├── configs ├── releng │ ├── airootfs │ │ ├── etc │ │ │ ├── hostname │ │ │ ├── shadow │ │ │ ├── locale.conf │ │ │ ├── localtime │ │ │ ├── passwd │ │ │ ├── resolv.conf │ │ │ ├── systemd │ │ │ │ ├── journald.conf.d │ │ │ │ │ ├── volatile-storage.conf │ │ │ │ │ └── audit.conf │ │ │ │ ├── system │ │ │ │ │ ├── multi-user.target.wants │ │ │ │ │ │ ├── pacman-init.service │ │ │ │ │ │ ├── choose-mirror.service │ │ │ │ │ │ ├── iwd.service │ │ │ │ │ │ ├── sshd.service │ │ │ │ │ │ ├── livecd-talk.service │ │ │ │ │ │ ├── ModemManager.service │ │ │ │ │ │ ├── qemu-guest-agent.service │ │ │ │ │ │ ├── systemd-networkd.service │ │ │ │ │ │ └── systemd-resolved.service │ │ │ │ │ ├── sound.target.wants │ │ │ │ │ │ └── livecd-alsa-unmuter.service │ │ │ │ │ ├── dbus-org.freedesktop.network1.service │ │ │ │ │ ├── dbus-org.freedesktop.resolve1.service │ │ │ │ │ ├── dbus-org.freedesktop.ModemManager1.service │ │ │ │ │ ├── sockets.target.wants │ │ │ │ │ │ └── systemd-networkd.socket │ │ │ │ │ ├── network-online.target.wants │ │ │ │ │ │ └── systemd-networkd-wait-online.service │ │ │ │ │ ├── getty@tty1.service.d │ │ │ │ │ │ └── autologin.conf │ │ │ │ │ ├── etc-pacman.d-gnupg.mount │ │ │ │ │ ├── choose-mirror.service │ │ │ │ │ ├── pacman-init.service │ │ │ │ │ ├── systemd-networkd-wait-online.service.d │ │ │ │ │ │ └── wait-for-only-one-interface.conf │ │ │ │ │ ├── livecd-alsa-unmuter.service │ │ │ │ │ └── livecd-talk.service │ │ │ │ ├── logind.conf.d │ │ │ │ │ └── do-not-suspend.conf │ │ │ │ └── network │ │ │ │ │ ├── 20-wlan.network │ │ │ │ │ ├── 20-wwan.network │ │ │ │ │ └── 20-ethernet.network │ │ │ ├── mkinitcpio.d │ │ │ │ └── linux-aarch64.preset │ │ │ ├── pacman.d │ │ │ │ ├── hooks │ │ │ │ │ ├── 40-locale-gen.hook │ │ │ │ │ ├── uncomment-mirrors.hook │ │ │ │ │ └── zzzz99-remove-custom-hooks-from-airootfs.hook │ │ │ │ └── mirrorlist │ │ │ ├── modprobe.d │ │ │ │ └── broadcom-wl.conf │ │ │ ├── motd │ │ │ ├── mkinitcpio.conf │ │ │ └── ssh │ │ │ │ └── sshd_config │ │ ├── usr │ │ │ ├── local │ │ │ │ ├── share │ │ │ │ │ └── livecd-sound │ │ │ │ │ │ └── asound.conf.in │ │ │ │ └── bin │ │ │ │ │ ├── Installation_guide │ │ │ │ │ ├── choose-mirror │ │ │ │ │ └── livecd-sound │ │ │ └── lib │ │ │ │ └── initcpio │ │ │ │ ├── hooks │ │ │ │ ├── archiso_shutdown │ │ │ │ ├── archiso_pxe_nfs │ │ │ │ ├── archiso_loop_mnt │ │ │ │ ├── archiso_pxe_nbd │ │ │ │ ├── archiso_pxe_http │ │ │ │ ├── archiso_pxe_common │ │ │ │ └── archiso │ │ │ │ ├── install │ │ │ │ ├── archiso_loop_mnt │ │ │ │ ├── archiso_pxe_nbd │ │ │ │ ├── archiso_pxe_nfs │ │ │ │ ├── archiso_pxe_http │ │ │ │ ├── archiso_shutdown │ │ │ │ ├── archiso_kms │ │ │ │ ├── archiso_pxe_common │ │ │ │ └── archiso │ │ │ │ ├── archiso_shutdown │ │ │ │ └── script │ │ │ │ └── archiso_shutdown │ │ └── root │ │ │ ├── .zlogin │ │ │ └── .automated_script.sh │ ├── bootstrap_packages.aarch64 │ ├── efiboot │ │ └── loader │ │ │ ├── loader.conf │ │ │ └── entries │ │ │ ├── 01-archiso-aarch64-linux.conf │ │ │ ├── 03-archiso-aarch64-ram-linux.conf │ │ │ └── 02-archiso-aarch64-speech-linux.conf │ ├── profiledef.sh │ ├── packages.aarch64 │ └── pacman.conf └── baseline │ ├── airootfs │ └── etc │ │ ├── shadow │ │ ├── systemd │ │ ├── system │ │ │ ├── multi-user.target.wants │ │ │ │ ├── sshd.service │ │ │ │ ├── vboxservice.service │ │ │ │ ├── qemu-guest-agent.service │ │ │ │ ├── systemd-networkd.service │ │ │ │ └── systemd-resolved.service │ │ │ ├── cloud-init.target.wants │ │ │ │ ├── cloud-config.service │ │ │ │ ├── cloud-final.service │ │ │ │ ├── cloud-init.service │ │ │ │ └── cloud-init-local.service │ │ │ ├── sockets.target.wants │ │ │ │ └── systemd-networkd.socket │ │ │ ├── network-online.target.wants │ │ │ │ └── systemd-networkd-wait-online.service │ │ │ └── systemd-networkd-wait-online.service.d │ │ │ │ └── wait-for-only-one-interface.conf │ │ └── network │ │ │ └── 20-ethernet.network │ │ ├── mkinitcpio.d │ │ └── linux.preset │ │ ├── mkinitcpio.conf │ │ └── ssh │ │ └── sshd_config │ ├── bootstrap_packages.x86_64 │ ├── efiboot │ └── loader │ │ ├── loader.conf │ │ └── entries │ │ ├── 01-archiso-x86_64-linux.conf │ │ └── 02-archiso-x86_64-ram-linux.conf │ ├── syslinux │ ├── syslinux.cfg │ └── syslinux-linux.cfg │ ├── packages.x86_64 │ ├── profiledef.sh │ └── pacman.conf ├── CONTRIBUTING.rst ├── .editorconfig ├── .gitlab-ci.yml ├── AUTHORS.rst ├── Makefile ├── docs ├── README.altbootmethods ├── README.transfer ├── README.bootparams └── README.profile.rst ├── scripts └── run_archiso.sh ├── CHANGELOG.rst ├── .gitlab └── ci │ └── build_archiso.sh ├── README.rst └── LICENSE /configs/releng/airootfs/etc/hostname: -------------------------------------------------------------------------------- 1 | archiso 2 | -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/shadow: -------------------------------------------------------------------------------- 1 | root::14871:::::: 2 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/shadow: -------------------------------------------------------------------------------- 1 | root::14871:::::: 2 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/locale.conf: -------------------------------------------------------------------------------- 1 | LANG=en_US.UTF-8 2 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/localtime: -------------------------------------------------------------------------------- 1 | /usr/share/zoneinfo/UTC -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/passwd: -------------------------------------------------------------------------------- 1 | root:x:0:0:root:/root:/usr/bin/zsh 2 | -------------------------------------------------------------------------------- /configs/baseline/bootstrap_packages.x86_64: -------------------------------------------------------------------------------- 1 | arch-install-scripts 2 | base 3 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | /run/systemd/resolve/stub-resolv.conf -------------------------------------------------------------------------------- /configs/releng/bootstrap_packages.aarch64: -------------------------------------------------------------------------------- 1 | arch-install-scripts 2 | base 3 | -------------------------------------------------------------------------------- /configs/baseline/efiboot/loader/loader.conf: -------------------------------------------------------------------------------- 1 | timeout 3 2 | default 01-archiso-x86_64-linux.conf 3 | -------------------------------------------------------------------------------- /configs/releng/efiboot/loader/loader.conf: -------------------------------------------------------------------------------- 1 | timeout 15 2 | default 01-archiso-aarch64-linux.conf 3 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf: -------------------------------------------------------------------------------- 1 | [Journal] 2 | Storage=volatile 3 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service: -------------------------------------------------------------------------------- 1 | ../pacman-init.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service: -------------------------------------------------------------------------------- 1 | ../choose-mirror.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/iwd.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/iwd.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/sshd.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/sshd.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/sound.target.wants/livecd-alsa-unmuter.service: -------------------------------------------------------------------------------- 1 | ../livecd-alsa-unmuter.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/journald.conf.d/audit.conf: -------------------------------------------------------------------------------- 1 | [Journal] 2 | ForwardToConsole=false 3 | ForwardToKMsg=false 4 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/dbus-org.freedesktop.network1.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-networkd.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-resolved.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/livecd-talk.service: -------------------------------------------------------------------------------- 1 | /etc/systemd/system/livecd-talk.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/cloud-config.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/cloud-final.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/cloud-init.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/vboxservice.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/dbus-org.freedesktop.ModemManager1.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/ModemManager.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/ModemManager.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/ModemManager.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-networkd.socket -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-networkd.socket -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/cloud-init-local.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/qemu-guest-agent.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-networkd.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-resolved.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/qemu-guest-agent.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-networkd.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-resolved.service -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/local/share/livecd-sound/asound.conf.in: -------------------------------------------------------------------------------- 1 | Defaults node 2 | defaults.ctl.card %card%; 3 | defaults.pcm.card %card%; 4 | -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/network/20-ethernet.network: -------------------------------------------------------------------------------- 1 | [Match] 2 | Name=en* 3 | Name=eth* 4 | 5 | [Network] 6 | DHCP=yes 7 | IPv6PrivacyExtensions=yes 8 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf: -------------------------------------------------------------------------------- 1 | [Login] 2 | HandleSuspendKey=ignore 3 | HandleHibernateKey=ignore 4 | HandleLidSwitch=ignore 5 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-networkd-wait-online.service -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service: -------------------------------------------------------------------------------- 1 | /usr/lib/systemd/system/systemd-networkd-wait-online.service -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf: -------------------------------------------------------------------------------- 1 | [Service] 2 | ExecStart= 3 | ExecStart=-/sbin/agetty --autologin root --noclear %I 38400 linux 4 | -------------------------------------------------------------------------------- /configs/baseline/syslinux/syslinux.cfg: -------------------------------------------------------------------------------- 1 | SERIAL 0 115200 2 | UI menu.c32 3 | MENU TITLE Arch Linux 4 | MENU CLEAR 5 | 6 | DEFAULT arch 7 | TIMEOUT 30 8 | 9 | INCLUDE syslinux-linux.cfg 10 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/local/bin/Installation_guide: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | exec lynx 'https://wiki.archlinux.org/title/Installation_guide' 6 | -------------------------------------------------------------------------------- /configs/baseline/packages.x86_64: -------------------------------------------------------------------------------- 1 | base 2 | cloud-init 3 | linux 4 | mkinitcpio 5 | mkinitcpio-archiso 6 | openssh 7 | pv 8 | qemu-guest-agent 9 | syslinux 10 | virtualbox-guest-utils-nox 11 | -------------------------------------------------------------------------------- /configs/releng/airootfs/root/.zlogin: -------------------------------------------------------------------------------- 1 | # fix for screen readers 2 | if grep -Fq 'accessibility=' /proc/cmdline &> /dev/null; then 3 | setopt SINGLE_LINE_ZLE 4 | fi 5 | 6 | ~/.automated_script.sh 7 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Temporary /etc/pacman.d/gnupg directory 3 | 4 | [Mount] 5 | What=tmpfs 6 | Where=/etc/pacman.d/gnupg 7 | Type=tmpfs 8 | Options=mode=0755 9 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/hooks/archiso_shutdown: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | run_cleanuphook() { 6 | rm -rf /usr/lib/modules 7 | cp -ax / /run/initramfs 8 | } 9 | 10 | # vim: set ft=sh: 11 | -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset: -------------------------------------------------------------------------------- 1 | # mkinitcpio preset file for the 'linux' package on archiso 2 | 3 | PRESETS=('archiso') 4 | 5 | ALL_kver='/boot/vmlinuz-linux' 6 | ALL_config='/etc/mkinitcpio.conf' 7 | 8 | archiso_image="/boot/initramfs-linux.img" 9 | -------------------------------------------------------------------------------- /configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf: -------------------------------------------------------------------------------- 1 | title Arch Linux (x86_64, UEFI) 2 | linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux 3 | initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img 4 | options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% 5 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/mkinitcpio.d/linux-aarch64.preset: -------------------------------------------------------------------------------- 1 | # mkinitcpio preset file for the 'linux-aarch64' package on archiso 2 | 3 | PRESETS=('archiso') 4 | 5 | ALL_kver='5.11.4-1-ARCH' 6 | ALL_config='/etc/mkinitcpio.conf' 7 | 8 | archiso_image="/boot/initramfs-linux.img" 9 | -------------------------------------------------------------------------------- /configs/releng/efiboot/loader/entries/01-archiso-aarch64-linux.conf: -------------------------------------------------------------------------------- 1 | title Arch Linux install medium (aarch64, UEFI) 2 | linux /%INSTALL_DIR%/boot/aarch64/Image 3 | initrd /%INSTALL_DIR%/boot/aarch64/initramfs-linux.img 4 | options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% 5 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/systemd/system/choose-mirror.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Choose mirror from the kernel command line 3 | ConditionKernelCommandLine=mirror 4 | 5 | [Service] 6 | Type=oneshot 7 | ExecStart=/usr/local/bin/choose-mirror 8 | 9 | [Install] 10 | WantedBy=multi-user.target 11 | -------------------------------------------------------------------------------- /configs/baseline/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf: -------------------------------------------------------------------------------- 1 | title Arch Linux (x86_64, UEFI) Copy to RAM 2 | linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux 3 | initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img 4 | options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% copytoram 5 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/install/archiso_loop_mnt: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | build() { 6 | add_runscript 7 | } 8 | 9 | help() { 10 | cat<`_). 7 | 8 | Editorconfig 9 | ============ 10 | 11 | A top-level editorconfig file is provided. Please configure your text editor to use it. 12 | 13 | Linting 14 | ======= 15 | 16 | All ash and bash scripts are linted using shellcheck: 17 | 18 | .. code:: bash 19 | 20 | make lint 21 | 22 | Testing 23 | ======= 24 | 25 | Contributors are expected to test their contributions by building the releng profile and running the resulting image 26 | using `run_archiso `_. 27 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/pacman.d/hooks/zzzz99-remove-custom-hooks-from-airootfs.hook: -------------------------------------------------------------------------------- 1 | # remove from airootfs! 2 | # As a workaround for https://bugs.archlinux.org/task/49347 , remove pacman hooks specific to the ISO build process. 3 | # If not, they would be used when pacstrap is run in the live environment. 4 | 5 | [Trigger] 6 | Operation = Install 7 | Operation = Upgrade 8 | Operation = Remove 9 | Type = Package 10 | Target = * 11 | 12 | [Action] 13 | Description = Work around FS#49347 by removing custom pacman hooks that are only required during ISO build... 14 | When = PostTransaction 15 | Depends = sh 16 | Depends = coreutils 17 | Depends = grep 18 | Exec = /bin/sh -c "rm -- $(grep -Frl 'remove from airootfs' /etc/pacman.d/hooks/)" 19 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/local/bin/choose-mirror: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | get_cmdline() { 6 | local param 7 | for param in $(< /proc/cmdline); do 8 | case "${param}" in 9 | $1=*) echo "${param##*=}"; 10 | return 0 11 | ;; 12 | esac 13 | done 14 | } 15 | 16 | mirror=$(get_cmdline mirror) 17 | [[ $mirror = auto ]] && mirror=$(get_cmdline archiso_http_srv) 18 | [[ $mirror ]] || exit 0 19 | 20 | mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig 21 | cat >/etc/pacman.d/mirrorlist << EOF 22 | # 23 | # Arch Linux ARM repository mirrorlist 24 | # Generated by archiso 25 | # 26 | 27 | Server = ${mirror%%/}/\$repo/os/\$arch 28 | EOF 29 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/install/archiso_kms: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | build() { 6 | add_module "amdgpu" 7 | add_module "radeon" 8 | add_module "nouveau" 9 | add_module "i915?" 10 | add_module "mgag200" 11 | add_module "via-agp?" 12 | add_module "sis-agp?" 13 | add_module "intel-agp?" 14 | 15 | if [[ $(uname -m) == i686 ]]; then 16 | add_module "amd64-agp" 17 | add_module "ati-agp" 18 | add_module "sworks-agp" 19 | add_module "ali-agp" 20 | add_module "amd-k7-agp" 21 | add_module "nvidia-agp" 22 | add_module "efficeon-agp" 23 | fi 24 | } 25 | 26 | help() { 27 | cat << HELPEOF 28 | Adds all common KMS drivers to the initramfs image. 29 | HELPEOF 30 | } 31 | -------------------------------------------------------------------------------- /configs/releng/profiledef.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # shellcheck disable=SC2034 3 | 4 | iso_name="archlinuxarm" 5 | iso_label="ARCH_AARCH64_$(date +%Y%m)" 6 | iso_publisher="Jack Myers" 7 | iso_application="Generic ARM64 Arch Linux Live/Rescue CD" 8 | iso_version="$(date +%Y.%m.%d)" 9 | install_dir="arch" 10 | buildmodes=('iso') 11 | bootmodes=('uefi-aarch64.systemd-boot.esp' 'uefi-aarch64.systemd-boot.eltorito') 12 | arch="aarch64" 13 | pacman_conf="pacman.conf" 14 | airootfs_image_type="squashfs" 15 | airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'arm' '-b' '1M' '-Xdict-size' '1M') 16 | file_permissions=( 17 | ["/etc/shadow"]="0:0:400" 18 | ["/root"]="0:0:750" 19 | ["/root/.automated_script.sh"]="0:0:755" 20 | ["/usr/local/bin/choose-mirror"]="0:0:755" 21 | ["/usr/local/bin/Installation_guide"]="0:0:755" 22 | ["/usr/local/bin/livecd-sound"]="0:0:755" 23 | ) 24 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | # EditorConfig for archiso 2 | # https://editorconfig.org/ 3 | # 4 | # SPDX-License-Identifier: GPL-3.0-or-later 5 | 6 | # Top-most EditorConfig file 7 | root = true 8 | 9 | # Unix-style newlines without trailing whitespaces, but with a newline 10 | # ending every file, utf-8 charset, set indent to spaces with width of four 11 | [*] 12 | end_of_line = lf 13 | insert_final_newline = true 14 | trim_trailing_whitespace = true 15 | charset = utf-8 16 | indent_style = space 17 | indent_size = 4 18 | max_line_length = 120 19 | 20 | [*.{yml,yaml}] 21 | end_of_line = lf 22 | insert_final_newline = true 23 | trim_trailing_whitespace = true 24 | charset = utf-8 25 | indent_style = space 26 | indent_size = 2 27 | 28 | [*.rst] 29 | end_of_line = lf 30 | insert_final_newline = true 31 | trim_trailing_whitespace = true 32 | charset = utf-8 33 | indent_style = space 34 | indent_size = 2 35 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/install/archiso_pxe_common: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | build() { 6 | add_checked_modules -f "(irda|phy|wimax|wireless|ppp_|plip|pppoe)" "/drivers/net/" 7 | 8 | add_runscript 9 | 10 | add_binary /usr/lib/initcpio/ipconfig /bin/ipconfig 11 | 12 | # Add hosts support files+dns 13 | add_symlink /usr/lib/libnss_files.so.2 "$(readlink /usr/lib/libnss_files.so.2)" 14 | add_binary "$(readlink -f /usr/lib/libnss_files.so.2)" 15 | add_symlink /usr/lib/libnss_dns.so.2 "$(readlink /usr/lib/libnss_dns.so.2)" 16 | add_binary "$(readlink -f /usr/lib/libnss_dns.so.2)" 17 | 18 | add_dir /etc 19 | echo "hosts: files dns" > "$BUILDROOT/etc/nsswitch.conf" 20 | } 21 | 22 | help() { 23 | cat</dev/null 20 | rt=$? 21 | else 22 | cp "${script}" /tmp/startup_script 23 | rt=$? 24 | fi 25 | if [[ ${rt} -eq 0 ]]; then 26 | chmod +x /tmp/startup_script 27 | /tmp/startup_script 28 | fi 29 | fi 30 | } 31 | 32 | if [[ $(tty) == "/dev/tty1" ]]; then 33 | automated_script 34 | fi 35 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/install/archiso: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | build() { 6 | add_module "cdrom" 7 | add_module "loop" 8 | add_module "dm-snapshot" 9 | add_module "overlay" 10 | 11 | add_runscript 12 | 13 | add_binary /usr/lib/udev/cdrom_id 14 | add_binary blockdev 15 | add_binary dmsetup 16 | add_binary losetup 17 | add_binary mountpoint 18 | add_binary truncate 19 | add_binary gpg 20 | add_binary grep 21 | 22 | if command -v pv > /dev/null 2>&1; then 23 | add_binary pv 24 | else 25 | warning 'pv not found; falling back to cp for copy to RAM' 26 | fi 27 | 28 | add_file /usr/lib/udev/rules.d/60-cdrom_id.rules 29 | add_file /usr/lib/udev/rules.d/10-dm.rules 30 | add_file /usr/lib/udev/rules.d/95-dm-notify.rules 31 | add_file /usr/lib/initcpio/udev/11-dm-initramfs.rules /usr/lib/udev/rules.d/11-dm-initramfs.rules 32 | if [[ $ARCHISO_GNUPG_FD ]]; then 33 | mkdir -m 0700 -- "$BUILDROOT/gpg" 34 | gpg --homedir "$BUILDROOT/gpg" --import <& "$ARCHISO_GNUPG_FD" 35 | fi 36 | } 37 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/archiso_shutdown: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | # /oldroot depends on things inside /oldroot/run/archiso... 6 | mkdir /oldrun 7 | mount -n --move /oldroot/run /oldrun 8 | 9 | # Unmount all mounts now. 10 | umount "$(mount | awk '$3 ~/^\/oldroot/ {print $3}' | sort -r)" 11 | 12 | # Remove all dm-snapshot devices. 13 | dmsetup remove_all 14 | 15 | # Remove all loopback devices. 16 | for _lup in $(grep ^/dev/loop /oldrun/archiso/used_block_devices | tac); do 17 | if ! losetup -d -- "${_lup}" 2> /dev/null; then 18 | umount -d -- "${_lup}" 19 | fi 20 | done 21 | 22 | # Unmount the space used to store *.cow. 23 | umount /oldrun/archiso/cowspace 24 | 25 | # Unmount boot device if needed (no copytoram=y used) 26 | if [ ! -d /oldrun/archiso/copytoram ]; then 27 | if [ -d /oldrun/archiso/img_dev ]; then 28 | umount /oldrun/archiso/img_dev 29 | else 30 | umount /oldrun/archiso/bootmnt 31 | fi 32 | fi 33 | 34 | # reboot / poweroff / halt, depending on the argument passed by init 35 | # if something invalid is passed, we halt 36 | case "$1" in 37 | reboot|poweroff|halt) "$1" -f ;; 38 | *) halt -f;; 39 | esac 40 | 41 | # vim: set ft=sh: 42 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/script/archiso_shutdown: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | # /oldroot depends on things inside /oldroot/run/archiso... 6 | mkdir /oldrun 7 | mount -n --move /oldroot/run /oldrun 8 | 9 | # Unmount all mounts now. 10 | umount "$(mount | awk '$3 ~/^\/oldroot/ {print $3}' | sort -r)" 11 | 12 | # Remove all dm-snapshot devices. 13 | dmsetup remove_all 14 | 15 | # Remove all loopback devices. 16 | for _lup in $(grep ^/dev/loop /oldrun/archiso/used_block_devices | tac); do 17 | if ! losetup -d -- "${_lup}" 2> /dev/null; then 18 | umount -d -- "${_lup}" 19 | fi 20 | done 21 | 22 | # Unmount the space used to store *.cow. 23 | umount /oldrun/archiso/cowspace 24 | 25 | # Unmount boot device if needed (no copytoram=y used) 26 | if [ ! -d /oldrun/archiso/copytoram ]; then 27 | if [ -d /oldrun/archiso/img_dev ]; then 28 | umount /oldrun/archiso/img_dev 29 | else 30 | umount /oldrun/archiso/bootmnt 31 | fi 32 | fi 33 | 34 | # reboot / poweroff / halt, depending on the argument passed by init 35 | # if something invalid is passed, we halt 36 | case "$1" in 37 | reboot|poweroff|halt) "$1" -f ;; 38 | *) halt -f;; 39 | esac 40 | 41 | # vim: set ft=sh: 42 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | # NOTE: most functionality (apart from building) is abstracted by this include 6 | include: 7 | - project: 'archlinux/ci-scripts' 8 | ref: master 9 | file: '/prepare_archiso_vm.yml' 10 | 11 | variables: 12 | BUILD_SCRIPT: ./.gitlab/ci/build_archiso.sh 13 | PACKAGE_LIST: dosfstools e2fsprogs erofs-utils jq libisoburn mtools openssl qemu-headless squashfs-tools zsync 14 | QEMU_BUILD_TIMEOUT: 2400 15 | QEMU_COPY_ARTIFACTS_TIMEOUT: 120 16 | QEMU_VM_MEMORY: 3072 17 | ARCHISO_COW_SPACE_SIZE: 2g 18 | 19 | stages: 20 | - check 21 | - build 22 | 23 | check: 24 | before_script: 25 | - pacman --noconfirm -Syu --needed make shellcheck 26 | script: 27 | - make lint 28 | stage: check 29 | 30 | build_short: 31 | extends: .build 32 | parallel: 33 | matrix: 34 | - BUILD_SCRIPT_ARGS: baseline bootstrap 35 | - BUILD_SCRIPT_ARGS: releng bootstrap 36 | 37 | build_long: 38 | extends: .build 39 | parallel: 40 | matrix: 41 | - BUILD_SCRIPT_ARGS: baseline iso 42 | - BUILD_SCRIPT_ARGS: baseline netboot 43 | - BUILD_SCRIPT_ARGS: releng iso 44 | - BUILD_SCRIPT_ARGS: releng netboot 45 | tags: 46 | - fast-single-thread 47 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/hooks/archiso_pxe_nfs: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | run_hook() { 6 | # shellcheck disable=SC2154 7 | # defined via initcpio's parse_cmdline() 8 | if [ -n "${ip}" ] && [ -n "${archiso_nfs_srv}" ]; then 9 | 10 | archiso_nfs_srv=$(eval echo "${archiso_nfs_srv}") 11 | 12 | export mount_handler="archiso_nfs_mount_handler" 13 | fi 14 | } 15 | 16 | archiso_nfs_mount_handler() { 17 | local mount_status 18 | newroot="${1}" 19 | mkdir -p "/run/archiso/bootmnt" 20 | msg ":: Mounting '${archiso_nfs_srv}'" 21 | # shellcheck disable=SC2154 22 | # defined via initcpio's parse_cmdline() 23 | if [ -n "${archiso_nfs_opt}" ]; then 24 | nfsmount -o "${archiso_nfs_opt}" "${archiso_nfs_srv}" "/run/archiso/bootmnt" 25 | mount_status=$? 26 | else 27 | nfsmount "${archiso_nfs_srv}" "/run/archiso/bootmnt" 28 | mount_status=$? 29 | fi 30 | if [ $mount_status -gt 0 ]; then 31 | echo "ERROR: Mounting '${archiso_nfs_srv}'" 32 | echo " Falling back to interactive prompt" 33 | echo " You can try to fix the problem manually, log out when you are finished" 34 | launch_interactive_shell 35 | fi 36 | 37 | if [ "${copytoram}" != "n" ]; then 38 | copytoram="y" 39 | fi 40 | 41 | archiso_mount_handler "${newroot}" 42 | } 43 | 44 | # vim: set ft=sh: 45 | -------------------------------------------------------------------------------- /AUTHORS.rst: -------------------------------------------------------------------------------- 1 | =============== 2 | Archiso Authors 3 | =============== 4 | 5 | * Aaron Griffin 6 | * Adam Purkrt 7 | * Alexander Epaneshnikov 8 | * Chandan Singh 9 | * Charles Vejnar 10 | * Christian Hesse 11 | * Christopher Brannon 12 | * Dan McGee 13 | * David Runge 14 | * David Thurstenson 15 | * Dieter Plaetinck 16 | * Eli Schwartz 17 | * Florian Pritz 18 | * Francois Dupoux 19 | * Gerardo Exequiel Pozzi 20 | * Gerhard Brauer 21 | * James Sitegen 22 | * Justin Kromlinger 23 | * Keshav Amburay 24 | * Loui Chang 25 | * Lukas Fleischer 26 | * Martin Damian Fernandez 27 | * Michael Vorburger 28 | * Pierre Schmitz 29 | * Sean Enck 30 | * Simo Leone 31 | * Steffen Bönigk 32 | * Sven-Hendrik Haase 33 | * Thomas Bächler 34 | * Yu Li-Yu 35 | * nl6720 36 | * Øyvind Heggstad 37 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/hooks/archiso_loop_mnt: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | run_hook () { 6 | # shellcheck disable=SC2154 7 | # defined via initcpio's parse_cmdline() 8 | [ -n "${img_label}" ] && img_dev="/dev/disk/by-label/${img_label}" 9 | [ -z "${img_flags}" ] && img_flags="defaults" 10 | # shellcheck disable=SC2154 11 | # defined via initcpio's parse_cmdline() 12 | if [ -n "${img_dev}" ] && [ -n "${img_loop}" ]; then 13 | export mount_handler="archiso_loop_mount_handler" 14 | fi 15 | } 16 | 17 | archiso_loop_mount_handler () { 18 | newroot="${1}" 19 | 20 | local _dev_loop 21 | 22 | msg ":: Setup a loop device from ${img_loop} located at device ${img_dev}" 23 | _mnt_dev "${img_dev}" "/run/archiso/img_dev" "-r" "${img_flags}" 24 | # shellcheck disable=SC2154 25 | # defined via initcpio's parse_cmdline() 26 | if [ "${copytoram}" != "y" ]; then 27 | readlink -f "${img_dev}" >> /run/archiso/used_block_devices 28 | fi 29 | 30 | if _dev_loop=$(losetup --find --show --read-only "/run/archiso/img_dev/${img_loop}"); then 31 | export archisodevice="${_dev_loop}" 32 | else 33 | echo "ERROR: Setting loopback device for file '/run/archiso/img_dev/${img_loop}'" 34 | launch_interactive_shell 35 | fi 36 | 37 | archiso_mount_handler "${newroot}" 38 | 39 | if [ "${copytoram}" = "y" ]; then 40 | losetup -d "${_dev_loop}" 2>/dev/null 41 | umount /run/archiso/img_dev 42 | fi 43 | } 44 | 45 | # vim: set ft=sh: 46 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/pacman.d/mirrorlist: -------------------------------------------------------------------------------- 1 | # 2 | # Arch Linux ARM repository mirrorlist 3 | # Generated on 2021-03-07 4 | # 5 | 6 | ## Geo-IP based mirror selection and load balancing 7 | Server = http://mirror.archlinuxarm.org/$arch/$repo 8 | 9 | ### Mirrors by country 10 | 11 | ### Australia (not Austria!) 12 | ## Sydney 13 | # Server = http://au.mirror.archlinuxarm.org/$arch/$repo 14 | 15 | ### Brazil 16 | ## Sao Paulo 17 | # Server = http://br.mirror.archlinuxarm.org/$arch/$repo 18 | 19 | ### Denmark 20 | ## Aalborg 21 | # Server = http://dk.mirror.archlinuxarm.org/$arch/$repo 22 | 23 | ### Germany 24 | ## Aachen 25 | # Server = http://de3.mirror.archlinuxarm.org/$arch/$repo 26 | ## Berlin 27 | # Server = http://de.mirror.archlinuxarm.org/$arch/$repo 28 | ## Coburg 29 | # Server = http://de4.mirror.archlinuxarm.org/$arch/$repo 30 | ## Falkenstein 31 | # Server = http://eu.mirror.archlinuxarm.org/$arch/$repo 32 | # Server = http://de5.mirror.archlinuxarm.org/$arch/$repo 33 | 34 | ### Greece 35 | ## Athens 36 | # Server = http://gr.mirror.archlinuxarm.org/$arch/$repo 37 | 38 | ### Hungary 39 | ## Budapest 40 | # Server = http://hu.mirror.archlinuxarm.org/$arch/$repo 41 | 42 | ### Singapore 43 | # Server = http://sg.mirror.archlinuxarm.org/$arch/$repo 44 | 45 | ### South Africa 46 | ## Johannesburg 47 | # Server = http://za.mirror.archlinuxarm.org/$arch/$repo 48 | 49 | ### Taiwan 50 | ## New Taipei City 51 | # Server = http://tw.mirror.archlinuxarm.org/$arch/$repo 52 | 53 | ### United States 54 | ## California 55 | # Server = http://ca.us.mirror.archlinuxarm.org/$arch/$repo 56 | ## Florida 57 | # Server = http://fl.us.mirror.archlinuxarm.org/$arch/$repo 58 | ## Illinois 59 | # Server = http://il.us.mirror.archlinuxarm.org/$arch/$repo 60 | ## New Jersey 61 | # Server = http://nj.us.mirror.archlinuxarm.org/$arch/$repo -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/hooks/archiso_pxe_nbd: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | run_earlyhook() { 6 | # shellcheck disable=SC2154 7 | # defined via initcpio's parse_cmdline() 8 | if [ -n "${ip}" ] && [ -n "${archiso_nbd_srv}" ]; then 9 | # Module autoloading like with loop devices does not work, doing manually... 10 | modprobe nbd 2> /dev/null 11 | fi 12 | } 13 | 14 | run_hook() { 15 | if [ -n "${ip}" ] && [ -n "${archiso_nbd_srv}" ]; then 16 | 17 | archiso_nbd_srv=$(eval echo "${archiso_nbd_srv}") 18 | [ -z "${archiso_nbd_name}" ] && archiso_nbd_name="archiso" 19 | 20 | export mount_handler="archiso_pxe_nbd_mount_handler" 21 | fi 22 | } 23 | 24 | archiso_pxe_nbd_mount_handler () { 25 | newroot="${1}" 26 | 27 | msg ":: Waiting for boot device..." 28 | while ! poll_device /dev/nbd0 30; do 29 | echo "ERROR: boot device didn't show up after 30 seconds..." 30 | echo " Falling back to interactive prompt" 31 | echo " You can try to fix the problem manually, log out when you are finished" 32 | launch_interactive_shell 33 | done 34 | 35 | msg ":: Setup NBD from ${archiso_nbd_srv} at /dev/nbd0" 36 | if [ "${copytoram}" != "n" ]; then 37 | nbd-client "${archiso_nbd_srv}" -N "${archiso_nbd_name}" /dev/nbd0 38 | copytoram="y" 39 | else 40 | nbd-client "${archiso_nbd_srv}" -N "${archiso_nbd_name}" -systemd-mark -persist /dev/nbd0 41 | fi 42 | 43 | export archisodevice=/dev/nbd0 44 | 45 | archiso_mount_handler "${newroot}" 46 | 47 | if [ "${copytoram}" = "y" ]; then 48 | msg ":: Disconnect NBD from ${archiso_nbd_srv} at /dev/nbd0" 49 | nbd-client -d /dev/nbd0 50 | fi 51 | } 52 | 53 | # vim: set ft=sh: 54 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # 2 | # SPDX-License-Identifier: GPL-3.0-or-later 3 | 4 | INSTALL_FILES=$(wildcard archiso/initcpio/install/*) 5 | HOOKS_FILES=$(wildcard archiso/initcpio/hooks/*) 6 | SCRIPT_FILES=$(wildcard archiso/initcpio/script/*) 7 | 8 | INSTALL_DIR=$(DESTDIR)/usr/lib/initcpio/install 9 | HOOKS_DIR=$(DESTDIR)/usr/lib/initcpio/hooks 10 | SCRIPT_DIR=$(DESTDIR)/usr/lib/initcpio 11 | 12 | DOC_FILES=$(wildcard docs/*) $(wildcard *.rst) 13 | 14 | DOC_DIR=$(DESTDIR)/usr/share/doc/archiso 15 | 16 | 17 | all: 18 | 19 | check: lint 20 | 21 | lint: 22 | shellcheck -s bash archiso/mkarchiso \ 23 | $(wildcard scripts/*.sh) \ 24 | $(wildcard .gitlab/ci/*.sh) \ 25 | $(INSTALL_FILES) \ 26 | $(wildcard configs/*/build.sh) \ 27 | $(wildcard configs/*/profiledef.sh) \ 28 | configs/releng/airootfs/root/.automated_script.sh \ 29 | configs/releng/airootfs/usr/local/bin/choose-mirror \ 30 | configs/releng/airootfs/usr/local/bin/livecd-sound 31 | shellcheck -s dash $(HOOKS_FILES) $(SCRIPT_FILES) 32 | 33 | install: install-program install-examples install-doc 34 | 35 | install-program: 36 | install -vDm 755 archiso/mkarchiso -t "$(DESTDIR)/usr/bin/" 37 | install -vDm 755 scripts/run_archiso.sh "$(DESTDIR)/usr/bin/run_archiso" 38 | 39 | install-initcpio: 40 | install -d $(SCRIPT_DIR) $(HOOKS_DIR) $(INSTALL_DIR) 41 | install -m 755 -t $(SCRIPT_DIR) $(SCRIPT_FILES) 42 | install -m 644 -t $(HOOKS_DIR) $(HOOKS_FILES) 43 | install -m 644 -t $(INSTALL_DIR) $(INSTALL_FILES) 44 | 45 | install-examples: 46 | install -d -m 755 $(DESTDIR)/usr/share/archiso/ 47 | cp -a --no-preserve=ownership configs $(DESTDIR)/usr/share/archiso/ 48 | 49 | install-doc: 50 | install -vDm 644 $(DOC_FILES) -t $(DOC_DIR) 51 | 52 | .PHONY: check install install-program install-initcpio install-examples install-doc lint 53 | -------------------------------------------------------------------------------- /configs/releng/packages.aarch64: -------------------------------------------------------------------------------- 1 | # TODO: might need archlinuxarm-keyring and archlinux-keyring (note that archlinux-keyring has never existed in the x86_64 iso installer) 2 | alsa-utils 3 | amd-ucode 4 | arch-install-scripts 5 | archinstall 6 | b43-fwcutter 7 | base 8 | bind-tools 9 | brltty 10 | #broadcom-wl 11 | btrfs-progs 12 | clonezilla 13 | #cloud-init 14 | crda 15 | cryptsetup 16 | darkhttpd 17 | ddrescue 18 | dhclient 19 | dhcpcd 20 | diffutils 21 | dmraid 22 | dnsmasq 23 | dosfstools 24 | e2fsprogs 25 | #edk2-shell 26 | efibootmgr 27 | espeakup 28 | ethtool 29 | exfatprogs 30 | f2fs-tools 31 | fatresize 32 | fsarchiver 33 | gnu-netcat 34 | gpart 35 | gpm 36 | gptfdisk 37 | grml-zsh-config 38 | hdparm 39 | #intel-ucode 40 | #ipw2100-fw 41 | #ipw2200-fw 42 | irssi 43 | iw 44 | iwd 45 | jfsutils 46 | kitty-terminfo 47 | less 48 | lftp 49 | libfido2 50 | libusb-compat 51 | #linux 52 | linux-aarch64 53 | linux-atm 54 | linux-firmware 55 | livecd-sounds 56 | lsscsi 57 | lvm2 58 | lynx 59 | man-db 60 | man-pages 61 | mc 62 | mdadm 63 | #memtest86+ 64 | mkinitcpio 65 | #mkinitcpio-archiso 66 | mkinitcpio-nfs-utils 67 | modemmanager 68 | mtools 69 | nano 70 | nbd 71 | ndisc6 72 | nfs-utils 73 | nilfs-utils 74 | nmap 75 | ntfs-3g 76 | nvme-cli 77 | openconnect 78 | openssh 79 | openvpn 80 | partclone 81 | parted 82 | partimage 83 | pcsclite 84 | ppp 85 | pptpclient 86 | pv 87 | qemu-guest-agent 88 | #reflector 89 | reiserfsprogs 90 | rp-pppoe 91 | rsync 92 | rxvt-unicode-terminfo 93 | screen 94 | sdparm 95 | sg3_utils 96 | smartmontools 97 | sof-firmware 98 | squashfs-tools 99 | sudo 100 | #syslinux 101 | systemd-resolvconf 102 | tcpdump 103 | terminus-font 104 | testdisk 105 | tmux 106 | tpm2-tss 107 | udftools 108 | usb_modeswitch 109 | usbmuxd 110 | usbutils 111 | vim 112 | #virtualbox-guest-utils-nox 113 | vpnc 114 | wireless-regdb 115 | wireless_tools 116 | wpa_supplicant 117 | wvdial 118 | xfsprogs 119 | xl2tpd 120 | zsh 121 | -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/mkinitcpio.conf: -------------------------------------------------------------------------------- 1 | # vim:set ft=sh 2 | # MODULES 3 | # The following modules are loaded before any boot hooks are 4 | # run. Advanced users may wish to specify all system modules 5 | # in this array. For instance: 6 | # MODULES=(piix ide_disk reiserfs) 7 | MODULES=() 8 | 9 | # BINARIES 10 | # This setting includes any additional binaries a given user may 11 | # wish into the CPIO image. This is run last, so it may be used to 12 | # override the actual binaries included by a given hook 13 | # BINARIES are dependency parsed, so you may safely ignore libraries 14 | BINARIES=() 15 | 16 | # FILES 17 | # This setting is similar to BINARIES above, however, files are added 18 | # as-is and are not parsed in any way. This is useful for config files. 19 | FILES=() 20 | 21 | # HOOKS 22 | # This is the most important setting in this file. The HOOKS control the 23 | # modules and scripts added to the image, and what happens at boot time. 24 | # Order is important, and it is recommended that you do not change the 25 | # order in which HOOKS are added. Run 'mkinitcpio -H ' for 26 | # help on a given hook. 27 | # 'base' is _required_ unless you know precisely what you are doing. 28 | # 'udev' is _required_ in order to automatically load modules 29 | # 'filesystems' is _required_ unless you specify your fs modules in MODULES 30 | # Examples: 31 | ## This setup specifies all modules in the MODULES setting above. 32 | ## No raid, lvm2, or encrypted root is needed. 33 | # HOOKS=(base) 34 | # 35 | ## This setup will autodetect all modules for your system and should 36 | ## work as a sane default 37 | # HOOKS=(base udev autodetect block filesystems) 38 | # 39 | ## This setup will generate a 'full' image which supports most systems. 40 | ## No autodetection is done. 41 | # HOOKS=(base udev block filesystems) 42 | # 43 | ## This setup assembles a pata mdadm array with an encrypted root FS. 44 | ## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. 45 | # HOOKS=(base udev block mdadm encrypt filesystems) 46 | # 47 | ## This setup loads an lvm2 volume group on a usb device. 48 | # HOOKS=(base udev block lvm2 filesystems) 49 | # 50 | ## NOTE: If you have /usr on a separate partition, you MUST include the 51 | # usr, fsck and shutdown hooks. 52 | HOOKS=(base udev modconf archiso block filesystems) 53 | 54 | # COMPRESSION 55 | # Use this to compress the initramfs image. By default, gzip compression 56 | # is used. Use 'cat' to create an uncompressed image. 57 | #COMPRESSION="gzip" 58 | #COMPRESSION="bzip2" 59 | #COMPRESSION="lzma" 60 | #COMPRESSION="xz" 61 | #COMPRESSION="lzop" 62 | #COMPRESSION="lz4" 63 | #COMPRESSION="zstd" 64 | 65 | # COMPRESSION_OPTIONS 66 | # Additional options for the compressor 67 | #COMPRESSION_OPTIONS=() 68 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/hooks/archiso_pxe_http: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | run_hook() { 6 | # shellcheck disable=SC2154 7 | # defined via initcpio's parse_cmdline() 8 | if [ -n "${ip}" ] && [ -n "${archiso_http_srv}" ]; then 9 | 10 | # booting with http is always copy-to-ram, so set here to make sure 11 | # addresses are flushed and interface is set down 12 | export copytoram="y" 13 | 14 | archiso_http_srv=$(eval echo "${archiso_http_srv}") 15 | [ -z "${archiso_http_spc}" ] && archiso_http_spc="75%" 16 | 17 | export mount_handler="archiso_pxe_http_mount_handler" 18 | fi 19 | } 20 | 21 | # Fetch a file with CURL 22 | # 23 | # $1 URL 24 | # $2 Destination directory inside httpspace/${archisobasedir} 25 | _curl_get() { 26 | local _url="${1}" 27 | local _dst="${2}" 28 | 29 | msg ":: Downloading '${_url}'" 30 | # shellcheck disable=SC2154 31 | # defined via initcpio's parse_cmdline() 32 | if ! curl -L -f -o "/run/archiso/httpspace/${archisobasedir}${_dst}/${_url##*/}" --create-dirs "${_url}"; then 33 | echo "ERROR: Downloading '${_url}'" 34 | echo " Falling back to interactive prompt" 35 | echo " You can try to fix the problem manually, log out when you are finished" 36 | launch_interactive_shell 37 | fi 38 | } 39 | 40 | archiso_pxe_http_mount_handler () { 41 | newroot="${1}" 42 | local img_type="sfs" 43 | 44 | msg ":: Mounting /run/archiso/httpspace (tmpfs) filesystem, size='${archiso_http_spc}'" 45 | mkdir -p "/run/archiso/httpspace" 46 | mount -t tmpfs -o size="${archiso_http_spc}",mode=0755 httpspace "/run/archiso/httpspace" 47 | 48 | # shellcheck disable=SC2154 49 | # defined via initcpio's parse_cmdline() 50 | if ! curl -L -f -o /dev/null -s -r 0-0 "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs"; then 51 | if curl -L -f -o /dev/null -s -r 0-0 "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.erofs"; then 52 | img_type="erofs" 53 | fi 54 | fi 55 | _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.${img_type}" "/${arch}" 56 | 57 | # shellcheck disable=SC2154 58 | # defined via initcpio's parse_cmdline() 59 | if [ "${checksum}" = "y" ]; then 60 | _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sha512" "/${arch}" 61 | fi 62 | # shellcheck disable=SC2154 63 | # defined via initcpio's parse_cmdline() 64 | if [ "${verify}" = "y" ]; then 65 | _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.${img_type}.sig" "/${arch}" 66 | fi 67 | 68 | mkdir -p "/run/archiso/bootmnt" 69 | mount -o bind /run/archiso/httpspace /run/archiso/bootmnt 70 | 71 | archiso_mount_handler "${newroot}" 72 | } 73 | 74 | # vim: set ft=sh: 75 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/mkinitcpio.conf: -------------------------------------------------------------------------------- 1 | # vim:set ft=sh 2 | # MODULES 3 | # The following modules are loaded before any boot hooks are 4 | # run. Advanced users may wish to specify all system modules 5 | # in this array. For instance: 6 | # MODULES=(piix ide_disk reiserfs) 7 | MODULES=() 8 | 9 | # BINARIES 10 | # This setting includes any additional binaries a given user may 11 | # wish into the CPIO image. This is run last, so it may be used to 12 | # override the actual binaries included by a given hook 13 | # BINARIES are dependency parsed, so you may safely ignore libraries 14 | BINARIES=() 15 | 16 | # FILES 17 | # This setting is similar to BINARIES above, however, files are added 18 | # as-is and are not parsed in any way. This is useful for config files. 19 | FILES=() 20 | 21 | # HOOKS 22 | # This is the most important setting in this file. The HOOKS control the 23 | # modules and scripts added to the image, and what happens at boot time. 24 | # Order is important, and it is recommended that you do not change the 25 | # order in which HOOKS are added. Run 'mkinitcpio -H ' for 26 | # help on a given hook. 27 | # 'base' is _required_ unless you know precisely what you are doing. 28 | # 'udev' is _required_ in order to automatically load modules 29 | # 'filesystems' is _required_ unless you specify your fs modules in MODULES 30 | # Examples: 31 | ## This setup specifies all modules in the MODULES setting above. 32 | ## No raid, lvm2, or encrypted root is needed. 33 | # HOOKS=(base) 34 | # 35 | ## This setup will autodetect all modules for your system and should 36 | ## work as a sane default 37 | # HOOKS=(base udev autodetect block filesystems) 38 | # 39 | ## This setup will generate a 'full' image which supports most systems. 40 | ## No autodetection is done. 41 | # HOOKS=(base udev block filesystems) 42 | # 43 | ## This setup assembles a pata mdadm array with an encrypted root FS. 44 | ## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. 45 | # HOOKS=(base udev block mdadm encrypt filesystems) 46 | # 47 | ## This setup loads an lvm2 volume group on a usb device. 48 | # HOOKS=(base udev block lvm2 filesystems) 49 | # 50 | ## NOTE: If you have /usr on a separate partition, you MUST include the 51 | # usr, fsck and shutdown hooks. 52 | HOOKS=(base udev modconf archiso_shutdown archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs archiso_kms block filesystems keyboard) 53 | 54 | # COMPRESSION 55 | # Use this to compress the initramfs image. By default, gzip compression 56 | # is used. Use 'cat' to create an uncompressed image. 57 | #COMPRESSION="gzip" 58 | #COMPRESSION="bzip2" 59 | #COMPRESSION="lzma" 60 | #COMPRESSION="xz" 61 | #COMPRESSION="lzop" 62 | #COMPRESSION="lz4" 63 | #COMPRESSION="zstd" 64 | 65 | # COMPRESSION_OPTIONS 66 | # Additional options for the compressor 67 | #COMPRESSION_OPTIONS=() 68 | -------------------------------------------------------------------------------- /configs/releng/pacman.conf: -------------------------------------------------------------------------------- 1 | # 2 | # /etc/pacman.conf 3 | # 4 | # See the pacman.conf(5) manpage for option and repository directives 5 | 6 | # 7 | # GENERAL OPTIONS 8 | # 9 | [options] 10 | # The following paths are commented out with their default values listed. 11 | # If you wish to use different paths, uncomment and update the paths. 12 | #RootDir = / 13 | #DBPath = /var/lib/pacman/ 14 | #CacheDir = /var/cache/pacman/pkg/ 15 | #LogFile = /var/log/pacman.log 16 | #GPGDir = /etc/pacman.d/gnupg/ 17 | #HookDir = /etc/pacman.d/hooks/ 18 | HoldPkg = pacman glibc 19 | #XferCommand = /usr/bin/curl -L -C - -f -o %o %u 20 | #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u 21 | #CleanMethod = KeepInstalled 22 | Architecture = auto 23 | 24 | # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup 25 | #IgnorePkg = 26 | #IgnoreGroup = 27 | 28 | #NoUpgrade = 29 | #NoExtract = 30 | 31 | # Misc options 32 | #UseSyslog 33 | #Color 34 | #NoProgressBar 35 | # We cannot check disk space from within a chroot environment 36 | #CheckSpace 37 | #VerbosePkgLists 38 | ParallelDownloads = 5 39 | 40 | # By default, pacman accepts packages signed by keys that its local keyring 41 | # trusts (see pacman-key and its man page), as well as unsigned packages. 42 | SigLevel = Required DatabaseOptional 43 | LocalFileSigLevel = Optional 44 | #RemoteFileSigLevel = Required 45 | 46 | # NOTE: You must run `pacman-key --init` before first using pacman; the local 47 | # keyring can then be populated with the keys of all official Arch Linux ARM 48 | # packagers with `pacman-key --populate archlinuxarm`. 49 | 50 | # 51 | # REPOSITORIES 52 | # - can be defined here or included from another file 53 | # - pacman will search repositories in the order defined here 54 | # - local/custom mirrors can be added here or in separate files 55 | # - repositories listed first will take precedence when packages 56 | # have identical names, regardless of version number 57 | # - URLs will have $repo replaced by the name of the current repo 58 | # - URLs will have $arch replaced by the name of the architecture 59 | # 60 | # Repository entries are of the format: 61 | # [repo-name] 62 | # Server = ServerName 63 | # Include = IncludePath 64 | # 65 | # The header [repo-name] is crucial - it must be present and 66 | # uncommented to enable the repo. 67 | # 68 | 69 | # The testing repositories are disabled by default. To enable, uncomment the 70 | # repo name header and Include lines. You can add preferred servers immediately 71 | # after the header, and they will be used before the default mirrors. 72 | 73 | [core] 74 | Include = /etc/pacman.d/mirrorlist 75 | 76 | [extra] 77 | Include = /etc/pacman.d/mirrorlist 78 | 79 | [community] 80 | Include = /etc/pacman.d/mirrorlist 81 | 82 | [alarm] 83 | Include = /etc/pacman.d/mirrorlist 84 | 85 | [aur] 86 | Include = /etc/pacman.d/mirrorlist 87 | 88 | # An example of a custom package repository. See the pacman manpage for 89 | # tips on creating your own repositories. 90 | #[custom] 91 | #SigLevel = Optional TrustAll 92 | #Server = file:///home/custompkgs 93 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/hooks/archiso_pxe_common: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | run_hook () { 6 | # Do *not* declare 'bootif_dev' local! We need it in run_latehook(). 7 | local i net_mac bootif_mac 8 | local DNSDOMAIN HOSTNAME IPV4DNS0 IPV4DNS1 ROOTSERVER 9 | # These variables will be parsed from /tmp/net-*.conf generated by ipconfig 10 | # shellcheck disable=SC2034 11 | local DEVICE IPV4ADDR IPV4BROADCAST IPV4NETMASK IPV4GATEWAY NISDOMAIN ROOTPATH filename 12 | 13 | if [ -n "${ip}" ]; then 14 | if [ -n "${BOOTIF}" ]; then 15 | bootif_mac="${BOOTIF#01-}" 16 | # shellcheck disable=SC2169,SC3060 17 | # ash supports bash-like string replacment 18 | bootif_mac="${bootif_mac//-/:}" 19 | for i in /sys/class/net/*/address; do 20 | read -r net_mac < "${i}" 21 | if [ "${bootif_mac}" = "${net_mac}" ]; then 22 | bootif_dev=${i#/sys/class/net/} 23 | bootif_dev=${bootif_dev%/address} 24 | break 25 | fi 26 | done 27 | if [ "${ip}" = "dhcp" ]; then 28 | ip=":::::${bootif_dev}:dhcp" 29 | else 30 | ip="${ip}::${bootif_dev}" 31 | fi 32 | fi 33 | 34 | # setup network and save some values 35 | if ! ipconfig -t 20 "ip=${ip}"; then 36 | echo "ERROR; Failed to configure network" 37 | echo " Falling back to interactive prompt" 38 | echo " You can try to fix the problem manually, log out when you are finished" 39 | launch_interactive_shell 40 | fi 41 | 42 | # shellcheck disable=SC1090 43 | # ipconfig generates these files 44 | . /tmp/net-*.conf 45 | 46 | export pxeserver="${ROOTSERVER}" 47 | 48 | # setup DNS resolver 49 | if [ "${IPV4DNS0}" != "0.0.0.0" ]; then 50 | echo "# added by archiso_pxe_common hook" > /etc/resolv.conf 51 | echo "nameserver ${IPV4DNS0}" >> /etc/resolv.conf 52 | fi 53 | if [ "${IPV4DNS1}" != "0.0.0.0" ]; then 54 | echo "nameserver ${IPV4DNS1}" >> /etc/resolv.conf 55 | fi 56 | if [ -n "${DNSDOMAIN}" ]; then 57 | echo "search ${DNSDOMAIN}" >> /etc/resolv.conf 58 | echo "domain ${DNSDOMAIN}" >> /etc/resolv.conf 59 | fi 60 | fi 61 | } 62 | 63 | run_latehook () { 64 | if [ -n "${ip}" ]; then 65 | [ -z "${copy_resolvconf}" ] && copy_resolvconf="y" 66 | 67 | # shellcheck disable=SC2154 68 | # defined via initcpio's parse_cmdline() 69 | if [ "${copytoram}" = "y" ]; then 70 | for curif in /sys/class/net/*; do 71 | netdev=${curif#/sys/class/net/} 72 | ip addr flush dev "${netdev}" 73 | ip link set "${netdev}" down 74 | done 75 | elif [ "${copy_resolvconf}" != "n" ] && [ -f /etc/resolv.conf ]; then 76 | rm -f /new_root/etc/resolv.conf 77 | cp /etc/resolv.conf /new_root/etc/resolv.conf 78 | fi 79 | fi 80 | } 81 | 82 | # vim: set ft=sh: 83 | -------------------------------------------------------------------------------- /configs/baseline/pacman.conf: -------------------------------------------------------------------------------- 1 | # 2 | # /etc/pacman.conf 3 | # 4 | # See the pacman.conf(5) manpage for option and repository directives 5 | 6 | # 7 | # GENERAL OPTIONS 8 | # 9 | [options] 10 | # The following paths are commented out with their default values listed. 11 | # If you wish to use different paths, uncomment and update the paths. 12 | #RootDir = / 13 | #DBPath = /var/lib/pacman/ 14 | #CacheDir = /var/cache/pacman/pkg/ 15 | #LogFile = /var/log/pacman.log 16 | #GPGDir = /etc/pacman.d/gnupg/ 17 | #HookDir = /etc/pacman.d/hooks/ 18 | HoldPkg = pacman glibc 19 | #XferCommand = /usr/bin/curl -L -C - -f -o %o %u 20 | #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u 21 | #CleanMethod = KeepInstalled 22 | Architecture = auto 23 | 24 | # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup 25 | #IgnorePkg = 26 | #IgnoreGroup = 27 | 28 | #NoUpgrade = 29 | #NoExtract = 30 | 31 | # Misc options 32 | #UseSyslog 33 | #Color 34 | #NoProgressBar 35 | # We cannot check disk space from within a chroot environment 36 | #CheckSpace 37 | #VerbosePkgLists 38 | ParallelDownloads = 5 39 | 40 | # By default, pacman accepts packages signed by keys that its local keyring 41 | # trusts (see pacman-key and its man page), as well as unsigned packages. 42 | SigLevel = Required DatabaseOptional 43 | LocalFileSigLevel = Optional 44 | #RemoteFileSigLevel = Required 45 | 46 | # NOTE: You must run `pacman-key --init` before first using pacman; the local 47 | # keyring can then be populated with the keys of all official Arch Linux 48 | # packagers with `pacman-key --populate archlinux`. 49 | 50 | # 51 | # REPOSITORIES 52 | # - can be defined here or included from another file 53 | # - pacman will search repositories in the order defined here 54 | # - local/custom mirrors can be added here or in separate files 55 | # - repositories listed first will take precedence when packages 56 | # have identical names, regardless of version number 57 | # - URLs will have $repo replaced by the name of the current repo 58 | # - URLs will have $arch replaced by the name of the architecture 59 | # 60 | # Repository entries are of the format: 61 | # [repo-name] 62 | # Server = ServerName 63 | # Include = IncludePath 64 | # 65 | # The header [repo-name] is crucial - it must be present and 66 | # uncommented to enable the repo. 67 | # 68 | 69 | # The testing repositories are disabled by default. To enable, uncomment the 70 | # repo name header and Include lines. You can add preferred servers immediately 71 | # after the header, and they will be used before the default mirrors. 72 | 73 | #[testing] 74 | #Include = /etc/pacman.d/mirrorlist 75 | 76 | [core] 77 | Include = /etc/pacman.d/mirrorlist 78 | 79 | [extra] 80 | Include = /etc/pacman.d/mirrorlist 81 | 82 | #[community-testing] 83 | #Include = /etc/pacman.d/mirrorlist 84 | 85 | [community] 86 | Include = /etc/pacman.d/mirrorlist 87 | 88 | # If you want to run 32 bit applications on your x86_64 system, 89 | # enable the multilib repositories as required here. 90 | 91 | #[multilib-testing] 92 | #Include = /etc/pacman.d/mirrorlist 93 | 94 | #[multilib] 95 | #Include = /etc/pacman.d/mirrorlist 96 | 97 | # An example of a custom package repository. See the pacman manpage for 98 | # tips on creating your own repositories. 99 | #[custom] 100 | #SigLevel = Optional TrustAll 101 | #Server = file:///home/custompkgs 102 | -------------------------------------------------------------------------------- /docs/README.altbootmethods: -------------------------------------------------------------------------------- 1 | INDEX 2 | ----- 3 | 4 | * Alternative boot methods (configs/releng) 5 | * ISO in loopback mode 6 | * ISO in memdisk mode 7 | * Network booting (PXE) [first stage] 8 | * DHCP + TFTP 9 | * DHCP + HTTP 10 | * HTTP/NFS/NBD [second stage] 11 | 12 | 13 | 14 | *** Alternative boot methods (configs/releng) 15 | 16 | ISO images names consist of: archlinux-..
-x86_64.iso 17 | 18 | Where: 19 | Year 20 | Month 21 |
Day 22 | 23 | 24 | ** ISO in loopback mode. 25 | 26 | Note: Described method is for using with GRUB2. 27 | GRUB2 is installed on target media and archlinux-..
-x86_64.iso 28 | is at path on disk and partition

, 29 | where filesystem is labeled as . 30 | 31 | menuentry "Arch Linux (x86_64)" { 32 | set isofile="//archlinux-..

-x86_64.iso" 33 | loopback loop (hd,

)$isofile 34 | linux (loop)/arch/boot/x86_64/vmlinuz img_label= img_loop=$isofile 35 | initrd (loop)/arch/boot/x86_64/archiso.img 36 | } 37 | 38 | 39 | ** ISO in memdisk mode. 40 | 41 | Note: Described method is for using with SYSLINUX. Anyway MEMDISK from SYSLINUX can work 42 | with other bootloaders. 43 | SYSLINUX is installed on target media and archlinux-..

-x86_64.iso 44 | is at path . 45 | 46 | 47 | LABEL arch_x64 48 | LINUX memdisk 49 | INITRD //archlinux-..
-x86_64.iso 50 | APPEND iso 51 | 52 | 53 | ** Network booting (PXE). 54 | 55 | All ISOs are ready to act as PXE server, some manual steps are needed 56 | to setup the desired PXE boot mode. 57 | Alternatively it is possible to use an existing PXE server following the same logic. 58 | Note: Setup network first, adjust IP adresses, and respect all slashes "/". 59 | 60 | First stage is for loading kernel and initramfs via PXE, two methods described here: 61 | 62 | * DHCP + TFTP 63 | 64 | Note: All NIC firmwares should support this. 65 | 66 | # dnsmasq --port=0 \ 67 | --enable-tftp \ 68 | --tftp-root=/run/archiso/bootmnt \ 69 | --dhcp-range=192.168.0.2,192.168.0.254,86400 \ 70 | --dhcp-boot=/arch/boot/syslinux/lpxelinux.0 \ 71 | --dhcp-option-force=209,boot/syslinux/archiso.cfg \ 72 | --dhcp-option-force=210,/arch/ 73 | 74 | * DHCP + HTTP 75 | 76 | Note: Not all NIC firmware supports HTTP and DNS (if domain name is used). 77 | At least this works with iPXE and gPXE. 78 | 79 | # dnsmasq --port=0 \ 80 | --dhcp-range=192.168.0.2,192.168.0.254,86400 \ 81 | --dhcp-boot=http://192.168.0.7/arch/boot/syslinux/lpxelinux.0 \ 82 | --dhcp-option-force=209,boot/syslinux/archiso.cfg \ 83 | --dhcp-option-force=210,http://192.168.0.7/arch/ 84 | 85 | 86 | Once the kernel is started from PXE, SquashFS files and other misc files 87 | inside "arch" directory must be loaded (second stage). One of the following 88 | methods can be used to serve the rest of live-medium. 89 | 90 | * HTTP 91 | 92 | # darkhttpd /run/archiso/bootmnt 93 | 94 | 95 | * NFS 96 | 97 | # echo "/run/archiso/bootmnt 192.168.0.*(ro,no_subtree_check,no_root_squash)" >> /etc/exports 98 | # systemctl start nfs-server.service 99 | 100 | 101 | * NBD 102 | 103 | Note: Adjust ARCH_201703 as needed. 104 | 105 | # cat << EOF > /tmp/nbd-server.conf 106 | [generic] 107 | [archiso] 108 | readonly = true 109 | exportname = /dev/disk/by-label/ARCH_201703 110 | EOF 111 | # nbd-server -C /tmp/nbd-server.conf 112 | -------------------------------------------------------------------------------- /configs/baseline/airootfs/etc/ssh/sshd_config: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ 2 | 3 | # This is the sshd server system-wide configuration file. See 4 | # sshd_config(5) for more information. 5 | 6 | # This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin 7 | 8 | # The strategy used for options in the default sshd_config shipped with 9 | # OpenSSH is to specify options with their default value where 10 | # possible, but leave them commented. Uncommented options override the 11 | # default value. 12 | 13 | #Port 22 14 | #AddressFamily any 15 | #ListenAddress 0.0.0.0 16 | #ListenAddress :: 17 | 18 | #HostKey /etc/ssh/ssh_host_rsa_key 19 | #HostKey /etc/ssh/ssh_host_ecdsa_key 20 | #HostKey /etc/ssh/ssh_host_ed25519_key 21 | 22 | # Ciphers and keying 23 | #RekeyLimit default none 24 | 25 | # Logging 26 | #SyslogFacility AUTH 27 | #LogLevel INFO 28 | 29 | # Authentication: 30 | 31 | #LoginGraceTime 2m 32 | PermitRootLogin yes 33 | #StrictModes yes 34 | #MaxAuthTries 6 35 | #MaxSessions 10 36 | 37 | #PubkeyAuthentication yes 38 | 39 | # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 40 | # but this is overridden so installations will only check .ssh/authorized_keys 41 | AuthorizedKeysFile .ssh/authorized_keys 42 | 43 | #AuthorizedPrincipalsFile none 44 | 45 | #AuthorizedKeysCommand none 46 | #AuthorizedKeysCommandUser nobody 47 | 48 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 49 | #HostbasedAuthentication no 50 | # Change to yes if you don't trust ~/.ssh/known_hosts for 51 | # HostbasedAuthentication 52 | #IgnoreUserKnownHosts no 53 | # Don't read the user's ~/.rhosts and ~/.shosts files 54 | #IgnoreRhosts yes 55 | 56 | # To disable tunneled clear text passwords, change to no here! 57 | #PasswordAuthentication yes 58 | #PermitEmptyPasswords no 59 | 60 | # Change to no to disable s/key passwords 61 | ChallengeResponseAuthentication no 62 | 63 | # Kerberos options 64 | #KerberosAuthentication no 65 | #KerberosOrLocalPasswd yes 66 | #KerberosTicketCleanup yes 67 | #KerberosGetAFSToken no 68 | 69 | # GSSAPI options 70 | #GSSAPIAuthentication no 71 | #GSSAPICleanupCredentials yes 72 | 73 | # Set this to 'yes' to enable PAM authentication, account processing, 74 | # and session processing. If this is enabled, PAM authentication will 75 | # be allowed through the ChallengeResponseAuthentication and 76 | # PasswordAuthentication. Depending on your PAM configuration, 77 | # PAM authentication via ChallengeResponseAuthentication may bypass 78 | # the setting of "PermitRootLogin without-password". 79 | # If you just want the PAM account and session checks to run without 80 | # PAM authentication, then enable this but set PasswordAuthentication 81 | # and ChallengeResponseAuthentication to 'no'. 82 | UsePAM yes 83 | 84 | #AllowAgentForwarding yes 85 | #AllowTcpForwarding yes 86 | #GatewayPorts no 87 | #X11Forwarding no 88 | #X11DisplayOffset 10 89 | #X11UseLocalhost yes 90 | #PermitTTY yes 91 | PrintMotd no # pam does that 92 | #PrintLastLog yes 93 | #TCPKeepAlive yes 94 | #PermitUserEnvironment no 95 | #Compression delayed 96 | #ClientAliveInterval 0 97 | #ClientAliveCountMax 3 98 | #UseDNS no 99 | #PidFile /run/sshd.pid 100 | #MaxStartups 10:30:100 101 | #PermitTunnel no 102 | #ChrootDirectory none 103 | #VersionAddendum none 104 | 105 | # no default banner path 106 | #Banner none 107 | 108 | # override default of no subsystems 109 | Subsystem sftp /usr/lib/ssh/sftp-server 110 | 111 | # Example of overriding settings on a per-user basis 112 | #Match User anoncvs 113 | # X11Forwarding no 114 | # AllowTcpForwarding no 115 | # PermitTTY no 116 | # ForceCommand cvs server 117 | -------------------------------------------------------------------------------- /configs/releng/airootfs/etc/ssh/sshd_config: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ 2 | 3 | # This is the sshd server system-wide configuration file. See 4 | # sshd_config(5) for more information. 5 | 6 | # This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin 7 | 8 | # The strategy used for options in the default sshd_config shipped with 9 | # OpenSSH is to specify options with their default value where 10 | # possible, but leave them commented. Uncommented options override the 11 | # default value. 12 | 13 | #Port 22 14 | #AddressFamily any 15 | #ListenAddress 0.0.0.0 16 | #ListenAddress :: 17 | 18 | #HostKey /etc/ssh/ssh_host_rsa_key 19 | #HostKey /etc/ssh/ssh_host_ecdsa_key 20 | #HostKey /etc/ssh/ssh_host_ed25519_key 21 | 22 | # Ciphers and keying 23 | #RekeyLimit default none 24 | 25 | # Logging 26 | #SyslogFacility AUTH 27 | #LogLevel INFO 28 | 29 | # Authentication: 30 | 31 | #LoginGraceTime 2m 32 | PermitRootLogin yes 33 | #StrictModes yes 34 | #MaxAuthTries 6 35 | #MaxSessions 10 36 | 37 | #PubkeyAuthentication yes 38 | 39 | # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 40 | # but this is overridden so installations will only check .ssh/authorized_keys 41 | AuthorizedKeysFile .ssh/authorized_keys 42 | 43 | #AuthorizedPrincipalsFile none 44 | 45 | #AuthorizedKeysCommand none 46 | #AuthorizedKeysCommandUser nobody 47 | 48 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 49 | #HostbasedAuthentication no 50 | # Change to yes if you don't trust ~/.ssh/known_hosts for 51 | # HostbasedAuthentication 52 | #IgnoreUserKnownHosts no 53 | # Don't read the user's ~/.rhosts and ~/.shosts files 54 | #IgnoreRhosts yes 55 | 56 | # To disable tunneled clear text passwords, change to no here! 57 | #PasswordAuthentication yes 58 | #PermitEmptyPasswords no 59 | 60 | # Change to no to disable s/key passwords 61 | ChallengeResponseAuthentication no 62 | 63 | # Kerberos options 64 | #KerberosAuthentication no 65 | #KerberosOrLocalPasswd yes 66 | #KerberosTicketCleanup yes 67 | #KerberosGetAFSToken no 68 | 69 | # GSSAPI options 70 | #GSSAPIAuthentication no 71 | #GSSAPICleanupCredentials yes 72 | 73 | # Set this to 'yes' to enable PAM authentication, account processing, 74 | # and session processing. If this is enabled, PAM authentication will 75 | # be allowed through the ChallengeResponseAuthentication and 76 | # PasswordAuthentication. Depending on your PAM configuration, 77 | # PAM authentication via ChallengeResponseAuthentication may bypass 78 | # the setting of "PermitRootLogin without-password". 79 | # If you just want the PAM account and session checks to run without 80 | # PAM authentication, then enable this but set PasswordAuthentication 81 | # and ChallengeResponseAuthentication to 'no'. 82 | UsePAM yes 83 | 84 | #AllowAgentForwarding yes 85 | #AllowTcpForwarding yes 86 | #GatewayPorts no 87 | #X11Forwarding no 88 | #X11DisplayOffset 10 89 | #X11UseLocalhost yes 90 | #PermitTTY yes 91 | PrintMotd no # pam does that 92 | #PrintLastLog yes 93 | #TCPKeepAlive yes 94 | #PermitUserEnvironment no 95 | #Compression delayed 96 | #ClientAliveInterval 0 97 | #ClientAliveCountMax 3 98 | #UseDNS no 99 | #PidFile /run/sshd.pid 100 | #MaxStartups 10:30:100 101 | #PermitTunnel no 102 | #ChrootDirectory none 103 | #VersionAddendum none 104 | 105 | # no default banner path 106 | #Banner none 107 | 108 | # override default of no subsystems 109 | Subsystem sftp /usr/lib/ssh/sftp-server 110 | 111 | # Example of overriding settings on a per-user basis 112 | #Match User anoncvs 113 | # X11Forwarding no 114 | # AllowTcpForwarding no 115 | # PermitTTY no 116 | # ForceCommand cvs server 117 | -------------------------------------------------------------------------------- /docs/README.transfer: -------------------------------------------------------------------------------- 1 | INDEX 2 | ----- 3 | 4 | * Transfer ISO file to target medium (configs/releng) 5 | * To -> CD / DVD / BD 6 | * To -> USB-key / SD / HDD / SSD 7 | * PC-BIOS (MBR) 8 | * PC-BIOS (ISOHYBRID-MBR) 9 | * PC-EFI (GPT) [x86_64 only] 10 | * PC-EFI (ISOHYBRID-GPT) [x86_64 only] 11 | 12 | 13 | 14 | *** Transfer ISO image to target medium (configs/releng) 15 | 16 | ISO images names consist of: archlinux-..
-x86_64.iso 17 | 18 | Where: 19 | Year 20 | Month 21 |
Day 22 | 23 | 24 | ** To -> CD / DVD / BD 25 | 26 | Note: All ISO images are booteable on a PC-BIOS via "El Torito" in no-emulation mode, 27 | All x86_64 ISO images are booteable on a PC-EFI via "El Torito" in no-emulation mode. 28 | 29 | Nomeclature: 30 | scsibus number 31 | target number 32 | lun number 33 | (Note: see cdrecord -scanbus, for these numbers) 34 | 35 | 36 | 1) Write it directly using your favorite recording program. 37 | # cdrecord dev=,, -dao archlinux-..
-x86_64.iso 38 | 39 | 40 | ** To -> USB Flash Drive (USB-key) / Memory card (SD) / 41 | Hard-Disk Drive (HDD) / Solid-State Drive (SSD) 42 | 43 | Note: These steps are the general workflow, you can skip some of them, 44 | using another filesystem if your bootloader supports it, 45 | installing to another directory than "arch/" or using more than 46 | one partition. Just ensure that main boot params options 47 | (archisolabel= and archisobasedir=) are set correctly according to your setup. 48 | 49 | Nomeclature: 50 | : Device node of the drive where ISO contents should be copied 51 | (example: /dev/sdx) 52 | : Device node of the partition on 53 | (example: /dev/sdx1) 54 | : Mount point path where is mounted 55 | (example: /mnt/sdx/1) 56 | : Path to the ISO file archlinux-..
-x86_64.iso 57 | (example: ~/archlinux-2017.03.01-x86_64.iso) 58 | : Represents the filesystem label of the 59 | (example: ARCH_201703) 60 | 61 | 62 | * PC-BIOS (MBR): 63 | 64 | Note: Using here a MBR partition mode as example, but GPT should also works 65 | if machine firmware is not broken. 66 | Just ensure that partition is set with attribute "2: legacy BIOS bootable" 67 | and use gptmbr.bin instead of mbr.bin for syslinux. 68 | 69 | 1) Create one partition entry in MBR and mark it as "active" (booteable). 70 | Note: Type "b" for FAT32, "83" for EXTFS or "7" for NTFS. 71 | # fdisk 72 | 73 | 2) Create a FAT32, EXTFS or NTFS filesystem on such partition and setup a label. 74 | Note: COW is not supported on NTFS. 75 | # mkfs.fat -F 32 -n 76 | # mkfs.ext4 -L 77 | # mkfs.ntfs -L 78 | 79 | 3) Mount target filesystem. 80 | # mount 81 | 82 | 4) Extract ISO image on target filesystem. 83 | # bsdtar -x --exclude=isolinux/ --exclude=EFI/ --exclude=loader/ -f -C 84 | 85 | 5) Install syslinux bootloader on target filesystem. 86 | # extlinux -i /arch/boot/syslinux 87 | 88 | 6) Unmount target filesystem. 89 | # umount 90 | 91 | 7) Install syslinux MBR boot code on target drive. 92 | # dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/mbr.bin of= 93 | 94 | 95 | * PC-BIOS (ISOHYBRID-MBR): 96 | 97 | Note: This method is the most easily, quick and dirty, but is the most limited 98 | if you want to use your target medium for other purposes. 99 | If using this does not work, use PC-BIOS (MBR) method instead. 100 | 101 | 1) Dump ISO file to target medium. 102 | # dd if= of= 103 | 104 | 105 | * PC-EFI (GPT) [x86_64 only] 106 | 107 | Note: Using here a GPT partition mode as example, but MBR should also works 108 | if machine firmware is not broken. 109 | 110 | 1) Create one partition entry in GPT (of type "ef00") 111 | # gdisk 112 | 113 | 2) Create a FAT32 filesystem on such partition and setup a label. 114 | # mkfs.fat -F 32 -n 115 | 116 | 3) Mount target filesystem. 117 | # mount 118 | 119 | 4) Extract ISO image on target filesystem. 120 | # bsdtar -x --exclude=isolinux/ --exclude=EFI/archiso/ --exclude=arch/boot/syslinux/ -f -C 121 | 122 | 5) Unmount target filesystem. 123 | # umount 124 | 125 | 126 | * PC-EFI (ISOHYBRID-GPT) [x86_64 only] 127 | 128 | Note: This method is the most easily, quick and dirty, but is the most limited 129 | if you want to use your target medium for other purposes. 130 | If using this does not work, use PC-EFI (GPT) method instead. 131 | 132 | 1) Dump ISO file to target medium. 133 | # dd if= of= 134 | -------------------------------------------------------------------------------- /scripts/run_archiso.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # Copyright (C) 2020 David Runge 4 | # 5 | # SPDX-License-Identifier: GPL-3.0-or-later 6 | # 7 | # A simple script to run an archiso image using qemu. The image can be booted 8 | # using BIOS or UEFI. 9 | # 10 | # Requirements: 11 | # - qemu 12 | # - edk2-ovmf (when UEFI booting) 13 | 14 | 15 | set -eu 16 | 17 | print_help() { 18 | local usagetext 19 | IFS='' read -r -d '' usagetext < 0 )); then 130 | while getopts 'abc:dhi:suv' flag; do 131 | case "$flag" in 132 | a) 133 | accessibility='on' 134 | ;; 135 | b) 136 | boot_type='bios' 137 | ;; 138 | c) 139 | oddimage="$OPTARG" 140 | ;; 141 | d) 142 | mediatype='hd' 143 | ;; 144 | h) 145 | print_help 146 | exit 0 147 | ;; 148 | i) 149 | image="$OPTARG" 150 | ;; 151 | u) 152 | boot_type='uefi' 153 | ;; 154 | s) 155 | secure_boot='on' 156 | ;; 157 | v) 158 | display='none' 159 | qemu_options+=(-vnc 'vnc=0.0.0.0:0,vnc=[::]:0') 160 | ;; 161 | *) 162 | printf '%s\n' "Error: Wrong option. Try 'run_archiso -h'." 163 | exit 1 164 | ;; 165 | esac 166 | done 167 | else 168 | print_help 169 | exit 1 170 | fi 171 | 172 | check_image 173 | run_image 174 | -------------------------------------------------------------------------------- /CHANGELOG.rst: -------------------------------------------------------------------------------- 1 | ######### 2 | Changelog 3 | ######### 4 | 5 | [57] - 2021-07-30 6 | ================= 7 | 8 | Added 9 | ----- 10 | 11 | - Add a missing line in the systemd-networkd-wait-online.service in the baseline profile 12 | 13 | Changed 14 | ------- 15 | 16 | - Adapt systemd-networkd configuration to systemd ≥ 249 17 | - Improve documentation in ``mkarchiso`` and systemd-networkd related configuration files 18 | - Fix an issue that may prevent continuing an aborted build of the ``netboot`` or ``iso`` buildmode 19 | 20 | Removed 21 | ------- 22 | 23 | - Remove SPDX license identifier from files that are not eligible for copyright (e.g. configuration files) 24 | 25 | [56.1] - 2021-07-11 26 | =================== 27 | 28 | Added 29 | ----- 30 | 31 | Changed 32 | ------- 33 | 34 | - Simplify gitlab CI setup by using ci-scripts (shared amongst several projects) 35 | - Fix an issue with the unsetting of environment variables before using pacstrap/arch-chroot 36 | - Remove termite-terminfo from the releng profile's list of packages (it is not in the official repositories anymore) 37 | - Set LC_ALL instead of LANG 38 | 39 | [56] - 2021-07-01 40 | ================= 41 | 42 | Added 43 | ----- 44 | 45 | - Add pacman >= 6 compatible configuration 46 | - Add documentation for the `script` boot parameter 47 | 48 | Changed 49 | ------- 50 | 51 | - Clear environment variables before working in chroot 52 | - Update Arch Wiki URLs 53 | - Pass SOURCE_DATE_EPOCH to chroot 54 | - Enable parallel downloads in profile pacman configurations 55 | - Generalize the approach of interacting with ucode images 56 | - Execute the netboot build mode for the baseline profile in CI 57 | 58 | [55] - 2021-06-01 59 | ================= 60 | 61 | Added 62 | ----- 63 | 64 | - Add integration for pv when using the copytoram boot parameter so that progress on copying the image to RAM is shown 65 | - Add experimental support for EROFS by using it for the rootfs image in the baseline profile 66 | 67 | Changed 68 | ------- 69 | 70 | - Change information on IRC channel, as Arch Linux moved to Libera Chat 71 | - Fix a regression, that would prevent network interfaces to be configured under certain circumstances 72 | 73 | [54] - 2021-05-13 74 | ================= 75 | 76 | Added 77 | ----- 78 | 79 | - Add the concept of buildmodes to mkarchiso, which allows for building more than the default .iso artifact 80 | (sequentially) 81 | - Add support to mkarchiso and both baseline and releng profiles for building a bootstrap image (a compressed 82 | bootstrapped Arch Linux environment), by using the new buildmode `bootstrap` 83 | - Add support to mkarchiso and both baseline and releng profiles for building artifacts required for netboot with iPXE 84 | (optionally allowing codesigning on the artifacts), by using the new buildmode `netboot` 85 | - Add qemu-guest-agent and virtualbox-guest-utils-nox to the releng profile and enable their services by default to 86 | allow interaction between hypervisor and virtual machine if the installation medium is booted in a virtualized 87 | environment 88 | 89 | Changed 90 | ------- 91 | 92 | - Always use the .sig file extension when signing the rootfs image, as that is how mkinitcpio-archiso expects it 93 | - Fix for CI and run_archiso scripts to be compatible with QEMU >= 6.0 94 | - Increase robustness of CI by granting more time to reach the first prompt 95 | - Change CI to build all available buildmodes of the baseline and releng profiles (baseline's netboot is currently 96 | excluded due to a bug) 97 | - Install all implicitly installed packages explicitly for the releng profile 98 | - Install keyrings more generically when using pacman-init.service 99 | - Consolidate CI scripts so that they may be shared between the archiso, arch-boxes and releng project in the future and 100 | expose their configuration with the help of environment variables 101 | 102 | [53] - 2021-05-01 103 | ================= 104 | 105 | Added 106 | ----- 107 | 108 | - Add ISO name to grubenv 109 | - Add further metrics to CI, so that number of packages and further image sizes can be tracked 110 | - Add IMAGE_ID and IMAGE_VERSION to /etc/os-release 111 | 112 | Changed 113 | ------- 114 | 115 | - Revert to an invalid GPT for greater hardware compatibility 116 | - Fix CI scripts and initcpio script to comply with stricter shellcheck 117 | - Fix an issue where writing to /etc/machine-id might override a file outside of the build directory 118 | - Change gzip flags, so that compressed files are created reproducibly 119 | - Increase default serial baud rate to 115200 120 | - Remove deprecated documentation and format existing documentation 121 | 122 | [52] - 2021-04-01 123 | ================= 124 | 125 | Added 126 | ----- 127 | 128 | - Add usbmuxd support 129 | - Add EROFS support (as an experimental alternative to squashfs) 130 | - Add creation of zsync control file for delta downloads 131 | - Add sof-firmware for additional soundcard support 132 | - Add support for recursively setting file permissions on folders using profiledef.sh 133 | - Add support for mobile broadband devices with the help of modemmanager 134 | - Add information on PGP signatures of tags 135 | - Add archinstall support 136 | 137 | Changed 138 | ------- 139 | 140 | - Remove haveged 141 | - Fix various things in relation to gitlab CI 142 | - Change systemd-networkd files to more generically setup networkds for devices 143 | - Fix the behavior of the `script=` kernel commandline parameter to follow redirects 144 | - Change the amount of mirrors checked by reflector to 20 to speed up availability of the mirrorlist 145 | 146 | [51] - 2021-02-01 147 | ================= 148 | 149 | Added 150 | ----- 151 | 152 | - VNC support for `run_archiso` 153 | - SSH enabled by default in baseline and releng profiles 154 | - Add cloud-init support to baseline and releng profiles 155 | - Add simple port forwarding to `run_archiso` to allow testing of SSH 156 | - Add support for loading cloud-init user data images to `run_archiso` 157 | - Add version information to images generated with `mkarchiso` 158 | - Use pacman hooks for things previously done in `customize_airootfs.sh` (e.g. generating locale, uncommenting mirror 159 | list) 160 | - Add network setup for the baseline profile 161 | - Add scripts for CI to build the baseline and releng profiles automatically 162 | 163 | Changed 164 | ------- 165 | 166 | - Change upstream URL in vendored profiles to archlinux.org 167 | - Reduce the amount of sed calls in mkarchiso 168 | - Fix typos in `mkarchiso` 169 | - mkinitcpio-archiso: Remove resolv.conf before copy to circumvent its use 170 | - Remove `customize_airootfs.sh` from the vendored profiles 171 | - Support overriding more variables in `profiledef.sh` and refactor their use in `mkarchiso` 172 | - Cleanup unused code in `run_archiso` 173 | -------------------------------------------------------------------------------- /docs/README.bootparams: -------------------------------------------------------------------------------- 1 | INDEX 2 | ----- 3 | 4 | * Boot parameters (initramfs stage) 5 | * hooks/archiso 6 | * hooks/archiso_pxe_common 7 | * hooks/archiso_pxe_nbd 8 | * hooks/archiso_pxe_http 9 | * hooks/archiso_pxe_nfs 10 | * hooks/archiso_loop_mnt 11 | 12 | * Boot parameters (configs/releng) 13 | * scripts/choose-mirror 14 | 15 | 16 | *** Boot parameters (initramfs stage) 17 | 18 | ** hooks/archiso 19 | 20 | * archisolabel= Set the filesystem label where archiso files reside. 21 | Default: (unset) 22 | * archisodevice= Set the device node where archiso medium is located. 23 | Default: "/dev/disk/by-label/${archisolabel}" 24 | * archisobasedir= Set the base directory where all files reside. 25 | Default: "arch" 26 | * copytoram= If set to "y" or just "copytoram" without arguments, 27 | all SquashFS are copied to "RAM". If you add the package 28 | "pv" to the packages.x86_64 it is used to display the copy 29 | progress. 30 | Default: (unset) 31 | * checksum= If set to "y" or just "checksum" without arguments, 32 | performs a self-test of all files inside ${install_dir}, 33 | and continue booting if ok. 34 | Default: (unset) 35 | * cow_label= Set the filesystem label where COW file (for dm-snapshot) 36 | or upperdir/workdir files (for overlayfs) must be stored. 37 | Default: (unset) 38 | * cow_device= Like cow_label= but using device node. 39 | Default: (unset) or "/dev/disk/by-label/${cow_label}" 40 | * cow_flags= Set extra mount options, e.g. for btrfs subvolumes. 41 | Default: defaults 42 | * cow_directory= Set a directory inside ${cow_device}. 43 | Default: "/persistent_${archisolabel}/${arch}" 44 | * cow_persistent= Set if snapshot is persistent "P" or non-persistent "N". 45 | Only used for dm-snapshot mode, ignored for overlayfs. 46 | Default: "N" (if no ${cow_device} is used) otherwise "P". 47 | * cow_spacesize= Set the size for COW space (tmpfs). Valid for both 48 | dm-snapshot and overlayfs mode. 49 | The argument is an integer and optional unit. 50 | Units are M,G (powers of 1024). 51 | Default: "256M" 52 | * cow_chunksize= Set chunksize used for dm-snapshot. This is number 53 | of 512 byte blocks to write at once. 54 | Default: "8" 55 | * copytoram_size= Set the size of tmpfs. This space is used for 56 | airootfs.sfs image if copytoram=y. 57 | Size is in bytes (suffix with "k", "m" and "g") or 58 | in percentage of available RAM. 59 | Default: "75%" 60 | * dm_snap_prefix= Set a prefix for dm-snapshot node names. 61 | Only used for dm-snapshot mode, ignored for overlayfs. 62 | Default: "arch" 63 | * arch= Force an architecture type (i686 | x86_64). 64 | Do not set it for normal operations. 65 | Default: (architecture of running kernel) 66 | 67 | 68 | ** hooks/archiso_pxe_common 69 | 70 | * ip= This parameter is setup automatically by PXELINUX 71 | when option "SYSAPPEND" is set to 1 or 2 in config. 72 | ip=::: 73 | Default: (set via PXE server) 74 | * BOOTIF= This parameter is setup automatically by PXELINUX 75 | when option "SYSAPPEND" is set to 2 or 3 in config. 76 | BOOTIF= 77 | Default: (set via PXELINUX) 78 | * copy_resolvconf= Copy /etc/resolv.conf from initramfs to live-enviroment. 79 | Set to "n" to skip them. 80 | Default: "y" 81 | 82 | 83 | ** hooks/archiso_pxe_nbd 84 | 85 | * archiso_nbd_name= Set NBD export name used by the server. 86 | Default: archiso 87 | * archiso_nbd_srv= Set an IP address where NBD reside. 88 | If ${pxeserver} is used, PXE IP will be used. 89 | Default: (unset) 90 | 91 | 92 | ** hooks/archiso_pxe_http 93 | 94 | * archiso_http_srv= Set an HTTP URL (must end with /) where ${archisobasedir} 95 | is found with all *.sfs files. 96 | In the IP/domain part if ${pxeserver} is used, use PXE IP. 97 | Default: (unset) 98 | * archiso_http_spc= Set the size of tmpfs where *.sfs files are downloaded. 99 | Default: "75%" 100 | 101 | 102 | ** hooks/archiso_pxe_nfs 103 | 104 | * archiso_nfs_srv= Set the NFS-IP:/path of the server 105 | In the IP part if ${pxeserver} is used, PXE IP will be used. 106 | Default: (unset) 107 | * archiso_nfs_opt= Set NFS mount options separated by comma. 108 | Default: (unset, see below) 109 | These are the implicit options: 110 | port = as given by server portmap daemon 111 | rsize = 1024 112 | wsize = 1024 113 | timeo = 7 114 | retrans = 3 115 | acregmin = 3 116 | acregmax = 60 117 | acdirmin = 30 118 | acdirmax = 60 119 | flags = hard, nointr, noposix, cto, ac 120 | 121 | 122 | ** hooks/archiso_loop_mnt 123 | 124 | * img_label= Set the filesystem label where archiso-image.iso. 125 | Default: (unset) 126 | * img_dev= Device where archiso-image.iso reside. 127 | Default: (unset) or "/dev/disk/by-label/${img_label}" 128 | * img_flags= Set extra mount options, e.g. for btrfs subvolumes. 129 | Default: defaults 130 | * img_loop= Full path where archiso-image.iso is located on ${img_dev} 131 | Default: (unset) 132 | 133 | 134 | 135 | *** Boot parameters (configs/releng) 136 | 137 | ** scripts/choose-mirror 138 | 139 | * mirror= Takes a mirror URL and creates a new mirrorlist. 140 | When setting mirror=auto, the mirror is taken from 141 | archiso_http_srv= in order to keep using the mirror 142 | selected in the netboot menu. 143 | Default: (unset) 144 | 145 | * script= Takes a local file path or a URL to a script file which is 146 | executed from a temporary location after boot. If the 147 | parameter points at a remote file (supported protocols are 148 | http, https and ftp), it will be downloaded before execution. 149 | Default: (unset) 150 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/local/bin/livecd-sound: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | usage() { 6 | cat <<- _EOF_ 7 | live cd sound helper script. 8 | Usage: livecdsound [OPTION] 9 | OPTIONS 10 | -u, --unmute unmute all sound cards 11 | -p, --pick select a card for speetch output 12 | -h, --help Show this usage message 13 | 14 | _EOF_ 15 | } 16 | 17 | bugout () { 18 | printf "/usr/local/bin/livecdsound: programming error" 19 | stat_fail 20 | } 21 | 22 | echo_card_indices() 23 | { 24 | if [ -f /proc/asound/cards ] ; then 25 | sed -n -e's/^[[:space:]]*\([0-7]\)[[:space:]].*/\1/p' /proc/asound/cards 26 | fi 27 | } 28 | 29 | # The following functions try to set many controls. 30 | # No card has all the controls and so some of the attempts are bound to fail. 31 | # Because of this, the functions can't return useful status values. 32 | 33 | # $1 34 | # $2 35 | # $3 36 | unmute_and_set_level(){ 37 | { [ "$3" ] &&[ "$2" ] && [ "$1" ] ; } || bugout 38 | systemd-cat -t "livecdsound" printf "Setting: %s on card: %s to %s\n" "$2" "$1" "$3" 39 | systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3" unmute 40 | return 0 41 | } 42 | 43 | # $1 44 | # $2 45 | mute_and_zero_level() 46 | { 47 | { [ "$1" ] && [ "$2" ] ; } || bugout 48 | systemd-cat -t "livecdsound" printf "Muting control: %s on card: %s\n" "$2" "$1" 49 | systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "0%" mute 50 | return 0 51 | } 52 | 53 | # $1 54 | # $2 55 | # $3 "on" | "off" 56 | switch_control() 57 | { 58 | { [ "$3" ] && [ "$1" ] ; } || bugout 59 | systemd-cat -t "livecdsound" printf "Switching control: %s on card: %s to %s\n" "$2" "$1" "$3" 60 | systemd-cat -t "livecdsound" amixer -c "$1" set "$2" "$3" 61 | return 0 62 | } 63 | 64 | # $1 65 | sanify_levels_on_card() 66 | { 67 | unmute_and_set_level "$1" "Front" "80%" 68 | unmute_and_set_level "$1" "Master" "80%" 69 | unmute_and_set_level "$1" "Master Mono" "80%" 70 | unmute_and_set_level "$1" "Master Digital" "80%" # E.g., cs4237B 71 | unmute_and_set_level "$1" "Playback" "80%" 72 | unmute_and_set_level "$1" "Headphone" "100%" 73 | unmute_and_set_level "$1" "PCM" "80%" 74 | unmute_and_set_level "$1" "PCM,1" "80%" # E.g., ess1969 75 | unmute_and_set_level "$1" "DAC" "80%" # E.g., envy24, cs46xx 76 | unmute_and_set_level "$1" "DAC,0" "80%" # E.g., envy24 77 | unmute_and_set_level "$1" "DAC,1" "80%" # E.g., envy24 78 | unmute_and_set_level "$1" "Synth" "80%" 79 | unmute_and_set_level "$1" "CD" "80%" 80 | unmute_and_set_level "$1" "PC Speaker" "100%" 81 | 82 | mute_and_zero_level "$1" "Mic" 83 | mute_and_zero_level "$1" "IEC958" # Ubuntu #19648 84 | 85 | # Intel P4P800-MX 86 | switch_control "$1" "Master Playback Switch" on 87 | switch_control "$1" "Master Surround" on 88 | 89 | # Trident/YMFPCI/emu10k1: 90 | unmute_and_set_level "$1" "Wave" "80%" 91 | unmute_and_set_level "$1" "Music" "80%" 92 | unmute_and_set_level "$1" "AC97" "80%" 93 | 94 | # DRC: 95 | unmute_and_set_level "$1" "Dynamic Range Compression" "80%" 96 | 97 | # Required for HDA Intel (hda-intel): 98 | unmute_and_set_level "$1" "Front" "80%" 99 | 100 | # Required for SB Live 7.1/24-bit (ca0106): 101 | unmute_and_set_level "$1" "Analog Front" "80%" 102 | 103 | # Required at least for Via 823x hardware on DFI K8M800-MLVF Motherboard 104 | switch_control "$1" "IEC958 Capture Monitor" off 105 | 106 | # Required for hardware allowing toggles for AC97 through IEC958, 107 | # valid values are 0, 1, 2, 3. Needs to be set to 0 for PCM1. 108 | unmute_and_set_level "$1" "IEC958 Playback AC97-SPSA" "0" 109 | 110 | # Required for newer Via hardware 111 | unmute_and_set_level "$1" "VIA DXS,0" "80%" 112 | unmute_and_set_level "$1" "VIA DXS,1" "80%" 113 | unmute_and_set_level "$1" "VIA DXS,2" "80%" 114 | unmute_and_set_level "$1" "VIA DXS,3" "80%" 115 | 116 | # Required on some notebooks with ICH4: 117 | switch_control "$1" "Headphone Jack Sense" off 118 | switch_control "$1" "Line Jack Sense" off 119 | 120 | # Some machines need one or more of these to be on; 121 | # others need one or more of these to be off: 122 | 123 | switch_control "$1" "Audigy Analog/Digital Output Jack" on 124 | switch_control "$1" "SB Live Analog/Digital Output Jack" on 125 | 126 | # D1984 -- Thinkpad T61/X61 127 | switch_control "$1" "Speaker" on 128 | switch_control "$1" "Headphone" on 129 | 130 | # HDA-Intel w/ "Digital" capture mixer (See Ubuntu #193823) 131 | unmute_and_set_level "$1" "Digital" "80%" 132 | 133 | return 0 134 | } 135 | 136 | # $1 | "all" 137 | sanify_levels() 138 | { 139 | local ttsdml_returnstatus=0 140 | local card 141 | case "$1" in 142 | all) 143 | for card in $(echo_card_indices) ; do 144 | sanify_levels_on_card "$card" || ttsdml_returnstatus=1 145 | done 146 | ;; 147 | *) 148 | sanify_levels_on_card "$1" || ttsdml_returnstatus=1 149 | ;; 150 | esac 151 | return $ttsdml_returnstatus 152 | } 153 | 154 | # List all cards that *should* be usable for PCM audio. In my experience, 155 | # the console speaker (handled by the pcsp driver) isn't a suitable playback 156 | # device, so we'll exclude it. 157 | list_non_pcsp_cards() 158 | { 159 | for card in $(echo_card_indices); do 160 | local cardfile="/proc/asound/card${card}/id" 161 | if [ -r "$cardfile" ] && [ -f "$cardfile" ] && \ 162 | [ "$(cat "$cardfile")" != pcsp ]; then 163 | echo "$card" 164 | fi 165 | done 166 | } 167 | 168 | # Properly initialize the sound card so that we have audio at boot. 169 | unmute_all_cards() 170 | { 171 | sanify_levels all 172 | } 173 | 174 | is_numeric() { 175 | local str=$1 176 | [[ "$str" =~ ^[0-9]+$ ]] 177 | } 178 | 179 | set_default_card() { 180 | local card=$1 181 | sed -e "s/%card%/$card/g" < /usr/local/share/livecd-sound/asound.conf.in \ 182 | > /etc/asound.conf 183 | } 184 | 185 | play_on_card() { 186 | local card=$1 file=$2 187 | aplay -q "-Dplughw:$card,0" "$file" 188 | } 189 | 190 | # If there are multiple usable sound cards, prompt the user to choose one, 191 | # using auditory feedback. 192 | pick_a_card() 193 | { 194 | set -f 195 | usable_cards="$(list_non_pcsp_cards)" 196 | num_usable_cards="$(wc -w <<< "$usable_cards")" 197 | 198 | if [ "$num_usable_cards" -eq 1 ]; then 199 | systemd-cat -t "livecdsound" printf "Only one sound card is detected\n" 200 | exit 0 201 | fi 202 | systemd-cat -t "livecdsound" printf "multiple sound cards detected\n" 203 | for card in $usable_cards; do 204 | if ! is_numeric "$card"; then 205 | continue 206 | fi 207 | play_on_card "$card" /usr/share/livecd-sounds/pick-a-card.wav& 208 | done 209 | wait 210 | sleep 1 211 | for card in $usable_cards; do 212 | if ! is_numeric "$card"; then 213 | continue 214 | fi 215 | play_on_card "$card" /usr/share/livecd-sounds/beep.wav 216 | if read -r -t 10; then 217 | systemd-cat -t "livecdsound" printf "Selecting %s sound card as default\n" "$card" 218 | set_default_card "$card" 219 | break 220 | fi 221 | done 222 | } 223 | 224 | if [[ $# -eq 0 ]]; then 225 | echo "error: No argument passed." 226 | exit 1 227 | fi 228 | while [[ "${1}" != "" ]]; do 229 | case ${1} in 230 | -h|--help) 231 | usage 232 | exit 233 | ;; 234 | -u|--unmute) 235 | systemd-cat -t "livecdsound" printf "Unmuting all cards" 236 | unmute_all_cards 237 | ;; 238 | -p|--pick) 239 | pick_a_card 240 | ;; 241 | *) 242 | echo "error: Unsupported argument" 243 | usage 244 | exit 1 245 | ;; 246 | esac 247 | shift 248 | done 249 | -------------------------------------------------------------------------------- /.gitlab/ci/build_archiso.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # This script is run within a virtual environment to build the available archiso profiles and their available build 4 | # modes and create checksum files for the resulting images. 5 | # The script needs to be run as root and assumes $PWD to be the root of the repository. 6 | # 7 | # Dependencies: 8 | # * all archiso dependencies 9 | # * coreutils 10 | # * gnupg 11 | # * openssl 12 | # * zsync 13 | # 14 | # $1: profile 15 | # $2: buildmode 16 | 17 | set -euo pipefail 18 | shopt -s extglob 19 | 20 | readonly orig_pwd="${PWD}" 21 | readonly output="${orig_pwd}/output" 22 | readonly tmpdir_base="${orig_pwd}/tmp" 23 | readonly profile="${1}" 24 | readonly buildmode="${2}" 25 | readonly install_dir="arch" 26 | 27 | tmpdir="" 28 | tmpdir="$(mktemp --dry-run --directory --tmpdir="${tmpdir_base}")" 29 | gnupg_homedir="" 30 | codesigning_dir="" 31 | codesigning_cert="" 32 | codesigning_key="" 33 | pgp_key_id="" 34 | 35 | print_section_start() { 36 | # gitlab collapsible sections start: https://docs.gitlab.com/ee/ci/jobs/#custom-collapsible-sections 37 | local _section _title 38 | _section="${1}" 39 | _title="${2}" 40 | 41 | printf "\e[0Ksection_start:%(%s)T:%s\r\e[0K%s\n" '-1' "${_section}" "${_title}" 42 | } 43 | 44 | print_section_end() { 45 | # gitlab collapsible sections end: https://docs.gitlab.com/ee/ci/jobs/#custom-collapsible-sections 46 | local _section 47 | _section="${1}" 48 | 49 | printf "\e[0Ksection_end:%(%s)T:%s\r\e[0K\n" '-1' "${_section}" 50 | } 51 | 52 | cleanup() { 53 | # clean up temporary directories 54 | print_section_start "cleanup" "Cleaning up temporary directory" 55 | 56 | if [ -n "${tmpdir_base:-}" ]; then 57 | rm -fr "${tmpdir_base}" 58 | fi 59 | 60 | print_section_end "cleanup" 61 | } 62 | 63 | create_checksums() { 64 | # create checksums for files 65 | # $@: files 66 | local _file_path _file_name _current_pwd 67 | _current_pwd="${PWD}" 68 | 69 | print_section_start "checksums" "Creating checksums" 70 | 71 | for _file_path in "$@"; do 72 | cd "$(dirname "${_file_path}")" 73 | _file_name="$(basename "${_file_path}")" 74 | b2sum "${_file_name}" > "${_file_name}.b2" 75 | md5sum "${_file_name}" > "${_file_name}.md5" 76 | sha1sum "${_file_name}" > "${_file_name}.sha1" 77 | sha256sum "${_file_name}" > "${_file_name}.sha256" 78 | sha512sum "${_file_name}" > "${_file_name}.sha512" 79 | ls -lah "${_file_name}."{b2,md5,sha{1,256,512}} 80 | cat "${_file_name}."{b2,md5,sha{1,256,512}} 81 | done 82 | cd "${_current_pwd}" 83 | 84 | print_section_end "checksums" 85 | } 86 | 87 | create_zsync_delta() { 88 | # create zsync control files for files 89 | # $@: files 90 | local _file 91 | 92 | print_section_start "zsync_delta" "Creating zsync delta" 93 | 94 | for _file in "$@"; do 95 | if [[ "${buildmode}" == "bootstrap" ]]; then 96 | # zsyncmake fails on 'too long between blocks' with default block size on bootstrap image 97 | zsyncmake -v -b 512 -C -u "${_file##*/}" -o "${_file}".zsync "${_file}" 98 | else 99 | zsyncmake -v -C -u "${_file##*/}" -o "${_file}".zsync "${_file}" 100 | fi 101 | done 102 | 103 | print_section_end "zsync_delta" 104 | } 105 | 106 | create_metrics() { 107 | local _metrics="${output}/metrics.txt" 108 | # create metrics 109 | print_section_start "metrics" "Creating metrics" 110 | 111 | { 112 | # create metrics based on buildmode 113 | case "${buildmode}" in 114 | iso) 115 | printf 'image_size_mebibytes{image="%s"} %s\n' \ 116 | "${profile}" \ 117 | "$(du -m -- "${output}/"*.iso | cut -f1)" 118 | printf 'package_count{image="%s"} %s\n' \ 119 | "${profile}" \ 120 | "$(sort -u -- "${tmpdir}/iso/"*/pkglist.*.txt | wc -l)" 121 | if [[ -e "${tmpdir}/efiboot.img" ]]; then 122 | printf 'eltorito_efi_image_size_mebibytes{image="%s"} %s\n' \ 123 | "${profile}" \ 124 | "$(du -m -- "${tmpdir}/efiboot.img" | cut -f1)" 125 | fi 126 | # shellcheck disable=SC2046 127 | # shellcheck disable=SC2183 128 | printf 'initramfs_size_mebibytes{image="%s",initramfs="%s"} %s\n' \ 129 | $(du -m -- "${tmpdir}/iso/"*/boot/**/initramfs*.img | \ 130 | awk -v profile="${profile}" \ 131 | 'function basename(file) { 132 | sub(".*/", "", file) 133 | return file 134 | } 135 | { print profile, basename($2), $1 }' 136 | ) 137 | ;; 138 | netboot) 139 | printf 'netboot_size_mebibytes{image="%s"} %s\n' \ 140 | "${profile}" \ 141 | "$(du -m -- "${output}/${install_dir}/" | tail -n1 | cut -f1)" 142 | printf 'netboot_package_count{image="%s"} %s\n' \ 143 | "${profile}" \ 144 | "$(sort -u -- "${tmpdir}/iso/"*/pkglist.*.txt | wc -l)" 145 | ;; 146 | bootstrap) 147 | printf 'bootstrap_size_mebibytes{image="%s"} %s\n' \ 148 | "${profile}" \ 149 | "$(du -m -- "${output}/"*.tar*(.gz|.xz|.zst) | cut -f1)" 150 | printf 'bootstrap_package_count{image="%s"} %s\n' \ 151 | "${profile}" \ 152 | "$(sort -u -- "${tmpdir}/"*/bootstrap/root.*/pkglist.*.txt | wc -l)" 153 | ;; 154 | esac 155 | } > "${_metrics}" 156 | ls -lah "${_metrics}" 157 | cat "${_metrics}" 158 | 159 | print_section_end "metrics" 160 | } 161 | 162 | create_ephemeral_pgp_key() { 163 | # create an ephemeral PGP key for signing the rootfs image 164 | print_section_start "ephemeral_pgp_key" "Creating ephemeral PGP key" 165 | 166 | gnupg_homedir="$tmpdir/.gnupg" 167 | mkdir -p "${gnupg_homedir}" 168 | chmod 700 "${gnupg_homedir}" 169 | 170 | cat << __EOF__ > "${gnupg_homedir}"/gpg.conf 171 | quiet 172 | batch 173 | no-tty 174 | no-permission-warning 175 | export-options no-export-attributes,export-clean 176 | list-options no-show-keyring 177 | armor 178 | no-emit-version 179 | __EOF__ 180 | 181 | gpg --homedir "${gnupg_homedir}" --gen-key <> "${codesigning_conf}" 217 | openssl req \ 218 | -newkey rsa:4096 \ 219 | -keyout "${codesigning_key}" \ 220 | -nodes \ 221 | -sha256 \ 222 | -x509 \ 223 | -days 365 \ 224 | -out "${codesigning_cert}" \ 225 | -config "${codesigning_conf}" \ 226 | -subj "${codesigning_subj}" \ 227 | -extensions codesigning 228 | 229 | print_section_end "ephemeral_codesigning_key" 230 | } 231 | 232 | run_mkarchiso() { 233 | # run mkarchiso 234 | create_ephemeral_pgp_key 235 | create_ephemeral_codesigning_key 236 | 237 | print_section_start "mkarchiso" "Running mkarchiso" 238 | mkdir -p "${output}/" "${tmpdir}/" 239 | GNUPGHOME="${gnupg_homedir}" ./archiso/mkarchiso \ 240 | -D "${install_dir}" \ 241 | -c "${codesigning_cert} ${codesigning_key}" \ 242 | -g "${pgp_key_id}" \ 243 | -o "${output}/" \ 244 | -w "${tmpdir}/" \ 245 | -m "${buildmode}" \ 246 | -v "configs/${profile}" 247 | 248 | print_section_end "mkarchiso" 249 | 250 | if [[ "${buildmode}" =~ "iso" ]]; then 251 | create_zsync_delta "${output}/"*.iso 252 | create_checksums "${output}/"*.iso 253 | fi 254 | if [[ "${buildmode}" == "bootstrap" ]]; then 255 | create_zsync_delta "${output}/"*.tar*(.gz|.xz|.zst) 256 | create_checksums "${output}/"*.tar*(.gz|.xz|.zst) 257 | fi 258 | create_metrics 259 | 260 | print_section_start "ownership" "Setting ownership on output" 261 | 262 | if [[ -n "${SUDO_UID:-}" ]] && [[ -n "${SUDO_GID:-}" ]]; then 263 | chown -Rv "${SUDO_UID}:${SUDO_GID}" -- "${output}" 264 | fi 265 | print_section_end "ownership" 266 | } 267 | 268 | trap cleanup EXIT 269 | 270 | run_mkarchiso 271 | -------------------------------------------------------------------------------- /docs/README.profile.rst: -------------------------------------------------------------------------------- 1 | ======= 2 | profile 3 | ======= 4 | 5 | An archiso profile consists of several configuration files and a directory for files to be added to the resulting image. 6 | 7 | .. code:: plaintext 8 | 9 | profile/ 10 | ├── airootfs/ 11 | ├── efiboot/ 12 | ├── syslinux/ 13 | ├── bootstrap_packages.arch 14 | ├── packages.arch 15 | ├── pacman.conf 16 | └── profiledef.sh 17 | 18 | The required files and directories are explained in the following sections. 19 | 20 | profiledef.sh 21 | ============= 22 | 23 | This file describes several attributes of the resulting image and is a place for customization to the general behavior 24 | of the image. 25 | 26 | The image file is constructed from some of the variables in ``profiledef.sh``: ``--.iso`` 27 | (e.g. ``archlinux-202010-x86_64.iso``). 28 | 29 | * ``iso_name``: The first part of the name of the resulting image (defaults to ``mkarchiso``) 30 | * ``iso_label``: The ISO's volume label (defaults to ``MKARCHISO``) 31 | * ``iso_publisher``: A free-form string that states the publisher of the resulting image (defaults to ``mkarchiso``) 32 | * ``iso_application``: A free-form string that states the application (i.e. its use-case) of the resulting image (defaults 33 | to ``mkarchiso iso``) 34 | * ``iso_version``: A string that states the version of the resulting image (defaults to ``""``) 35 | * ``install_dir``: A string (maximum eight characters long, which **must** consist of ``[a-z0-9]``) that states the 36 | directory on the resulting image into which all files will be installed (defaults to ``mkarchiso``) 37 | * ``buildmodes``: An optional list of strings, that state the build modes that the profile uses. Only the following are 38 | understood: 39 | 40 | - ``bootstrap``: Build a compressed file containing a minimal system to bootstrap from 41 | - ``iso``: Build a bootable ISO image (implicit default, if no ``buildmodes`` are set) 42 | - ``netboot``: Build artifacts required for netboot using iPXE 43 | * ``bootmodes``: A list of strings, that state the supported boot modes of the resulting image. Only the following are 44 | understood: 45 | 46 | - ``bios.syslinux.mbr``: Syslinux for x86 BIOS booting from a disk 47 | - ``bios.syslinux.eltorito``: Syslinux for x86 BIOS booting from an optical disc 48 | - ``uefi-x64.systemd-boot.esp``: systemd-boot for x86_64 UEFI booting from a disk 49 | - ``uefi-x64.systemd-boot.eltorito``: systemd-boot for x86_64 UEFI booting from an optical disc 50 | Note that BIOS El Torito boot mode must always be listed before UEFI El Torito boot mode. 51 | * ``arch``: The architecture (e.g. ``x86_64``) to build the image for. This is also used to resolve the name of the packages 52 | file (e.g. ``packages.x86_64``) 53 | * ``pacman_conf``: The ``pacman.conf`` to use to install packages to the work directory when creating the image (defaults to 54 | the host's ``/etc/pacman.conf``) 55 | * ``airootfs_image_type``: The image type to create. The following options are understood (defaults to ``squashfs``): 56 | 57 | - ``squashfs``: Create a squashfs image directly from the airootfs work directory 58 | - ``ext4+squashfs``: Create an ext4 partition, copy the airootfs work directory to it and create a squashfs image from it 59 | - ``erofs``: Create an EROFS image for the airootfs work directory 60 | * ``airootfs_image_tool_options``: An array of options to pass to the tool to create the airootfs image. ``mksquashfs`` and 61 | ``mkfs.erofs`` are supported. See ``mksquashfs --help`` or ``mkfs.erofs --help`` for all possible options 62 | * ``file_permissions``: An associative array that lists files and/or directories who need specific ownership or 63 | permissions. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and 64 | access mode. E.g. ``file_permissions=(["/etc/shadow"]="0:0:400")``. When directories are listed with a trailing backslash (``/``) **all** files and directories contained within the listed directory will have the same owner UID, owner GID, and access mode applied recursively. 65 | 66 | bootstrap_packages.arch 67 | ======================= 68 | 69 | All packages to be installed into the environment of a bootstrap image have to be listed in an architecture specific 70 | file (e.g. ``bootstrap_packages.x86_64``), which resides top-level in the profile. 71 | 72 | Packages have to be listed one per line. Lines starting with a ``#`` and blank lines are ignored. 73 | 74 | This file is required when generating bootstrap images using the ``bootstrap`` build mode. 75 | 76 | packages.arch 77 | ============= 78 | 79 | All packages to be installed into the environment of an ISO image have to be listed in an architecture specific file 80 | (e.g. ``packages.x86_64``), which resides top-level in the profile. 81 | 82 | Packages have to be listed one per line. Lines starting with a ``#`` and blank lines are ignored. 83 | 84 | .. note:: 85 | 86 | The **mkinitcpio** and **mkinitcpio-archiso** packages are mandatory (see `#30 87 | `_). 88 | 89 | This file is required when generating ISO images using the ``iso`` or ``netboot`` build modes. 90 | 91 | pacman.conf 92 | =========== 93 | 94 | A configuration for pacman is required per profile. 95 | 96 | Some configuration options will not be used or will be modified: 97 | 98 | * ``CacheDir``: the profile's option is **only** used if it is not the default (i.e. ``/var/cache/pacman/pkg``) and if it is 99 | not the same as the system's option. In all other cases the system's pacman cache is used. 100 | * ``HookDir``: it is **always** set to the ``/etc/pacman.d/hooks`` directory in the work directory's airootfs to allow 101 | modification via the profile and ensure interoparability with hosts using dracut (see `#73 102 | `_) 103 | * ``RootDir``: it is **always** removed, as setting it explicitely otherwise refers to the host's root filesystem (see 104 | ``man 8 pacman`` for further information on the ``-r`` option used by ``pacstrap``) 105 | * ``LogFile``: it is **always** removed, as setting it explicitely otherwise refers to the host's pacman log file (see 106 | ``man 8 pacman`` for further information on the ``-r`` option used by ``pacstrap``) 107 | * ``DBPath``: it is **always** removed, as setting it explicitely otherwise refers to the host's pacman database (see 108 | ``man 8 pacman`` for further information on the ``-r`` option used by ``pacstrap``) 109 | 110 | airootfs 111 | ======== 112 | 113 | This optional directory may contain files and directories that will be copied to the work directory of the resulting 114 | image's root filesystem. 115 | The files are copied before packages are being installed to work directory location. 116 | Ownership and permissions of files and directories from the profile's ``airootfs`` directory are not preserved. The mode 117 | will be ``644`` for files and ``755`` for directories, all of them will be owned by root. To set custom ownership and/or 118 | permissions, use ``file_permissions`` in ``profiledef.sh``. 119 | 120 | With this overlay structure it is possible to e.g. create users and set passwords for them, by providing 121 | ``airootfs/etc/passwd``, ``airootfs/etc/shadow``, ``airootfs/etc/gshadow`` (see ``man 5 passwd``, ``man 5 shadow`` and ``man 5 gshadow`` respectively). 122 | If user home directories exist in the profile's ``airootfs``, their ownership and (and top-level) permissions will be 123 | altered according to the provided information in the password file. 124 | 125 | Boot loader configuration 126 | ========================= 127 | 128 | A profile may contain configuration for several boot loaders. These reside in specific top-level directories, which are 129 | explained in the following subsections. 130 | 131 | The following *custom template identifiers* are understood and will be replaced according to the assignments of the 132 | respective variables in ``profiledef.sh``: 133 | 134 | * ``%ARCHISO_LABEL%``: Set this using the ``iso_label`` variable in ``profiledef.sh``. 135 | * ``%INSTALL_DIR%``: Set this using the ``iso_label`` variable in ``profiledef.sh``. 136 | * ``%ARCH%``: Set this using the ``arch`` variable in ``profiledef.sh``. 137 | 138 | 139 | efiboot 140 | ------- 141 | 142 | This directory is mandatory when the ``uefi-x64.systemd-boot.esp`` or ``uefi-x64.systemd-boot.eltorito`` bootmodes are 143 | selected in ``profiledef.sh``. It contains configuration for `systemd-boot 144 | `_. 145 | 146 | .. note:: 147 | 148 | The directory is a top-level representation of the systemd-boot configuration directories and files found in the 149 | root of an EFI system partition. 150 | 151 | The *custom template identifiers* are **only** understood in the boot loader entry `.conf` files (i.e. **not** in 152 | ``loader.conf``). 153 | 154 | syslinux 155 | -------- 156 | 157 | This directory is mandatory when the ``bios.syslinux.mbr`` or the ``bios.syslinux.eltorito`` bootmodes are selected in 158 | ``profiledef.sh``. 159 | It contains configuration files for `syslinux `_ or `isolinux 160 | `_ , or `pxelinux 161 | `_ used in the resuling image. 162 | 163 | The *custom template identifiers* are understood in all `.cfg` files in this directory. 164 | -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | About this fork 2 | =============== 3 | This is a fork of archiso with support for creating aarch64 (ARM64) Arch Linux ARM (referred to as ALARM) generic UEFI ISOs. 4 | 5 | Why? 6 | ---- 7 | I wanted to be able to easily install ALARM in a Parallels VM on my M1 Mac. This repo will allow anyone to fairly easily 8 | create ALARM ISOs to be able to run in VMs on their aarch64 computers. It will almost certainly be helpful to people wanting 9 | to install ALARM on their aarch64 computers that have UEFI firmwares that allow for booting from multiple storage devices 10 | (e.g., devices that can boot from USB flash drives). 11 | 12 | Changes here vs archiso 13 | ----------------------- 14 | - Modified `archiso/mkarchiso `_ script with aarch64 support, removed hardcoded `ucodes` that are unavailable on aarch64 15 | - Modified `configs/releng/pacman.conf `_ to remove packages that are unavailable on aarch64, and add ``linux-aarch64`` kernel 16 | - Removed config files + systemd services for packages have been removed 17 | - Updated various files with aarch64 branding (e.g., replace "x64" strings with "aarch64") 18 | - Replace x64 Arch Linux specific config files with ALARM versions (e.g., use ALARM pacman config + mirrorlist) 19 | - Add new `journald.conf.d `_ config "`audit.conf `_" to disable outputting audit messages to the Linux TTY 20 | - TTY would otherwise get filled with audit messages, which would make it very hard to install ALARM 21 | - Move archiso ``initcpio`` files directly into the `releng airootfs `_ 22 | - Modified `archiso_kms `_ hooks to not show warnings 23 | when running archiso in the mkintcpio section, as there are modules which are unavailable in ``linux-aarch64`` 24 | - Note: this fork is currently based off of the ``v57`` release, which is the last version that has these files included in 25 | in the archiso project. They have since been moved `here `_, 26 | as x64 Arch Linux now has those files added to the ISO through the ``mkinitcpio-archiso`` package. This package *IS* available 27 | from the ALARM packages (as the package is flagged as "any" architecture), however those files can't be modified with the changes 28 | noted above. Maybe at some point the changes can get merged upstream or an ALARM-specifc fork can be created, 29 | but for now, having them inside the ``airootfs`` is fine 30 | 31 | Check the commits to this repo to see all the changes. 32 | 33 | How to use? 34 | ----------- 35 | **Note: I will occasionally push new ISOs to the releases section of this repository, so if you don't want 36 | to build the ISO yourself, check there first** 37 | 38 | *I assume these commands are being run from an existing Arch Linux install, whether that be x64 or ARM)* 39 | 40 | 1. Install the packages mentioned in `Requirements`_. Note that you don't need the virtualized test environment packages. 41 | 2. ``git clone`` this repository and ``cd`` into it 42 | 3. run ``sudo ./archiso/mkarchiso -v configs/releng``. This will download all the packages and build the ISO 43 | 4. You can find the generated ISO in in `work `_ once it has been built 44 | 5. If you want to run it again (e.g., you want to build a more up-to-date ISO, or you want to add packages to be installed 45 | to the ISO), first run ``sudo rm -rf work`` and ``sudo rm -rf out`` to delete the working tree and ISO. 46 | Then re-run from step #3. 47 | 48 | **The original README for archiso continues below:** 49 | ==================================================== 50 | 51 | archiso 52 | ======= 53 | 54 | The archiso project features scripts and configuration templates to build installation media (*.iso* images and 55 | *.tar.gz* bootstrap images) as well as netboot artifacts for BIOS and UEFI based systems on the x86_64 architecture. 56 | Currently creating the images is only supported on Arch Linux but may work on other operating systems as well. 57 | 58 | Requirements 59 | ============ 60 | 61 | The following packages need to be installed to be able to create an image with the included scripts: 62 | 63 | * arch-install-scripts 64 | * awk 65 | * dosfstools 66 | * e2fsprogs 67 | * erofs-utils (optional) 68 | * findutils 69 | * gzip 70 | * libarchive 71 | * libisoburn 72 | * mtools 73 | * openssl 74 | * pacman 75 | * sed 76 | * squashfs-tools 77 | 78 | For running the images in a virtualized test environment the following packages are required: 79 | 80 | * edk2-ovmf 81 | * qemu 82 | 83 | For linting the shell scripts the following package is required: 84 | 85 | * shellcheck 86 | 87 | Profiles 88 | ======== 89 | 90 | Archiso comes with two profiles: **baseline** and **releng**. While both can serve as starting points for creating 91 | custom live media, **releng** is used to create the monthly installation medium. 92 | They can be found below `configs/baseline/ `_ and `configs/releng/ `_ 93 | (respectively). Both profiles are defined by files to be placed into overlays (e.g. airootfs ‎→‎ the image's ``/``). 94 | 95 | Read `README.profile.rst `_ to learn more about how to create profiles. 96 | 97 | Create images 98 | ============= 99 | 100 | Usually the archiso tools are installed as a package. However, it is also possible to clone this repository and create 101 | images without installing archiso system-wide. 102 | 103 | As filesystems are created and various mount actions have to be done when creating an image, **root** is required to run 104 | the scripts. 105 | 106 | When archiso is installed system-wide and the modification of a profile is desired, it is necessary to copy it to a 107 | writeable location, as ``/usr/share/archiso`` is tracked by the package manager and only writeable by root (changes will 108 | be lost on update). 109 | 110 | The examples below will assume an unmodified profile in a system location (unless noted otherwise). 111 | 112 | It is advised to consult the help output of **mkarchiso**: 113 | 114 | .. code:: sh 115 | 116 | mkarchiso -h 117 | 118 | Create images with packaged archiso 119 | ----------------------------------- 120 | 121 | .. code:: sh 122 | 123 | mkarchiso -w path/to/work_dir -o path/to/out_dir path/to/profile 124 | 125 | Create images with local clone 126 | ------------------------------ 127 | 128 | Clone this repository and run: 129 | 130 | .. code:: sh 131 | 132 | ./archiso/mkarchiso -w path/to/work_dir -o path/to/out_dir path/to/profile 133 | 134 | Testing 135 | ======= 136 | 137 | The convenience script **run_archiso** is provided to boot into the medium using qemu. 138 | It is advised to consult its help output: 139 | 140 | .. code:: sh 141 | 142 | run_archiso -h 143 | 144 | Run the following to boot the iso using BIOS: 145 | 146 | .. code:: sh 147 | 148 | run_archiso -i path/to/an/arch.iso 149 | 150 | Run the following to boot the iso using UEFI: 151 | 152 | .. code:: sh 153 | 154 | run_archiso -u -i path/to/an/arch.iso 155 | 156 | The script can of course also be executed from this repository: 157 | 158 | 159 | .. code:: sh 160 | 161 | ./scripts/run_archiso.sh -i path/to/an/arch.iso 162 | 163 | Installation 164 | ============ 165 | 166 | To install archiso system-wide use the included ``Makefile``: 167 | 168 | .. code:: sh 169 | 170 | make install 171 | 172 | Optionally install archiso's mkinitcpio hooks: 173 | 174 | .. code:: sh 175 | 176 | make install-initcpio 177 | 178 | Optional features 179 | 180 | The iso image contains a GRUB environment block holding the iso name and version. This allows to 181 | boot the iso image from GRUB with a version specific cow directory to mitigate overlay clashes. 182 | 183 | .. code:: sh 184 | loopback loop archlinux.iso 185 | load_env -f (loop)/arch/grubenv 186 | linux (loop)/arch/boot/x86_64/vmlinuz-linux ... \ 187 | cow_directory=${NAME}/${VERSION} ... 188 | initrd (loop)/arch/boot/x86_64/initramfs-linux-lts.img 189 | 190 | Contribute 191 | ========== 192 | 193 | Development of archiso takes place on Arch Linux' Gitlab: https://gitlab.archlinux.org/archlinux/archiso. 194 | 195 | Please read our distribution-wide `Code of Conduct `_ before 196 | contributing, to understand what actions will and will not be tolerated. 197 | 198 | Read our `contributing guide `_ to learn more about how to provide fixes or improvements for the code 199 | base. 200 | 201 | Discussion around archiso takes place on the `arch-releng mailing list 202 | `_ and in `#archlinux-releng 203 | `_ on `Libera Chat `_. 204 | 205 | All past and present authors of archiso are listed in `AUTHORS `_. 206 | 207 | Releases 208 | ======== 209 | 210 | `Releases of archiso `_ are created by its current maintainer 211 | `David Runge `_. Tags are signed using the PGP key with the ID 212 | ``C7E7849466FE2358343588377258734B41C31549``. 213 | 214 | To verify a tag, first import the relevant PGP key: 215 | 216 | .. code:: sh 217 | 218 | gpg --auto-key-locate wkd --search-keys dvzrv@archlinux.org 219 | 220 | 221 | Afterwards a tag can be verified from a clone of this repository: 222 | 223 | .. code:: sh 224 | 225 | git verify-tag 226 | 227 | License 228 | ======= 229 | 230 | Archiso is licensed under the terms of the **GPL-3.0-or-later** (see `LICENSE `_). 231 | -------------------------------------------------------------------------------- /configs/releng/airootfs/usr/lib/initcpio/hooks/archiso: -------------------------------------------------------------------------------- 1 | #!/bin/ash 2 | # 3 | # SPDX-License-Identifier: GPL-3.0-or-later 4 | 5 | # args: source, newroot, mountpoint 6 | _mnt_dmsnapshot() { 7 | local img="${1}" 8 | local newroot="${2}" 9 | local mnt="${3}" 10 | local img_fullname="${img##*/}"; 11 | local img_name="${img_fullname%%.*}" 12 | local dm_snap_name="${dm_snap_prefix}_${img_name}" 13 | local ro_dev ro_dev_size rw_dev 14 | 15 | ro_dev="$(losetup --find --show --read-only -- "${img}")" 16 | echo "${ro_dev}" >> /run/archiso/used_block_devices 17 | ro_dev_size="$(blockdev --getsz "${ro_dev}")" 18 | 19 | if [ "${cow_persistent}" = "P" ]; then 20 | if [ -f "/run/archiso/cowspace/${cow_directory}/${img_name}.cow" ]; then 21 | msg ":: Found '/run/archiso/cowspace/${cow_directory}/${img_name}.cow', using as persistent." 22 | else 23 | msg ":: Creating '/run/archiso/cowspace/${cow_directory}/${img_name}.cow' as persistent." 24 | truncate -s "${cow_spacesize}" "/run/archiso/cowspace/${cow_directory}/${img_name}.cow" 25 | fi 26 | else 27 | if [ -f "/run/archiso/cowspace/${cow_directory}/${img_name}.cow" ]; then 28 | msg ":: Found '/run/archiso/cowspace/${cow_directory}/${img_name}.cow' but non-persistent requested, removing." 29 | rm -f "/run/archiso/cowspace/${cow_directory}/${img_name}.cow" 30 | fi 31 | msg ":: Creating '/run/archiso/cowspace/${cow_directory}/${img_name}.cow' as non-persistent." 32 | truncate -s "${cow_spacesize}" "/run/archiso/cowspace/${cow_directory}/${img_name}.cow" 33 | fi 34 | 35 | rw_dev="$(losetup --find --show "/run/archiso/cowspace/${cow_directory}/${img_name}.cow")" 36 | echo "${rw_dev}" >> /run/archiso/used_block_devices 37 | 38 | dmsetup create "${dm_snap_name}" --table \ 39 | "0 ${ro_dev_size} snapshot ${ro_dev} ${rw_dev} ${cow_persistent} ${cow_chunksize}" 40 | 41 | if [ "${cow_persistent}" != "P" ]; then 42 | rm -f "/run/archiso/cowspace/${cow_directory}/${img_name}.cow" 43 | fi 44 | 45 | _mnt_dev "/dev/mapper/${dm_snap_name}" "${newroot}${mnt}" "-w" "defaults" 46 | readlink -f "/dev/mapper/${dm_snap_name}" >> /run/archiso/used_block_devices 47 | } 48 | 49 | # args: source, newroot, mountpoint 50 | _mnt_overlayfs() { 51 | local src="${1}" 52 | local newroot="${2}" 53 | local mnt="${3}" 54 | mkdir -p "/run/archiso/cowspace/${cow_directory}/upperdir" "/run/archiso/cowspace/${cow_directory}/workdir" 55 | mount -t overlay -o \ 56 | "lowerdir=${src},upperdir=/run/archiso/cowspace/${cow_directory}/upperdir,workdir=/run/archiso/cowspace/${cow_directory}/workdir" \ 57 | airootfs "${newroot}${mnt}" 58 | } 59 | 60 | 61 | # args: /path/to/image_file, mountpoint 62 | _mnt_sfs() { 63 | local img="${1}" 64 | local mnt="${2}" 65 | local img_fullname="${img##*/}" 66 | local sfs_dev 67 | 68 | # shellcheck disable=SC2154 69 | # defined via initcpio's parse_cmdline() 70 | if [ "${copytoram}" = "y" ]; then 71 | msg -n ":: Copying squashfs image to RAM..." 72 | 73 | # in case we have pv use it to display copy progress feedback otherwise 74 | # fallback to using plain cp 75 | if command -v pv > /dev/null 2>&1; then 76 | echo "" 77 | (pv "${img}" > "/run/archiso/copytoram/${img_fullname}") 78 | local rc=$? 79 | else 80 | (cp -- "${img}" "/run/archiso/copytoram/${img_fullname}") 81 | local rc=$? 82 | fi 83 | 84 | if [ $rc != 0 ]; then 85 | echo "ERROR: while copy '${img}' to '/run/archiso/copytoram/${img_fullname}'" 86 | launch_interactive_shell 87 | fi 88 | 89 | img="/run/archiso/copytoram/${img_fullname}" 90 | msg "done." 91 | fi 92 | sfs_dev="$(losetup --find --show --read-only -- "${img}")" 93 | echo "${sfs_dev}" >> /run/archiso/used_block_devices 94 | _mnt_dev "${sfs_dev}" "${mnt}" "-r" "defaults" 95 | } 96 | 97 | # args: /path/to/image_file, mountpoint 98 | _mnt_erofs() { 99 | local img="${1}" 100 | local mnt="${2}" 101 | local img_fullname="${img##*/}" 102 | local erofs_dev 103 | 104 | # shellcheck disable=SC2154 105 | # defined via initcpio's parse_cmdline() 106 | if [ "${copytoram}" = "y" ]; then 107 | msg -n ":: Copying EROFS image to RAM..." 108 | if ! cp -- "${img}" "/run/archiso/copytoram/${img_fullname}" ; then 109 | echo "ERROR: while copy '${img}' to '/run/archiso/copytoram/${img_fullname}'" 110 | launch_interactive_shell 111 | fi 112 | img="/run/archiso/copytoram/${img_fullname}" 113 | msg "done." 114 | fi 115 | erofs_dev="$(losetup --find --show --read-only -- "${img}")" 116 | echo "${erofs_dev}" >> /run/archiso/used_block_devices 117 | _mnt_dev "${erofs_dev}" "${mnt}" "-r" "defaults" "erofs" 118 | } 119 | 120 | # args: device, mountpoint, flags, opts 121 | _mnt_dev() { 122 | local dev="${1}" 123 | local mnt="${2}" 124 | local flg="${3}" 125 | local opts="${4}" 126 | local fstype="${5:-auto}" 127 | 128 | mkdir -p "${mnt}" 129 | 130 | msg ":: Mounting '${dev}' to '${mnt}'" 131 | 132 | while ! poll_device "${dev}" 30; do 133 | echo "ERROR: '${dev}' device did not show up after 30 seconds..." 134 | echo " Falling back to interactive prompt" 135 | echo " You can try to fix the problem manually, log out when you are finished" 136 | launch_interactive_shell 137 | done 138 | 139 | if mount -t "${fstype}" -o "${opts}" "${flg}" "${dev}" "${mnt}"; then 140 | msg ":: Device '${dev}' mounted successfully." 141 | else 142 | echo "ERROR; Failed to mount '${dev}'" 143 | echo " Falling back to interactive prompt" 144 | echo " You can try to fix the problem manually, log out when you are finished" 145 | launch_interactive_shell 146 | fi 147 | } 148 | 149 | _verify_checksum() { 150 | local _status 151 | cd "/run/archiso/bootmnt/${archisobasedir}/${arch}" || exit 1 152 | sha512sum -c airootfs.sha512 > /tmp/checksum.log 2>&1 153 | _status=$? 154 | cd -- "${OLDPWD}" || exit 1 155 | return "${_status}" 156 | } 157 | 158 | _verify_signature() { 159 | local _status 160 | local sigfile="${1}" 161 | cd "/run/archiso/bootmnt/${archisobasedir}/${arch}" || exit 1 162 | gpg --homedir /gpg --status-fd 1 --verify "${sigfile}" 2>/dev/null | grep -qE '^\[GNUPG:\] GOODSIG' 163 | _status=$? 164 | cd -- "${OLDPWD}" || exit 1 165 | return ${_status} 166 | } 167 | 168 | run_hook() { 169 | [ -z "${arch}" ] && arch="$(uname -m)" 170 | [ -z "${copytoram_size}" ] && copytoram_size="75%" 171 | [ -z "${archisobasedir}" ] && archisobasedir="arch" 172 | [ -z "${dm_snap_prefix}" ] && dm_snap_prefix="arch" 173 | # shellcheck disable=SC2154 174 | # defined via initcpio's parse_cmdline() 175 | [ -z "${archisodevice}" ] && archisodevice="/dev/disk/by-label/${archisolabel}" 176 | [ -z "${cow_spacesize}" ] && cow_spacesize="256M" 177 | # shellcheck disable=SC2154 178 | # defined via initcpio's parse_cmdline() 179 | if [ -n "${cow_label}" ]; then 180 | cow_device="/dev/disk/by-label/${cow_label}" 181 | [ -z "${cow_persistent}" ] && cow_persistent="P" 182 | elif [ -n "${cow_device}" ]; then 183 | [ -z "${cow_persistent}" ] && cow_persistent="P" 184 | else 185 | cow_persistent="N" 186 | fi 187 | 188 | [ -z "${cow_flags}" ] && cow_flags="defaults" 189 | [ -z "${cow_directory}" ] && cow_directory="persistent_${archisolabel}/${arch}" 190 | [ -z "${cow_chunksize}" ] && cow_chunksize="8" 191 | 192 | # set mount handler for archiso 193 | export mount_handler="archiso_mount_handler" 194 | } 195 | 196 | # This function is called normally from init script, but it can be called 197 | # as chain from other mount handlers. 198 | # args: /path/to/newroot 199 | archiso_mount_handler() { 200 | local newroot="${1}" 201 | local sigfile 202 | 203 | if ! mountpoint -q "/run/archiso/bootmnt"; then 204 | _mnt_dev "${archisodevice}" "/run/archiso/bootmnt" "-r" "defaults" 205 | if [ "${copytoram}" != "y" ]; then 206 | readlink -f "${archisodevice}" >> /run/archiso/used_block_devices 207 | fi 208 | fi 209 | 210 | # shellcheck disable=SC2154 211 | # defined via initcpio's parse_cmdline() 212 | if [ "${checksum}" = "y" ]; then 213 | if [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sha512" ]; then 214 | msg -n ":: Self-test requested, please wait..." 215 | if _verify_checksum; then 216 | msg "done. Checksum is OK, continue booting." 217 | else 218 | echo "ERROR: one or more files are corrupted" 219 | echo "see /tmp/checksum.log for details" 220 | launch_interactive_shell 221 | fi 222 | else 223 | echo "ERROR: checksum=y option specified but ${archisobasedir}/${arch}/airootfs.sha512 not found" 224 | launch_interactive_shell 225 | fi 226 | fi 227 | 228 | # shellcheck disable=SC2154 229 | # defined via initcpio's parse_cmdline() 230 | if [ "${verify}" = "y" ]; then 231 | if [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs.sig" ]; then 232 | sigfile="airootfs.sfs.sig" 233 | elif [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs.sig" ]; then 234 | sigfile="airootfs.erofs.sig" 235 | fi 236 | if [ -n "${sigfile}" ]; then 237 | msg -n ":: Signature verification requested, please wait..." 238 | if _verify_signature "${sigfile}"; then 239 | msg "done. Signature is OK, continue booting." 240 | else 241 | echo "ERROR: one or more files are corrupted" 242 | launch_interactive_shell 243 | fi 244 | else 245 | echo "ERROR: verify=y option specified but GPG signature not found in ${archisobasedir}/${arch}/" 246 | launch_interactive_shell 247 | fi 248 | fi 249 | 250 | if [ "${copytoram}" = "y" ]; then 251 | msg ":: Mounting /run/archiso/copytoram (tmpfs) filesystem, size=${copytoram_size}" 252 | mkdir -p /run/archiso/copytoram 253 | mount -t tmpfs -o "size=${copytoram_size}",mode=0755 copytoram /run/archiso/copytoram 254 | fi 255 | 256 | if [ -n "${cow_device}" ]; then 257 | _mnt_dev "${cow_device}" "/run/archiso/cowspace" "-r" "${cow_flags}" 258 | readlink -f "${cow_device}" >> /run/archiso/used_block_devices 259 | mount -o remount,rw "/run/archiso/cowspace" 260 | else 261 | msg ":: Mounting /run/archiso/cowspace (tmpfs) filesystem, size=${cow_spacesize}..." 262 | mkdir -p /run/archiso/cowspace 263 | mount -t tmpfs -o "size=${cow_spacesize}",mode=0755 cowspace /run/archiso/cowspace 264 | fi 265 | mkdir -p "/run/archiso/cowspace/${cow_directory}" 266 | chmod 0700 "/run/archiso/cowspace/${cow_directory}" 267 | 268 | if [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" ]; then 269 | _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" "/run/archiso/airootfs" 270 | elif [ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs" ]; then 271 | _mnt_erofs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.erofs" "/run/archiso/airootfs" 272 | fi 273 | if [ -f "/run/archiso/airootfs/airootfs.img" ]; then 274 | _mnt_dmsnapshot "/run/archiso/airootfs/airootfs.img" "${newroot}" "/" 275 | else 276 | _mnt_overlayfs "/run/archiso/airootfs" "${newroot}" "/" 277 | fi 278 | 279 | if [ "${copytoram}" = "y" ]; then 280 | umount -d /run/archiso/bootmnt 281 | rmdir /run/archiso/bootmnt 282 | fi 283 | } 284 | 285 | # vim: set ft=sh: 286 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 3, 29 June 2007 3 | 4 | Copyright (C) 2007 Free Software Foundation, Inc. 5 | Everyone is permitted to copy and distribute verbatim copies 6 | of this license document, but changing it is not allowed. 7 | 8 | Preamble 9 | 10 | The GNU General Public License is a free, copyleft license for 11 | software and other kinds of works. 12 | 13 | The licenses for most software and other practical works are designed 14 | to take away your freedom to share and change the works. By contrast, 15 | the GNU General Public License is intended to guarantee your freedom to 16 | share and change all versions of a program--to make sure it remains free 17 | software for all its users. We, the Free Software Foundation, use the 18 | GNU General Public License for most of our software; it applies also to 19 | any other work released this way by its authors. You can apply it to 20 | your programs, too. 21 | 22 | When we speak of free software, we are referring to freedom, not 23 | price. Our General Public Licenses are designed to make sure that you 24 | have the freedom to distribute copies of free software (and charge for 25 | them if you wish), that you receive source code or can get it if you 26 | want it, that you can change the software or use pieces of it in new 27 | free programs, and that you know you can do these things. 28 | 29 | To protect your rights, we need to prevent others from denying you 30 | these rights or asking you to surrender the rights. Therefore, you have 31 | certain responsibilities if you distribute copies of the software, or if 32 | you modify it: responsibilities to respect the freedom of others. 33 | 34 | For example, if you distribute copies of such a program, whether 35 | gratis or for a fee, you must pass on to the recipients the same 36 | freedoms that you received. You must make sure that they, too, receive 37 | or can get the source code. And you must show them these terms so they 38 | know their rights. 39 | 40 | Developers that use the GNU GPL protect your rights with two steps: 41 | (1) assert copyright on the software, and (2) offer you this License 42 | giving you legal permission to copy, distribute and/or modify it. 43 | 44 | For the developers' and authors' protection, the GPL clearly explains 45 | that there is no warranty for this free software. For both users' and 46 | authors' sake, the GPL requires that modified versions be marked as 47 | changed, so that their problems will not be attributed erroneously to 48 | authors of previous versions. 49 | 50 | Some devices are designed to deny users access to install or run 51 | modified versions of the software inside them, although the manufacturer 52 | can do so. This is fundamentally incompatible with the aim of 53 | protecting users' freedom to change the software. The systematic 54 | pattern of such abuse occurs in the area of products for individuals to 55 | use, which is precisely where it is most unacceptable. Therefore, we 56 | have designed this version of the GPL to prohibit the practice for those 57 | products. If such problems arise substantially in other domains, we 58 | stand ready to extend this provision to those domains in future versions 59 | of the GPL, as needed to protect the freedom of users. 60 | 61 | Finally, every program is threatened constantly by software patents. 62 | States should not allow patents to restrict development and use of 63 | software on general-purpose computers, but in those that do, we wish to 64 | avoid the special danger that patents applied to a free program could 65 | make it effectively proprietary. To prevent this, the GPL assures that 66 | patents cannot be used to render the program non-free. 67 | 68 | The precise terms and conditions for copying, distribution and 69 | modification follow. 70 | 71 | TERMS AND CONDITIONS 72 | 73 | 0. Definitions. 74 | 75 | "This License" refers to version 3 of the GNU General Public License. 76 | 77 | "Copyright" also means copyright-like laws that apply to other kinds of 78 | works, such as semiconductor masks. 79 | 80 | "The Program" refers to any copyrightable work licensed under this 81 | License. Each licensee is addressed as "you". "Licensees" and 82 | "recipients" may be individuals or organizations. 83 | 84 | To "modify" a work means to copy from or adapt all or part of the work 85 | in a fashion requiring copyright permission, other than the making of an 86 | exact copy. The resulting work is called a "modified version" of the 87 | earlier work or a work "based on" the earlier work. 88 | 89 | A "covered work" means either the unmodified Program or a work based 90 | on the Program. 91 | 92 | To "propagate" a work means to do anything with it that, without 93 | permission, would make you directly or secondarily liable for 94 | infringement under applicable copyright law, except executing it on a 95 | computer or modifying a private copy. Propagation includes copying, 96 | distribution (with or without modification), making available to the 97 | public, and in some countries other activities as well. 98 | 99 | To "convey" a work means any kind of propagation that enables other 100 | parties to make or receive copies. Mere interaction with a user through 101 | a computer network, with no transfer of a copy, is not conveying. 102 | 103 | An interactive user interface displays "Appropriate Legal Notices" 104 | to the extent that it includes a convenient and prominently visible 105 | feature that (1) displays an appropriate copyright notice, and (2) 106 | tells the user that there is no warranty for the work (except to the 107 | extent that warranties are provided), that licensees may convey the 108 | work under this License, and how to view a copy of this License. If 109 | the interface presents a list of user commands or options, such as a 110 | menu, a prominent item in the list meets this criterion. 111 | 112 | 1. Source Code. 113 | 114 | The "source code" for a work means the preferred form of the work 115 | for making modifications to it. "Object code" means any non-source 116 | form of a work. 117 | 118 | A "Standard Interface" means an interface that either is an official 119 | standard defined by a recognized standards body, or, in the case of 120 | interfaces specified for a particular programming language, one that 121 | is widely used among developers working in that language. 122 | 123 | The "System Libraries" of an executable work include anything, other 124 | than the work as a whole, that (a) is included in the normal form of 125 | packaging a Major Component, but which is not part of that Major 126 | Component, and (b) serves only to enable use of the work with that 127 | Major Component, or to implement a Standard Interface for which an 128 | implementation is available to the public in source code form. A 129 | "Major Component", in this context, means a major essential component 130 | (kernel, window system, and so on) of the specific operating system 131 | (if any) on which the executable work runs, or a compiler used to 132 | produce the work, or an object code interpreter used to run it. 133 | 134 | The "Corresponding Source" for a work in object code form means all 135 | the source code needed to generate, install, and (for an executable 136 | work) run the object code and to modify the work, including scripts to 137 | control those activities. However, it does not include the work's 138 | System Libraries, or general-purpose tools or generally available free 139 | programs which are used unmodified in performing those activities but 140 | which are not part of the work. For example, Corresponding Source 141 | includes interface definition files associated with source files for 142 | the work, and the source code for shared libraries and dynamically 143 | linked subprograms that the work is specifically designed to require, 144 | such as by intimate data communication or control flow between those 145 | subprograms and other parts of the work. 146 | 147 | The Corresponding Source need not include anything that users 148 | can regenerate automatically from other parts of the Corresponding 149 | Source. 150 | 151 | The Corresponding Source for a work in source code form is that 152 | same work. 153 | 154 | 2. Basic Permissions. 155 | 156 | All rights granted under this License are granted for the term of 157 | copyright on the Program, and are irrevocable provided the stated 158 | conditions are met. This License explicitly affirms your unlimited 159 | permission to run the unmodified Program. The output from running a 160 | covered work is covered by this License only if the output, given its 161 | content, constitutes a covered work. This License acknowledges your 162 | rights of fair use or other equivalent, as provided by copyright law. 163 | 164 | You may make, run and propagate covered works that you do not 165 | convey, without conditions so long as your license otherwise remains 166 | in force. You may convey covered works to others for the sole purpose 167 | of having them make modifications exclusively for you, or provide you 168 | with facilities for running those works, provided that you comply with 169 | the terms of this License in conveying all material for which you do 170 | not control copyright. Those thus making or running the covered works 171 | for you must do so exclusively on your behalf, under your direction 172 | and control, on terms that prohibit them from making any copies of 173 | your copyrighted material outside their relationship with you. 174 | 175 | Conveying under any other circumstances is permitted solely under 176 | the conditions stated below. Sublicensing is not allowed; section 10 177 | makes it unnecessary. 178 | 179 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law. 180 | 181 | No covered work shall be deemed part of an effective technological 182 | measure under any applicable law fulfilling obligations under article 183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or 184 | similar laws prohibiting or restricting circumvention of such 185 | measures. 186 | 187 | When you convey a covered work, you waive any legal power to forbid 188 | circumvention of technological measures to the extent such circumvention 189 | is effected by exercising rights under this License with respect to 190 | the covered work, and you disclaim any intention to limit operation or 191 | modification of the work as a means of enforcing, against the work's 192 | users, your or third parties' legal rights to forbid circumvention of 193 | technological measures. 194 | 195 | 4. Conveying Verbatim Copies. 196 | 197 | You may convey verbatim copies of the Program's source code as you 198 | receive it, in any medium, provided that you conspicuously and 199 | appropriately publish on each copy an appropriate copyright notice; 200 | keep intact all notices stating that this License and any 201 | non-permissive terms added in accord with section 7 apply to the code; 202 | keep intact all notices of the absence of any warranty; and give all 203 | recipients a copy of this License along with the Program. 204 | 205 | You may charge any price or no price for each copy that you convey, 206 | and you may offer support or warranty protection for a fee. 207 | 208 | 5. Conveying Modified Source Versions. 209 | 210 | You may convey a work based on the Program, or the modifications to 211 | produce it from the Program, in the form of source code under the 212 | terms of section 4, provided that you also meet all of these conditions: 213 | 214 | a) The work must carry prominent notices stating that you modified 215 | it, and giving a relevant date. 216 | 217 | b) The work must carry prominent notices stating that it is 218 | released under this License and any conditions added under section 219 | 7. This requirement modifies the requirement in section 4 to 220 | "keep intact all notices". 221 | 222 | c) You must license the entire work, as a whole, under this 223 | License to anyone who comes into possession of a copy. This 224 | License will therefore apply, along with any applicable section 7 225 | additional terms, to the whole of the work, and all its parts, 226 | regardless of how they are packaged. This License gives no 227 | permission to license the work in any other way, but it does not 228 | invalidate such permission if you have separately received it. 229 | 230 | d) If the work has interactive user interfaces, each must display 231 | Appropriate Legal Notices; however, if the Program has interactive 232 | interfaces that do not display Appropriate Legal Notices, your 233 | work need not make them do so. 234 | 235 | A compilation of a covered work with other separate and independent 236 | works, which are not by their nature extensions of the covered work, 237 | and which are not combined with it such as to form a larger program, 238 | in or on a volume of a storage or distribution medium, is called an 239 | "aggregate" if the compilation and its resulting copyright are not 240 | used to limit the access or legal rights of the compilation's users 241 | beyond what the individual works permit. Inclusion of a covered work 242 | in an aggregate does not cause this License to apply to the other 243 | parts of the aggregate. 244 | 245 | 6. Conveying Non-Source Forms. 246 | 247 | You may convey a covered work in object code form under the terms 248 | of sections 4 and 5, provided that you also convey the 249 | machine-readable Corresponding Source under the terms of this License, 250 | in one of these ways: 251 | 252 | a) Convey the object code in, or embodied in, a physical product 253 | (including a physical distribution medium), accompanied by the 254 | Corresponding Source fixed on a durable physical medium 255 | customarily used for software interchange. 256 | 257 | b) Convey the object code in, or embodied in, a physical product 258 | (including a physical distribution medium), accompanied by a 259 | written offer, valid for at least three years and valid for as 260 | long as you offer spare parts or customer support for that product 261 | model, to give anyone who possesses the object code either (1) a 262 | copy of the Corresponding Source for all the software in the 263 | product that is covered by this License, on a durable physical 264 | medium customarily used for software interchange, for a price no 265 | more than your reasonable cost of physically performing this 266 | conveying of source, or (2) access to copy the 267 | Corresponding Source from a network server at no charge. 268 | 269 | c) Convey individual copies of the object code with a copy of the 270 | written offer to provide the Corresponding Source. This 271 | alternative is allowed only occasionally and noncommercially, and 272 | only if you received the object code with such an offer, in accord 273 | with subsection 6b. 274 | 275 | d) Convey the object code by offering access from a designated 276 | place (gratis or for a charge), and offer equivalent access to the 277 | Corresponding Source in the same way through the same place at no 278 | further charge. You need not require recipients to copy the 279 | Corresponding Source along with the object code. If the place to 280 | copy the object code is a network server, the Corresponding Source 281 | may be on a different server (operated by you or a third party) 282 | that supports equivalent copying facilities, provided you maintain 283 | clear directions next to the object code saying where to find the 284 | Corresponding Source. Regardless of what server hosts the 285 | Corresponding Source, you remain obligated to ensure that it is 286 | available for as long as needed to satisfy these requirements. 287 | 288 | e) Convey the object code using peer-to-peer transmission, provided 289 | you inform other peers where the object code and Corresponding 290 | Source of the work are being offered to the general public at no 291 | charge under subsection 6d. 292 | 293 | A separable portion of the object code, whose source code is excluded 294 | from the Corresponding Source as a System Library, need not be 295 | included in conveying the object code work. 296 | 297 | A "User Product" is either (1) a "consumer product", which means any 298 | tangible personal property which is normally used for personal, family, 299 | or household purposes, or (2) anything designed or sold for incorporation 300 | into a dwelling. In determining whether a product is a consumer product, 301 | doubtful cases shall be resolved in favor of coverage. For a particular 302 | product received by a particular user, "normally used" refers to a 303 | typical or common use of that class of product, regardless of the status 304 | of the particular user or of the way in which the particular user 305 | actually uses, or expects or is expected to use, the product. A product 306 | is a consumer product regardless of whether the product has substantial 307 | commercial, industrial or non-consumer uses, unless such uses represent 308 | the only significant mode of use of the product. 309 | 310 | "Installation Information" for a User Product means any methods, 311 | procedures, authorization keys, or other information required to install 312 | and execute modified versions of a covered work in that User Product from 313 | a modified version of its Corresponding Source. The information must 314 | suffice to ensure that the continued functioning of the modified object 315 | code is in no case prevented or interfered with solely because 316 | modification has been made. 317 | 318 | If you convey an object code work under this section in, or with, or 319 | specifically for use in, a User Product, and the conveying occurs as 320 | part of a transaction in which the right of possession and use of the 321 | User Product is transferred to the recipient in perpetuity or for a 322 | fixed term (regardless of how the transaction is characterized), the 323 | Corresponding Source conveyed under this section must be accompanied 324 | by the Installation Information. But this requirement does not apply 325 | if neither you nor any third party retains the ability to install 326 | modified object code on the User Product (for example, the work has 327 | been installed in ROM). 328 | 329 | The requirement to provide Installation Information does not include a 330 | requirement to continue to provide support service, warranty, or updates 331 | for a work that has been modified or installed by the recipient, or for 332 | the User Product in which it has been modified or installed. Access to a 333 | network may be denied when the modification itself materially and 334 | adversely affects the operation of the network or violates the rules and 335 | protocols for communication across the network. 336 | 337 | Corresponding Source conveyed, and Installation Information provided, 338 | in accord with this section must be in a format that is publicly 339 | documented (and with an implementation available to the public in 340 | source code form), and must require no special password or key for 341 | unpacking, reading or copying. 342 | 343 | 7. Additional Terms. 344 | 345 | "Additional permissions" are terms that supplement the terms of this 346 | License by making exceptions from one or more of its conditions. 347 | Additional permissions that are applicable to the entire Program shall 348 | be treated as though they were included in this License, to the extent 349 | that they are valid under applicable law. If additional permissions 350 | apply only to part of the Program, that part may be used separately 351 | under those permissions, but the entire Program remains governed by 352 | this License without regard to the additional permissions. 353 | 354 | When you convey a copy of a covered work, you may at your option 355 | remove any additional permissions from that copy, or from any part of 356 | it. (Additional permissions may be written to require their own 357 | removal in certain cases when you modify the work.) You may place 358 | additional permissions on material, added by you to a covered work, 359 | for which you have or can give appropriate copyright permission. 360 | 361 | Notwithstanding any other provision of this License, for material you 362 | add to a covered work, you may (if authorized by the copyright holders of 363 | that material) supplement the terms of this License with terms: 364 | 365 | a) Disclaiming warranty or limiting liability differently from the 366 | terms of sections 15 and 16 of this License; or 367 | 368 | b) Requiring preservation of specified reasonable legal notices or 369 | author attributions in that material or in the Appropriate Legal 370 | Notices displayed by works containing it; or 371 | 372 | c) Prohibiting misrepresentation of the origin of that material, or 373 | requiring that modified versions of such material be marked in 374 | reasonable ways as different from the original version; or 375 | 376 | d) Limiting the use for publicity purposes of names of licensors or 377 | authors of the material; or 378 | 379 | e) Declining to grant rights under trademark law for use of some 380 | trade names, trademarks, or service marks; or 381 | 382 | f) Requiring indemnification of licensors and authors of that 383 | material by anyone who conveys the material (or modified versions of 384 | it) with contractual assumptions of liability to the recipient, for 385 | any liability that these contractual assumptions directly impose on 386 | those licensors and authors. 387 | 388 | All other non-permissive additional terms are considered "further 389 | restrictions" within the meaning of section 10. If the Program as you 390 | received it, or any part of it, contains a notice stating that it is 391 | governed by this License along with a term that is a further 392 | restriction, you may remove that term. If a license document contains 393 | a further restriction but permits relicensing or conveying under this 394 | License, you may add to a covered work material governed by the terms 395 | of that license document, provided that the further restriction does 396 | not survive such relicensing or conveying. 397 | 398 | If you add terms to a covered work in accord with this section, you 399 | must place, in the relevant source files, a statement of the 400 | additional terms that apply to those files, or a notice indicating 401 | where to find the applicable terms. 402 | 403 | Additional terms, permissive or non-permissive, may be stated in the 404 | form of a separately written license, or stated as exceptions; 405 | the above requirements apply either way. 406 | 407 | 8. Termination. 408 | 409 | You may not propagate or modify a covered work except as expressly 410 | provided under this License. Any attempt otherwise to propagate or 411 | modify it is void, and will automatically terminate your rights under 412 | this License (including any patent licenses granted under the third 413 | paragraph of section 11). 414 | 415 | However, if you cease all violation of this License, then your 416 | license from a particular copyright holder is reinstated (a) 417 | provisionally, unless and until the copyright holder explicitly and 418 | finally terminates your license, and (b) permanently, if the copyright 419 | holder fails to notify you of the violation by some reasonable means 420 | prior to 60 days after the cessation. 421 | 422 | Moreover, your license from a particular copyright holder is 423 | reinstated permanently if the copyright holder notifies you of the 424 | violation by some reasonable means, this is the first time you have 425 | received notice of violation of this License (for any work) from that 426 | copyright holder, and you cure the violation prior to 30 days after 427 | your receipt of the notice. 428 | 429 | Termination of your rights under this section does not terminate the 430 | licenses of parties who have received copies or rights from you under 431 | this License. If your rights have been terminated and not permanently 432 | reinstated, you do not qualify to receive new licenses for the same 433 | material under section 10. 434 | 435 | 9. Acceptance Not Required for Having Copies. 436 | 437 | You are not required to accept this License in order to receive or 438 | run a copy of the Program. Ancillary propagation of a covered work 439 | occurring solely as a consequence of using peer-to-peer transmission 440 | to receive a copy likewise does not require acceptance. However, 441 | nothing other than this License grants you permission to propagate or 442 | modify any covered work. These actions infringe copyright if you do 443 | not accept this License. Therefore, by modifying or propagating a 444 | covered work, you indicate your acceptance of this License to do so. 445 | 446 | 10. Automatic Licensing of Downstream Recipients. 447 | 448 | Each time you convey a covered work, the recipient automatically 449 | receives a license from the original licensors, to run, modify and 450 | propagate that work, subject to this License. You are not responsible 451 | for enforcing compliance by third parties with this License. 452 | 453 | An "entity transaction" is a transaction transferring control of an 454 | organization, or substantially all assets of one, or subdividing an 455 | organization, or merging organizations. If propagation of a covered 456 | work results from an entity transaction, each party to that 457 | transaction who receives a copy of the work also receives whatever 458 | licenses to the work the party's predecessor in interest had or could 459 | give under the previous paragraph, plus a right to possession of the 460 | Corresponding Source of the work from the predecessor in interest, if 461 | the predecessor has it or can get it with reasonable efforts. 462 | 463 | You may not impose any further restrictions on the exercise of the 464 | rights granted or affirmed under this License. For example, you may 465 | not impose a license fee, royalty, or other charge for exercise of 466 | rights granted under this License, and you may not initiate litigation 467 | (including a cross-claim or counterclaim in a lawsuit) alleging that 468 | any patent claim is infringed by making, using, selling, offering for 469 | sale, or importing the Program or any portion of it. 470 | 471 | 11. Patents. 472 | 473 | A "contributor" is a copyright holder who authorizes use under this 474 | License of the Program or a work on which the Program is based. The 475 | work thus licensed is called the contributor's "contributor version". 476 | 477 | A contributor's "essential patent claims" are all patent claims 478 | owned or controlled by the contributor, whether already acquired or 479 | hereafter acquired, that would be infringed by some manner, permitted 480 | by this License, of making, using, or selling its contributor version, 481 | but do not include claims that would be infringed only as a 482 | consequence of further modification of the contributor version. For 483 | purposes of this definition, "control" includes the right to grant 484 | patent sublicenses in a manner consistent with the requirements of 485 | this License. 486 | 487 | Each contributor grants you a non-exclusive, worldwide, royalty-free 488 | patent license under the contributor's essential patent claims, to 489 | make, use, sell, offer for sale, import and otherwise run, modify and 490 | propagate the contents of its contributor version. 491 | 492 | In the following three paragraphs, a "patent license" is any express 493 | agreement or commitment, however denominated, not to enforce a patent 494 | (such as an express permission to practice a patent or covenant not to 495 | sue for patent infringement). To "grant" such a patent license to a 496 | party means to make such an agreement or commitment not to enforce a 497 | patent against the party. 498 | 499 | If you convey a covered work, knowingly relying on a patent license, 500 | and the Corresponding Source of the work is not available for anyone 501 | to copy, free of charge and under the terms of this License, through a 502 | publicly available network server or other readily accessible means, 503 | then you must either (1) cause the Corresponding Source to be so 504 | available, or (2) arrange to deprive yourself of the benefit of the 505 | patent license for this particular work, or (3) arrange, in a manner 506 | consistent with the requirements of this License, to extend the patent 507 | license to downstream recipients. "Knowingly relying" means you have 508 | actual knowledge that, but for the patent license, your conveying the 509 | covered work in a country, or your recipient's use of the covered work 510 | in a country, would infringe one or more identifiable patents in that 511 | country that you have reason to believe are valid. 512 | 513 | If, pursuant to or in connection with a single transaction or 514 | arrangement, you convey, or propagate by procuring conveyance of, a 515 | covered work, and grant a patent license to some of the parties 516 | receiving the covered work authorizing them to use, propagate, modify 517 | or convey a specific copy of the covered work, then the patent license 518 | you grant is automatically extended to all recipients of the covered 519 | work and works based on it. 520 | 521 | A patent license is "discriminatory" if it does not include within 522 | the scope of its coverage, prohibits the exercise of, or is 523 | conditioned on the non-exercise of one or more of the rights that are 524 | specifically granted under this License. You may not convey a covered 525 | work if you are a party to an arrangement with a third party that is 526 | in the business of distributing software, under which you make payment 527 | to the third party based on the extent of your activity of conveying 528 | the work, and under which the third party grants, to any of the 529 | parties who would receive the covered work from you, a discriminatory 530 | patent license (a) in connection with copies of the covered work 531 | conveyed by you (or copies made from those copies), or (b) primarily 532 | for and in connection with specific products or compilations that 533 | contain the covered work, unless you entered into that arrangement, 534 | or that patent license was granted, prior to 28 March 2007. 535 | 536 | Nothing in this License shall be construed as excluding or limiting 537 | any implied license or other defenses to infringement that may 538 | otherwise be available to you under applicable patent law. 539 | 540 | 12. No Surrender of Others' Freedom. 541 | 542 | If conditions are imposed on you (whether by court order, agreement or 543 | otherwise) that contradict the conditions of this License, they do not 544 | excuse you from the conditions of this License. If you cannot convey a 545 | covered work so as to satisfy simultaneously your obligations under this 546 | License and any other pertinent obligations, then as a consequence you may 547 | not convey it at all. For example, if you agree to terms that obligate you 548 | to collect a royalty for further conveying from those to whom you convey 549 | the Program, the only way you could satisfy both those terms and this 550 | License would be to refrain entirely from conveying the Program. 551 | 552 | 13. Use with the GNU Affero General Public License. 553 | 554 | Notwithstanding any other provision of this License, you have 555 | permission to link or combine any covered work with a work licensed 556 | under version 3 of the GNU Affero General Public License into a single 557 | combined work, and to convey the resulting work. The terms of this 558 | License will continue to apply to the part which is the covered work, 559 | but the special requirements of the GNU Affero General Public License, 560 | section 13, concerning interaction through a network will apply to the 561 | combination as such. 562 | 563 | 14. Revised Versions of this License. 564 | 565 | The Free Software Foundation may publish revised and/or new versions of 566 | the GNU General Public License from time to time. Such new versions will 567 | be similar in spirit to the present version, but may differ in detail to 568 | address new problems or concerns. 569 | 570 | Each version is given a distinguishing version number. If the 571 | Program specifies that a certain numbered version of the GNU General 572 | Public License "or any later version" applies to it, you have the 573 | option of following the terms and conditions either of that numbered 574 | version or of any later version published by the Free Software 575 | Foundation. If the Program does not specify a version number of the 576 | GNU General Public License, you may choose any version ever published 577 | by the Free Software Foundation. 578 | 579 | If the Program specifies that a proxy can decide which future 580 | versions of the GNU General Public License can be used, that proxy's 581 | public statement of acceptance of a version permanently authorizes you 582 | to choose that version for the Program. 583 | 584 | Later license versions may give you additional or different 585 | permissions. However, no additional obligations are imposed on any 586 | author or copyright holder as a result of your choosing to follow a 587 | later version. 588 | 589 | 15. Disclaimer of Warranty. 590 | 591 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY 592 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT 593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY 594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, 595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 596 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM 597 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF 598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 599 | 600 | 16. Limitation of Liability. 601 | 602 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS 604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY 605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE 606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF 607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD 608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), 609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF 610 | SUCH DAMAGES. 611 | 612 | 17. Interpretation of Sections 15 and 16. 613 | 614 | If the disclaimer of warranty and limitation of liability provided 615 | above cannot be given local legal effect according to their terms, 616 | reviewing courts shall apply local law that most closely approximates 617 | an absolute waiver of all civil liability in connection with the 618 | Program, unless a warranty or assumption of liability accompanies a 619 | copy of the Program in return for a fee. 620 | 621 | END OF TERMS AND CONDITIONS 622 | 623 | How to Apply These Terms to Your New Programs 624 | 625 | If you develop a new program, and you want it to be of the greatest 626 | possible use to the public, the best way to achieve this is to make it 627 | free software which everyone can redistribute and change under these terms. 628 | 629 | To do so, attach the following notices to the program. It is safest 630 | to attach them to the start of each source file to most effectively 631 | state the exclusion of warranty; and each file should have at least 632 | the "copyright" line and a pointer to where the full notice is found. 633 | 634 | 635 | Copyright (C) 636 | 637 | This program is free software: you can redistribute it and/or modify 638 | it under the terms of the GNU General Public License as published by 639 | the Free Software Foundation, either version 3 of the License, or 640 | (at your option) any later version. 641 | 642 | This program is distributed in the hope that it will be useful, 643 | but WITHOUT ANY WARRANTY; without even the implied warranty of 644 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 645 | GNU General Public License for more details. 646 | 647 | You should have received a copy of the GNU General Public License 648 | along with this program. If not, see . 649 | 650 | Also add information on how to contact you by electronic and paper mail. 651 | 652 | If the program does terminal interaction, make it output a short 653 | notice like this when it starts in an interactive mode: 654 | 655 | Copyright (C) 656 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 657 | This is free software, and you are welcome to redistribute it 658 | under certain conditions; type `show c' for details. 659 | 660 | The hypothetical commands `show w' and `show c' should show the appropriate 661 | parts of the General Public License. Of course, your program's commands 662 | might be different; for a GUI interface, you would use an "about box". 663 | 664 | You should also get your employer (if you work as a programmer) or school, 665 | if any, to sign a "copyright disclaimer" for the program, if necessary. 666 | For more information on this, and how to apply and follow the GNU GPL, see 667 | . 668 | 669 | The GNU General Public License does not permit incorporating your program 670 | into proprietary programs. If your program is a subroutine library, you 671 | may consider it more useful to permit linking proprietary applications with 672 | the library. If this is what you want to do, use the GNU Lesser General 673 | Public License instead of this License. But first, please read 674 | . 675 | --------------------------------------------------------------------------------