run xorriso incrementally

The ISO image '/rootfs/samizdat.iso' will be created holding just the file 'rootfs/samizdat.btrfs'. A copy-on-write link named either ./samizdat.iso is made of the first stage ISO image. This is then modified by xorriso to create a stage2 ISO that also holds the user's keys and the bootloader.
author: Andrew Cady <d@jerkface.net> 2020-05-07 18:35:51 -0400
committer: Andrew Cady <d@jerkface.net> 2020-05-07 19:38:01 -0400
commit: 461ee2c0ab97b1073bfd55896d70302ce17bb323 (patch)
tree: 3888770b3a261447d11d9b354dae500b4de9ab6b
parent: 05ceb238511ad73c3a82baec7a444c4665ef64b3 (diff)
2 files changed, 62 insertions, 12 deletions
diff --git a/.gitignore b/.gitignore
index 384a284..697ef25 100644
--- a/.gitignore
+++ b/.gitignore
@@ -41,3 +41,4 @@ stack.yaml.lock
 samizdat.iso
 TEST_CHILD.*.log
 krng-add-entropy
+reused-child
diff --git a/Makefile b/Makefile
index ba16c02..c686735 100644
--- a/Makefile
+++ b/Makefile
@@ -138,10 +138,14 @@ fastboot: rootfs
 reuse_child := $(shell 2>/dev/null read child < reused-child && echo --reuse-child=$$child; true)
-samizdat.iso:
+samizdat.netinst.iso:
        sudo initrd.sh
-        sudo xorriso-usb.sh $(reuse_child) --bootloader --out samizdat.iso
+        sudo xorriso-usb.sh $(reuse_child) --bootloader --out $@
+reused-child:
+        sudo keygen.sh ${samizdat_child_dir}/child.$$$$ && \
+                sudo store-child-permanently $$$$ && \
+                echo $$$$ > $@
 testclean:
        make -C kiki install
@@ -151,17 +155,62 @@ testclean:
 cleantest:
        make testclean
-        make isotest-nonet
+        make isotest
+isotest: samizdat.iso
+        USE_ISO=y SLOW_BOOT=y NO_NET=y qemu.sh $^
+isotest-netinst: samizdat.netinst.iso
+        USE_ISO=y SLOW_BOOT=y qemu.sh $^
+gpg_iso_path=gnupghome
+GPG_INPUT_DIR=${samizdat_child_dir}/child.$(shell cat reused-child)/root/.gnupg
+samizdat.iso: rootfs/samizdat.iso reused-child
+        sudo grub-efi.sh
+        ! grep 'vmlinuz.*nbdroot' -r ${samizdat_grub_efi_dir}
+        rm -f $@~tmp
+        cp --reflink $< $@~tmp
+        sudo xorrisofs -iso-level 3 -- \
+                -indev $@~tmp \
+                -outdev $@~tmp \
+                -return_with FAILURE 32 \
+                -volid SamizdatLive \
+                -pathspecs on \
+                -rm_r linux -- \
+                -add linux="${samizdat_linux_dir}" -- \
+                -rm_r "${gpg_iso_path}" -- \
+                -add "${gpg_iso_path}=${GPG_INPUT_DIR}" -- \
+                -rm_r grub -- \
+                -add grub="${samizdat_grub_efi_dir}"/grub -- \
+                -chown_r 0 / -- \
+                -chgrp_r 0 / -- \
+                -chmod_r go-rwx "${gpg_iso_path}" -- \
+                -as mkisofs -graft-points \
+                -b grub/i386-pc/eltorito.img  \
+                -no-emul-boot -boot-info-table \
+                --embedded-boot "${samizdat_grub_efi_dir}"/embedded.img \
+                --protective-msdos-label
+        mv $@~tmp $@
+rootfs/samizdat.iso: rootfs/samizdat.btrfs
+        rm -f $@~tmp
+        touch $@~tmp
+        fallocate -n -l 10G $@~tmp
+        xorrisofs -iso-level 3 -- \
+                -outdev $@~tmp \
+                $${SILENT:+ -report_about mishap} \
+                -return_with FAILURE 32 \
+                -volid SamizdatLive \
+                -pathspecs on \
+                -follow link \
+                -add /rootfs/samizdat.btrfs=/srv/nbd/samizdat.btrfs -- \
+                -follow default
+        mv $@~tmp $@
+rootfs/samizdat.btrfs:
+        make -C rootfs
-isotest: install
-        sudo initrd.sh
-        sudo xorriso-usb.sh $(reuse_child) --bootloader --out samizdat.iso
-        USE_ISO=y SLOW_BOOT=y qemu.sh
-isotest-nonet: install
-        sudo initrd.sh
-        sudo xorriso-usb.sh $(reuse_child) --out samizdat-nonet.iso
-        USE_ISO=y SLOW_BOOT=y NO_NET=y qemu.sh samizdat-nonet.iso
 .PHONY: install
 install:
author	Andrew Cady <d@jerkface.net>	2020-05-07 18:35:51 -0400
committer	Andrew Cady <d@jerkface.net>	2020-05-07 19:38:01 -0400
commit	461ee2c0ab97b1073bfd55896d70302ce17bb323 (patch)
tree	3888770b3a261447d11d9b354dae500b4de9ab6b
parent	05ceb238511ad73c3a82baec7a444c4665ef64b3 (diff)

diff --git a/.gitignore b/.gitignore index 384a284..697ef25 100644 --- a/.gitignore +++ b/.gitignore
@@ -41,3 +41,4 @@ stack.yaml.lock
41	samizdat.iso	41	samizdat.iso
42	TEST_CHILD.*.log	42	TEST_CHILD.*.log
43	krng-add-entropy	43	krng-add-entropy
		44	reused-child


diff --git a/Makefile b/Makefile index ba16c02..c686735 100644 --- a/Makefile +++ b/Makefile
@@ -138,10 +138,14 @@ fastboot: rootfs
138		138
139	reuse_child := $(shell 2>/dev/null read child < reused-child && echo --reuse-child=$$child; true)	139	reuse_child := $(shell 2>/dev/null read child < reused-child && echo --reuse-child=$$child; true)
140		140
141	samizdat.iso:	141	samizdat.netinst.iso:
142	sudo initrd.sh	142	sudo initrd.sh
143	sudo xorriso-usb.sh $(reuse_child) --bootloader --out samizdat.iso	143	sudo xorriso-usb.sh $(reuse_child) --bootloader --out $@
144		144
		145	reused-child:
		146	sudo keygen.sh ${samizdat_child_dir}/child.$$$$ && \
		147	sudo store-child-permanently $$$$ && \
		148	echo $$$$ > $@
145		149
146	testclean:	150	testclean:
147	make -C kiki install	151	make -C kiki install
@@ -151,17 +155,62 @@ testclean:
151		155
152	cleantest:	156	cleantest:
153	make testclean	157	make testclean
154	make isotest-nonet	158	make isotest
		159
		160	isotest: samizdat.iso
		161	USE_ISO=y SLOW_BOOT=y NO_NET=y qemu.sh $^
		162
		163	isotest-netinst: samizdat.netinst.iso
		164	USE_ISO=y SLOW_BOOT=y qemu.sh $^
		165
		166	gpg_iso_path=gnupghome
		167	GPG_INPUT_DIR=${samizdat_child_dir}/child.$(shell cat reused-child)/root/.gnupg
		168
		169	samizdat.iso: rootfs/samizdat.iso reused-child
		170	sudo grub-efi.sh
		171	! grep 'vmlinuz.*nbdroot' -r ${samizdat_grub_efi_dir}
		172	rm -f $@~tmp
		173	cp --reflink $< $@~tmp
		174	sudo xorrisofs -iso-level 3 -- \
		175	-indev $@~tmp \
		176	-outdev $@~tmp \
		177	-return_with FAILURE 32 \
		178	-volid SamizdatLive \
		179	-pathspecs on \
		180	-rm_r linux -- \
		181	-add linux="${samizdat_linux_dir}" -- \
		182	-rm_r "${gpg_iso_path}" -- \
		183	-add "${gpg_iso_path}=${GPG_INPUT_DIR}" -- \
		184	-rm_r grub -- \
		185	-add grub="${samizdat_grub_efi_dir}"/grub -- \
		186	-chown_r 0 / -- \
		187	-chgrp_r 0 / -- \
		188	-chmod_r go-rwx "${gpg_iso_path}" -- \
		189	-as mkisofs -graft-points \
		190	-b grub/i386-pc/eltorito.img \
		191	-no-emul-boot -boot-info-table \
		192	--embedded-boot "${samizdat_grub_efi_dir}"/embedded.img \
		193	--protective-msdos-label
		194	mv $@~tmp $@
		195
		196	rootfs/samizdat.iso: rootfs/samizdat.btrfs
		197	rm -f $@~tmp
		198	touch $@~tmp
		199	fallocate -n -l 10G $@~tmp
		200	xorrisofs -iso-level 3 -- \
		201	-outdev $@~tmp \
		202	$${SILENT:+ -report_about mishap} \
		203	-return_with FAILURE 32 \
		204	-volid SamizdatLive \
		205	-pathspecs on \
		206	-follow link \
		207	-add /rootfs/samizdat.btrfs=/srv/nbd/samizdat.btrfs -- \
		208	-follow default
		209	mv $@~tmp $@
		210
		211	rootfs/samizdat.btrfs:
		212	make -C rootfs
155		213
156	isotest: install
157	sudo initrd.sh
158	sudo xorriso-usb.sh $(reuse_child) --bootloader --out samizdat.iso
159	USE_ISO=y SLOW_BOOT=y qemu.sh
160
161	isotest-nonet: install
162	sudo initrd.sh
163	sudo xorriso-usb.sh $(reuse_child) --out samizdat-nonet.iso
164	USE_ISO=y SLOW_BOOT=y NO_NET=y qemu.sh samizdat-nonet.iso
165		214
166	.PHONY: install	215	.PHONY: install
167	install:	216	install: