diff options
| author | Tom Barrett <tom@tombarrett.xyz> | 2023-03-25 20:19:07 +0100 |
|---|---|---|
| committer | Tom Barrett <tom@tombarrett.xyz> | 2023-03-25 20:19:07 +0100 |
| commit | 873c46e78a5aa09a7d7fc951eff905de32077548 (patch) | |
| tree | 1d5242ab5c9d21496002ba532efdbcde69f8f76c | |
| parent | 7f43546f853e4ff6e14678a4c6d69cd9fc06c56c (diff) | |
| l--------- | airootfs/etc/localtime | 1 | ||||
| -rw-r--r-- | airootfs/etc/pacman.conf | 100 | ||||
| -rw-r--r-- | airootfs/etc/pacman.d/mirrorlist | 2 | ||||
| -rw-r--r-- | airootfs/etc/passwd | 1 | ||||
| -rw-r--r-- | airootfs/etc/ssh/sshd_config | 6 | ||||
| -rwxr-xr-x | airootfs/root/bootstrap | 2 | ||||
| -rwxr-xr-x | build | 1 | ||||
| -rw-r--r-- | packages.x86_64 | 1 | ||||
| -rw-r--r-- | profiledef.sh | 4 | ||||
| -rwxr-xr-x | test | 13 |
10 files changed, 125 insertions, 6 deletions
diff --git a/airootfs/etc/localtime b/airootfs/etc/localtime new file mode 120000 index 0000000..0e35b57 --- /dev/null +++ b/airootfs/etc/localtime @@ -0,0 +1 @@ +/usr/share/zoneinfo/UTC
\ No newline at end of file diff --git a/airootfs/etc/pacman.conf b/airootfs/etc/pacman.conf new file mode 100644 index 0000000..40545d4 --- /dev/null +++ b/airootfs/etc/pacman.conf @@ -0,0 +1,100 @@ +# +# /etc/pacman.conf +# +# See the pacman.conf(5) manpage for option and repository directives + +# +# GENERAL OPTIONS +# +[options] +# The following paths are commented out with their default values listed. +# If you wish to use different paths, uncomment and update the paths. +#RootDir = / +#DBPath = /var/lib/pacman/ +#CacheDir = /var/cache/pacman/pkg/ +#LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ +#HookDir = /etc/pacman.d/hooks/ +HoldPkg = pacman glibc +#XferCommand = /usr/bin/curl -L -C - -f -o %o %u +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u +#CleanMethod = KeepInstalled +Architecture = auto + +# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup +#IgnorePkg = +#IgnoreGroup = + +#NoUpgrade = +#NoExtract = + +# Misc options +#UseSyslog +#Color +#NoProgressBar +CheckSpace +#VerbosePkgLists +ParallelDownloads = 5 + +# By default, pacman accepts packages signed by keys that its local keyring +# trusts (see pacman-key and its man page), as well as unsigned packages. +SigLevel = Required DatabaseOptional +LocalFileSigLevel = Optional +#RemoteFileSigLevel = Required + +# NOTE: You must run `pacman-key --init` before first using pacman; the local +# keyring can then be populated with the keys of all official Arch Linux +# packagers with `pacman-key --populate archlinux`. + +# +# REPOSITORIES +# - can be defined here or included from another file +# - pacman will search repositories in the order defined here +# - local/custom mirrors can be added here or in separate files +# - repositories listed first will take precedence when packages +# have identical names, regardless of version number +# - URLs will have $repo replaced by the name of the current repo +# - URLs will have $arch replaced by the name of the architecture +# +# Repository entries are of the format: +# [repo-name] +# Server = ServerName +# Include = IncludePath +# +# The header [repo-name] is crucial - it must be present and +# uncommented to enable the repo. +# + +# The testing repositories are disabled by default. To enable, uncomment the +# repo name header and Include lines. You can add preferred servers immediately +# after the header, and they will be used before the default mirrors. + +#[testing] +#Include = /etc/pacman.d/mirrorlist + +[core] +Include = /etc/pacman.d/mirrorlist + +[extra] +Include = /etc/pacman.d/mirrorlist + +#[community-testing] +#Include = /etc/pacman.d/mirrorlist + +[community] +Include = /etc/pacman.d/mirrorlist + +# If you want to run 32 bit applications on your x86_64 system, +# enable the multilib repositories as required here. + +#[multilib-testing] +#Include = /etc/pacman.d/mirrorlist + +#[multilib] +#Include = /etc/pacman.d/mirrorlist + +# An example of a custom package repository. See the pacman manpage for +# tips on creating your own repositories. +#[custom] +#SigLevel = Optional TrustAll +#Server = file:///home/custompkgs diff --git a/airootfs/etc/pacman.d/mirrorlist b/airootfs/etc/pacman.d/mirrorlist index 80dd158..0bd22c2 100644 --- a/airootfs/etc/pacman.d/mirrorlist +++ b/airootfs/etc/pacman.d/mirrorlist @@ -1 +1 @@ -Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch +Server = http://ftp.tu-chemnitz.de/pub/linux/archlinux/$repo/os/$arch diff --git a/airootfs/etc/passwd b/airootfs/etc/passwd new file mode 100644 index 0000000..2807d5d --- /dev/null +++ b/airootfs/etc/passwd @@ -0,0 +1 @@ +root:x:0:0:root:/root:/usr/bin/zsh diff --git a/airootfs/etc/ssh/sshd_config b/airootfs/etc/ssh/sshd_config index 93f7d63..dc22c11 100644 --- a/airootfs/etc/ssh/sshd_config +++ b/airootfs/etc/ssh/sshd_config @@ -58,7 +58,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitEmptyPasswords no # Change to no to disable s/key passwords -#KbdInteractiveAuthentication yes +KbdInteractiveAuthentication no # Kerberos options #KerberosAuthentication no @@ -75,7 +75,7 @@ AuthorizedKeysFile .ssh/authorized_keys # be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via KbdInteractiveAuthentication may bypass -# the setting of "PermitRootLogin without-password". +# the setting of "PermitRootLogin prohibit-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and KbdInteractiveAuthentication to 'no'. @@ -88,7 +88,7 @@ UsePAM yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes -PrintMotd no # pam does that +PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no diff --git a/airootfs/root/bootstrap b/airootfs/root/bootstrap index 4da3804..1535403 100755 --- a/airootfs/root/bootstrap +++ b/airootfs/root/bootstrap @@ -55,6 +55,8 @@ pacman-key --init pacman-key --populate pacstrap /mnt base linux linux-firmware git vim grub efibootmgr arch-install-scripts networkmanager +git clone https://git.tombarrett.xyz/git/rc /mnt/root/rc + cp /root/.loader /mnt/root/loader UUID=$(lsblk --output UUID,PATH | grep "$ROOT_DIR" | cut -f 1 -d ' ') arch-chroot /mnt /root/loader "$1" "$2" "$UUID" @@ -1,3 +1,4 @@ #!/bin/bash rm -rf tmp mkarchiso -v -w tmp -o images . +chown tom:tom -R images diff --git a/packages.x86_64 b/packages.x86_64 index 5939168..39adc61 100644 --- a/packages.x86_64 +++ b/packages.x86_64 @@ -5,6 +5,7 @@ binutils clevis cloud-init dosfstools +git htop hyperv linux diff --git a/profiledef.sh b/profiledef.sh index b1204d7..90e41aa 100644 --- a/profiledef.sh +++ b/profiledef.sh @@ -13,8 +13,8 @@ bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' 'uefi-ia32.grub.eltorito' 'uefi-x64.grub.eltorito') arch="x86_64" pacman_conf="pacman.conf" -airootfs_image_type="erofs" -airootfs_image_tool_options=('-zlzma,9' -E ztailpacking) +airootfs_image_type="squashfs" +airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M') file_permissions=( ["/etc/shadow"]="0:0:400" ["/root/bootstrap"]="0:0:700" @@ -0,0 +1,13 @@ +#!/bin/bash +set -x + +if [[ -n $1 ]]; then + qemu-img create -f qcow2 images/img 10G + qemu-system-x86_64 -m 1G \ + -boot d -enable-kvm -smp 4 \ + -hda images/img -cdrom $1 \ + -bios /usr/share/edk2-ovmf/x64/OVMF_CODE.fd + exit +fi + +qemu-system-x86_64 -hda images/img -m 1G -smp 4 -bios /usr/share/edk2-ovmf/x64/OVMF_CODE.fd -boot c |