1 #!/bin/bash
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License, Version 1.0 only
7 # (the "License"). You may not use this file except in compliance
8 # with the License.
9 #
10 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
11 # or http://www.opensolaris.org/os/licensing.
12 # See the License for the specific language governing permissions
13 # and limitations under the License.
14 #
15 # When distributing Covered Code, include this CDDL HEADER in each
16 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
17 # If applicable, add the following below this CDDL HEADER, with the
18 # fields enclosed by brackets "[]" replaced with your own identifying
19 # information: Portions Copyright [yyyy] [name of copyright owner]
20 #
21 # CDDL HEADER END
22 #
23 #
24 # Copyright 2012 OmniTI Computer Consulting, Inc. All rights reserved.
25 # Use is subject to license terms.
26 #
27 fail() {
28 echo "ERROR: $*"
29 exit 1
30 }
31
32 # NOTE --> The URL needs to be updated with every release.
33 # Change "bloody" to whatever release the current branch is.
34 PUBLISHER=omnios
35 : ${PKGURL:=http://pkg.omniti.com/omnios/bloody}
36 : ${GZIP_CMD:=gzip}
37 SRCDIR=$(dirname $0)
38 DIDWORK=0
39 BUILDNUM=${VERSION//r/}
40 if [[ ${SRCDIR:0:1} != "/" ]]; then
41 SRCDIR=`pwd`/$SRCDIR
42 fi
43 if [[ -z "${1}" ]]; then
44 echo "$0 <zfs pool> [checkpoint]"
45 exit 1
46 else
47 BASE=${1}
48 shift
49 BASEDIR=`zfs get -o value -H mountpoint $BASE`
50 fi
51 MKFILEDIR=/tmp
52 WORKDIR=$BASEDIR
53 ROOTDIR=$WORKDIR/root
54 if [[ ! -d $ROOTDIR ]]; then
55 zfs create -o compression=off $BASE/root || fail "zfs create failed"
56 fi
57 SVCCFG_DTD=${ROOTDIR}/usr/share/lib/xml/dtd/service_bundle.dtd.1
58 SVCCFG_REPOSITORY=${ROOTDIR}/etc/svc/repository.db
59 #SVCCFG=/usr/sbin/svccfg
60 if [[ -f ${PREBUILT_ILLUMOS}/usr/src/cmd/svc/svccfg/svccfg-native ]]; then
61 SVCCFG=${PREBUILT_ILLUMOS}/usr/src/cmd/svc/svccfg/svccfg-native
62 else
63 echo "WARNING -- Not using 'native' svccfg, may hang on build."
64 echo " We recommend a pre-built illumos's svccfg-native."
65 echo " Set PREBUILT_ILLUMOS in your environment to point"
66 echo " to a built illumos-omnios repository."
67 SVCCFG=/usr/sbin/svccfg
68 fi
69 export WORKDIR ROOTDIR SVCCFG_DTD SVCCFG_REPOSITORY SVCCFG
70
71 # This was uber-helpful
72 # http://alexeremin.blogspot.com/2008/12/preparing-small-miniroot-with-zfs-and.html
73
74 PKG=/bin/pkg
75
76 UNNEEDED_MANIFESTS="application/management/net-snmp.xml
77 application/pkg/pkg-server.xml application/pkg/pkg-mdns.xml
78 system/rmtmpfiles.xml system/mdmonitor.xml
79 system/fm/notify-params.xml system/device/allocate.xml
80 system/device/devices-audio.xml system/auditd.xml
81 system/metasync.xml system/pkgserv.xml system/fcoe_initiator.xml
82 system/metainit.xml system/zonestat.xml
83 system/cron.xml system/rbac.xml system/sac.xml
84 system/auditset.xml system/hotplug.xml
85 system/wusb.xml system/zones.xml
86 system/intrd.xml system/coreadm.xml
87 system/extended-accounting.xml
88 system/scheduler.xml
89 system/logadm-upgrade.xml system/resource-mgmt.xml
90 system/idmap.xml
91 network/ldap/client.xml network/shares/reparsed.xml
92 network/shares/group.xml network/inetd-upgrade.xml
93 network/smb/client.xml network/smb/server.xml
94 network/network-iptun.xml network/ipsec/policy.xml
95 network/ipsec/ipsecalgs.xml network/ipsec/ike.xml
96 network/ipsec/manual-key.xml network/forwarding.xml
97 network/inetd.xml network/npiv_config.xml
98 network/ssl/kssl-proxy.xml network/rpc/metamed.xml
99 network/rpc/mdcomm.xml network/rpc/gss.xml
100 network/rpc/bind.xml network/rpc/keyserv.xml
101 network/rpc/meta.xml network/rpc/metamh.xml
102 network/socket-filter-kssl.xml network/network-netcfg.xml
103 network/nfs/status.xml network/nfs/cbd.xml
104 network/nfs/nlockmgr.xml network/nfs/mapid.xml
105 network/nfs/client.xml network/network-ipqos.xml
106 network/security/ktkt_warn.xml network/security/krb5kdc.xml
107 network/security/kadmin.xml network/network-install.xml
108 network/bridge.xml network/network-initial.xml
109 network/network-ipmgmt.xml network/routing/legacy-routing.xml
110 network/network-service.xml network/network-physical.xml
111 network/network-netmask.xml network/dlmgmt.xml
112 network/network-location.xml network/ibd-post-upgrade.xml
113 network/network-routing-setup.xml network/network-loopback.xml
114 network/dns/client.xml network/dns/install.xml
115 network/dns/multicast.xml platform/i86pc/acpihpd.xml
116 system/hostid.xml system/power.xml system/pfexecd.xml
117 system/consadm.xml system/pools.xml system/console-login.xml
118 system/stmf.xml system/fmd.xml system/utmp.xml
119 system/poold.xml system/dumpadm.xml"
120
121 SYSTEM="system/boot/grub system/boot/real-mode system/boot/wanboot/internal
122 system/boot/loader system/boot/wanboot system/data/hardware-registry
123 system/data/keyboard/keytables system/data/terminfo
124 system/data/zoneinfo system/extended-system-utilities
125 system/file-system/autofs system/file-system/nfs
126 system/file-system/smb system/file-system/udfs
127 system/file-system/zfs system/flash/fwflash
128 system/fru-id/platform system/fru-id system/ipc
129 system/kernel/dynamic-reconfiguration/i86pc
130 system/kernel/security/gss system/library/math
131 system/library/platform system/library/policykit
132 system/library/processor
133 system/library/storage/fibre-channel/hbaapi
134 system/library/storage/fibre-channel/libsun_fc
135 system/library/storage/ima/header-ima
136 system/library/storage/ima
137 system/library/storage/libmpapi
138 system/library/storage/libmpscsi_vhci
139 system/library/storage/scsi-plugins
140 system/library system/network
141 system/prerequisite/gnu system/storage/luxadm
142 system/storage/fibre-channel/port-utility"
143
144 DEBUG_PKGS="developer/debug/mdb system/dtrace developer/dtrace"
145
146 DRIVERS="driver/audio driver/crypto/dca driver/crypto/tpm driver/firewire
147 driver/graphics/agpgart driver/graphics/atiatom driver/graphics/drm
148 driver/i86pc/fipe driver/i86pc/ioat driver/i86pc/platform
149 driver/misc/virtio
150 driver/network/afe driver/network/amd8111s driver/network/atge
151 driver/network/bfe driver/network/bge driver/network/bnx
152 driver/network/bnxe driver/network/bpf driver/network/chxge
153 driver/network/dmfe driver/network/e1000g driver/network/elxl
154 driver/network/emlxs driver/network/eoib driver/network/fcip
155 driver/network/fcp driver/network/fcsm driver/network/fp
156 driver/network/hermon driver/network/hme driver/network/hxge
157 driver/network/ib driver/network/ibdma driver/network/ibp
158 driver/network/igb driver/network/iprb driver/network/ixgb
159 driver/network/ixgbe driver/network/mxfe driver/network/myri10ge
160 driver/network/nge driver/network/ntxn driver/network/nxge
161 driver/network/vmxnet3s driver/network/sfxge driver/network/i40e
162 driver/network/ofk driver/network/pcn driver/network/platform
163 driver/network/qlc driver/network/rds driver/network/rdsv3
164 driver/network/rge driver/network/rpcib driver/network/rtls
165 driver/network/sdp driver/network/sdpib driver/network/sfe
166 driver/network/tavor driver/network/usbecm driver/network/vr
167 driver/network/xge driver/network/yge driver/pcmcia driver/serial/pcser
168 driver/serial/usbftdi driver/serial/usbsacm driver/serial/usbser
169 driver/serial/usbser_edge driver/serial/usbsksp
170 driver/serial/usbsksp/usbs49_fw driver/serial/usbsprl
171 driver/storage/aac driver/storage/adpu320 driver/storage/ahci
172 driver/storage/amr driver/storage/arcmsr driver/storage/ata
173 driver/storage/bcm_sata driver/storage/blkdev driver/storage/cpqary3
174 driver/storage/glm driver/storage/lsimega driver/storage/marvell88sx
175 driver/storage/mega_sas driver/storage/mpt_sas driver/storage/mr_sas
176 driver/storage/nv_sata driver/storage/pcata driver/storage/pmcs
177 driver/storage/sbp2 driver/storage/scsa1394 driver/storage/sdcard
178 driver/storage/ses driver/storage/si3124 driver/storage/smp
179 driver/usb driver/usb/ugen driver/xvm/pv driver/storage/vioblk
180 driver/network/vioif driver/storage/nvme driver/storage/pvscsi"
181
182 PARTS="release/name release/notices service/picl install/beadm SUNWcs SUNWcsd
183 library/libidn shell/pipe-viewer text/less editor/vim
184 developer/linker file/gnu-coreutils openssh openssh-server
185 diagnostic/diskinfo"
186
187 PKGS="$PARTS $SYSTEM $DRIVERS"
188
189 if [ -n "$DEBUG" ]; then
190 PKGS="$PKGS $DEBUG_PKGS"
191 BIGROOT=1
192 fi
193 CULL="perl python package/pkg snmp"
194 RMRF="/var/pkg /usr/share/man /usr/lib/python2.7 /usr/lib/iconv"
195
196 ID=`id -u`
197 if [[ "$ID" != "0" ]]; then
198 echo "must run as root"
199 exit 1
200 fi
201
202 chkpt() {
203 SNAP=`zfs list -H -t snapshot $BASE/root@${1} 2> /dev/null`
204 if [[ "$DIDWORK" -ne "0" ]]; then
205 if [[ -n "$SNAP" ]]; then
206 zfs destroy $BASE/root@${1} || \
207 fail "zfs destroy ${1} failed"
208 fi
209 zfs snapshot $BASE/root@${1} || fail "zfs snapshot failed"
210 fi
211 if [[ "${1}" != "begin" ]]; then
212 echo " === Proceeding to phase $1 (zfs @${1}) ==="
213 zfs rollback -r $BASE/root@${1} || fail "zfs rollback failed"
214 else
215 echo " === Proceeding to phase $1 ==="
216 fi
217 CHKPT=$1
218 DIDWORK=1
219 }
220
221 if [[ -n "$1" ]]; then
222 echo "Explicit checkpoint requested: '$1'"
223 CHKPT=$1
224 chkpt $CHKPT
225 fi
226 if [[ -z "$CHKPT" ]]; then
227 CHKPT="begin"
228 fi
229
230 declare -A keep_list
231 load_keep_list() {
232 for datafile in $*
233 do
234 FCNT=0
235 while read file
236 do
237 if [[ -n "$file" ]]; then
238 keep_list+=([$file]="x")
239 FCNT=$(($FCNT + 1))
240 fi
241 done < <(cut -f2- -d/ $datafile)
242 echo " --- keeping $FCNT files from $datafile"
243 done
244 }
245
246 step() {
247 CHKPT=""
248 case "$1" in
249
250 "begin")
251 zfs destroy -r $BASE/root 2> /dev/null
252 zfs create -o compression=off $BASE/root || fail "zfs create failed"
253 chkpt pkg
254 ;;
255
256 "pkg")
257
258 echo "Creating image of $PUBLISHER from $PKGURL"
259 $PKG image-create -F -p $PUBLISHER=$PKGURL $ROOTDIR || fail "image-create"
260 # If a version was requested, respect it
261 if [[ -n $BUILDNUM ]]; then
262 $PKG -R $ROOTDIR install illumos-gate@11-0.$BUILDNUM omnios-userland@11-0.$BUILDNUM || fail "version constraint prep"
263 fi
264 $PKG -R $ROOTDIR install $PKGS || fail "install"
265 if [[ -n $BUILDNUM ]]; then
266 $PKG -R $ROOTDIR uninstall illumos-gate omnios-userland || fail "version constraint cleanup"
267 fi
268 chkpt fixup
269 ;;
270
271 "fixup")
272
273 echo "Fixing up install root"
274 (cp $ROOTDIR/etc/vfstab $WORKDIR/vfstab && \
275 awk '{if($3!="/"){print;}}' $WORKDIR/vfstab > $ROOTDIR/etc/vfstab && \
276 echo "/devices/ramdisk:a - / ufs - no nologging" >> $ROOTDIR/etc/vfstab) || \
277 fail "vfstab / updated"
278 rm $WORKDIR/vfstab
279 cp $ROOTDIR/lib/svc/seed/global.db $ROOTDIR/etc/svc/repository.db
280
281 sed -i 's,PASSREQ=YES,PASSREQ=NO,' $ROOTDIR/etc/default/login
282
283 ${SVCCFG} import ${ROOTDIR}/lib/svc/manifest/milestone/sysconfig.xml
284 for xml in $UNNEEDED_MANIFESTS; do
285 rm -f ${ROOTDIR}/lib/svc/manifest/$xml && echo " --- tossing $xml"
286 done
287 echo " --- initial manifest import"
288 # See if we can transform manifest-import to use the 'native' svccfg.
289 sed 's/\/usr\/sbin\/svccfg/\$SVCCFG/g' \
290 < ${ROOTDIR}/lib/svc/method/manifest-import \
291 > /tmp/manifest-import.$$
292 chmod 0755 /tmp/manifest-import.$$
293 export SVCCFG
294 /tmp/manifest-import.$$ -f ${ROOTDIR}/etc/svc/repository.db \
295 -d ${ROOTDIR}/lib/svc/manifest
296 /bin/rm -f /tmp/manifest-import.$$
297
298 ${SVCCFG} -s 'system/boot-archive' setprop 'start/exec=:true'
299 ${SVCCFG} -s 'system/manifest-import' setprop 'start/exec=:true'
300 ${SVCCFG} -s "system/intrd:default" setprop "general/enabled=false"
301 ${SVCCFG} -s "system/initial-boot" setprop "start/timeout_seconds=600"
302 echo " --- neutering the manifest import"
303 echo "#!/bin/ksh" > ${ROOTDIR}/lib/svc/method/manifest-import
304 echo "exit 0" >> ${ROOTDIR}/lib/svc/method/manifest-import
305 chmod 555 ${ROOTDIR}/lib/svc/method/manifest-import
306 chkpt cull
307 ;;
308
309 "cull")
310 if [[ -z "$BIGROOT" ]]; then
311 load_keep_list data/*
312 while read file
313 do
314 if [[ -n "$file" && \
315 ${keep_list[$file]} == "" && \
316 -e "$ROOTDIR/$file" && \
317 ! -d $ROOTDIR/$file ]] ; then
318 rm -f $ROOTDIR/$file
319 fi
320 done < <(cd $ROOTDIR && find ./ | cut -c3-)
321 for path in $RMRF ; do
322 rm -rf ${ROOTDIR}$path && echo " -- tossing $path"
323 done
324 fi
325
326 chkpt mkfs
327 ;;
328
329 "mkfs")
330 size=`/usr/bin/du -ks ${ROOTDIR}|/usr/bin/nawk '{print $1+10240}'`
331 echo " --- making image of size $size"
332 /usr/sbin/mkfile ${size}k $MKFILEDIR/miniroot || fail "mkfile"
333 lofidev=`/usr/sbin/lofiadm -a $MKFILEDIR/miniroot`
334 rlofidev=`echo $lofidev |sed s/lofi/rlofi/`
335 yes | /usr/sbin/newfs -m 0 $rlofidev 2> /dev/null > /dev/null || fail "newfs"
336 chkpt mount
337 ;;
338
339 "mount")
340 mkdir -p $WORKDIR/mnt
341 /usr/sbin/mount -o nologging $lofidev $WORKDIR/mnt || fail "mount"
342 chkpt copy
343 ;;
344
345 "copy")
346 pushd $ROOTDIR >/dev/null
347 /usr/bin/find . | /usr/bin/cpio -pdum $WORKDIR/mnt 2> /dev/null > /dev/null || fail "populate root"
348 /usr/sbin/devfsadm -r $WORKDIR/mnt > /dev/null
349 popd >/dev/null
350 mkdir $WORKDIR/mnt/kayak
351 cp $SRCDIR/*.sh $WORKDIR/mnt/kayak/
352 chmod a+x $WORKDIR/mnt/kayak/*.sh
353 make_initial_boot $WORKDIR/mnt/.initialboot
354 if [[ -n "$DEBUG" ]]; then
355 cp $SRCDIR/anon.system $WORKDIR/mnt/etc/system
356 cp $SRCDIR/anon.dtrace.conf $WORKDIR/mnt/kernel/drv/dtrace.conf
357 fi
358 chkpt umount
359 ;;
360
361 "umount")
362 /usr/sbin/umount $WORKDIR/mnt || fail "umount"
363 /usr/sbin/lofiadm -d $MKFILEDIR/miniroot || fail "lofiadm delete"
364 chkpt compress
365 ;;
366
367 "compress")
368 $GZIP_CMD -c -f $MKFILEDIR/miniroot > $WORKDIR/miniroot.gz
369 rm -f $MKFILEDIR/miniroot
370 chmod 644 $WORKDIR/miniroot.gz
371 echo " === Finished ==="
372 ls -l $WORKDIR/miniroot.gz
373 ;;
374
375 esac
376 }
377
378 make_initial_boot() {
379 FILE=$1
380 cat > $FILE <<EOF
381 /kayak/install_image.sh
382 exit \$?
383 EOF
384 }
385
386 while [[ -n "$CHKPT" ]]; do
387 step $CHKPT
388 done