root.sh

#!/bin/bash
#
# Copyright (C) 2017 Purism SPC
#
# SPDX-License-Identifier: GPL-3.0+
#


# distro and basedir set by calling script 
basedir="$1"
image_name="$2"
target_qemu="${basedir}/${qemu}"
stamp="${basedir}/var/log/gitrev.log"


for env_var in distro pureos_board packages; do
    if [ -z "${!env_var}" ]; then
	echo "Must pass in \$${env_var} via the environment" 1>&2
	exit 1
    fi
done

set -e
set -u
set -x


mirror=deb.debian.org

echo "Configuring ${distro} in ${basedir} for board ${pureos_board}"

case ${pureos_board} in 
  imx6)
    fdt_file=imx6qp-nitrogen6_max_purism.dtb
    ;;
  imx8)
    echo "board type ${pureos_board} not configured yet"
    ;;
  qemu)
    echo "board type ${pureos_board} not configured yet"
    exit 1
    ;;
  *)
    echo "unrecognized board type ${pureos_board}"
    exit 1
    ;;
esac


# bindmount qemu into the rootfs so we can chroot into it if needed
function setup_qemu()
{
    [ -f "${target_qemu}" ] || cp "${qemu}" "${target_qemu}"
}


function setup_kernel()
{
    local link

    link=$(basename "${basedir}"/boot/vmlinuz-*)
    rm -f "${basedir}/boot/zImage"
    ln -s "${link}" "${basedir}/boot/zImage"
    cp data/update-zImage-link "${basedir}/etc/kernel/postinst.d/"

    mkdir -p "${basedir}/boot/dtbs"
    cp "${basedir}"/usr/lib/linux-image-*/${fdt_file} "${basedir}/boot/dtbs/"
    # Make sure we have the kernel available for tests
    mkdir -p tmp/
    cp "${basedir}/boot/zImage" "tmp/"
}


function setup_uboot()
{
    sed -e "s/##DTBNAME##/${fdt_file}/" "data/boot-${pureos_board}.txt.in" > "${basedir}/boot/boot.txt"
    mkimage -A arm -T script -O linux -d "${basedir}/boot/boot.txt" "${basedir}/boot/boot.scr"
    ln -fs boot.scr "${basedir}/boot/6x_bootscript"

    [ ! -d "files/uboot-${pureos_board}" ] || cp -a "files/uboot-${pureos_board}/"* "${basedir}/boot/"
}


function build_tarball()
{
   tarball=$(basename "${image_name}" .img).tar.xz

   echo -n "Taring up rootfs to $PWD/${tarball}..."
   tar --acl \
       --exclude='./run/*' \
       --exclude='./dev/*' \
       --exclude='./sys/*' \
       --exclude='./proc/*' \
       -acf "${PWD}/${tarball}" -C "${basedir}" .
   echo "Done."
}


function cleanup_chroot()
{
    chroot "${basedir}" apt-get clean

    rm "${basedir}/etc/resolv.conf"
    mv "${basedir}/etc/resolv.conf.bak" "${basedir}/etc/resolv.conf"
    rm "${basedir}/usr/sbin/policy-rc.d"

    umount "${basedir}/dev/pts"
    umount "${basedir}/dev"
    umount "${basedir}/sys"
    umount "${basedir}/proc"

    # existence of stamp indicates success
    if [ -f "${stamp}" ]; then
      build_tarball
    fi
}


function prepare_chroot()
{
    trap cleanup_chroot EXIT

    mount -t proc chproc "${basedir}/proc"
    mount -t sysfs chsys "${basedir}/sys"
    mount -t devtmpfs chdev "${basedir}/dev" || mount --bind /dev "${basedir}/dev"
    mount -t devpts chpts "${basedir}/dev/pts"
    echo -e '#!/bin/sh\nexit 101' > "${basedir}/usr/sbin/policy-rc.d"
    chmod 755 "${basedir}/usr/sbin/policy-rc.d"
    mv "${basedir}/etc/resolv.conf" "${basedir}/etc/resolv.conf.bak"
    cp /etc/resolv.conf "${basedir}/etc"
}


function create_stamp()
{
    git log --format=format:%H -1 > "${stamp}"
}


function setup_gui()
{
    # Allow purism user to launch weston from the console, etc.
    for group in weston-launch video audio; do
        chroot "${basedir}" adduser purism "${group}"
    done
    # Will move into a debian package once we have build infra
    cp data/weston.service "${basedir}/etc/systemd/system/"
    chroot "${basedir}" systemctl enable weston.service
}


function setup_touchscreen()
{
    # this needs to be manually loaded
    echo blacklist rmi-i2c > /lib/modprobe.d/rmi-blacklist.conf
    cp data/rmi-ts.service "${basedir}/etc/systemd/system/"
    chroot "${basedir}" systemctl enable rmi-ts
}


function setup_journal()
{
    # Enable systemd journal
    chroot "${basedir}" mkdir -p /var/log/journal
    chroot "${basedir}" systemd-tmpfiles --create --prefix /var/log/journal
    chroot "${basedir}" apt-get -y remove rsyslog
    for l in daemon messages syslog kern mail user; do
        chroot "${basedir}" rm -f /var/log/${l}.*
    done
}


function setup_sshd()
{
    [[ "$packages" =~ "openssh-server" ]] || return
    # Generate new host keys on first boot
    cp data/gen-sshd-host-keys "${basedir}/usr/local/bin/"
    cp data/sshd-host-keys.service "${basedir}/etc/systemd/system/"
    chroot "${basedir}" systemctl enable sshd-host-keys.service
    chroot "${basedir}" rm -f /etc/ssh/ssh_host_*
}


# We have to do this because task packages don't work with debootstrap
# (and won't).  See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841649
# other packages are better installed late to not confuse deboostrap about
# systemd and systemd-shim (e.g. libpam-systemd)
function install_pkgs()
{
    chroot "${basedir}" apt-get -y update
    chroot "${basedir}" apt-get -y install ${packages}
}


function setup_apt()
{
    cat << EOF > "${basedir}/etc/apt/sources.list"
deb http://$mirror/debian $distro main contrib non-free
deb-src http://$mirror/debian $distro main contrib non-free
deb http://$mirror/debian $distro-updates main contrib non-free
deb-src http://$mirror/debian $distro-updates main contrib non-free
deb http://security.debian.org/debian-security $distro/updates main contrib non-free
deb-src http://security.debian.org/debian-security $distro/updates main contrib non-free
EOF

    cat << EOF > "${basedir}/etc/apt/apt.conf.d/71-no-recommends"
	APT::Install-Recommends "0";
	APT::Install-Suggests "0";
EOF
}


function setup_network()
{
    cat << EOF > "${basedir}/etc/hosts"
127.0.0.1       pureos   localhost
::1             localhost ip6-localhost ip6-loopback
fe00::0         ip6-localnet
ff00::0         ip6-mcastprefix
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters
EOF

    cat << EOF > "${basedir}/etc/network/interfaces"
auto lo
iface lo inet loopback

allow-hotplug eth0
iface eth0 inet dhcp
EOF


# Don't setup resolv.conf if it's a symlink
# DHCP will later handle this just fine
    if [ -f "${basedir}/etc/resolv.conf" ]; then
        cat <<EOF > "${basedir}/etc/resolv.conf"
    nameserver 208.67.220.220
    nameserver 208.67.222.222
EOF
    fi
}

# create the directories so that this script can be tested without the generated filesystem
mkdir -p "${basedir}/etc/apt/apt.conf.d/"
mkdir -p "${basedir}/etc/network"

export MALLOC_CHECK_=0 # workaround for LP: #520465
export LC_ALL=C
export DEBIAN_FRONTEND=noninteractive
export DEBCONF_NONINTERACTIVE_SEEN=true

cat << EOF > "${basedir}/debconf.set"
console-common console-data/keymap/policy select Select keymap from full list
console-common console-data/keymap/full select en-latin1-nodeadkeys
EOF

setup_network
prepare_chroot
setup_qemu
setup_apt
install_pkgs
setup_gui
setup_journal
setup_sshd
setup_touchscreen
# Skip setup until we have hardware,  not needed for qemu
if [ "${pureos_board}" != "imx8" ]; then
  setup_kernel
  setup_uboot
fi
create_stamp

if [ -x files/local.sh ]; then
    echo "Warning: local.sh found, image is tainted"
    echo "tainted: true" >> files/meta.yml
    ./files/local.sh "$@"
fi