From 0ae528309291013ee92f28fa99cbac095e1c84b4 Mon Sep 17 00:00:00 2001 From: Maximilian Friedersdorff Date: Wed, 23 May 2018 11:38:35 +0100 Subject: [PATCH] More changes --- build_deps.sh | 151 ++++++++++++++++++++++++++++++++++++++++---------- filelist | 9 +++ 2 files changed, 130 insertions(+), 30 deletions(-) diff --git a/build_deps.sh b/build_deps.sh index 2223340..a0244c0 100755 --- a/build_deps.sh +++ b/build_deps.sh @@ -1,49 +1,52 @@ #!/bin/bash -version () { - equery list $1 | tail -n 1 | sed 's/.*-//' -} +set -e + +# Set some more or less unchanging variables +SSH_PORT="22" +DYN_BIN="/usr/sbin/pcscd /usr/lib64/readers/usb/ifd-ccid.bundle/Contents/Linux/libccid.so" + +RD=$(mktemp -d) +wd=$(mktemp -d) packages="/usr/portage/distfiles" -wd="/usr/src/initramfs/builds" cur=$(pwd) busybox="busybox" -busybox_ver="$(version ${busybox})" - cryptsetup="cryptsetup" -cryptsetup_ver="$(version ${cryptsetup})" - lvm="LVM" -lvm_ver="2.2.02.166" +dropbear="dropbear" +gpg="gnupg" -busybox="busybox" -busybox_ver="$(version ${dropbear})" +distfile () { + find $packages -iname "${1}*" | head -n 1 +} + +# Create basic directory structure +mkdir -p ${RD}/{bin,dev,etc/dropbear,lib64,mnt/root,proc,root/.ssh,sys,usr/sbin,var/log,var/run} -if [ -d ${wd} ]; then - rm -rf ${wd} -fi -mkdir ${wd} cd ${wd} -tar xf ${packages}/${busybox}-${busybox_ver}.tar.bz2 +tar xf $(distfile ${busybox}) -cp ${cur}/busybox_config ${busybox}-${busybox_ver}/.config -cd ${busybox}-${busybox_ver} +cd ${busybox}* +cp ${cur}/busybox_config ./.config make -j8 make install mkdir ${wd}/busybox/bin -p -cp _install/bin/busybox ${wd}/busybox/bin +cp _install/bin/busybox ${RD}/bin/busybox +cp examples/udhcp/simple.script ${RD}/bin/simple.script cd ${wd} -tar xf ${packages}/${cryptsetup}-${cryptsetup_ver}.tar.xz +tar xf $(distfile ${cryptsetup}) -cd ${cryptsetup}-${cryptsetup_ver} +cd ${cryptsetup}* -./configure --enable-static=yes \ +./configure --prefix=/ \ + --enable-static=yes \ --enable-shared=no \ --disable-nls \ --enable-static-cryptsetup \ @@ -55,13 +58,14 @@ cd ${cryptsetup}-${cryptsetup_ver} --with-crypto_backend=kernel make -j8 -make install DESTDIR=${wd}/cryptsetup +make install DESTDIR=${RD} +mv -f ${RD}/sbin/cryptsetup.static ${RD}/sbin/cryptsetup cd ${wd} -tar xf ${packages}/${lvm}${lvm_ver}.tgz +tar xf $(distfile ${lvm}) -cd ${lvm}${lvm_ver} +cd ${lvm}* CFLAGS="-fPIC" \ @@ -78,15 +82,17 @@ CFLAGS="-fPIC" \ --disable-udev-systemd-background-jobs make -j8 -make install DESTDIR=${wd}/lvm +make install DESTDIR=${RD} +mv -f ${RD}/sbin/lvm.static ${RD}/sbin/lvm cd ${wd} -tar xf ${packages}/${dropbear}-${dropbear_ver}.tar.bz2 +tar xf $(distfile ${dropbear}) -cd ${dropbear}-${dropbear} +cd ${dropbear}* -./configure --enable-static \ +./configure --prefix=/ \ + --enable-static \ --disable-syslog \ --disable-utmp \ --disable-utmpx \ @@ -98,5 +104,90 @@ cd ${dropbear}-${dropbear} --disable-shadow make -j8 -make install DESTDIR=${wd}/dropbear +make install DESTDIR=${RD} + +cd ${wd} + +tar xf $(distfile ${gpg}) + +cd ${gpg}* + +LDFLAGS="-static" \ + ./configure \ + --prefix=/ \ + --enable-static_rnd=linux \ + --disable-gnupg-iconv \ + --enable-minimal \ + --disable-agent-support \ + --disable-photo-viewers \ + --disable-keyserver-helpers \ + --disable-dns-srv \ + --disable-dns-cert \ + --without-readline \ + --with-included-zlib \ + --enable-card-support \ + --enable-noexecstack + +make -j8 +make install DESTDIR=${RD} + + +# Copy all necessary dynamic libraries +for bin in ${DYN_BIN}; do + for lib in $(lddtree -l ${bin}); do + DIR=$(dirname ${lib}) + mkdir -p ${RD}${DIR} + cp -L ${lib} ${RD}${lib} + done +done + +cat << EOF > ${RD}/init +#!/bin/busybox sh +rescue_shell() { + /bin/busybox echo "Something went wrong. Dropping you to a shell" + /bin/busybox --install -s + exec /bin/sh +} + +# Mount filesystems +/bin/busybox mount -t devtmpfs none /dev || rescue_shell +/bin/busybox mount -t proc none /proc || rescue_shell +/bin/busybox mount -t sysfs none /sys || rescue_shell +#/bin/busybox echo 0 > /proc/sys/kernel/printk || rescue_shell + +# Unlock luks device +/sbin/cryptsetup -T 5 luksOpen /dev/sdb3 lukssdb3 || rescue_shell + +# Create LVM nodes /dev/main/root etc +/sbin/lvm vgscan --mknodes || rescue_shell +/sbin/lvm lvchange -a ly main/root || rescue_shell +/sbin/lvm lvchange -a ly main/home || rescue_shell +/sbin/lvm lvchange -a ly main/swap || rescue_shell +/sbin/lvm vgscan --mknodes || rescue_shell + +# Mount root fs +/bin/busybox mount -o ro /dev/main/root /mnt/root || rescue_shell + +# Unmount filesystems +/bin/busybox umount /dev || rescue_shell + +# Rescue shell for dicking around: +/bin/busybox install -s +/bin/sh + +# Boot system +exec /bin/busybox switch_root /mnt/root /sbin/init || rescue_shell +EOF + +chmod +x ${RD}/init + +find ${RD} -type f -printf "/%P %p %m 0 0\n" > ${wd}/filelist +find ${RD} -type d -printf "/%P %m 0 0 \n" >> ${wd}/filelist + +pushd /usr/src/linux +/usr/src/linux/scripts/gen_initramfs_list.sh \ + -o ${wd}/initramfs.gz -u "squash" -g "squash" ${wd}/filelist +popd +echo "Initramfs has been generated at ${RD}" +echo "Initramfs.gz has been generated at ${wd}/initramfs.gz" diff --git a/filelist b/filelist index badb303..cb860d9 100644 --- a/filelist +++ b/filelist @@ -5,9 +5,18 @@ dir /mnt/root 755 0 0 dir /proc 755 0 0 dir /sbin 755 0 0 dir /sys 755 0 0 +dir /etc 755 0 0 file /sbin/lvm /usr/src/initramfs/builds/lvm/sbin/lvm.static 755 0 0 + file /sbin/cryptsetup /usr/src/initramfs/builds/cryptsetup/usr/sbin/cryptsetup.static 755 0 0 + file /bin/busybox /usr/src/initramfs/builds/busybox/bin/busybox 755 0 0 +file /sbin/dropbear /usr/src/initramfs/builds/dropbear/usr/local/sbin/dropbear 755 0 0 +file /etc/ssh/ssh_host_rsa_key /etc/ssh_host_rsa_key 644 0 0 +file /etc/ssh/ssh_host_rsa_key.pub /etc/ssh_host_rsa_key.pub 644 0 0 + +file /bin/gpg /usr/src/initramfs/builds/gnupg/usr/local/bin/gpg 755 0 0 + file /init /usr/src/initramfs/init 755 0 0 -- 2.46.2