Move boot output to LCD & add workarounds for security stuff which broke this script...
authorDaniel Abrecht <public@danielabrecht.ch>
Fri, 22 Feb 2019 23:01:26 +0000 (00:01 +0100)
committerDaniel Abrecht <public@danielabrecht.ch>
Fri, 22 Feb 2019 23:02:29 +0000 (00:02 +0100)
chroot-build-helper/dummy-packages/man-db [new file with mode: 0644]
chroot-build-helper/dummy-packages/man-db-dummy_99_all.deb [new file with mode: 0644]
chroot-build-helper/makefile
rootfs_custom_files/etc/apt/preferences.d/prefer-local [new file with mode: 0644]
rootfs_custom_files/etc/default/flash-kernel [new file with mode: 0644]
script/rootfs_setup.sh

diff --git a/chroot-build-helper/dummy-packages/man-db b/chroot-build-helper/dummy-packages/man-db
new file mode 100644 (file)
index 0000000..dc4dfd4
--- /dev/null
@@ -0,0 +1,9 @@
+Section: misc
+Priority: optional
+Standards-Version: 3.9.2
+
+Package: man-db-dummy
+Version: 99:99
+Provides: man-db
+Architecture: all
+Description: Dummy man-db package to work around qemu-user seccomp lockup
diff --git a/chroot-build-helper/dummy-packages/man-db-dummy_99_all.deb b/chroot-build-helper/dummy-packages/man-db-dummy_99_all.deb
new file mode 100644 (file)
index 0000000..e6bb666
Binary files /dev/null and b/chroot-build-helper/dummy-packages/man-db-dummy_99_all.deb differ
index 8377281530ac5085e0cd5311c7b001592bae050b..ce9112e653007233a0360965a7334da0e1628b01 100644 (file)
@@ -4,6 +4,11 @@ CURDIR=$(realpath .)
 
 TARGETS = deb-flash-kernel
 
+# Packages using seccomp will hang qemu-user, so let's replace them
+CHROOT_DUMMY_PACKAGES += man-db
+
+CHROOT_DUMMY_PACKAGES_FILES = $(addprefix dummy-packages/,$(addsuffix -dummy_99_all.deb,$(CHROOT_DUMMY_PACKAGES)))
+
 all: $(addprefix build@,$(TARGETS))
 
 repo: \
@@ -12,17 +17,25 @@ repo: \
 build@%: bin/%/.build
        @true
 
-build-env/$(RELEASE): build-env/.dir
+dummy-packages/%-dummy_99_all.deb: dummy-packages/%
+       cd "$(dir $<)"; equivs-build "$(notdir $<)"
+
+build-env/$(RELEASE): build-env/.dir $(CHROOT_DUMMY_PACKAGES_FILES)
        mkdir -p "$@.tmp"
        $(SETUPBUILDENV) uexec rm -rf "$(CURDIR)/$@.tmp"
-       $(SETUPBUILDENV) uexec --allow-setgroups debootstrap --foreign --arch=arm64 --include='build-essential,dh-make,debhelper,devscripts,fakeroot' "$(RELEASE)" "$(CURDIR)/$@.tmp" "$(REPO)"
-       mkdir -p "$@.tmp/root/helper"
+       $(SETUPBUILDENV) uexec --allow-setgroups debootstrap --foreign --arch=arm64 "$(RELEASE)" "$(CURDIR)/$@.tmp" "$(REPO)"
+       mkdir -p "$@.tmp/root/helper" "$@.tmp/root/dummy-debs"
+       cp $(CHROOT_DUMMY_PACKAGES_FILES) "$@.tmp/root/dummy-debs/"
+       # Stub things which won't work in a chroot
        echo '#!/bin/sh' >"$@.tmp/root/helper/mknod"
        echo '#!/bin/sh' >"$@.tmp/root/helper/mount"
+       # Stub man stuff, because it may use seccomp, would hand qemu-user-static :(
        touch "$@.tmp/dev/null"
        chmod 666 "$@.tmp/dev/null"
        chmod +x "$@.tmp/root/helper/mknod" "$@.tmp/root/helper/mount"
        $(SETUPBUILDENV) uexec --allow-setgroups chroot_qemu_static.sh "$(CURDIR)/$@.tmp" /debootstrap/debootstrap --second-stage
+       $(SETUPBUILDENV) uexec --allow-setgroups chroot_qemu_static.sh "$(CURDIR)/$@.tmp" sh -c "dpkg -i /root/dummy-debs/*.deb"
+       $(SETUPBUILDENV) uexec --allow-setgroups chroot_qemu_static.sh "$(CURDIR)/$@.tmp" apt-get -y install --no-install-recommends build-essential dh-make debhelper devscripts fakeroot
        printf "deb %s %s main\ndeb-src %s %s main" "$(REPO)" "$(RELEASE)" "$(REPO)" "$(RELEASE)" >"$@.tmp/etc/apt/sources.list"
        mv "$@.tmp" "$@"
 
diff --git a/rootfs_custom_files/etc/apt/preferences.d/prefer-local b/rootfs_custom_files/etc/apt/preferences.d/prefer-local
new file mode 100644 (file)
index 0000000..1ef0bec
--- /dev/null
@@ -0,0 +1,4 @@
+# If there are packages in a local repo, prefer them
+Package: *
+Pin: origin ""
+Pin-Priority: 1500
diff --git a/rootfs_custom_files/etc/default/flash-kernel b/rootfs_custom_files/etc/default/flash-kernel
new file mode 100644 (file)
index 0000000..5d71cab
--- /dev/null
@@ -0,0 +1,2 @@
+LINUX_KERNEL_CMDLINE="console=tty1"
+LINUX_KERNEL_CMDLINE_DEFAULTS=""
index 5807896ae602d721401db09a3dba6f7478dab7a7..366ad10f08ca600f96edf7972cb552b76f5bcdaa 100755 (executable)
@@ -11,6 +11,8 @@ cat > /root/apt-tmp.conf <<EOF
 Dir::Etc::sourcelist "/root/temporary-local-repo.list";
 Dir::Etc::sourceparts "-";
 APT::Get::List-Cleanup "0";
+APT::Get::AllowUnauthenticated "true";
+Acquire::AllowInsecureRepositories "true";
 EOF
 export APT_CONFIG=/root/apt-tmp.conf
 
@@ -33,7 +35,7 @@ EOF
 # Update package list, update everything, install kernel & other custom packages and clean apt cache (remove no longer needed packages)
 apt-get update
 apt-get -y dist-upgrade
-apt-get -y --allow-unauthenticated install $(grep 'Package: ' /root/temp-repo/Packages | sed 's/Package: //' | sort -u)
+apt-get -y install $(grep 'Package: ' /root/temp-repo/Packages | sed 's/Package: //' | sort -u)
 rm -rf /root/temp-repo/
 apt-get clean
 
@@ -75,6 +77,7 @@ Dir::Etc::sourcelist "/root/temporary-local-repo.list";
 Dir::Etc::sourceparts "-";
 APT::Get::List-Cleanup "0";
 APT::Get::AllowUnauthenticated "true";
+Acquire::AllowInsecureRepositories "true";
 EOF
 
 # Update package list of local repo