make smaller stage4 musl tarballs and allow them to be versioned by date

tools-musl/portage.amd64.hardened-stage4/package.use/stage4

@@ -1 +1,2 @@
 sys-boot/grub grub_platforms_pc
+app-admin/syslog-ng -tcpd

tools-musl/run-stage4.sh

@@ -1,5 +1,23 @@
+#!/bin/bash
+
+set -eu
+
+source /etc/catalyst/catalyst.conf
+
 MUSL_DIR="$( cd "$( dirname ${BASH_SOURCE[0]} )" && pwd )"
+MY_DATE="$(date +%Y%m%d)"
+
+# munge specfile for this run
 cp "${MUSL_DIR}"/stage4-hardened-amd64.spec "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
 sed -i "s|@REPO_DIR@|${MUSL_DIR}|g" "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
+sed -i "s|MY_DATE|${MY_DATE}|g" "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
 
+# catalyst stuff
 catalyst -f "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec | tee -a "${MUSL_DIR}"/zzz.log
+
+# update link, rm -f returns 0 if file isn't there yet
+rm -f "${storedir}/builds/musl/hardened/amd64/stage4-amd64-musl-hardened.tar.bz2"
+ln -s "${storedir}/builds/musl/hardened/amd64/stage4-amd64-musl-hardened-${MY_DATE}.tar.bz2" "${storedir}/builds/musl/hardened/amd64/stage4-amd64-musl-hardened.tar.bz2"
+
+# remove old specfile
+rm "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec

tools-musl/stage4-fsscript.sh

@@ -51,6 +51,19 @@ nameserver 8.8.8.8
 nameserver 2001:4860:4860::8888
 EOL
 
+# make sure musl stuff is available
+echo "=app-portage/layman-2.4.1-r1 ~amd64" >> /etc/portage/package.keywords/layman
+echo "=dev-python/ssl-fetch-0.4 ~amd64" >> /etc/portage/package.keywords/layman
+emerge -vq --jobs=4 layman dev-vcs/git
+layman -L
+layman -a musl
+
+# shrink stuff down
+eselect python set python3.4
+emerge -C -q dev-lang/python:2.7 sys-boot/grub sys-devel/bc
+USE="-build" emerge -q --jobs=2 --usepkg=n --buildpkg=y @preserved-rebuild
+USE="-build" emerge --verbose=n --depclean
+
 # let's upgrade (security fixes and otherwise)
 USE="-build" emerge -uDNv --with-bdeps=y --buildpkg=y --jobs=2 @world
 USE="-build" emerge --verbose=n --depclean
@@ -59,13 +72,11 @@ etc-update --automode -5
 
 # Clean up portage
 emerge --verbose=n --depclean
-if [[ -a /usr/bin/eix ]]; then
-  eix-update
-fi
 emaint all -f
 eselect news read all
 eclean-dist --destructive
 sed -i '/^USE=\"\${USE}\ \ build\"$/d' /etc/portage/make.conf
+sed -i '/dev-util\/pkgconf/d' /var/lib/portage/world
 
 # clean up system
 passwd -d root

tools-musl/stage4-hardened-amd64.spec

@@ -1,7 +1,7 @@
 subarch: amd64
 target: stage4
-version_stamp: hardened-musl-cloud-latest
-rel_type: default
+version_stamp: musl-hardened-MY_DATE
+rel_type: musl/hardened/amd64
 profile: hardened/linux/musl/amd64
 snapshot: current
 source_subpath: musl/hardened/amd64/stage3-amd64-musl-hardened
@@ -20,21 +20,10 @@ stage4/use:
 	urandom
 
 stage4/packages:
-	app-admin/logrotate
-	app-admin/sudo
 	app-admin/syslog-ng
-	app-editors/vim
-	app-portage/eix
-	app-portage/gentoolkit
+  dev-util/pkgconf
 	net-misc/dhcpcd
-	net-misc/iputils
-	sys-boot/grub
-	sys-apps/dmidecode
-	sys-apps/gptfdisk
 	sys-apps/iproute2
-	sys-apps/lsb-release
-	sys-apps/pciutils
-	sys-block/parted
 	sys-devel/bc
 	sys-power/acpid
 	sys-process/cronie
@@ -59,15 +48,14 @@ stage4/empty:
 	/tmp
 	/usr/portage/distfiles
 	/usr/src
-	/var/cache/edb/dep
-	/var/cache/genkernel
-	/var/cache/portage/distfiles
+  /var/cache
 	/var/empty
 	/var/run
 	/var/state
 	/var/tmp
 
 stage4/rm:
+	/boot/System.map-genkernel*
 	/etc/*-
 	/etc/*.old
 	/etc/ssh/ssh_host_*