GitLab

Menu

Projects Groups Snippets

Help
Sign in

A archiso
Project information
- Project information
- Activity
- Labels
- Members
Repository
- Repository
- Files
- Commits
- Branches
- Tags
- Contributors
- Graph
- Compare
- Locked Files
Issues 40
- Issues 40
- List
- Boards
- Service Desk
- Milestones
- Iterations
Merge requests 10
- Merge requests 10
CI/CD
- CI/CD
- Pipelines
- Jobs
- Schedules
- Test Cases
Deployments
- Deployments
- Releases
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards

Collapse sidebar

Arch Linux
archiso
Issues
#40

Closed

Open

Created Jul 30, 2020 by nl6720 @nl6720Developer3 of 10 tasks completed3/10 tasks

Elevate to root only when necessary

Running the whole script as root is excessive and it tremendously complicates signing the Squashfs image with GPG. It would be better to elevate to root only when it is absolutely necessary.

TODO:

!58 (merged): Add -rational-rock to xorriso command, so that all files in the ISO (in Rock Ridge, not Squashfs) are owned by root and have sane permissions.
Launch commands that require root privileges using sudo when the script is run as a regular user.

The things that require root are:

_make_custom_airootfs: file copying to airootfs and chown.
_make_packages: pacstrap
_make_customize_airootfs: /etc/skel copying to airootfs and arch-chroot for customize_airootfs.sh.
_make_pkglist: pacman --sysroot - to generate packages list.
_make_boot_uefi-x64.systemd-boot.esp: mount - to mount the FAT file system image.
_cleanup: find ... -delete on airootfs and workdir. Also the printf that creates an empty /etc/machine-id.
_mkairootfs_ext4+squashfs, _mount_airootfs, _umount_airootfs: mount and chown with airootfs_image_type="ext4+squashfs".
_run_mksquashfs: mksquashfs - it needs full access to airootfs to create the squashfs image.

Edited Aug 25, 2021 by nl6720

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Assignee

Assign to

Time tracking