From 9014df79b77b131eb45914c0cd5551d18b612045 Mon Sep 17 00:00:00 2001 From: Boris Kolpackov Date: Thu, 30 Jul 2020 07:21:08 +0200 Subject: Upgrade to latest Debian testing One notable change is the switch from ntp to systemd-timesyncd. systemd/udev 245.6-2 qemu-system-x86 5.0-13 linux-image-amd64 5.7.6 g++ 9.3.0-15 initramfs-tools 0.137 debootstrap 1.0.123 Sizes (previous): buildos-image 5572672 (5466496) buildos-initrd 316454368 (307985422) --- .gitignore | 1 + README | 2 +- bootstrap | 58 +++++++++++++++++++++++++++++++++++++++------------------- bootstrap.txt | 11 ++++++++++- init | 8 ++++---- 5 files changed, 55 insertions(+), 25 deletions(-) diff --git a/.gitignore b/.gitignore index 79f07d1..0158dea 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ buildos-buildid buildos-initrd buildos-image +bootstrap*.log diff --git a/README b/README index f1e1a55..379c062 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -This package contains the build2 operating system bootstrap scripts. +This package contains the build2 Build OS bootstrap scripts. build2 is an open source, cross-platform toolchain for building and packaging C++ code. Its aim is a modern build system and dependency manager for the C++ diff --git a/bootstrap b/bootstrap index 7aec0f9..dc00947 100755 --- a/bootstrap +++ b/bootstrap @@ -45,19 +45,19 @@ root="$btrfs/$id/buildos" # release="testing" components="main,contrib,non-free" -mirror="http://deb.debian.org/debian/" -#mirror="https://deb.debian.org/debian/" +mirror="http://http.us.debian.org/debian/" +#mirror="https://http.us.debian.org/debian/" base_pkgs="locales,klibc-utils,sudo,systemd-container,udev" base_pkgs+=",kmod,linux-base,firmware-linux-free,irqbalance" base_pkgs+=",intel-microcode,amd64-microcode" base_pkgs+=",pciutils,usbutils,dmidecode,cpuid" base_pkgs+=",hdparm,btrfs-progs" -base_pkgs+=",lm-sensors,smartmontools" +base_pkgs+=",lm-sensors,smartmontools,linux-cpupower" base_pkgs+=",psmisc" base_pkgs+=",net-tools,iproute2,iptables,isc-dhcp-client" -base_pkgs+=",ifupdown,bridge-utils,dnsmasq,ntp,postfix" +base_pkgs+=",ifupdown,bridge-utils,dnsmasq,postfix" base_pkgs+=",iputils-ping,wget,curl,ca-certificates" base_pkgs+=",openssh-client,openssh-server" base_pkgs+=",tftp-hpa,tftpd-hpa" @@ -65,11 +65,11 @@ base_pkgs+=",tftp-hpa,tftpd-hpa" base_pkgs+=",bzip2,xz-utils" base_pkgs+=",less,nano,time" -base_pkgs+=",qemu-kvm,qemu-utils,socat" +base_pkgs+=",qemu-system-x86,qemu-utils,socat" -base_pkgs+=",g++,make,pkg-config" +base_pkgs+=",g++,make" -extra_pkgs="linux-cpupower" +extra_pkgs="" owd="$(pwd)" trap "{ cd '$owd'; exit 1; }" ERR @@ -154,14 +154,28 @@ function nspawn () # local r="$1" shift + # systemd-nspawn appears to carry over the root directory owner into the + # container which then causes other issues (Debian bug#950684). + # + # @@ Looking around didn't reveal any way (e.g., an option) to fix this. + # Perhaps newer systemd-nspawn does the right thing automatically? + # + ug="$(stat --format="%G:%U" "$r")" + sudo chown root:root "$r" + sudo systemd-nspawn --register=no -D "$r" "$@" - # systemd-nspawn may create the /var/lib/machines subvolume which prevents - # the deletion of the containing submodule. So we clean it up. + sudo chown "$ug" "$r" + + # systemd-nspawn may create the /var/lib/{machines,portables} subvolumes + # which prevents the deletion of the containing submodule. So we clean'em + # up. # - if sudo btrfs subvol show "$r/var/lib/machines" 1>/dev/null 2>&1; then - sudo btrfs subvol delete "$r/var/lib/machines" - fi + for s in /var/lib/machines /var/lib/portables; do + if sudo btrfs subvol show "$r$s" 1>/dev/null 2>&1; then + sudo btrfs subvol delete "$r$s" + fi + done } # (Over)write or append to a file in the installation root, for example: @@ -234,7 +248,7 @@ trap "exit 1" ERR set -x # Hack around systemd bug#79306 (changes /etc/localtime) by removing it now -# and making readonly below. +# and making readonly below. @@ See --timezone systemd-nspawn option? # rm /etc/localtime @@ -354,9 +368,8 @@ EOF # Create the kernel build snapshot, write the script that does the build # from within the installation and boot it up via systemd-nspawn --boot. # - # Add this line before shutdown if need to debug/check things. - # - # setsid /bin/bash -c "exec /bin/bash -i <>/dev/console 1>&0 2>&1" + # Add `bash` before shutdown if need to debug/check things. But note that it + # does not work well with `... | tee bootstrap.log`! # subvol_delete "$root-3-kernel" subvol_snapshot "$root" "$root-3-kernel" @@ -375,6 +388,7 @@ apt-get install -y build-essential linux-source apt-get install -y bison flex apt-get install -y libelf-dev apt-get install -y libssl-dev +apt-get install -y rsync cd /usr/src tar xf linux-source-* mv linux-source-*/ linux @@ -383,14 +397,20 @@ cd linux # Adjust configuration. # -echo 'CONFIG_SYSTEM_TRUSTED_KEYS=""' >>.config -echo 'CONFIG_BUILD_SALT=""' >>.config -echo 'CONFIG_MODULE_SIG=n' >>.config +# Note that SECURITY_LOCKDOWN_LSM forces MODULE_SIG ('selects' in Kconfig). +# +scripts/config --disable SECURITY_LOCKDOWN_LSM +scripts/config --disable MODULE_SIG +scripts/config --set-str BUILD_SALT '' +scripts/config --set-str SYSTEM_TRUSTED_KEYS '' # Adjust kernel command line size limit. # sed -i -re 's/^(#define COMMAND_LINE_SIZE ).+\$/\1 4096/' arch/x86/include/asm/setup.h + +#bash make oldconfig + scripts/config --disable DEBUG_INFO make clean diff --git a/bootstrap.txt b/bootstrap.txt index 2554d43..d746c80 100644 --- a/bootstrap.txt +++ b/bootstrap.txt @@ -23,7 +23,7 @@ We currently only use init plus udev in scripts/init-{top,bottom}. -* Grep for 'bug' in init and bootstrap scripts, see if any bugs have +* Grep for 'bug' and @@ in init and bootstrap scripts, see if any bugs have been fixed and corresponding workarounds can be removed. * Upgrade to latest debootstrap and debian-archive-keyring from unstable @@ -35,4 +35,13 @@ ./bootstrap 2>&1 | tee bootstrap.log + NOTE: tee does not play well with bash prompt (used for troubleshooting). + + NOTE: if during boostrap you need to but unable to delete an intermediate + btrfs submodules, then it most likely has nested submodules (see nspawn() + in bootstrap). + + Save the log for later comparison (might have to redo a from-stage-1 + bootstrap to get the complete log). + * Compare sizes to previous version for any abnormalities. diff --git a/init b/init index e9b59f7..6fb3840 100755 --- a/init +++ b/init @@ -244,7 +244,7 @@ priv_netbase="$(sed -e 's/^\(.*\)\.0\.0$/\1/' <<<"$priv_network")" # # While bridge_hw should be (and used to be) enough, something was broken (bug # #945466) and now we set it manually and also pass it to DHCP (which runs -# before post-up). +# before post-up). Reportedly fixed in bridge-utils 1.6-3, testing the fix... # cat </etc/network/interfaces auto lo @@ -259,8 +259,8 @@ iface br0 inet dhcp bridge_maxwait 0 bridge_fd 0 bridge_hw $gmac - hwaddress $gmac - post-up ip link set br0 address $gmac + #hwaddress $gmac + #post-up ip link set br0 address $gmac post-up ip link set $eth txqueuelen 4000 post-up ip link set br0 txqueuelen 4000 @@ -275,7 +275,7 @@ iface br1 inet static bridge_maxwait 0 bridge_fd 0 bridge_hw $lmac - post-up ip link set br1 address $lmac + #post-up ip link set br1 address $lmac post-up ip link set br1 txqueuelen 4000 post-up iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE post-up iptables -A FORWARD -i br0 -o br1 -m state --state RELATED,ESTABLISHED -j ACCEPT -- cgit v1.1