make smaller stage4 musl tarballs and allow them to be versioned by date
This commit is contained in:
Matthew Thode
parent
d7b9e89089
commit
70ac10ef17
4 changed files with 38 additions and 20 deletions
|
|
@ -1 +1,2 @@
|
||||||
sys-boot/grub grub_platforms_pc
|
sys-boot/grub grub_platforms_pc
|
||||||
|
app-admin/syslog-ng -tcpd
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,23 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
source /etc/catalyst/catalyst.conf
|
||||||
|
|
||||||
MUSL_DIR="$( cd "$( dirname ${BASH_SOURCE[0]} )" && pwd )"
|
MUSL_DIR="$( cd "$( dirname ${BASH_SOURCE[0]} )" && pwd )"
|
||||||
|
MY_DATE="$(date +%Y%m%d)"
|
||||||
|
|
||||||
|
# munge specfile for this run
|
||||||
cp "${MUSL_DIR}"/stage4-hardened-amd64.spec "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
|
cp "${MUSL_DIR}"/stage4-hardened-amd64.spec "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
|
||||||
sed -i "s|@REPO_DIR@|${MUSL_DIR}|g" "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
|
sed -i "s|@REPO_DIR@|${MUSL_DIR}|g" "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
|
||||||
|
sed -i "s|MY_DATE|${MY_DATE}|g" "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
|
||||||
|
|
||||||
|
# catalyst stuff
|
||||||
catalyst -f "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec | tee -a "${MUSL_DIR}"/zzz.log
|
catalyst -f "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec | tee -a "${MUSL_DIR}"/zzz.log
|
||||||
|
|
||||||
|
# update link, rm -f returns 0 if file isn't there yet
|
||||||
|
rm -f "${storedir}/builds/musl/hardened/amd64/stage4-amd64-musl-hardened.tar.bz2"
|
||||||
|
ln -s "${storedir}/builds/musl/hardened/amd64/stage4-amd64-musl-hardened-${MY_DATE}.tar.bz2" "${storedir}/builds/musl/hardened/amd64/stage4-amd64-musl-hardened.tar.bz2"
|
||||||
|
|
||||||
|
# remove old specfile
|
||||||
|
rm "${MUSL_DIR}"/stage4-hardened-amd64-configured.spec
|
||||||
|
|
|
||||||
|
|
@ -51,6 +51,19 @@ nameserver 8.8.8.8
|
||||||
nameserver 2001:4860:4860::8888
|
nameserver 2001:4860:4860::8888
|
||||||
EOL
|
EOL
|
||||||
|
|
||||||
|
# make sure musl stuff is available
|
||||||
|
echo "=app-portage/layman-2.4.1-r1 ~amd64" >> /etc/portage/package.keywords/layman
|
||||||
|
echo "=dev-python/ssl-fetch-0.4 ~amd64" >> /etc/portage/package.keywords/layman
|
||||||
|
emerge -vq --jobs=4 layman dev-vcs/git
|
||||||
|
layman -L
|
||||||
|
layman -a musl
|
||||||
|
|
||||||
|
# shrink stuff down
|
||||||
|
eselect python set python3.4
|
||||||
|
emerge -C -q dev-lang/python:2.7 sys-boot/grub sys-devel/bc
|
||||||
|
USE="-build" emerge -q --jobs=2 --usepkg=n --buildpkg=y @preserved-rebuild
|
||||||
|
USE="-build" emerge --verbose=n --depclean
|
||||||
|
|
||||||
# let's upgrade (security fixes and otherwise)
|
# let's upgrade (security fixes and otherwise)
|
||||||
USE="-build" emerge -uDNv --with-bdeps=y --buildpkg=y --jobs=2 @world
|
USE="-build" emerge -uDNv --with-bdeps=y --buildpkg=y --jobs=2 @world
|
||||||
USE="-build" emerge --verbose=n --depclean
|
USE="-build" emerge --verbose=n --depclean
|
||||||
|
|
@ -59,13 +72,11 @@ etc-update --automode -5
|
||||||
|
|
||||||
# Clean up portage
|
# Clean up portage
|
||||||
emerge --verbose=n --depclean
|
emerge --verbose=n --depclean
|
||||||
if [[ -a /usr/bin/eix ]]; then
|
|
||||||
eix-update
|
|
||||||
fi
|
|
||||||
emaint all -f
|
emaint all -f
|
||||||
eselect news read all
|
eselect news read all
|
||||||
eclean-dist --destructive
|
eclean-dist --destructive
|
||||||
sed -i '/^USE=\"\${USE}\ \ build\"$/d' /etc/portage/make.conf
|
sed -i '/^USE=\"\${USE}\ \ build\"$/d' /etc/portage/make.conf
|
||||||
|
sed -i '/dev-util\/pkgconf/d' /var/lib/portage/world
|
||||||
|
|
||||||
# clean up system
|
# clean up system
|
||||||
passwd -d root
|
passwd -d root
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
subarch: amd64
|
subarch: amd64
|
||||||
target: stage4
|
target: stage4
|
||||||
version_stamp: hardened-musl-cloud-latest
|
version_stamp: musl-hardened-MY_DATE
|
||||||
rel_type: default
|
rel_type: musl/hardened/amd64
|
||||||
profile: hardened/linux/musl/amd64
|
profile: hardened/linux/musl/amd64
|
||||||
snapshot: current
|
snapshot: current
|
||||||
source_subpath: musl/hardened/amd64/stage3-amd64-musl-hardened
|
source_subpath: musl/hardened/amd64/stage3-amd64-musl-hardened
|
||||||
|
|
@ -20,21 +20,10 @@ stage4/use:
|
||||||
urandom
|
urandom
|
||||||
|
|
||||||
stage4/packages:
|
stage4/packages:
|
||||||
app-admin/logrotate
|
|
||||||
app-admin/sudo
|
|
||||||
app-admin/syslog-ng
|
app-admin/syslog-ng
|
||||||
app-editors/vim
|
dev-util/pkgconf
|
||||||
app-portage/eix
|
|
||||||
app-portage/gentoolkit
|
|
||||||
net-misc/dhcpcd
|
net-misc/dhcpcd
|
||||||
net-misc/iputils
|
|
||||||
sys-boot/grub
|
|
||||||
sys-apps/dmidecode
|
|
||||||
sys-apps/gptfdisk
|
|
||||||
sys-apps/iproute2
|
sys-apps/iproute2
|
||||||
sys-apps/lsb-release
|
|
||||||
sys-apps/pciutils
|
|
||||||
sys-block/parted
|
|
||||||
sys-devel/bc
|
sys-devel/bc
|
||||||
sys-power/acpid
|
sys-power/acpid
|
||||||
sys-process/cronie
|
sys-process/cronie
|
||||||
|
|
@ -59,15 +48,14 @@ stage4/empty:
|
||||||
/tmp
|
/tmp
|
||||||
/usr/portage/distfiles
|
/usr/portage/distfiles
|
||||||
/usr/src
|
/usr/src
|
||||||
/var/cache/edb/dep
|
/var/cache
|
||||||
/var/cache/genkernel
|
|
||||||
/var/cache/portage/distfiles
|
|
||||||
/var/empty
|
/var/empty
|
||||||
/var/run
|
/var/run
|
||||||
/var/state
|
/var/state
|
||||||
/var/tmp
|
/var/tmp
|
||||||
|
|
||||||
stage4/rm:
|
stage4/rm:
|
||||||
|
/boot/System.map-genkernel*
|
||||||
/etc/*-
|
/etc/*-
|
||||||
/etc/*.old
|
/etc/*.old
|
||||||
/etc/ssh/ssh_host_*
|
/etc/ssh/ssh_host_*
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue