mkarchiso 31.6 KB
Newer Older
1
#!/usr/bin/env bash
2
3
#
# SPDX-License-Identifier: GPL-3.0-or-later
4

5
6
set -e -u

7
8
9
10
# Control the environment
umask 0022
export LANG="C"
export SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH:-"$(date +%s)"}"
11

12
# mkarchiso defaults
13
app_name="${0##*/}"
14
pkg_list=()
15
quiet="y"
16
17
work_dir="work"
out_dir="out"
18
img_name="${app_name}.iso"
19
gpg_key=""
20
override_gpg_key=""
21

22
23
24
25
# profile defaults
profile=""
iso_name="${app_name}"
iso_label="${app_name^^}"
26
override_iso_label=""
27
iso_publisher="${app_name}"
28
override_iso_publisher=""
29
iso_application="${app_name} iso"
30
override_iso_application=""
31
32
iso_version=""
install_dir="${app_name}"
33
override_install_dir=""
34
35
arch="$(uname -m)"
pacman_conf="/etc/pacman.conf"
36
override_pacman_conf=""
37
bootmodes=()
38
39
airootfs_image_type="squashfs"
airootfs_image_tool_options=('-comp' 'xz')
40
41


42
43
44
45
# Show an INFO message
# $1: message string
_msg_info() {
    local _msg="${1}"
46
    [[ "${quiet}" == "y" ]] || printf '[%s] INFO: %s\n' "${app_name}" "${_msg}"
47
48
}

49
50
51
52
# Show a WARNING message
# $1: message string
_msg_warning() {
    local _msg="${1}"
53
    printf '[%s] WARNING: %s\n' "${app_name}" "${_msg}" >&2
54
55
}

56
57
58
59
60
61
# Show an ERROR message then exit with status
# $1: message string
# $2: exit code number (with 0 does not exit)
_msg_error() {
    local _msg="${1}"
    local _error=${2}
62
    printf '[%s] ERROR: %s\n' "${app_name}" "${_msg}" >&2
63
    if (( _error > 0 )); then
64
        exit "${_error}"
65
66
67
    fi
}

68
69
_mount_airootfs() {
    trap "_umount_airootfs" EXIT HUP INT TERM
70
71
    install -d -m 0755 -- "${work_dir}/mnt/airootfs"
    _msg_info "Mounting '${airootfs_dir}.img' on '${work_dir}/mnt/airootfs'..."
72
    mount -- "${airootfs_dir}.img" "${work_dir}/mnt/airootfs"
73
    _msg_info "Done!"
74
75
}

76
_umount_airootfs() {
77
    _msg_info "Unmounting '${work_dir}/mnt/airootfs'..."
78
    umount -d -- "${work_dir}/mnt/airootfs"
79
    _msg_info "Done!"
80
    rmdir -- "${work_dir}/mnt/airootfs"
81
82
83
84
85
    trap - EXIT HUP INT TERM
}

# Show help usage, with an exit status.
# $1: exit status number.
86
_usage() {
87
    IFS='' read -r -d '' usagetext <<ENDUSAGETEXT || true
88
usage: ${app_name} [options] <profile_dir>
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
  options:
     -A <application> Set an application name for the ISO
                      Default: '${iso_application}'
     -C <file>        pacman configuration file.
                      Default: '${pacman_conf}'
     -D <install_dir> Set an install_dir. All files will by located here.
                      Default: '${install_dir}'
                      NOTE: Max 8 characters, use only [a-z0-9]
     -L <label>       Set the ISO volume label
                      Default: '${iso_label}'
     -P <publisher>   Set the ISO publisher
                      Default: '${iso_publisher}'
     -g <gpg_key>     Set the GPG key to be used for signing the sqashfs image
     -h               This message
     -o <out_dir>     Set the output directory
                      Default: '${out_dir}'
     -p PACKAGE(S)    Package(s) to install, can be used multiple times
     -v               Enable verbose output
     -w <work_dir>    Set the working directory
                      Default: '${work_dir}'

  profile_dir:        Directory of the archiso profile to build
111
ENDUSAGETEXT
112
    printf '%s' "${usagetext}"
113
    exit "${1}"
114
115
}

116
# Shows configuration options.
117
_show_config() {
118
    local build_date
119
    build_date="$(date --utc --iso-8601=seconds -d "@${SOURCE_DATE_EPOCH}")"
120
    _msg_info "${app_name} configuration settings"
121
122
123
    _msg_info "             Architecture:   ${arch}"
    _msg_info "        Working directory:   ${work_dir}"
    _msg_info "   Installation directory:   ${install_dir}"
124
125
126
127
128
129
130
131
132
133
134
    _msg_info "               Build date:   ${build_date}"
    _msg_info "         Output directory:   ${out_dir}"
    _msg_info "                  GPG key:   ${gpg_key:-None}"
    _msg_info "                  Profile:   ${profile}"
    _msg_info "Pacman configuration file:   ${pacman_conf}"
    _msg_info "          Image file name:   ${img_name}"
    _msg_info "         ISO volume label:   ${iso_label}"
    _msg_info "            ISO publisher:   ${iso_publisher}"
    _msg_info "          ISO application:   ${iso_application}"
    _msg_info "               Boot modes:   ${bootmodes[*]}"
    _msg_info "                 Packages:   ${pkg_list[*]}"
135
136
}

137
# Cleanup airootfs
138
_cleanup_airootfs() {
139
    _msg_info "Cleaning up what we can on airootfs..."
140

141
    # Delete all files in /boot
142
    [[ -d "${airootfs_dir}/boot" ]] && find "${airootfs_dir}/boot" -mindepth 1 -delete
143
    # Delete pacman database sync cache files (*.tar.gz)
144
    [[ -d "${airootfs_dir}/var/lib/pacman" ]] && find "${airootfs_dir}/var/lib/pacman" -maxdepth 1 -type f -delete
145
    # Delete pacman database sync cache
146
    [[ -d "${airootfs_dir}/var/lib/pacman/sync" ]] && find "${airootfs_dir}/var/lib/pacman/sync" -delete
147
    # Delete pacman package cache
148
    [[ -d "${airootfs_dir}/var/cache/pacman/pkg" ]] && find "${airootfs_dir}/var/cache/pacman/pkg" -type f -delete
149
    # Delete all log files, keeps empty dirs.
150
    [[ -d "${airootfs_dir}/var/log" ]] && find "${airootfs_dir}/var/log" -type f -delete
151
    # Delete all temporary files and dirs
152
    [[ -d "${airootfs_dir}/var/tmp" ]] && find "${airootfs_dir}/var/tmp" -mindepth 1 -delete
153
    # Delete package pacman related files.
154
    find "${work_dir}" \( -name '*.pacnew' -o -name '*.pacsave' -o -name '*.pacorig' \) -delete
155
    # Create an empty /etc/machine-id
156
    printf '' > "${airootfs_dir}/etc/machine-id"
157
158

    _msg_info "Done!"
159
}
160

161
162
163
164
_run_mksquashfs() {
    local image_path="${isofs_dir}/${install_dir}/${arch}/airootfs.sfs"
    if [[ "${quiet}" == "y" ]]; then
        mksquashfs "$@" "${image_path}" -noappend "${airootfs_image_tool_options[@]}" -no-progress > /dev/null
165
    else
166
        mksquashfs "$@" "${image_path}" -noappend "${airootfs_image_tool_options[@]}"
167
168
169
    fi
}

170
# Makes a ext4 filesystem inside a SquashFS from a source directory.
171
172
_mkairootfs_ext4+squashfs() {
    [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1
173

174
    _msg_info "Creating ext4 image of 32 GiB..."
175
    if [[ "${quiet}" == "y" ]]; then
176
        mkfs.ext4 -q -O '^has_journal,^resize_inode' -E 'lazy_itable_init=0' -m 0 -F -- "${airootfs_dir}.img" 32G
177
    else
178
        mkfs.ext4 -O '^has_journal,^resize_inode' -E 'lazy_itable_init=0' -m 0 -F -- "${airootfs_dir}.img" 32G
179
    fi
180
    tune2fs -c 0 -i 0 -- "${airootfs_dir}.img" > /dev/null
181
    _msg_info "Done!"
182
    _mount_airootfs
183
184
    _msg_info "Copying '${airootfs_dir}/' to '${work_dir}/mnt/airootfs/'..."
    cp -aT -- "${airootfs_dir}/" "${work_dir}/mnt/airootfs/"
185
    chown -- 0:0 "${work_dir}/mnt/airootfs/"
186
    _msg_info "Done!"
187
    _umount_airootfs
188
    install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
189
    _msg_info "Creating SquashFS image, this may take some time..."
190
    _run_mksquashfs "${airootfs_dir}.img"
191
    _msg_info "Done!"
192
    rm -- "${airootfs_dir}.img"
193
194
}

195
# Makes a SquashFS filesystem from a source directory.
196
197
_mkairootfs_squashfs() {
    [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1
198

199
    install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
200
    _msg_info "Creating SquashFS image, this may take some time..."
201
    _run_mksquashfs "${airootfs_dir}"
202
203
204
    _msg_info "Done!"
}

205
_mkchecksum() {
206
    _msg_info "Creating checksum file for self-test..."
207
    cd -- "${isofs_dir}/${install_dir}/${arch}"
208
    sha512sum airootfs.sfs > airootfs.sha512
209
    cd -- "${OLDPWD}"
210
    _msg_info "Done!"
211
212
}

213
214
_mksignature() {
    _msg_info "Signing SquashFS image..."
215
    cd -- "${isofs_dir}/${install_dir}/${arch}"
216
    gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs
217
    cd -- "${OLDPWD}"
218
219
220
    _msg_info "Done!"
}

221
222
223
224
225
226
227
# Helper function to run functions only one time.
_run_once() {
    if [[ ! -e "${work_dir}/build.${1}" ]]; then
        "$1"
        touch "${work_dir}/build.${1}"
    fi
}
228

229
# Set up custom pacman.conf with custom cache and pacman hook directories
230
_make_pacman_conf() {
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
    local _cache_dirs _system_cache_dirs _profile_cache_dirs
    _system_cache_dirs="$(pacman-conf CacheDir| tr '\n' ' ')"
    _profile_cache_dirs="$(pacman-conf --config "${pacman_conf}" CacheDir| tr '\n' ' ')"

    # only use the profile's CacheDir, if it is not the default and not the same as the system cache dir
    if [[ "${_profile_cache_dirs}" != "/var/cache/pacman/pkg" ]] && \
        [[ "${_system_cache_dirs}" != "${_profile_cache_dirs}" ]]; then
        _cache_dirs="${_profile_cache_dirs}"
    else
        _cache_dirs="${_system_cache_dirs}"
    fi

    _msg_info "Copying custom pacman.conf to work directory..."
    # take the profile pacman.conf and strip all settings that would break in chroot when using pacman -r
    # see `man 8 pacman` for further info
    pacman-conf --config "${pacman_conf}" | \
        sed '/CacheDir/d;/DBPath/d;/HookDir/d;/LogFile/d;/RootDir/d' > "${work_dir}/pacman.conf"

    _msg_info "Using pacman CacheDir: ${_cache_dirs}"
    # append CacheDir and HookDir to [options] section
    # HookDir is *always* set to the airootfs' override directory
    sed "/\[options\]/a CacheDir = ${_cache_dirs}
        /\[options\]/a HookDir = ${airootfs_dir}/etc/pacman.d/hooks/" \
        -i "${work_dir}/pacman.conf"
255
256
257
258
259
}

# Prepare working directory and copy custom airootfs files (airootfs)
_make_custom_airootfs() {
    local passwd=()
260
261
262

    install -d -m 0755 -o 0 -g 0 -- "${airootfs_dir}"

263
    if [[ -d "${profile}/airootfs" ]]; then
264
        _msg_info "Copying custom airootfs files and setting up user home directories..."
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
        cp -af --no-preserve=ownership -- "${profile}/airootfs/." "${airootfs_dir}"

        [[ -e "${airootfs_dir}/etc/shadow" ]] && chmod -f 0400 -- "${airootfs_dir}/etc/shadow"
        [[ -e "${airootfs_dir}/etc/gshadow" ]] && chmod -f 0400 -- "${airootfs_dir}/etc/gshadow"

        # Set up user home directories and permissions
        if [[ -e "${airootfs_dir}/etc/passwd" ]]; then
            while IFS=':' read -a passwd -r; do
                [[ "${passwd[5]}" == '/' ]] && continue
                [[ -z "${passwd[5]}" ]] && continue

                if [[ -d "${airootfs_dir}${passwd[5]}" ]]; then
                    chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}"
                    chmod -f 0750 -- "${airootfs_dir}${passwd[5]}"
                else
                    install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${airootfs_dir}${passwd[5]}"
                fi
             done < "${airootfs_dir}/etc/passwd"
        fi
284
        _msg_info "Done!"
285
286
287
    fi
}

288
# Install desired packages to airootfs
289
_make_packages() {
290
291
    _msg_info "Installing packages to '${airootfs_dir}/'..."

292
293
294
295
    if [[ -n "${gpg_key}" ]]; then
        exec {ARCHISO_GNUPG_FD}<>"${work_dir}/pubkey.gpg"
        export ARCHISO_GNUPG_FD
    fi
296
297
298
299
300
301
302

    if [[ "${quiet}" = "y" ]]; then
        pacstrap -C "${work_dir}/pacman.conf" -c -G -M -- "${airootfs_dir}" "${pkg_list[@]}" &> /dev/null
    else
        pacstrap -C "${work_dir}/pacman.conf" -c -G -M -- "${airootfs_dir}" "${pkg_list[@]}"
    fi

303
304
305
306
    if [[ -n "${gpg_key}" ]]; then
        exec {ARCHISO_GNUPG_FD}<&-
        unset ARCHISO_GNUPG_FD
    fi
307
308

    _msg_info "Done! Packages installed successfully."
309
310
311
312
313
}

# Customize installation (airootfs)
_make_customize_airootfs() {
    local passwd=()
314

315
    if [[ -e "${profile}/airootfs/etc/passwd" ]]; then
316
        _msg_info "Copying /etc/skel/* to user homes..."
317
        while IFS=':' read -a passwd -r; do
318
            (( passwd[2] >= 1000 && passwd[2] < 60000 )) || continue
319
320
            [[ "${passwd[5]}" == '/' ]] && continue
            [[ -z "${passwd[5]}" ]] && continue
321
322
            cp -dnRT --preserve=mode,timestamps,links -- "${airootfs_dir}/etc/skel" "${airootfs_dir}${passwd[5]}"
            chmod -f 0750 -- "${airootfs_dir}${passwd[5]}"
323
324
325
            chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}"

        done < "${profile}/airootfs/etc/passwd"
326
        _msg_info "Done!"
327
328
329
    fi

    if [[ -e "${airootfs_dir}/root/customize_airootfs.sh" ]]; then
330
        _msg_info "Running customize_airootfs.sh in '${airootfs_dir}' chroot..."
331
        _msg_warning "customize_airootfs.sh is deprecated! Support for it will be removed in a future archiso version."
332
        eval -- arch-chroot "${airootfs_dir}" "/root/customize_airootfs.sh"
333
        rm -- "${airootfs_dir}/root/customize_airootfs.sh"
334
        _msg_info "Done! customize_airootfs.sh run successfully."
335
336
337
    fi
}

338
339
340
341
# Set up boot loaders
_make_bootmodes() {
    local bootmode
    for bootmode in "${bootmodes[@]}"; do
342
343
        if typeset -f "_make_bootmode_${bootmode}" &> /dev/null; then
            _run_once "_make_bootmode_${bootmode}"
344
345
346
347
348
349
        else
            _msg_error "${bootmode} is not a valid boot mode" 1
        fi
    done
}

350
# Prepare kernel/initramfs ${install_dir}/boot/
351
_make_boot_on_iso9660() {
352
    local ucode_image
353
354
    _msg_info "Preparing kernel and intramfs for the ISO 9660 file system..."
    install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/${arch}"
355
356
357
358
359
360
361
362
363
364
365
366
367
    install -m 0644 -- "${airootfs_dir}/boot/initramfs-"*".img" "${isofs_dir}/${install_dir}/boot/${arch}/"
    install -m 0644 -- "${airootfs_dir}/boot/vmlinuz-"* "${isofs_dir}/${install_dir}/boot/${arch}/"

    for ucode_image in {intel-uc.img,intel-ucode.img,amd-uc.img,amd-ucode.img,early_ucode.cpio,microcode.cpio}; do
        if [[ -e "${airootfs_dir}/boot/${ucode_image}" ]]; then
            install -m 0644 -- "${airootfs_dir}/boot/${ucode_image}" "${isofs_dir}/${install_dir}/boot/"
            if [[ -e "${airootfs_dir}/usr/share/licenses/${ucode_image%.*}/" ]]; then
                install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/licenses/${ucode_image%.*}/"
                install -m 0644 -- "${airootfs_dir}/usr/share/licenses/${ucode_image%.*}/"* \
                    "${isofs_dir}/${install_dir}/boot/licenses/${ucode_image%.*}/"
            fi
        fi
    done
368
    _msg_info "Done!"
369
370
371
}

# Prepare /${install_dir}/boot/syslinux
372
_make_bootmode_bios.syslinux.mbr() {
373
374
    _msg_info "Setting up SYSLINUX for BIOS booting from a disk..."
    install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/syslinux"
375
376
    for _cfg in "${profile}/syslinux/"*.cfg; do
        sed "s|%ARCHISO_LABEL%|${iso_label}|g;
377
378
379
             s|%INSTALL_DIR%|${install_dir}|g;
             s|%ARCH%|${arch}|g" \
             "${_cfg}" > "${isofs_dir}/${install_dir}/boot/syslinux/${_cfg##*/}"
380
    done
381
382
383
    if [[ -e "${profile}/syslinux/splash.png" ]]; then
        install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/${install_dir}/boot/syslinux/"
    fi
384
385
386
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/"*.c32 "${isofs_dir}/${install_dir}/boot/syslinux/"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/lpxelinux.0" "${isofs_dir}/${install_dir}/boot/syslinux/"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/memdisk" "${isofs_dir}/${install_dir}/boot/syslinux/"
387

388
    _run_once _make_boot_on_iso9660
389

390
391
392
393
394
395
396
397
398
    if [[ -e "${isofs_dir}/${install_dir}/boot/syslinux/hdt.c32" ]]; then
        install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/syslinux/hdt"
        if [[ -e "${airootfs_dir}/usr/share/hwdata/pci.ids" ]]; then
            gzip -c -9 "${airootfs_dir}/usr/share/hwdata/pci.ids" > \
                "${isofs_dir}/${install_dir}/boot/syslinux/hdt/pciids.gz"
        fi
        find "${airootfs_dir}/usr/lib/modules" -name 'modules.alias' -print -exec gzip -c -9 '{}' ';' -quit > \
            "${isofs_dir}/${install_dir}/boot/syslinux/hdt/modalias.gz"
    fi
399
400
401
402
403

    # Add other aditional/extra files to ${install_dir}/boot/
    if [[ -e "${airootfs_dir}/boot/memtest86+/memtest.bin" ]]; then
        # rename for PXE: https://wiki.archlinux.org/index.php/Syslinux#Using_memtest
        install -m 0644 -- "${airootfs_dir}/boot/memtest86+/memtest.bin" "${isofs_dir}/${install_dir}/boot/memtest"
404
        install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/licenses/memtest86+/"
405
406
407
        install -m 0644 -- "${airootfs_dir}/usr/share/licenses/common/GPL2/license.txt" \
            "${isofs_dir}/${install_dir}/boot/licenses/memtest86+/"
    fi
408
    _msg_info "Done! SYSLINUX set up for BIOS booting from a disk successfully."
409
410
411
}

# Prepare /isolinux
412
_make_bootmode_bios.syslinux.eltorito() {
413
414
    _msg_info "Setting up SYSLINUX for BIOS booting from an optical disc..."
    install -d -m 0755 -- "${isofs_dir}/isolinux"
415
416
417
418
419
420
    for _cfg in "${profile}/isolinux/"*".cfg"; do
        sed "s|%ARCHISO_LABEL%|${iso_label}|g;
             s|%INSTALL_DIR%|${install_dir}|g;
             s|%ARCH%|${arch}|g" \
             "${_cfg}" > "${isofs_dir}/isolinux/${_cfg##*/}"
    done
421
422
423
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isolinux.bin" "${isofs_dir}/isolinux/"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isohdpfx.bin" "${isofs_dir}/isolinux/"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/ldlinux.c32" "${isofs_dir}/isolinux/"
424
425

    # isolinux.cfg loads syslinux.cfg
426
    _run_once _make_bootmode_bios.syslinux.mbr
427
428

    _msg_info "Done! SYSLINUX set up for BIOS booting from an optical disc successfully."
429
430
431
}

# Prepare /EFI on ISO-9660
432
_make_efi_dir_on_iso9660() {
433
434
    _msg_info "Preparing an /EFI directory for the ISO 9660 file system..."
    install -d -m 0755 -- "${isofs_dir}/EFI/BOOT"
435
436
437
    install -m 0644 -- "${airootfs_dir}/usr/lib/systemd/boot/efi/systemd-bootx64.efi" \
        "${isofs_dir}/EFI/BOOT/BOOTx64.EFI"

438
    install -d -m 0755 -- "${isofs_dir}/loader/entries"
439
440
    install -m 0644 -- "${profile}/efiboot/loader/loader.conf" "${isofs_dir}/loader/"

441
442
443
444
445
446
    for _conf in "${profile}/efiboot/loader/entries/"*".conf"; do
        sed "s|%ARCHISO_LABEL%|${iso_label}|g;
             s|%INSTALL_DIR%|${install_dir}|g;
             s|%ARCH%|${arch}|g" \
            "${_conf}" > "${isofs_dir}/loader/entries/${_conf##*/}"
    done
447
448
449

    # edk2-shell based UEFI shell
    # shellx64.efi is picked up automatically when on /
450
451
452
    if [[ -e "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" ]]; then
        install -m 0644 -- "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" "${isofs_dir}/shellx64.efi"
    fi
453
    _msg_info "Done!"
454
455
}

456
457
# Prepare kernel/initramfs on efiboot.img
_make_boot_on_fat() {
458
    local ucode_image all_ucode_images=()
459
    _msg_info "Preparing kernel and intramfs for the FAT file system..."
460
    mmd -i "${work_dir}/efiboot.img" \
461
        "::/${install_dir}" "::/${install_dir}/boot" "::/${install_dir}/boot/${arch}"
462
    mcopy -i "${work_dir}/efiboot.img" "${airootfs_dir}/boot/vmlinuz-"* \
463
464
465
466
467
468
469
470
471
        "${airootfs_dir}/boot/initramfs-"*".img" "::/${install_dir}/boot/${arch}/"
    for ucode_image in \
        "${airootfs_dir}/boot/"{intel-uc.img,intel-ucode.img,amd-uc.img,amd-ucode.img,early_ucode.cpio,microcode.cpio}
    do
        if [[ -e "${ucode_image}" ]]; then
            all_ucode_images+=("${ucode_image}")
        fi
    done
    if (( ${#all_ucode_images[@]} )); then
472
        mcopy -i "${work_dir}/efiboot.img" "${all_ucode_images[@]}" "::/${install_dir}/boot/"
473
    fi
474
    _msg_info "Done!"
475
476
477
}

# Prepare efiboot.img::/EFI for EFI boot mode
478
_make_bootmode_uefi-x64.systemd-boot.esp() {
479
    local efiboot_imgsize="0"
480
    _msg_info "Setting up systemd-boot for UEFI booting..."
481

482
483
    # the required image size in KiB (rounded up to the next full MiB with an additional MiB for reserved sectors)
    efiboot_imgsize="$(du -bc \
484
485
486
487
488
489
        "${airootfs_dir}/usr/lib/systemd/boot/efi/systemd-bootx64.efi" \
        "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" \
        "${profile}/efiboot/" \
        "${airootfs_dir}/boot/vmlinuz-"* \
        "${airootfs_dir}/boot/initramfs-"*".img" \
        "${airootfs_dir}/boot/"{intel-uc.img,intel-ucode.img,amd-uc.img,amd-ucode.img,early_ucode.cpio,microcode.cpio} \
490
491
492
493
494
        2>/dev/null | awk 'function ceil(x){return int(x)+(x>int(x))}
            function byte_to_kib(x){return x/1024}
            function mib_to_kib(x){return x*1024}
            END {print mib_to_kib(ceil((byte_to_kib($1)+1024)/1024))}'
        )"
495
496
    # The FAT image must be created with mkfs.fat not mformat, as some systems have issues with mformat made images:
    # https://lists.gnu.org/archive/html/grub-devel/2019-04/msg00099.html
497
    [[ -e "${work_dir}/efiboot.img" ]] && rm -f -- "${work_dir}/efiboot.img"
498
    _msg_info "Creating FAT image of size: ${efiboot_imgsize} KiB..."
499
    mkfs.fat -C -n ARCHISO_EFI "${work_dir}/efiboot.img" "$efiboot_imgsize"
500

501
502
    mmd -i "${work_dir}/efiboot.img" ::/EFI ::/EFI/BOOT
    mcopy -i "${work_dir}/efiboot.img" \
503
        "${airootfs_dir}/usr/lib/systemd/boot/efi/systemd-bootx64.efi" ::/EFI/BOOT/BOOTx64.EFI
504

505
506
    mmd -i "${work_dir}/efiboot.img" ::/loader ::/loader/entries
    mcopy -i "${work_dir}/efiboot.img" "${profile}/efiboot/loader/loader.conf" ::/loader/
507
508
509
510
    for _conf in "${profile}/efiboot/loader/entries/"*".conf"; do
        sed "s|%ARCHISO_LABEL%|${iso_label}|g;
             s|%INSTALL_DIR%|${install_dir}|g;
             s|%ARCH%|${arch}|g" \
511
            "${_conf}" | mcopy -i "${work_dir}/efiboot.img" - "::/loader/entries/${_conf##*/}"
512
    done
513
514

    # shellx64.efi is picked up automatically when on /
515
    if [[ -e "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" ]]; then
516
        mcopy -i "${work_dir}/efiboot.img" \
517
            "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" ::/shellx64.efi
518
519
520
    fi

    # Copy kernel and initramfs
521
    _make_boot_on_fat
522

523
    _msg_info "Done! systemd-boot set up for UEFI booting successfully."
524
525
}

526
# Prepare efiboot.img::/EFI for "El Torito" EFI boot mode
527
528
529
530
_make_bootmode_uefi-x64.systemd-boot.eltorito() {
    _run_once _make_bootmode_uefi-x64.systemd-boot.esp
    # Set up /EFI on ISO-9660 to allow preparing an installation medium by manually copying files
    _run_once _make_efi_dir_on_iso9660
531
532
}

533
# Build airootfs filesystem image
534
535
536
_prepare_airootfs_image() {
    if typeset -f "_mkairootfs_${airootfs_image_type}" &> /dev/null; then
        _run_once "_mkairootfs_${airootfs_image_type}"
537
538
    else
        _msg_error "Unsupported image type: '${airootfs_image_type}'" 1
539
    fi
540

541
    _mkchecksum
542
    [[ -n "${gpg_key}" ]] && _mksignature
543
544
545
}

# Build ISO
546
_build_iso() {
547
548
    local xorrisofs_options=()

549
550
    [[ -d "${out_dir}" ]] || install -d -- "${out_dir}"

551
    [[ "${quiet}" == "y" ]] && xorrisofs_options+=('-quiet')
552
553

    # xorrisofs options for x86 BIOS booting using SYSLINUX
554
555
    # shellcheck disable=SC2076
    if [[ " ${bootmodes[*]} " =~ ' bios.syslinux.' ]]; then
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598

        # SYSLINUX El Torito
        if [[ " ${bootmodes[*]} " =~ ' bios.syslinux.eltorito ' ]]; then
            if [[ ! -f "${isofs_dir}/isolinux/isolinux.bin" ]]; then
                _msg_error "The file '${isofs_dir}/isolinux/isolinux.bin' does not exist." 1
            fi

            # SYSLINUX MBR
            if [[ " ${bootmodes[*]} " =~ ' bios.syslinux.mbr ' ]]; then
                if [[ ! -f "${isofs_dir}/isolinux/isohdpfx.bin" ]]; then
                    _msg_error "The file '${isofs_dir}/isolinux/isohdpfx.bin' does not exist." 1
                fi

                xorrisofs_options+=(
                    # SYSLINUX MBR bootstrap code; does not work without "-eltorito-boot isolinux/isolinux.bin"
                    '-isohybrid-mbr' "${isofs_dir}/isolinux/isohdpfx.bin"
                    # When GPT is used, create an additional partition in the MBR (besides 0xEE) for sectors 0–1 (MBR
                    # bootstrap code area) and mark it as bootable
                    # This violates the UEFI specification, but may allow booting on some systems
                    # https://wiki.archlinux.org/index.php/Partitioning#Tricking_old_BIOS_into_booting_from_GPT
                    '--mbr-force-bootable'
                    # Set the ISO 9660 partition's type to "Linux filesystem data"
                    # When only MBR is present, the partition type ID will be 0x83 "Linux" as xorriso translates all
                    # GPT partition type GUIDs except for the ESP GUID to MBR type ID 0x83
                    '-iso_mbr_part_type' '0FC63DAF-8483-4772-8E79-3D69D8477DE4'
                    # Move the first partition away from the start of the ISO to match the expectations of partition
                    # editors
                    # May allow booting on some systems
                    # https://dev.lovelyhq.com/libburnia/libisoburn/src/branch/master/doc/partition_offset.wiki
                    '-partition_offset' '16'
                )
            fi

            xorrisofs_options+=(
                # El Torito boot image for x86 BIOS
                '-eltorito-boot' 'isolinux/isolinux.bin'
                # El Torito boot catalog file
                '-eltorito-catalog' 'isolinux/boot.cat'
                # Required options to boot with ISOLINUX
                '-no-emul-boot' '-boot-load-size' '4' '-boot-info-table'
            )
        else
            _msg_error "Using 'bios.syslinux.mbr' boot mode without 'bios.syslinux.eltorito' is not supported." 1
599
600
        fi
    fi
601
602

    # xorrisofs options for X64 UEFI booting using systemd-boot
603
604
    # shellcheck disable=SC2076
    if [[ " ${bootmodes[*]} " =~ ' uefi-x64.systemd-boot.' ]]; then
605
        [[ -f "${work_dir}/efiboot.img" ]] || _msg_error "The file '${work_dir}/efiboot.img' does not exist." 1
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
        [[ -e "${isofs_dir}/EFI/archiso" ]] && rm -rf -- "${isofs_dir}/EFI/archiso"

        # systemd-boot in an attached EFI system partition
        if [[ " ${bootmodes[*]} " =~ ' uefi-x64.systemd-boot.esp ' ]]; then
            # Move the first partition away from the start of the ISO, otherwise the GPT will not be valid and ISO 9660
            # partition will not be mountable
            [[ " ${xorrisofs_options[*]} " =~ ' -partition_offset ' ]] || xorrisofs_options+=('-partition_offset' '16')
            xorrisofs_options+=(
                # Attach efiboot.img as a second partition and set its partition type to "EFI system partition"
                '-append_partition' '2' 'C12A7328-F81F-11D2-BA4B-00A0C93EC93B' "${work_dir}/efiboot.img"
                # Ensure GPT is used as some systems do not support UEFI booting without it
                '-appended_part_as_gpt'
            )

            # systemd-boot in an attached EFI system partition via El Torito
            if [[ " ${bootmodes[*]} " =~ ' uefi-x64.systemd-boot.eltorito ' ]]; then
                xorrisofs_options+=(
                    # Start a new El Torito boot entry for UEFI
                    '-eltorito-alt-boot'
                    # Set the second partition as the El Torito UEFI boot image
                    '-e' '--interval:appended_partition_2:all::'
                    # Boot image is not emulating floppy or hard disk; required for all known boot loaders
                    '-no-emul-boot'
                )
            fi
        # systemd-boot in an embedded efiboot.img via El Torito
        elif [[ " ${bootmodes[*]} " =~ ' uefi-x64.systemd-boot.eltorito ' ]]; then
            # The ISO will not contain a GPT partition table, so to be able to reference efiboot.img, place it as a
            # file inside the ISO 9660 file system
            install -d -m 0755 -- "${isofs_dir}/EFI/archiso"
            cp -a -- "${work_dir}/efiboot.img" "${isofs_dir}/EFI/archiso/efiboot.img"

            xorrisofs_options+=(
                # Start a new El Torito boot entry for UEFI
                '-eltorito-alt-boot'
                # Set efiboot.img as the El Torito UEFI boot image
                '-e' 'EFI/archiso/efiboot.img'
                # Boot image is not emulating floppy or hard disk; required for all known boot loaders
                '-no-emul-boot'
            )
        fi

        # Specify where to save the El Torito boot catalog file in case it is not already set by bios.syslinux.eltorito
        [[ " ${bootmodes[*]} " =~ ' bios.' ]] || xorrisofs_options+=('-eltorito-catalog' 'EFI/boot.cat')
650
651
652
653
654
655
    fi

    _msg_info "Creating ISO image..."
    xorriso -as mkisofs \
            -iso-level 3 \
            -full-iso9660-filenames \
nl6720's avatar
nl6720 committed
656
657
            -joliet \
            -joliet-long \
658
659
660
661
662
663
664
665
            -rational-rock \
            -volid "${iso_label}" \
            -appid "${iso_application}" \
            -publisher "${iso_publisher}" \
            -preparer "prepared by ${app_name}" \
            "${xorrisofs_options[@]}" \
            -output "${out_dir}/${img_name}" \
            "${isofs_dir}/"
666
667
    _msg_info "Done!"
    du -h -- "${out_dir}/${img_name}"
668
669
670
}

# Read profile's values from profiledef.sh
671
_read_profile() {
672
673
674
675
676
677
678
679
    if [[ -z "${profile}" ]]; then
        _msg_error "No profile specified!" 1
    fi
    if [[ ! -d "${profile}" ]]; then
        _msg_error "Profile '${profile}' does not exist!" 1
    elif [[ ! -e "${profile}/profiledef.sh" ]]; then
        _msg_error "Profile '${profile}' is missing 'profiledef.sh'!" 1
    else
680
681
        cd -- "${profile}"

682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
        # Source profile's variables
        # shellcheck source=configs/releng/profiledef.sh
        . "${profile}/profiledef.sh"

        # Resolve paths
        packages="$(realpath -- "${profile}/packages.${arch}")"
        pacman_conf="$(realpath -- "${pacman_conf}")"

        # Enumerate packages
        [[ -e "${packages}" ]] || _msg_error "File '${packages}' does not exist!" 1
        mapfile -t pkg_list < <(sed '/^[[:blank:]]*#.*/d;s/#.*//;/^[[:blank:]]*$/d' "${packages}")

        cd -- "${OLDPWD}"
    fi
}

698
699
# set overrides from mkarchiso option parameters, if present
_set_overrides() {
700
701
702
703
704
705
    [[ -n "$override_iso_label" ]] && iso_label="$override_iso_label"
    [[ -n "$override_iso_publisher" ]] && iso_publisher="$override_iso_publisher"
    [[ -n "$override_iso_application" ]] && iso_application="$override_iso_application"
    [[ -n "$override_install_dir" ]] && install_dir="$override_install_dir"
    [[ -n "$override_pacman_conf" ]] && pacman_conf="$override_pacman_conf"
    [[ -n "$override_gpg_key" ]] && gpg_key="$override_gpg_key"
706
707
708
}


709
_export_gpg_publickey() {
710
    gpg --batch --output "${work_dir}/pubkey.gpg" --export "${gpg_key}"
711
712
713
714
}


_make_pkglist() {
715
    install -d -m 0755 -- "${isofs_dir}/${install_dir}"
716
    _msg_info "Creating a list of installed packages on live-enviroment..."
717
    pacman -Q --sysroot "${airootfs_dir}" > "${isofs_dir}/${install_dir}/pkglist.${arch}.txt"
718
    _msg_info "Done!"
719
}
720

721
_build_profile() {
722
723
    # Set up essential directory paths
    airootfs_dir="${work_dir}/${arch}/airootfs"
724
725
726
    isofs_dir="${work_dir}/iso"
    # Set ISO file name
    img_name="${iso_name}-${iso_version}-${arch}.iso"
727
728
    # Create working directory
    [[ -d "${work_dir}" ]] || install -d -- "${work_dir}"
729
730
731
732
733
734
    # Write build date to file or if the file exists, read it from there
    if [[ -e "${work_dir}/build_date" ]]; then
        SOURCE_DATE_EPOCH="$(<"${work_dir}/build_date")"
    else
        printf '%s\n' "$SOURCE_DATE_EPOCH" > "${work_dir}/build_date"
    fi
735

736
    [[ "${quiet}" == "n" ]] && _show_config
737
    _run_once _make_pacman_conf
738
    [[ -n "${gpg_key}" ]] && _run_once _export_gpg_publickey
739
740
741
742
    _run_once _make_custom_airootfs
    _run_once _make_packages
    _run_once _make_customize_airootfs
    _run_once _make_pkglist
743
    _make_bootmodes
744
745
746
    _run_once _cleanup_airootfs
    _run_once _prepare_airootfs_image
    _run_once _build_iso
747
748
}

749
while getopts 'p:C:L:P:A:D:w:o:g:vh?' arg; do
750
    case "${arg}" in
751
752
        p)
            read -r -a opt_pkg_list <<< "${OPTARG}"
753
754
            pkg_list+=("${opt_pkg_list[@]}")
            ;;
755
756
757
758
759
        C) override_pacman_conf="$(realpath -- "${OPTARG}")" ;;
        L) override_iso_label="${OPTARG}" ;;
        P) override_iso_publisher="${OPTARG}" ;;
        A) override_iso_application="${OPTARG}" ;;
        D) override_install_dir="${OPTARG}" ;;
760
761
        w) work_dir="$(realpath -- "${OPTARG}")" ;;
        o) out_dir="$(realpath -- "${OPTARG}")" ;;
762
        g) override_gpg_key="${OPTARG}" ;;
763
764
765
766
767
768
769
770
771
        v) quiet="n" ;;
        h|?) _usage 0 ;;
        *)
            _msg_error "Invalid argument '${arg}'" 0
            _usage 1
            ;;
    esac
done

772
773
774
shift $((OPTIND - 1))

if (( $# < 1 )); then
775
    _msg_error "No profile specified" 0
776
777
778
    _usage 1
fi

779
780
781
782
if (( EUID != 0 )); then
    _msg_error "${app_name} must be run as root." 1
fi

783
784
# get the absolute path representation of the first non-option argument
profile="$(realpath -- "${1}")"
785

786
787
788
_read_profile
_set_overrides
_build_profile
789
790

# vim:ts=4:sw=4:et: