arch:
for i in ('md5', 'sfs', 'sha256', 'sha512'):
for i in ('md5', 'sfs', 'sha256'):
httpfiles['{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)] = '{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)
httpfiles['VERSION_INFO.txt'] = 'VERSION_INFO.txt'
if 'x86_64' in arch:
httpfiles['boot/{0}.64.kern'.format(bdisk['uxname'])] = '{0}.64.kern'.format(bdisk['uxname'])
httpfiles['boot/{0}.64.img'.format(bdisk['uxname'])] = '{0}.64.img'.format(bdisk['uxname'])
httpfiles['boot/{0}.64.img'.format(bdisk['uxname'])] = '{0}.32.img'.format(bdisk['uxname'])
if 'i686' in arch:
httpfiles['boot/{0}.32.kern'.format(bdisk['uxname'])] = '{0}.32.kern'.format(bdisk['uxname'])
httpfiles['boot/{0}.32.img'.format(bdisk['uxname'])] = '{0}.32.img'.format(bdisk['uxname'])
@ -48,8 +48,7 @@ def http(conf):
fulldest = '{0}/{1}'.format(httpdir, destpath)
parentdir = os.path.split(fulldest)[0]
os.makedirs(parentdir, exist_ok = True)
if os.path.lexists('{0}/{1}'.format(prepdir, k)):
shutil.copy2('{0}/{1}'.format(prepdir, k), '{0}/{1}'.format(httpdir, httpfiles[k]))
shutil.copy2('{0}/{1}'.format(prepdir, k), '{0}/{1}'.format(httpdir, httpfiles[k]))
for root, dirs, files in os.walk(httpdir):
for d in dirs:
os.chown(os.path.join(root, d), uid, gid)
@ -81,7 +80,7 @@ def tftp(conf):
datetime.datetime.now(),
tftpdir))
for a in arch:
for i in ('md5', 'sfs', 'sha256', 'sha512'):
for i in ('md5', 'sfs', 'sha256'):
tftpfiles['{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)] = '{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)
tftpfiles['VERSION_INFO.txt'] = 'VERSION_INFO.txt'
if 'x86_64' in arch:

11
bdisk/build.py
View File

@ -21,7 +21,6 @@ def genImg(conf):
basedir = build['basedir']
prepdir = build['prepdir']
hashes = {}
hashes['sha512'] = {}
hashes['sha256'] = {}
hashes['md5'] = {}
squashfses = []
@ -53,10 +52,9 @@ def genImg(conf):
humanize.naturalsize(
os.path.getsize(squashimg))))
# Generate the checksum files
print("{0}: [BUILD] Generating SHA512 SHA256, MD5 checksums ({1})...".format(
datetime.datetime.now(),
print("{0}: [BUILD] Generating SHA256, MD5 checksums ({1})...".format(
datetime.datetime.now(),
squashimg))
hashes['sha512'][a] = hashlib.sha512()
hashes['sha256'][a] = hashlib.sha256()
hashes['md5'][a] = hashlib.md5()
with open(squashimg, 'rb') as f:
@ -65,11 +63,8 @@ def genImg(conf):
if not stream:
break
# NOTE: these items are hashlib objects, NOT strings!
hashes['sha512'][a].update(stream)
hashes['sha256'][a].update(stream)
hashes['md5'][a].update(stream)
with open(airoot + 'airootfs.sha512', 'w+') as f:
f.write("{0} airootfs.sfs\n".format(hashes['sha512'][a].hexdigest()))
with open(airoot + 'airootfs.sha256', 'w+') as f:
f.write("{0} airootfs.sfs\n".format(hashes['sha256'][a].hexdigest()))
with open(airoot + 'airootfs.md5', 'w+') as f:
@ -334,7 +329,7 @@ def genISO(conf):
tpl_loader = jinja2.FileSystemLoader(templates_dir)
env = jinja2.Environment(loader = tpl_loader)
tpl = env.get_template(isolinux_cfg)
tpl_out = tpl.render(build = build, bdisk = bdisk, bitness = bitness)
tpl_out = tpl.render(build = build, bdisk = bdisk)
with open(sysl_tmp + '/isolinux.cfg', "w+") as f:
f.write(tpl_out)
# And we need to build the ISO!

55
bdisk/host.py
View File

@ -24,13 +24,10 @@ def getHostname():
hostname = platform.node()
return(hostname)

def getConfig(conf_file = '/etc/bdisk/build.ini'):
def getConfig(conf_file='/etc/bdisk/build.ini'):
conf = False
# define some defailt conf paths in case we're installed by
# a package manager. in order of the paths we should search.
currentdir = os.path.dirname(os.path.realpath(__file__))
currentdir_user = os.path.abspath('{0}/../build.ini'.format(currentdir))
currentdir_def = os.path.abspath('{0}/../extra/dist.build.ini'.format(currentdir))
default_conf_paths = ['/etc/bdisk/build.ini',
'/usr/share/bdisk/build.ini',
'/usr/share/bdisk/extra/build.ini',
@ -39,8 +36,7 @@ def getConfig(conf_file = '/etc/bdisk/build.ini'):
'/usr/local/share/docs/bdisk/build.ini',
'/opt/dev/bdisk/build.ini',
'/opt/dev/bdisk/extra/build.ini',
'/opt/dev/bdisk/extra/dist.build.ini',
currentdir_user]
'/opt/dev/bdisk/extra/dist.build.ini']
# if we weren't given one/using the default...
if conf_file == '/etc/bdisk/build.ini':
if not os.path.isfile(conf_file):
@ -48,11 +44,9 @@ def getConfig(conf_file = '/etc/bdisk/build.ini'):
if os.path.isfile(p):
conf = p
break
else:
conf = conf_file
else:
conf = conf_file
defconf = os.path.abspath('{0}/../extra/dist.build.ini'.format(os.path.dirname(os.path.realpath(__file__))))
defconf = '{0}/../extra/dist.build.ini'.format(os.path.dirname(os.path.realpath(__file__)))
if not conf:
# okay, so let's check for distributed/"blank" ini's
# since we can't seem to find one.
@ -74,9 +68,9 @@ def parseConfig(confs):
config_dict = {s:dict(config.items(s)) for s in config.sections()}
# Convert the booleans to pythonic booleans in the dict...
config_dict['bdisk']['user'] = config['bdisk'].getboolean('user')
config_dict['build']['gpg'] = config['build'].getboolean('gpg')
config_dict['build']['i_am_a_racecar'] = config['build'].getboolean('i_am_a_racecar')
config_dict['build']['ipxe'] = config['build'].getboolean('ipxe')
config_dict['build']['sign'] = config['build'].getboolean('sign')
config_dict['build']['multiarch'] = (config_dict['build']['multiarch']).lower()
config_dict['ipxe']['iso'] = config['ipxe'].getboolean('iso')
config_dict['ipxe']['usb'] = config['ipxe'].getboolean('usb')
@ -97,17 +91,12 @@ def parseConfig(confs):
# commits on top of a new tagged release). e.g. for build Y:
# v#.##-Y or v#.##rX-Y
if config_dict['bdisk']['ver'] == '':
try:
repo = git.Repo(config_dict['build']['basedir'])
refs = repo.git.describe(repo.head.commit).split('-')
if len(refs) >= 2:
config_dict['bdisk']['ver'] = refs[0] + 'r' + refs[1]
else:
config_dict['bdisk']['ver'] = refs[0]
except:
exit(('{0}: ERROR: {1} is NOT a valid git repository, and you did not specify bdisk:ver in your build.ini! ' +
'Did you perhaps install from a package manager? Please refer to the documentation.').format(datetime.datetime.now(),
config_dict['build']['basedir']))
repo = git.Repo(config_dict['build']['basedir'])
refs = repo.git.describe(repo.head.commit).split('-')
if len(refs) >= 2:
config_dict['bdisk']['ver'] = refs[0] + 'r' + refs[1]
else:
config_dict['bdisk']['ver'] = refs[0]
# And the build number.
# TODO: support tracking builds per version. i.e. in buildnum:
# v2.51r13:0
@ -137,20 +126,16 @@ def parseConfig(confs):
config_dict['build']['multiarch']))
## VALIDATORS ##
# Validate bootstrap mirror
config_dict['src'] = {}
for a in config_dict['build']['arch']:
config_dict['src'][a] = config_dict['source_' + a]
if (validators.domain(config_dict['src'][a]['mirror']) or validators.ipv4(
config_dict['src'][a]['mirror']) or validatords.ipv6(
config_dict['src'][a]['mirror'])):
try:
getaddrinfo(config_dict['src'][a]['mirror'], None)
except:
exit(('{0}: ERROR: {1} does not resolve and cannot be used as a ' +
'mirror for the bootstrap tarballs. Check your configuration.').format(
datetime.datetime.now(),
config_dict['src'][a]['host']))
config_dict['src'][a]['gpg'] = config['source_' + a].getboolean('gpg')
if (validators.domain(config_dict['build']['mirror']) or validators.ipv4(
config_dict['build']['mirror']) or validatords.ipv6(
config_dict['build']['mirror'])):
try:
getaddrinfo(config_dict['build']['mirror'], None)
except:
exit(('{0}: ERROR: {1} does not resolve and cannot be used as a ' +
'mirror for the bootstrap tarballs. Check your configuration.').format(
datetime.datetime.now(),
config_dict['build']['host']))
# Are we rsyncing? If so, validate the rsync host.
# Works for IP address too. It does NOT check to see if we can
# actually *rsync* to it; that'll come later.

3
bdisk/ipxe.py
View File

@ -21,8 +21,7 @@ def buildIPXE(conf):
srcdir = build['srcdir']
embedscript = build['dlpath'] + '/EMBED'
ipxe_src = srcdir + '/ipxe'
#ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
ipxe_git_uri = 'http://git.ipxe.org/ipxe.git'
ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
print('{0}: [IPXE] Prep/fetch sources...'.format(
datetime.datetime.now()))
# Get the source

78
bdisk/prep.py
View File

@ -25,34 +25,27 @@ def dirChk(conf):
def downloadTarball(conf):
build = conf['build']
dlpath = build['dlpath']
src = conf['src']
arch = build['arch']
#mirror = 'http://mirrors.kernel.org/archlinux'
mirror = build['mirrorproto'] + '://' + build['mirror']
rlsdir = mirror + build['mirrorpath']
sha_in = urlopen(mirror + build['mirrorchksum'])
# returns path/filename e.g. /some/path/to/file.tar.gz
# we use .gnupg since we'll need it later.
os.makedirs(dlpath + '/.gnupg', exist_ok = True)
tarball_path = {}
for x in arch:
tarball_path[x] = dlpath + '/.latest.' + x + '.tar'
sha1sums = sha_in.read()
sha_in.close()
sha_raw = sha1sums.decode("utf-8")
sha_list = list(filter(None, sha_raw.split('\n')))
sha_dict = {x.split()[1]: x.split()[0] for x in sha_list}
# all that lousy work just to get a sha1 sum. okay. so.
for a in arch:
locsrc = conf['source_' + a]
mirror = locsrc['mirrorproto'] + '://' + locsrc['mirror']
rlsdir = mirror + locsrc['mirrorpath']
if locsrc['mirrorchksum'] != '':
if locsrc['chksumtype'] == '':
exit("{0}: source_{1}:chksumtype is unset!".format(datetime.datetime.now(), a))
hash_type = locsrc['chksumtype']
hash_in = urlopen(mirror + locsrc['mirrorchksum'])
hashsums = hash_in.read()
hash_in.close()
hash_raw = hashsums.decode("utf-8")
hash_list = list(filter(None, hash_raw.split('\n')))
hash_dict = {x.split()[1]: x.split()[0] for x in hash_list}
# returns path/filename e.g. /some/path/to/file.tar.gz
# we use .gnupg since we'll need it later.
os.makedirs(dlpath + '/.gnupg', exist_ok = True)
tarball_path[a] = dlpath + '/.latest.' + a + '.tar'
pattern = re.compile('^.*' + a + '\.tar(\.(gz|bz2|xz))?$')
if locsrc['mirrorfile'] != '':
tarball = locsrc['mirrorfile']
else:
tarball = [filename.group(0) for l in list(hash_dict.keys()) for filename in [pattern.search(l)] if filename][0]
if locsrc['mirrorchksum'] != '':
hashsum = hash_dict[tarball]
tarball = [filename.group(0) for l in list(sha_dict.keys()) for filename in [pattern.search(l)] if filename][0]
sha1 = sha_dict[tarball]
if os.path.isfile(tarball_path[a]):
pass
else:
@ -60,6 +53,7 @@ def downloadTarball(conf):
print("{0}: [PREP] Fetching tarball ({1} architecture)...".format(
datetime.datetime.now(),
a))
#dl_file = urllib.URLopener()
tarball_dl = urlopen(rlsdir + tarball)
with open(tarball_path[a], 'wb') as f:
f.write(tarball_dl.read())
@ -69,32 +63,20 @@ def downloadTarball(conf):
tarball_path[a],
humanize.naturalsize(
os.path.getsize(tarball_path[a]))))
if locsrc['mirrorchksum'] != '':
print("{0}: [PREP] Checking hash checksum {1} against {2}...".format(
datetime.datetime.now(),
hashsum,
tarball_path[a]))
# Calculate the checksum according to type specified.
tarball_hash = False
for i in hashlib.algorithms_available:
if hash_type == i:
hashfunc = getattr(hashlib, i)
tarball_hash = hashfunc(open(tarball_path[a], 'rb').read()).hexdigest()
break
if not tarball_hash:
exit("{0}: source_{1}:chksumtype '{2}' is not supported on this machine!".format(
datetime.datetime.now(),
a,
hash_type))
if tarball_hash != hashsum:
exit(("{0}: {1} either did not download correctly\n\t\t\t or a wrong (probably old) version exists on the filesystem.\n\t\t\t " +
"Please delete it and try again.").format(datetime.datetime.now(), tarball))
if locsrc['mirrorgpgsig'] != '':
# let's verify the signature.
if locsrc['mirrorgpgsig'] == '.sig':
print("{0}: [PREP] Checking hash checksum {1} against {2}...".format(
datetime.datetime.now(),
sha1,
tarball_path[a]))
tarball_hash = hashlib.sha1(open(tarball_path[a], 'rb').read()).hexdigest()
if tarball_hash != sha1:
exit(("{0}: {1} either did not download correctly\n\t\t\t or a wrong (probably old) version exists on the filesystem.\n\t\t\t " +
"Please delete it and try again.").format(datetime.datetime.now(), tarball))
elif build['mirrorgpgsig'] != '':
# okay, so the sha1 matches. let's verify the signature.
if build['mirrorgpgsig'] == '.sig':
gpgsig_remote = rlsdir + tarball + '.sig'
else:
gpgsig_remote = locsrc['mirrorgpgsig']
gpgsig_remote = build['mirrorgpgsig']
sig_dl = urlopen(gpgsig_remote)
sig = tarball_path[a] + '.sig'
with open(sig, 'wb+') as f:

25
docs/TODO
View File

@ -1,13 +1,5 @@
-investigate weird signing issue- if you specify a key to sign with, it appears that the squashed images (at least in the http dir) doesn't have a sig/asc. do they need to copy it over? or is it not even signing them?
-switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT.
-more pythonic! classes (because inits help), use list or tuple constant for checksums, try vars-ing the configparser stuff (and move defaults to in-code?),
change path combinations to use os.path.join etc.
-modularity: https://stackoverflow.com/a/8719100

-mtree-like functionality; if mtree spec is found, apply that to files in overlay (or chroot even); otherwise copy from overlay and don't touch chroot

## Missing v2.x functionality ##
-i_am_a_racecar optimizations
- different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411
-incorporate this into the manual?
-TFTP configs generated for pxelinux
-fix the branding, etc. on ipxe. :(
@ -17,27 +9,25 @@
-- https://code.google.com/p/byte-unixbench/
-- https://github.com/akopytov/sysbench
-- (http://blog.due.io/2014/linode-digitalocean-and-vultr-comparison/ etc.)
-There *has* to be a better way of handling package installation in the chroots.
--implement pyalpm to decreate dependency on chroot pacman-ing?
-implement pyalpm to decreate dependency on chroot pacman-ing?
--or even maybe https://wiki.archlinux.org/index.php/offline_installation_of_packages in pure python!
-set up automatic exporting to PDF of the user manual server-side. https://pypi.python.org/pypi/unoconv/0.6
-There *has* to be a better way of handling package installation in the chroots.
-maybe remove lxde, firefox, chrome and replace with enlightenment/midori?
-custom repo? https://brainwreckedtech.wordpress.com/2013/01/27/making-your-own-arch-linux-repository/
--https://wiki.archlinux.org/index.php/Building_32-bit_packages_on_a_64-bit_system # NOTE: arch has dropped i686, now continued as archlinux32
--https://wiki.archlinux.org/index.php/Building_32-bit_packages_on_a_64-bit_system
-implement better "additional" packages list. specify for path in build.ini- these should be more easily changed by end users. DON'T TOUCH iso.pkgs.lst since those are necessary for booting.
-automatic shorewall/some other firewall?
-shorewall/some other firewall?
-autodetection/configuration of network. DHCP is currently running by default, but does it need to support IPv6? if so, how would the user configure their network?
-DISABLE NETWORKMANAGER AND "fi.w1.wpa_supplicant1"??? keeps spawning wpa_supplicant (and thusly killing networking proper)
-for netboot, custom user agent (should be defined by build.ini)
--iPXE's curl
--initrd's curl
-WISH: Better logging/debugging
https://web.archive.org/web/20170726052946/http://www.lexev.org/en/2013/python-logging-every-day/

-WISH: signing for secureboot releases (PreLoader and loader.efi handle this okay, but require manual intervention)
-does loader.efi support splash backgrounds? can i implement that differently somehow?
--yes, see e.g. https://www.reddit.com/r/archlinux/comments/3bwgf0/where_put_the_splasharchbmp_to_splash_screen_boot/
-strip out/remove unnecessary and orphan packages (e.g. gcc, make, automake, etc.) before building ISO
-strip out/remove unnecessary and orphan packages (e.g. gcc, make, automake, etc.)
-incorporate iPXE tweaks:
--http://ipxe.org/crypto
--http://ipxe.org/cmd/imgtrust
@ -49,7 +39,6 @@ https://web.archive.org/web/20170726052946/http://www.lexev.org/en/2013/python-l
---#imgverify initrd path/to/initrd.sig
---DONE, partially. need to incorporate codesign certs/keys. routines, conf variables
-enable mirror= kernel commandline.
-NOTE: Following should be implemented via AIF-NG (https://git.square-r00t.net/AIF-NG, work pending for fix to BDisk for i686/x86_64 split)
--if mirror_(NAME) is present, use that as repo name.
--if it starts with /, treat as mirrorlist (Include); otherwise use Server =
--if it has mirror_SIG-X, set signature options e.g. _SIG-N would be "SigLevel = Never"
@ -58,3 +47,5 @@ https://web.archive.org/web/20170726052946/http://www.lexev.org/en/2013/python-l
-include WinMTR, build Mac OS X MTR for dist/tools on CD
-include pre-compiled LibreCrypt for opening LUKS parts on Windows (https://github.com/t-d-k/LibreCrypt)
--curl -s https://raw.githubusercontent.com/t-d-k/LibreCrypt/master/README.md | egrep 'InstallLibreCrypt_v[A-Za-z0-9\.]*.exe' | cut -f2 -d'"'



2
docs/manual/HEAD.adoc
View File

@ -1,6 +1,6 @@
= BDisk User and Developer Manual
Brent Saner <bts@square-r00t.net>
v1.3, 2017-08-20
v1.0, 2016-12
:doctype: book
:data-uri:
:imagesdir: images

10
docs/manual/further/BUGS.adoc
View File

@ -2,17 +2,17 @@
NOTE: It is possible to submit a bug or feature request without registering in my bugtracker. One of my pet peeves is needing to create an account/register on a bugtracker simply to report a bug! The following links only require an email address to file a bug (which is necessary in case I need any further clarification from you or to keep you updated on the status of the bug/feature request -- so please be sure to use a valid email address).

=== Bugs
If you encounter any bugs in *BDisk*, you can file a bug report https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=1&product_category=5[here^].
If you encounter any bugs in *BDisk*, you can file a bug report https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=1[here^].

If you encounter any bugs (inaccurate information, typos, misformatting, etc.) in *this documentation*, you can file a bug report https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=1&product_category=26[here^].
If you encounter any bugs (inaccurate information, typos, misformatting, etc.) in *this documentation*, you can file a bug report https://bugs.square-r00t.net/index.php?do=newtask&project=8&task_type=1[here^].

=== Feature Requests
If you have any features you'd like to see or you think would help *BDisk* become even more useful, please file a feature request https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=2&product_category=5[here^].
If you have any features you'd like to see or you think would help *BDisk* become even more useful, please file a feature request https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=2[here^].

If you have any suggestions on how to improve *this documentation* or feel it's missing information that could be useful, please file a feature request https://bugs.square-r00t.net/index.php?do=newtask&project=2&task_type=2&product_category=26[here^].
If you have any suggestions on how to improve *this documentation* or feel it's missing information that could be useful, please file a feature request https://bugs.square-r00t.net/index.php?do=newtask&project=8&task_type=2[here^].

=== Patches
I gladly welcome https://www.gnu.org/software/diffutils/manual/html_node/Unified-Format.html[patches^], but I deplore using GitHub (even though I https://github.com/johnnybubonic/BDisk[have a mirror there^]). For this reason, please follow the same https://www.kernel.org/doc/Documentation/process/submitting-patches.rst[patch/pull request process] for the Linux kernel and email it to bts@square-r00t.net.
I gladly welcome https://www.gnu.org/software/diffutils/manual/html_node/Unified-Format.html[patches^], but I deplore using GitHub (even though I https://github.com/johnnybubonic/BDisk[have a mirror there^]). For this reason, please follow the same https://www.kernel.org/doc/Documentation/SubmittingPatches[patch/pull request process] for the Linux kernel and email it to bts@square-r00t.net.

Alternatively, you may attach a patch to a <<bugs,bug report>>/<<feature_requests,feature request>>.


BIN
docs/manual/images/fig1.1.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 254 KiB

After

Width:  |  Height:  |  Size: 270 KiB

2
docs/manual/user/BUILDING.adoc
View File

@ -7,8 +7,6 @@ NOTE: Due to requiring various mounting and chrooting, BDisk must be run as the

To initiate a build, simply run `<basedir>/bdisk/bdisk.py`. That's it! Everything should continue automatically.

If you'd like to specify a path to a specific build configuration, you can use `<basedir>/bdisk/bdisk.py path/to/build.ini`. The default is _/etc/bdisk/build.ini_ (plus <<the_code_build_ini_code_,other locations>>).

If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.)

If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <<bug_reports_feature_requests,bug report>>!

111
docs/manual/user/BUILDINI.adoc
View File

@ -3,7 +3,7 @@ This file is where you can specify some of the very basics of BDisk building. It

It's single-level, but divided into "sections". This is unfortunately a limitation of ConfigParser, but it should be easy enough to follow.

Blank lines are ignored, as well as any lines beginning with `#` and `;`. There are some restrictions and recommendations for some values, so be sure to note them when they occur. Variables referencing other values in the `build.ini` are allowed in the format of `${keyname}` if it's in the same section; otherwise, `${section:keyname}` can be used.
Blank lines are ignored, as well as any lines beginning with `#` and `;`. There are some restrictions and recommendations for some values, so be sure to note them when they occur. Variables referencing other values in the `build.ini` are allowed in the format of `${value}` if it's in the same section; otherwise, `${section:value}` can be used.

If you want to use your own `build.ini` file (and you should!), the following paths are searched in order. The first one found will be used.

@ -16,7 +16,6 @@ If you want to use your own `build.ini` file (and you should!), the following pa
* `/opt/dev/bdisk/build.ini`
* `/opt/dev/bdisk/extra/build.ini`
* `/opt/dev/bdisk/extra/dist.build.ini`
* `<bdisk.py directory>/../build.ini`

We'll go into more detail for each section below.

@ -25,7 +24,7 @@ We'll go into more detail for each section below.
name = BDISK
uxname = bdisk
pname = BDisk
ver =
ver =
dev = A Developer
email = dev@domain.tld
desc = A rescue/restore live environment.
@ -35,29 +34,17 @@ We'll go into more detail for each section below.
[user]
username = ${bdisk:uxname}
name = Default user
groups = ${bdisk:uxname},admin
password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/
[source_x86_64]
[build]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile = .sig
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
chksumtype = sha1
mirrorgpgsig =
gpgkey = 7F2D434B9741E8AC
gpgkeyserver =
[source_i686]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
chksumtype = sha1
mirrorgpgsig =
gpgkey =
gpgkeyserver =
[build]
gpg = no
dlpath = /var/tmp/${bdisk:uxname}
chrootdir = /var/tmp/chroots
basedir = /opt/dev/bdisk
@ -66,8 +53,7 @@ We'll go into more detail for each section below.
prepdir = ${dlpath}/temp
archboot = ${prepdir}/${bdisk:name}
mountpt = /mnt/${bdisk:uxname}
multiarch = x86_64
sign = yes
multiarch = yes
ipxe = no
i_am_a_racecar = no
[gpg]
@ -85,7 +71,7 @@ We'll go into more detail for each section below.
[tftp]
path = ${build:dlpath}/tftpboot
user = root
group = root
group = root
[ipxe]
iso = no
uri = https://domain.tld
@ -95,9 +81,9 @@ We'll go into more detail for each section below.
ssl_crt = ${ssldir}/main.crt
ssl_key = ${ssldir}/main.key
[rsync]
host =
user =
path =
host =
user =
path =
iso = no

=== `[bdisk]`
@ -128,7 +114,7 @@ This string is used for "pretty-printing" of the project name; it should be a mo
. ASCII only

==== `ver`
The version string. If this isn't specified, we'll try to guess based on the current git commit and tags in `<<code_basedir_code,build:basedir>>`. If `<<code_basedir_code,build:basedir>>` is *not* a git repository (i.e. you installed BDisk from a package manager), you MUST specify a version number.
The version string. If this isn't specified, we'll try to guess based on the current git commit and tags in `<<code_basedir_code,build:basedir>>`.

. No whitespace

@ -193,37 +179,20 @@ What comment/description/real name should be used for the user? For more informa

. ASCII only

==== `groups`
What groups this user should be added to, comma-separated. They will be created if they don't exist yet. Standard *nix group names rules apply:

. ASCII only
. 32 characters or less
. Can only contain lower-case letters, numeric digits, underscores, or dashes (and can end with a dollar sign)
. Must start with a (lower-case) letter or underscore
. No whitespace

==== `password`
The escaped, salted, hashed string to use for the non-root user.

Please see <<passwords,the section on passwords>> for information on this value. In the <<example,example above>>, the string `$$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/` is created from the password `test`. I cannot stress this enough, do not use a plaintext password here nor just use a regular `/etc/shadow` file/`crypt(3)` hash here. Read the section. I promise it's short.

=== `[source_<arch>]`
This section controls where to fetch the "base" tarballs.

NOTE: Previously, these settings were *not* architecture-specific, and included in the <<code_build_code,`build`>> section.

It was necessary to create this section per architecture, because https://www.archlinux.org/news/phasing-out-i686-support/[Arch Linux has dropped i686 support^]. However, plenty of other distros also have removed support and other third-party projects have ported. (You can find the Arch Linux 32-bit/i686 port project http://archlinux32.org/[here^].)

The directives here are only covered once, however, since both sections are identical- they just allow you to specify different mirrors. Note that the two settings are `[source_i686]` (for 32-bit) and `[source_x86_64]` (for 64-bit/multilib).

Which section is used (or both) depends on what <<code_multiarch_code, architectures you have enabled>> for the build.
=== `[build]`
This section controls some aspects about the host and things like filesystem paths, etc.

==== `mirror`
A mirror that hosts the bootstrap tarball. It is *highly* recommended you use an Arch Linux https://wiki.archlinux.org/index.php/Install_from_existing_Linux#Method_A:_Using_the_bootstrap_image_.28recommended.29[bootstrap tarball^] as the build process is highly specialized to this (but <<bug_reports_feature_requests,patches/feature requests>> are welcome for other built distros). You can find a list of mirrors at the bottom of Arch's https://www.archlinux.org/download/[download page^].

. No whitespace
. Must be accessible remotely/via a WAN-recognized address
. Must be a domain/FQDN (or IP address) only; no paths (those come later!)
. Must be a domain/FQDN only; no paths (those come later!)

==== `mirrorproto`
What protocol should we use for the <<code_mirror_code,`mirror`>>?
@ -239,42 +208,14 @@ What is the path to the tarball directory on the <<code_mirror_code,`mirror`>>?
. No whitespace

==== `mirrorfile`
What is the filename for the tarball found in the path specified in <<code_mirrorpath_code,`mirrorpath`>> ? If left blank, we will use the hash <<code_mirrorchksum_code,checksum>> file to try to guess the most recent file.
What is the filename for the tarball found in the path specified in <<code_mirrorpath_code,`mirrorpath`>> ? If left blank, we will use the sha1 <<code_mirrorchksum_code,checksum>> file to try to guess the most recent file.

==== `mirrorchksum`
*[optional]* +
*default: (no hash checking done)* +
*requires: <<code_chksumtype_code,`chksumtype`>>*

The path to a checksum file of the bootstrap tarball.
The path to a sha1 checksum file of the bootstrap tarball.

. No whitespace
. Must be the full path
. Don't include the <<code_mirror_code,mirror domain>> or <<code_mirrorproto_code,protocol>>

==== `chksumtype`
The algorithm that <<code_mirrorchksum_code,`mirrorchksum`>>'s hashes are in.

[options="header"]
|======================
7+^|Accepts one of:
^m|blake2b
^m|blake2s
^m|md5
^m|sha1
^m|sha224
^m|sha256
^m|sha384
^m|sha512
^m|sha3_224
^m|sha3_256
^m|sha3_384
^m|sha3_512
^m|shake_128
^m|shake_256
|======================

TIP: You may have support for additional hashing algorithms, but these are the ones gauranteed to be supported by Python's https://docs.python.org/3/library/hashlib.html[hashlib module^]. To get a full list of algorithms the computer you're building on supports, you can run `python3 -c 'import hashlib;print(hashlib.algorithms_available)'`. Most likely, however, <<code_mirrorchksum_code,`mirrorchksum`>> is going to be hashes of one of the above.
. Don't include the mirror domain or protocol

==== `mirrorgpgsig`
*[optional]* +
@ -284,7 +225,7 @@ TIP: You may have support for additional hashing algorithms, but these are the o

If the bootstrap tarball file has a GPG signature, we can use it for extra checking. If it's blank, GPG checking will be disabled.

If you specify just `.sig` (or use the default and don't specify a <<code_mirrorfile_code,`mirrorfile`>>), BDisk will try to guess based on the file from the hash <<code_mirrorchksum_code,checksum>> file. Note that unless you're using the `.sig` "autodetection", this must evaluate to a full URL. (e.g. `${mirrorproto}://${mirror}${mirrorpath}somefile.sig`)
If you specify just `.sig` (or use the default and don't specify a <<code_mirrorfile_code,`mirrorfile`>>), BDisk will try to guess based on the file from the sha1 <<code_mirrorchksum_code,checksum>> file. Note that this must evaluate to a full URL. (e.g. `${mirrorproto}://${mirror}${mirrorpath}somefile.sig`)

==== `gpgkey`
*requires: <<optional,_gpg/gnupg_>>*
@ -304,18 +245,6 @@ What is a valid keyserver we should use to fetch <<code_gpgkey_code,`gpgkey`>>?
. The default (blank) is probably fine. If you don't specify a personal GPG config, then you'll most likely want to leave this blank.
. If set, make sure it is a valid keyserver URI (e.g. `hkp://keys.gnupg.net`)

[options="header"]
|======================
2+^|Accepts (case-insensitive) one of:
^m|yes ^m|no
^m|true ^m|false
^m|1 ^m|0
|======================

=== `[build]`
This section controls some aspects about the host and things like filesystem paths, etc.


==== `gpg`
Should we sign our release files? See the <<code_gpg_code_2,`[gpg]`>> section.

@ -525,7 +454,7 @@ What group the HTTP files should be owned as. This is most likely going to be ei
. Group must exist on build system

|======================
^s|Can be one of: ^.^m|groupname ^.^m|https://linux.die.net/man/5/group[GID]
^s|Can be one of: ^.^m|group name ^.^m|https://linux.die.net/man/5/group[UID]
|======================

=== `[tftp]`
@ -557,7 +486,7 @@ What group the TFTP files should be owned as. This is most likely going to be ei
. Group must exist on build system

|======================
^s|Can be one of: ^.^m|groupname ^.^m|https://linux.die.net/man/5/group[GID]
^s|Can be one of: ^.^m|group name ^.^m|https://linux.die.net/man/5/group[UID]
|======================

=== `[ipxe]`

22
docs/manual/user/GETTING_STARTED.adoc
View File

@ -7,13 +7,13 @@ image::fig1.1.png[cgit,align="center"]

If you know the tag of the commit you want, you can use curl:

curl -sL -o bdisk.tar.xz https://git.square-r00t.net/BDisk/snapshot/BDisk-3.00-BETA.tar.xz
curl -sL -o bdisk.tar.xz https://git.square-r00t.net/BDisk/snapshot/BDisk-3.11.tar.xz

or wget:

wget -O bdisk.tar.xz https://git.square-r00t.net/BDisk/snapshot/BDisk-3.00-BETA.tar.xz
wget -O bdisk.tar.xz https://git.square-r00t.net/BDisk/snapshot/BDisk-3.11.tar.xz

You can use `https://git.square-r00t.net/BDisk/snapshot/BDisk-master.tar.xz` for the URL if you want the latest working version. If you want a snapshot of a specific commit, you can use e.g. `https://git.square-r00t.net/BDisk/snapshot/BDisk-a1fe1dbc0a0ce2b2a5d1b470d30b60636f9b2efa.tar.xz` and so on.
You can use `https://git.square-r00t.net/BDisk/snapshot/BDisk-master.tar.xz` for the URL if you want the latest working version. If you want a snapshot of a specific commit, you can use e.g. `https://git.square-r00t.net/BDisk/snapshot/BDisk-5ac510762ce00eef213957825de0e6d07186e7f8.tar.xz` and so on.

Alternatively, you can use https://git-scm.com/[git^]. Git most definitely _should_ be in your distro's repositories.

@ -50,13 +50,9 @@ These are needed for using BDisk.

These are required Python modules:

* https://pypi.python.org/pypi/GitPython[GitPython^]
* https://pypi.python.org/pypi/humanize[Humanize^]
* http://jinja.pocoo.org/[Jinja2^]
* https://pypi.python.org/pypi/psutil[PSUtil^]
* https://pypi.python.org/pypi/patch[Patch^]
* https://pypi.python.org/pypi/pygpgme[PyGPGME^]
* https://pypi.python.org/pypi/pyOpenSSL[PyOpenSSL^]
* https://pypi.python.org/pypi/validators[Validators^]

==== Optional
@ -64,8 +60,6 @@ While not strictly necessary, these will greatly enhance your BDisk usage. I've

NOTE: If you do not wish to install any of these or cannot install them, be sure to disable the relevant options in the `build.ini` file (we'll talk about that later). The default `extra/dist.build.ini` should be sane enough to not require any of these.

* http://cdrtools.sourceforge.net/private/cdrecord.html[cdrtools^]
** Needed for building iPXE.
* http://gcc.gnu.org[gcc (multilib)^] (>=6.x)
** Needed for building iPXE.
* http://gcc.gnu.org[gcc-libs (multilib)^] (>=6.x)
@ -77,4 +71,14 @@ NOTE: If you do not wish to install any of these or cannot install them, be sure
* https://rsync.samba.org/[rsync^]
** For syncing built ISOs to a fileserver, syncing to a remote iPXE server, syncing to a traditional PXE/TFTP server, etc.

These are optional Python modules:

* https://pypi.python.org/pypi/GitPython[GitPython^]
** (Same reasons as _git_)
* https://pypi.python.org/pypi/pygpgme[PyGPGME^]
** (Same reasons as _gpg/gnupg_)
* https://pypi.python.org/pypi/patch[Patch^]
** For branding iPXE environments per your `build.ini`.
* https://pypi.python.org/pypi/pyOpenSSL[PyOpenSSL^]
** To set up a PKI when building iPXE; used to create trusted/verified images.


4
docs/manual/user/advanced/SSH.adoc
View File

@ -17,7 +17,7 @@ First, create a file: `<basedir>/overlay/etc/ssh/sshd_config` using the followin
Subsystem sftp /usr/lib/ssh/sftp-server
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com

We'll also want to implement a more secure `ssh_config` file to avoid possible leaks. The following is `<basedir>/overlay/etc/ssh/ssh_config`:

@ -28,7 +28,7 @@ We'll also want to implement a more secure `ssh_config` file to avoid possible l
PubkeyAuthentication yes
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com

We'll want to create our own moduli. This can take a long time, but only needs to be done once -- it doesn't need to be done for every build. The following commands should be run in `<basedir>/overlay/etc/ssh/`:


2
docs/manual/user/fslayout/TEMPLATES.adoc
View File

@ -38,7 +38,7 @@ The `EFI/` directory is similar to <<efi, EFI/>> above also, but needs fewer con
The `patches/` directory largely control branding of the mini ISO. They are in https://www.gnu.org/software/diffutils/manual/html_node/Unified-Format.html[unified diff^] (or "patch") format.

===== overlay/
This directory contains *templated* overlays. These are intended to be templated by the user. See <<overlay_2, the overlay section>> for more information on how to use this. Remember to suffix your template files with the `.j2` extension.
This directory contains *templated* overlays. These are intended to be templated by the user. See <<overlay, the overlay section>> for more information on how to use this. Remember to suffix your template files with the `.j2` extension.

===== pre-build.d/
This directory contains *templated* overlays. These are intended to not be managed by the user, as they handle configuration necessary for building an ISO. See <<pre_build_d, the pre-build.d section>> for more information on this.

BIN
extra/aif.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 152 B

39
extra/dist.build.ini
View File

@ -26,32 +26,17 @@ user = yes
[user]
username = ${bdisk:uxname}
name = Default user
groups = ${bdisk:uxname},admin
password =

[source_x86_64]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
chksumtype = sha1
mirrorgpgsig =
gpgkey = 7F2D434B9741E8AC
gpgkeyserver =

[source_i686]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
chksumtype = sha1
mirrorgpgsig =
gpgkey = 7F2D434B9741E8AC
gpgkeyserver =

[build]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
mirrorgpgsig =
gpgkey = 7F2D434B9741E8AC
gpgkeyserver =
gpg = no
dlpath = /var/tmp/${bdisk:uxname}
chrootdir = /var/tmp/chroots
@ -61,15 +46,13 @@ srcdir = ${dlpath}/src
prepdir = ${dlpath}/temp
archboot = ${prepdir}/${bdisk:name}
mountpt = /mnt/${bdisk:uxname}
#multiarch = yes
multiarch = x86_64
sign = yes
ipxe = no
multiarch = yes
ipxe =
i_am_a_racecar = yes

[gpg]
mygpgkey =
mygpghome = ${build:dlpath}/.gnupg
mygpghome =

[sync]
http = no

48
extra/modules/distro/TEMPLATE
View File

@ -1,48 +0,0 @@
# The modules found in here are for distro-specific differences in the builds.
# For instance, if you want to build a Debian-based BDisk, you'd specify pkg['install'] = ['apt-get', '-y', 'install', '%PKG%'],
# name this file as "debian.py", and set bdisk:distro as 'debian'.
# Note that the guest will need python installed. If distro is set as "NOCHECK", a distro check of the tarball won't be performed
# (as the distro check requires python be installed first).

# Special variables to be used in strings:
# %PKG% = the name of a package would be inserted here.

# This template uses Debian as an example.

# The name of the distro. Must match the output from platform.linux_distribution()[0].lower()
# Regex is supported.
distro = 'debian'

# The path to python. Can be either python 2.x (2.6 or higher) or 3.x.
pybin = '/usr/bin/python'

guestenv = {}
# The following environment variables will be set for the guest.
guestenv['DEBIAN_FRONTEND'] = 'noninteractive'

scripts = {}
# This variable can be used to perform some additional system tweaks and such. This is run before package installation.
# It must be formatted as a complete script- i.e. include a shebang etc.
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""

# This variable can be used to perform some additional system tweaks and such. This is run after package installation.
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""


pkg = {}
# The command, with arguments, in list format that should be run before we install software in the guest.
# For instance, if your guest distro requires a local package listing cache (nearly all of them do) to be
# updated first, this is where it would be run.
pkg['pre'] = ['apt-get', '-y', 'update']

# The command, with arguments, in a list format to install a package.
# Note that the command must be constructed in a way that does not require user interaction.
pkg['install'] = ['apt-get', '-y', 'install', '%PKG%']

# The command, with arguments, in list format to use to check if a package is installed.
# It should return 0 on exist status if it's installed. Any other exit status assumes the package is not installed.
pkg['check'] = ['dpkg-query', '-f', '${binary:Package}\n', '-W', '%PKG']

11
extra/modules/distro/arch.py
View File

@ -1,11 +0,0 @@
distro = 'arch'
pybin = '/usr/bin/python'
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""
pkg['pre'] = ['pacman', '-Syyy']
pkg['install'] = ['apacman', '-S', '%PKG%']
pkg['check'] = ['pacman', '-Q', '%PKG']

11
extra/modules/distro/centos.py
View File

@ -1,11 +0,0 @@
distro = 'centos linux'
pybin = '/usr/bin/python'
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""
pkg['pre'] = ['yum', 'makecache']
pkg['install'] = ['yum', '-y', 'install', '%PKG%']
pkg['check'] = ['rpm', '-qi', '%PKG']

12
extra/modules/distro/debian.py
View File

@ -1,12 +0,0 @@
distro = 'debian'
pybin = '/usr/bin/python'
guestenv['DEBIAN_FRONTEND'] = 'noninteractive'
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""
pkg['pre'] = ['apt-get', '-q', '-y', 'update']
pkg['install'] = ['apt-get', '-q', '-y', '-o Dpkg::Options::="--force-confdef"', '-o Dpkg::Options::="--force-confold"', 'install', '%PKG%']
pkg['check'] = ['dpkg-query', '-f', "'${binary:Package}\n'", '-W', '%PKG']

11
extra/modules/distro/fedora.py
View File

@ -1,11 +0,0 @@
distro = 'fedora'
pybin = '/usr/bin/python3'
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""
pkg['pre'] = ['yum', 'makecache']
pkg['install'] = ['yum', '-y', 'install', '%PKG%']
pkg['check'] = ['rpm', '-qi', '%PKG']

11
extra/modules/distro/rhel.py
View File

@ -1,11 +0,0 @@
distro = 'red hat enterprise linux (server|desktop)'
pybin = '/usr/bin/python'
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""
pkg['pre'] = ['yum', 'makecache']
pkg['install'] = ['yum', '-y', 'install', '%PKG%']
pkg['check'] = ['rpm', '-qi', '%PKG']

11
extra/modules/distro/sles.py
View File

@ -1,11 +0,0 @@
distro = 'suse linux enterprise server'
pybin = '/usr/bin/python'
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""
pkg['pre'] = ['zypper', 'refresh']
pkg['install'] = ['zypper', 'install', '--no-confirm', '-l', '%PKG%']
pkg['check'] = ['rpm', '-qi', '%PKG']

12
extra/modules/distro/ubuntu.py
View File

@ -1,12 +0,0 @@
distro = 'ubuntu'
pybin = '/usr/bin/python'
guestenv['DEBIAN_FRONTEND'] = 'noninteractive'
script['pre'] = """#!/bin/bash
touch /root/BDISK
"""
script['post'] = """#!/bin/bash
rm -f /root/BDISK
"""
pkg['pre'] = ['apt-get', '-q', '-y', 'update']
pkg['install'] = ['apt-get', '-q', '-y', '-o Dpkg::Options::="--force-confdef"', '-o Dpkg::Options::="--force-confold"', 'install', '%PKG%']
pkg['check'] = ['dpkg-query', '-f', "'${binary:Package}\n'", '-W', '%PKG']

38
extra/pkg.build.ini
View File

@ -26,49 +26,33 @@ user = yes
[user]
username = ${bdisk:uxname}
name = Default user
groups = ${bdisk:uxname},admin
password =

[source_x86_64]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
chksumtype = sha1
mirrorgpgsig =
gpgkey = 7F2D434B9741E8AC
gpgkeyserver =

[source_i686]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
chksumtype = sha1
mirrorgpgsig =
gpgkey = 7F2D434B9741E8AC
gpgkeyserver =

[build]
mirror = mirror.us.leaseweb.net
mirrorproto = https
mirrorpath = /archlinux/iso/latest/
mirrorfile =
mirrorchksum = ${mirrorpath}sha1sums.txt
mirrorgpgsig =
gpgkey = 7F2D434B9741E8AC
gpgkeyserver =
gpg = no
dlpath = /var/tmp/${bdisk:uxname}
chrootdir = /var/tmp/chroots
basedir = /var/lib/bdisk
basedir = /opt/dev/bdisk
isodir = ${dlpath}/iso
srcdir = ${dlpath}/src
prepdir = ${dlpath}/temp
archboot = ${prepdir}/${bdisk:name}
mountpt = /mnt/${bdisk:uxname}
#multiarch = yes
multiarch = x86_64
multiarch = yes
ipxe = no
i_am_a_racecar = no

[gpg]
mygpgkey =
mygpghome = ${build:dlpath}/.gnupg
mygpghome =

[sync]
http = no

1
extra/pre-build.d/etc/hostname Normal file
View File

@ -0,0 +1 @@
bdisk-live.loc.lan

1
extra/pre-build.d/etc/initcpio/install/livecd
View File

@ -14,7 +14,6 @@ build()
add_binary "/usr/bin/sed"
add_binary "/usr/bin/pkill"
add_binary "/usr/bin/curl"
add_binary "/usr/bin/pv"
add_full_dir /etc/ssl
add_full_dir /etc/ca-certificates


90
extra/pre-build.d/etc/issue Normal file
View File

@ -0,0 +1,90 @@

MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMW0dc,.. ..;cxKWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMW0d:'. .,cx0WMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMNx:. .';cldxkkOOOOkkxdl:,.. .ckNMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMKl. .;okKXXXXXXXXXXXXXXXXXXXXXX0xl;. 'oXMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMXl. .:d0XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX0d;. .dNMMMMMMMMMMMMMM
MMMMMMMMMMMM0; .cOXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXKk: :KMMMMMMMMMMMM
MMMMMMMMMMO' 'xKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXKd. ,KMMMMMMMMMM
MMMMMMMMX, ,OXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx' :NMMMMMMMM
MMMMMMMd .kXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXd. .kMMMMMMM
MMMMMN' oKKxl:;,;:lkKXXXXXXXXXXXXXXXXXXXXXXXX0dl:;,;:ld0XXXXXXXXXXKc ;WMMMMM
MMMMK. .O0; ':ool:. ;kXXXXXXXXXXXXXXXXXXX0l. .,coooc' .c0XXXXXXXXXk. .NMMMM
MMMK. 'Kx cNMMMMK. ,0XXXXXXXXXXXXXXXKc :0MMMMMMk. cKXXXXXXXX0. .NMMM
MMN. 'Kd kMMMMMM' .OXXXXXXXXXXXXX0. 'XMMMMMMMN 'KXXXXXXXX0. .WMM
MW. .K0 xMMMMMMMd .KXXXXXXXXXXXK' ;WMMMMMMMMM: 'KXXXXXXXX0. ;MM
Mo OXc .MMMMMMMMMXo:;ckN. dXXXXXXXXXXXd NMMMMMMMMMMM0l::l0N dXXXXXXXXXx xM
N :XX, :MMMMMMMMMMMMMMMM; :XXXXXXXXXXX; ,MMMMMMMMMMMMMMMMMMM' :XXXXXXXXXX, .M
d OXX; ,MMMMMMMMMMMMMMMM, :XXXXXXXXXXX: ,MMMMMMMMMMMMMMMMMMM' :XXXXXXXXXXx O
, .XXXx dxxxxxxxxxxxxxxd xXXXXXXXXXXXx dxxxxxxxxxxxxxxxxxd xXXXXXXXXXXK. c
. :XXXXc'''''''''''''''''':XXXXXXXXXXXXXc'''''''''''''''''''''cXXXXXXXXXXXX, '
lXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX: .
lXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; .
. :XXXXXK0000000000000000000000000000000000000000000000000000KXXXXXXXXXXXXX, '
, .XXXXXk .KXXXXXXXXXXXK. c
x OXXXXXKKo .............................................. lXXXXXXXXXXXx 0
W. ;XXXXXXXO ............................................... .XXXXXXXXXXX' .M
Md kXXXXXXX, .............................................. KXXXXXXXXXd OM
MM, .0XXXXXX0. .............................................. KXXXXXXXXO cMM
MMN. .KXXXXXXk ............................................ ;XXXXXXXX0. ,WMM
MMMX. .0XXXXXXk .........................'''............... .0XXXXXXXO. 'WMMM
MMMMX. .kXXXXXXO. .................,cdkO0KKK0Oxo:'........ .kXXXXXXXd ,WMMMM
MMMMMW; cKXXXXXK; .............'ckKKKKKKKKKKKKKK0x;.... '0XXXXXX0; cWMMMMM
MMMMMMMk. .dXXXXXXx. ..........:OKKKKKKKKKKKKKKKKKKKo. .oXXXXXXKl .0MMMMMMM
MMMMMMMMNc .xXXXXXKo. .......lKKKKKKKKKKKKKKKKKK0o' .dKXXXXXKd. lWMMMMMMMM
MMMMMMMMMMK; .oKXXXXKd' ...:KKKKKKKKKKKKKKK0xc' .:kXXXXXX0l. cXMMMMMMMMMM
MMMMMMMMMMMMXc ;xKXXXX0o,. .;ldxkkOkkxol:'. .,lOXXXXXXKd, .lNMMMMMMMMMMMM
MMMMMMMMMMMMMMWx, ,lOXXXXX0xl:,.........';cok0XXXXXXKkl' ;kWMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMNx, .'cdOKXXXXXXXXXXXXXXXXXXXXKOd:' ;kWMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMW0o, .';:loddxxxxddol:,.. .,o0MMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMXko:'. .':oONMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMW0dc;'......,:lx0WMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
':ox0KXXK0koc'.
.;ok000kxollcccclodxOKXKko;.
;d00dc'. .;lkXKd;.
.o0Oc. .,codkO0KKKKK0Okxdl;'. .;dXKo'
.oKx, .:d0XXXXXXXXXXXXXXXXXXXXXXXKkl,. .c0Nd.
,0O; .:xKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXOl' .oN0;
;Kx. ;xKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX0l. :KX:
,Kx. .lKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXk, ;XX,
k0. .oKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXO, oWO.
,No :KXX0Okk0XXXXXXXXXXXXXXXXXXXXXXXXXXXK0Okk0KXXXXXXXXXXXk. .KW;
cN, .kKl' ... 'l0XXXXXXXXXXXXXXXXXXXXk:. ... .;dKXXXXXXXXK: kMo
oN. '0d. c0WMMWo ;0XXXXXXXXXXXXXXXKo. 'dKWMMMX, .cKXXXXXXXXo xMd
lW. 'Kl .KMMMMM: xXXXXXXXXXXXXX0' ,KMMMMMMM. .OXXXXXXXXx xMd
;M; .Kd .NMMMMMMl kXXXXXXXXXXXK. lMMMMMMMMM. .OXXXXXXXXd 0M:
Nx 0X. dMMMMMMMMk;..;dl 'XXXXXXXXXXXc 'MMMMMMMMMMWd,..:Oc ,XXXXXXXXX: .WW.
dW. lXK KMMMMMMMMMMMMMMK KXXXXXXXXXX. dMMMMMMMMMMMMMMMMM0 KXXXXXXXXK. dMk
Wx KXK 0MMMMMMMMMMMMMMK KXXXXXXXXXX. xMMMMMMMMMMMMMMMMM0 KXXXXXXXXXc .MM.
:M; ;XXX; ,xxxxxxxxxxxxxx: 'XXXXXXXXXXXc 'xxxxxxxxxxxxxxxxx; ,XXXXXXXXXXO KMl
xM. oXXX0,,,,,,,,,,,,,,,,,,kXXXXXXXXXXXK;,,,,,,,,,,,,,,,,,,,,OXXXXXXXXXXX. xMO
0M xXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX. oMK
0M dXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX. oMK
xM. lXXXXXkdddddddddddddddddddddddddddddddddddddddddddddddddKXXXXXXXXXXXK kMk
:Mc 'XXXXXc'. :XXXXXXXXXXXx XMc
W0 OXXXXXX0 ............................................ OXXXXXXXXXX; ,MM.
oM' ,XXXXXXX, ............................................ oXXXXXXXXXO 0Mx
NK dXXXXXXO ........................................... lXXXXXXXXK. ;MN.
,Md kXXXXXXd .......................................... xXXXXXXXX; .NM;
cMl kXXXXXXo ......................................... .KXXXXXXK; .XMl
lMl dXXXXXXd ..................':lodxxdol:'......... .0XXXXXXK' .XMo
:Wx :KXXXXXk. ..............,lkKKKKKKKKKKKKkc'.... .0XXXXXXk. 'NMc
.XK. .xXXXXXK: ..........'oKKKKKKKKKKKKKKKKK0l.. lKXXXXX0; oMN'
dWo .xXXXXXO; .......,OKKKKKKKKKKKKKKKKKkc. .c0XXXXX0c 'KMx
.0Nc .oKXXXXO:. ...'0KKKKKKKKKKKKKK0d:. ,xKXXXXXO: .OM0'
,0No. ;xKXXXKx:. .;ldxkOOkkxol;'. 'cxKXXXXX0l. ,OMK;
'kWk, ,o0XXXXKko:,.........,:ldOKXXXXXKkc. .lXMO,
.cKNx; .,cxOKXXXXXXXXXXXXXXXXXXKko:. .lKMKl.
.cOWKd;. ..,;cllooollc:;'. 'ckNM0c.
'lONW0xl;.. .,:okXMNOo,
.,cdOXWMWNXKK00KKXNMMWXOdc,.
.,cokO00Okdc,.




bdisk
\d \t
\4
\4{tun0}
https://bdisk.square-r00t.net/

26
extra/pre-build.d/etc/locale.conf
View File

@ -1,14 +1,14 @@
LANG=en_US.UTF-8
#LC_CTYPE="en_US.UTF-8"
#LC_NUMERIC="en_US.UTF-8"
#LC_TIME="en_US.UTF-8"
#LC_COLLATE="en_US.UTF-8"
#LC_MONETARY="en_US.UTF-8"
#LC_MESSAGES="en_US.UTF-8"
#LC_PAPER="en_US.UTF-8"
#LC_NAME="en_US.UTF-8"
#LC_ADDRESS="en_US.UTF-8"
#LC_TELEPHONE="en_US.UTF-8"
#LC_MEASUREMENT="en_US.UTF-8"
#LC_IDENTIFICATION="en_US.UTF-8"
#LC_ALL=
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=

41
extra/pre-build.d/etc/motd
View File

@ -1 +1,40 @@
((Generated by BDisk. https://bdisk.square-r00t.net/))
':ox0KXXK0koc'.
.;ok000kxollcccclodxOKXKko;.
;d00dc'. .;lkXKd;.
.o0Oc. .,codkO0KKKKK0Okxdl;'. .;dXKo'
.oKx, .:d0XXXXXXXXXXXXXXXXXXXXXXXKkl,. .c0Nd.
,0O; .:xKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXOl' .oN0;
;Kx. ;xKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX0l. :KX:
,Kx. .lKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXk, ;XX,
k0. .oKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXO, oWO.
,No :KXX0Okk0XXXXXXXXXXXXXXXXXXXXXXXXXXXK0Okk0KXXXXXXXXXXXk. .KW;
cN, .kKl' ... 'l0XXXXXXXXXXXXXXXXXXXXk:. ... .;dKXXXXXXXXK: kMo
oN. '0d. c0WMMWo ;0XXXXXXXXXXXXXXXKo. 'dKWMMMX, .cKXXXXXXXXo xMd
lW. 'Kl .KMMMMM: xXXXXXXXXXXXXX0' ,KMMMMMMM. .OXXXXXXXXx xMd
;M; .Kd .NMMMMMMl kXXXXXXXXXXXK. lMMMMMMMMM. .OXXXXXXXXd 0M:
Nx 0X. dMMMMMMMMk;..;dl 'XXXXXXXXXXXc 'MMMMMMMMMMWd,..:Oc ,XXXXXXXXX: .WW.
dW. lXK KMMMMMMMMMMMMMMK KXXXXXXXXXX. dMMMMMMMMMMMMMMMMM0 KXXXXXXXXK. dMk
Wx KXK 0MMMMMMMMMMMMMMK KXXXXXXXXXX. xMMMMMMMMMMMMMMMMM0 KXXXXXXXXXc .MM.
:M; ;XXX; ,xxxxxxxxxxxxxx: 'XXXXXXXXXXXc 'xxxxxxxxxxxxxxxxx; ,XXXXXXXXXXO KMl
xM. oXXX0,,,,,,,,,,,,,,,,,,kXXXXXXXXXXXK;,,,,,,,,,,,,,,,,,,,,OXXXXXXXXXXX. xMO
0M xXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX. oMK
0M dXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX. oMK
xM. lXXXXXkdddddddddddddddddddddddddddddddddddddddddddddddddKXXXXXXXXXXXK kMk
:Mc 'XXXXXc'. :XXXXXXXXXXXx XMc
W0 OXXXXXX0 ............................................ OXXXXXXXXXX; ,MM.
oM' ,XXXXXXX, ............................................ oXXXXXXXXXO 0Mx
NK dXXXXXXO ........................................... lXXXXXXXXK. ;MN.
,Md kXXXXXXd .......................................... xXXXXXXXX; .NM;
cMl kXXXXXXo ......................................... .KXXXXXXK; .XMl
lMl dXXXXXXd ..................':lodxxdol:'......... .0XXXXXXK' .XMo
:Wx :KXXXXXk. ..............,lkKKKKKKKKKKKKkc'.... .0XXXXXXk. 'NMc
.XK. .xXXXXXK: ..........'oKKKKKKKKKKKKKKKKK0l.. lKXXXXX0; oMN'
dWo .xXXXXXO; .......,OKKKKKKKKKKKKKKKKKkc. .c0XXXXX0c 'KMx
.0Nc .oKXXXXO:. ...'0KKKKKKKKKKKKKK0d:. ,xKXXXXXO: .OM0'
,0No. ;xKXXXKx:. .;ldxkOOkkxol;'. 'cxKXXXXX0l. ,OMK;
'kWk, ,o0XXXXKko:,.........,:ldOKXXXXXKkc. .lXMO,
.cKNx; .,cxOKXXXXXXXXXXXXXXXXXXKko:. .lKMKl.
.cOWKd;. ..,;cllooollc:;'. 'ckNM0c.
'lONW0xl;.. .,:okXMNOo,
.,cdOXWMWNXKK00KKXNMMWXOdc,.
.,cokO00Okdc,.

10
extra/pre-build.d/etc/pacman.d/hooks/archiso.hook
View File

@ -1,10 +0,0 @@
[Trigger]
Type = File
Operation = Install
Operation = Upgrade
Target = usr/lib/initcpio/hooks/archiso

[Action]
Description = Modifying archiso usable space...
When = PostTransaction
Exec = /usr/bin/sed -i -e 's/"size=${cow_spacesize}",//g' -e 's@^[[:space:]]*if\ !\ cp\ "${img}"\ "/run/archiso/copytoram/${img_fullname}"\ ;\ then@if ! pv -pterabT "${img}" > "/run/archiso/copytoram/${img_fullname}" ; then@g' /usr/lib/initcpio/hooks/archiso

1
extra/pre-build.d/etc/systemd/system/multi-user.target.wants/NetworkManager-dispatcher.service
View File

@ -1 +0,0 @@
/dev/null

1
extra/pre-build.d/etc/systemd/system/multi-user.target.wants/NetworkManager.service
View File

@ -1 +0,0 @@
/dev/null

2
extra/pre-build.d/i686/root/pre-build.arch.sh
View File

@ -1,2 +0,0 @@
#!/bin/bash
# Put any arch-specific tasks here. They will be run after /root/pre-build.sh.

10
extra/pre-build.d/root/.ssh/authorized_keys Normal file
View File

@ -0,0 +1,10 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5+2R7ykAgF/IBOY0gvxWZpLzk+CpmjiCBFtQX2WN54qPYOluPgFudUEZ/zax0wccZG9qXm8fM7Jc11GqFVkxWU7sNEAIirmsE54nnXeIg7BEyamJ6l0FHkqgVV+GCWffe1cJtniIu99kz3KwgcPto4zgqcxE/RH8eSAPAX7SECAZxs3CMfPbOY7DcyUgKXaPynDvebp1Dp9q6lSrW1FBfPJOYzFdO4xGQV9VUQoCBjTqGfRCq5fvJ/tFpZAB5omwjfCis+rvgrWZsur7G5QSdh5Bphkblm9rBHdb8ot1CYSnHjKYfDr6IEDaQjiN1yw7YyjtXAjGF6a6El1AWHTnQPI5lYqXa5sL5XxjIP22NP2AihLeCey/e6sms4RrapKD5f6rnOF4zrMVkU8L40brpe3TsmqnYcmqRvj8h9U/2mMmPHzaUJvgf44JjQEXa57brU5BzQZJKZM7tBbIqGKwgI0VjYyHzfCWRd/TGvccPsCQajqIBrMet8EQc7TY4FLuZZyW+B3Jx7Tr2xSg03PJ+ODNjd1LL3e/vq6NdBXA2gNGY+9GrytfCQd3Oot4KV6JLgk+lHKlvk+24rxwPj/T9koimntQff5V+qS+NUqh/OpQSphecn6gz03rtmOCeOhLPADwdRmqSdbtSYZSr1HA+/yPsgcWBxrM2ag0g6SLC+w== root@maqabi
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5deDSXoounrijOls1qxtKFqT4xhaOdTZ5qWVYvF/2+O/Jq4B88pYbwFxd1YN1Dr67t/WUCToAUDiHBxxq3qSEbwQ1fNXnYPq7/2FvB715K5RIuQicAcHRmBHu70MZ9axPNMA+66I49Ps1t9rtssHBNvytrKHJ7/ACEsl024YQCxRtvM7MJH8iuZEO+pq2FTPHB1q2v4Bv22JY2rYe2/N2I4GMDIOz9sAreKAHSQWo7BX46AUhHqH6yNpLsLXGqq6xT6+/hJ5saUdjtd+zdYS5jsob2eHbwxoKBpsh9S7hwilyBPQ/2MpyYRh23RNu3km3fAKuN3lkbLL6SU+oa2OntfcdMC91p5GL6iYCABAteGKocz+4AxUfCdipPID/A55Q4J8YaN9xWQTHJhQ/mDuXBPZUJD4KwgDyIXBfRAmarWsVO//XzdrzQf/t4eVhkaOYUtRuWC+hFbXBI0tVII13myG1ZqvDD/ApLgQ7/Gx+3xy2ybG3aRJSzzX7C1qrNldarXXSYG6+29R+LOJUGmMj/36NhR1cryWUPxQuPr4//qRMtBOFPCxI2LlDlvXl69ZPbVr67or8iZBJyv9Y53l5rNZ1Vw7DPNwQI+PopP7GPDYjH7gfqtpUVQ6+lbaRX4pmkGwl3CfZvb0e1r71gGaCMwgaNu1LC1jVSZoZyb86zQ== bts@g.rainwreck.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5zY/ri5Fiyp4qArfZnBfCegU62QhNb6hUR+jtv7oRKZs7fC79BtUMqN/7NFkvDUmN5mM3sj8dVxAgCg+IabRb460yuklDTII8ojgSIpYCjoLNcOteWT9sclm1HjuH07YOAnZE/aXv0/rzhoQEKDw/9dWXFwJKaal2xw6jMQlyqO1wj21c45YnW83DrpjxUSRDo0T53NVlpLK77xar/guEopk4Q29Cr7A1pSEtHSFbSjqxTkpEBn8jyRHvH9F+S8qMyj0LoyRanAjvsny1snjuJXArDkLAAgGMWav5v8OMMrtTvSgf/2B/D74TeQiLiG1q/cN6FX+lSlOhmbvgT50MCOunuJqVeS9OvQgxw+R7OJcHVtH30wlZiQ/Zu7w4wN9ZSDYApqbtSgsqfUkbh5v3fgdWccsP/mKAYO6/NzII5pP+Xgosmi+ebZR3NutuX7nvclPDaDSHdO6ERYcRHEwxG+DinumssnirwdrNtbTOErEHrqKebf3ehBdcN2LIoyK34p8F4VaBOwE1OxdeEP012//bG4hULpFGryVfDYyItzdXksBgp3ujPjt5lqhvC9mm5UsPlT0792xUycgz8xWPxburJ1svlYoHnUENEApvmXGwiSFtedr3wdk3/Jg2C0LDMGZmIUzd8SEX9vf/+qcw6kMWYxatGbSi920uEO+9ZQ== root@dawid
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCRW5+ErOj0miGagL44vvhdYhYZVVNn7I3r58a67fE2X/R73b5ibPY9ngYZpG37ObzuGDT7Ld3Zx8H8LWpKsWyOGpAhilqM0wiQ4PXiFnZShHhRIZwam7j+9h8NBySbJHsFPBoNDqcmKXu2JCk1sD351N5J/xsVJL5qlpjnfNlcitf1yi6nf95bMiiFcVRF7cWeXqxhFO1Jl4RkHSlsljaDFg/dOlor5cNrv/cMcZ5IKJSAj58lRWHF2Bw0ip/75/1YgdzLxcYrLIeZwDKrg0U+9Mk4oBMCvQ9XUonpEGDWKz+2NyDuGa3nRcuYyv4PnKAlMdsreoGU8b9U9kvLKa3DreI4JdhcoEt5sEpY0wwblVfefRRQbebHE7JuQfFHHNLBLqGi08AwV+/8JwwvIrvoPoHfqnarocxqWSnHbaPr6CIeH764pWzZYvPSjSlf1eneVwCEmiH23zgiifL5pLzrZ56f4u+i9oQw4tSKnvpkOf+fGqnMAPdTGN0qFEOItXECXDCxB2z5mMmkL7rdVETUNpi40of1AABmLCeleeK5M6qht6tx6lTokD8Sgj3rMvRjG81XRJUP98CU2Ea8JJCXJLbXCBIb8AO/pYt4/3Xzw9kGeSKgYasj7PIUPuIIZvhFHM9sKgEfjCO//7FMGswR4Y/U+OF4DqMHMLeMrg85Pw== root@workhorse
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDaJpWY+mWEaZ8VHcm7YWZ+HaIRKW1jOuWc0posfrSTfWaewzmXYWiOFl7axXncEvpqcgO0G7dv3XAgvzaLj3t7TWPv+6sXcZi1VbPTC9R49k/iWm6F1iYVHxEkd4CIFQIpR//O1HZqTOrTLTSV7KuzRvJL74l6Egq8mfCw0LiKhXGLEONMOsjiQqeyivXTqb2CS7SnO/Ep40oUuS5KFbRAu+KIEhs0koSwgXxtT9ro+7BXT9sjC2nYFwEKtvFlMFEOIsBhFTk1zWpQjk79lngO+bNlpmBIuAcGhWr5Eju9nYqUaaf+QuK7oPUI+UPLK3biolg30cfk3U9N/IEUqHjZXHm2QKp3/jof1paa2Xs9twK/YetMpwvS0yshSDVIqMrVckx2foZn9hbfn06hcr6/JuxmV6ZG3Loci1H0CrXhT5T69IK2UDTYdIVqrVcVXOH9SpYZz2WRsJLavkrAfarSLFZsOoYsvYYPkKmN7YnKQFJSgPBzntaUmYpKRe2jXkwGDZBMCtQYOsmVHTwaI3nDAde7n6cad/DqTJO22XKV3EOsfbWFQ57GSX8evhR9N7nGYMs0JZ8dhNYa0rypV4+Us9Krlyi5tTjx9P56UGX5B4cfvkJfMPnojxbSEpxXR4OLjIQwy2WYfj5tzLhqXzD/1MktvRgEkjS1QmGN22k5Iw== bts@dawid
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDaXAvmExdcog1ZnNBgjR6Zd8G/VJamG2S5BU5lhpmk+iu7hRs29tPi1j1vjy1Sky5aDbh1AXM0W1ClvkNfx0QiJzlJWyDzd6bEh985tI3O1++uYiPJa8P9Iz+EMQuaXhfLgAMIZNZUWIRpctHqL2M+LPlgh/+sj5i+N0oELmIoSBVLY1XyO6Iid4J+aKBCht4xmtr/iGhyGb09xBvpvbVs96Fe4v+Yo1U/Wjbbj88Mb2qZ+00J0tANUHqiDwBTt6vBq3gQLjvZTEezd+VWj23nAr/9Z7ta3Vw5B1y+Q4XOJgPsYl59kaeHuestvuH2jSfgJ5DfhcrjaWvM8oFpi27HN1A020WKlt94wDH/F6qucnGGj2w8KN8Y7WKmhZ23tlelzhl38rMaJOQ8d92Pg+vQOQpBf1dkWyZ1K3bTTZ41tahIGvwGJ3qtez20FW31emWLo5dTBQXdn+FTvesUpbUyq9rxBbDNcnCgOSj1yUPP2BCjBOc0fSaYikwpTSCy5o8XlWvVbpRnPAhqTSoL9LUIKUzX3QtCRM7Vws/XKxhIK+ZXKUn3HxihHdC5uKv+JVQEc5yUbPgyjdZFIwAXC76mpOjDZGZiZbSVYVVRD6M8bIqekb/uhVsH5DXtO+54k9yEUladHg9fXSYzwXz2ehAkSWJzMrwYgp8Q7swpasLaPQ== bts@phone
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEu4B0qHRZ8mm+1TisJ5WmVmniBHkKDOcHvXG2J8gmV1Qe0wtNC0epgM1ekAfMVqoirAc6KllJn76nT0KbzcoQMQOnCPCmqPMQFC4p0uY4pI2GR5WbujrZzSro0RUOjxskPQtPHsq8ppreIlUMRAZd7GDvR1Y7kIjnfEcf99Y+nc2LhcNN9xGn7aOt8sW5EcgAHsq4pvTAw7J7+FMNQN1HQbZoC1F1pY/I8OJd3HpnwSnNlkZG9WD+kc4RNPQk/5RO5HlNYFsUQoooRBGCde3oIhsJgl07f/JolE2wio+Obsx11FD48enOGlq162p3USQQwgTTQaG9kKg/yiiqlmvwuUHBcOJ/zXlPYF72DlMw1UNLxHXV27x0LRpl9KISq1d/lgdRD6612iuYvRaqvxQG3E9ctgylJWKfxxUev5pPiQW5k/Wu0FGFFo3wMUzIZwpLezBAIK2j49u3Jh7+LCcl6Id4rHbFWW9nh1f7GtdGmtuoadEdE4lo5QSXFX58jXuZET4u90fHCqRlxCbzQxLgoXclcAUPmjJJr/HlR9qpGyQt/yNQbya8wTcm6MSjQprY92YpW22MHHxYpBgyx/j1fqno7qDig4QriRfOSSEgDr7KgwAfmO/Kg4ChFVppwe88bbFdAFfiEHTLRZFRIm3Oe+VZBIeq62lkNKKloKSXzQ== bts@maqabi
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDM13PTELuHUE/0mpHPUKQ/vl1SawYdjFjzpMymZ5Z5c/z3+/lSisYFqRx88hzfpiGdJG8gn4z8XlbpFZJz+onH/794m115hPHisOEskgmc2nSXktPDWf92Yxcy9NxM3jE2k2aAhsyKJmJ4X0+g0JGebSSjmEpneMQrT+M68GYJ6Gduk6t9SrQr1xvgUOm6/Vv55yvffzbiYHopZNdnG3J1iP1TsT9teglNmUHarRIH7q3q5jN4NVPwCMGbXjAvO+Q82b6xSnW2J6Sn8n51k5mDvsqHWCgjpF1UO3XrFn6IBxB+MPsZF58QkRI6AkLZmkdqIEUD5tiEMTFEo+xaxDk8rN+IdV2M4obwpefXdN08jOYcNmGjit41e/nSxnYOmJK47IPXaFn/XFSph2w7dJg00YGVkdj2JqaeoAg0GJGnF1PD1LWdUuOXnU/5dbXrzwy0FfAJVjJecItACaYEcg9R98RMKvBW6VOvQldGZ6VxrrrlrNBoG9ZzRmtNYHXz7AhR9x4HNEhUBAnzyQq7yQJ/5fP5L15I1LP6xQYCLnQyWgGjkyLgpDN7YnfHN2AfE+DwzYB8NgkiQ2JAgTPsxj2e0p2jGrS8QeH2Mqc8pPQkx093m687/u1f23wjwNiwe73PAfUz3kFkTTj/SXYVCHc8cQobjVpxLTV+tXm2r7Ne1w== bts@workhorse
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWLMELTFGG+2SyiyCvr6rtLoEqk2KvloHoR33/4u2KVWDV2D8JHY8FFldY40n/Ek7lhD97v4tdUJwc4t9orRHangU6HeAnkh8eiJ1o+gqNBPMTxWn859IAK2eHQ811gglbSn3YyyuJk3IR6i43ZI4zy7fg0XN8ByOwscHPRrWs3oa7CmjvLQWgl3yKn7ehIsnhZHTQxFOdaG1wTkAiWgWPn92E+npS0pHvg5/6NYs6yRdK8ohLuxuIyzmCTI0rL8KvawpAO0wM9RRkosMheFgwhFOd7j3wWFLxTUEFeOBV/Qv0+77BkH2WGO5jCru/LSBcln/KtTmDFFIIVMjkRyjx87CwqP/TqbVlHCa0ey2uIQhdMVo8dRLqMYVWbxSoSwGtqctRXPfAA6rg5mcxWvJyUV7G1WLnuix11k8ErHsKQmTzhBwE2P5OgIWcrEygptUNykuy5o/ZlD7Uw+EZPeoqZ8z4wE+ECGqGCcuicviXjy6OPLH/+nIBjoqZaEdiQHSz/778xU9C361CKdRXBWVUUgB0yqE+TQOARefsWVTrMXC0/GnSWYipNRKn1GXN1H7ttHCgsym4a7iOguuMfsYzJ7BY1897xylfHrxhgduX62c4S1QJBfvlfMbgCn82myum5ZrS2Vep0Kl5tizgCNl2mqODdtQPpP+PgmBGHf4/hQ== root@guru.square-r00t.net
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDz53DTICmBDfNUfhdnwQGUbFMGWhFBksAy1Vt6/2L7opdNqyxocIJT3qjlllpZA5Stb0frDnzNW3oe0yq6L9g4h7z4O8jaWgsqZeFzUqNJdsBJIpsmuZxA1PrWb5scxyhZz4JJpVoVDCU3bXesBPVA7OOeWL/pq43q55wwiVzV9A9JDI4wScwshyHrfwkaQJoLv9mRUuYfIghUbyi50B2cVAzna2TDjNFxk33V1PIFmWLoxlJHzrB36w9VoRL5geVeUmTvv+LOiKeOJ+LlWP+H6tu4hygdwpS+ktJ7I+RKOKD0KlqqQHeMGDIeXiXRFLoayp1jx4LnzEmaIKxPmwTdvytrNE9Ejr+SzCgNOaWZVA2CmYF/hvlrAsdZC3v8Gv6D18Au2gWIQUA1UAKe40xMtLNlOip9lE1x+Le4gkDTuGRr8pjv45ewzZnNoP6AymXToXlhvCSMDPMja/u/DEz0p7G28JnbLnGUZDX1xrrQLhZ8OtnwBZEoCeDxLsEmTWv/KVTrf/Sels2cCXT9n3xSSwNjTijeMuQ5afyQO2+XXEwxMbpQKAH/KoBt2Da1xRpq0CSsjYtCkddKdksipgwLVVXwFzib/IzxhNMdguMxLgz1bX1c9pzFJI6gA0CdwJrWqfq0SKzZZQJOBDrmhNJEUQcDT+QYBso+8CdcIZh5ew== root@g.rainwreck.com

45
extra/pre-build.d/root/packages.both
View File

@ -14,15 +14,13 @@ atop
autopsy
autossh
backuppc
## TODO: grab all the bacula packages in here
#bacula
#bacula ## TODO: grab all the bacula packages in here
beep
bin86
bind-tools
binutils
bluez-utils
## TODO: ugh. apacman has a new "regex mode"... that you can't disable. https://github.com/oshazard/apacman/issues/79
#bonnie++
bonnie++ ## TODO: ugh. apacman has a new "regex mode"... that you can't disable. https://github.com/oshazard/apacman/issues/79
boxbackup-client
boxbackup-server
bozocrack-git
@ -57,15 +55,13 @@ dd_rescue
dd_rhelp
debianutils
debootstrap
## giving a weird dependency issue
#dialog
#dialog #giving a weird dependency issue
diffutils
djohn
dmidecode
dnssec-anchors
dnstracer
## replaced by bind-tools, https://www.archlinux.org/packages/extra/x86_64/bind-tools/
#dnsutils
#dnsutils #replaced by bind-tools, https://www.archlinux.org/packages/extra/x86_64/bind-tools/
dos2unix
dropbear
dstat
@ -114,7 +110,6 @@ gst-libav
gst-plugins-ugly
hashcat
hashdeep
haveged
hddtemp
hdparm
hexcurse
@ -149,17 +144,14 @@ keyutils
kismet-allplugins
lftp
links
## requires a /dev/input, which apparently isn't included in the chroots
#logkeys-git
#logkeys-git # requires a /dev/input, which apparently isn't included in the chroots
lm_sensors
lrzsz
lshw
## giving intermittent errors when trying to fetch source
#lsiutil
#lsiutil # giving intermittent errors when trying to fetch source
lsof
lsscsi
## apacman currently doesn't like package groups, so...
#lxde
#lxde # apacman currently doesn't like package groups, so...
gpicview
lxappearance
lxappearance-obconf
@ -180,23 +172,21 @@ pcmanfm
lynx
#lzip
macchanger
## no longer maintained, upstream down
#magicrescue
#magicrescue # no longer maintained, upstream down
mbr
mbuffer
mcelog
mdadm
mdcrack
## superseded by storcli
# superseded by storcli
#megaraid-cli
memtester
mfoc
minicom
## mindi-busybox fails to build 09.23.2016
#mondo
#mondo # mindi-busybox fails to build 09.23.2016
mtd-utils
mtr
mtree-git
mtree
multipath-tools
myrescue
nbd
@ -207,14 +197,13 @@ net-snmp
netselect
nettle
networkmanager-pptp
nginx-mainline
nginx-devel
ngrep
nmap
nmon
ntfs-3g
ntfsfixboot
## broken since they moved to github(?)
#nwipe
#nwipe #broken since they moved to github(?)
nwipe-git
obnam
open-iscsi
@ -283,15 +272,13 @@ smartmontools
smbclient
s-nail
socat
## do people even USE tape backups anymore?
#star
#star ## do people even USE tape backups anymore?
storcli
strace
stress
sucrack
symlinks
sysstat
systemd-sysvcompat
tcpdump
tcpslice
tcptraceroute
@ -302,7 +289,6 @@ thttpd
tmon
tmux
tre
tree
truecrack-git
truecrypt
tor
@ -328,8 +314,7 @@ vncrack
vnstat
vpnc
weplab
## currently depends on dialog, which is broke as shit
#whdd
#whdd #currently depends on dialog, which is broke as shit
whois
wifite-mod-pixiewps-git
wipe

350
extra/pre-build.d/root/packages.both.FULL
View File

@ -1,350 +0,0 @@
# Commented lines are supported (via a preceding # only).
# Packages from the AUR can be specified.
# We need to install all X drivers.
abs
acpi
#acpidump
#afflib
aircrack-ng
apr
apr-util
arj
asciidoc
atop
autopsy
autossh
backuppc
## TODO: grab all the bacula packages in here
#bacula
beep
bin86
bind-tools
binutils
bluez-utils
## TODO: ugh. apacman has a new "regex mode"... that you can't disable. https://github.com/oshazard/apacman/issues/79
#bonnie++
boxbackup-client
boxbackup-server
bozocrack-git
bridge-utils
burp-backup-git
btrfs-progs
cabextract
cdrtools
cdw
cfv
chapcrack-git
chntpw
cifs-utils
ckermit
clamav
clonezilla
cmospwd
colordiff
cowpatty
cpio
cpuburn
cpupower
crackpkcs12
cryptcat
cryptsetup
csync2
customizepkg-scripting
dar
dcfldd
ddrescue
dd_rescue
dd_rhelp
debianutils
debootstrap
## giving a weird dependency issue
#dialog
diffutils
djohn
dmidecode
dnssec-anchors
dnstracer
## replaced by bind-tools, https://www.archlinux.org/packages/extra/x86_64/bind-tools/
#dnsutils
dos2unix
dropbear
dstat
dump
dumpet
duplicity
dvd+rw-tools
e2fsprogs
easy-rsa
ecryptfs-utils
ed
elfutils
#elilo-efi
elinks
etc-update
ethtool
exfat-utils
ext3grep
extundelete
f2fs-tools
fang
fbset
fcgi
fcgiwrap
fcrackzip
fdupes
file
findmyhash
findutils
firefox
flac
flashrom
foremost
fsarchiver
fuse
gd
git
gnu-efi-libs
gnu-netcat
gpart
gparted
gperftools
gpm
gptfdisk
gst-libav
gst-plugins-ugly
hashcat
hashdeep
haveged
hddtemp
hdparm
hexcurse
hexedit
hfsprogs
hfsutils
htop
httping
hwdetect
hwinfo
hydra
idnkit
ifenslave
iftop
inetutils
iotop
iozone
ipcalc
iperf
iperf3
ipsec-tools
iptraf-ng
ipython
irssi
iso-codes
isomaster
jasper
jfsutils
#john-mpi
john
keyutils
kismet-allplugins
lftp
links
## requires a /dev/input, which apparently isn't included in the chroots
#logkeys-git
lm_sensors
lrzsz
lshw
## giving intermittent errors when trying to fetch source
#lsiutil
lsof
lsscsi
## apacman currently doesn't like package groups, so...
#lxde
gpicview
lxappearance
lxappearance-obconf
lxde-common
lxde-icon-theme
lxdm
lxinput
lxlauncher
lxmusic
lxpanel
lxrandr
lxsession
lxtask
lxterminal
openbox
pcmanfm
# end lxde
lynx
#lzip
macchanger
## no longer maintained, upstream down
#magicrescue
mbr
mbuffer
mcelog
mdadm
mdcrack
## superseded by storcli
#megaraid-cli
memtester
mfoc
minicom
## mindi-busybox fails to build 09.23.2016
#mondo
mtd-utils
mtr
mtree-git
multipath-tools
myrescue
nbd
ncftp
ncompress
ncrack
net-snmp
netselect
nettle
networkmanager-pptp
nginx-mainline
ngrep
nmap
nmon
ntfs-3g
ntfsfixboot
## broken since they moved to github(?)
#nwipe
nwipe-git
obnam
open-iscsi
openipmi
ophcrack
os-prober
p7zip
pack
par2cmdline
partclone
partclone-utils
parted
partimage
pax-utils
pciutils
pcmciautils
pdfcrack
perf
php
php-fpm
php-gd
php-mcrypt
phrasendrescher
pigz
pkgfile
pkgtools
ppp
pptpclient
procinfo-ng
procps-ng
progsreiserfs
psmisc
pwgen
pixz
pyrit
python2-gnuplot
python2-pyx
rarcrack
rcracki_mt
rdiff-backup
read-edid
reaver-wps-fork-t6x-git
rename
rfkill
rp-pppoe
rpcbind
rpmextract
rp-pppoe
rsnapshot
rygel
safecopy
samba
scalpel-git
scapy
screen
scrounge-ntfs
scrub
scsiadd
sdparm
setserial
sg3_utils
sharutils
sipcalc
sipcrack
smartmontools
smbclient
s-nail
socat
## do people even USE tape backups anymore?
#star
storcli
strace
stress
sucrack
symlinks
sysstat
systemd-sysvcompat
tcpdump
tcpslice
tcptraceroute
testdisk
tftp-hpa
thin-provisioning-tools
thttpd
tmon
tmux
tre
tree
truecrack-git
truecrypt
tor
udftools
#udpcast
unace
unison
unrar
unshield
unzip
usb_modeswitch
usbip
usbutils
vim-a
vim-bufexplorer
vim-indent-object
vim-minibufexpl
vim-nerdtree
vim-syntastic
vim-workspace
vlc
vncrack
vnstat
vpnc
weplab
## currently depends on dialog, which is broke as shit
#whdd
whois
wifite-mod-pixiewps-git
wipe
wireshark-cli
wpscrack
wput
x11vnc
xfburn
xfsdump
xfsprogs
xmlto
xorg
xorg-drivers
xorg-xinit
xterm
zerofree
zip
zsh

4
extra/pre-build.d/root/packages.both.SMALL
View File

@ -1,4 +0,0 @@
# Commented lines are supported (via a preceding # only).
# Packages from the AUR can be specified.
# We need to install all X drivers.
mtree-git

7
extra/pre-build.d/root/pre-build.sh
View File

@ -141,12 +141,7 @@ then
fi
# Add the regular user
useradd -m -s /bin/bash -c "${USERCOMMENT}" ${REGUSR}
usermod -aG users,games,video,audio ${REGUSR} # TODO: remove this in lieu of $REGUSR_GRPS? these are all kind of required, though, for regular users anyways
for g in $(echo ${REGUSR_GRPS} | sed 's/,[[:space:]]*/ /g');
do
getent group ${g} > /dev/null 2>&1 || groupadd ${g}
usermod -aG ${g} ${REGUSR}
done
usermod -aG users,games,video,audio ${REGUSR}
passwd -d ${REGUSR}
# Add them to sudoers
mkdir -p /etc/sudoers.d

2
extra/pre-build.d/x86_64/root/pre-build.arch.sh
View File

@ -1,2 +0,0 @@
#!/bin/bash
# Put any arch-specific tasks here. They will be run after /root/pre-build.sh.

2
extra/templates/VERSION_INFO.txt.j2
View File

@ -2,5 +2,5 @@ Version: {{ bdisk['ver'] }}
Build: {{ build['buildnum'] }}
Time: {{ build['time'] }}
Machine: {{ hostname }} ({{ distro }})
User: {{ build['user'] }}{% if build['realuser'] is defined and build['realuser']|length > 0 %} ({{ build['realuser'] }}){% endif %}
User: {{ build['user'] }}{% if build['realuser'] is defined and build['realuser'] > 0 %} ({{ build['realuser'] }}){% endif %}


1
extra/templates/pre-build.d/etc/hostname.j2
View File

@ -1 +0,0 @@
{{ bdisk['uxname']|lower }}.loc.lan

12
extra/templates/pre-build.d/root/VARS.txt.j2
View File

@ -1,12 +0,0 @@
export DISTNAME='{{ bdisk['name']|upper }}'
export UXNAME='{{ bdisk['name']|lower }}'
export PNAME='{{ bdisk['name'] }}'
export DISTPUB='{{ bdisk['dev'] }}'
export DISTDESC='{{ bdisk['desc'] }}'
export REGUSR='{{ user['username']|lower }}'
export REGUSR_GRPS='{{ user['groups'] }}'
export USERCOMMENT='{{ user['name'] }}'
export REGUSR_PASS='{{ user['password'] }}'
export ROOT_PASS='{{ bdisk['root_password'] }}'
export SIGKEY='{{ mygpgkey }}'

64
overlay/etc/bash.bashrc Normal file
View File

@ -0,0 +1,64 @@
#
# /etc/bash.bashrc
#

# If not running interactively, don't do anything
[[ $- != *i* ]] && return

PS1='[\u@\h \W]\$ '
PS2='> '
PS3='> '
PS4='+ '

case ${TERM} in
xterm*|rxvt*|Eterm|aterm|kterm|gnome*)
PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"'

;;
screen)
PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033_%s@%s:%s\033\\" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"'
;;
esac

[ -r /usr/share/bash-completion/bash_completion ] && . /usr/share/bash-completion/bash_completion

alias vi='/usr/bin/vim'
export EDITOR="vim"

if [ -f ~/.bashrc ];
then
source ~/.bashrc
fi
if [ -d ~/bin ];
then
export PATH="$PATH:~/bin"
fi

alias grep='grep --color'
alias egrep='egrep --color'

alias ls='ls --color=auto'
PS1='[\u@\h \W]\$ '

export HISTTIMEFORMAT="%F %T "
export PATH="${PATH}:/sbin:/bin:/usr/sbin"

DEFROUTEIF=$(ip route show | egrep '^default' | awk '{print $5}')

echo
echo "==================================="
date
if [ -n "${DEFROUTEIF}" ];
then
IPADDR=$(ip a s dev ${DEFROUTEIF} | egrep '^[[:space:]]*inet\ ' | awk '{print $2}' | cut -f1 -d"/")
HWADDR=$(ip l show dev ${DEFROUTEIF} | egrep '^[[:space:]]*link' | awk '{print $2}')
echo
echo -n "${DEFROUTEIF} (${HWADDR}) is: ${IPADDR}"
fi
echo
echo -n "tun0 is: "
ifconfig tun0 | grep inet | grep -v "inet6" | awk '{print $2}'
echo
echo "http://bdisk.square-r00t.net/"
echo "==================================="
echo

62
overlay/etc/lxdm/lxdm.conf Normal file
View File

@ -0,0 +1,62 @@
[base]
## uncomment and set autologin username to enable autologin
#autologin=bdisk

## uncomment and set timeout to enable timeout autologin,
## the value should >=5
# timeout=10

## default session or desktop used when no systemwide config
# session=/usr/bin/startlxde

## uncomment and set to set numlock on your keyboard
# numlock=0

## set this if you don't want to put xauth file at ~/.Xauthority
# xauth_path=/tmp

# not ask password for users who have empty password
# skip_password=1

## greeter used to welcome the user
greeter=/usr/lib/lxdm/lxdm-greeter-gtk

[server]
## arg used to start xserver, not fully function
arg=/usr/bin/X -background vt1
# uncomment this if you really want xserver listen to tcp
# tcp_listen=1
# uncoment this if you want reset the xserver after logou
# reset=1

[display]
## gtk theme used by greeter
gtk_theme=Clearlooks

## background of the greeter
# bg=/usr/share/backgrounds/default.png

## if show bottom pane
bottom_pane=1

## if show language select control
lang=1

## if show keyboard layout select control
keyboard=0

## the theme of greeter
theme=Industrial

[input]

[userlist]
## if disable the user list control at greeter
disable=0

## whitelist user
white=

## blacklist user
black=

10
extra/pre-build.d/etc/systemd/scripts/livecd.fix.sh → overlay/etc/systemd/scripts/livecd.fix.sh
View File

@ -1,7 +1,5 @@
#/bin/sh -

locale-gen

#chmod 4755 /opt/google/chrome-beta/chrome-sandbox
chmod 4755 /usr/bin/sudo

@ -22,7 +20,7 @@ do
done

function fuck_you_gimme_net() {
IFACE=$(ip -o link | awk '{print $2}' | egrep -E '^((en|wl)p?|em)' | sed -e 's/:$//g' | head -n1)
IFACE=$(ifconfig -a -s | egrep -E '^((en|wl)p?|em)' | awk '{print $1}' | tr '\n' ' ' | sed -e 's/\ $//g')
for i in ${IFACE};
do

@ -41,15 +39,15 @@ do
DEV='wireless-open'
fi

ip link set dev ${i} down
ifconfig ${i} down
cp -a /etc/netctl/examples/${DEV} /etc/netctl/${i}
sed -i -re "s/^([[:space:]]*Interface[[:space:]]*=).*/\1${i}/g" /etc/netctl/${i}
if [ "${DEV}" == "wireless-open" ];
then
ip link set dev ${i} up && \
ifconfig ${i} up && \
ESSID=$(iwlist ${i} scanning | egrep -A5 -B5 '^[[:space:]]*Encryption key:off' | egrep '^[[:space:]]*ESSID:' | sed -re 's/^[[:space:]]*ESSID:(.*)/\1/g')
sed -i -re "s/^([[:space:]]*ESSID[[:space:]]*=).*/\1${ESSID}/g" /etc/netctl/${i}
ip link set ${i} down
ifconfig ${i} down
fi
netctl restart ${i} > /dev/null 2>&1
#cat /etc/resolvconf.conf.failover > /etc/resolvconf.conf

1
overlay/etc/systemd/system/dbus-org.freedesktop.NetworkManager.service Symbolic link
View File

@ -0,0 +1 @@
/usr/lib/systemd/system/NetworkManager.service

1
overlay/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service Symbolic link
View File

@ -0,0 +1 @@
/usr/lib/systemd/system/NetworkManager-dispatcher.service

5
overlay/etc/systemd/system/getty@tty1.service.d/autologin.conf Normal file
View File

@ -0,0 +1,5 @@
#[Service]
##Type=simple
#Type=idle
#ExecStart=
#ExecStart=-/usr/bin/agetty --autologin bdisk --noclear %I 38400 linux

0
extra/pre-build.d/etc/systemd/system/livecdfix.service → overlay/etc/systemd/system/livecdfix.service
View File

1
overlay/etc/systemd/system/multi-user.target.wants/NetworkManager.service Symbolic link
View File

@ -0,0 +1 @@
/usr/lib/systemd/system/NetworkManager.service

0
extra/pre-build.d/etc/systemd/system/multi-user.target.wants/livecdfix.service → overlay/etc/systemd/system/multi-user.target.wants/livecdfix.service
View File

1
overlay/etc/systemd/system/multi-user.target.wants/openvpn-client@client.service Symbolic link
View File

@ -0,0 +1 @@
/usr/lib/systemd/system/openvpn-client@.service

1
overlay/etc/systemd/system/multi-user.target.wants/sshd.service Symbolic link
View File

@ -0,0 +1 @@
/usr/lib/systemd/system/sshd.service

22
overlay/etc/vimrc Normal file
View File

@ -0,0 +1,22 @@
" All system-wide defaults are set in $VIMRUNTIME/archlinux.vim (usually just
" /usr/share/vim/vimfiles/archlinux.vim) and sourced by the call to :runtime
" you can find below. If you wish to change any of those settings, you should
" do it in this file (/etc/vimrc), since archlinux.vim will be overwritten
" everytime an upgrade of the vim packages is performed. It is recommended to
" make changes after sourcing archlinux.vim since it alters the value of the
" 'compatible' option.

" This line should not be removed as it ensures that various options are
" properly set to work with the Vim-related packages.
runtime! archlinux.vim

" If you prefer the old-style vim functionalty, add 'runtime! vimrc_example.vim'
" Or better yet, read /usr/share/vim/vim74/vimrc_example.vim or the vim manual
" and configure vim to your own liking!

set number
syntax on
set paste
if has("autocmd")
au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
endif