1 #!/bin/bash
2
3 #
4 # This file and its contents are supplied under the terms of the
5 # Common Development and Distribution License ("CDDL"), version 1.0.
6 # You may only use this file in accordance with the terms of version
7 # 1.0 of the CDDL.
8 #
9 # A full copy of the text of the CDDL should have accompanied this
10 # source. A copy of the CDDL is also available via the Internet at
11 # http://www.illumos.org/license/CDDL.
12 #
13
14 #
15 # Copyright 2017 OmniTI Computer Consulting, Inc. All rights reserved.
16 #
17
18 fail() {
19 echo "ERROR: $*"
20 exit 1
21 }
22
23 # NOTE --> The URL needs to be updated with every release.
24 # Change "bloody" to whatever release the current branch is.
25 PUBLISHER=omnios
26 : ${PKGURL:=http://pkg.omniti.com/omnios/bloody}
27 : ${GZIP_CMD:=gzip}
28 SRCDIR=$(dirname $0)
29 DIDWORK=0
30 BUILDNUM=${VERSION//r/}
31 if [[ ${SRCDIR:0:1} != "/" ]]; then
32 SRCDIR=`pwd`/$SRCDIR
33 fi
34 if [[ -z "${1}" ]]; then
35 echo "$0 <zfs pool> [checkpoint]"
36 exit 1
37 else
38 BASE=${1}
39 shift
40 BASEDIR=`zfs get -o value -H mountpoint $BASE`
41 fi
42 MKFILEDIR=/tmp
43 WORKDIR=$BASEDIR
44 ROOTDIR=$WORKDIR/root
45 if [[ ! -d $ROOTDIR ]]; then
46 zfs create -o compression=off $BASE/root || fail "zfs create failed"
47 fi
48 SVCCFG_DTD=${ROOTDIR}/usr/share/lib/xml/dtd/service_bundle.dtd.1
49 SVCCFG_REPOSITORY=${ROOTDIR}/etc/svc/repository.db
50 if [[ -f ${PREBUILT_ILLUMOS}/usr/src/cmd/svc/svccfg/svccfg-native ]]; then
51 SVCCFG=${PREBUILT_ILLUMOS}/usr/src/cmd/svc/svccfg/svccfg-native
52 else
53 echo "WARNING -- Not using 'native' svccfg, may hang on build."
54 echo " We recommend a pre-built illumos's svccfg-native."
55 echo " Set PREBUILT_ILLUMOS in your environment to point"
56 echo " to a built illumos-omnios repository."
57 SVCCFG=/usr/sbin/svccfg
58 fi
59 export WORKDIR ROOTDIR SVCCFG_DTD SVCCFG_REPOSITORY SVCCFG
60
61 # This was uber-helpful
62 # http://alexeremin.blogspot.com/2008/12/preparing-small-miniroot-with-zfs-and.html
63
64 PKG=/bin/pkg
65
66 UNNEEDED_MANIFESTS="application/management/net-snmp.xml
67 application/pkg/pkg-server.xml application/pkg/pkg-mdns.xml
68 system/rmtmpfiles.xml system/mdmonitor.xml
69 system/fm/notify-params.xml system/device/allocate.xml
70 system/device/devices-audio.xml system/auditd.xml
71 system/metasync.xml system/pkgserv.xml system/fcoe_initiator.xml
72 system/metainit.xml system/zonestat.xml
73 system/cron.xml system/rbac.xml system/sac.xml
74 system/auditset.xml system/hotplug.xml
75 system/wusb.xml system/zones.xml
76 system/intrd.xml system/coreadm.xml
77 system/extended-accounting.xml
78 system/scheduler.xml
79 system/logadm-upgrade.xml system/resource-mgmt.xml
80 system/idmap.xml
81 network/ldap/client.xml network/shares/reparsed.xml
82 network/shares/group.xml network/inetd-upgrade.xml
83 network/smb/client.xml network/smb/server.xml
84 network/network-iptun.xml network/ipsec/policy.xml
85 network/ipsec/ipsecalgs.xml network/ipsec/ike.xml
86 network/ipsec/manual-key.xml network/forwarding.xml
87 network/inetd.xml network/npiv_config.xml
88 network/ssl/kssl-proxy.xml network/rpc/metamed.xml
89 network/rpc/mdcomm.xml network/rpc/gss.xml
90 network/rpc/bind.xml network/rpc/keyserv.xml
91 network/rpc/meta.xml network/rpc/metamh.xml
92 network/socket-filter-kssl.xml network/network-netcfg.xml
93 network/nfs/status.xml network/nfs/cbd.xml
94 network/nfs/nlockmgr.xml network/nfs/mapid.xml
95 network/nfs/client.xml network/network-ipqos.xml
96 network/security/ktkt_warn.xml network/security/krb5kdc.xml
97 network/security/kadmin.xml network/network-install.xml
98 network/bridge.xml network/network-initial.xml
99 network/network-ipmgmt.xml network/routing/legacy-routing.xml
100 network/network-service.xml network/network-physical.xml
101 network/network-netmask.xml network/dlmgmt.xml
102 network/network-location.xml network/ibd-post-upgrade.xml
103 network/network-routing-setup.xml network/network-loopback.xml
104 network/dns/client.xml network/dns/install.xml
105 network/dns/multicast.xml platform/i86pc/acpihpd.xml
106 system/hostid.xml system/power.xml system/pfexecd.xml
107 system/consadm.xml system/pools.xml system/console-login.xml
108 system/stmf.xml system/fmd.xml system/utmp.xml
109 system/poold.xml system/dumpadm.xml"
110
111 SYSTEM="system/boot/real-mode system/boot/wanboot/internal
112 system/boot/loader system/boot/wanboot system/data/hardware-registry
113 system/data/keyboard/keytables system/data/terminfo
114 system/data/zoneinfo system/extended-system-utilities
115 system/file-system/autofs system/file-system/nfs
116 system/file-system/smb system/file-system/udfs
117 system/file-system/zfs system/flash/fwflash
118 system/fru-id/platform system/fru-id system/ipc
119 system/kernel/dynamic-reconfiguration/i86pc
120 system/kernel/security/gss system/library/math
121 system/library/platform system/library/policykit
122 system/library/processor
123 system/library/storage/fibre-channel/hbaapi
124 system/library/storage/fibre-channel/libsun_fc
125 system/library/storage/ima/header-ima
126 system/library/storage/ima
127 system/library/storage/libmpapi
128 system/library/storage/libmpscsi_vhci
129 system/library/storage/scsi-plugins
130 system/library system/network
131 system/prerequisite/gnu system/storage/luxadm
132 system/storage/fibre-channel/port-utility"
133
134 DEBUG_PKGS="developer/debug/mdb system/dtrace developer/dtrace"
135
136 DRIVERS="driver/audio driver/crypto/dca driver/crypto/tpm driver/firewire
137 driver/graphics/agpgart driver/graphics/atiatom driver/graphics/drm
138 driver/i86pc/fipe driver/i86pc/ioat driver/i86pc/platform
139 driver/misc/virtio
140 driver/network/afe driver/network/amd8111s driver/network/atge
141 driver/network/bfe driver/network/bge driver/network/bnx
142 driver/network/bnxe driver/network/bpf driver/network/chxge
143 driver/network/dmfe driver/network/e1000g driver/network/elxl
144 driver/network/emlxs driver/network/eoib driver/network/fcip
145 driver/network/fcp driver/network/fcsm driver/network/fp
146 driver/network/hermon driver/network/hme driver/network/hxge
147 driver/network/ib driver/network/ibdma driver/network/ibp
148 driver/network/igb driver/network/iprb driver/network/ixgb
149 driver/network/ixgbe driver/network/mxfe driver/network/myri10ge
150 driver/network/nge driver/network/ntxn driver/network/nxge
151 driver/network/vmxnet3s driver/network/sfxge driver/network/i40e
152 driver/network/ofk driver/network/pcn driver/network/platform
153 driver/network/qlc driver/network/rds driver/network/rdsv3
154 driver/network/rge driver/network/rpcib driver/network/rtls
155 driver/network/sdp driver/network/sdpib driver/network/sfe
156 driver/network/tavor driver/network/usbecm driver/network/vr
157 driver/network/xge driver/network/yge driver/pcmcia
158 driver/serial/usbftdi driver/serial/usbsacm driver/serial/usbser
159 driver/serial/usbser_edge driver/serial/usbsksp
160 driver/serial/usbsksp/usbs49_fw driver/serial/usbsprl
161 driver/storage/aac driver/storage/adpu320 driver/storage/ahci
162 driver/storage/amr driver/storage/arcmsr driver/storage/ata
163 driver/storage/bcm_sata driver/storage/blkdev driver/storage/cpqary3
164 driver/storage/glm driver/storage/lsimega driver/storage/marvell88sx
165 driver/storage/mega_sas driver/storage/mpt_sas driver/storage/mr_sas
166 driver/storage/nv_sata driver/storage/pmcs
167 driver/storage/sbp2 driver/storage/scsa1394 driver/storage/sdcard
168 driver/storage/ses driver/storage/si3124 driver/storage/smp
169 driver/usb driver/usb/ugen driver/xvm/pv driver/storage/vioblk
170 driver/network/vioif driver/storage/nvme driver/storage/pvscsi"
171
172 PARTS="release/name release/notices service/picl install/beadm SUNWcs SUNWcsd
173 library/libidn shell/pipe-viewer text/less editor/vim web/curl
174 developer/linker file/gnu-coreutils openssh openssh-server
175 diagnostic/diskinfo"
176
177 PKGS="$PARTS $SYSTEM $DRIVERS"
178
179 if [ -n "$DEBUG" ]; then
180 PKGS="$PKGS $DEBUG_PKGS"
181 BIGROOT=1
182 fi
183 CULL="perl python package/pkg snmp"
184 RMRF="/var/pkg /usr/share/man /usr/lib/python2.7 /usr/lib/iconv"
185
186 ID=`id -u`
187 if [[ "$ID" != "0" ]]; then
188 echo "must run as root"
189 exit 1
190 fi
191
192 chkpt() {
193 SNAP=`zfs list -H -t snapshot $BASE/root@${1} 2> /dev/null`
194 if [[ "$DIDWORK" -ne "0" ]]; then
195 if [[ -n "$SNAP" ]]; then
196 zfs destroy $BASE/root@${1} || \
197 fail "zfs destroy ${1} failed"
198 fi
199 zfs snapshot $BASE/root@${1} || fail "zfs snapshot failed"
200 fi
201 if [[ "${1}" != "begin" ]]; then
202 echo " === Proceeding to phase $1 (zfs @${1}) ==="
203 zfs rollback -r $BASE/root@${1} || fail "zfs rollback failed"
204 else
205 echo " === Proceeding to phase $1 ==="
206 fi
207 CHKPT=$1
208 DIDWORK=1
209 }
210
211 if [[ -n "$1" ]]; then
212 echo "Explicit checkpoint requested: '$1'"
213 CHKPT=$1
214 chkpt $CHKPT
215 fi
216 if [[ -z "$CHKPT" ]]; then
217 CHKPT="begin"
218 fi
219
220 declare -A keep_list
221 load_keep_list() {
222 for datafile in $*
223 do
224 FCNT=0
225 while read file
226 do
227 if [[ -n "$file" ]]; then
228 keep_list+=([$file]="x")
229 FCNT=$(($FCNT + 1))
230 fi
231 done < <(cut -f2- -d/ $datafile)
232 echo " --- keeping $FCNT files from $datafile"
233 done
234 }
235
236 step() {
237 CHKPT=""
238 case "$1" in
239
240 "begin")
241 zfs destroy -r $BASE/root 2> /dev/null
242 zfs create -o compression=off $BASE/root || fail "zfs create failed"
243 chkpt pkg
244 ;;
245
246 "pkg")
247
248 echo "Creating image of $PUBLISHER from $PKGURL"
249 $PKG image-create -F -p $PUBLISHER=$PKGURL $ROOTDIR || fail "image-create"
250 # If a version was requested, respect it
251 if [[ -n $BUILDNUM ]]; then
252 $PKG -R $ROOTDIR install illumos-gate@11-0.$BUILDNUM omnios-userland@11-0.$BUILDNUM || fail "version constraint prep"
253 fi
254 $PKG -R $ROOTDIR install $PKGS || fail "install"
255 if [[ -n $BUILDNUM ]]; then
256 $PKG -R $ROOTDIR uninstall illumos-gate omnios-userland || fail "version constraint cleanup"
257 fi
258 chkpt fixup
259 ;;
260
261 "fixup")
262
263 echo "Fixing up install root"
264 (cp $ROOTDIR/etc/vfstab $WORKDIR/vfstab && \
265 awk '{if($3!="/"){print;}}' $WORKDIR/vfstab > $ROOTDIR/etc/vfstab && \
266 echo "/devices/ramdisk:a - / ufs - no nologging" >> $ROOTDIR/etc/vfstab) || \
267 fail "vfstab / updated"
268 rm $WORKDIR/vfstab
269 cp $ROOTDIR/lib/svc/seed/global.db $ROOTDIR/etc/svc/repository.db
270
271 sed -i 's,PASSREQ=YES,PASSREQ=NO,' $ROOTDIR/etc/default/login
272
273 ${SVCCFG} import ${ROOTDIR}/lib/svc/manifest/milestone/sysconfig.xml
274 for xml in $UNNEEDED_MANIFESTS; do
275 rm -f ${ROOTDIR}/lib/svc/manifest/$xml && echo " --- tossing $xml"
276 done
277 echo " --- initial manifest import"
278 # See if we can transform manifest-import to use the 'native' svccfg.
279 sed 's/\/usr\/sbin\/svccfg/\$SVCCFG/g' \
280 < ${ROOTDIR}/lib/svc/method/manifest-import \
281 > /tmp/manifest-import.$$
282 chmod 0755 /tmp/manifest-import.$$
283 export SVCCFG
284 /tmp/manifest-import.$$ -f ${ROOTDIR}/etc/svc/repository.db \
285 -d ${ROOTDIR}/lib/svc/manifest
286 /bin/rm -f /tmp/manifest-import.$$
287
288 ${SVCCFG} -s 'system/boot-archive' setprop 'start/exec=:true'
289 ${SVCCFG} -s 'system/manifest-import' setprop 'start/exec=:true'
290 ${SVCCFG} -s "system/intrd:default" setprop "general/enabled=false"
291 ${SVCCFG} -s "system/initial-boot" setprop "start/timeout_seconds=600"
292 echo " --- neutering the manifest import"
293 echo "#!/bin/ksh" > ${ROOTDIR}/lib/svc/method/manifest-import
294 echo "exit 0" >> ${ROOTDIR}/lib/svc/method/manifest-import
295 chmod 555 ${ROOTDIR}/lib/svc/method/manifest-import
296 chkpt cull
297 ;;
298
299 "cull")
300 if [[ -z "$BIGROOT" ]]; then
301 load_keep_list data/*
302 while read file
303 do
304 if [[ -n "$file" && \
305 ${keep_list[$file]} == "" && \
306 -e "$ROOTDIR/$file" && \
307 ! -d $ROOTDIR/$file ]] ; then
308 rm -f $ROOTDIR/$file
309 fi
310 done < <(cd $ROOTDIR && find ./ | cut -c3-)
311 for path in $RMRF ; do
312 rm -rf ${ROOTDIR}$path && echo " -- tossing $path"
313 done
314 fi
315
316 chkpt mkfs
317 ;;
318
319 "mkfs")
320 size=`/usr/bin/du -ks ${ROOTDIR}|/usr/bin/nawk '{print $1+10240}'`
321 echo " --- making image of size $size"
322 /usr/sbin/mkfile ${size}k $MKFILEDIR/miniroot || fail "mkfile"
323 lofidev=`/usr/sbin/lofiadm -a $MKFILEDIR/miniroot`
324 rlofidev=`echo $lofidev |sed s/lofi/rlofi/`
325 yes | /usr/sbin/newfs -m 0 $rlofidev 2> /dev/null > /dev/null || fail "newfs"
326 chkpt mount
327 ;;
328
329 "mount")
330 mkdir -p $WORKDIR/mnt
331 /usr/sbin/mount -o nologging $lofidev $WORKDIR/mnt || fail "mount"
332 chkpt copy
333 ;;
334
335 "copy")
336 pushd $ROOTDIR >/dev/null
337 /usr/bin/find . | /usr/bin/cpio -pdum $WORKDIR/mnt 2> /dev/null > /dev/null || fail "populate root"
338 /usr/sbin/devfsadm -r $WORKDIR/mnt > /dev/null
339 popd >/dev/null
340 mkdir $WORKDIR/mnt/kayak
341 cp $SRCDIR/*.sh $WORKDIR/mnt/kayak/
342 chmod a+x $WORKDIR/mnt/kayak/*.sh
343
344 # So "bootadm update-archive" can work.
345 cp $SRCDIR/digest $WORKDIR/mnt/usr/bin/digest
346 chmod 0755 $WORKDIR/mnt/usr/bin/digest
347
348 make_initial_boot $WORKDIR/mnt/.initialboot
349 if [[ -n "$DEBUG" ]]; then
350 cp $SRCDIR/anon.system $WORKDIR/mnt/etc/system
351 cp $SRCDIR/anon.dtrace.conf $WORKDIR/mnt/kernel/drv/dtrace.conf
352 fi
353 chkpt umount
354 ;;
355
356 "umount")
357 /usr/sbin/umount $WORKDIR/mnt || fail "umount"
358 /usr/sbin/lofiadm -d $MKFILEDIR/miniroot || fail "lofiadm delete"
359 chkpt compress
360 ;;
361
362 "compress")
363 $GZIP_CMD -c -f $MKFILEDIR/miniroot > $WORKDIR/miniroot.gz
364 rm -f $MKFILEDIR/miniroot
365 chmod 644 $WORKDIR/miniroot.gz
366 echo " === Finished ==="
367 ls -l $WORKDIR/miniroot.gz
368 ;;
369
370 esac
371 }
372
373 make_initial_boot() {
374 FILE=$1
375 cat > $FILE <<EOF
376 /kayak/install_image.sh
377 exit \$?
378 EOF
379 }
380
381 while [[ -n "$CHKPT" ]]; do
382 step $CHKPT
383 done