build_deps.sh

   1 #!/bin/bash
   2
   3 set -e
   4
   5 # Set some more or less unchanging variables
   6 SSH_PORT="22"
   7 DYN_BIN="/usr/sbin/pcscd /usr/lib64/readers/usb/ifd-ccid.bundle/Contents/Linux/libccid.so"
   8
   9 RD=$(mktemp -d)
  10 wd=$(mktemp -d)
  11
  12 packages="/usr/portage/distfiles"
  13 cur=$(pwd)
  14
  15 busybox="busybox"
  16 cryptsetup="cryptsetup"
  17 lvm="LVM"
  18 dropbear="dropbear"
  19 gpg="gnupg"
  20
  21 distfile () {
  22   find $packages -iname "${1}*" | head -n 1
  23 }
  24
  25 # Create basic directory structure
  26 mkdir -p ${RD}/{bin,dev,etc/dropbear,lib64,mnt/root,proc,root/.ssh,sys,usr/sbin,var/log,var/run}
  27
  28
  29 cd ${wd}
  30
  31 tar xf $(distfile ${busybox})
  32
  33 cd ${busybox}*
  34 cp ${cur}/busybox_config ./.config
  35
  36 make -j8
  37 make install
  38 mkdir ${wd}/busybox/bin -p
  39 cp _install/bin/busybox ${RD}/bin/busybox
  40 cp examples/udhcp/simple.script ${RD}/bin/simple.script
  41
  42 cd ${wd}
  43
  44 tar xf $(distfile ${cryptsetup})
  45
  46 cd ${cryptsetup}*
  47
  48 ./configure --prefix=/ \
  49   --enable-static=yes \
  50   --enable-shared=no \
  51   --disable-nls \
  52   --enable-static-cryptsetup \
  53   --disable-verity-setup \
  54   --disable-cryptsetup-reencrypt \
  55   --disable-integritysetup \
  56   --disable-selinux \
  57   --disable-udev \
  58   --with-crypto_backend=kernel
  59
  60 make -j8
  61 make install DESTDIR=${RD}
  62 mv -f ${RD}/sbin/cryptsetup.static ${RD}/sbin/cryptsetup
  63
  64 cd ${wd}
  65
  66 tar xf $(distfile ${lvm})
  67
  68 cd ${lvm}*
  69
  70
  71 CFLAGS="-fPIC" \
  72   LIBS="-luuid -lrt -lpthread -lm" \
  73   ./configure --prefix=/ \
  74   --enable-static_link \
  75   --with-mirrors=none \
  76   --with-snapshots=none \
  77   --with-thin=none \
  78   --with-cache=none \
  79   --with-lvm1=none \
  80   --with-clvmd=none \
  81   --with-pool=none \
  82   --disable-udev-systemd-background-jobs
  83
  84 make -j8
  85 make install DESTDIR=${RD}
  86 mv -f ${RD}/sbin/lvm.static ${RD}/sbin/lvm
  87
  88 cd ${wd}
  89
  90 tar xf $(distfile ${dropbear})
  91
  92 cd ${dropbear}*
  93
  94 ./configure --prefix=/ \
  95   --enable-static \
  96   --disable-syslog \
  97   --disable-utmp \
  98   --disable-utmpx \
  99   --disable-wtmp \
 100   --disable-wtmpx \
 101   --disable-harden \
 102   --disable-zlib \
 103   --disable-pam \
 104   --disable-shadow
 105
 106 make -j8
 107 make install DESTDIR=${RD}
 108
 109 cd ${wd}
 110
 111 tar xf $(distfile ${gpg})
 112
 113 cd ${gpg}*
 114
 115 LDFLAGS="-static" \
 116   ./configure \
 117   --prefix=/ \
 118   --enable-static_rnd=linux \
 119   --disable-gnupg-iconv \
 120   --enable-minimal \
 121   --disable-agent-support \
 122   --disable-photo-viewers \
 123   --disable-keyserver-helpers \
 124   --disable-dns-srv \
 125   --disable-dns-cert \
 126   --without-readline \
 127   --with-included-zlib \
 128   --enable-card-support \
 129   --enable-noexecstack
 130
 131 make -j8
 132 make install DESTDIR=${RD}
 133
 134
 135 # Copy all necessary dynamic libraries
 136 for bin in ${DYN_BIN}; do
 137   for lib in $(lddtree -l ${bin}); do
 138     DIR=$(dirname ${lib})
 139     mkdir -p ${RD}${DIR}
 140     cp -L ${lib} ${RD}${lib}
 141   done
 142 done
 143
 144 cat << EOF > ${RD}/init
 145 #!/bin/busybox sh
 146 rescue_shell() {
 147         /bin/busybox echo "Something went wrong. Dropping you to a shell"
 148         /bin/busybox --install -s
 149         exec /bin/sh
 150 }
 151
 152 # Mount filesystems
 153 /bin/busybox mount -t devtmpfs none /dev || rescue_shell
 154 /bin/busybox mount -t proc none /proc || rescue_shell
 155 /bin/busybox mount -t sysfs none /sys || rescue_shell
 156 #/bin/busybox echo 0 > /proc/sys/kernel/printk || rescue_shell
 157
 158 # Unlock luks device
 159 /sbin/cryptsetup -T 5 luksOpen /dev/sdb3 lukssdb3 || rescue_shell
 160
 161 # Create LVM nodes /dev/main/root etc
 162 /sbin/lvm vgscan --mknodes || rescue_shell
 163 /sbin/lvm lvchange -a ly main/root || rescue_shell
 164 /sbin/lvm lvchange -a ly main/home || rescue_shell
 165 /sbin/lvm lvchange -a ly main/swap || rescue_shell
 166 /sbin/lvm vgscan --mknodes || rescue_shell
 167
 168 # Mount root fs
 169 /bin/busybox mount -o ro /dev/main/root /mnt/root || rescue_shell
 170
 171 # Unmount filesystems
 172 /bin/busybox umount /dev || rescue_shell
 173
 174 # Rescue shell for dicking around:
 175 /bin/busybox install -s
 176 /bin/sh
 177
 178 # Boot system
 179 exec /bin/busybox switch_root /mnt/root /sbin/init || rescue_shell
 180 EOF
 181
 182 chmod +x ${RD}/init
 183
 184 find ${RD} -type f -printf "/%P %p %m 0 0\n" > ${wd}/filelist
 185 find ${RD} -type d -printf "/%P %m 0 0 \n" >> ${wd}/filelist
 186
 187 pushd /usr/src/linux
 188 /usr/src/linux/scripts/gen_initramfs_list.sh \
 189   -o ${wd}/initramfs.gz -u "squash" -g "squash" ${wd}/filelist
 190 popd
 191
 192 echo "Initramfs has been generated at ${RD}"
 193 echo "Initramfs.gz has been generated at ${wd}/initramfs.gz"