mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-27 03:11:52 +01:00
25c1155771
a new filesystem before packaging it into a disk image. This prevents "remnants" of deleted files from showing up in the VM images, and reduces their compressed size (by about 10% for the cloudware images) as a result. Looks good to: gjb
215 lines
4.4 KiB
Bash
215 lines
4.4 KiB
Bash
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
#
|
|
# Common functions for virtual machine image build scripts.
|
|
#
|
|
|
|
export PATH="/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
|
|
trap "cleanup" INT QUIT TRAP ABRT TERM
|
|
|
|
write_partition_layout() {
|
|
if [ -z "${NOSWAP}" ]; then
|
|
SWAPOPT="-p freebsd-swap/swapfs::1G"
|
|
fi
|
|
|
|
case "${TARGET}:${TARGET_ARCH}" in
|
|
amd64:amd64 | i386:i386)
|
|
mkimg -s gpt -b /boot/pmbr \
|
|
-p freebsd-boot/bootfs:=/boot/gptboot \
|
|
${SWAPOPT} \
|
|
-p freebsd-ufs/rootfs:=${VMBASE} \
|
|
-o ${VMIMAGE}
|
|
;;
|
|
powerpc:powerpc*)
|
|
mkimg -s apm \
|
|
-p apple-boot/bootfs:=/boot/boot1.hfs \
|
|
${SWAPOPT} \
|
|
-p freebsd-ufs/rootfs:=${VMBASE} \
|
|
-o ${VMIMAGE}
|
|
;;
|
|
*)
|
|
# ENOTSUPP
|
|
return 1
|
|
;;
|
|
esac
|
|
|
|
return 0
|
|
}
|
|
|
|
err() {
|
|
printf "${@}\n"
|
|
cleanup
|
|
return 1
|
|
}
|
|
|
|
cleanup() {
|
|
umount ${DESTDIR}/dev 2>/dev/null
|
|
umount ${DESTDIR}
|
|
if [ ! -z "${mddev}" ]; then
|
|
mdconfig -d -u ${mddev}
|
|
fi
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_create_base() {
|
|
# Creates the UFS root filesystem for the virtual machine disk,
|
|
# written to the formatted disk image with mkimg(1).
|
|
|
|
mkdir -p ${DESTDIR}
|
|
truncate -s ${VMSIZE} ${VMBASE}
|
|
mddev=$(mdconfig -f ${VMBASE})
|
|
newfs -j /dev/${mddev}
|
|
mount /dev/${mddev} ${DESTDIR}
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_copy_base() {
|
|
# Creates a new UFS root filesystem and copies the contents of the
|
|
# current root filesystem into it. This produces a "clean" disk
|
|
# image without any remnants of files which were created temporarily
|
|
# during image-creation and have since been deleted (e.g., downloaded
|
|
# package archives).
|
|
|
|
mkdir -p ${DESTDIR}/old
|
|
mdold=$(mdconfig -f ${VMBASE})
|
|
mount /dev/${mdold} ${DESTDIR}/old
|
|
|
|
truncate -s ${VMSIZE} ${VMBASE}.tmp
|
|
mkdir -p ${DESTDIR}/new
|
|
mdnew=$(mdconfig -f ${VMBASE}.tmp)
|
|
newfs -j /dev/${mdnew}
|
|
mount /dev/${mdnew} ${DESTDIR}/new
|
|
|
|
tar -cf- -C ${DESTDIR}/old . | tar -xf- -C ${DESTDIR}/new
|
|
|
|
umount /dev/${mdold}
|
|
rmdir ${DESTDIR}/old
|
|
mdconfig -d -u ${mdold}
|
|
|
|
umount /dev/${mdnew}
|
|
rmdir ${DESTDIR}/new
|
|
mdconfig -d -u ${mdnew}
|
|
mv ${VMBASE}.tmp ${VMBASE}
|
|
}
|
|
|
|
vm_install_base() {
|
|
# Installs the FreeBSD userland/kernel to the virtual machine disk.
|
|
|
|
cd ${WORLDDIR} && \
|
|
make DESTDIR=${DESTDIR} \
|
|
installworld installkernel distribution || \
|
|
err "\n\nCannot install the base system to ${DESTDIR}."
|
|
|
|
echo '# Custom /etc/fstab for FreeBSD VM images' \
|
|
> ${DESTDIR}/etc/fstab
|
|
echo '/dev/gpt/rootfs / ufs rw 1 1' \
|
|
>> ${DESTDIR}/etc/fstab
|
|
if [ -z "${NOSWAP}" ]; then
|
|
echo '/dev/gpt/swapfs none swap sw 0 0' \
|
|
>> ${DESTDIR}/etc/fstab
|
|
fi
|
|
|
|
mkdir -p ${DESTDIR}/dev
|
|
mount -t devfs devfs ${DESTDIR}/dev
|
|
chroot ${DESTDIR} /usr/bin/newaliases
|
|
chroot ${DESTDIR} /etc/rc.d/ldconfig forcestart
|
|
umount ${DESTDIR}/dev
|
|
|
|
cp /etc/resolv.conf ${DESTDIR}/etc/resolv.conf
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_extra_install_base() {
|
|
# Prototype. When overridden, runs extra post-installworld commands
|
|
# as needed, based on the target virtual machine image or cloud
|
|
# provider image target.
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_extra_enable_services() {
|
|
if [ ! -z "${VM_RC_LIST}" ]; then
|
|
for _rcvar in ${VM_RC_LIST}; do
|
|
echo ${_rcvar}_enable="YES" >> ${DESTDIR}/etc/rc.conf
|
|
done
|
|
fi
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_extra_install_packages() {
|
|
if [ -z "${VM_EXTRA_PACKAGES}" ]; then
|
|
return 0
|
|
fi
|
|
mkdir -p ${DESTDIR}/dev
|
|
mount -t devfs devfs ${DESTDIR}/dev
|
|
chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes \
|
|
/usr/sbin/pkg bootstrap -y
|
|
chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes \
|
|
/usr/sbin/pkg install -y ${VM_EXTRA_PACKAGES}
|
|
umount ${DESTDIR}/dev
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_extra_install_ports() {
|
|
# Prototype. When overridden, installs additional ports within the
|
|
# virtual machine environment.
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_extra_pre_umount() {
|
|
# Prototype. When overridden, installs additional ports within the
|
|
# virtual machine environment.
|
|
|
|
rm -f ${DESTDIR}/etc/resolv.conf
|
|
return 0
|
|
}
|
|
|
|
vm_extra_pkg_rmcache() {
|
|
if [ -e ${DESTDIR}/usr/local/sbin/pkg ]; then
|
|
chroot ${DESTDIR} env ASSUME_ALWAYS_YES=yes \
|
|
/usr/local/sbin/pkg clean -y -a
|
|
fi
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_umount_base() {
|
|
i=0
|
|
sync
|
|
while ! umount ${DESTDIR}/dev ${DESTDIR}; do
|
|
i=$(( $i + 1 ))
|
|
if [ $i -ge 10 ]; then
|
|
# This should never happen. But, it has happened.
|
|
msg="Cannot umount(8) ${DESTDIR}\n"
|
|
msg="${msg}Something has gone horribly wrong."
|
|
err "${msg}"
|
|
fi
|
|
sleep 1
|
|
done
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_create_disk() {
|
|
echo "Creating image... Please wait."
|
|
echo
|
|
|
|
write_partition_layout || return 1
|
|
|
|
return 0
|
|
}
|
|
|
|
vm_extra_create_disk() {
|
|
|
|
return 0
|
|
}
|
|
|