├── .gitignore
├── .gitmodules
├── ChangeLog
├── FUNDING.yml
├── LICENSE
├── README.md
├── VERSION
├── airootfs
├── etc
│ ├── X11
│ │ └── xinit
│ │ │ └── xinitrc
│ ├── fstab
│ ├── hostname
│ ├── initcpio
│ │ ├── hooks
│ │ │ └── findroot
│ │ └── install
│ │ │ ├── findroot
│ │ │ └── sysrescuecfg
│ ├── iptables
│ │ ├── ip6tables.rules
│ │ └── iptables.rules
│ ├── issue
│ ├── locale.conf
│ ├── machine-id
│ ├── mke2fs.conf
│ ├── modprobe.d
│ │ ├── broadcom-wl.conf
│ │ └── sysrescue.conf
│ ├── nanorc
│ ├── os-release
│ ├── pacman-rolling.conf
│ ├── pacman-snapshot.conf
│ ├── profile.d
│ │ └── env-path.sh
│ ├── skel
│ │ └── .bashrc
│ ├── sysctl.d
│ │ └── sysrescue.conf
│ ├── systemd
│ │ ├── network
│ │ │ ├── 20-ethernet.network
│ │ │ └── 20-wireless.network
│ │ ├── scripts
│ │ │ ├── choose-mirror
│ │ │ ├── sysrescue-autorun
│ │ │ ├── sysrescue-initialize-prenet
│ │ │ └── sysrescue-initialize-whilenet
│ │ └── system
│ │ │ ├── NetworkManager-wait-online.service.d
│ │ │ └── sysrescue.conf
│ │ │ ├── choose-mirror.service
│ │ │ ├── getty@.service.d
│ │ │ └── 10-autologin.conf
│ │ │ ├── serial-getty@.service.d
│ │ │ └── 10-autologin.conf
│ │ │ ├── sysrescue-autorun.service
│ │ │ ├── sysrescue-initialize-prenet.service
│ │ │ ├── sysrescue-initialize-whilenet.service
│ │ │ └── var-lib-pacman\x2drolling-local.mount
│ ├── tmpfiles.d
│ │ ├── gui_autostart.conf
│ │ └── ssh_authorized_keys.conf
│ ├── vconsole.conf
│ └── xdg
│ │ └── menus
│ │ ├── xfce-applications.menu
│ │ └── xfce-applications.orig
├── opt
│ └── firefox-esr
│ │ ├── defaults
│ │ └── pref
│ │ │ └── local-settings.js
│ │ ├── distribution
│ │ └── policies.json
│ │ └── sysrescue.js
├── root
│ ├── .Xauthority
│ ├── .config
│ │ ├── mimeapps.list
│ │ ├── remmina
│ │ │ └── remmina.pref
│ │ ├── systemd
│ │ │ └── user
│ │ │ │ ├── pulseaudio.service.d
│ │ │ │ └── sysrescue.conf
│ │ │ │ └── pulseaudio.socket.d
│ │ │ │ └── sysrescue.conf
│ │ └── xfce4
│ │ │ ├── helpers.rc
│ │ │ ├── panel
│ │ │ ├── launcher-11
│ │ │ │ └── 15867834691.desktop
│ │ │ ├── launcher-2
│ │ │ │ └── 15552315631.desktop
│ │ │ ├── launcher-3
│ │ │ │ └── 15552315792.desktop
│ │ │ ├── launcher-4
│ │ │ │ └── 15552315973.desktop
│ │ │ └── launcher-5
│ │ │ │ └── 15552316104.desktop
│ │ │ ├── terminal
│ │ │ └── terminalrc
│ │ │ └── xfconf
│ │ │ └── xfce-perchannel-xml
│ │ │ ├── keyboards.xml
│ │ │ ├── thunar.xml
│ │ │ ├── xfce4-desktop.xml
│ │ │ ├── xfce4-keyboard-shortcuts.xml
│ │ │ ├── xfce4-notifyd.xml
│ │ │ ├── xfce4-panel.xml
│ │ │ ├── xfce4-power-manager.xml
│ │ │ ├── xfce4-session.xml
│ │ │ └── xfwm4.xml
│ ├── .hushlogin
│ ├── .local
│ │ └── share
│ │ │ └── xfce4
│ │ │ └── helpers
│ │ │ └── custom-WebBrowser.desktop
│ └── customize_airootfs.sh
└── usr
│ ├── bin
│ ├── check-binaries.sh
│ ├── cowpacman2srm
│ ├── pacman-faketime
│ ├── setkmap
│ ├── sysrescue-configuration.lua
│ └── yay
│ ├── lib
│ └── udev
│ │ └── rules.d
│ │ ├── 09-nomdlvm.rules
│ │ └── 61-nomdlvm.rules
│ └── share
│ └── sysrescue
│ ├── bin
│ ├── load-srm
│ ├── manual
│ ├── mountall
│ ├── reverse_ssh
│ ├── sysrescue-customize
│ └── yay-prepare
│ └── template
│ ├── autoterminal.service
│ └── serial-autoterminal.service
├── autorun
└── .gitkeep
├── build.sh
├── docker
├── Dockerfile-build-iso-x86_64
├── build-docker-image.sh
└── build-iso-image.sh
├── efiboot
└── grub
│ ├── custom.cfg
│ ├── font.pf2
│ ├── grubinit.cfg
│ ├── grubsrcd.cfg
│ └── loopback.cfg
├── isolinux
└── isolinux.cfg
├── mirrorlist-snapshot-i686
├── mirrorlist-snapshot-x86_64
├── mkinitcpio.conf
├── packages
├── pacman.conf
├── patches
├── archiso-v43-01-squashfs-options.patch
├── archiso-v43-02-fix-pxeboot-dhcp.patch
├── archiso-v43-03-fix-pxeboot-multiple-interfaces.patch
├── archiso-v43-04-increase-cow-spacesize.patch
├── archiso-v43-05-add-loadsrm.patch
├── archiso-v43-06-copytoram.patch
├── archiso-v43-07-yaml-config.patch
├── archiso-v43-08-glibc-fix-dns.patch
└── archiso-v43-09-pxe_http.patch
├── srm
└── .gitkeep
├── syslinux
├── syslinux.cfg
├── sysresccd.cfg
├── sysresccd_custom.cfg
├── sysresccd_head.cfg
├── sysresccd_pxe.cfg
├── sysresccd_sys.cfg
└── sysresccd_tail.cfg
└── sysrescue.d
├── 100-defaults.yaml
└── 999-custom.yaml
/.gitignore:
--------------------------------------------------------------------------------
1 | out
2 | work
3 |
--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
1 | [submodule "website"]
2 | path = website
3 | url = https://gitlab.com/systemrescue/systemrescue-website.git
4 | branch = next
5 |
--------------------------------------------------------------------------------
/FUNDING.yml:
--------------------------------------------------------------------------------
1 | custom: ['http://cash.app/$nchevsky', 'http://paypal.me/nchevsky', 'https://account.venmo.com/u/nchevsky']
2 | github: nchevsky
3 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Overview
2 |
3 | **SystemRescue+ZFS** is a fork of the [SystemRescue](http://www.system-rescue.org/) distribution (based on [Arch Linux](https://archlinux.org/)) with the following improvements:
4 |
5 | - [ZFS](https://github.com/archzfs/archzfs/) supported out of the box
6 | - [Serial console](#serial-console) enabled for all boot options, including [Memtest86+](https://www.memtest.org/)
7 | - EFI boot progress indicators for the kernel/initramfs/system stages
8 | - [ISO image](https://github.com/nchevsky/systemrescue-zfs/releases) below 1 GiB in size
9 |
10 | # Serial console
11 |
12 | A serial terminal is enabled out of the box on `ttyS0`/`COM1` at 115,200 baud. If these settings are unsuitable, adjust the configuration of the appropriate bootloader and the [kernel](https://www.kernel.org/doc/html/latest/admin-guide/serial-console.html), then [build](#building) a new image.
13 |
14 | ## Bootloader
15 |
16 | | [GRUB](https://www.gnu.org/software/grub/manual/grub/grub.html) (EFI boot) | [SYSLINUX](https://wiki.syslinux.org/wiki/index.php?title=SYSLINUX) (legacy boot) |
17 | | --- | --- |
18 | | 📍 [`efiboot/grub/grubsrcd.cfg`](efiboot/grub/grubsrcd.cfg)
`serial --unit=0 --speed=115200 …` | 📍 [`syslinux/sysresccd_head.cfg`](syslinux/sysresccd_head.cfg)
`SERIAL 0 115200` |
19 |
20 | ## Kernel
21 |
22 | 📍 [`build.sh`](build.sh)
`consoles='console=ttyS0,115200 …'`
23 |
24 | # Building
25 |
26 | ```sh
27 | $ sudo ./build.sh [-d] [-v]
28 | ```
29 |
30 | - `-d`: Use fast compression, significantly speeding up development builds.
31 | - `-v`: Print more information while building (strongly recommended).
32 |
33 | ## Dependencies
34 |
35 | [Arch Linux](https://archlinux.org/download/) with the following packages installed:
36 | - `arch-install-scripts`
37 | - `archiso` from the custom [SystemRescue repository](https://sysrescuerepo.system-rescue.org/) ⚠️
38 | - `base-devel`
39 | - `edk2-shell`
40 | - `grub`
41 | - `hugo`
42 | - `isomd5sum`
43 | - `mtools`
44 |
45 | ## Rebuilds
46 |
47 | The state of successful [build steps](#steps) is persisted in `work/build.make_*` files. If such a file exists for a given build step, `build.sh` skips that step indefinitely. State files must be manually deleted for any steps that one wants reexecuted.
48 |
49 | ### Full rebuild
50 |
51 | ```sh
52 | $ sudo rm work/build.make_*
53 | ```
54 |
55 | ### Partial rebuild
56 |
57 | Delete the state file for the desired step **and any downstream steps**. For example, if you have customized the GRUB configuration, you must remove `build.make_efi` and its successors `build.make_efiboot` and `build.make_iso`.
58 |
59 | ## Steps
60 |
61 | 1. `make_pacman_conf`
62 | 2. `make_basefs`
63 | 3. `make_documentation`
64 | 4. `make_packages`
65 | 5. `make_customize_airootfs`
66 | 6. `make_setup_mkinitcpio`
67 | 7. `make_boot`
68 | 8. `make_boot_extra`
69 | 9. `make_syslinux`
70 | 10. `make_isolinux`
71 | 11. `make_efi`
72 | 12. `make_efiboot`
73 | 13. `make_prepare`
74 | 14. `make_imageinfo`
75 | 15. `make_iso`
76 |
--------------------------------------------------------------------------------
/VERSION:
--------------------------------------------------------------------------------
1 | 12.00+2.3.1
2 |
--------------------------------------------------------------------------------
/airootfs/etc/X11/xinit/xinitrc:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | [ -f ~/.xprofile ] && . ~/.xprofile
4 |
5 | exec /usr/bin/startxfce4
6 |
--------------------------------------------------------------------------------
/airootfs/etc/fstab:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nchevsky/systemrescue-zfs/023ef86591a00e0677d3019856770dba186af7a9/airootfs/etc/fstab
--------------------------------------------------------------------------------
/airootfs/etc/hostname:
--------------------------------------------------------------------------------
1 | sysrescue
2 |
--------------------------------------------------------------------------------
/airootfs/etc/initcpio/hooks/findroot:
--------------------------------------------------------------------------------
1 | run_hook() {
2 | [[ "${findroot}" == "y" ]] || return
3 |
4 | # Initialisation
5 | local newroot="/new_root"
6 | local rootdev=""
7 | local rootcount=0
8 | local menuchoices=""
9 | modprobe -a -q dm-crypt >/dev/null 2>&1
10 | echo "Searching for block devices ..."
11 | sleep 2
12 |
13 | # Prepare access to luks encrypted block devices
14 | local cryptdev="$(blkid -t TYPE='crypto_LUKS' -o device)"
15 | for curdev in ${cryptdev}
16 | do
17 | if cryptsetup isLuks ${curdev} >/dev/null 2>&1
18 | then
19 | echo "A passphrase is required to access device ${curdev}:"
20 | local cryptname="luks-${curdev##*/}"
21 | local cryptargs=""
22 | if ! cryptsetup open --type luks ${curdev} ${cryptname} ${cryptargs}; then
23 | if ! cryptsetup open --type luks ${curdev} ${cryptname} ${cryptargs}; then
24 | # each cryptsetup call offers 3 tries to enter a valid password
25 | # all 6 failed failed, so continue with the next device
26 | continue
27 | fi
28 | fi
29 | if [ ! -e "/dev/mapper/${cryptname}" ]
30 | then
31 | err "Password succeeded but ${cryptname} creation failed, aborting..."
32 | launch_interactive_shell --exec
33 | fi
34 | echo "Have successfully prepared access to encrypted device ${curdev}"
35 | fi
36 | done
37 |
38 | # Show list of accessible block devices
39 | echo "====================================================================="
40 | lsblk --list --paths --output=name,size,fstype,label
41 | echo "====================================================================="
42 | sleep 5
43 |
44 | # Attempt to find a filesystem which contains /sbin/init
45 | local devlist=$(lsblk --list --noheadings --paths --output=name)
46 | for curdev in ${devlist}
47 | do
48 | echo "Checking for ${init} on device ${curdev} ..."
49 | if mount -r ${curdev} ${newroot} 2>/dev/null
50 | then
51 | # check if /sbin is a symlink and if it is absolute or relative
52 | if test -L "${newroot}/sbin" && readlink "${newroot}/sbin" | grep -q "^/"
53 | then
54 | echo "Absolute /sbin symlink on device ${curdev}"
55 | echo "This usrmerge layout is currently not supported by findroot."
56 | umount ${newroot}
57 | continue
58 | fi
59 | if test -x ${newroot}/${init} || test -L ${newroot}/${init}
60 | then
61 | echo "Found ${init} on device ${curdev}"
62 | rootcount=$((rootcount + 1))
63 | menuchoices="${menuchoices} ${curdev} ${curdev}"
64 | fi
65 | umount ${newroot}
66 | fi
67 | done
68 |
69 | # Fail if no root filesystem has been found
70 | if [ ${rootcount} -eq 0 ]
71 | then
72 | err "Failed to find ${init} on any block device, cannot continue"
73 | launch_interactive_shell --exec
74 | fi
75 |
76 | # Get the user to select the device from which to start
77 | rootdev=$(whiptail --nocancel --title "Boot Linux OS from the disk" \
78 | --fb --menu "From which device do you want to boot ?" \
79 | --noitem 15 60 4 ${menuchoices} 3>&1 1>&2 2>&3)
80 |
81 | # Make sure the choice is a valid block device
82 | if ! lsblk --nodeps ${rootdev} >/dev/null 2>/dev/null
83 | then
84 | err "Choice ${rootdev} is not a valid block device"
85 | launch_interactive_shell --exec
86 | fi
87 |
88 | read -p "Press enter to boot from ${rootdev}"
89 |
90 | echo "Mounting device ${rootdev} ..."
91 | if ! mount ${rootdev} ${newroot}
92 | then
93 | err "Failed to mount ${rootdev} in read-write mode"
94 | launch_interactive_shell --exec
95 | fi
96 |
97 | rdlogger_stop
98 | exec env -i "TERM=$TERM" /usr/bin/switch_root ${newroot} ${init} "$@"
99 | }
100 |
--------------------------------------------------------------------------------
/airootfs/etc/initcpio/install/findroot:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | build() {
4 | add_module "dm-crypt"
5 | add_module "dm-integrity"
6 | add_all_modules "/crypto/"
7 |
8 | add_binary "lsblk"
9 | add_binary "whiptail"
10 | add_binary "cryptsetup"
11 | add_binary "dmsetup"
12 |
13 | # cryptsetup calls pthread_create(), which dlopen()s libgcc_s.so.1
14 | add_binary "/usr/lib/libgcc_s.so.1"
15 |
16 | add_runscript
17 | }
18 |
19 | help() {
20 | cat < %o
19 | #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
20 | #CleanMethod = KeepInstalled
21 | #UseDelta = 0.7
22 | Architecture = auto
23 |
24 | # SystemRescue offers 2 different set of repositories, snapshot and rolling.
25 | # You can switch between them on a per-command basis. So they need to store two
26 | # different sets of remote databases. /var/lib/pacman is used by the default
27 | # variant (snapshot), /var/lib/pacman-rolling/ for the rolling one.
28 | # The database of locally installed packages must be the same for both.
29 | # This is done by bind-mounting /var/lib/pacman-rolling/local
30 | DBPath = /var/lib/pacman-rolling/
31 |
32 | # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
33 | # Don't update the linux kernel of SystemRescue: can't be done from within the running system, breaks modules
34 | IgnorePkg = linux-lts
35 | #IgnoreGroup =
36 |
37 | #NoUpgrade =
38 | #NoExtract =
39 |
40 | # Misc options
41 | #UseSyslog
42 | #Color
43 | #TotalDownload
44 | # We cannot check disk space from within a chroot environment
45 | #CheckSpace
46 | #VerbosePkgLists
47 |
48 | # By default, pacman accepts packages signed by keys that its local keyring
49 | # trusts (see pacman-key and its man page), as well as unsigned packages.
50 | SigLevel = Required DatabaseOptional
51 | LocalFileSigLevel = Optional
52 | #RemoteFileSigLevel = Required
53 |
54 | # NOTE: You must run `pacman-key --init` before first using pacman; the local
55 | # keyring can then be populated with the keys of all official Arch Linux
56 | # packagers with `pacman-key --populate archlinux`.
57 |
58 | #
59 | # REPOSITORIES
60 | # - can be defined here or included from another file
61 | # - pacman will search repositories in the order defined here
62 | # - local/custom mirrors can be added here or in separate files
63 | # - repositories listed first will take precedence when packages
64 | # have identical names, regardless of version number
65 | # - URLs will have $repo replaced by the name of the current repo
66 | # - URLs will have $arch replaced by the name of the architecture
67 | #
68 | # Repository entries are of the format:
69 | # [repo-name]
70 | # Server = ServerName
71 | # Include = IncludePath
72 | #
73 | # The header [repo-name] is crucial - it must be present and
74 | # uncommented to enable the repo.
75 | #
76 |
77 | ##################
78 | # SystemRescue
79 | ##################
80 | # offers 2 different set of repositories, snapshot (the default) and rolling.
81 | # With snapshot you get the packages at the moment of SystemRescue release
82 | # rolling is the traditional rolling-release repository of Arch
83 | #
84 | # You can switch on a per-command basis like this:
85 | # pacman --config /etc/pacman-rolling.conf
86 | #
87 | # or you can change the /etc/pacman.conf symlink for a permanent change
88 |
89 | [core]
90 | Include = /etc/pacman.d/mirrorlist
91 |
92 | [extra]
93 | Include = /etc/pacman.d/mirrorlist
94 |
95 |
--------------------------------------------------------------------------------
/airootfs/etc/pacman-snapshot.conf:
--------------------------------------------------------------------------------
1 | #
2 | # /etc/pacman.conf
3 | #
4 | # See the pacman.conf(5) manpage for option and repository directives
5 |
6 | #
7 | # GENERAL OPTIONS
8 | #
9 | [options]
10 | # The following paths are commented out with their default values listed.
11 | # If you wish to use different paths, uncomment and update the paths.
12 | #RootDir = /
13 | #DBPath = /var/lib/pacman/
14 | #CacheDir = /var/cache/pacman/pkg/
15 | #LogFile = /var/log/pacman.log
16 | #GPGDir = /etc/pacman.d/gnupg/
17 | #HookDir = /etc/pacman.d/hooks/
18 | HoldPkg = pacman glibc
19 | #XferCommand = /usr/bin/curl -C - -f %u > %o
20 | #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
21 |
22 | # wrap downloading in a faketime call that uses the real "today" as date
23 | # this is to counter the faketime date introduced when running "pacman-faketime"
24 | # necessary to deal with TLS certificate lifetimes
25 | XferCommand = /usr/bin/faketime "today" /usr/bin/curl --continue-at - --output "%o" --fail --location "%u"
26 |
27 | #CleanMethod = KeepInstalled
28 | #UseDelta = 0.7
29 | Architecture = auto
30 |
31 | # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
32 | #IgnorePkg =
33 | #IgnoreGroup =
34 |
35 | #NoUpgrade =
36 | #NoExtract =
37 |
38 | # Misc options
39 | #UseSyslog
40 | #Color
41 | #TotalDownload
42 | # We cannot check disk space from within a chroot environment
43 | #CheckSpace
44 | #VerbosePkgLists
45 |
46 | # By default, pacman accepts packages signed by keys that its local keyring
47 | # trusts (see pacman-key and its man page), as well as unsigned packages.
48 | SigLevel = Required DatabaseOptional
49 | LocalFileSigLevel = Optional
50 | #RemoteFileSigLevel = Required
51 |
52 | # NOTE: You must run `pacman-key --init` before first using pacman; the local
53 | # keyring can then be populated with the keys of all official Arch Linux
54 | # packagers with `pacman-key --populate archlinux`.
55 |
56 | #
57 | # REPOSITORIES
58 | # - can be defined here or included from another file
59 | # - pacman will search repositories in the order defined here
60 | # - local/custom mirrors can be added here or in separate files
61 | # - repositories listed first will take precedence when packages
62 | # have identical names, regardless of version number
63 | # - URLs will have $repo replaced by the name of the current repo
64 | # - URLs will have $arch replaced by the name of the architecture
65 | #
66 | # Repository entries are of the format:
67 | # [repo-name]
68 | # Server = ServerName
69 | # Include = IncludePath
70 | #
71 | # The header [repo-name] is crucial - it must be present and
72 | # uncommented to enable the repo.
73 | #
74 |
75 | ##################
76 | # SystemRescue
77 | ##################
78 | # offers 2 different set of repositories, snapshot (the default) and rolling.
79 | # With snapshot you get the packages at the moment of SystemRescue release
80 | # rolling is the traditional rolling-release repository of Arch
81 | #
82 | # You can switch on a per-command basis like this:
83 | # pacman --config /etc/pacman-rolling.conf
84 | #
85 | # or you can change the /etc/pacman.conf symlink for a permanent change
86 |
87 | [core]
88 | Include = /etc/pacman.d/mirrorlist-snapshot
89 |
90 | [extra]
91 | Include = /etc/pacman.d/mirrorlist-snapshot
92 |
93 |
--------------------------------------------------------------------------------
/airootfs/etc/profile.d/env-path.sh:
--------------------------------------------------------------------------------
1 | # /sbin is not used on ArchLinux but it is often required in chroot
2 | # also support chrooting on older systems without usrmerge (/usr/sbin and /bin)
3 | export PATH=${PATH}:/sbin:/usr/sbin:/bin:/usr/share/sysrescue/bin/
4 |
--------------------------------------------------------------------------------
/airootfs/etc/skel/.bashrc:
--------------------------------------------------------------------------------
1 | #
2 | # ~/.bashrc
3 | #
4 |
5 | PS1="\[\e[1;94m\][\u@\h \w]\\$\[\e[0m\] "
6 |
7 | alias ls='ls --color=auto'
8 | alias ll='ls --color=auto -lah'
9 | alias mydf='df -hPT | column -t'
10 | alias mylsblk='lsblk -o name,size,fstype,label,model'
11 |
12 |
--------------------------------------------------------------------------------
/airootfs/etc/sysctl.d/sysrescue.conf:
--------------------------------------------------------------------------------
1 | kernel.printk = 1 4 1 7
2 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/network/20-ethernet.network:
--------------------------------------------------------------------------------
1 | [Match]
2 | Name=en*
3 | Name=eth*
4 |
5 | [Network]
6 | DHCP=yes
7 | IPv6PrivacyExtensions=yes
8 |
9 | [DHCP]
10 | RouteMetric=512
11 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/network/20-wireless.network:
--------------------------------------------------------------------------------
1 | [Match]
2 | Name=wlp*
3 | Name=wlan*
4 |
5 | [Network]
6 | DHCP=yes
7 | IPv6PrivacyExtensions=yes
8 |
9 | [DHCP]
10 | RouteMetric=1024
11 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/scripts/choose-mirror:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | get_cmdline() {
4 | local param
5 | for param in $(< /proc/cmdline); do
6 | case "${param}" in
7 | $1=*) echo "${param##*=}";
8 | return 0
9 | ;;
10 | esac
11 | done
12 | }
13 |
14 | mirror=$(get_cmdline mirror)
15 | [[ $mirror = auto ]] && mirror=$(get_cmdline archiso_http_srv)
16 | [[ $mirror ]] || exit 0
17 |
18 | mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig
19 | cat >/etc/pacman.d/mirrorlist << EOF
20 | #
21 | # Arch Linux repository mirrorlist
22 | # Generated by archiso
23 | #
24 |
25 | Server = ${mirror%%/}/\$repo/os/\$arch
26 | EOF
27 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/scripts/sysrescue-initialize-prenet:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python3
2 | #
3 | # initialize SystemRescue, do the parts that must be finished before networking is started
4 | # Keep as short as possible, move non-critical parts to -whilenet to not block the boot unnecessarily
5 | #
6 | # SPDX-License-Identifier: GPL-3.0-or-later
7 |
8 | import subprocess
9 | import json
10 | import glob
11 | import os
12 | import sys
13 | import re
14 | import tempfile
15 | import functools
16 | import configparser
17 |
18 | # flush stdout buffer after each print call: immediately show the user what is going on
19 | print = functools.partial(print, flush=True)
20 |
21 | def strtobool (val):
22 | """Convert a string representation of truth to true (1) or false (0).
23 |
24 | True values are 'y', 'yes', 't', 'true', 'on', '1', '1.0'; false values
25 | are 'n', 'no', 'f', 'false', 'off', '0', '0.0'. Raises ValueError if
26 | 'val' is anything else.
27 |
28 | Function adapted from Pythons distutils.util.py because it will be deprecated soon
29 | Copyright (c) Python Software Foundation; All Rights Reserved
30 | """
31 | val = str(val).lower()
32 | if val in ('y', 'yes', 't', 'true', 'on', '1', '1.0'):
33 | return True
34 | elif val in ('n', 'no', 'f', 'false', 'off', '0', '0.0'):
35 | return False
36 | else:
37 | raise ValueError("invalid truth value %r" % (val,))
38 |
39 | # ==============================================================================
40 | # Initialization
41 | # ==============================================================================
42 | print(f"====> Script {sys.argv[0]} starting ...")
43 | errcnt = 0
44 |
45 | # ==============================================================================
46 | # Read the effective configuration file
47 | # ==============================================================================
48 | print(f"====> Read the effective configuration file ...")
49 | effectivecfg = "/run/archiso/config/sysrescue-effective-config.json"
50 | if os.path.exists(effectivecfg) == False:
51 | print (f"Failed to find effective configuration file in {effectivecfg}")
52 | sys.exit(1)
53 |
54 | with open(effectivecfg) as file:
55 | config = json.load(file)
56 |
57 | # ==============================================================================
58 | # Sanitize config, initialize variables
59 | # Make sysrescue-initialize work safely without them being defined or have a wrong type
60 | # Also show the effective configuration
61 | # ==============================================================================
62 | print(f"====> Showing the effective global configuration (except clear passwords) ...")
63 |
64 | def read_cfg_value(scope, name, defaultval, printval):
65 | if not scope in config:
66 | val = defaultval
67 | elif name in config[scope]:
68 | chkval = config[scope][name]
69 | try:
70 | if isinstance(chkval, list) or isinstance(chkval, dict):
71 | raise TypeError(f"must be a {type(defaultval)}, not a {type(chkval)}")
72 | elif isinstance(defaultval, bool) and not isinstance(chkval, bool):
73 | val = strtobool(chkval)
74 | else:
75 | val = type(defaultval)(chkval)
76 | except (TypeError, ValueError) as e:
77 | if printval:
78 | print(f"config['{scope}']['{name}'] with {chkval} is not the same type as defaultval: {e}")
79 | else:
80 | print(f"config['{scope}']['{name}'] is not the same type as defaultval: {e}")
81 | val = defaultval
82 | else:
83 | val = defaultval
84 |
85 | if printval:
86 | print(f"config['{scope}']['{name}']={val}")
87 |
88 | return val
89 |
90 | nofirewall = read_cfg_value('global','nofirewall', False, True)
91 |
92 | # ==============================================================================
93 | # Apply the effective configuration
94 | # ==============================================================================
95 | print(f"====> Applying pre-network configuration ...")
96 |
97 | # Disable the firewall
98 | if nofirewall == True:
99 | # The firewall service(s) must be in the Before-section of sysrescue-initialize-prenet.service
100 | p = subprocess.run(["systemctl", "disable", "--now", "iptables.service", "ip6tables.service"], text=True)
101 | if p.returncode == 0:
102 | print (f"Have disabled the firewall successfully")
103 | else:
104 | print (f"Failed to disable the firewall")
105 | errcnt+=1
106 |
107 | # ==============================================================================
108 | # customize sysctl
109 | # Should be pre-network to allow tweaking network-specific sysctls
110 | # ==============================================================================
111 |
112 | if 'sysconfig' in config and 'sysctl' in config['sysconfig'] and \
113 | config['sysconfig']['sysctl'] and isinstance(config['sysconfig']['sysctl'], dict):
114 | print(f"====> Customizing sysctl options ...")
115 | sysctllines = ""
116 | for key, value in config['sysconfig']['sysctl'].items():
117 | sysctllines+=f"{key} = {value}\n"
118 |
119 | # pipe config into sysctl
120 | p = subprocess.run(["sysctl", "--load=-"], text=True, input=sysctllines)
121 | if p.returncode != 0:
122 | print (f"Some or all sysctl options couldn't be set")
123 | errcnt+=1
124 |
125 | # ==============================================================================
126 | # configure hosts file
127 | # Should be pre-network to be available throughout the whole network setup
128 | # ==============================================================================
129 |
130 | if 'sysconfig' in config and 'hosts' in config['sysconfig'] and \
131 | config['sysconfig']['hosts'] and isinstance(config['sysconfig']['hosts'], dict):
132 | print(f"====> Configuring /etc/hosts ...")
133 |
134 | try:
135 | # append all our entries to the hosts file
136 | with open("/etc/hosts", "a") as hostsfile:
137 | # key is the IPv4/IPv6, value the hostname(s)
138 | for ip, hostname in config['sysconfig']['hosts'].items():
139 | hostsfile.write(f"{ip}\t{hostname}\n")
140 | hostsfile.close()
141 |
142 | except Exception as e:
143 | print(e)
144 | errcnt+=1
145 |
146 | # ==============================================================================
147 | # End of the script
148 | # ==============================================================================
149 | print(f"====> Script {sys.argv[0]} completed with {errcnt} errors ...")
150 | sys.exit(errcnt)
151 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/NetworkManager-wait-online.service.d/sysrescue.conf:
--------------------------------------------------------------------------------
1 | [Service]
2 | Environment=NM_ONLINE_TIMEOUT=20
3 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/choose-mirror.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Choose mirror from the kernel command line
3 | ConditionKernelCommandLine=mirror
4 |
5 | [Service]
6 | Type=oneshot
7 | ExecStart=/etc/systemd/scripts/choose-mirror
8 |
9 | [Install]
10 | WantedBy=multi-user.target
11 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/getty@.service.d/10-autologin.conf:
--------------------------------------------------------------------------------
1 | [Service]
2 | ExecStart=
3 | ExecStart=-/sbin/agetty --autologin root --login-options '-p -f -- \\u' --noclear - $TERM
4 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/serial-getty@.service.d/10-autologin.conf:
--------------------------------------------------------------------------------
1 | [Service]
2 | ExecStart=
3 | ExecStart=-/sbin/agetty --autologin root --login-options '-p -f -- \\u' --keep-baud 115200,57600,38400,9600 - $TERM
4 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/sysrescue-autorun.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=SystemRescue Autorun
3 | After=network.target network-online.target sysrescue-initialize-whilenet.service
4 | Before=getty-pre.target
5 | Wants=getty-pre.target network-online.target
6 |
7 | [Service]
8 | Type=oneshot
9 | ExecStart=/etc/systemd/scripts/sysrescue-autorun
10 | RemainAfterExit=true
11 | StandardInput=tty
12 | StandardOutput=tty
13 |
14 | [Install]
15 | WantedBy=multi-user.target
16 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/sysrescue-initialize-prenet.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=SystemRescue Initialization, before networking
3 | Before=network-pre.target iptables.service ip6tables.service sysrescue-initialize-whilenet.service
4 | Wants=network-pre.target sysrescue-initialize-whilenet.service
5 |
6 | [Service]
7 | Type=oneshot
8 | ExecStart=/etc/systemd/scripts/sysrescue-initialize-prenet
9 | RemainAfterExit=true
10 | StandardOutput=journal+console
11 |
12 | [Install]
13 | WantedBy=multi-user.target
14 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/sysrescue-initialize-whilenet.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=SystemRescue Initialization, parallel to networking
3 | Before=getty-pre.target
4 | Wants=getty-pre.target
5 | After=sysrescue-initialize-prenet.service
6 |
7 | [Service]
8 | Type=oneshot
9 | ExecStart=/etc/systemd/scripts/sysrescue-initialize-whilenet
10 | RemainAfterExit=true
11 | StandardOutput=journal+console
12 |
13 | [Install]
14 | WantedBy=multi-user.target
15 |
--------------------------------------------------------------------------------
/airootfs/etc/systemd/system/var-lib-pacman\x2drolling-local.mount:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Bind mount /var/lib/pacman-rolling/local to allow easy switching between snapshot/rolling repos
3 | # See /etc/pacman-rolling.conf for details
4 |
5 | [Mount]
6 | What=/var/lib/pacman/local
7 | Where=/var/lib/pacman-rolling/local
8 | Type=none
9 | Options=bind
10 |
11 | [Install]
12 | WantedBy=multi-user.target
13 |
--------------------------------------------------------------------------------
/airootfs/etc/tmpfiles.d/gui_autostart.conf:
--------------------------------------------------------------------------------
1 | # prepare a directory for gui desktop autostart files
2 |
3 | d- /root :0700 root :root -
4 | d- /root/.config :0755 root :root -
5 | d- /root/.config/autostart :0755 root :root -
6 |
--------------------------------------------------------------------------------
/airootfs/etc/tmpfiles.d/ssh_authorized_keys.conf:
--------------------------------------------------------------------------------
1 | # create an empty /root/.ssh/authorized_keys file with correct permissions
2 | # this makes adding a key easier since the correct permissions are already set
3 | #
4 | # this builds upon /usr/lib/tmpfiles.d/provision.conf
5 | # and supports adding entries via https://systemd.io/CREDENTIALS/
6 | #
7 | # See tmpfiles.d(5) for details
8 | #
9 |
10 | # Provision SSH key for root
11 | d- /root :0700 root :root -
12 | d- /root/.ssh :0700 root :root -
13 | f /root/.ssh/authorized_keys :0600 root :root -
14 | w+^ /root/.ssh/authorized_keys :0600 root :root - ssh.authorized_keys.root
15 |
--------------------------------------------------------------------------------
/airootfs/etc/vconsole.conf:
--------------------------------------------------------------------------------
1 | FONT=eurlatgr
2 |
--------------------------------------------------------------------------------
/airootfs/etc/xdg/menus/xfce-applications.menu:
--------------------------------------------------------------------------------
1 |
3 |
4 |
127 |
--------------------------------------------------------------------------------
/airootfs/etc/xdg/menus/xfce-applications.orig:
--------------------------------------------------------------------------------
1 |
3 |
4 |
164 |
--------------------------------------------------------------------------------
/airootfs/opt/firefox-esr/defaults/pref/local-settings.js:
--------------------------------------------------------------------------------
1 | pref("general.config.filename", "sysrescue.js");
2 | pref("general.config.obscure_value", 0);
3 |
--------------------------------------------------------------------------------
/airootfs/opt/firefox-esr/distribution/policies.json:
--------------------------------------------------------------------------------
1 | {
2 | "policies": {
3 | "DisableAppUpdate": true,
4 | "DisableFirefoxStudies": true,
5 | "DisableTelemetry": true,
6 | "SearchEngines": {
7 | "Default": "DuckDuckGo"
8 | }
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/airootfs/opt/firefox-esr/sysrescue.js:
--------------------------------------------------------------------------------
1 | // Ensure preference can't be changed by users
2 | lockPref("app.update.auto", false);
3 | lockPref("app.update.enabled", false);
4 | lockPref("intl.locale.matchOS", true);
5 | // Allow user to change based on needs
6 | defaultPref("browser.display.use_system_colors", true);
7 | defaultPref("spellchecker.dictionary_path", "/usr/share/myspell");
8 | defaultPref("browser.shell.checkDefaultBrowser", false);
9 | // Preferences that should be reset every session
10 | pref("browser.EULA.override", true);
11 | // SystemRescue settings
12 | pref("browser.startup.homepage_override.mstone", "ignore");
13 | pref("browser.startup.homepage", "about:home");
14 | // disable Firefox telemetry and surveys, don't annoy the user with it
15 | pref("app.shield.optoutstudies.enabled", false);
16 | pref("datareporting.healthreport.uploadEnabled", false);
17 | pref("datareporting.policy.dataSubmissionEnabled", false);
18 | pref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
19 | // don't ever use DNS-over-HTTPS, we always want use the local resolver
20 | // this is necessary for being able to resolve local hostnames e.g. in a split dns setup
21 | // 5 means "off by choice"
22 | pref("network.trr.mode", 5);
23 | // disable advertising
24 | pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
25 | pref("browser.newtabpage.activity-stream.showSponsored", false);
26 | // disable "pocket" icon to not clutter the interface
27 | pref("extensions.pocket.enabled", false);
28 |
--------------------------------------------------------------------------------
/airootfs/root/.Xauthority:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nchevsky/systemrescue-zfs/023ef86591a00e0677d3019856770dba186af7a9/airootfs/root/.Xauthority
--------------------------------------------------------------------------------
/airootfs/root/.config/mimeapps.list:
--------------------------------------------------------------------------------
1 | [Default Applications]
2 | application/pdf=org.gnome.Epiphany.desktop
3 | x-scheme-handler/http=org.gnome.Epiphany.desktop
4 | x-scheme-handler/https=org.gnome.Epiphany.desktop
5 |
--------------------------------------------------------------------------------
/airootfs/root/.config/remmina/remmina.pref:
--------------------------------------------------------------------------------
1 | [remmina_news]
2 | periodic_news_permitted=false
3 | periodic_rmnews_last_get=0
4 | periodic_rmnews_get_count=1
5 | periodic_rmnews_uuid_prefix=
6 |
--------------------------------------------------------------------------------
/airootfs/root/.config/systemd/user/pulseaudio.service.d/sysrescue.conf:
--------------------------------------------------------------------------------
1 | [Unit]
2 | ConditionUser=
3 |
--------------------------------------------------------------------------------
/airootfs/root/.config/systemd/user/pulseaudio.socket.d/sysrescue.conf:
--------------------------------------------------------------------------------
1 | [Unit]
2 | ConditionUser=
3 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/helpers.rc:
--------------------------------------------------------------------------------
1 | WebBrowser=epiphany
2 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/panel/launcher-11/15867834691.desktop:
--------------------------------------------------------------------------------
1 | [Desktop Entry]
2 | Name=Manual
3 | Comment=SystemRescue manual
4 | Exec=epiphany file:///usr/share/sysrescue/html/manual/index.html
5 | Icon=help-browser
6 | Terminal=false
7 | Type=Application
8 | MimeType=text/plain;
9 | Categories=Utility;
10 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/panel/launcher-2/15552315631.desktop:
--------------------------------------------------------------------------------
1 | [Desktop Entry]
2 | Version=1.0
3 | Name=Xfce Terminal
4 | Comment=Terminal Emulator
5 | GenericName=Terminal Emulator
6 | Exec=xfce4-terminal
7 | Icon=utilities-terminal
8 | Terminal=false
9 | Type=Application
10 | Categories=GTK;System;TerminalEmulator;
11 | StartupNotify=true
12 | X-XFCE-Source=file:///usr/share/applications/xfce4-terminal.desktop
13 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/panel/launcher-3/15552315792.desktop:
--------------------------------------------------------------------------------
1 | [Desktop Entry]
2 | Name=Firefox ESR
3 | GenericName=Web Browser
4 | Icon=firefox-esr
5 | Type=Application
6 | Categories=Application;Network;
7 | MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;x-scheme-handler/http;x-scheme-handler/https;
8 | Encoding=UTF-8
9 | Exec=firefox-esr %u
10 | Terminal=false
11 | MultipleArgs=false
12 | StartupNotify=false
13 | StartupWMClass=Firefox
14 | X-XFCE-Source=file:///usr/share/applications/firefox-esr.desktop
15 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/panel/launcher-4/15552315973.desktop:
--------------------------------------------------------------------------------
1 | [Desktop Entry]
2 | Name=GParted
3 | GenericName=Partition Editor
4 | X-GNOME-FullName=GParted Partition Editor
5 | Comment=Create, reorganize, and delete partitions
6 | Exec=/usr/bin/gparted %f
7 | Icon=gparted
8 | Terminal=false
9 | Type=Application
10 | Categories=GNOME;System;Filesystem;
11 | Keywords=Partition;
12 | StartupNotify=true
13 | X-XFCE-Source=file:///usr/share/applications/gparted.desktop
14 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/panel/launcher-5/15552316104.desktop:
--------------------------------------------------------------------------------
1 | [Desktop Entry]
2 | Name=Mousepad
3 | GenericName=Text Editor
4 | Comment=Simple Text Editor
5 | Exec=mousepad
6 | Icon=org.xfce.mousepad
7 | Terminal=false
8 | Type=Application
9 | MimeType=text/plain;
10 | Categories=Utility;TextEditor;
11 | X-KDE-StartupNotify=false;
12 | Keywords=Text;Editor;Plaintext;
13 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/terminal/terminalrc:
--------------------------------------------------------------------------------
1 | [Configuration]
2 | AccelNewTab=t
3 | AccelNewWindow=n
4 | AccelDetachTab=d
5 | AccelCloseTab=w
6 | AccelCloseWindow=q
7 | AccelCopy=c
8 | AccelPaste=v
9 | AccelPreferences=Disabled
10 | AccelShowMenubar=Disabled
11 | AccelShowToolbars=Disabled
12 | AccelShowBorders=Disabled
13 | AccelFullscreen=F11
14 | AccelSetTitle=Disabled
15 | AccelReset=Disabled
16 | AccelResetAndClear=Disabled
17 | AccelPrevTab=Page_Up
18 | AccelNextTab=Page_Down
19 | AccelSwitchToTab1=1
20 | AccelSwitchToTab2=2
21 | AccelSwitchToTab3=3
22 | AccelSwitchToTab4=4
23 | AccelSwitchToTab5=5
24 | AccelSwitchToTab6=6
25 | AccelSwitchToTab7=7
26 | AccelSwitchToTab8=8
27 | AccelSwitchToTab9=9
28 | AccelContents=F1
29 | BackgroundMode=TERMINAL_BACKGROUND_SOLID
30 | BackgroundImageFile=
31 | BackgroundImageStyle=TERMINAL_BACKGROUND_STYLE_TILED
32 | BackgroundDarkness=0.500000
33 | BindingBackspace=TERMINAL_ERASE_BINDING_AUTO
34 | BindingDelete=TERMINAL_ERASE_BINDING_AUTO
35 | ColorForeground=#ffffffffffff
36 | ColorBackground=#000000000000
37 | ColorCursor=#000000000000
38 | ColorSelection=White
39 | ColorSelectionUseDefault=TRUE
40 | ColorPalette1=#000000000000
41 | ColorPalette2=#aaaa00000000
42 | ColorPalette3=#0000aaaa0000
43 | ColorPalette4=#aaaa55550000
44 | ColorPalette5=#00000000aaaa
45 | ColorPalette6=#aaaa0000aaaa
46 | ColorPalette7=#0000aaaaaaaa
47 | ColorPalette8=#aaaaaaaaaaaa
48 | ColorPalette9=#555555555555
49 | ColorPalette10=#ffff55555555
50 | ColorPalette11=#5555ffff5555
51 | ColorPalette12=#ffffffff5555
52 | ColorPalette13=#55555555ffff
53 | ColorPalette14=#ffff5555ffff
54 | ColorPalette15=#5555ffffffff
55 | ColorPalette16=#ffffffffffff
56 | CommandUpdateRecords=TRUE
57 | CommandLoginShell=FALSE
58 | FontAllowBold=TRUE
59 | FontAntiAlias=TRUE
60 | FontName=Monospace 10
61 | MiscAlwaysShowTabs=FALSE
62 | MiscBell=FALSE
63 | MiscBordersDefault=TRUE
64 | MiscCursorBlinks=FALSE
65 | MiscDefaultGeometry=80x24
66 | MiscInheritGeometry=FALSE
67 | MiscMenubarDefault=TRUE
68 | MiscMouseAutohide=FALSE
69 | MiscToolbarsDefault=TRUE
70 | MiscConfirmClose=TRUE
71 | MiscCycleTabs=TRUE
72 | MiscTabCloseButtons=TRUE
73 | MiscTabPosition=GTK_POS_TOP
74 | MiscHighlightUrls=TRUE
75 | ScrollingBar=TERMINAL_SCROLLBAR_RIGHT
76 | ScrollingLines=32768
77 | ScrollingOnOutput=TRUE
78 | ScrollingOnKeystroke=TRUE
79 | ScrollingSingleLine=TRUE
80 | ShortcutsNoMenukey=TRUE
81 | ShortcutsNoMnemonics=FALSE
82 | TitleInitial=Terminal
83 | TitleMode=TERMINAL_TITLE_APPEND
84 | Term=xterm
85 | VteWorkaroundTitleBug=TRUE
86 | WordChars=-A-Za-z0-9,./?%&#:_~
87 |
88 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/keyboards.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
104 |
105 |
106 |
107 |
108 |
109 |
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 |
118 |
119 |
120 |
121 |
122 |
123 |
124 |
125 |
126 |
127 |
128 |
129 |
130 |
131 |
132 |
133 |
134 |
135 |
136 |
137 |
138 |
139 |
140 |
141 |
142 |
143 |
144 |
145 |
146 |
147 |
148 |
149 |
150 |
151 |
152 |
153 |
154 |
155 |
156 |
157 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-session.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/airootfs/root/.config/xfce4/xfconf/xfce-perchannel-xml/xfwm4.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
--------------------------------------------------------------------------------
/airootfs/root/.hushlogin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nchevsky/systemrescue-zfs/023ef86591a00e0677d3019856770dba186af7a9/airootfs/root/.hushlogin
--------------------------------------------------------------------------------
/airootfs/root/.local/share/xfce4/helpers/custom-WebBrowser.desktop:
--------------------------------------------------------------------------------
1 | [Desktop Entry]
2 | NoDisplay=true
3 | Version=1.0
4 | Encoding=UTF-8
5 | Type=X-XFCE-Helper
6 | X-XFCE-Category=WebBrowser
7 | X-XFCE-CommandsWithParameter=firefox-esr "%s"
8 | Icon=firefox-esr
9 | Name=firefox-esr
10 | X-XFCE-Commands=firefox-esr
11 |
12 |
--------------------------------------------------------------------------------
/airootfs/root/customize_airootfs.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | set -e -u
4 |
5 | echo "customize_airootfs.sh started..."
6 |
7 | sed -i 's/#\(en_US\.UTF-8\)/\1/' /etc/locale.gen
8 | locale-gen
9 |
10 | ln -sf /usr/share/zoneinfo/UTC /etc/localtime
11 |
12 | cp -aT /etc/skel/ /root/
13 |
14 | # Permissions
15 | chmod 750 /root
16 | chmod 755 /etc/systemd/scripts/*
17 |
18 | # Configuration
19 | sed -i 's/#\(PermitRootLogin \).\+/\1yes\nAllowUsers root/' /etc/ssh/sshd_config
20 | sed -i 's/#\(PermitEmptyPasswords \).\+/\1no/' /etc/ssh/sshd_config
21 | sed -i "s/#Server/Server/g" /etc/pacman.d/mirrorlist
22 | sed -i 's/#\(Storage=\)auto/\1volatile/' /etc/systemd/journald.conf
23 | sed -i 's/#\(Audit=\)yes/\1no/' /etc/systemd/journald.conf
24 |
25 | sed -i 's/#\(HandleSuspendKey=\)suspend/\1ignore/' /etc/systemd/logind.conf
26 | sed -i 's/#\(HandleHibernateKey=\)hibernate/\1ignore/' /etc/systemd/logind.conf
27 | sed -i 's/#\(HandleLidSwitch=\)suspend/\1ignore/' /etc/systemd/logind.conf
28 |
29 | # config symlink
30 | mkdir -p /etc/sysrescue/
31 | ln -sf /run/archiso/config/sysrescue-effective-config.json /etc/sysrescue/sysrescue-effective-config.json
32 |
33 | # Services
34 | systemctl enable NetworkManager.service
35 | systemctl enable iptables.service
36 | systemctl enable ip6tables.service
37 | systemctl enable choose-mirror.service
38 | systemctl enable sshd.service
39 | systemctl enable sysrescue-initialize-prenet.service
40 | systemctl enable sysrescue-initialize-whilenet.service
41 | systemctl enable sysrescue-autorun.service
42 | systemctl enable var-lib-pacman\\x2drolling-local.mount
43 | systemctl set-default multi-user.target
44 |
45 | # Mask irrelevant timer units (#140)
46 | systemctl mask atop-rotate.timer
47 | systemctl mask shadow.timer
48 | systemctl mask man-db.timer
49 | systemctl mask updatedb.timer
50 | systemctl mask archlinux-keyring-wkd-sync.timer
51 |
52 | # ldconfig ("Rebuild Dynamic Linker Cache") unnecessarily slows down boot some time after the release
53 | systemctl mask ldconfig.service
54 |
55 | # systemd-gpt-auto-generator could automatically mount filesystems given the right config. Prevent that.
56 | mkdir -p /etc/systemd/system-generators/
57 | ln -sf /dev/null /etc/systemd/system-generators/systemd-gpt-auto-generator
58 |
59 | # setup pacman signing key storage
60 | /usr/bin/pacman-key --init
61 | pacman-key --recv-keys 3A9917BF0DED5C13F69AC68FABEC0A1208037BE9 DDF7DB817396A49B2A2723F7403BD972F75D9D76 # archzfs (experimental, stable)
62 | pacman-key --lsign-key 3A9917BF0DED5C13F69AC68FABEC0A1208037BE9 # archzfs (experimental)
63 | pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76 # archzfs (stable)
64 | /usr/bin/pacman-key --populate
65 | rm -f /etc/pacman.d/gnupg/*~
66 |
67 | echo "" >>/etc/pacman.d/gnupg/gpg.conf
68 | echo "# disable caching & trustdb regeneration to be able to use pacman with faketime in the pacman-faketime wrapper" >>/etc/pacman.d/gnupg/gpg.conf
69 | echo "no-sig-cache" >>/etc/pacman.d/gnupg/gpg.conf
70 | echo "no-auto-check-trustdb" >>/etc/pacman.d/gnupg/gpg.conf
71 |
72 | # get a list of all packages from sysrescuerepo to exclude them from reinstall by yay-prepare
73 | mkdir -p /usr/share/sysrescue/lib/
74 | pacman -Sl sysrescuerepo | sed -e "s/^sysrescuerepo //" \
75 | | sed -e "s/\[installed.*\]//" >/usr/share/sysrescue/lib/yay-prepare-exclude
76 |
77 | # Cleanup
78 | # ATTENTION: adapt airootfs/usr/share/sysrescue/bin/yay-prepare when deleting anything that
79 | # could be required for building packages
80 | find /usr/lib -type f -name '*.py[co]' -delete -o -type d -name __pycache__ -delete
81 | find /usr/lib -type f,l -name '*.a' -delete
82 | rm -rf /usr/lib/{libgo.*,libgphobos.*,libgfortran.*}
83 | rm -rf /usr/share/gtk-doc /usr/share/doc /usr/share/keepassxc/docs/*.pdf
84 | rm -rf /usr/share/keepassxc/translations
85 | rm -rf /usr/share/help/*/ghex/
86 | rm -rf /usr/share/gir*
87 | rm -rf /usr/include
88 | rm -rf /usr/share/man/man3
89 |
90 | # save some more space by removing large & unnecessary files
91 | rm -f /lib/modules/*/vmlinuz
92 | rm -f /usr/share/grub/themes/starfield/starfield.png
93 | rm -f /usr/share/keepassxc/docs/*
94 | rm -f /usr/share/qt6/translations/*
95 | rm -f /usr/share/qt/translations/*
96 |
97 | # Cleanup XFCE menu
98 | sed -i '2 i NoDisplay=true' /usr/share/applications/{xfce4-mail-reader,xfce4-web-browser}.desktop
99 | sed -i "s/^\(Categories=\).*\$/Categories=Utility;/" /usr/share/applications/{*ristretto*,*GHex*}.desktop
100 |
101 | # nm-applet with application indicator enabled gives better integration with xfce4-panel's systray
102 | mkdir -p /usr/local/share/applications/
103 | sed 's/^Exec=nm-applet$/& --indicator/' /usr/share/applications/nm-applet.desktop > /usr/local/share/applications/nm-applet.desktop
104 |
105 | # Remove large/irrelevant firmwares
106 | rm -rf /usr/lib/firmware/{liquidio,netronome,mellanox,mrvl/prestera,qcom}
107 |
108 | # Remove extra locales
109 | if [ -x /usr/bin/localepurge ]
110 | then
111 | echo -e "MANDELETE\nDONTBOTHERNEWLOCALE\nSHOWFREEDSPACE\nen\nen_US\nen_US.UTF-8" > /etc/locale.nopurge
112 | /usr/bin/localepurge
113 | fi
114 |
115 | # remove ZFS build dependencies
116 | if [ ! -L "/etc/pacman.d/hooks/71-dkms-remove.hook" ]; then
117 | mkdir -p /etc/pacman.d/hooks
118 | ln -s /dev/null /etc/pacman.d/hooks/71-dkms-remove.hook # suppress automatic removal of zfs-dkms
119 | fi
120 | pacman --noconfirm -Rdds dkms linux-lts-headers || true
121 | rm /etc/pacman.d/hooks/71-dkms-remove.hook
122 |
123 | # Update pacman.conf
124 | sed -i -e '/# ==== BEGIN sysrescuerepo ====/,/# ==== END sysrescuerepo ====/d' /etc/pacman.conf
125 |
126 | # Check for issues with binaries
127 | /usr/bin/check-binaries.sh
128 |
129 | # Customizations
130 | /usr/bin/updatedb
131 |
132 | # Packages
133 | pacman -Q > /root/packages-list.txt
134 | expac -H M -s "%-30n %m" | sort -rhk 2 > /root/packages-size.txt
135 |
--------------------------------------------------------------------------------
/airootfs/usr/bin/check-binaries.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | errcnt=0
3 |
4 | for curfile in /usr/bin/{*btrfs*,*xfs*,dislocker*,udp*,dump,restore} \
5 | /usr/bin/{ghex,growpart*,hardinfo,*lshw*,ms-sys,nwipe,whdd,zerofree} \
6 | /usr/lib/ntfs-3g/ntfs-plugin*.so \
7 | /usr/lib/libgbm.so* \
8 | /usr/lib/xorg/modules/drivers/modesetting_drv.so \
9 | /usr/lib/libdislocker.so*
10 | do
11 | test -x ${curfile} || continue
12 | file --mime ${curfile} | grep -q -E "x-pie-executable|x-sharedlib" || continue
13 |
14 | if ldd ${curfile} | grep -q -F 'not found'
15 | then
16 | echo "ERROR: Program ${curfile} is missing libraries"
17 | ldd ${curfile}
18 | errcnt=$((errcnt + 1))
19 | fi
20 |
21 | done
22 |
23 | # check for missing programs
24 | # mkpasswd might be packaged separately from whois in the future
25 | for curfile in /usr/bin/mkpasswd ; \
26 | do
27 | if ! [[ -x "${curfile}" ]]; then
28 | echo "ERROR: Program ${curfile} is missing"
29 | errcnt=$((errcnt + 1))
30 | fi
31 | done
32 |
33 | if [ ${errcnt} -eq 0 ]
34 | then
35 | echo "SUCCESS: Have not found any missing library or program"
36 | exit 0
37 | else
38 | echo "FAILURE: Have found ${errcnt} issues"
39 | exit 1
40 | fi
41 |
--------------------------------------------------------------------------------
/airootfs/usr/bin/cowpacman2srm:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #
3 | # cowpacman2srm - Create SystemRescueModules (SRM) from pacman packages installed into the COW space
4 | #
5 | # Authors: Gerd v. Egidy and Francois Dupoux
6 | # SPDX-License-Identifier: GPL-3.0-or-later
7 | #
8 | # This script is meant to help creating SystemRescueModules (SRM) for SystemRescue.
9 | # More info about SRMs and this script can be found at:
10 | # https://www.system-rescue.org/Modules/
11 | #
12 | # To use first install all packages you want to have in your SRM with pacman.
13 | # Default COW (Copy-On-Write) space is a ramdisk, so you usually don't have to do anything
14 | # special except provide enough RAM.
15 | # You can also enable any systemd services that are in these packages.
16 | #
17 | # Then call:
18 | # cowpacman2srm [-s subcmd] [-c compalg] [-l complevel] [targetfile.srm]
19 | #
20 | # This script runs in two stages:
21 | # 1) During the "prepare" stage all files belonging to pacman packages manually installed
22 | # are being copied to a temporary directory
23 | # 2) During the "create" stage the SRM file (which is a squash file system) is being created
24 | # with the contents stored in the temporary directory
25 | # You can either run both stages in a single run (this is the default) or one stage at a time.
26 | # If you do not specify any sub-command the script is going to run the two stages in one run.
27 | # If you want to customize the contents of the SRM module you can run the "prepare" stage first,
28 | # then make customizations in the temporary directory (for example to add extra files) and then
29 | # you run the "create" stage to produce the SRM file.
30 | #
31 | # Copy the .srm file to archisobasedir (default: "sysresccd") on your boot disk
32 | # and add the "loadsrm" boot parameter to SystemRescue.
33 | #
34 | # There is no mechanism to check if a SRM is compatible with the version of SystemRescue
35 | # you are trying to run it with. So it is higly recommended to only use this script on
36 | # the exact version of SystemRescue you plan to use the SRM with.
37 | #
38 |
39 | # default paths for temp files
40 | TMP_TARGET=/tmp/srm_content/
41 | PKG_FILELIST=${TMP_TARGET}filelist
42 |
43 | # default options
44 | COMPRESS=zstd
45 | COMPLEVEL=""
46 | SUBCMD="all"
47 | OPER_PREPARE=0
48 | OPER_CREATE=0
49 |
50 | function usage()
51 | {
52 | echo
53 | echo "Usage: cowpacman2srm [-s subcmd] [-c compalg] [-l complevel] [targetfile.srm]"
54 | echo
55 | echo "options:"
56 | echo "- subcmd is a sub-command to execute, it can be any of: prepare, create, all. (default: all)"
57 | echo "- compalg is any of the compression algorithms supported by mksquashfs (default: zstd)"
58 | echo "- complevel is the compression level for the given algorithm (if supported with -Xcompression-level)"
59 | echo
60 | exit 1
61 | }
62 |
63 | function prepare()
64 | {
65 | # determine the COW target upperdir, read it out from the mount options of /
66 | UPPERDIR=$(findmnt --mountpoint / --noheadings --output FS-OPTIONS | sed -e "s/.*upperdir=\([^,]*\),*.*/\1/")
67 |
68 | if [ -z "$UPPERDIR" ] || ! [ -d "$UPPERDIR" ]; then
69 | echo "ERROR: can't determine upperdir"
70 | exit 2
71 | fi
72 |
73 | if ! [ -d "${UPPERDIR}/var/lib/pacman/local/" ]; then
74 | echo "ERROR: no packages installed in the COW space"
75 | echo "(${UPPERDIR}/var/lib/pacman/local/ not existing)"
76 | exit 3
77 | fi
78 |
79 | # read the names of the packages in the COW space
80 | # package names are in the desc file in the line after the marker %NAME%
81 | PACKAGENAMES=$(find ${UPPERDIR}/var/lib/pacman/local/ -name desc -exec grep -A1 --no-filename "%NAME%" \{\} \; | grep -v -E "(--|%NAME%)")
82 |
83 | if [ -z "$PACKAGENAMES" ]; then
84 | echo "ERROR: no packages installed in the COW space"
85 | echo "(${UPPERDIR}/var/lib/pacman/local/ empty)"
86 | exit 3
87 | fi
88 |
89 | # create temp dir used to store the package list and later the files to put into the SRM
90 | mkdir -p $TMP_TARGET
91 |
92 | # read all filenames installed by the packages in COW space
93 | # sort to make sure dir names come before files in the dir
94 | pacman -Q --list --quiet $PACKAGENAMES | sort -u >$PKG_FILELIST
95 |
96 | if cat $PKG_FILELIST | wc -l | grep -q "^0$"; then
97 | echo "ERROR: empty file list for the installed packages"
98 |
99 | # clean up
100 | rm -rf ${TMP_TARGET}
101 |
102 | exit 3
103 | fi
104 |
105 | echo -n "Found Packages: "
106 | echo "$PACKAGENAMES" | wc -w
107 | echo -n "Found Files: "
108 | cat $PKG_FILELIST | wc -l
109 | echo
110 | echo "Copying to temp dir..."
111 |
112 | # newline separator for for loops, necessary for filenames with spaces in them
113 | IFS_SAVE=$IFS
114 | IFS=$'\n'
115 |
116 | # iterate over all files and dirs installed by the packages
117 | for FILE in `cat $PKG_FILELIST`; do
118 | if [ -d "${FILE}" ] && ! [ -L "${FILE}" ]; then
119 | # we have a real dir (not a symlink to a dir)
120 | # create it below $TMP_TARGET, copy attributes
121 | mkdir -p "${TMP_TARGET}${FILE}"
122 | chmod "--reference=${FILE}" "${TMP_TARGET}${FILE}"
123 | chown "--reference=${FILE}" "${TMP_TARGET}${FILE}"
124 | else
125 | # we have a file or symlink, copy it, preserving symlinks as such
126 | cp "--target-directory=${TMP_TARGET}" --preserve=all --parents --no-dereference "${FILE}"
127 | fi
128 | done
129 |
130 | # copy the pacman package database too
131 |
132 | # first create the directories in the tmp space
133 | for DIR in `find ${UPPERDIR}/var/lib/pacman/local/ -type d -printf "%P\n"`; do
134 | mkdir -p "${TMP_TARGET}var/lib/pacman/local/${DIR}"
135 | done
136 |
137 | # then copy all package database files
138 | for FILE in `find ${UPPERDIR}/var/lib/pacman/local/ -type f -printf "%P\n"`; do
139 | cp --no-dereference "${UPPERDIR}/var/lib/pacman/local/${FILE}" "${TMP_TARGET}var/lib/pacman/local/${FILE}"
140 | done
141 |
142 | # the user may have enabled systemd units provided by the packages in COW space
143 | # we want to copy these too
144 |
145 | # read all systemd symlinks in the cow-dir
146 | if [ -d "${UPPERDIR}/etc/systemd/system/" ]; then
147 | for SYMLINK in `find "${UPPERDIR}/etc/systemd/system/" -type l -printf "%P\n"`; do
148 | TARGET=$(readlink "${UPPERDIR}/etc/systemd/system/${SYMLINK}")
149 |
150 | # targets the symlink something that is in our packages?
151 | if grep -q "${TARGET}" $PKG_FILELIST; then
152 | echo "Copying systemd link /etc/systemd/system/${SYMLINK}"
153 | # copy the symlink to our target dir
154 | LINKDIR=$(dirname "${TMP_TARGET}/etc/systemd/system/${SYMLINK}")
155 | mkdir -p "${LINKDIR}"
156 | cp --no-dereference "${UPPERDIR}/etc/systemd/system/${SYMLINK}" "${TMP_TARGET}/etc/systemd/system/${SYMLINK}"
157 | fi
158 | done
159 | fi
160 |
161 | # restore line separator
162 | IFS=$IFS_SAVE
163 |
164 | rm -f $PKG_FILELIST
165 | }
166 |
167 | function create()
168 | {
169 | echo
170 | echo "Creating squashfs..."
171 |
172 | mksquashfs ${TMP_TARGET} $TARGETFILE -info -comp "$COMPRESS" $COMPLEVEL
173 |
174 | # clean up
175 | rm -rf ${TMP_TARGET}
176 | }
177 |
178 | while getopts "s:c:l:" opt; do
179 | case "${opt}" in
180 | s)
181 | SUBCMD="${OPTARG}"
182 | ;;
183 | c)
184 | COMPRESS="${OPTARG}"
185 | ;;
186 | l)
187 | COMPLEVEL="-Xcompression-level ${OPTARG}"
188 | ;;
189 | *)
190 | usage
191 | ;;
192 | esac
193 | done
194 |
195 | case "${SUBCMD}" in
196 | prepare)
197 | OPER_PREPARE=1
198 | ;;
199 | create)
200 | OPER_CREATE=1
201 | ;;
202 | all)
203 | OPER_PREPARE=1
204 | OPER_CREATE=1
205 | ;;
206 | *)
207 | echo "ERROR: invalid sub-command: '${SUBCMD}'"
208 | usage
209 | ;;
210 | esac
211 |
212 | shift $((OPTIND-1))
213 | TARGETFILE="$1"
214 |
215 | if [ "$OPER_CREATE" -eq 1 ] && [ -z "$TARGETFILE" ]; then
216 | echo "ERROR: no target file specified"
217 | usage
218 | fi
219 |
220 | if [ "$OPER_CREATE" -eq 1 ] && [ -e "$TARGETFILE" ]; then
221 | echo "ERROR: target file already exists. Please delete it."
222 | exit 1
223 | fi
224 |
225 | if [ "$OPER_PREPARE" -eq 1 ] && [ -e "$TMP_TARGET" ]; then
226 | echo "ERROR: temporary directory $TMP_TARGET already exists. Please delete it."
227 | exit 1
228 | fi
229 |
230 | if [ "$OPER_PREPARE" -eq 0 ] && [ ! -d "$TMP_TARGET" ]; then
231 | echo "ERROR: temporary directory $TMP_TARGET does not exist. Please make sure you run the 'prepare' sub-command before 'create'."
232 | exit 1
233 | fi
234 |
235 | if [ "$OPER_PREPARE" -eq 1 ]; then
236 | prepare
237 | fi
238 |
239 | if [ "$OPER_CREATE" -eq 1 ]; then
240 | create
241 | fi
242 |
--------------------------------------------------------------------------------
/airootfs/usr/bin/pacman-faketime:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env bash
2 | #
3 | # call pacman and fake the system date to the day this version of SystemRescue was released
4 | # this can help to work around expired package signatures
5 | #
6 | # Author: Gerd v. Egidy
7 | # SPDX-License-Identifier: GPL-3.0-or-later
8 | #
9 | # see https://www.system-rescue.org/manual/Installing_packages_with_pacman/ for details
10 | #
11 |
12 | # get SystemRescue release date
13 | RELEASE_DATE=$(grep BUILD_ID /etc/os-release | sed -e "s/.*\"\(.*\)\"/\1/")
14 | if [[ -z "$RELEASE_DATE" ]] || ! echo "$RELEASE_DATE" | grep -E -q "^[0-9]{4}-[0-9]{2}-[0-9]{2}$"; then
15 | echo "ERROR: can't determine SystemRescue release date"
16 | exit 1
17 | fi
18 |
19 | if ! command -v faketime &>/dev/null ; then
20 | echo "ERROR: 'faketime' command not found. Is this the correct release of SystemRescue?"
21 | exit 1
22 | fi
23 |
24 | # wrap pacman with all arguments
25 | faketime "$RELEASE_DATE" pacman "$@"
26 |
--------------------------------------------------------------------------------
/airootfs/usr/bin/setkmap:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Pass the name of the keyboard layout to load it directly (eg: "setkmap us")
4 | # Pass no argument to display a menu a choose the keyboard layout from the list
5 |
6 | keymaps=$(localectl list-keymaps)
7 |
8 | if test -n "${1}" && localectl list-keymaps | grep -q "${1}"
9 | then
10 | keymap="${1}"
11 | else
12 | exec 3>&1
13 | keymap=$(/sbin/dialog --title "Keyboard layout" --menu "Choose a keyboard layout" 25 50 20 $(for item in ${keymaps[@]}; do echo ${item} "-" ; done) 2>&1 1>&3) || exit 1
14 | exec 3>&-
15 | fi
16 |
17 | localectl set-keymap ${keymap}
18 |
19 | if [[ $DISPLAY ]] && [[ -r /etc/X11/xorg.conf.d/00-keyboard.conf ]]; then
20 | # X11 is already running
21 | x11keymap=$(awk '/^\s*Option "XkbLayout"/ { print $3 }' /etc/X11/xorg.conf.d/00-keyboard.conf)
22 | setxkbmap -layout ${x11keymap}
23 | fi
24 |
--------------------------------------------------------------------------------
/airootfs/usr/bin/sysrescue-configuration.lua:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env lua
2 | --
3 | -- Author: Francois Dupoux
4 | -- SPDX-License-Identifier: GPL-3.0-or-later
5 | --
6 | -- SystemRescue configuration processing script
7 | --
8 | -- This script uses the SystemRescue yaml configuration files and the options
9 | -- passed on the boot command line to override the default configuration.
10 | -- It processes yaml configuration files in the alphabetical order, and each option
11 | -- found in a file override the options defined earlier. Options passed on the
12 | -- boot command like take precedence over configuration options defined in files.
13 | -- At the end it writes the effective configuration to a JSON file which is meant
14 | -- to be ready by any initialisation script which needs to know the configuration.
15 | -- Shell scripts can read values from the JSON file using a command such as:
16 | -- jq --raw-output '.global.copytoram' /run/archiso/config/sysrescue-effective-config.json
17 | -- This script requires the following lua packages to run on Arch Linux:
18 | -- sudo pacman -Sy lua lua-yaml lua-dkjson lua-http
19 |
20 | -- ==============================================================================
21 | -- Import modules
22 | -- ==============================================================================
23 | local lfs = require('lfs')
24 | local yaml = require('yaml')
25 | local json = require("dkjson")
26 | local request = require("http.request")
27 | local tls_ctx = require "http.tls".new_client_context()
28 | local tls_ctx_noverify = require "openssl.ssl.context".VERIFY_NONE
29 | local tls_ctx_doverify = require "openssl.ssl.context".VERIFY_PEER
30 |
31 | -- ==============================================================================
32 | -- Utility functions
33 | -- ==============================================================================
34 | -- Read a file and return all its contents
35 | function read_file_contents(path)
36 | local file = io.open(path, "rb")
37 | if not file then
38 | return nil
39 | end
40 | local content = file:read("*a")
41 | file:close()
42 | return content
43 | end
44 |
45 | -- Return true if the item is present in the list or false otherwise
46 | function item_in_list(item, list)
47 | for _, curitem in ipairs(list) do
48 | if (curitem == item) then
49 | return true
50 | end
51 | end
52 | return false
53 | end
54 |
55 | -- Ensure that the given scope exists in the config table, create it if not
56 | function ensure_scope(cfg_table, scopename)
57 | if (cfg_table == nil) or (type(cfg_table) ~= "table") then
58 | cfg_table = { }
59 | end
60 | if (cfg_table[scopename] == nil) or (type(cfg_table[scopename]) ~= "table") then
61 | cfg_table[scopename] = { }
62 | end
63 | end
64 |
65 | -- Return the number of items in a table
66 | function get_table_size(mytable)
67 | size = 0
68 | for _ in pairs(mytable) do
69 | size = size + 1
70 | end
71 | return size
72 | end
73 |
74 | -- Return a list of files with a yaml extension found in the directory 'dirname'
75 | -- If 'filenames' is an empty list then it will return all files which have been found
76 | -- If 'filenames' is not empty then it will only return files with a name present in the list
77 | function list_config_files(dirname, filenames)
78 | local results = {}
79 | for curfile in lfs.dir(dirname) do
80 | fullpath = dirname.."/"..curfile
81 | filetype = lfs.attributes(fullpath, "mode")
82 | if (filetype == "file") and curfile:match(".[Yy][Aa][Mm][Ll]$") then
83 | if (get_table_size(filenames) == 0) or item_in_list(curfile, filenames) then
84 | table.insert(results, fullpath)
85 | end
86 | end
87 | end
88 | table.sort(results)
89 | return results
90 | end
91 |
92 | -- Attempt to find the option 'optname' on the boot command line and return its value
93 | -- If 'multiple' is false then it will return the value of the last occurence found or nil
94 | -- If 'multiple' is true then it will return a list of all values passed or an empty list
95 | function search_cmdline_option(optname, multiple)
96 | local result_single = nil
97 | local result_multiple = {}
98 | local cmdline = read_file_contents("/proc/cmdline")
99 | for curopt in cmdline:gmatch("%S+") do
100 | optmatch1 = string.match(curopt, "^"..optname.."$")
101 | _, _, optmatch2 = string.find(curopt, "^"..optname.."=([^%s]+)$")
102 | if (optmatch1 ~= nil) or (optmatch2 == 'y') or (optmatch2 == 'yes') or (optmatch2 == 'true') then
103 | result_single = true
104 | table.insert(result_multiple, true)
105 | elseif (optmatch2 == 'n') or (optmatch2 == 'no') or (optmatch2 == 'false') then
106 | result_single = false
107 | table.insert(result_multiple, false)
108 | elseif (optmatch2 ~= nil) then
109 | result_single = optmatch2
110 | table.insert(result_multiple, optmatch2)
111 | end
112 | end
113 | if multiple == true then
114 | return result_multiple
115 | else
116 | return result_single
117 | end
118 | end
119 |
120 | -- Process a block of yaml configuration and override the current configuration with new values
121 | function process_yaml_config(config_content)
122 | if (config_content == nil) then
123 | io.stderr:write(string.format("Error downloading or empty file received\n"))
124 | return false
125 | end
126 | if pcall(function() curconfig = yaml.load(config_content) end) then
127 | if (curconfig == nil) or (type(curconfig) ~= "table") then
128 | io.stderr:write(string.format("This is not valid yaml (=no table), it will be ignored\n"))
129 | return false
130 | end
131 | merge_config_table(config, curconfig, "config")
132 | return true
133 | else
134 | io.stderr:write(string.format("Failed parsing yaml, it will be ignored\n"))
135 | return false
136 | end
137 | end
138 |
139 | -- Recursive merge of a config table
140 | -- config_table: references the current level within the global config
141 | -- new_table: the current level within the new yaml we want to merge right now
142 | -- leveltext: textual representation of the current level used for messages, split by "|"
143 | function merge_config_table(config_table, new_table, leveltext)
144 | for key, value in pairs(new_table) do
145 | -- loop through the current level of the new config
146 | if (config_table[key] == nil) then
147 | -- a key just existing in the new config, not in current config -> copy it
148 | print("- Merging "..leveltext.."|"..key.." into the config")
149 | config_table[key] = value
150 | else
151 | -- key of the new config also exisiting in the current config: check value type
152 | if (type(value) == "nil" or (type(value) == "string" and value == "")) then
153 | -- remove an existing table entry with an empty value
154 | print("- Removing "..leveltext.."|"..key)
155 | config_table[key] = nil
156 | elseif (type(value) == "table" and type(config_table[key]) == "table") then
157 | -- old and new values are tables: recurse
158 | merge_config_table(config_table[key], value, leveltext.."|"..key)
159 | else
160 | -- overwrite the old value
161 | print("- Overriding "..leveltext.."|"..key.." with the value from the yaml file")
162 | config_table[key] = value
163 | end
164 | end
165 | end
166 | end
167 |
168 | -- Download a file over http/https and return the contents of the file or nil if it fails
169 | function download_file(fileurl)
170 | local req_timeout = 10
171 | local req = request.new_from_uri(fileurl)
172 |
173 | --- we (usually) run during initramfs where the CA database is not available, so don't verify certificates
174 | tls_ctx:setVerify(tls_ctx_noverify)
175 | req.ctx = tls_ctx
176 |
177 | local headers, stream = req:go(req_timeout)
178 |
179 | if headers == nil then
180 | --- the second return variable (=stream) contains the error message in case of an error
181 | io.stderr:write(string.format("Failed to download %s: %s\n", fileurl, stream))
182 | return nil
183 | end
184 |
185 | status = headers:get(":status")
186 | if status ~= '200' then
187 | io.stderr:write(string.format("Failed to download %s: Received HTTP code %s\n", fileurl, status))
188 | return nil
189 | end
190 |
191 | local body, err = stream:get_body_as_string()
192 | if not body and err then
193 | io.stderr:write(string.format("Failed to download %s: Error %s\n", fileurl, tostring(err)))
194 | return nil
195 | end
196 |
197 | return body
198 | end
199 |
200 | -- ==============================================================================
201 | -- Initialisation
202 | -- ==============================================================================
203 | errcnt = 0
204 |
205 | -- ==============================================================================
206 | -- We start with an empty global config
207 | -- the default config is usually in the first yaml file parsed (100-defaults.yaml)
208 | -- ==============================================================================
209 | config = { }
210 |
211 | -- ==============================================================================
212 | -- Merge one yaml file after the other in lexicographic order
213 | -- ==============================================================================
214 | print ("====> Merging configuration with values from yaml files ...")
215 | -- bootmnt is bind-mounted in case of copytoram, so it doesn't need to be searched explicitly
216 | confdirs = {"/run/archiso/bootmnt/sysrescue.d"}
217 |
218 | -- Process local yaml configuration files
219 | for _, curdir in ipairs(confdirs) do
220 | if lfs.attributes(curdir, "mode") == "directory" then
221 | print("Searching for yaml configuration files in "..curdir.." ...")
222 | for _, curfile in ipairs(list_config_files(curdir, {})) do
223 | print(string.format("Processing local yaml configuration file: %s ...", curfile))
224 | if process_yaml_config(read_file_contents(curfile)) == false then
225 | errcnt = errcnt + 1
226 | end
227 | end
228 | else
229 | print("Directory "..curdir.." was not found so it has been ignored")
230 | end
231 | end
232 |
233 | -- Process explicitly configured configuration files
234 | -- these are parsed afterwards and in the order given, so they have precedence
235 | conffiles = search_cmdline_option("sysrescuecfg", true)
236 | print("Searching for remote yaml configuration files ...")
237 | for _, curfile in ipairs(conffiles) do
238 | if string.match(curfile, "^https?://") then
239 | print(string.format("Processing remote yaml configuration file: %s ...", curfile))
240 | local contents = download_file(curfile)
241 | if process_yaml_config(contents) == false then
242 | errcnt = errcnt + 1
243 | end
244 | elseif string.match(curfile, "^/") then
245 | -- we have a local file with absolute path
246 | print(string.format("Processing local yaml configuration file: %s ...",curfile))
247 | if process_yaml_config(read_file_contents(curfile)) == false then
248 | errcnt = errcnt + 1
249 | end
250 | else
251 | -- we have a local file with relative path, prefix the one existing config dir
252 | -- this will apply the config again, but later than before, giving it higher priority
253 | for _, curdir in ipairs(confdirs) do
254 | if lfs.attributes(curdir, "mode") == "directory" then
255 | print(string.format("Processing local yaml configuration file: %s ...",curdir.."/"..curfile))
256 | if process_yaml_config(read_file_contents(curdir.."/"..curfile)) == false then
257 | errcnt = errcnt + 1
258 | end
259 | -- just try the explicitly configured filename with one dir prefix
260 | break
261 | end
262 | end
263 | end
264 | end
265 |
266 | -- ==============================================================================
267 | -- Override the configuration with values passed on the boot command line
268 | --
269 | -- NOTE: boot command line options are only for legacy compatibility and
270 | -- very common options. Consider carfully before adding new boot
271 | -- command line options. New features should by default just be
272 | -- configured through the yaml config.
273 | -- ==============================================================================
274 |
275 | cmdline_options = {
276 | ['copytoram'] = "global",
277 | ['cow_label'] = "global",
278 | ['cow_directory'] = "global",
279 | ['checksum'] = "global",
280 | ['loadsrm'] = "global",
281 | ['dostartx'] = "global",
282 | ['dovnc'] = "global",
283 | ['noautologin'] = "global",
284 | ['nofirewall'] = "global",
285 | ['rootshell'] = "global",
286 | ['rootpass'] = "global",
287 | ['rootcryptpass'] = "global",
288 | ['setkmap'] = "global",
289 | ['vncpass'] = "global",
290 | ['ar_disable'] = "autorun",
291 | ['ar_nowait'] = "autorun",
292 | ['ar_nodel'] = "autorun",
293 | ['ar_ignorefail'] = "autorun",
294 | ['ar_attempts'] = "autorun",
295 | ['ar_source'] = "autorun",
296 | ['ar_suffixes'] = "autorun"
297 | }
298 |
299 | print ("====> Overriding the configuration with options passed on the boot command line ...")
300 | for option, scope in pairs(cmdline_options) do
301 | optresult = search_cmdline_option(option, false)
302 | if optresult == true then
303 | print("- Option '"..option.."' has been enabled on the boot command line")
304 | ensure_scope(config, scope)
305 | config[scope][option] = optresult
306 | elseif optresult == false then
307 | print("- Option '"..option.."' has been disabled on the boot command line")
308 | ensure_scope(config, scope)
309 | config[scope][option] = optresult
310 | elseif optresult ~= nil then
311 | print("- Option '"..option.."' has been defined as '"..optresult.."' on the boot command line")
312 | ensure_scope(config, scope)
313 | config[scope][option] = optresult
314 | end
315 | end
316 |
317 | -- ==============================================================================
318 | -- Print the effective configuration
319 | -- ==============================================================================
320 | print ("====> Printing the effective configuration")
321 | local jsoncfgtxt = json.encode (config, { indent = true })
322 | print (jsoncfgtxt)
323 |
324 | -- ==============================================================================
325 | -- Write the effective configuration to a JSON file
326 | -- ==============================================================================
327 | print ("====> Writing the effective configuration to a JSON file ...")
328 | output_location = "/run/archiso/config"
329 | output_filename = "sysrescue-effective-config.json"
330 | output_fullpath = output_location.."/"..output_filename
331 | jsoncfgfile = io.open(output_fullpath, "w")
332 | if jsoncfgfile == nil then
333 | io.stderr:write(string.format("ERROR: Failed to create effective configuration file in %s\n", output_fullpath))
334 | os.exit(1)
335 | end
336 | jsoncfgfile:write(jsoncfgtxt)
337 | jsoncfgfile:close()
338 | os.execute("chmod 700 "..output_location)
339 | os.execute("chmod 600 "..output_fullpath)
340 | print ("Effective configuration has been written to "..output_fullpath)
341 |
342 | -- ==============================================================================
343 | -- Error handling
344 | -- ==============================================================================
345 | if errcnt == 0 then
346 | print ("SUCCESS: Have successfully completed the processing of the configuration")
347 | os.exit(0)
348 | else
349 | io.stderr:write(string.format("FAILURE: Have completed the processing of the configuration with %d errors\n", errcnt))
350 | os.exit(1)
351 | end
352 |
--------------------------------------------------------------------------------
/airootfs/usr/bin/yay:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # yay wrapper to adapt yay to SystemRescue
4 | #
5 | # Author: Gerd v. Egidy
6 | # SPDX-License-Identifier: GPL-3.0-or-later
7 | #
8 | # see https://www.system-rescue.org/manual/Installing_packages_from_AUR/ for details
9 | #
10 |
11 | if ! id yay >/dev/null 2>&1; then
12 | echo "system not prepared for running yay yet, call 'yay-prepare'"
13 | exit 1
14 | fi
15 |
16 | # escape all parameters with ${var@Q}
17 | escArgArray=()
18 | for arg in "$@" ; do
19 | escArgArray+=(${arg@Q})
20 | done
21 | cmdstr="/usr/bin/yay-real ${escArgArray[@]}"
22 |
23 | su -s /bin/bash yay -c "$cmdstr"
24 |
--------------------------------------------------------------------------------
/airootfs/usr/lib/udev/rules.d/09-nomdlvm.rules:
--------------------------------------------------------------------------------
1 | SUBSYSTEM!="block", GOTO="dm_end"
2 |
3 | # treat all block devices according to boot cmdline option:
4 | # we don't know if the device is actually dm or lvm
5 | # but once we know, it is too late
6 |
7 | # "nomdlvm" on kernel command line stops activating or
8 | # registering any dm or lvm device
9 | IMPORT{cmdline}="nomdlvm"
10 | ENV{nomdlvm}=="?*", GOTO="dm_disable"
11 |
12 | GOTO="dm_end"
13 |
14 | LABEL="dm_disable"
15 | ENV{DM_UDEV_DISABLE_SUBSYSTEM_RULES_FLAG}="1"
16 | ENV{DM_UDEV_DISABLE_DISK_RULES_FLAG}="1"
17 | ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}="1"
18 | OPTIONS:="nowatch"
19 |
20 | LABEL="dm_end"
21 |
--------------------------------------------------------------------------------
/airootfs/usr/lib/udev/rules.d/61-nomdlvm.rules:
--------------------------------------------------------------------------------
1 | SUBSYSTEM!="block", GOTO="nomdlvm_end"
2 |
3 | # handle potential components of arrays (the ones supported by md)
4 | ENV{ID_FS_TYPE}=="linux_raid_member", GOTO="check_cmdline"
5 | ENV{ID_FS_TYPE}=="ddf_raid_member", GOTO="check_cmdline"
6 | ENV{ID_FS_TYPE}=="isw_raid_member", GOTO="check_cmdline"
7 | GOTO="nomdlvm_end"
8 |
9 | LABEL="check_cmdline"
10 |
11 | # "nomdlvm" on kernel command line stops activating or
12 | # registering any md device
13 | IMPORT{cmdline}="nomdlvm"
14 | ENV{nomdlvm}=="?*", ENV{SYSTEMD_READY}="0"
15 |
16 | LABEL="nomdlvm_end"
17 |
--------------------------------------------------------------------------------
/airootfs/usr/share/sysrescue/bin/load-srm:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env bash
2 | #
3 | # load-srm - late-load a SystemRescueModule (SRM) by copying it's content onto the Copy-on-Write (CoW) space
4 | #
5 | # Author: Gerd v. Egidy
6 | # SPDX-License-Identifier: GPL-3.0-or-later
7 | #
8 | # see https://www.system-rescue.org/Modules/ for details
9 |
10 | # bash-checks right at the top due to many bashisms in the rest of the script
11 | if [ -n "$POSIXLY_CORRECT" ] || [ -z "$BASH_VERSION" ]; then
12 | echo "ERROR: bash >= 4.0 is required for this script."
13 | exit 1
14 | fi
15 |
16 | if (( BASH_VERSINFO[0]*100 + BASH_VERSINFO[1] < 400 )); then
17 | echo "ERROR: bash >= 4.0 is required for this script."
18 | exit 1
19 | fi
20 |
21 | # abort on failures
22 | set -o errexit -o pipefail -o noclobber -o nounset
23 |
24 | MOUNTPOINT="/run/archiso/load-srm"
25 |
26 | print_help()
27 | {
28 | echo "load-srm - late-load a SystemRescueModule (SRM)"
29 | echo " by copying it's content onto the Copy-on-Write (CoW) space"
30 | echo ""
31 | echo "Usage:"
32 | echo "load-srm [-v|--verbose] [-i|--insecure] "
33 | echo ""
34 | echo " Either a path to the SRM or a URL to download it from."
35 | echo " Supports http:// and https:// URLs."
36 | echo ""
37 | echo "--insecure Ignore TLS errors like wrong certificate when using HTTPS."
38 | echo " Not recommended to use unless you know what you are doing."
39 | echo "--verbose Output progress and details about each step."
40 | echo ""
41 | echo "See https://www.system-rescue.org/Modules/ for details."
42 |
43 | return
44 | }
45 |
46 | # error while parsing commandline parameters
47 | argument_error()
48 | {
49 | echo "$1"
50 | echo
51 | echo "---------------------------------"
52 | echo
53 | print_help
54 | exit 2
55 | }
56 |
57 | do_cleanup()
58 | {
59 | # cleanups necessary for ending
60 |
61 | if findmnt --mountpoint "$MOUNTPOINT" >/dev/null 2>&1; then
62 | umount "$MOUNTPOINT" || true
63 | [[ $VERBOSE -eq 1 ]] && echo "squashfs unmounted"
64 | fi
65 |
66 | if [[ -n "${TMPDIR:-}" ]]; then
67 | rm -rf "${TMPDIR}" || true
68 | [[ $VERBOSE -eq 1 ]] && echo "tmpdir removed"
69 | fi
70 |
71 | return 0
72 | }
73 |
74 | # an error occured after argument parsing
75 | error_exit()
76 | {
77 | do_cleanup
78 |
79 | echo "ERROR: $1"
80 | exit $2
81 | }
82 |
83 | parse_args()
84 | {
85 | # adapted from https://stackoverflow.com/a/29754866 by Robert Siemer
86 | # version edited Mar 4 '21 at 0:11, licensed under CC BY-SA 4.0 due to Stackoverflow Terms of Service
87 | # https://creativecommons.org/licenses/by-sa/4.0/
88 |
89 | # show help when no arguments given
90 | [[ $# -eq 0 ]] && { print_help ; exit 0 ; }
91 |
92 | # -allow a command to fail with !’s side effect on errexit
93 | # -use return value from ${PIPESTATUS[0]}, because ! hosed $?
94 | ! getopt --test > /dev/null
95 | if [[ ${PIPESTATUS[0]} -ne 4 ]]; then
96 | echo 'ERROR: `getopt --test` failed in this environment'
97 | exit 1
98 | fi
99 |
100 | local OPTIONS="ivh"
101 | local LONGOPTS="insecure,verbose,help"
102 |
103 | # option variables as globals, set to default values
104 | declare -g INSECURE=0
105 | declare -g VERBOSE=0
106 | declare -g URL=""
107 | declare -g URL_PROTO=""
108 |
109 | # -regarding ! and PIPESTATUS see above
110 | # -temporarily store output to be able to check for errors
111 | # -activate quoting/enhanced mode (e.g. by writing out “--options”)
112 | # -pass arguments only via -- "$@" to separate them correctly
113 | ! PARSED=$(getopt --options=$OPTIONS --longoptions=$LONGOPTS --name "$0" -- "$@")
114 | if [[ ${PIPESTATUS[0]} -ne 0 ]]; then
115 | # e.g. return value is 1
116 | # then getopt has complained about wrong arguments to stdout
117 | echo
118 | print_help
119 | exit 2
120 | fi
121 | # read getopt’s output this way to handle the quoting right:
122 | eval set -- "$PARSED"
123 |
124 | while true; do
125 | case "$1" in
126 | -i|--insecure)
127 | INSECURE=1
128 | shift
129 | ;;
130 | -v|--verbose)
131 | VERBOSE=1
132 | shift
133 | ;;
134 | -h|--help)
135 | print_help
136 | exit 0
137 | ;;
138 | --)
139 | shift
140 | break
141 | ;;
142 | *)
143 | echo "ERROR: Argument parsing logic bug"
144 | exit 2
145 | ;;
146 | esac
147 | done
148 |
149 | # one positional argument required: the URL
150 | [[ $# -ne 1 ]] && argument_error "ERROR: URL missing"
151 | URL=$1
152 |
153 | # basic check for the URL parameter
154 | if [[ $URL =~ ^[a-z0-9]+://.+ ]]; then
155 | # we have a URI style parameter
156 |
157 | if [[ $URL =~ ^http://.+ ]]; then
158 | URL_PROTO="http"
159 | return 0
160 | elif [[ $URL =~ ^https://.+ ]]; then
161 | URL_PROTO="https"
162 | return 0
163 | fi
164 |
165 | argument_error "ERROR: invalid URL or unsupported protocol"
166 |
167 | elif [[ -f "$URL" ]]; then
168 | URL_PROTO="file"
169 | return 0
170 | fi
171 |
172 | argument_error "ERROR: can't find file"
173 |
174 | return 0
175 | }
176 |
177 | mount_srm()
178 | {
179 | local srm_path=$1
180 |
181 | # first test if we really have a valid squashfs file
182 | if ! unsquashfs -l "$srm_path" >/dev/null 2>&1; then
183 | error_exit "file not a valid squashfs file" 100
184 | fi
185 | [[ $VERBOSE -eq 1 ]] && echo "squashfs file verified $srm_path"
186 |
187 | # prepare mount
188 | if ! [[ -d "$MOUNTPOINT" ]]; then
189 | mkdir "$MOUNTPOINT"
190 | elif findmnt --mountpoint "$MOUNTPOINT" >/dev/null 2>&1; then
191 | error_exit "$MOUNTPOINT already mounted" 101
192 | fi
193 |
194 | if ! mount -t squashfs "$srm_path" "$MOUNTPOINT"; then
195 | error_exit "can't mount squashfs file" 102
196 | fi
197 |
198 | [[ $VERBOSE -eq 1 ]] && echo "squashfs successfully mounted to $MOUNTPOINT"
199 |
200 | return 0
201 | }
202 |
203 | rsync_to_cow()
204 | {
205 | # dry-run first, we want to find any problems before beginning the actual sync
206 | if ! rsync -a --sparse --checksum --quiet --dry-run "$MOUNTPOINT/" "/"; then
207 | error_exit "problem while testing to copy the SRM content" 103
208 | fi
209 |
210 | local param="--quiet"
211 | [[ $VERBOSE -eq 1 ]] && param="--progress"
212 |
213 | if ! rsync -a --sparse --checksum $param "$MOUNTPOINT/" "/"; then
214 | error_exit "problem copying the SRM content" 104
215 | fi
216 |
217 | [[ $VERBOSE -eq 1 ]] && echo "files copied successfully"
218 |
219 | return 0
220 | }
221 |
222 | curl_download()
223 | {
224 | # first create a tmpdir we use to download the srm to
225 | # use tmpfs (and not the CoW space) because we want to fully remove it afterwards
226 | declare -g TMPDIR
227 | if ! TMPDIR=$(mktemp --directory --tmpdir="/tmp" "load-srm.XXXXXXXXXX"); then
228 | error_exit "can't create tmpdir" 3
229 | fi
230 |
231 | local curl_param
232 | [[ $VERBOSE -eq 0 ]] && curl_param="--show-error --silent"
233 | [[ $VERBOSE -eq 1 ]] && curl_param="--progress-meter"
234 | [[ $INSECURE -eq 1 ]] && curl_param="$curl_param --insecure"
235 |
236 | if ! curl --output "$TMPDIR/srm" --fail --location --max-redirs 10 \
237 | --retry-connrefused --retry 2 --retry-delay 3 $curl_param "$URL"; then
238 | error_exit "error downloading SRM" 4
239 | fi
240 |
241 | [[ $VERBOSE -eq 1 ]] && echo "file downloaded successfully"
242 |
243 | return 0
244 | }
245 |
246 | wait_online()
247 | {
248 | # timeout in seconds
249 | local timeout=$1
250 |
251 | # 4 tests per second
252 | local tries=$[$timeout*4]
253 | local online=0
254 |
255 | while [[ $tries -gt 0 ]]; do
256 | if /usr/bin/nm-online --timeout=0 --quiet; then
257 | # we are online
258 | online=1
259 | break
260 | fi
261 | tries=$[$tries-1]
262 | if [[ $tries -eq 0 ]]; then
263 | # no unnecessary sleep+message at the end
264 | continue
265 | fi
266 |
267 | # print a message every 5 seconds (=20 tests) to not spam the console
268 | if [[ $(expr $tries % 20) == "0" ]]; then
269 | echo "Waiting for network connection ($[tries/4]s of ${timeout}s left)..."
270 | fi
271 |
272 | sleep 0.25
273 | done
274 |
275 | if [[ $online -eq 0 ]]; then
276 | # the user could have circumvented NetworkManager
277 | echo "No network connection detected by NetworkManager, trying download anyway"
278 | fi
279 | }
280 |
281 | #################################
282 | # execution begins here
283 |
284 | parse_args "$@"
285 |
286 | [[ $VERBOSE -eq 1 ]] && echo "URL/path: $URL"
287 |
288 | if [[ $URL_PROTO == "http" ]] || [[ $URL_PROTO == "https" ]]; then
289 | # wait until we have some kind on network connection before trying the download
290 | # waiting is important even if we try downloading anyways: the network may take some time to get up
291 | wait_online 30
292 |
293 | curl_download
294 | # replace the URL parameter with the location we downloaded the file to
295 | URL="$TMPDIR/srm"
296 | fi
297 |
298 | mount_srm "$URL"
299 | rsync_to_cow
300 | do_cleanup
301 |
302 | exit 0
303 |
--------------------------------------------------------------------------------
/airootfs/usr/share/sysrescue/bin/manual:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | elinks /usr/share/sysrescue/html/manual/index.html
4 |
--------------------------------------------------------------------------------
/airootfs/usr/share/sysrescue/bin/mountall:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env bash
2 | #
3 | # mountall - mount all suitable block devices
4 | #
5 | # Author: Gerd v. Egidy
6 | # SPDX-License-Identifier: GPL-3.0-or-later
7 | #
8 | # see https://www.system-rescue.org/scripts/mountall/ for details
9 |
10 | # abort on failures
11 | set -o errexit -o pipefail -o noclobber -o nounset
12 |
13 | print_help()
14 | {
15 | echo "mountall - mount all suitable block devices"
16 | echo ""
17 | echo "Usage:"
18 | echo "mountall [-n|--no-bind] [-o|--ro|--readonly] [-v|--verbose]"
19 | echo ""
20 | echo "--no-bind Don't try to bind-mount /dev /proc and /sys when"
21 | echo " the partition has these dirs"
22 | echo "--readonly Mount read-only"
23 | echo "--verbose Verbose output."
24 | echo ""
25 | echo "See https://www.system-rescue.org/scripts/mountall/ for details."
26 |
27 | return
28 | }
29 |
30 | # error while parsing commandline parameters
31 | argument_error()
32 | {
33 | echo "$1"
34 | echo
35 | echo "---------------------------------"
36 | echo
37 | print_help
38 | exit 2
39 | }
40 |
41 | parse_args()
42 | {
43 | # adapted from https://stackoverflow.com/a/29754866 by Robert Siemer
44 | # version edited Mar 4 '21 at 0:11, licensed under CC BY-SA 4.0 due to Stackoverflow Terms of Service
45 | # https://creativecommons.org/licenses/by-sa/4.0/
46 |
47 | # -allow a command to fail with !’s side effect on errexit
48 | # -use return value from ${PIPESTATUS[0]}, because ! hosed $?
49 | ! getopt --test > /dev/null
50 | if [[ ${PIPESTATUS[0]} -ne 4 ]]; then
51 | echo 'ERROR: `getopt --test` failed in this environment'
52 | exit 1
53 | fi
54 |
55 | local OPTIONS="novh"
56 | local LONGOPTS="no-bind,readonly,ro,verbose,help"
57 |
58 | # option variables as globals, set to default values
59 | declare -g BIND=1
60 | declare -g READONLY=0
61 | declare -g VERBOSE=0
62 |
63 | # -regarding ! and PIPESTATUS see above
64 | # -temporarily store output to be able to check for errors
65 | # -activate quoting/enhanced mode (e.g. by writing out “--options”)
66 | # -pass arguments only via -- "$@" to separate them correctly
67 | ! PARSED=$(getopt --options=$OPTIONS --longoptions=$LONGOPTS --name "$0" -- "$@")
68 | if [[ ${PIPESTATUS[0]} -ne 0 ]]; then
69 | # e.g. return value is 1
70 | # then getopt has complained about wrong arguments to stdout
71 | echo
72 | print_help
73 | exit 2
74 | fi
75 | # read getopt’s output this way to handle the quoting right:
76 | eval set -- "$PARSED"
77 |
78 | while true; do
79 | case "$1" in
80 | -n|--no-bind)
81 | BIND=0
82 | shift
83 | ;;
84 | -o|--readonly|--ro)
85 | READONLY=1
86 | shift
87 | ;;
88 | -v|--verbose)
89 | VERBOSE=1
90 | shift
91 | ;;
92 | -h|--help)
93 | print_help
94 | exit 0
95 | ;;
96 | --)
97 | shift
98 | break
99 | ;;
100 | *)
101 | echo "ERROR: Argument parsing logic bug"
102 | exit 2
103 | ;;
104 | esac
105 | done
106 |
107 | # we want no positional arguments
108 | [[ $# -ne 0 ]] && argument_error "ERROR: positional arguments not allowed"
109 |
110 | true
111 | }
112 |
113 | is_cryptodev()
114 | {
115 | local DEV="$1"
116 |
117 | [[ $VERBOSE -eq 1 ]] && echo "Checking if $DEV is an encrypted device..."
118 |
119 | BLKID=$(blkid "$DEV")
120 | [[ $VERBOSE -eq 1 ]] && echo "blkid output: $BLKID"
121 |
122 | if [[ "$BLKID" != *" TYPE="* ]] && [[ "$BLKID" != "TYPE="* ]]; then
123 | # blkid must return a "TYPE" tag for it to be mountable at all
124 | [[ $VERBOSE -eq 1 ]] && echo "$DEV is not mountable (no TYPE)"
125 | false
126 | return
127 | fi
128 |
129 | if [[ "$BLKID" != *"TYPE=\"crypto"* ]]; then
130 | [[ $VERBOSE -eq 1 ]] && echo "$DEV is not not encrypted"
131 | false
132 | return
133 | fi
134 |
135 | # is the device already opened?
136 | DEVNAME=$(basename "$DEV")
137 | if /usr/bin/test -d /sys/devices/virtual/block/*/slaves/$DEVNAME ; then
138 | [[ $VERBOSE -eq 1 ]] && echo "$DEV is already opened"
139 | false
140 | return
141 | fi
142 |
143 | [[ $VERBOSE -eq 1 ]] && echo "$DEV looks to be an encrypted device that could be opened"
144 |
145 | true
146 | }
147 |
148 | is_mountable()
149 | {
150 | local DEV="$1"
151 |
152 | [[ $VERBOSE -eq 1 ]] && echo "Checking if $DEV is mountable..."
153 |
154 | BLKID=$(blkid "$DEV")
155 | [[ $VERBOSE -eq 1 ]] && echo "blkid output: $BLKID"
156 |
157 | if [[ "$BLKID" != *" TYPE="* ]] && [[ "$BLKID" != "TYPE="* ]]; then
158 | # blkid must return a "TYPE" tag for it to be mountable at all
159 | [[ $VERBOSE -eq 1 ]] && echo "$DEV is not mountable (no TYPE)"
160 | false
161 | return
162 | fi
163 |
164 | if [[ "$BLKID" == *"TYPE=\"linux_raid_member\""* ]] ||
165 | [[ "$BLKID" == *"TYPE=\"LVM2_member\""* ]] ||
166 | [[ "$BLKID" == *"TYPE=\"swap\""* ]] ||
167 | [[ "$BLKID" == *"TYPE=\"crypto"* ]] ; then
168 | # these are not directly mountable
169 | [[ $VERBOSE -eq 1 ]] && echo "$DEV is not mountable (swap, RAID or LVM)"
170 | false
171 | return
172 | fi
173 |
174 | if findmnt --source "$DEV" >/dev/null 2>&1 ; then
175 | [[ $VERBOSE -eq 1 ]] && echo "$DEV is already mounted"
176 | false
177 | return
178 | fi
179 |
180 | # special mounted check for btrfs filesystems:
181 | # when they consist of multiple parts, you can mount them with either device name
182 | if [[ "$BLKID" == *"TYPE=\"btrfs\""* ]] &&
183 | /usr/bin/btrfs device stats "$DEV" >/dev/null 2>&1; then
184 | [[ $VERBOSE -eq 1 ]] && echo "$DEV is already mounted (btrfs)"
185 | false
186 | return
187 | fi
188 |
189 | [[ $VERBOSE -eq 1 ]] && echo "$DEV looks to be mountable"
190 |
191 | true
192 | }
193 |
194 | # create a suitable dir below /mnt
195 | # tries to use the block dev name, but uses a different one if already existing
196 | create_mountpoint()
197 | {
198 | local DEV="$1"
199 |
200 | [[ $VERBOSE -eq 1 ]] && echo "looking for a suitable mountpoint for $DEV"
201 |
202 | DEVNAME=$(basename "$DEV")
203 |
204 | MOUNTPOINT="/mnt/$DEVNAME"
205 | local NUMBER=1
206 |
207 | while [[ -e "$MOUNTPOINT" ]]; do
208 | [[ $VERBOSE -eq 1 ]] && echo "wanted mountpoint $MOUNTPOINT already existing"
209 |
210 | # check if it is an empty directory and unmounted, then we can still use it
211 | if [[ -d "$MOUNTPOINT" ]] && \
212 | find "$MOUNTPOINT" -maxdepth 0 -type d -empty | grep -q "." && \
213 | ! findmnt --mountpoint "$MOUNTPOINT" >/dev/null 2>&1 ; then
214 | [[ $VERBOSE -eq 1 ]] && echo "wanted mountpoint $MOUNTPOINT existing, but empty and nothing mounted"
215 | break
216 | fi
217 |
218 | MOUNTPOINT="/mnt/${DEVNAME}_${NUMBER}"
219 | NUMBER=$[$NUMBER+1]
220 |
221 | [[ $VERBOSE -eq 1 ]] && echo "testing new mountpoint: $MOUNTPOINT"
222 | done
223 |
224 | [[ $VERBOSE -eq 1 ]] && echo "creating mountpoint $MOUNTPOINT"
225 |
226 | if ! mkdir -p "$MOUNTPOINT"; then
227 | echo "error creating mountpoint $MOUNTPOINT"
228 | false
229 | return
230 | fi
231 | }
232 |
233 | # if there is /dev /proc /sys in the just mounted path, bind mount them to ours
234 | # this allows using some commands in a chroot (like grub-install)
235 | try_bind_mounts()
236 | {
237 | local MOUNTPOINT="$1"
238 |
239 | [[ $VERBOSE -eq 1 ]] && echo "checking if to create bind-mounts below $MOUNTPOINT"
240 |
241 | if [[ -d "${MOUNTPOINT}/dev" ]]; then
242 | if mount --bind "/dev" "${MOUNTPOINT}/dev"; then
243 | echo "bind mounted /dev to ${MOUNTPOINT}/dev"
244 | else
245 | echo "failed bind mounting /dev to ${MOUNTPOINT}/dev"
246 | fi
247 | fi
248 |
249 | if [[ -d "${MOUNTPOINT}/sys" ]]; then
250 | if mount --bind "/sys" "${MOUNTPOINT}/sys"; then
251 | echo "bind mounted /sys to ${MOUNTPOINT}/sys"
252 | else
253 | echo "failed bind mounting /sys to ${MOUNTPOINT}/sys"
254 | fi
255 | fi
256 |
257 | if [[ -d "${MOUNTPOINT}/proc" ]]; then
258 | if mount --bind "/proc" "${MOUNTPOINT}/proc"; then
259 | echo "bind mounted /proc to ${MOUNTPOINT}/proc"
260 | else
261 | echo "failed bind mounting /proc to ${MOUNTPOINT}/proc"
262 | fi
263 | fi
264 | }
265 |
266 | try_mount()
267 | {
268 | local DEV="$1"
269 |
270 | create_mountpoint "$DEV" || return
271 |
272 | echo -n "mounting $DEV to $MOUNTPOINT... "
273 |
274 | local OPTIONS=""
275 | if [[ $READONLY -eq 1 ]]; then
276 | [[ $VERBOSE -eq 1 ]] && echo "mounting read-only"
277 | OPTIONS="--read-only"
278 | fi
279 |
280 | if ! mount $OPTIONS "$DEV" "$MOUNTPOINT"; then
281 | echo "error mounting $DEV to $MOUNTPOINT (options $OPTIONS)"
282 | return
283 | fi
284 |
285 | echo "OK"
286 |
287 | if [[ $BIND -eq 1 ]]; then
288 | try_bind_mounts "$MOUNTPOINT"
289 | fi
290 | }
291 |
292 | #################################
293 | # execution begins here
294 |
295 | parse_args "$@"
296 |
297 | # loop through regular block devices
298 | for BLKDEV in $(ls -1 "/sys/class/block"); do
299 | # handle device mapper / lvm volumes in the 2nd loop for nice names
300 | [[ -d "/sys/class/block/${BLKDEV}/dm" ]] && continue
301 |
302 | if is_cryptodev "/dev/${BLKDEV}"; then
303 | if /usr/bin/cryptsetup open "/dev/${BLKDEV}" "${BLKDEV}_crypt"; then
304 | # we will handle the opened crypto volume in the mapper loop below
305 | continue
306 | else
307 | echo "error opening ${BLKDEV}"
308 | fi
309 | fi
310 |
311 | if is_mountable "/dev/${BLKDEV}"; then
312 | try_mount "/dev/${BLKDEV}"
313 | fi
314 | done
315 |
316 | # if we just opened a cryptodev we have to wait until it appears in /dev/mapper
317 | [[ $VERBOSE -eq 1 ]] && echo "waiting until recently opened lvm devices appear in /dev/mapper"
318 | udevadm settle --timeout=10
319 |
320 | # loop through device mapper / lvm volumes
321 | for LVMDEV in $(ls -1 "/dev/mapper"); do
322 | # there is always one central control entry, skip it
323 | [[ "$LVMDEV" == "control" ]] && continue
324 |
325 | if is_cryptodev "/dev/mapper/${LVMDEV}"; then
326 | if /usr/bin/cryptsetup open "/dev/mapper/${LVMDEV}" "${LVMDEV}_crypt"; then
327 | # check if we can mount the opened device below
328 | LVMDEV="${LVMDEV}_crypt"
329 | else
330 | echo "error opening ${LVMDEV}"
331 | fi
332 | fi
333 |
334 | if is_mountable "/dev/mapper/${LVMDEV}"; then
335 | try_mount "/dev/mapper/${LVMDEV}"
336 | fi
337 | done
338 |
339 | exit 0
340 |
--------------------------------------------------------------------------------
/airootfs/usr/share/sysrescue/bin/reverse_ssh:
--------------------------------------------------------------------------------
1 | #! /usr/bin/env python3
2 | #
3 | # reverse_ssh - Open a outbound SSH server connection (reverse SSH), primarily for remote support
4 | #
5 | # Author: Gerd v. Egidy
6 | # SPDX-License-Identifier: GPL-3.0-or-later
7 | #
8 | # Usually ssh connections are built using tcp from the ssh client to the server.
9 | # This can be difficult if the server is behind a NAT router or firewall.
10 | # reverse_ssh is run on the server system and creates an outbound tcp connection
11 | # to the ssh client. This outgoing tcp connection has a much better chance to pass
12 | # through the NAT router or firewall.
13 | #
14 | # Reversing the connection direction on client and server is done using socat
15 | # http://www.dest-unreach.org/socat/
16 | #
17 | # Usage:
18 | # reverse_ssh [-h] [-d] [-b] [-t TRIES] hostname port
19 | #
20 | # positional arguments:
21 | # hostname hostname (or IP) to connect to
22 | # port TCP port number to connect to
23 | #
24 | # optional arguments:
25 | # -h, --help show this help message and exit
26 | # -d, --debug enable debug output
27 | # -b, --background fork to background once the connection is established
28 | # -t TRIES, --tries TRIES connection tries (0: endless, this is the default)
29 | #
30 | # Receiving reverse_ssh connections on the ssh client:
31 | # (the system with the ssh client must be accessible from the internet on $RECEIVEPORT)
32 | # export RECEIVEPORT=2222
33 | # ssh -l root -o "ProxyCommand socat - TCP4-LISTEN:${RECEIVEPORT},reuseaddr" -o StrictHostKeyChecking=no none
34 | #
35 | # Receiving reverse_ssh connections with a bounce host:
36 | # (if the system with the ssh client is not directly reachable, a bounce host can be used)
37 | # (requires "GatewayPorts yes" in /etc/ssh/sshd_config on the bounce host)
38 | # export RECEIVEPORT=2222
39 | # ssh -R ${RECEIVEPORT}:/tmp/reverse_ssh -N -f bouncehost.example.com
40 | # ssh -l root -o "ProxyCommand socat - UNIX-LISTEN:/tmp/reverse_ssh" -o StrictHostKeyChecking=no none
41 | #
42 | # For more information see
43 | # https://www.system-rescue.org/scripts/reverse_ssh/
44 | #
45 |
46 | import argparse
47 | import os
48 | import sys
49 | import socket
50 | import re
51 | import subprocess
52 | import time
53 | import signal
54 | import syslog
55 |
56 | min_retry_seconds = 3
57 |
58 | # raise an exception on SIGTERM, so that we can kill a running socat process
59 | def sigterm_handler(signum, frame):
60 | raise OSError("SIGTERM")
61 |
62 | signal.signal(signal.SIGTERM, sigterm_handler)
63 |
64 | def createDaemon():
65 | """Detach a process from the controlling terminal and run it in the
66 | background as a daemon.
67 | taken from https://code.activestate.com/recipes/278731-creating-a-daemon-the-python-way/
68 | Copyright Chad J. Schroeder, licensed under the Python Software Foundation License (PSF)
69 | """
70 |
71 | # Fork a child process so the parent can exit. This returns control to
72 | # the command-line or shell. It also guarantees that the child will not
73 | # be a process group leader, since the child receives a new process ID
74 | # and inherits the parent's process group ID. This step is required
75 | # to insure that the next call to os.setsid is successful.
76 | pid = os.fork()
77 |
78 | if (pid == 0): # The first child.
79 | # To become the session leader of this new session and the process group
80 | # leader of the new process group, we call os.setsid(). The process is
81 | # also guaranteed not to have a controlling terminal.
82 | os.setsid()
83 |
84 | # Fork a second child and exit immediately to prevent zombies. This
85 | # causes the second child process to be orphaned, making the init
86 | # process responsible for its cleanup. And, since the first child is
87 | # a session leader without a controlling terminal, it's possible for
88 | # it to acquire one by opening a terminal in the future (System V-
89 | # based systems). This second fork guarantees that the child is no
90 | # longer a session leader, preventing the daemon from ever acquiring
91 | # a controlling terminal.
92 | pid = os.fork() # Fork a second child.
93 |
94 | if (pid == 0): # The second child.
95 | # Since the current working directory may be a mounted filesystem, we
96 | # avoid the issue of not being able to unmount the filesystem at
97 | # shutdown time by changing it to the root directory.
98 | os.chdir("/")
99 |
100 | # redirect stdin, stdout, stderr to /dev/null
101 | os.close(0)
102 | os.close(1)
103 | os.close(2)
104 | # This call to open is guaranteed to return the lowest file descriptor,
105 | # which will be 0 (stdin), since it was closed above.
106 | os.open("/dev/null", os.O_RDWR) # standard input (0)
107 |
108 | # Duplicate standard input to standard output and standard error.
109 | os.dup2(0, 1) # standard output (1)
110 | os.dup2(0, 2) # standard error (2)
111 |
112 | return(0)
113 |
114 | else:
115 | # exit() or _exit()? See below.
116 | os._exit(0) # Exit parent (the first child) of the second child.
117 | else:
118 | # exit() or _exit()?
119 | # _exit is like exit(), but it doesn't call any functions registered
120 | # with atexit (and on_exit) or any registered signal handlers. It also
121 | # closes any open file descriptors. Using exit() may cause all stdio
122 | # streams to be flushed twice and any temporary files may be unexpectedly
123 | # removed. It's therefore recommended that child branches of a fork()
124 | # and the parent branch(es) of a daemon use _exit().
125 | os._exit(0) # Exit parent of the first child.
126 |
127 | def check_portno(value):
128 | ivalue = int(value)
129 | if ivalue <= 0 or ivalue > 65535:
130 | raise argparse.ArgumentTypeError("port number must be between 1 and 65535")
131 | return ivalue
132 |
133 | def check_unsigned(value):
134 | ivalue = int(value)
135 | if ivalue < 0:
136 | raise argparse.ArgumentTypeError("only positive integers allowed")
137 | return ivalue
138 |
139 | def check_hostname_or_ip(value):
140 | # check if it is a valid IPv6
141 | try:
142 | socket.inet_pton(socket.AF_INET6, value)
143 | return value
144 | except Exception:
145 | # no IPv6, continue
146 | pass
147 |
148 | # check if it is a valid IPv4
149 | try:
150 | socket.inet_pton(socket.AF_INET, value)
151 | return value
152 | except Exception:
153 | # no IPv4, continue
154 | pass
155 |
156 | # check if it is a valid dns hostname
157 | if value[-1] == ".":
158 | # strip exactly one dot from the right, if present
159 | value = value[:-1]
160 | if len(value) > 253:
161 | raise argparse.ArgumentTypeError("invalid hostname, too long")
162 |
163 | labels = value.split(".")
164 |
165 | # the TLD must be not all-numeric
166 | if re.match(r"[0-9]+$", labels[-1]):
167 | raise argparse.ArgumentTypeError("invalid hostname")
168 |
169 | allowed = re.compile(r"(?!-)[a-z0-9-]{1,63}(? 0 ):
232 | print("ERROR: neither a root password nor public key has been configured", file=sys.stderr)
233 | print("", file=sys.stderr)
234 | print("hint: use the \"passwd\" command to set a password", file=sys.stderr)
235 | sys.exit(2)
236 |
237 | # make sure that ssh is running
238 |
239 | s = socket.socket()
240 | s.settimeout(2)
241 | s.setblocking(True)
242 | result = s.connect_ex(("localhost", 22))
243 | s.close()
244 |
245 | if result:
246 | print("ERROR: can't connect to ssh daemon on localhost", file=sys.stderr)
247 | print("", file=sys.stderr)
248 | print("hint: start sshd with the command \"systemctl start sshd.service\"", file=sys.stderr)
249 | sys.exit(3)
250 |
251 | # make sure that socat is installed
252 |
253 | if not os.path.exists("/usr/bin/socat") or not os.path.getsize("/usr/bin/socat") > 0:
254 | print("ERROR: socat not installed", file=sys.stderr)
255 | print("", file=sys.stderr)
256 | print("hint: install socat with the command \"pacman -Sy socat\"", file=sys.stderr)
257 | sys.exit(4)
258 |
259 | # parameter and system checks ok, proceed to connect
260 |
261 | syslog.openlog(logoption=syslog.LOG_PID, facility=syslog.LOG_USER)
262 | syslog.syslog(f"initiating connection to ssh client at {hostname}:{port}")
263 |
264 | socat_out_re = re.compile(r"^.+? socat\[[0-9]+\] ([A-Z]) (.+)")
265 | eof_msg_re = re.compile(r"^socket .* is at EOF")
266 | connected_msg_re = re.compile(r"^transferred [0-9]+ bytes from [0-9]+ to [0-9]+")
267 |
268 | # prepare retry variables
269 | if args.tries == 0:
270 | endless = True
271 | retry = 0
272 | else:
273 | endless = False
274 | retry = args.tries
275 |
276 | once_connected = False
277 |
278 | try:
279 | # main retry loop
280 | while retry > 0 or endless:
281 | connected = False
282 | starttime = time.monotonic()
283 |
284 | # connect to the locally running ssh on port 22 first
285 | # then try the outbound connection to the given host and port
286 | # in case of success, the sockets are connected and the remote end can use a ssh client
287 | # in case of error, the socat process is terminated
288 | # (the retry of socat doesn't work predictable enough, depends very much on type of error)
289 |
290 | # always run it in high debug output mode because status info can only be extracted that way
291 | socat_process = subprocess.Popen(['/usr/bin/socat', '-d', '-d', '-d', 'TCP:localhost:22',
292 | f"TCP:{hostname}:{port},connect-timeout=15" ],
293 | stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
294 |
295 | # loop through the lines written to stdout+stderr while socat is running
296 | while True:
297 | outline = socat_process.stdout.readline()
298 | if len(outline) == 0 and socat_process.poll() is not None:
299 | # process ended and we got all output
300 | break
301 | if len(outline) > 0:
302 | outline = outline.decode('utf-8')
303 | if args.debug:
304 | print(outline.strip())
305 | splitline = socat_out_re.match(outline)
306 | if splitline:
307 | # we could split the debug output into date, process, severity and actual message
308 | severity = splitline.group(1)
309 | message = splitline.group(2)
310 |
311 | if severity == "E" or severity == "W":
312 | # some error or warning occured, show it
313 | print(message)
314 | syslog.syslog(message)
315 | if severity == "I" and connected_msg_re.match(message) and not connected:
316 | # the first "transferred nn bytes..." message denotes that we really have
317 | # a connection. But these messages are repeated, so just the first counts
318 | print("Connected")
319 | syslog.syslog(f"connected to {hostname}:{port}")
320 | connected = True
321 | once_connected = True
322 |
323 | # we have a connection, don't retry to establish one when this one is terminated
324 | retry = 0
325 | endless = False
326 |
327 | if args.background:
328 | createDaemon()
329 |
330 | if severity == "N" and eof_msg_re.match(message) and connected:
331 | # the first "socket .* is at EOF" message denotes that the connection
332 | # was terminated. But these messages are repeated, so just the first counts
333 | print("Connection terminated")
334 | syslog.syslog("connection terminated")
335 | connected = False
336 |
337 | if retry > 0:
338 | retry -= 1
339 | if retry > 0 or endless:
340 | # we will retry
341 | if time.monotonic() - starttime < min_retry_seconds:
342 | # don't hammer the remote in case of errors
343 | time.sleep(min_retry_seconds)
344 |
345 | except (KeyboardInterrupt, OSError):
346 | # we want a nicer message for Ctrl-c
347 | # also the SIGTERM call flow ends up here
348 | print()
349 | print("Aborted")
350 | syslog.syslog("Aborted")
351 | try:
352 | socat_process.kill()
353 | except Exception:
354 | # ignore if killing doesn't work, it could be that no process is running
355 | pass
356 | sys.exit(5)
357 |
358 | if once_connected:
359 | # everything ok
360 | sys.exit(0)
361 | else:
362 | # some error while trying to establish a connection
363 | sys.exit(6)
364 |
--------------------------------------------------------------------------------
/airootfs/usr/share/sysrescue/bin/yay-prepare:
--------------------------------------------------------------------------------
1 | #! /bin/bash
2 | #
3 | # yay-prepare - prepare SystemRescue for running yay
4 | #
5 | # Author: Gerd v. Egidy
6 | # SPDX-License-Identifier: GPL-3.0-or-later
7 | #
8 | # see https://www.system-rescue.org/manual/Installing_packages_from_AUR/ for details
9 | #
10 |
11 | # abort on failures
12 | set -o errexit -o pipefail -o noclobber -o nounset
13 |
14 | if id yay >/dev/null 2>&1; then
15 | echo "It looks like yay-prepare has already been run, aborting."
16 | exit 1
17 | fi
18 |
19 | echo "To prepare SystemRescue for using yay many packages must be downloaded and reinstalled."
20 | echo "This will need more than a Gigabyte of Copy-on-Write (CoW) storage, usually in RAM."
21 | echo "Compiling packages will need additional space in CoW."
22 | echo "Consider using a disk-backed CoW-space ('cow_label=' boot option)."
23 | echo
24 |
25 | read -p "Reinstall packages into CoW space now (y/n)? " answer
26 | case ${answer:0:1} in
27 | y|Y )
28 | echo Ok
29 | ;;
30 | * )
31 | echo "Aborting"
32 | exit 1
33 | ;;
34 | esac
35 |
36 | REINSTALL=()
37 |
38 | # loop over all installed packages
39 | IFS=$'\n'
40 | for pkgfile in $(find /var/lib/pacman/local -name files -type f) ; do
41 |
42 | # check if this package contains anything build-related we deleted in customize_airootfs.sh
43 | if grep -q -E "^usr/include/" "$pkgfile" || \
44 | grep -q -E "^usr/lib/.*\.a\$" "$pkgfile" || \
45 | grep -q -E "^usr/lib/(libgo\.|libgphobos\.|libgfortran\.)" "$pkgfile" ; then
46 |
47 | # we need to reinstall this package -> find out it's name
48 | DIR=$(dirname "$pkgfile")
49 | DESCFILE="${DIR}/desc"
50 | PKGNAME=$(grep "%NAME%" -A1 "$DESCFILE" | grep -v "%NAME%")
51 |
52 | if [[ -z "$PKGNAME" ]]; then
53 | echo "failed to extract package name from ${pkgfile}"
54 | exit 1
55 | fi
56 |
57 | # exclude some packages from reinstallation, for example ones from the sysrescuerepo
58 | if ! grep -q "$PKGNAME" /usr/share/sysrescue/lib/yay-prepare-exclude; then
59 | REINSTALL+=($PKGNAME)
60 | echo "package $PKGNAME needs to be reinstalled"
61 | fi
62 | fi
63 | done
64 |
65 | # update pacman package database
66 | pacman -Sy
67 |
68 | # reinstall all required packages
69 | pacman-faketime -S "${REINSTALL[@]}"
70 |
71 | # install base-devel group, but don't reinstall what we already have
72 | # we want to ask the user for confirmation, but don't give them a choice what to install
73 | # this isn't supported by pacman directly, so we need to get the group contents first and then install them
74 |
75 | BASE_DEVEL_PKGS=$(pacman -Sg base-devel | sed -e "s/^base-devel \(.*\)/\1/")
76 | pacman-faketime -S --needed $BASE_DEVEL_PKGS git cmake
77 |
78 | useradd -m yay
79 |
80 | # don't require a password for yay user when installing packages
81 | echo "yay ALL=(ALL:ALL) NOPASSWD: ALL" >/etc/sudoers.d/yay
82 |
83 | echo
84 | echo "all done, ready for yay"
85 | echo
86 |
--------------------------------------------------------------------------------
/airootfs/usr/share/sysrescue/template/autoterminal.service:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: LGPL-2.1-or-later
2 | #
3 | # This file is part of SystemRescue, based on getty@.service from systemd
4 | #
5 | # systemd is free software; you can redistribute it and/or modify it
6 | # under the terms of the GNU Lesser General Public License as published by
7 | # the Free Software Foundation; either version 2.1 of the License, or
8 | # (at your option) any later version.
9 |
10 | [Unit]
11 | Description=SystemRescue autoterminal %TTY%
12 | Documentation=https://www.system-rescue.org/manual/autoterminal/
13 | After=systemd-user-sessions.service plymouth-quit-wait.service getty-pre.target \
14 | getty@%TTY%.service autovt@%TTY%.service
15 |
16 | # If additional gettys are spawned during boot then we should make
17 | # sure that this is synchronized before getty.target, even though
18 | # getty.target didn't actually pull it in.
19 | Before=getty.target
20 | IgnoreOnIsolate=yes
21 |
22 | # IgnoreOnIsolate causes issues with sulogin, if someone isolates
23 | # rescue.target or starts rescue.service from multi-user.target or
24 | # graphical.target.
25 | Conflicts=rescue.service getty@%TTY%.service autovt@%TTY%.service
26 | Before=rescue.service
27 |
28 | [Service]
29 | # the VT is cleared by TTYVTDisallocate
30 | ExecStart=-%EXEC%
31 |
32 | # do not wait 5 seconds as for Type=idle before starting the service
33 | Type=simple
34 |
35 | Restart=always
36 | RestartSec=1
37 | UtmpIdentifier=%TTY%
38 | StandardInput=tty
39 | StandardOutput=tty
40 | TTYPath=/dev/%TTY%
41 | TTYReset=yes
42 | TTYVHangup=yes
43 | TTYVTDisallocate=yes
44 | IgnoreSIGPIPE=no
45 | SendSIGHUP=yes
46 |
47 | # make this a systemd-logind session without needing a getty
48 | User=root
49 | PAMName=login
50 |
51 | # generate all utmp/wtmp entries and don't expect the program to do it
52 | UtmpMode=user
53 |
54 | # Unset locale for the console getty since the console has problems
55 | # displaying some internationalized messages.
56 | UnsetEnvironment=LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY \
57 | LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION
58 |
59 | [Install]
60 | WantedBy=getty.target
61 |
--------------------------------------------------------------------------------
/airootfs/usr/share/sysrescue/template/serial-autoterminal.service:
--------------------------------------------------------------------------------
1 | # SPDX-License-Identifier: LGPL-2.1-or-later
2 | #
3 | # This file is part of SystemRescue, based on serial-getty@.service from systemd
4 | #
5 | # systemd is free software; you can redistribute it and/or modify it
6 | # under the terms of the GNU Lesser General Public License as published by
7 | # the Free Software Foundation; either version 2.1 of the License, or
8 | # (at your option) any later version.
9 |
10 | [Unit]
11 | Description=SystemRescue serial autoterminal %TTY%
12 | Documentation=https://www.system-rescue.org/manual/autoterminal/
13 | BindsTo=dev-%TTY%.device
14 | After=dev-%TTY%.device systemd-user-sessions.service plymouth-quit-wait.service \
15 | getty-pre.target serial-getty@%TTY%.service
16 |
17 | # If additional gettys are spawned during boot then we should make
18 | # sure that this is synchronized before getty.target, even though
19 | # getty.target didn't actually pull it in.
20 | Before=getty.target
21 | IgnoreOnIsolate=yes
22 |
23 | # IgnoreOnIsolate causes issues with sulogin, if someone isolates
24 | # rescue.target or starts rescue.service from multi-user.target or
25 | # graphical.target.
26 | Conflicts=rescue.service serial-getty@%TTY%.service
27 | Before=rescue.service
28 |
29 | [Service]
30 | ExecStart=-%EXEC%
31 |
32 | # do not wait 5 seconds as for Type=idle before starting the service
33 | Type=simple
34 |
35 | Restart=always
36 | RestartSec=1
37 | UtmpIdentifier=%TTY%
38 | StandardInput=tty
39 | StandardOutput=tty
40 | TTYPath=/dev/%TTY%
41 | TTYReset=yes
42 | TTYVHangup=yes
43 | IgnoreSIGPIPE=no
44 | SendSIGHUP=yes
45 |
46 | # make this a systemd-logind session without needing a getty
47 | User=root
48 | PAMName=login
49 |
50 | # generate all utmp/wtmp entries and don't expect the program to do it
51 | UtmpMode=user
52 |
53 | [Install]
54 | WantedBy=getty.target
55 |
--------------------------------------------------------------------------------
/autorun/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nchevsky/systemrescue-zfs/023ef86591a00e0677d3019856770dba186af7a9/autorun/.gitkeep
--------------------------------------------------------------------------------
/docker/Dockerfile-build-iso-x86_64:
--------------------------------------------------------------------------------
1 | FROM docker.io/archlinux/archlinux:latest
2 | RUN mkdir -p /workspace
3 | COPY tmpfiles/pacman.conf /etc/pacman.conf
4 | RUN pacman -Syyu --noconfirm strace vim archiso binutils edk2-shell grub hugo isomd5sum mtools && rm -rf /var/cache/pacman/pkg/*
5 | CMD ["setarch","x86_64","/usr/bin/bash"]
6 | WORKDIR /workspace
7 |
--------------------------------------------------------------------------------
/docker/build-docker-image.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # Parameters validation
4 | if [ -z "${sysrescuearch}" ] ; then
5 | echo "ERROR: You must define the environment variable 'sysrescuearch' as either 'x86_64' or 'i686' before you run this script"
6 | exit 1
7 | fi
8 |
9 | if [ "${sysrescuearch}" != "x86_64" ] && [ "${sysrescuearch}" != "i686" ] ; then
10 | echo "Value '${sysrescuearch}' is invalid for environment variable 'sysrescuearch'. Only 'x86_64' and 'i686' are supported"
11 | exit 1
12 | fi
13 |
14 | # Determine the path to the git repository
15 | fullpath="$(realpath $0)"
16 | curdir="$(dirname ${fullpath})"
17 | repodir="$(realpath ${curdir}/..)"
18 | tmpdir="${repodir}/docker/tmpfiles"
19 | echo "fullpath=${fullpath}"
20 | echo "repodir=${repodir}"
21 |
22 | # Copy configuration files
23 | mkdir -p ${tmpdir}
24 | cp -a ${repodir}/pacman.conf ${tmpdir}
25 |
26 | # Build the docker image
27 | dockerimg="sysrescuebuildiso-${sysrescuearch}:latest"
28 | docker build -t ${dockerimg} -f ${repodir}/docker/Dockerfile-build-iso-${sysrescuearch} ${repodir}/docker
29 |
30 | # Cleanup
31 | rm -rf ${tmpdir}
32 |
--------------------------------------------------------------------------------
/docker/build-iso-image.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # Parameters validation
4 | if [ -z "${sysrescuearch}" ] ; then
5 | echo "ERROR: You must define the environment variable 'sysrescuearch' as either 'x86_64' or 'i686' before you run this script"
6 | exit 1
7 | fi
8 |
9 | if [ "${sysrescuearch}" != "x86_64" ] && [ "${sysrescuearch}" != "i686" ] ; then
10 | echo "Value '${sysrescuearch}' is invalid for environment variable 'sysrescuearch'. Only 'x86_64' and 'i686' are supported"
11 | exit 1
12 | fi
13 |
14 | # Make sure the docker image exists
15 | dockerimg="sysrescuebuildiso-${sysrescuearch}:latest"
16 | if ! docker inspect ${dockerimg} >/dev/null 2>/dev/null ; then
17 | echo "ERROR: You must build the following docker image before you run this script: ${dockerimg}"
18 | exit 1
19 | fi
20 |
21 | # Determine the path to the git repository
22 | fullpath="$(realpath $0)"
23 | curdir="$(dirname ${fullpath})"
24 | repodir="$(realpath ${curdir}/..)"
25 | echo "curdir=${curdir}"
26 | echo "repodir=${repodir}"
27 |
28 | # Create a tmpfs for storing packages cache in memory
29 | pkgcache="/tmp/pkgcache"
30 | echo "pkgcache=${pkgcache}"
31 | mkdir -p ${pkgcache}
32 | if ! findmnt ${pkgcache} >/dev/null; then
33 | echo "Mounting ${pkgcache} as a tmpfs"
34 | sudo mount -t tmpfs tmpfs -o size=2G ${pkgcache}
35 | fi
36 |
37 | # Run the build process in the container
38 | docker run --rm --pids-limit=4096 --user 0:0 --privileged -it --workdir /workspace \
39 | --volume=${repodir}:/workspace \
40 | --volume=${pkgcache}:/var/cache/pacman/pkg \
41 | ${dockerimg} setarch ${sysrescuearch} /bin/bash /workspace/build.sh "$@"
42 |
--------------------------------------------------------------------------------
/efiboot/grub/custom.cfg:
--------------------------------------------------------------------------------
1 | # This file is intended for customizing the boot menu of SystemRescue
2 | #
3 | # Either edit this file on a writable media
4 | # or use https://www.system-rescue.org/scripts/sysrescue-customize/ to replace it
5 |
6 |
--------------------------------------------------------------------------------
/efiboot/grub/font.pf2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nchevsky/systemrescue-zfs/023ef86591a00e0677d3019856770dba186af7a9/efiboot/grub/font.pf2
--------------------------------------------------------------------------------
/efiboot/grub/grubinit.cfg:
--------------------------------------------------------------------------------
1 | search --file --no-floppy --set=root /boot/grub/grubsrcd.cfg
2 | set prefix=/boot/grub
3 | source (${root})/boot/grub/grubsrcd.cfg
4 |
--------------------------------------------------------------------------------
/efiboot/grub/grubsrcd.cfg:
--------------------------------------------------------------------------------
1 | # SystemRescue main GRUB config file
2 |
3 | # Note: This is set when we are loaded from loopback.cfg
4 | if [ -z "$srcd_skip_init" ]; then
5 | # Global options
6 | set timeout=30
7 | set default=0
8 | set fallback=1
9 | set pager=1
10 |
11 | # Display settings
12 | if loadfont /boot/grub/font.pf2 ; then
13 | set gfxmode=800x600,auto
14 | set color_normal=black/cyan
15 | set color_highlight=black/light-gray
16 | set menu_color_normal=black/cyan
17 | set menu_color_highlight=black/light-gray
18 | insmod efi_gop
19 | insmod efi_uga
20 | insmod gfxterm
21 | insmod all_video
22 | insmod videotest
23 | insmod videoinfo
24 | echo "Switching to gfxterm"
25 | terminal_output gfxterm
26 | fi
27 |
28 | # enable serial console with common settings (ttyS0, 115200 Baud, 8n1)
29 | # this works in parallel to regular console
30 | serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
31 | terminal_input --append serial
32 | terminal_output --append serial
33 | fi
34 |
35 | if [ -z "$archiso_param" ]; then
36 | archiso_param="archisolabel=%ARCHISO_LABEL%"
37 | fi
38 |
39 | # Placing menuentry commands inside an eval allows the value of variables
40 | # like $archiso_param to be visible in the GRUB editor
41 | eval "
42 |
43 | menuentry 'Boot %ISO_APPLICATION% %ISO_VERSION% using default options' {
44 | set gfxpayload=keep
45 | echo 'Loading kernel...'
46 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES%
47 | echo 'Loading initramfs...'
48 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
49 | echo 'Booting...'
50 | }
51 |
52 | menuentry 'Boot %ISO_APPLICATION% %ISO_VERSION% with the firewall disabled (nofirewall)' {
53 | echo 'Loading kernel...'
54 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES% nofirewall
55 | echo 'Loading initramfs...'
56 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
57 | echo 'Booting...'
58 | }
59 |
60 | menuentry 'Boot %ISO_APPLICATION% %ISO_VERSION% and copy system to RAM (copytoram)' {
61 | set gfxpayload=keep
62 | echo 'Loading kernel...'
63 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES% copytoram
64 | echo 'Loading initramfs...'
65 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
66 | echo 'Booting...'
67 | }
68 |
69 | menuentry 'Boot %ISO_APPLICATION% %ISO_VERSION% and verify integrity of the medium (checksum)' {
70 | set gfxpayload=keep
71 | echo 'Loading kernel...'
72 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES% checksum
73 | echo 'Loading initramfs...'
74 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
75 | echo 'Booting...'
76 | }
77 |
78 | menuentry 'Boot %ISO_APPLICATION% %ISO_VERSION% using basic display drivers (nomodeset)' {
79 | set gfxpayload=keep
80 | echo 'Loading kernel...'
81 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES% nomodeset
82 | echo 'Loading initramfs...'
83 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
84 | echo 'Booting...'
85 | }
86 |
87 | menuentry 'Boot %ISO_APPLICATION% %ISO_VERSION% without activating md raid or lvm (nomdlvm)' {
88 | set gfxpayload=keep
89 | echo 'Loading kernel...'
90 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES% nomdlvm
91 | echo 'Loading initramfs...'
92 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
93 | echo 'Booting...'
94 | }
95 |
96 | menuentry 'Boot a Linux operating system installed on the disk (findroot)' {
97 | set gfxpayload=keep
98 | echo 'Loading kernel...'
99 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES% findroot
100 | echo 'Loading initramfs...'
101 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
102 | echo 'Booting...'
103 | }
104 |
105 | menuentry 'Stop during the boot process before mounting the root filesystem' {
106 | set gfxpayload=keep
107 | echo 'Loading kernel...'
108 | linux /%INSTALL_DIR%/boot/%ISO_ARCH%/vmlinuz archisobasedir=%INSTALL_DIR% $archiso_param %DEFAULT_KERNEL_PARAM% %CONSOLES% break
109 | echo 'Loading initramfs...'
110 | initrd /%INSTALL_DIR%/boot/intel_ucode.img /%INSTALL_DIR%/boot/amd_ucode.img /%INSTALL_DIR%/boot/%ISO_ARCH%/sysresccd.img
111 | echo 'Booting...'
112 | }
113 |
114 | source /boot/grub/custom.cfg
115 |
116 | menuentry 'Memtest86+ memory tester for UEFI' {
117 | insmod fat
118 | set gfxpayload=640x480,800x600,1024x768,auto
119 | linux /EFI/memtest.efi keyboard=both %CONSOLES%
120 | }
121 |
122 | menuentry 'Start EFI Shell' {
123 | insmod fat
124 | insmod chain
125 | terminal_output console
126 | chainloader /EFI/shell.efi
127 | }
128 |
129 | menuentry 'EFI Firmware setup' {
130 | fwsetup
131 | }
132 |
133 | menuentry 'Reboot' {
134 | reboot
135 | }
136 |
137 | menuentry 'Power off' {
138 | halt
139 | }
140 |
141 | " # end eval
142 |
--------------------------------------------------------------------------------
/efiboot/grub/loopback.cfg:
--------------------------------------------------------------------------------
1 | # SystemRescue loopback-mount GRUB config file
2 |
3 | # Per loopback.cfg convention, 'iso_path' should have been set to the
4 | # filesystem location of the SystemRescue ISO-image file.
5 | # (Reference: https://www.supergrubdisk.org/wiki/Loopback.cfg)
6 |
7 | if [ -z "$iso_path" ]
8 | then
9 | echo "Warning: 'iso_path' is not set."
10 |
11 | elif search --file --set=archiso_grub_dev --no-floppy $iso_path
12 | then
13 | echo "Found '$iso_path' on ($archiso_grub_dev)"
14 |
15 | if probe --fs-uuid --set=archiso_fs_uuid $archiso_grub_dev
16 | then
17 | echo "($archiso_grub_dev) filesystem UUID: $archiso_fs_uuid"
18 | archiso_param="img_dev=/dev/disk/by-uuid/$archiso_fs_uuid img_loop=$iso_path"
19 | else
20 | echo
21 | echo "Warning: Could not get filesystem UUID for ($archiso_grub_dev)."
22 | fi
23 | else
24 | echo
25 | echo "Warning: Could not find the SystemRescue ISO-image file."
26 | fi
27 |
28 | if [ -z "$archiso_param" ]
29 | then
30 | echo "The following GRUB menu is unlikely to boot SystemRescue successfully."
31 | echo
32 | echo -n "Press Enter to continue ... "
33 | read
34 | fi
35 |
36 | srcd_skip_init=yes
37 | source /boot/grub/grubsrcd.cfg
38 |
--------------------------------------------------------------------------------
/isolinux/isolinux.cfg:
--------------------------------------------------------------------------------
1 | PATH /%INSTALL_DIR%/boot/syslinux/
2 | DEFAULT loadconfig
3 |
4 | LABEL loadconfig
5 | CONFIG /%INSTALL_DIR%/boot/syslinux/sysresccd.cfg
6 | APPEND /%INSTALL_DIR%/
7 |
--------------------------------------------------------------------------------
/mirrorlist-snapshot-i686:
--------------------------------------------------------------------------------
1 | #
2 | # Mirrors for archive.archlinux32.org
3 | # Currently just one stable mirror known, see https://bbs.archlinux32.org/viewforum.php?id=10
4 | #
5 | Server = https://archive.archlinux32.org/repos/%SNAPSHOT_DATE%/$arch/$repo
6 |
7 |
--------------------------------------------------------------------------------
/mirrorlist-snapshot-x86_64:
--------------------------------------------------------------------------------
1 | #
2 | # Mirrors for archive.archlinux.org
3 | # list taken from https://gitlab.archlinux.org/archlinux/infrastructure/-/blob/master/docs/servers.md#archive-mirrors
4 | #
5 | Server = https://archive.archlinux.org/repos/%SNAPSHOT_DATE%/$repo/os/$arch
6 | Server = https://europe.archive.pkgbuild.com/repos/%SNAPSHOT_DATE%/$repo/os/$arch
7 | Server = https://america.archive.pkgbuild.com/repos/%SNAPSHOT_DATE%/$repo/os/$arch
8 | Server = https://asia.archive.pkgbuild.com/repos/%SNAPSHOT_DATE%/$repo/os/$arch
9 |
10 |
--------------------------------------------------------------------------------
/mkinitcpio.conf:
--------------------------------------------------------------------------------
1 | MODULES=(fuse)
2 | BINARIES=(jq mount.ntfs)
3 | HOOKS=(base udev memdisk sysrescuecfg findroot archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs archiso_kms block mdadm_udev modconf encrypt lvm2 filesystems keyboard)
4 | COMPRESSION="xz"
5 | COMPRESSION_OPTIONS="--threads=0 --verbose"
6 |
--------------------------------------------------------------------------------
/packages:
--------------------------------------------------------------------------------
1 | acpi
2 | amd-ucode
3 | archinstall
4 | arch-install-scripts
5 | at
6 | atop
7 | bash
8 | bash-completion
9 | bc
10 | bcachefs-tools
11 | beep
12 | bind-tools
13 | binutils
14 | blocksync-fast
15 | borg
16 | btrfs-progs
17 | busybox
18 | bzip2
19 | cabextract
20 | ca-certificates
21 | casync
22 | cdrtools
23 | chntpw
24 | cifs-utils
25 | clonezilla
26 | coreutils
27 | cpio
28 | crda
29 | cronie
30 | cryptsetup
31 | curl
32 | dd_rescue
33 | ddrescue
34 | dhclient
35 | dialog
36 | diffutils
37 | dislocker
38 | dmidecode
39 | dmraid
40 | dnsmasq
41 | dool
42 | dosfstools
43 | dump
44 | dvd+rw-tools
45 | e2fsprogs
46 | efibootmgr
47 | efitools
48 | efivar
49 | elinks
50 | systemrescue+zfs/epiphany
51 | ethtool
52 | exfatprogs
53 | expac
54 | f2fs-tools
55 | fatresize
56 | file
57 | findutils
58 | flashrom
59 | foremost
60 | fsarchiver
61 | galculator
62 | gawk
63 | systemrescue+zfs/ghex
64 | gnu-netcat
65 | gnupg
66 | gpart
67 | gparted
68 | gpm
69 | gptfdisk
70 | grep
71 | grml-zsh-config
72 | growpartfs
73 | grsync
74 | grub
75 | gsettings-desktop-schemas
76 | gsmartcontrol
77 | gzip
78 | hardinfo
79 | hdparm
80 | hexedit
81 | htop
82 | hwinfo
83 | iftop
84 | inetutils
85 | intel-ucode
86 | inxi
87 | iotop
88 | iperf3
89 | ipmitool
90 | iproute2
91 | iptables
92 | iputils
93 | jfsutils
94 | jq
95 | kexec-tools
96 | less
97 | lftp
98 | libfaketime
99 | libisoburn
100 | libldm
101 | libvncserver
102 | systemrescue+zfs/linux-firmware
103 | linux-firmware-bnx2x
104 | linux-firmware-qlogic
105 | linux-firmware-marvell
106 | linux-lts
107 | linux-lts-headers
108 | lm_sensors
109 | localepurge
110 | lshw
111 | lsof
112 | lsscsi
113 | lua
114 | lua-dkjson
115 | lua-http
116 | lua-yaml
117 | lvm2
118 | lz4
119 | lzip
120 | lzop
121 | man-db
122 | man-pages
123 | mc
124 | mdadm
125 | memtest86+
126 | memtest86+-efi
127 | memtester
128 | systemrescue+zfs/mesa-minimal
129 | minicom
130 | mkinitcpio
131 | mkinitcpio-nfs-utils
132 | mlocate
133 | moreutils
134 | mousepad
135 | ms-sys
136 | mtools
137 | mtr
138 | multipath-tools
139 | nano
140 | nbd
141 | ncdu
142 | ndctl
143 | ndisc6
144 | net-tools
145 | networkmanager
146 | network-manager-applet
147 | networkmanager-openvpn
148 | networkmanager-vpnc
149 | nfs-utils
150 | nilfs-utils
151 | nmap
152 | nm-connection-editor
153 | nmon
154 | ntfs-3g
155 | ntfs-3g-system-compression
156 | ntp
157 | nvme-cli
158 | nwipe
159 | openconnect
160 | openssh
161 | openssl
162 | openvpn
163 | p7zip
164 | pam-u2f
165 | paperkey
166 | par2cmdline
167 | partclone
168 | parted
169 | partimage
170 | pass
171 | patch
172 | pciutils
173 | pcre
174 | perl
175 | perl-libwww
176 | perl-mailtools
177 | perl-net-http
178 | perl-timedate
179 | picocom
180 | pigz
181 | pixz
182 | ppp
183 | pptpclient
184 | procps-ng
185 | psmisc
186 | pv
187 | python
188 | python-llfuse
189 | python-pip
190 | python-yaml
191 | qemu-guest-agent
192 | qemu-img
193 | rclone
194 | rdesktop
195 | rdiff-backup
196 | readline
197 | refind
198 | remmina
199 | ristretto
200 | rkhunter
201 | rp-pppoe
202 | rsync
203 | ruby
204 | rubygems
205 | run-parts
206 | screen
207 | sdparm
208 | sed
209 | sg3_utils
210 | shadow
211 | sleuthkit
212 | smartmontools
213 | smbclient
214 | socat
215 | speedtest-cli
216 | squashfs-tools
217 | sshfs
218 | strace
219 | stress
220 | stressapptest
221 | stress-ng
222 | sudo
223 | syslinux
224 | sysstat
225 | tar
226 | tcpdump
227 | testdisk
228 | thunar-archive-plugin
229 | timeshift
230 | tmux
231 | traceroute
232 | tree
233 | ttf-dejavu
234 | udftools
235 | udpcast
236 | unrar
237 | unzip
238 | usbutils
239 | util-linux
240 | vi
241 | vim
242 | vpnc
243 | wget
244 | whdd
245 | which
246 | whois
247 | wimlib
248 | wipe
249 | wireguard-tools
250 | wireless-regdb
251 | wireless_tools
252 | wpa_supplicant
253 | wqy-microhei
254 | wvdial
255 | x11vnc
256 | xarchiver
257 | xfce4
258 | xfce4-screenshooter
259 | xfce4-taskmanager
260 | xfsdump
261 | xfsprogs
262 | xkbsel
263 | xkeyboard-config
264 | xl2tpd
265 | xorg-drivers
266 | xorg-server
267 | xorg-setxkbmap
268 | xorg-xauth
269 | xorg-xbacklight
270 | xorg-xdpyinfo
271 | xorg-xev
272 | xorg-xhost
273 | xorg-xinit
274 | xorg-xinput
275 | xorg-xkill
276 | xorg-xmodmap
277 | xorg-xprop
278 | xorg-xrandr
279 | xorg-xset
280 | xorg-xwininfo
281 | xz
282 | yay
283 | zerofree
284 | zfs-dkms
285 | zip
286 | zsh
287 | zstd
288 |
--------------------------------------------------------------------------------
/pacman.conf:
--------------------------------------------------------------------------------
1 | #
2 | # /etc/pacman.conf
3 | #
4 | # See the pacman.conf(5) manpage for option and repository directives
5 |
6 | #
7 | # GENERAL OPTIONS
8 | #
9 | [options]
10 | # The following paths are commented out with their default values listed.
11 | # If you wish to use different paths, uncomment and update the paths.
12 | #RootDir = /
13 | #DBPath = /var/lib/pacman/
14 | #CacheDir = /var/cache/pacman/pkg/
15 | #LogFile = /var/log/pacman.log
16 | #GPGDir = /etc/pacman.d/gnupg/
17 | #HookDir = /etc/pacman.d/hooks/
18 | HoldPkg = pacman glibc
19 | #XferCommand = /usr/bin/curl -C - -f %u > %o
20 | #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
21 | #CleanMethod = KeepInstalled
22 | #UseDelta = 0.7
23 | Architecture = auto
24 |
25 | # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
26 | #IgnorePkg =
27 | #IgnoreGroup =
28 |
29 | #NoUpgrade =
30 | #NoExtract =
31 |
32 | # Misc options
33 | #UseSyslog
34 | #Color
35 | #TotalDownload
36 | # We cannot check disk space from within a chroot environment
37 | #CheckSpace
38 | #VerbosePkgLists
39 |
40 | # By default, pacman accepts packages signed by keys that its local keyring
41 | # trusts (see pacman-key and its man page), as well as unsigned packages.
42 | SigLevel = Required DatabaseOptional
43 | LocalFileSigLevel = Optional
44 | #RemoteFileSigLevel = Required
45 |
46 | # NOTE: You must run `pacman-key --init` before first using pacman; the local
47 | # keyring can then be populated with the keys of all official Arch Linux
48 | # packagers with `pacman-key --populate archlinux`.
49 |
50 | #
51 | # REPOSITORIES
52 | # - can be defined here or included from another file
53 | # - pacman will search repositories in the order defined here
54 | # - local/custom mirrors can be added here or in separate files
55 | # - repositories listed first will take precedence when packages
56 | # have identical names, regardless of version number
57 | # - URLs will have $repo replaced by the name of the current repo
58 | # - URLs will have $arch replaced by the name of the architecture
59 | #
60 | # Repository entries are of the format:
61 | # [repo-name]
62 | # Server = ServerName
63 | # Include = IncludePath
64 | #
65 | # The header [repo-name] is crucial - it must be present and
66 | # uncommented to enable the repo.
67 | #
68 |
69 | # The testing repositories are disabled by default. To enable, uncomment the
70 | # repo name header and Include lines. You can add preferred servers immediately
71 | # after the header, and they will be used before the default mirrors.
72 |
73 | # ==== BEGIN sysrescuerepo ====
74 | [sysrescuerepo]
75 | Server = https://sysrescuerepo.system-rescue.org/$arch
76 | SigLevel = Optional TrustAll
77 | # ==== END sysrescuerepo ====
78 |
79 | [archzfs]
80 | Server = https://github.com/archzfs/archzfs/releases/download/experimental
81 | SigLevel = TrustAll
82 |
83 | [systemrescue+zfs]
84 | Server = http://oss.blazis.com/pacman/$repo/$arch
85 | SigLevel = Optional
86 |
87 | [core]
88 | Include = /etc/pacman.d/mirrorlist
89 |
90 | [extra]
91 | Include = /etc/pacman.d/mirrorlist
92 |
--------------------------------------------------------------------------------
/patches/archiso-v43-01-squashfs-options.patch:
--------------------------------------------------------------------------------
1 | diff --git a/archiso/mkarchiso b/archiso/mkarchiso
2 | index 567a5af..ed3f2c1 100755
3 | --- a/archiso/mkarchiso
4 | +++ b/archiso/mkarchiso
5 | @@ -18,6 +18,7 @@ work_dir="work"
6 | out_dir="out"
7 | sfs_mode="sfs"
8 | sfs_comp="xz"
9 | +sfs_opts=""
10 | gpg_key=
11 |
12 | # Show an INFO message
13 | @@ -95,6 +96,8 @@ _usage ()
14 | echo " Default: ${sfs_mode}"
15 | echo " -c Set SquashFS compression type (gzip, lzma, lzo, xz, zstd)"
16 | echo " Default: '${sfs_comp}'"
17 | + echo " -t Set additional SquashFS options"
18 | + echo " Default: ''"
19 | echo " -v Enable verbose output"
20 | echo " -h This message"
21 | echo " commands:"
22 | @@ -223,9 +226,9 @@ _mkairootfs_img () {
23 | mkdir -p "${work_dir}/iso/${install_dir}/${arch}"
24 | _msg_info "Creating SquashFS image, this may take some time..."
25 | if [[ "${quiet}" = "y" ]]; then
26 | - mksquashfs "${work_dir}/airootfs.img" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" -no-progress &> /dev/null
27 | + mksquashfs "${work_dir}/airootfs.img" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" ${sfs_opts} -no-progress &> /dev/null
28 | else
29 | - mksquashfs "${work_dir}/airootfs.img" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" -no-progress
30 | + mksquashfs "${work_dir}/airootfs.img" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" ${sfs_opts} -no-progress
31 | fi
32 | _msg_info "Done!"
33 | rm ${work_dir}/airootfs.img
34 | @@ -240,9 +243,9 @@ _mkairootfs_sfs () {
35 | mkdir -p "${work_dir}/iso/${install_dir}/${arch}"
36 | _msg_info "Creating SquashFS image, this may take some time..."
37 | if [[ "${quiet}" = "y" ]]; then
38 | - mksquashfs "${work_dir}/airootfs" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" -no-progress &> /dev/null
39 | + mksquashfs "${work_dir}/airootfs" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" ${sfs_opts} -no-progress &> /dev/null
40 | else
41 | - mksquashfs "${work_dir}/airootfs" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" -no-progress
42 | + mksquashfs "${work_dir}/airootfs" "${work_dir}/iso/${install_dir}/${arch}/airootfs.sfs" -noappend -comp "${sfs_comp}" ${sfs_opts} -no-progress
43 | fi
44 | _msg_info "Done!"
45 | }
46 | @@ -369,7 +372,7 @@ fi
47 |
48 | umask 0022
49 |
50 | -while getopts 'p:r:C:L:P:A:D:w:o:s:c:g:vh' arg; do
51 | +while getopts 'p:r:C:L:P:A:D:w:o:s:c:t:g:vh' arg; do
52 | case "${arg}" in
53 | p) pkg_list="${pkg_list} ${OPTARG}" ;;
54 | r) run_cmd="${OPTARG}" ;;
55 | @@ -382,6 +385,7 @@ while getopts 'p:r:C:L:P:A:D:w:o:s:c:g:vh' arg; do
56 | o) out_dir="${OPTARG}" ;;
57 | s) sfs_mode="${OPTARG}" ;;
58 | c) sfs_comp="${OPTARG}" ;;
59 | + t) sfs_opts="${OPTARG}" ;;
60 | g) gpg_key="${OPTARG}" ;;
61 | v) quiet="n" ;;
62 | h|?) _usage 0 ;;
63 |
--------------------------------------------------------------------------------
/patches/archiso-v43-02-fix-pxeboot-dhcp.patch:
--------------------------------------------------------------------------------
1 | diff -urN archiso-43-a/archiso/initcpio/hooks/archiso_pxe_common archiso-43-b/archiso/initcpio/hooks/archiso_pxe_common
2 | --- archiso-43-a/archiso/initcpio/hooks/archiso_pxe_common 2019-10-16 12:10:09.000000000 +0100
3 | +++ archiso-43-b/archiso/initcpio/hooks/archiso_pxe_common 2020-05-24 16:53:12.941000000 +0100
4 | @@ -61,10 +61,11 @@
5 | [[ -z "${copy_resolvconf}" ]] && copy_resolvconf="y"
6 |
7 | if [[ "${copytoram}" == "y" ]]; then
8 | - if [[ -n "${bootif_dev}" ]]; then
9 | - ip addr flush dev "${bootif_dev}"
10 | - ip link set "${bootif_dev}" down
11 | - fi
12 | + for curif in /sys/class/net/*; do
13 | + netdev=${curif#/sys/class/net/}
14 | + ip addr flush dev "${netdev}"
15 | + ip link set "${netdev}" down
16 | + done
17 | elif [[ "${copy_resolvconf}" != "n" && -f /etc/resolv.conf ]]; then
18 | cp /etc/resolv.conf /new_root/etc/resolv.conf
19 | fi
20 |
--------------------------------------------------------------------------------
/patches/archiso-v43-03-fix-pxeboot-multiple-interfaces.patch:
--------------------------------------------------------------------------------
1 | diff --git a/archiso/initcpio/hooks/archiso_pxe_common b/archiso/initcpio/hooks/archiso_pxe_common
2 | index 2380ca3..fa2a6a0 100644
3 | --- a/archiso/initcpio/hooks/archiso_pxe_common
4 | +++ b/archiso/initcpio/hooks/archiso_pxe_common
5 | @@ -3,6 +3,8 @@
6 | run_hook () {
7 | # Do *not* declare 'bootif_dev' local! We need it in run_latehook().
8 | local i net_mac bootif_mac
9 | + local ifdevlist
10 | + local ipcfgres
11 | # These variables will be parsed from /tmp/net-*.conf generated by ipconfig
12 | local DEVICE
13 | local IPV4ADDR IPV4BROADCAST IPV4NETMASK IPV4GATEWAY IPV4DNS0 IPV4DNS1
14 | @@ -19,18 +21,40 @@ run_hook () {
15 | if [[ "${bootif_mac}" == "${net_mac}" ]]; then
16 | bootif_dev=${i#/sys/class/net/}
17 | bootif_dev=${bootif_dev%/address}
18 | + ifdevlist="${bootif_dev}"
19 | break
20 | fi
21 | done
22 | - if [[ "${ip}" == "dhcp" ]]; then
23 | - ip=":::::${bootif_dev}:dhcp"
24 | - else
25 | - ip="${ip}::${bootif_dev}"
26 | - fi
27 | + else
28 | + for i in /sys/class/net/*; do
29 | + bootif_dev=${i#/sys/class/net/}
30 | + if [[ "${bootif_dev}" != 'lo' ]]; then
31 | + ifdevlist="${ifdevlist} ${bootif_dev}"
32 | + fi
33 | + done
34 | fi
35 |
36 | + for bootif_dev in ${ifdevlist}
37 | + do
38 | + if [[ "${ip}" == "dhcp" ]]; then
39 | + ipopt=":::::${bootif_dev}:dhcp"
40 | + else
41 | + ipopt="${ip}::${bootif_dev}"
42 | + fi
43 | +
44 | + # setup network and save some values
45 | + echo "Attempting to configure network interface ${bootif_dev} ..."
46 | + ipconfig -t 20 "ip=${ipopt}"
47 | + ipcfgres=$?
48 | + if [[ ${ipcfgres} -eq 0 ]]; then
49 | + echo "SUCCESS: Network interface ${bootif_dev} has been successfully configured"
50 | + sleep 1
51 | + break
52 | + fi
53 | + done
54 | +
55 | # setup network and save some values
56 | - if ! ipconfig -t 20 "ip=${ip}"; then
57 | + if [[ ${ipcfgres} -ne 0 ]]; then
58 | echo "ERROR; Failed to configure network"
59 | echo " Falling back to interactive prompt"
60 | echo " You can try to fix the problem manually, log out when you are finished"
61 |
--------------------------------------------------------------------------------
/patches/archiso-v43-04-increase-cow-spacesize.patch:
--------------------------------------------------------------------------------
1 | diff -urN archiso-43-a/archiso/initcpio/hooks/archiso archiso-43-b/archiso/initcpio/hooks/archiso
2 | --- archiso-43-a/archiso/initcpio/hooks/archiso 2019-10-16 12:10:09.000000000 +0100
3 | +++ archiso-43-b/archiso/initcpio/hooks/archiso 2020-07-12 09:07:19.715000000 +0100
4 | @@ -124,7 +124,7 @@
5 | [[ -z "${archisobasedir}" ]] && archisobasedir="arch"
6 | [[ -z "${dm_snap_prefix}" ]] && dm_snap_prefix="arch"
7 | [[ -z "${archisodevice}" ]] && archisodevice="/dev/disk/by-label/${archisolabel}"
8 | - [[ -z "${cow_spacesize}" ]] && cow_spacesize="256M"
9 | + [[ -z "${cow_spacesize}" ]] && cow_spacesize="25%"
10 |
11 | if [[ -n "${cow_label}" ]]; then
12 | cow_device="/dev/disk/by-label/${cow_label}"
13 | diff -urN archiso-43-a/docs/README.bootparams archiso-43-b/docs/README.bootparams
14 | --- archiso-43-a/docs/README.bootparams 2019-10-16 12:10:09.000000000 +0100
15 | +++ archiso-43-b/docs/README.bootparams 2020-07-12 09:06:37.766000000 +0100
16 | @@ -46,7 +46,7 @@
17 | dm-snapshot and overlayfs mode.
18 | The argument is an integer and optional unit.
19 | Units are M,G (powers of 1024).
20 | - Default: "256M"
21 | + Default: "25%"
22 | * cow_chunksize= Set chunksize used for dm-snapshot. This is number
23 | of 512 byte blocks to write at once.
24 | Default: "8"
25 |
--------------------------------------------------------------------------------
/patches/archiso-v43-05-add-loadsrm.patch:
--------------------------------------------------------------------------------
1 | diff --git a/archiso/initcpio/hooks/archiso b/archiso/initcpio/hooks/archiso
2 | index 5c56561..ed3c1fa 100644
3 | --- a/archiso/initcpio/hooks/archiso
4 | +++ b/archiso/initcpio/hooks/archiso
5 | @@ -72,6 +72,44 @@ _mnt_sfs() {
6 | _mnt_dev "${sfs_dev}" "${mnt}" "-r" "defaults"
7 | }
8 |
9 | +# arg: /path/to/archisobasedir
10 | +_mnt_srm() {
11 | + local srm_path="${1}"
12 | + local srm_img
13 | + local srm_fullname
14 | + local srm_dev
15 | + local srm_c=1
16 | +
17 | + for srm_img in "${srm_path}"/*.srm ; do
18 | + [[ -e "${srm_img}" ]] || continue
19 | + srm_fullname="${srm_img##*/}"
20 | + if [[ "${copytoram}" == "y" ]]; then
21 | + msg -n ":: Copying '${srm_fullname}' to RAM..."
22 | + if cp "${srm_img}" "/run/archiso/copytoram/${srm_fullname}" ; then
23 | + srm_img="/run/archiso/copytoram/${srm_fullname}"
24 | + msg "done."
25 | + else
26 | + err "while copy '${srm_fullname}' to '/run/archiso/copytoram/${srm_fullname}', ignoring."
27 | + continue
28 | + fi
29 | + fi
30 | + srm_dev=$(losetup --find --show --read-only "${srm_img}")
31 | + # _mnt_dev() will launch shell in case of error
32 | + # SRM is optional, hence call mount directly
33 | + msg ":: Mounting '${srm_dev}' to '/run/archiso/sfs/srm${srm_c}'"
34 | + if mount -o ro,X-mount.mkdir "${srm_dev}" "/run/archiso/sfs/srm${srm_c}" ; then
35 | + overlay_src_extra="${overlay_src_extra}/run/archiso/sfs/srm${srm_c}:"
36 | + echo ${srm_dev} >> /run/archiso/used_block_devices
37 | + srm_c=$(( srm_c + 1 ))
38 | + msg ":: Device '${srm_dev}' mounted successfully."
39 | + else
40 | + losetup -d ${srm_dev}
41 | + [[ "${copytoram}" == "y" ]] && rm -f "${srm_img}"
42 | + err "failed to mount '${srm_dev}', ignoring."
43 | + fi
44 | + done
45 | +}
46 | +
47 | # args: device, mountpoint, flags, opts
48 | _mnt_dev() {
49 | local dev="${1}"
50 | @@ -139,6 +177,9 @@ run_hook() {
51 | [[ -z "${cow_directory}" ]] && cow_directory="persistent_${archisolabel}/${arch}"
52 | [[ -z "${cow_chunksize}" ]] && cow_chunksize="8"
53 |
54 | + # additional overlayfs lowerdirs, set by _mnt_srm()
55 | + overlay_src_extra=""
56 | +
57 | # set mount handler for archiso
58 | mount_handler="archiso_mount_handler"
59 | }
60 | @@ -205,10 +246,13 @@ archiso_mount_handler() {
61 | mkdir -p -m 0700 "/run/archiso/cowspace/${cow_directory}"
62 |
63 | _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" "/run/archiso/sfs/airootfs"
64 | +
65 | + [[ "${loadsrm}" == "y" ]] && _mnt_srm "/run/archiso/bootmnt/${archisobasedir}"
66 | +
67 | if [[ -f "/run/archiso/sfs/airootfs/airootfs.img" ]]; then
68 | _mnt_dmsnapshot "/run/archiso/sfs/airootfs/airootfs.img" "${newroot}" "/"
69 | else
70 | - _mnt_overlayfs "/run/archiso/sfs/airootfs" "${newroot}" "/"
71 | + _mnt_overlayfs "${overlay_src_extra}/run/archiso/sfs/airootfs" "${newroot}" "/"
72 | fi
73 |
74 | if [[ "${copytoram}" == "y" ]]; then
75 |
--------------------------------------------------------------------------------
/patches/archiso-v43-06-copytoram.patch:
--------------------------------------------------------------------------------
1 | diff -urN archiso-43-a/archiso/initcpio/hooks/archiso archiso-43-b/archiso/initcpio/hooks/archiso
2 | --- archiso-43-a/archiso/initcpio/hooks/archiso 2021-12-31 23:32:15.547000000 +0000
3 | +++ archiso-43-b/archiso/initcpio/hooks/archiso 2021-12-31 23:36:53.081000000 +0000
4 | @@ -247,6 +247,23 @@
5 |
6 | _mnt_sfs "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sfs" "/run/archiso/sfs/airootfs"
7 |
8 | + if [[ "${copytoram}" == "y" ]]; then
9 | + if ls -lh /run/archiso/bootmnt/autorun* >/dev/null 2>/dev/null; then
10 | + msg ":: Copying autorun scripts to RAM ..."
11 | + if ! cp -r /run/archiso/bootmnt/autorun* /run/archiso/copytoram/ ; then
12 | + echo "ERROR: failed to copy '/run/archiso/bootmnt/autorun*' to '/run/archiso/copytoram/'"
13 | + launch_interactive_shell
14 | + fi
15 | + fi
16 | + if ls -lh /run/archiso/bootmnt/sysrescue.d >/dev/null 2>/dev/null; then
17 | + msg ":: Copying configuration files to RAM ..."
18 | + if ! cp -r /run/archiso/bootmnt/sysrescue.d /run/archiso/copytoram/ ; then
19 | + echo "ERROR: failed to copy '/run/archiso/bootmnt/sysrescue.d' to '/run/archiso/copytoram/'"
20 | + launch_interactive_shell
21 | + fi
22 | + fi
23 | + fi
24 | +
25 | [[ "${loadsrm}" == "y" ]] && _mnt_srm "/run/archiso/bootmnt/${archisobasedir}"
26 |
27 | if [[ -f "/run/archiso/sfs/airootfs/airootfs.img" ]]; then
28 | @@ -328,6 +328,8 @@
29 |
30 | if [[ "${copytoram}" == "y" ]]; then
31 | umount -d /run/archiso/bootmnt
32 | + # bind-mount bootmnt to create a stable path, for example for autorun scripts
33 | + mount --bind /run/archiso/copytoram /run/archiso/bootmnt
34 | fi
35 | }
36 |
37 |
--------------------------------------------------------------------------------
/patches/archiso-v43-07-yaml-config.patch:
--------------------------------------------------------------------------------
1 | diff --git a/archiso/initcpio/hooks/archiso b/archiso/initcpio/hooks/archiso
2 | index 853652e..53215eb 100644
3 | --- a/archiso/initcpio/hooks/archiso
4 | +++ b/archiso/initcpio/hooks/archiso
5 | @@ -197,6 +197,60 @@
6 | fi
7 | fi
8 |
9 | + msg ":: Creating config dir ..."
10 | + mkdir -p /run/archiso/config/
11 | +
12 | + msg ":: Execute the configuration processing script ..."
13 | + jsonconfig="/run/archiso/config/sysrescue-effective-config.json"
14 | + if ! /usr/bin/sysrescue-configuration.lua > /tmp/sysrescue-configuration.log 2>&1
15 | + then
16 | + echo "ERROR: The configuration processing script has failed"
17 | + cat /tmp/sysrescue-configuration.log
18 | + sleep 20
19 | + fi
20 | +
21 | + msg ":: Define early boot options based on the configuration ..."
22 | + for curentry in "copytoram" "checksum" "loadsrm"
23 | + do
24 | + if value=$(jq --raw-output ".global.${curentry} | tostring | ascii_downcase" ${jsonconfig} 2>/dev/null)
25 | + then
26 | + if [[ "${value}" == 'y' ]] || [[ "${value}" == 'yes' ]] || [[ "${value}" == 't' ]] || \
27 | + [[ "${value}" == 'true' ]] || [[ "${value}" == 'on' ]] || [[ "${value}" == '1' ]] || \
28 | + [[ "${value}" == '1.0' ]] ; then
29 | + echo "Entry '.global.${curentry}' enabled in config: value='${value}'"
30 | + eval "${curentry}='y'"
31 | + elif [[ "${value}" == 'n' ]] || [[ "${value}" == 'no' ]] || [[ "${value}" == 'f' ]] || \
32 | + [[ "${value}" == 'false' ]] || [[ "${value}" == 'off' ]] || [[ "${value}" == '0' ]] || \
33 | + [[ "${value}" == '0.0' ]] || [[ "${value}" == 'null' ]] ; then
34 | + echo "Entry '.global.${curentry}' disabled in config: value='${value}'"
35 | + else
36 | + echo "ERROR: Found invalid value for '.global.${curentry}': value='${value}'"
37 | + sleep 8
38 | + fi
39 | + fi
40 | + done
41 | +
42 | + # read string values set by YAML config, only handle non-empty strings
43 | + for curentry in "cow_label" "cow_directory"
44 | + do
45 | + if value=$(jq --raw-output ".global.${curentry} // empty | tostring" ${jsonconfig} 2>/dev/null)
46 | + then
47 | + if [[ -n "${value}" ]] ; then
48 | + eval "${curentry}='${value}'"
49 | + fi
50 | + fi
51 | + done
52 | +
53 | + # redo handling of cow_label, it could have changed due to yaml config
54 | + if [[ -n "${cow_label}" ]]; then
55 | + cow_device="/dev/disk/by-label/${cow_label}"
56 | + [[ -z "${cow_persistent}" ]] && cow_persistent="P"
57 | + elif [[ -n "${cow_device}" ]]; then
58 | + [[ -z "${cow_persistent}" ]] && cow_persistent="P"
59 | + else
60 | + cow_persistent="N"
61 | + fi
62 | +
63 | if [[ "${checksum}" == "y" ]]; then
64 | if [[ -f "/run/archiso/bootmnt/${archisobasedir}/${arch}/airootfs.sha512" ]]; then
65 | msg -n ":: Self-test requested, please wait..."
66 |
--------------------------------------------------------------------------------
/patches/archiso-v43-08-glibc-fix-dns.patch:
--------------------------------------------------------------------------------
1 | diff -u -r archiso-43.orig/archiso/initcpio/install/archiso_pxe_common archiso-43/archiso/initcpio/install/archiso_pxe_common
2 | --- archiso-43.orig/archiso/initcpio/install/archiso_pxe_common 2022-12-15 21:48:53.560000001 +0000
3 | +++ archiso-43/archiso/initcpio/install/archiso_pxe_common 2022-12-15 21:51:30.649999999 +0000
4 | @@ -8,13 +8,16 @@
5 | add_binary /usr/lib/initcpio/ipconfig /bin/ipconfig
6 |
7 | # Add hosts support files+dns
8 | - add_symlink /usr/lib/libnss_files.so.2 $(readlink /usr/lib/libnss_files.so.2)
9 | - add_binary $(readlink -f /usr/lib/libnss_files.so.2)
10 | - add_symlink /usr/lib/libnss_dns.so.2 $(readlink /usr/lib/libnss_dns.so.2)
11 | - add_binary $(readlink -f /usr/lib/libnss_dns.so.2)
12 | + add_binary /usr/lib/libnss_files.so.2
13 | + add_binary /usr/lib/libnss_dns.so.2
14 | + add_binary /usr/lib/libnss_mymachines.so.2
15 | + add_binary /usr/lib/libnss_resolve.so.2
16 |
17 | add_dir /etc
18 | echo "hosts: files dns" > $BUILDROOT/etc/nsswitch.conf
19 | +
20 | + # the lua dns library (used in sysrescue-configuration.lua) requires /etc/hosts to exist
21 | + touch $BUILDROOT/etc/hosts
22 | }
23 |
24 | help() {
25 |
--------------------------------------------------------------------------------
/patches/archiso-v43-09-pxe_http.patch:
--------------------------------------------------------------------------------
1 | diff -u -r archiso-43.orig/archiso/initcpio/hooks/archiso_pxe_http archiso-43/archiso/initcpio/hooks/archiso_pxe_http
2 | --- archiso-43.orig/archiso/initcpio/hooks/archiso_pxe_http 2019-10-16 11:10:09.000000000 +0000
3 | +++ archiso-43/archiso/initcpio/hooks/archiso_pxe_http 2022-09-11 13:49:55.913331725 +0000
4 | @@ -23,7 +23,9 @@
5 | local _dst="${2}"
6 |
7 | msg ":: Downloading '${_url}'"
8 | - if ! curl -L -f -o "/run/archiso/httpspace/${archisobasedir}${_dst}/${_url##*/}" --create-dirs "${_url}"; then
9 | +
10 | + # use --insecure to allow downloading from https urls (we don't have a CA trust database in initramfs)
11 | + if ! curl -L -f --insecure -o "/run/archiso/bootmnt/${archisobasedir}${_dst}/${_url##*/}" --create-dirs "${_url}"; then
12 | echo "ERROR: Downloading '${_url}'"
13 | echo " Falling back to interactive prompt"
14 | echo " You can try to fix the problem manually, log out when you are finished"
15 | @@ -34,9 +36,9 @@
16 | archiso_pxe_http_mount_handler () {
17 | newroot="${1}"
18 |
19 | - msg ":: Mounting /run/archiso/httpspace (tmpfs) filesystem, size='${archiso_http_spc}'"
20 | - mkdir -p "/run/archiso/httpspace"
21 | - mount -t tmpfs -o size="${archiso_http_spc}",mode=0755 httpspace "/run/archiso/httpspace"
22 | + msg ":: Mounting /run/archiso/bootmnt (tmpfs) filesystem, size='${archiso_http_spc}'"
23 | + mkdir -p "/run/archiso/bootmnt"
24 | + mount -t tmpfs -o size="${archiso_http_spc}",mode=0755 bootmnt "/run/archiso/bootmnt"
25 |
26 | _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs" "/${arch}"
27 |
28 | @@ -47,8 +49,5 @@
29 | _curl_get "${archiso_http_srv}${archisobasedir}/${arch}/airootfs.sfs.sig" "/${arch}"
30 | fi
31 |
32 | - mkdir -p "/run/archiso/bootmnt"
33 | - mount -o bind /run/archiso/httpspace /run/archiso/bootmnt
34 | -
35 | archiso_mount_handler ${newroot}
36 | }
37 |
--------------------------------------------------------------------------------
/srm/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/nchevsky/systemrescue-zfs/023ef86591a00e0677d3019856770dba186af7a9/srm/.gitkeep
--------------------------------------------------------------------------------
/syslinux/syslinux.cfg:
--------------------------------------------------------------------------------
1 | DEFAULT loadconfig
2 |
3 | LABEL loadconfig
4 | CONFIG sysresccd.cfg
5 | APPEND ../../
6 |
--------------------------------------------------------------------------------
/syslinux/sysresccd.cfg:
--------------------------------------------------------------------------------
1 | DEFAULT select
2 |
3 | LABEL select
4 | COM32 boot/syslinux/whichsys.c32
5 | APPEND -pxe- pxe -sys- sys -iso- sys
6 |
7 | LABEL pxe
8 | CONFIG boot/syslinux/sysresccd_pxe.cfg
9 |
10 | LABEL sys
11 | CONFIG boot/syslinux/sysresccd_sys.cfg
12 |
--------------------------------------------------------------------------------
/syslinux/sysresccd_custom.cfg:
--------------------------------------------------------------------------------
1 | # This file is intended for customizing the boot menu of SystemRescue
2 | #
3 | # Either edit this file on a writable media
4 | # or use https://www.system-rescue.org/scripts/sysrescue-customize/ to replace it
5 |
6 |
--------------------------------------------------------------------------------
/syslinux/sysresccd_head.cfg:
--------------------------------------------------------------------------------
1 | SERIAL 0 115200
2 | UI boot/syslinux/vesamenu.c32
3 | MENU TITLE %ISO_APPLICATION% %ISO_VERSION%
4 | MENU BACKGROUND #c000a8a8
5 | TIMEOUT 300
6 |
7 | MENU WIDTH 78
8 | MENU MARGIN 4
9 | MENU ROWS 15
10 | MENU TABMSGROW 22
11 | MENU CMDLINEROW 22
12 | MENU HELPMSGROW 24
13 | MENU HELPMSGENDROW 37
14 |
15 | # Refer to https://wiki.syslinux.org/wiki/index.php?title=Doc/menu
16 |
17 | MENU COLOR border 30;44 #40ffffff #a0000000 std
18 | MENU color title 1;31;40 #FFFF0000 #00000000 std
19 | MENU color sel 7;37;40 #FF000000 #FFC0C0C0 all
20 | MENU color unsel 37;44 #FF000000 #00000000 none
21 | MENU COLOR help 37;40 #c0ffffff #a0000000 std
22 | MENU COLOR timeout_msg 37;40 #80ffffff #00000000 std
23 | MENU COLOR timeout 1;37;40 #c0ffffff #00000000 std
24 | MENU COLOR msg07 37;40 #90ffffff #a0000000 std
25 | MENU color tabmsg 1;31;40 #FFFFFF00 #00000000 std
26 |
--------------------------------------------------------------------------------
/syslinux/sysresccd_pxe.cfg:
--------------------------------------------------------------------------------
1 | INCLUDE boot/syslinux/sysresccd_head.cfg
2 |
3 | LABEL sysresccd_nbd
4 | TEXT HELP
5 | Boot the SystemRescue live medium (Using NBD).
6 | It allows you to install Arch Linux or perform system maintenance.
7 | ENDTEXT
8 | MENU LABEL Boot SystemRescue (NBD)
9 | LINUX boot/%ISO_ARCH%/vmlinuz
10 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
11 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% archiso_nbd_srv=${pxeserver} %DEFAULT_KERNEL_PARAM% %CONSOLES%
12 | SYSAPPEND 3
13 |
14 | LABEL sysresccd_nfs
15 | TEXT HELP
16 | Boot the SystemRescue live medium (Using NFS).
17 | It allows you to install Arch Linux or perform system maintenance.
18 | ENDTEXT
19 | MENU LABEL Boot SystemRescue (NFS)
20 | LINUX boot/%ISO_ARCH%/vmlinuz
21 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
22 | APPEND archisobasedir=%INSTALL_DIR% archiso_nfs_srv=${pxeserver}:/run/sysresccd/bootmnt %DEFAULT_KERNEL_PARAM% %CONSOLES%
23 | SYSAPPEND 3
24 |
25 | LABEL sysresccd_http
26 | TEXT HELP
27 | Boot the SystemRescue live medium (Using HTTP).
28 | It allows you to install Arch Linux or perform system maintenance.
29 | ENDTEXT
30 | MENU LABEL Boot SystemRescue (HTTP)
31 | LINUX boot/%ISO_ARCH%/vmlinuz
32 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
33 | APPEND archisobasedir=%INSTALL_DIR% archiso_http_srv=http://${pxeserver}/ %DEFAULT_KERNEL_PARAM% %CONSOLES%
34 | SYSAPPEND 3
35 |
36 | INCLUDE boot/syslinux/sysresccd_tail.cfg
37 |
--------------------------------------------------------------------------------
/syslinux/sysresccd_sys.cfg:
--------------------------------------------------------------------------------
1 | INCLUDE boot/syslinux/sysresccd_head.cfg
2 |
3 | LABEL sysresccd
4 | TEXT HELP
5 | Boot the SystemRescue live medium.
6 | ENDTEXT
7 | MENU LABEL Boot SystemRescue using default options
8 | LINUX boot/%ISO_ARCH%/vmlinuz
9 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
10 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES%
11 |
12 | LABEL sysresccd_nofirewall
13 | TEXT HELP
14 | Boot the SystemRescue live medium with the firewall disabled.
15 | ENDTEXT
16 | MENU LABEL Boot SystemRescue with the firewall disabled (nofirewall)
17 | LINUX boot/%ISO_ARCH%/vmlinuz
18 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
19 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES% nofirewall
20 |
21 | LABEL sysresccd_copytoram
22 | TEXT HELP
23 | Boot the SystemRescue live medium and copy system to RAM
24 | ENDTEXT
25 | MENU LABEL Boot SystemRescue and copy system to RAM (copytoram)
26 | LINUX boot/%ISO_ARCH%/vmlinuz
27 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
28 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES% copytoram
29 |
30 | LABEL sysresccd_checksum
31 | TEXT HELP
32 | Boot SystemRescue and verify the integrity of the live medium
33 | ENDTEXT
34 | MENU LABEL Boot SystemRescue and verify integrity of the medium (checksum)
35 | LINUX boot/%ISO_ARCH%/vmlinuz
36 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
37 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES% checksum
38 |
39 | LABEL sysresccd_nomodeset
40 | TEXT HELP
41 | Boot using basic display drivers to avoid display issues
42 | ENDTEXT
43 | MENU LABEL Boot SystemRescue using basic display drivers (nomodeset)
44 | LINUX boot/%ISO_ARCH%/vmlinuz
45 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
46 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES% nomodeset
47 |
48 | LABEL sysresccd-nomdlvm
49 | TEXT HELP
50 | Do not activate md raid or lvm to prevent any unwanted disk writes,
51 | for example for forensics or restoring data from broken media.
52 | ENDTEXT
53 | MENU LABEL Boot SystemRescue, do not activate md raid or lvm (nomdlvm)
54 | LINUX boot/%ISO_ARCH%/vmlinuz
55 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
56 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES% nomdlvm
57 |
58 | LABEL sysresccd_findroot
59 | TEXT HELP
60 | Boot from a Linux operating system installed on the disk
61 | ENDTEXT
62 | MENU LABEL Boot a Linux operating system installed on the disk (findroot)
63 | LINUX boot/%ISO_ARCH%/vmlinuz
64 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
65 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES% findroot
66 |
67 | LABEL sysresccd_break
68 | TEXT HELP
69 | Stop during the boot process before mounting the root filesystem
70 | ENDTEXT
71 | MENU LABEL Stop during the boot process before mounting the root filesystem
72 | LINUX boot/%ISO_ARCH%/vmlinuz
73 | INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
74 | APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% %DEFAULT_KERNEL_PARAM% %CONSOLES% break
75 |
76 | INCLUDE boot/syslinux/sysresccd_custom.cfg
77 |
78 | INCLUDE boot/syslinux/sysresccd_tail.cfg
79 |
--------------------------------------------------------------------------------
/syslinux/sysresccd_tail.cfg:
--------------------------------------------------------------------------------
1 | LABEL existing
2 | TEXT HELP
3 | Boot an existing operating system.
4 | Press TAB to edit the disk and partition number to boot.
5 | ENDTEXT
6 | MENU LABEL Boot existing OS
7 | COM32 boot/syslinux/chain.c32
8 | APPEND hd0 0
9 |
10 | # http://www.memtest.org/
11 | LABEL memtest
12 | MENU LABEL Run Memtest86+ (RAM test)
13 | LINUX boot/memtest
14 | APPEND %CONSOLES%
15 |
16 | # http://hdt-project.org/
17 | #LABEL hdt
18 | #MENU LABEL Hardware Information (HDT)
19 | #COM32 boot/syslinux/hdt.c32
20 | #APPEND modules_alias=boot/syslinux/hdt/modalias.gz pciids=boot/syslinux/hdt/pciids.gz
21 |
22 | LABEL reboot
23 | MENU LABEL Reboot
24 | COM32 boot/syslinux/reboot.c32
25 |
26 | LABEL poweroff
27 | MENU LABEL Power Off
28 | COM32 boot/syslinux/poweroff.c32
29 |
--------------------------------------------------------------------------------
/sysrescue.d/100-defaults.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | global:
3 | copytoram: false
4 | checksum: false
5 | loadsrm: false
6 | dostartx: false
7 | dovnc: false
8 | noautologin: false
9 | nofirewall: false
10 |
11 | autorun:
12 | ar_disable: false
13 | ar_nowait: true
14 | ar_nodel: false
15 | ar_attempts: 1
16 | ar_ignorefail: false
17 | ar_suffixes: "0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F"
18 |
19 | sysconfig:
20 | bash_history:
21 | 100: "setkmap"
22 |
--------------------------------------------------------------------------------
/sysrescue.d/999-custom.yaml:
--------------------------------------------------------------------------------
1 | sysconfig:
2 | bookmarks: false # don't generate Firefox configuration
3 |
--------------------------------------------------------------------------------