Compare commits
5 Commits
Author | SHA1 | Date |
---|---|---|
brent s. | 77c1aea510 | |
brent s. | e72eee4dec | |
brent s. | 2b233b9af9 | |
brent s. | c2cfd3298f | |
brent s. | 2db702107d |
|
@ -1,6 +1,7 @@
|
|||
# We don't want local build settings in case someone's using
|
||||
# the git dir as a place to store their build.ini
|
||||
/build.ini
|
||||
/build.ini.*
|
||||
/dist.build.ini
|
||||
*.bak
|
||||
|
||||
|
|
|
@ -1,5 +1,10 @@
|
|||
-investigate weird signing issue- if you specify a key to sign with, it appears that the squashed images (at least in the http dir) doesn't have a sig/asc. do they need to copy it over? or is it not even signing them?
|
||||
-switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT.
|
||||
-more pythonic! classes (because inits help), use list or tuple constant for checksums, try vars-ing the configparser stuff (and move defaults to in-code?),
|
||||
change path combinations to use os.path.join etc.
|
||||
-modularity: https://stackoverflow.com/a/8719100
|
||||
|
||||
-mtree-like functionality; if mtree spec is found, apply that to files in overlay (or chroot even); otherwise copy from overlay and don't touch chroot
|
||||
|
||||
-i_am_a_racecar optimizations
|
||||
- different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411
|
||||
|
@ -27,6 +32,8 @@
|
|||
--iPXE's curl
|
||||
--initrd's curl
|
||||
-WISH: Better logging/debugging
|
||||
https://web.archive.org/web/20170726052946/http://www.lexev.org/en/2013/python-logging-every-day/
|
||||
|
||||
-WISH: signing for secureboot releases (PreLoader and loader.efi handle this okay, but require manual intervention)
|
||||
-does loader.efi support splash backgrounds? can i implement that differently somehow?
|
||||
--yes, see e.g. https://www.reddit.com/r/archlinux/comments/3bwgf0/where_put_the_splasharchbmp_to_splash_screen_boot/
|
||||
|
|
|
@ -7,6 +7,8 @@ NOTE: Due to requiring various mounting and chrooting, BDisk must be run as the
|
|||
|
||||
To initiate a build, simply run `<basedir>/bdisk/bdisk.py`. That's it! Everything should continue automatically.
|
||||
|
||||
If you'd like to specify a path to a specific build configuration, you can use `<basedir>/bdisk/bdisk.py path/to/build.ini`. The default is _/etc/bdisk/build.ini_ (plus <<the_code_build_ini_code_,other locations>>).
|
||||
|
||||
If you're using a packaged version you installed from your distro's package manager, you instead should run wherever it installs to. Most likely this is going to be `/usr/sbin/bdisk`. (On systemd build hosts that have done the https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/[/usr merge^], you can use `/usr/sbin/bdisk` or `/sbin/bdisk`.)
|
||||
|
||||
If you encounter any issues during the process, make sure you read the documentation -- if your issue still isn't addressed, please be sure to file a <<bug_reports_feature_requests,bug report>>!
|
||||
|
|
|
@ -35,6 +35,7 @@ We'll go into more detail for each section below.
|
|||
[user]
|
||||
username = ${bdisk:uxname}
|
||||
name = Default user
|
||||
groups = ${bdisk:uxname},admin
|
||||
password = $$6$$t92Uvm1ETLocDb1D$$BvI0Sa6CSXxzIKBinIaJHb1gLJWheoXp7WzdideAJN46aChFu3hKg07QaIJNk4dfIJ2ry3tEfo3FRvstKWasg/
|
||||
[source_x86_64]
|
||||
mirror = mirror.us.leaseweb.net
|
||||
|
@ -192,6 +193,15 @@ What comment/description/real name should be used for the user? For more informa
|
|||
|
||||
. ASCII only
|
||||
|
||||
==== `groups`
|
||||
What groups this user should be added to, comma-separated. They will be created if they don't exist yet. Standard *nix group names rules apply:
|
||||
|
||||
. ASCII only
|
||||
. 32 characters or less
|
||||
. Can only contain lower-case letters, numeric digits, underscores, or dashes (and can end with a dollar sign)
|
||||
. Must start with a (lower-case) letter or underscore
|
||||
. No whitespace
|
||||
|
||||
==== `password`
|
||||
The escaped, salted, hashed string to use for the non-root user.
|
||||
|
||||
|
|
|
@ -26,6 +26,7 @@ user = yes
|
|||
[user]
|
||||
username = ${bdisk:uxname}
|
||||
name = Default user
|
||||
groups = ${bdisk:uxname},admin
|
||||
password =
|
||||
|
||||
[source_x86_64]
|
||||
|
|
|
@ -26,6 +26,7 @@ user = yes
|
|||
[user]
|
||||
username = ${bdisk:uxname}
|
||||
name = Default user
|
||||
groups = ${bdisk:uxname},admin
|
||||
password =
|
||||
|
||||
[source_x86_64]
|
||||
|
|
|
@ -22,7 +22,7 @@ do
|
|||
done
|
||||
|
||||
function fuck_you_gimme_net() {
|
||||
IFACE=$(ifconfig -a -s | egrep -E '^((en|wl)p?|em)' | awk '{print $1}' | tr '\n' ' ' | sed -e 's/\ $//g')
|
||||
IFACE=$(ip -o link | awk '{print $2}' | egrep -E '^((en|wl)p?|em)' | sed -e 's/:$//g' | head -n1)
|
||||
for i in ${IFACE};
|
||||
do
|
||||
|
||||
|
@ -41,15 +41,15 @@ do
|
|||
DEV='wireless-open'
|
||||
fi
|
||||
|
||||
ifconfig ${i} down
|
||||
ip link set dev ${i} down
|
||||
cp -a /etc/netctl/examples/${DEV} /etc/netctl/${i}
|
||||
sed -i -re "s/^([[:space:]]*Interface[[:space:]]*=).*/\1${i}/g" /etc/netctl/${i}
|
||||
if [ "${DEV}" == "wireless-open" ];
|
||||
then
|
||||
ifconfig ${i} up && \
|
||||
ip link set dev ${i} up && \
|
||||
ESSID=$(iwlist ${i} scanning | egrep -A5 -B5 '^[[:space:]]*Encryption key:off' | egrep '^[[:space:]]*ESSID:' | sed -re 's/^[[:space:]]*ESSID:(.*)/\1/g')
|
||||
sed -i -re "s/^([[:space:]]*ESSID[[:space:]]*=).*/\1${ESSID}/g" /etc/netctl/${i}
|
||||
ifconfig ${i} down
|
||||
ip link set ${i} down
|
||||
fi
|
||||
netctl restart ${i} > /dev/null 2>&1
|
||||
#cat /etc/resolvconf.conf.failover > /etc/resolvconf.conf
|
||||
|
|
|
@ -14,13 +14,15 @@ atop
|
|||
autopsy
|
||||
autossh
|
||||
backuppc
|
||||
#bacula ## TODO: grab all the bacula packages in here
|
||||
## TODO: grab all the bacula packages in here
|
||||
#bacula
|
||||
beep
|
||||
bin86
|
||||
bind-tools
|
||||
binutils
|
||||
bluez-utils
|
||||
bonnie++ ## TODO: ugh. apacman has a new "regex mode"... that you can't disable. https://github.com/oshazard/apacman/issues/79
|
||||
## TODO: ugh. apacman has a new "regex mode"... that you can't disable. https://github.com/oshazard/apacman/issues/79
|
||||
#bonnie++
|
||||
boxbackup-client
|
||||
boxbackup-server
|
||||
bozocrack-git
|
||||
|
@ -55,13 +57,15 @@ dd_rescue
|
|||
dd_rhelp
|
||||
debianutils
|
||||
debootstrap
|
||||
#dialog #giving a weird dependency issue
|
||||
## giving a weird dependency issue
|
||||
#dialog
|
||||
diffutils
|
||||
djohn
|
||||
dmidecode
|
||||
dnssec-anchors
|
||||
dnstracer
|
||||
#dnsutils #replaced by bind-tools, https://www.archlinux.org/packages/extra/x86_64/bind-tools/
|
||||
## replaced by bind-tools, https://www.archlinux.org/packages/extra/x86_64/bind-tools/
|
||||
#dnsutils
|
||||
dos2unix
|
||||
dropbear
|
||||
dstat
|
||||
|
@ -145,14 +149,17 @@ keyutils
|
|||
kismet-allplugins
|
||||
lftp
|
||||
links
|
||||
#logkeys-git # requires a /dev/input, which apparently isn't included in the chroots
|
||||
## requires a /dev/input, which apparently isn't included in the chroots
|
||||
#logkeys-git
|
||||
lm_sensors
|
||||
lrzsz
|
||||
lshw
|
||||
#lsiutil # giving intermittent errors when trying to fetch source
|
||||
## giving intermittent errors when trying to fetch source
|
||||
#lsiutil
|
||||
lsof
|
||||
lsscsi
|
||||
#lxde # apacman currently doesn't like package groups, so...
|
||||
## apacman currently doesn't like package groups, so...
|
||||
#lxde
|
||||
gpicview
|
||||
lxappearance
|
||||
lxappearance-obconf
|
||||
|
@ -173,18 +180,20 @@ pcmanfm
|
|||
lynx
|
||||
#lzip
|
||||
macchanger
|
||||
#magicrescue # no longer maintained, upstream down
|
||||
## no longer maintained, upstream down
|
||||
#magicrescue
|
||||
mbr
|
||||
mbuffer
|
||||
mcelog
|
||||
mdadm
|
||||
mdcrack
|
||||
# superseded by storcli
|
||||
## superseded by storcli
|
||||
#megaraid-cli
|
||||
memtester
|
||||
mfoc
|
||||
minicom
|
||||
#mondo # mindi-busybox fails to build 09.23.2016
|
||||
## mindi-busybox fails to build 09.23.2016
|
||||
#mondo
|
||||
mtd-utils
|
||||
mtr
|
||||
mtree-git
|
||||
|
@ -204,7 +213,8 @@ nmap
|
|||
nmon
|
||||
ntfs-3g
|
||||
ntfsfixboot
|
||||
#nwipe #broken since they moved to github(?)
|
||||
## broken since they moved to github(?)
|
||||
#nwipe
|
||||
nwipe-git
|
||||
obnam
|
||||
open-iscsi
|
||||
|
@ -273,7 +283,8 @@ smartmontools
|
|||
smbclient
|
||||
s-nail
|
||||
socat
|
||||
#star ## do people even USE tape backups anymore?
|
||||
## do people even USE tape backups anymore?
|
||||
#star
|
||||
storcli
|
||||
strace
|
||||
stress
|
||||
|
@ -317,7 +328,8 @@ vncrack
|
|||
vnstat
|
||||
vpnc
|
||||
weplab
|
||||
#whdd #currently depends on dialog, which is broke as shit
|
||||
## currently depends on dialog, which is broke as shit
|
||||
#whdd
|
||||
whois
|
||||
wifite-mod-pixiewps-git
|
||||
wipe
|
||||
|
|
|
@ -14,13 +14,15 @@ atop
|
|||
autopsy
|
||||
autossh
|
||||
backuppc
|
||||
#bacula ## TODO: grab all the bacula packages in here
|
||||
## TODO: grab all the bacula packages in here
|
||||
#bacula
|
||||
beep
|
||||
bin86
|
||||
bind-tools
|
||||
binutils
|
||||
bluez-utils
|
||||
bonnie++ ## TODO: ugh. apacman has a new "regex mode"... that you can't disable. https://github.com/oshazard/apacman/issues/79
|
||||
## TODO: ugh. apacman has a new "regex mode"... that you can't disable. https://github.com/oshazard/apacman/issues/79
|
||||
#bonnie++
|
||||
boxbackup-client
|
||||
boxbackup-server
|
||||
bozocrack-git
|
||||
|
@ -55,13 +57,15 @@ dd_rescue
|
|||
dd_rhelp
|
||||
debianutils
|
||||
debootstrap
|
||||
#dialog #giving a weird dependency issue
|
||||
## giving a weird dependency issue
|
||||
#dialog
|
||||
diffutils
|
||||
djohn
|
||||
dmidecode
|
||||
dnssec-anchors
|
||||
dnstracer
|
||||
#dnsutils #replaced by bind-tools, https://www.archlinux.org/packages/extra/x86_64/bind-tools/
|
||||
## replaced by bind-tools, https://www.archlinux.org/packages/extra/x86_64/bind-tools/
|
||||
#dnsutils
|
||||
dos2unix
|
||||
dropbear
|
||||
dstat
|
||||
|
@ -145,14 +149,17 @@ keyutils
|
|||
kismet-allplugins
|
||||
lftp
|
||||
links
|
||||
#logkeys-git # requires a /dev/input, which apparently isn't included in the chroots
|
||||
## requires a /dev/input, which apparently isn't included in the chroots
|
||||
#logkeys-git
|
||||
lm_sensors
|
||||
lrzsz
|
||||
lshw
|
||||
#lsiutil # giving intermittent errors when trying to fetch source
|
||||
## giving intermittent errors when trying to fetch source
|
||||
#lsiutil
|
||||
lsof
|
||||
lsscsi
|
||||
#lxde # apacman currently doesn't like package groups, so...
|
||||
## apacman currently doesn't like package groups, so...
|
||||
#lxde
|
||||
gpicview
|
||||
lxappearance
|
||||
lxappearance-obconf
|
||||
|
@ -173,18 +180,20 @@ pcmanfm
|
|||
lynx
|
||||
#lzip
|
||||
macchanger
|
||||
#magicrescue # no longer maintained, upstream down
|
||||
## no longer maintained, upstream down
|
||||
#magicrescue
|
||||
mbr
|
||||
mbuffer
|
||||
mcelog
|
||||
mdadm
|
||||
mdcrack
|
||||
# superseded by storcli
|
||||
## superseded by storcli
|
||||
#megaraid-cli
|
||||
memtester
|
||||
mfoc
|
||||
minicom
|
||||
#mondo # mindi-busybox fails to build 09.23.2016
|
||||
## mindi-busybox fails to build 09.23.2016
|
||||
#mondo
|
||||
mtd-utils
|
||||
mtr
|
||||
mtree-git
|
||||
|
@ -198,13 +207,14 @@ net-snmp
|
|||
netselect
|
||||
nettle
|
||||
networkmanager-pptp
|
||||
nginx-devel
|
||||
nginx-mainline
|
||||
ngrep
|
||||
nmap
|
||||
nmon
|
||||
ntfs-3g
|
||||
ntfsfixboot
|
||||
#nwipe #broken since they moved to github(?)
|
||||
## broken since they moved to github(?)
|
||||
#nwipe
|
||||
nwipe-git
|
||||
obnam
|
||||
open-iscsi
|
||||
|
@ -273,13 +283,15 @@ smartmontools
|
|||
smbclient
|
||||
s-nail
|
||||
socat
|
||||
#star ## do people even USE tape backups anymore?
|
||||
## do people even USE tape backups anymore?
|
||||
#star
|
||||
storcli
|
||||
strace
|
||||
stress
|
||||
sucrack
|
||||
symlinks
|
||||
sysstat
|
||||
systemd-sysvcompat
|
||||
tcpdump
|
||||
tcpslice
|
||||
tcptraceroute
|
||||
|
@ -316,7 +328,8 @@ vncrack
|
|||
vnstat
|
||||
vpnc
|
||||
weplab
|
||||
#whdd #currently depends on dialog, which is broke as shit
|
||||
## currently depends on dialog, which is broke as shit
|
||||
#whdd
|
||||
whois
|
||||
wifite-mod-pixiewps-git
|
||||
wipe
|
||||
|
|
|
@ -141,7 +141,12 @@ then
|
|||
fi
|
||||
# Add the regular user
|
||||
useradd -m -s /bin/bash -c "${USERCOMMENT}" ${REGUSR}
|
||||
usermod -aG users,games,video,audio ${REGUSR}
|
||||
usermod -aG users,games,video,audio ${REGUSR} # TODO: remove this in lieu of $REGUSR_GRPS? these are all kind of required, though, for regular users anyways
|
||||
for g in $(echo ${REGUSR_GRPS} | sed 's/,[[:space:]]*/ /g');
|
||||
do
|
||||
getent group ${g} > /dev/null 2>&1 || groupadd ${g}
|
||||
usermod -aG ${g} ${REGUSR}
|
||||
done
|
||||
passwd -d ${REGUSR}
|
||||
# Add them to sudoers
|
||||
mkdir -p /etc/sudoers.d
|
||||
|
|
|
@ -4,6 +4,7 @@ export PNAME='{{ bdisk['name'] }}'
|
|||
export DISTPUB='{{ bdisk['dev'] }}'
|
||||
export DISTDESC='{{ bdisk['desc'] }}'
|
||||
export REGUSR='{{ user['username']|lower }}'
|
||||
export REGUSR_GRPS='{{ user['groups'] }}'
|
||||
export USERCOMMENT='{{ user['name'] }}'
|
||||
export REGUSR_PASS='{{ user['password'] }}'
|
||||
export ROOT_PASS='{{ bdisk['root_password'] }}'
|
||||
|
|
Loading…
Reference in New Issue