the cleaner i make it, the cleaner it gets

author: Gordon GECOS <u@adam> 2023-11-22 17:42:07 -0500
committer: Gordon GECOS <u@adam> 2023-11-22 17:46:25 -0500
commit: 198b40c70815899a67c412e67ffe033b46ec80f0 (patch)
tree: 180342c55ca6a61d4d1ee8638961d23cfaa57588
parent: e015b8cbe957a1913f178dc5e4ba166972f79320 (diff)
5 files changed, 40 insertions, 45 deletions
diff --git a/Makefile b/Makefile
index 8cd7130..c4a16d9 100644
--- a/Makefile
+++ b/Makefile
@@ -32,10 +32,6 @@ _build/dynmenu: src/dynmenu.cpp | build-deps
        $(CXX) $(CFLAGS) $< -o $@ -lcurses
 _build/samizdat-pinentry: src/samizdat-pinentry.c | build-deps
        $(CC) $(CFLAGS)  $< -o $@ -lcurses
-_build/krng-add-entropy: src/krng-add-entropy.c | build-deps
-        $(CC) $(CFLAGS)  $< -o $@
-_build/wait_for_files: src/wait_for_files.c | build-deps
-        $(CC) $(CFLAGS)  $< -o $@
 _build/%: src/%.c | build-deps
        $(CC) $(CFLAGS)  $< -o $@
@@ -46,7 +42,7 @@ bin_programs=$(addprefix src/, $(src_bin_programs)) ${btrfs_utils}
 btrfs_utils=$(addprefix src/btrfs-utils/, btarfs with-btrfs-seed)
 initrd_files = $(addprefix src/initrd/,btrfs-create.sh common.sh firstboot.service grok-block \
-loop-layer.sh make-total-destroy mdadm-dup.sh menu-select patchroot.sh)
+loop-layer.sh make-total-destroy mdadm-dup.sh menu-select patchroot.sh samizdat-eject.sh)
 initrd_files += $(addprefix _build/, dynmenu wait_for_files)
@@ -61,7 +57,7 @@ install-nested-kvm: conf/kvm.conf
        install -m0644 conf/kvm.conf ${instdir}/etc/modprobe.d/
        modprobe -r kvm-intel kvm-amd kvm; modprobe kvm; modprobe kvm-intel; modprobe kvm-amd; true
-network_filter := $(shell ./src/generate-network-filter.sh)
+# network_filter := $(shell ./src/generate-network-filter.sh)
 conf_files_out = conf/br0 conf/dnsmasq.conf conf/network_if-up.d_samizdat
 conf_files_in = $(addsuffix .in, $(conf_files_out))
@@ -128,7 +124,7 @@ rootfs_verity = $(addprefix _build/,$(addsuffix .verity,$(notdir $(rootfs) $(pat
 .PHONY: rootfs rootfs-deps
 rootfs-deps:
        [ -e install-submodules-stamp ] || make install-submodules-stamp
-        [ -e install-stamp ] || $(SUDO_MAKE) install-stamp
+        [ -e install-stamp ] || make install
 btrfs_images = $(rootfs) $(patchfs)
 rootfs-clean:
@@ -166,7 +162,7 @@ _build/%.verity: rootfs/_filesystem/% | _build
        mv -f $@.log~tmp $@.log
        mv -f $@~tmp $@
-root_hash = $(shell sed -ne 's/^Root hash: *//p' < $<.log)
+# root_hash = $(shell sed -ne 's/^Root hash: *//p' < $<.log)
 veritymount: _build/$(notdir $(rootfs)).verity.log
        @sudo veritysetup remove samizverity >/dev/null 2>&1 || true
@@ -175,7 +171,7 @@ veritymount: _build/$(notdir $(rootfs)).verity.log
                              $(verity_root_hash)
        sudo veritysetup remove samizverity
-debian_dist := $(shell . /etc/os-release && printf %s $$VERSION_CODENAME)
+# debian_dist := $(shell . /etc/os-release && printf %s $$VERSION_CODENAME)
 stale = [ ! -e $@ ] || [ $$(( $$(date +%s) - $$(date -r $@ +%s) )) -gt 36000 ]
@@ -205,9 +201,8 @@ rootfs/seed.iso: $(rootfs) $(if $(VERITY),$(addprefix $(rootfs),.verity .verity.
                -follow default
        mv $@~tmp $@
-.PHONY: install
+.PHONY: install install-real update-initramfs initrd-install
-install:
+install: install-stamp initrd-install-stamp
-        $(SUDO_MAKE) install-stamp initrd-install-stamp
 build-submodules-stamp: build-submodules
        touch $@
@@ -217,35 +212,43 @@ install-submodules-stamp: install-submodules
 initrd_deps = $(initrd_conf_files) $(initrd_files)
-initrd-stamp: initrd-install-stamp
+initrd-install-stamp: $(initrd_deps)
-        sudo update-initramfs -u
+        $(SUDO_MAKE) initrd-install
        touch $@
+update-initramfs:
+        update-initramfs -u
-initrd-install-stamp: $(initrd_deps)
+update-initramfs-stamp: initrd-install-stamp
+        $(SUDO_MAKE) update-initramfs
+        touch $@
+initrd-install: $(initrd_deps)
        install -D -t $(initrd_bindir) -- $(initrd_files)
        install -D -t /etc/initramfs-tools/hooks   -- initramfs-tools/hooks/samizdat
        install -D -t /etc/initramfs-tools/scripts -- initramfs-tools/scripts/samizdat
-        touch $@
-conf_files = conf/bookworm.list conf/eschew-unstable.pref conf/grub.default
+conf_files = $(addprefix conf/, bookworm.list eschew-unstable.pref grub.default)
-initrd_conf_files = initramfs-tools/hooks/samizdat initramfs-tools/scripts/samizdat
+initrd_conf_files = $(addprefix initramfs-tools/, hooks/samizdat scripts/samizdat)
 install-stamp: $(conf_files) ${bin_programs}
+        $(SUDO_MAKE) install-real
+        touch $@
+install-real:
        install -D -p -t ${instdir}${bindir} -- ${bin_programs}
        rm -f /etc/apt/apt.conf.d/default-release
        install -m644 -t /etc/apt/preferences.d -- conf/eschew-unstable.pref
        install -m644 -t /etc/apt/sources.list.d -- conf/bookworm.list
        install -m644 --backup=t -T -- conf/grub.default /etc/default/grub
-        touch $@
 .PHONY: update upgrade up upgrade-key initrd
-initrd: initrd-stamp
+initrd: update-initramfs-stamp
 update: apt-get-update-stamp
        git pull --ff-only --recurse-submodules
-upgrade: install-submodules install
+upgrade: install-submodules install update-initramfs
+initrd-stamp:
        sudo update-initramfs -u
 upgrade-key: upgrade key
@@ -256,7 +259,7 @@ PERSIST_FILE = partitions/_liveboot/persist.img
 persist: | $(PERSIST_FILE)
 $(PERSIST_FILE):
-        $(MAKE) -C partitions $(patsubst partitions/%,%,$@)
+        $(MAKE) -C partitions $(@:partitions/%=%)
 usb emu efi: initrd rootfs
 key keymu emu-key: initrd
diff --git a/fsmgr b/fsmgr
-Subproject 486fb62abd0ac5a87a85ca18beb939d21323fad
+Subproject a036e00f179c4b97d9647ae2111881208757394
diff --git a/import-grub-bootx64-efi b/import-grub-bootx64-efi
-Subproject 1444bea43cbc62bf868878e05e14413266fd304
+Subproject 013184c3b25fe6067e336fcc6e099de32a91600
diff --git a/rootfs/Makefile b/rootfs/Makefile
index c85132f..017b379 100644
--- a/rootfs/Makefile
+++ b/rootfs/Makefile
@@ -1,32 +1,23 @@
-fsmgr := $(shell command -v fsmgr)
+fsmgr != command -v fsmgr
 ifeq ($(fsmgr),)
 $(error "no fsmgr")
 endif
+UID != id -u
-sudo := $(shell [ "$$(id -u)" = 0 ] || echo sudo)
+SUDO != [ 0 = "$(UID)" ] || echo sudo
 .DEFAULT_GOAL = all
 .PHONY: all clean cleaner
 all: $(addprefix _filesystem/samizdat., seed.btrfs patch.btrfs)
-_build/%: _build
+subvolumes = _build _filesystem
-_filesystem/%: _filesystem
+$(subvolumes):
+        $(SUDO) btrfs subvolume create $@
-_build _filesystem:
-        $(sudo) btrfs subvolume create $@
 clean:
-        btrfs subvolume delete _build
+        -$(SUDO) btrfs subvolume delete _build
-cleaner: clean
+destroy: clean
-        -$(sudo) btrfs subvolume delete _filesystem
+        -$(SUDO) btrfs subvolume delete _filesystem
-_build/%.patch.btrfs: %.seed.btrfs
-_build/%.seed.btrfs: %.btrfs
-_filesystem/%.btrfs: _build/%.btrfs
-%.btrfs:
+%.btrfs: | $(subvolumes)
-        $(sudo) $(fsmgr) build $@
+        $(SUDO) $(fsmgr) build $@
diff --git a/src/partvi b/src/partvi
index 0a24602..b202908 100755
--- a/src/partvi
+++ b/src/partvi
@@ -84,8 +84,9 @@ build_partition_image()
                case "$type" in
                        dm-verity-hashes|dm-verity-data)
                                require_var data_path
-                                require_exists "$data_path" "$data_path".verity "$data_path".verity.log
+                                data_verity_path=../_build/${data_path##*/}.verity
-                                root_hash=$(get_root_hash "$data_path".verity.log)
+                                require_exists "$data_path" "$data_verity_path" "$data_verity_path".log
+                                root_hash=$(get_root_hash "$data_verity_path".log)
                                [ ${#root_hash} = 64 ]
                        ;;
                        *)
@@ -108,7 +109,7 @@ build_partition_image()
                        dm-verity-hashes)
                                partuuid=${root_hash:32:32}
                                set_var partuuid
-                                cp -f -T --reflink "$data_path".verity "$builddir"/"$partuuid"
+                                cp -f -T --reflink "$data_verity_path" "$builddir"/"$partuuid"
                                ln -sfT "$partuuid" "$tmp"
                        ;;
                esac
author	Gordon GECOS <u@adam>	2023-11-22 17:42:07 -0500
committer	Gordon GECOS <u@adam>	2023-11-22 17:46:25 -0500
commit	198b40c70815899a67c412e67ffe033b46ec80f0 (patch)
tree	180342c55ca6a61d4d1ee8638961d23cfaa57588
parent	e015b8cbe957a1913f178dc5e4ba166972f79320 (diff)

diff --git a/Makefile b/Makefile index 8cd7130..c4a16d9 100644 --- a/Makefile +++ b/Makefile
@@ -32,10 +32,6 @@ _build/dynmenu: src/dynmenu.cpp \| build-deps
32	$(CXX) $(CFLAGS) $< -o $@ -lcurses	32	$(CXX) $(CFLAGS) $< -o $@ -lcurses
33	_build/samizdat-pinentry: src/samizdat-pinentry.c \| build-deps	33	_build/samizdat-pinentry: src/samizdat-pinentry.c \| build-deps
34	$(CC) $(CFLAGS) $< -o $@ -lcurses	34	$(CC) $(CFLAGS) $< -o $@ -lcurses
35	_build/krng-add-entropy: src/krng-add-entropy.c \| build-deps
36	$(CC) $(CFLAGS) $< -o $@
37	_build/wait_for_files: src/wait_for_files.c \| build-deps
38	$(CC) $(CFLAGS) $< -o $@
39	_build/%: src/%.c \| build-deps	35	_build/%: src/%.c \| build-deps
40	$(CC) $(CFLAGS) $< -o $@	36	$(CC) $(CFLAGS) $< -o $@
41		37
@@ -46,7 +42,7 @@ bin_programs=$(addprefix src/, $(src_bin_programs)) ${btrfs_utils}
46	btrfs_utils=$(addprefix src/btrfs-utils/, btarfs with-btrfs-seed)	42	btrfs_utils=$(addprefix src/btrfs-utils/, btarfs with-btrfs-seed)
47		43
48	initrd_files = $(addprefix src/initrd/,btrfs-create.sh common.sh firstboot.service grok-block \	44	initrd_files = $(addprefix src/initrd/,btrfs-create.sh common.sh firstboot.service grok-block \
49	loop-layer.sh make-total-destroy mdadm-dup.sh menu-select patchroot.sh)	45	loop-layer.sh make-total-destroy mdadm-dup.sh menu-select patchroot.sh samizdat-eject.sh)
50		46
51	initrd_files += $(addprefix _build/, dynmenu wait_for_files)	47	initrd_files += $(addprefix _build/, dynmenu wait_for_files)
52		48
@@ -61,7 +57,7 @@ install-nested-kvm: conf/kvm.conf
61	install -m0644 conf/kvm.conf ${instdir}/etc/modprobe.d/	57	install -m0644 conf/kvm.conf ${instdir}/etc/modprobe.d/
62	modprobe -r kvm-intel kvm-amd kvm; modprobe kvm; modprobe kvm-intel; modprobe kvm-amd; true	58	modprobe -r kvm-intel kvm-amd kvm; modprobe kvm; modprobe kvm-intel; modprobe kvm-amd; true
63		59
64	network_filter := $(shell ./src/generate-network-filter.sh)	60	# network_filter := $(shell ./src/generate-network-filter.sh)
65		61
66	conf_files_out = conf/br0 conf/dnsmasq.conf conf/network_if-up.d_samizdat	62	conf_files_out = conf/br0 conf/dnsmasq.conf conf/network_if-up.d_samizdat
67	conf_files_in = $(addsuffix .in, $(conf_files_out))	63	conf_files_in = $(addsuffix .in, $(conf_files_out))
@@ -128,7 +124,7 @@ rootfs_verity = $(addprefix _build/,$(addsuffix .verity,$(notdir $(rootfs) $(pat
128	.PHONY: rootfs rootfs-deps	124	.PHONY: rootfs rootfs-deps
129	rootfs-deps:	125	rootfs-deps:
130	[ -e install-submodules-stamp ] \|\| make install-submodules-stamp	126	[ -e install-submodules-stamp ] \|\| make install-submodules-stamp
131	[ -e install-stamp ] \|\| $(SUDO_MAKE) install-stamp	127	[ -e install-stamp ] \|\| make install
132		128
133	btrfs_images = $(rootfs) $(patchfs)	129	btrfs_images = $(rootfs) $(patchfs)
134	rootfs-clean:	130	rootfs-clean:
@@ -166,7 +162,7 @@ _build/%.verity: rootfs/_filesystem/% \| _build
166	mv -f $@.log~tmp $@.log	162	mv -f $@.log~tmp $@.log
167	mv -f $@~tmp $@	163	mv -f $@~tmp $@
168		164
169	root_hash = $(shell sed -ne 's/^Root hash: *//p' < $<.log)	165	# root_hash = $(shell sed -ne 's/^Root hash: *//p' < $<.log)
170		166
171	veritymount: _build/$(notdir $(rootfs)).verity.log	167	veritymount: _build/$(notdir $(rootfs)).verity.log
172	@sudo veritysetup remove samizverity >/dev/null 2>&1 \|\| true	168	@sudo veritysetup remove samizverity >/dev/null 2>&1 \|\| true
@@ -175,7 +171,7 @@ veritymount: _build/$(notdir $(rootfs)).verity.log
175	$(verity_root_hash)	171	$(verity_root_hash)
176	sudo veritysetup remove samizverity	172	sudo veritysetup remove samizverity
177		173
178	debian_dist := $(shell . /etc/os-release && printf %s $$VERSION_CODENAME)	174	# debian_dist := $(shell . /etc/os-release && printf %s $$VERSION_CODENAME)
179		175
180	stale = [ ! -e $@ ] \|\| [ $$(( $$(date +%s) - $$(date -r $@ +%s) )) -gt 36000 ]	176	stale = [ ! -e $@ ] \|\| [ $$(( $$(date +%s) - $$(date -r $@ +%s) )) -gt 36000 ]
181		177
@@ -205,9 +201,8 @@ rootfs/seed.iso: $(rootfs) $(if $(VERITY),$(addprefix $(rootfs),.verity .verity.
205	-follow default	201	-follow default
206	mv $@~tmp $@	202	mv $@~tmp $@
207		203
208	.PHONY: install	204	.PHONY: install install-real update-initramfs initrd-install
209	install:	205	install: install-stamp initrd-install-stamp
210	$(SUDO_MAKE) install-stamp initrd-install-stamp
211		206
212	build-submodules-stamp: build-submodules	207	build-submodules-stamp: build-submodules
213	touch $@	208	touch $@
@@ -217,35 +212,43 @@ install-submodules-stamp: install-submodules
217		212
218	initrd_deps = $(initrd_conf_files) $(initrd_files)	213	initrd_deps = $(initrd_conf_files) $(initrd_files)
219		214
220	initrd-stamp: initrd-install-stamp	215	initrd-install-stamp: $(initrd_deps)
221	sudo update-initramfs -u	216	$(SUDO_MAKE) initrd-install
222	touch $@	217	touch $@
		218	update-initramfs:
		219	update-initramfs -u
223		220
224	initrd-install-stamp: $(initrd_deps)	221	update-initramfs-stamp: initrd-install-stamp
		222	$(SUDO_MAKE) update-initramfs
		223	touch $@
		224	initrd-install: $(initrd_deps)
225	install -D -t $(initrd_bindir) -- $(initrd_files)	225	install -D -t $(initrd_bindir) -- $(initrd_files)
226	install -D -t /etc/initramfs-tools/hooks -- initramfs-tools/hooks/samizdat	226	install -D -t /etc/initramfs-tools/hooks -- initramfs-tools/hooks/samizdat
227	install -D -t /etc/initramfs-tools/scripts -- initramfs-tools/scripts/samizdat	227	install -D -t /etc/initramfs-tools/scripts -- initramfs-tools/scripts/samizdat
228	touch $@
229		228
230	conf_files = conf/bookworm.list conf/eschew-unstable.pref conf/grub.default	229	conf_files = $(addprefix conf/, bookworm.list eschew-unstable.pref grub.default)
231	initrd_conf_files = initramfs-tools/hooks/samizdat initramfs-tools/scripts/samizdat	230	initrd_conf_files = $(addprefix initramfs-tools/, hooks/samizdat scripts/samizdat)
232		231
233	install-stamp: $(conf_files) ${bin_programs}	232	install-stamp: $(conf_files) ${bin_programs}
		233	$(SUDO_MAKE) install-real
		234	touch $@
		235	install-real:
234	install -D -p -t ${instdir}${bindir} -- ${bin_programs}	236	install -D -p -t ${instdir}${bindir} -- ${bin_programs}
235	rm -f /etc/apt/apt.conf.d/default-release	237	rm -f /etc/apt/apt.conf.d/default-release
236	install -m644 -t /etc/apt/preferences.d -- conf/eschew-unstable.pref	238	install -m644 -t /etc/apt/preferences.d -- conf/eschew-unstable.pref
237	install -m644 -t /etc/apt/sources.list.d -- conf/bookworm.list	239	install -m644 -t /etc/apt/sources.list.d -- conf/bookworm.list
238	install -m644 --backup=t -T -- conf/grub.default /etc/default/grub	240	install -m644 --backup=t -T -- conf/grub.default /etc/default/grub
239	touch $@
240		241
241	.PHONY: update upgrade up upgrade-key initrd	242	.PHONY: update upgrade up upgrade-key initrd
242		243
243	initrd: initrd-stamp	244	initrd: update-initramfs-stamp
244		245
245	update: apt-get-update-stamp	246	update: apt-get-update-stamp
246	git pull --ff-only --recurse-submodules	247	git pull --ff-only --recurse-submodules
247		248
248	upgrade: install-submodules install	249	upgrade: install-submodules install update-initramfs
		250
		251	initrd-stamp:
249	sudo update-initramfs -u	252	sudo update-initramfs -u
250		253
251	upgrade-key: upgrade key	254	upgrade-key: upgrade key
@@ -256,7 +259,7 @@ PERSIST_FILE = partitions/_liveboot/persist.img
256		259
257	persist: \| $(PERSIST_FILE)	260	persist: \| $(PERSIST_FILE)
258	$(PERSIST_FILE):	261	$(PERSIST_FILE):
259	$(MAKE) -C partitions $(patsubst partitions/%,%,$@)	262	$(MAKE) -C partitions $(@:partitions/%=%)
260		263
261	usb emu efi: initrd rootfs	264	usb emu efi: initrd rootfs
262	key keymu emu-key: initrd	265	key keymu emu-key: initrd


diff --git a/fsmgr b/fsmgr
	Subproject 486fb62abd0ac5a87a85ca18beb939d21323fad		Subproject a036e00f179c4b97d9647ae2111881208757394


diff --git a/import-grub-bootx64-efi b/import-grub-bootx64-efi
	Subproject 1444bea43cbc62bf868878e05e14413266fd304		Subproject 013184c3b25fe6067e336fcc6e099de32a91600


diff --git a/rootfs/Makefile b/rootfs/Makefile index c85132f..017b379 100644 --- a/rootfs/Makefile +++ b/rootfs/Makefile
@@ -1,32 +1,23 @@
1	fsmgr := $(shell command -v fsmgr)	1	fsmgr != command -v fsmgr
2
3	ifeq ($(fsmgr),)	2	ifeq ($(fsmgr),)
4	$(error "no fsmgr")	3	$(error "no fsmgr")
5	endif	4	endif
6		5	UID != id -u
7	sudo := $(shell [ "$$(id -u)" = 0 ] \|\| echo sudo)	6	SUDO != [ 0 = "$(UID)" ] \|\| echo sudo
8		7
9	.DEFAULT_GOAL = all	8	.DEFAULT_GOAL = all
10		9
11	.PHONY: all clean cleaner	10	.PHONY: all clean cleaner
12	all: $(addprefix _filesystem/samizdat., seed.btrfs patch.btrfs)	11	all: $(addprefix _filesystem/samizdat., seed.btrfs patch.btrfs)
13		12
14	_build/%: _build	13	subvolumes = _build _filesystem
15	_filesystem/%: _filesystem	14	$(subvolumes):
16		15	$(SUDO) btrfs subvolume create $@
17	_build _filesystem:
18	$(sudo) btrfs subvolume create $@
19		16
20	clean:	17	clean:
21	btrfs subvolume delete _build	18	-$(SUDO) btrfs subvolume delete _build
22	cleaner: clean	19	destroy: clean
23	-$(sudo) btrfs subvolume delete _filesystem	20	-$(SUDO) btrfs subvolume delete _filesystem
24
25	_build/%.patch.btrfs: %.seed.btrfs
26
27	_build/%.seed.btrfs: %.btrfs
28
29	_filesystem/%.btrfs: _build/%.btrfs
30		21
31	%.btrfs:	22	%.btrfs: \| $(subvolumes)
32	$(sudo) $(fsmgr) build $@	23	$(SUDO) $(fsmgr) build $@


diff --git a/src/partvi b/src/partvi index 0a24602..b202908 100755 --- a/src/partvi +++ b/src/partvi
@@ -84,8 +84,9 @@ build_partition_image()
84	case "$type" in	84	case "$type" in
85	dm-verity-hashes\|dm-verity-data)	85	dm-verity-hashes\|dm-verity-data)
86	require_var data_path	86	require_var data_path
87	require_exists "$data_path" "$data_path".verity "$data_path".verity.log	87	data_verity_path=../_build/${data_path##*/}.verity
88	root_hash=$(get_root_hash "$data_path".verity.log)	88	require_exists "$data_path" "$data_verity_path" "$data_verity_path".log
		89	root_hash=$(get_root_hash "$data_verity_path".log)
89	[ ${#root_hash} = 64 ]	90	[ ${#root_hash} = 64 ]
90	;;	91	;;
91	*)	92	*)
@@ -108,7 +109,7 @@ build_partition_image()
108	dm-verity-hashes)	109	dm-verity-hashes)
109	partuuid=${root_hash:32:32}	110	partuuid=${root_hash:32:32}
110	set_var partuuid	111	set_var partuuid
111	cp -f -T --reflink "$data_path".verity "$builddir"/"$partuuid"	112	cp -f -T --reflink "$data_verity_path" "$builddir"/"$partuuid"
112	ln -sfT "$partuuid" "$tmp"	113	ln -sfT "$partuuid" "$tmp"
113	;;	114	;;
114	esac	115	esac