diff options
author | Andrew Cady <d@jerkface.net> | 2020-05-07 18:35:51 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2020-05-07 19:38:01 -0400 |
commit | 461ee2c0ab97b1073bfd55896d70302ce17bb323 (patch) | |
tree | 3888770b3a261447d11d9b354dae500b4de9ab6b | |
parent | 05ceb238511ad73c3a82baec7a444c4665ef64b3 (diff) |
run xorriso incrementally
The ISO image '/rootfs/samizdat.iso' will be created holding just the file
'rootfs/samizdat.btrfs'.
A copy-on-write link named either ./samizdat.iso is made of the first
stage ISO image. This is then modified by xorriso to create a stage2
ISO that also holds the user's keys and the bootloader.
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | Makefile | 73 |
2 files changed, 62 insertions, 12 deletions
@@ -41,3 +41,4 @@ stack.yaml.lock | |||
41 | samizdat.iso | 41 | samizdat.iso |
42 | TEST_CHILD.*.log | 42 | TEST_CHILD.*.log |
43 | krng-add-entropy | 43 | krng-add-entropy |
44 | reused-child | ||
@@ -138,10 +138,14 @@ fastboot: rootfs | |||
138 | 138 | ||
139 | reuse_child := $(shell 2>/dev/null read child < reused-child && echo --reuse-child=$$child; true) | 139 | reuse_child := $(shell 2>/dev/null read child < reused-child && echo --reuse-child=$$child; true) |
140 | 140 | ||
141 | samizdat.iso: | 141 | samizdat.netinst.iso: |
142 | sudo initrd.sh | 142 | sudo initrd.sh |
143 | sudo xorriso-usb.sh $(reuse_child) --bootloader --out samizdat.iso | 143 | sudo xorriso-usb.sh $(reuse_child) --bootloader --out $@ |
144 | 144 | ||
145 | reused-child: | ||
146 | sudo keygen.sh ${samizdat_child_dir}/child.$$$$ && \ | ||
147 | sudo store-child-permanently $$$$ && \ | ||
148 | echo $$$$ > $@ | ||
145 | 149 | ||
146 | testclean: | 150 | testclean: |
147 | make -C kiki install | 151 | make -C kiki install |
@@ -151,17 +155,62 @@ testclean: | |||
151 | 155 | ||
152 | cleantest: | 156 | cleantest: |
153 | make testclean | 157 | make testclean |
154 | make isotest-nonet | 158 | make isotest |
159 | |||
160 | isotest: samizdat.iso | ||
161 | USE_ISO=y SLOW_BOOT=y NO_NET=y qemu.sh $^ | ||
162 | |||
163 | isotest-netinst: samizdat.netinst.iso | ||
164 | USE_ISO=y SLOW_BOOT=y qemu.sh $^ | ||
165 | |||
166 | gpg_iso_path=gnupghome | ||
167 | GPG_INPUT_DIR=${samizdat_child_dir}/child.$(shell cat reused-child)/root/.gnupg | ||
168 | |||
169 | samizdat.iso: rootfs/samizdat.iso reused-child | ||
170 | sudo grub-efi.sh | ||
171 | ! grep 'vmlinuz.*nbdroot' -r ${samizdat_grub_efi_dir} | ||
172 | rm -f $@~tmp | ||
173 | cp --reflink $< $@~tmp | ||
174 | sudo xorrisofs -iso-level 3 -- \ | ||
175 | -indev $@~tmp \ | ||
176 | -outdev $@~tmp \ | ||
177 | -return_with FAILURE 32 \ | ||
178 | -volid SamizdatLive \ | ||
179 | -pathspecs on \ | ||
180 | -rm_r linux -- \ | ||
181 | -add linux="${samizdat_linux_dir}" -- \ | ||
182 | -rm_r "${gpg_iso_path}" -- \ | ||
183 | -add "${gpg_iso_path}=${GPG_INPUT_DIR}" -- \ | ||
184 | -rm_r grub -- \ | ||
185 | -add grub="${samizdat_grub_efi_dir}"/grub -- \ | ||
186 | -chown_r 0 / -- \ | ||
187 | -chgrp_r 0 / -- \ | ||
188 | -chmod_r go-rwx "${gpg_iso_path}" -- \ | ||
189 | -as mkisofs -graft-points \ | ||
190 | -b grub/i386-pc/eltorito.img \ | ||
191 | -no-emul-boot -boot-info-table \ | ||
192 | --embedded-boot "${samizdat_grub_efi_dir}"/embedded.img \ | ||
193 | --protective-msdos-label | ||
194 | mv $@~tmp $@ | ||
195 | |||
196 | rootfs/samizdat.iso: rootfs/samizdat.btrfs | ||
197 | rm -f $@~tmp | ||
198 | touch $@~tmp | ||
199 | fallocate -n -l 10G $@~tmp | ||
200 | xorrisofs -iso-level 3 -- \ | ||
201 | -outdev $@~tmp \ | ||
202 | $${SILENT:+ -report_about mishap} \ | ||
203 | -return_with FAILURE 32 \ | ||
204 | -volid SamizdatLive \ | ||
205 | -pathspecs on \ | ||
206 | -follow link \ | ||
207 | -add /rootfs/samizdat.btrfs=/srv/nbd/samizdat.btrfs -- \ | ||
208 | -follow default | ||
209 | mv $@~tmp $@ | ||
210 | |||
211 | rootfs/samizdat.btrfs: | ||
212 | make -C rootfs | ||
155 | 213 | ||
156 | isotest: install | ||
157 | sudo initrd.sh | ||
158 | sudo xorriso-usb.sh $(reuse_child) --bootloader --out samizdat.iso | ||
159 | USE_ISO=y SLOW_BOOT=y qemu.sh | ||
160 | |||
161 | isotest-nonet: install | ||
162 | sudo initrd.sh | ||
163 | sudo xorriso-usb.sh $(reuse_child) --out samizdat-nonet.iso | ||
164 | USE_ISO=y SLOW_BOOT=y NO_NET=y qemu.sh samizdat-nonet.iso | ||
165 | 214 | ||
166 | .PHONY: install | 215 | .PHONY: install |
167 | install: | 216 | install: |