mkarchiso 39.9 KB
Newer Older
1
#!/usr/bin/env bash
2
3
#
# SPDX-License-Identifier: GPL-3.0-or-later
4

5
6
set -e -u

7
8
9
10
# Control the environment
umask 0022
export LANG="C"
export SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH:-"$(date +%s)"}"
11

12
# Set application name from the script's file name
13
app_name="${0##*/}"
14
15

# Define global variables. All of them will be overwritten later
16
pkg_list=()
17
18
19
20
quiet=""
work_dir=""
out_dir=""
img_name=""
21
gpg_key=""
22
23
24
25
iso_name=""
iso_label=""
iso_publisher=""
iso_application=""
26
iso_version=""
27
28
29
30
install_dir=""
arch=""
pacman_conf=""
packages=""
31
bootmodes=()
32
33
airootfs_image_type=""
airootfs_image_tool_options=()
34
declare -A file_permissions=()
35
36


37
38
39
40
# Show an INFO message
# $1: message string
_msg_info() {
    local _msg="${1}"
41
    [[ "${quiet}" == "y" ]] || printf '[%s] INFO: %s\n' "${app_name}" "${_msg}"
42
43
}

44
45
46
47
# Show a WARNING message
# $1: message string
_msg_warning() {
    local _msg="${1}"
48
    printf '[%s] WARNING: %s\n' "${app_name}" "${_msg}" >&2
49
50
}

51
52
53
54
55
56
# Show an ERROR message then exit with status
# $1: message string
# $2: exit code number (with 0 does not exit)
_msg_error() {
    local _msg="${1}"
    local _error=${2}
57
    printf '[%s] ERROR: %s\n' "${app_name}" "${_msg}" >&2
58
    if (( _error > 0 )); then
59
        exit "${_error}"
60
61
62
    fi
}

63
64
_mount_airootfs() {
    trap "_umount_airootfs" EXIT HUP INT TERM
65
66
    install -d -m 0755 -- "${work_dir}/mnt/airootfs"
    _msg_info "Mounting '${airootfs_dir}.img' on '${work_dir}/mnt/airootfs'..."
67
    mount -- "${airootfs_dir}.img" "${work_dir}/mnt/airootfs"
68
    _msg_info "Done!"
69
70
}

71
_umount_airootfs() {
72
    _msg_info "Unmounting '${work_dir}/mnt/airootfs'..."
73
    umount -d -- "${work_dir}/mnt/airootfs"
74
    _msg_info "Done!"
75
    rmdir -- "${work_dir}/mnt/airootfs"
76
77
78
79
80
    trap - EXIT HUP INT TERM
}

# Show help usage, with an exit status.
# $1: exit status number.
81
_usage() {
82
    IFS='' read -r -d '' usagetext <<ENDUSAGETEXT || true
83
usage: ${app_name} [options] <profile_dir>
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
  options:
     -A <application> Set an application name for the ISO
                      Default: '${iso_application}'
     -C <file>        pacman configuration file.
                      Default: '${pacman_conf}'
     -D <install_dir> Set an install_dir. All files will by located here.
                      Default: '${install_dir}'
                      NOTE: Max 8 characters, use only [a-z0-9]
     -L <label>       Set the ISO volume label
                      Default: '${iso_label}'
     -P <publisher>   Set the ISO publisher
                      Default: '${iso_publisher}'
     -g <gpg_key>     Set the GPG key to be used for signing the sqashfs image
     -h               This message
     -o <out_dir>     Set the output directory
                      Default: '${out_dir}'
100
101
     -p PACKAGE(S)    Package(s) to install.
                      Multiple packages are provided as quoted, space delimited list.
102
103
104
105
106
     -v               Enable verbose output
     -w <work_dir>    Set the working directory
                      Default: '${work_dir}'

  profile_dir:        Directory of the archiso profile to build
107
ENDUSAGETEXT
108
    printf '%s' "${usagetext}"
109
    exit "${1}"
110
111
}

112
# Shows configuration options.
113
_show_config() {
114
    local build_date
115
    build_date="$(date --utc --iso-8601=seconds -d "@${SOURCE_DATE_EPOCH}")"
116
    _msg_info "${app_name} configuration settings"
117
118
119
    _msg_info "             Architecture:   ${arch}"
    _msg_info "        Working directory:   ${work_dir}"
    _msg_info "   Installation directory:   ${install_dir}"
120
121
122
123
124
125
126
127
128
129
130
    _msg_info "               Build date:   ${build_date}"
    _msg_info "         Output directory:   ${out_dir}"
    _msg_info "                  GPG key:   ${gpg_key:-None}"
    _msg_info "                  Profile:   ${profile}"
    _msg_info "Pacman configuration file:   ${pacman_conf}"
    _msg_info "          Image file name:   ${img_name}"
    _msg_info "         ISO volume label:   ${iso_label}"
    _msg_info "            ISO publisher:   ${iso_publisher}"
    _msg_info "          ISO application:   ${iso_application}"
    _msg_info "               Boot modes:   ${bootmodes[*]}"
    _msg_info "                 Packages:   ${pkg_list[*]}"
131
132
}

133
# Cleanup airootfs
134
_cleanup_airootfs() {
135
    _msg_info "Cleaning up what we can on airootfs..."
136

137
    # Delete all files in /boot
138
    [[ -d "${airootfs_dir}/boot" ]] && find "${airootfs_dir}/boot" -mindepth 1 -delete
139
    # Delete pacman database sync cache files (*.tar.gz)
140
    [[ -d "${airootfs_dir}/var/lib/pacman" ]] && find "${airootfs_dir}/var/lib/pacman" -maxdepth 1 -type f -delete
141
    # Delete pacman database sync cache
142
    [[ -d "${airootfs_dir}/var/lib/pacman/sync" ]] && find "${airootfs_dir}/var/lib/pacman/sync" -delete
143
    # Delete pacman package cache
144
    [[ -d "${airootfs_dir}/var/cache/pacman/pkg" ]] && find "${airootfs_dir}/var/cache/pacman/pkg" -type f -delete
145
    # Delete all log files, keeps empty dirs.
146
    [[ -d "${airootfs_dir}/var/log" ]] && find "${airootfs_dir}/var/log" -type f -delete
147
    # Delete all temporary files and dirs
148
    [[ -d "${airootfs_dir}/var/tmp" ]] && find "${airootfs_dir}/var/tmp" -mindepth 1 -delete
149
    # Delete package pacman related files.
150
    find "${work_dir}" \( -name '*.pacnew' -o -name '*.pacsave' -o -name '*.pacorig' \) -delete
151
    # Create an empty /etc/machine-id
152
    printf '' > "${airootfs_dir}/etc/machine-id"
153
154

    _msg_info "Done!"
155
}
156

157
_run_mksquashfs() {
158
159
160
161
162
    # Set default mksquashfs options
    if (( ${#airootfs_image_tool_options[@]} < 1 )); then
        airootfs_image_tool_options=('-comp' 'xz')
    fi

163
164
165
    local image_path="${isofs_dir}/${install_dir}/${arch}/airootfs.sfs"
    if [[ "${quiet}" == "y" ]]; then
        mksquashfs "$@" "${image_path}" -noappend "${airootfs_image_tool_options[@]}" -no-progress > /dev/null
166
    else
167
        mksquashfs "$@" "${image_path}" -noappend "${airootfs_image_tool_options[@]}"
168
169
170
    fi
}

171
# Makes a ext4 filesystem inside a SquashFS from a source directory.
172
173
_mkairootfs_ext4+squashfs() {
    [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1
174

175
    _msg_info "Creating ext4 image of 32 GiB..."
176
    if [[ "${quiet}" == "y" ]]; then
177
        mkfs.ext4 -q -O '^has_journal,^resize_inode' -E 'lazy_itable_init=0' -m 0 -F -- "${airootfs_dir}.img" 32G
178
    else
179
        mkfs.ext4 -O '^has_journal,^resize_inode' -E 'lazy_itable_init=0' -m 0 -F -- "${airootfs_dir}.img" 32G
180
    fi
181
    tune2fs -c 0 -i 0 -- "${airootfs_dir}.img" > /dev/null
182
    _msg_info "Done!"
183
    _mount_airootfs
184
185
    _msg_info "Copying '${airootfs_dir}/' to '${work_dir}/mnt/airootfs/'..."
    cp -aT -- "${airootfs_dir}/" "${work_dir}/mnt/airootfs/"
186
    chown -- 0:0 "${work_dir}/mnt/airootfs/"
187
    _msg_info "Done!"
188
    _umount_airootfs
189
    install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
190
    _msg_info "Creating SquashFS image, this may take some time..."
191
    _run_mksquashfs "${airootfs_dir}.img"
192
    _msg_info "Done!"
193
    rm -- "${airootfs_dir}.img"
194
195
}

196
# Makes a SquashFS filesystem from a source directory.
197
198
_mkairootfs_squashfs() {
    [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1
199

200
    install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
201
    _msg_info "Creating SquashFS image, this may take some time..."
202
    _run_mksquashfs "${airootfs_dir}"
nl6720's avatar
nl6720 committed
203
204
205
206
207
208
209
210
211
212
213
214
215
}

# Makes an EROFS file system from a source directory.
_mkairootfs_erofs() {
    local fsuuid
    [[ -e "${airootfs_dir}" ]] || _msg_error "The path '${airootfs_dir}' does not exist" 1

    install -d -m 0755 -- "${isofs_dir}/${install_dir}/${arch}"
    local image_path="${isofs_dir}/${install_dir}/${arch}/airootfs.erofs"
    # Generate reproducible file system UUID from SOURCE_DATE_EPOCH
    fsuuid="$(uuidgen --sha1 --namespace 93a870ff-8565-4cf3-a67b-f47299271a96 --name "${SOURCE_DATE_EPOCH}")"
    _msg_info "Creating EROFS image, this may take some time..."
    mkfs.erofs -U "${fsuuid}" "${airootfs_image_tool_options[@]}" -- "${image_path}" "${airootfs_dir}"
216
217
218
    _msg_info "Done!"
}

219
_mkchecksum() {
220
    _msg_info "Creating checksum file for self-test..."
221
    cd -- "${isofs_dir}/${install_dir}/${arch}"
nl6720's avatar
nl6720 committed
222
223
224
225
226
    if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then
        sha512sum airootfs.sfs > airootfs.sha512
    elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then
        sha512sum airootfs.erofs > airootfs.sha512
    fi
227
    cd -- "${OLDPWD}"
228
    _msg_info "Done!"
229
230
}

231
232
_mksignature() {
    _msg_info "Signing SquashFS image..."
233
    cd -- "${isofs_dir}/${install_dir}/${arch}"
nl6720's avatar
nl6720 committed
234
235
236
237
238
    if [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs" ]]; then
        gpg --detach-sign --default-key "${gpg_key}" airootfs.sfs
    elif [[ -e "${isofs_dir}/${install_dir}/${arch}/airootfs.erofs" ]]; then
        gpg --detach-sign --default-key "${gpg_key}" airootfs.erofs
    fi
239
    cd -- "${OLDPWD}"
240
241
242
    _msg_info "Done!"
}

243
244
245
246
247
248
249
# Helper function to run functions only one time.
_run_once() {
    if [[ ! -e "${work_dir}/build.${1}" ]]; then
        "$1"
        touch "${work_dir}/build.${1}"
    fi
}
250

251
# Set up custom pacman.conf with custom cache and pacman hook directories
252
_make_pacman_conf() {
253
254
255
256
257
258
259
260
261
262
263
264
265
266
    local _cache_dirs _system_cache_dirs _profile_cache_dirs
    _system_cache_dirs="$(pacman-conf CacheDir| tr '\n' ' ')"
    _profile_cache_dirs="$(pacman-conf --config "${pacman_conf}" CacheDir| tr '\n' ' ')"

    # only use the profile's CacheDir, if it is not the default and not the same as the system cache dir
    if [[ "${_profile_cache_dirs}" != "/var/cache/pacman/pkg" ]] && \
        [[ "${_system_cache_dirs}" != "${_profile_cache_dirs}" ]]; then
        _cache_dirs="${_profile_cache_dirs}"
    else
        _cache_dirs="${_system_cache_dirs}"
    fi

    _msg_info "Copying custom pacman.conf to work directory..."
    _msg_info "Using pacman CacheDir: ${_cache_dirs}"
267
    # take the profile pacman.conf and strip all settings that would break in chroot when using pacman -r
268
269
    # append CacheDir and HookDir to [options] section
    # HookDir is *always* set to the airootfs' override directory
270
271
272
273
    # see `man 8 pacman` for further info
    pacman-conf --config "${pacman_conf}" | \
        sed "/CacheDir/d;/DBPath/d;/HookDir/d;/LogFile/d;/RootDir/d;/\[options\]/a CacheDir = ${_cache_dirs}
        /\[options\]/a HookDir = ${airootfs_dir}/etc/pacman.d/hooks/" > "${work_dir}/pacman.conf"
274
275
276
277
278
}

# Prepare working directory and copy custom airootfs files (airootfs)
_make_custom_airootfs() {
    local passwd=()
279
    local filename permissions
280
281
282

    install -d -m 0755 -o 0 -g 0 -- "${airootfs_dir}"

283
    if [[ -d "${profile}/airootfs" ]]; then
284
285
286
287
288
        _msg_info "Copying custom airootfs files..."
        cp -af --no-preserve=ownership,mode -- "${profile}/airootfs/." "${airootfs_dir}"
        # Set ownership and mode for files and directories
        for filename in "${!file_permissions[@]}"; do
            IFS=':' read -ra permissions <<< "${file_permissions["${filename}"]}"
289
            # Prevent file path traversal outside of $airootfs_dir
290
            if [[ "$(realpath -q -- "${airootfs_dir}${filename}")" != "${airootfs_dir}"* ]]; then
291
292
293
                _msg_error "Failed to set permissions on '${airootfs_dir}${filename}'. Outside of valid path." 1
            # Warn if the file does not exist
            elif [[ ! -e "${airootfs_dir}${filename}" ]]; then
294
                _msg_warning "Cannot change permissions of '${airootfs_dir}${filename}'. The file or directory does not exist."
295
            else
296
297
                chown -fh -- "${permissions[0]}:${permissions[1]}" "${airootfs_dir}${filename}"
                chmod -f -- "${permissions[2]}" "${airootfs_dir}${filename}"
298
299
            fi
        done
300
        _msg_info "Done!"
301
302
303
    fi
}

304
# Install desired packages to airootfs
305
_make_packages() {
306
307
    _msg_info "Installing packages to '${airootfs_dir}/'..."

308
309
310
311
    if [[ -n "${gpg_key}" ]]; then
        exec {ARCHISO_GNUPG_FD}<>"${work_dir}/pubkey.gpg"
        export ARCHISO_GNUPG_FD
    fi
312
313
314
315
316
317
318

    if [[ "${quiet}" = "y" ]]; then
        pacstrap -C "${work_dir}/pacman.conf" -c -G -M -- "${airootfs_dir}" "${pkg_list[@]}" &> /dev/null
    else
        pacstrap -C "${work_dir}/pacman.conf" -c -G -M -- "${airootfs_dir}" "${pkg_list[@]}"
    fi

319
320
321
322
    if [[ -n "${gpg_key}" ]]; then
        exec {ARCHISO_GNUPG_FD}<&-
        unset ARCHISO_GNUPG_FD
    fi
323
324

    _msg_info "Done! Packages installed successfully."
325
326
327
328
329
}

# Customize installation (airootfs)
_make_customize_airootfs() {
    local passwd=()
330

331
    if [[ -e "${profile}/airootfs/etc/passwd" ]]; then
332
        _msg_info "Copying /etc/skel/* to user homes..."
333
        while IFS=':' read -a passwd -r; do
334
            # Only operate on UIDs in range 1000–59999
335
            (( passwd[2] >= 1000 && passwd[2] < 60000 )) || continue
336
            # Skip invalid home directories
337
338
            [[ "${passwd[5]}" == '/' ]] && continue
            [[ -z "${passwd[5]}" ]] && continue
339
340
341
342
343
344
345
346
347
348
            # Prevent path traversal outside of $airootfs_dir
            if [[ "$(realpath -q -- "${airootfs_dir}${passwd[5]}")" == "${airootfs_dir}"* ]]; then
                if [[ ! -d "${airootfs_dir}${passwd[5]}" ]]; then
                    install -d -m 0750 -o "${passwd[2]}" -g "${passwd[3]}" -- "${airootfs_dir}${passwd[5]}"
                fi
                cp -dnRT --preserve=mode,timestamps,links -- "${airootfs_dir}/etc/skel/." "${airootfs_dir}${passwd[5]}"
                chmod -f 0750 -- "${airootfs_dir}${passwd[5]}"
                chown -hR -- "${passwd[2]}:${passwd[3]}" "${airootfs_dir}${passwd[5]}"
            else
                _msg_error "Failed to set permissions on '${airootfs_dir}${passwd[5]}'. Outside of valid path." 1
349
            fi
350
        done < "${profile}/airootfs/etc/passwd"
351
        _msg_info "Done!"
352
353
354
    fi

    if [[ -e "${airootfs_dir}/root/customize_airootfs.sh" ]]; then
355
        _msg_info "Running customize_airootfs.sh in '${airootfs_dir}' chroot..."
356
        _msg_warning "customize_airootfs.sh is deprecated! Support for it will be removed in a future archiso version."
357
        chmod -f -- +x "${airootfs_dir}/root/customize_airootfs.sh"
358
        eval -- arch-chroot "${airootfs_dir}" "/root/customize_airootfs.sh"
359
        rm -- "${airootfs_dir}/root/customize_airootfs.sh"
360
        _msg_info "Done! customize_airootfs.sh run successfully."
361
362
363
    fi
}

364
365
366
367
# Set up boot loaders
_make_bootmodes() {
    local bootmode
    for bootmode in "${bootmodes[@]}"; do
368
        _run_once "_make_bootmode_${bootmode}"
369
370
371
    done
}

372
# Prepare kernel/initramfs ${install_dir}/boot/
373
_make_boot_on_iso9660() {
374
    local ucode_image
Christian Hesse's avatar
Christian Hesse committed
375
    _msg_info "Preparing kernel and initramfs for the ISO 9660 file system..."
376
    install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/${arch}"
377
378
379
380
381
382
383
384
385
386
387
388
389
    install -m 0644 -- "${airootfs_dir}/boot/initramfs-"*".img" "${isofs_dir}/${install_dir}/boot/${arch}/"
    install -m 0644 -- "${airootfs_dir}/boot/vmlinuz-"* "${isofs_dir}/${install_dir}/boot/${arch}/"

    for ucode_image in {intel-uc.img,intel-ucode.img,amd-uc.img,amd-ucode.img,early_ucode.cpio,microcode.cpio}; do
        if [[ -e "${airootfs_dir}/boot/${ucode_image}" ]]; then
            install -m 0644 -- "${airootfs_dir}/boot/${ucode_image}" "${isofs_dir}/${install_dir}/boot/"
            if [[ -e "${airootfs_dir}/usr/share/licenses/${ucode_image%.*}/" ]]; then
                install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/licenses/${ucode_image%.*}/"
                install -m 0644 -- "${airootfs_dir}/usr/share/licenses/${ucode_image%.*}/"* \
                    "${isofs_dir}/${install_dir}/boot/licenses/${ucode_image%.*}/"
            fi
        fi
    done
390
    _msg_info "Done!"
391
392
}

nl6720's avatar
nl6720 committed
393
# Prepare /syslinux for booting from MBR
394
_make_bootmode_bios.syslinux.mbr() {
395
    _msg_info "Setting up SYSLINUX for BIOS booting from a disk..."
nl6720's avatar
nl6720 committed
396
    install -d -m 0755 -- "${isofs_dir}/syslinux"
397
398
    for _cfg in "${profile}/syslinux/"*.cfg; do
        sed "s|%ARCHISO_LABEL%|${iso_label}|g;
399
400
             s|%INSTALL_DIR%|${install_dir}|g;
             s|%ARCH%|${arch}|g" \
nl6720's avatar
nl6720 committed
401
             "${_cfg}" > "${isofs_dir}/syslinux/${_cfg##*/}"
402
    done
403
    if [[ -e "${profile}/syslinux/splash.png" ]]; then
nl6720's avatar
nl6720 committed
404
        install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/syslinux/"
405
    fi
nl6720's avatar
nl6720 committed
406
407
408
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/"*.c32 "${isofs_dir}/syslinux/"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/lpxelinux.0" "${isofs_dir}/syslinux/"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/memdisk" "${isofs_dir}/syslinux/"
409

410
    _run_once _make_boot_on_iso9660
411

nl6720's avatar
nl6720 committed
412
413
    if [[ -e "${isofs_dir}/syslinux/hdt.c32" ]]; then
        install -d -m 0755 -- "${isofs_dir}/syslinux/hdt"
414
415
        if [[ -e "${airootfs_dir}/usr/share/hwdata/pci.ids" ]]; then
            gzip -c -9 "${airootfs_dir}/usr/share/hwdata/pci.ids" > \
nl6720's avatar
nl6720 committed
416
                "${isofs_dir}/syslinux/hdt/pciids.gz"
417
418
        fi
        find "${airootfs_dir}/usr/lib/modules" -name 'modules.alias' -print -exec gzip -c -9 '{}' ';' -quit > \
nl6720's avatar
nl6720 committed
419
            "${isofs_dir}/syslinux/hdt/modalias.gz"
420
    fi
421
422
423
424
425

    # Add other aditional/extra files to ${install_dir}/boot/
    if [[ -e "${airootfs_dir}/boot/memtest86+/memtest.bin" ]]; then
        # rename for PXE: https://wiki.archlinux.org/index.php/Syslinux#Using_memtest
        install -m 0644 -- "${airootfs_dir}/boot/memtest86+/memtest.bin" "${isofs_dir}/${install_dir}/boot/memtest"
426
        install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/licenses/memtest86+/"
427
428
429
        install -m 0644 -- "${airootfs_dir}/usr/share/licenses/common/GPL2/license.txt" \
            "${isofs_dir}/${install_dir}/boot/licenses/memtest86+/"
    fi
430
    _msg_info "Done! SYSLINUX set up for BIOS booting from a disk successfully."
431
432
}

nl6720's avatar
nl6720 committed
433
# Prepare /syslinux for El-Torito booting
434
_make_bootmode_bios.syslinux.eltorito() {
435
    _msg_info "Setting up SYSLINUX for BIOS booting from an optical disc..."
nl6720's avatar
nl6720 committed
436
437
438
    install -d -m 0755 -- "${isofs_dir}/syslinux"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isolinux.bin" "${isofs_dir}/syslinux/"
    install -m 0644 -- "${airootfs_dir}/usr/lib/syslinux/bios/isohdpfx.bin" "${isofs_dir}/syslinux/"
439

nl6720's avatar
nl6720 committed
440
    # ISOLINUX and SYSLINUX installation is shared
441
    _run_once _make_bootmode_bios.syslinux.mbr
442
443

    _msg_info "Done! SYSLINUX set up for BIOS booting from an optical disc successfully."
444
445
446
}

# Prepare /EFI on ISO-9660
447
_make_efi_dir_on_iso9660() {
448
449
    _msg_info "Preparing an /EFI directory for the ISO 9660 file system..."
    install -d -m 0755 -- "${isofs_dir}/EFI/BOOT"
450
451
452
    install -m 0644 -- "${airootfs_dir}/usr/lib/systemd/boot/efi/systemd-bootx64.efi" \
        "${isofs_dir}/EFI/BOOT/BOOTx64.EFI"

453
    install -d -m 0755 -- "${isofs_dir}/loader/entries"
454
455
    install -m 0644 -- "${profile}/efiboot/loader/loader.conf" "${isofs_dir}/loader/"

456
457
458
459
460
461
    for _conf in "${profile}/efiboot/loader/entries/"*".conf"; do
        sed "s|%ARCHISO_LABEL%|${iso_label}|g;
             s|%INSTALL_DIR%|${install_dir}|g;
             s|%ARCH%|${arch}|g" \
            "${_conf}" > "${isofs_dir}/loader/entries/${_conf##*/}"
    done
462
463
464

    # edk2-shell based UEFI shell
    # shellx64.efi is picked up automatically when on /
465
466
467
    if [[ -e "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" ]]; then
        install -m 0644 -- "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" "${isofs_dir}/shellx64.efi"
    fi
468
    _msg_info "Done!"
469
470
}

471
472
# Prepare kernel/initramfs on efiboot.img
_make_boot_on_fat() {
473
    local ucode_image all_ucode_images=()
Christian Hesse's avatar
Christian Hesse committed
474
    _msg_info "Preparing kernel and initramfs for the FAT file system..."
475
    mmd -i "${work_dir}/efiboot.img" \
476
        "::/${install_dir}" "::/${install_dir}/boot" "::/${install_dir}/boot/${arch}"
477
    mcopy -i "${work_dir}/efiboot.img" "${airootfs_dir}/boot/vmlinuz-"* \
478
479
480
481
482
483
484
485
486
        "${airootfs_dir}/boot/initramfs-"*".img" "::/${install_dir}/boot/${arch}/"
    for ucode_image in \
        "${airootfs_dir}/boot/"{intel-uc.img,intel-ucode.img,amd-uc.img,amd-ucode.img,early_ucode.cpio,microcode.cpio}
    do
        if [[ -e "${ucode_image}" ]]; then
            all_ucode_images+=("${ucode_image}")
        fi
    done
    if (( ${#all_ucode_images[@]} )); then
487
        mcopy -i "${work_dir}/efiboot.img" "${all_ucode_images[@]}" "::/${install_dir}/boot/"
488
    fi
489
    _msg_info "Done!"
490
491
492
}

# Prepare efiboot.img::/EFI for EFI boot mode
493
_make_bootmode_uefi-x64.systemd-boot.esp() {
494
    local efiboot_imgsize="0"
495
    _msg_info "Setting up systemd-boot for UEFI booting..."
496

497
498
    # the required image size in KiB (rounded up to the next full MiB with an additional MiB for reserved sectors)
    efiboot_imgsize="$(du -bc \
499
500
501
502
503
504
        "${airootfs_dir}/usr/lib/systemd/boot/efi/systemd-bootx64.efi" \
        "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" \
        "${profile}/efiboot/" \
        "${airootfs_dir}/boot/vmlinuz-"* \
        "${airootfs_dir}/boot/initramfs-"*".img" \
        "${airootfs_dir}/boot/"{intel-uc.img,intel-ucode.img,amd-uc.img,amd-ucode.img,early_ucode.cpio,microcode.cpio} \
505
506
507
508
509
        2>/dev/null | awk 'function ceil(x){return int(x)+(x>int(x))}
            function byte_to_kib(x){return x/1024}
            function mib_to_kib(x){return x*1024}
            END {print mib_to_kib(ceil((byte_to_kib($1)+1024)/1024))}'
        )"
510
511
    # The FAT image must be created with mkfs.fat not mformat, as some systems have issues with mformat made images:
    # https://lists.gnu.org/archive/html/grub-devel/2019-04/msg00099.html
512
    [[ -e "${work_dir}/efiboot.img" ]] && rm -f -- "${work_dir}/efiboot.img"
513
    _msg_info "Creating FAT image of size: ${efiboot_imgsize} KiB..."
514
    mkfs.fat -C -n ARCHISO_EFI "${work_dir}/efiboot.img" "$efiboot_imgsize"
515

516
517
    mmd -i "${work_dir}/efiboot.img" ::/EFI ::/EFI/BOOT
    mcopy -i "${work_dir}/efiboot.img" \
518
        "${airootfs_dir}/usr/lib/systemd/boot/efi/systemd-bootx64.efi" ::/EFI/BOOT/BOOTx64.EFI
519

520
521
    mmd -i "${work_dir}/efiboot.img" ::/loader ::/loader/entries
    mcopy -i "${work_dir}/efiboot.img" "${profile}/efiboot/loader/loader.conf" ::/loader/
522
523
524
525
    for _conf in "${profile}/efiboot/loader/entries/"*".conf"; do
        sed "s|%ARCHISO_LABEL%|${iso_label}|g;
             s|%INSTALL_DIR%|${install_dir}|g;
             s|%ARCH%|${arch}|g" \
526
            "${_conf}" | mcopy -i "${work_dir}/efiboot.img" - "::/loader/entries/${_conf##*/}"
527
    done
528
529

    # shellx64.efi is picked up automatically when on /
530
    if [[ -e "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" ]]; then
531
        mcopy -i "${work_dir}/efiboot.img" \
532
            "${airootfs_dir}/usr/share/edk2-shell/x64/Shell_Full.efi" ::/shellx64.efi
533
534
535
    fi

    # Copy kernel and initramfs
536
    _make_boot_on_fat
537

538
    _msg_info "Done! systemd-boot set up for UEFI booting successfully."
539
540
}

541
# Prepare efiboot.img::/EFI for "El Torito" EFI boot mode
542
543
544
545
_make_bootmode_uefi-x64.systemd-boot.eltorito() {
    _run_once _make_bootmode_uefi-x64.systemd-boot.esp
    # Set up /EFI on ISO-9660 to allow preparing an installation medium by manually copying files
    _run_once _make_efi_dir_on_iso9660
546
547
}

548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
_validate_requirements_bootmode_bios.syslinux.mbr() {
    # bios.syslinux.mbr requires bios.syslinux.eltorito
    # shellcheck disable=SC2076
    if [[ ! " ${bootmodes[*]} " =~ ' bios.syslinux.eltorito ' ]]; then
        (( validation_error=validation_error+1 ))
        _msg_error "Using 'bios.syslinux.mbr' boot mode without 'bios.syslinux.eltorito' is not supported." 0
    fi

    # Check if the syslinux package is in the package list
    # shellcheck disable=SC2076
    if [[ ! " ${pkg_list[*]} " =~ ' syslinux ' ]]; then
        (( validation_error=validation_error+1 ))
        _msg_error "Validating '${bootmode}': The 'syslinux' package is missing from the package list!" 0
    fi

    # Check if syslinux configuration files exist
    if [[ ! -d "${profile}/syslinux" ]]; then
        (( validation_error=validation_error+1 ))
        _msg_error "Validating '${bootmode}': The '${profile}/syslinux' directory is missing!" 0
567
    else
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
        local cfgfile
        for cfgfile in "${profile}/syslinux/"*'.cfg'; do
            if [[ -e "${cfgfile}" ]]; then
                break
            else
                (( validation_error=validation_error+1 ))
                _msg_error "Validating '${bootmode}': No configuration file found in '${profile}/syslinux/'!" 0
            fi
        done
    fi

    # Check for optional packages
    # shellcheck disable=SC2076
    if [[ ! " ${pkg_list[*]} " =~ ' memtest86+ ' ]]; then
        _msg_info "Validating '${bootmode}': 'memtest86+' is not in the package list. Memmory testing will not be available from syslinux."
583
    fi
584
}
585

586
_validate_requirements_bootmode_bios.syslinux.eltorito() {
nl6720's avatar
nl6720 committed
587
    _validate_requirements_bootmode_bios.syslinux.mbr
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
}

_validate_requirements_bootmode_uefi-x64.systemd-boot.esp() {
    # Check if mkfs.fat is available
    if ! command -v mkfs.fat &> /dev/null; then
        (( validation_error=validation_error+1 ))
        _msg_error "Validating '${bootmode}': mkfs.fat is not available on this host. Install 'dosfstools'!" 0
    fi

    # Check if mmd and mcopy are available
    if ! { command -v mmd &> /dev/null && command -v mcopy &> /dev/null; }; then
        _msg_error "Validating '${bootmode}': mmd and/or mcopy are not available on this host. Install 'mtools'!" 0
    fi

    # Check if systemd-boot configuration files exist
    if [[ ! -d "${profile}/efiboot/loader/entries" ]]; then
        (( validation_error=validation_error+1 ))
        _msg_error "Validating '${bootmode}': The '${profile}/efiboot/loader/entries' directory is missing!" 0
    else
        if [[ ! -e "${profile}/efiboot/loader/loader.conf" ]]; then
            (( validation_error=validation_error+1 ))
            _msg_error "Validating '${bootmode}': File '${profile}/efiboot/loader/loader.conf' not found!" 0
        fi
        local conffile
        for conffile in "${profile}/efiboot/loader/entries/"*'.conf'; do
            if [[ -e "${conffile}" ]]; then
                break
            else
                (( validation_error=validation_error+1 ))
                _msg_error "Validating '${bootmode}': No configuration file found in '${profile}/efiboot/loader/entries/'!" 0
            fi
        done
    fi

    # Check for optional packages
    # shellcheck disable=SC2076
    if [[ ! " ${pkg_list[*]} " =~ ' edk2-shell ' ]]; then
        _msg_info "'edk2-shell' is not in the package list. The ISO will not contain a bootable UEFI shell."
    fi
}

_validate_requirements_bootmode_uefi-x64.systemd-boot.eltorito() {
    # uefi-x64.systemd-boot.eltorito has the exact same requirements as uefi-x64.systemd-boot.esp
    _validate_requirements_bootmode_uefi-x64.systemd-boot.esp
}

# Build airootfs filesystem image
_prepare_airootfs_image() {
    _run_once "_mkairootfs_${airootfs_image_type}"
637
    _mkchecksum
David Runge's avatar
David Runge committed
638
639
640
    if [[ -n "${gpg_key}" ]]; then
        _mksignature
    fi
641
642
}

643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
_validate_requirements_airootfs_image_type_squashfs() {
    if ! command -v mksquashfs &> /dev/null; then
        (( validation_error=validation_error+1 ))
        _msg_error "Validating '${airootfs_image_type}': mksquashfs is not available on this host. Install 'squashfs-tools'!" 0
    fi
}

_validate_requirements_airootfs_image_type_ext4+squashfs() {
    if ! { command -v mkfs.ext4 &> /dev/null && command -v tune2fs &> /dev/null; }; then
        (( validation_error=validation_error+1 ))
        _msg_error "Validating '${airootfs_image_type}': mkfs.ext4 and/or tune2fs is not available on this host. Install 'e2fsprogs'!" 0
    fi
    _validate_requirements_airootfs_image_type_squashfs
}

nl6720's avatar
nl6720 committed
658
659
660
661
662
663
664
_validate_requirements_airootfs_image_type_erofs() {
    if ! command -v mkfs.erofs; then
        (( validation_error=validation_error+1 ))
        _msg_error "Validating '${airootfs_image_type}': mkfs.erofs is not available on this host. Install 'erofs-utils'!" 0
    fi
}

665
666
667
668
# SYSLINUX El Torito
_add_xorrisofs_options_bios.syslinux.eltorito() {
    xorrisofs_options+=(
        # El Torito boot image for x86 BIOS
nl6720's avatar
nl6720 committed
669
        '-eltorito-boot' 'syslinux/isolinux.bin'
670
        # El Torito boot catalog file
nl6720's avatar
nl6720 committed
671
        '-eltorito-catalog' 'syslinux/boot.cat'
672
673
674
675
676
677
678
679
        # Required options to boot with ISOLINUX
        '-no-emul-boot' '-boot-load-size' '4' '-boot-info-table'
    )
}

# SYSLINUX MBR
_add_xorrisofs_options_bios.syslinux.mbr() {
    xorrisofs_options+=(
nl6720's avatar
nl6720 committed
680
681
        # SYSLINUX MBR bootstrap code; does not work without "-eltorito-boot syslinux/isolinux.bin"
        '-isohybrid-mbr' "${isofs_dir}/syslinux/isohdpfx.bin"
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
        # When GPT is used, create an additional partition in the MBR (besides 0xEE) for sectors 0–1 (MBR
        # bootstrap code area) and mark it as bootable
        # This violates the UEFI specification, but may allow booting on some systems
        # https://wiki.archlinux.org/index.php/Partitioning#Tricking_old_BIOS_into_booting_from_GPT
        '--mbr-force-bootable'
        # Set the ISO 9660 partition's type to "Linux filesystem data"
        # When only MBR is present, the partition type ID will be 0x83 "Linux" as xorriso translates all
        # GPT partition type GUIDs except for the ESP GUID to MBR type ID 0x83
        '-iso_mbr_part_type' '0FC63DAF-8483-4772-8E79-3D69D8477DE4'
        # Move the first partition away from the start of the ISO to match the expectations of partition
        # editors
        # May allow booting on some systems
        # https://dev.lovelyhq.com/libburnia/libisoburn/src/branch/master/doc/partition_offset.wiki
        '-partition_offset' '16'
    )
}

# systemd-boot in an attached EFI system partition
_add_xorrisofs_options_uefi-x64.systemd-boot.esp() {
    # Move the first partition away from the start of the ISO, otherwise the GPT will not be valid and ISO 9660
    # partition will not be mountable
    # shellcheck disable=SC2076
    [[ " ${xorrisofs_options[*]} " =~ ' -partition_offset ' ]] || xorrisofs_options+=('-partition_offset' '16')
    xorrisofs_options+=(
        # Attach efiboot.img as a second partition and set its partition type to "EFI system partition"
        '-append_partition' '2' 'C12A7328-F81F-11D2-BA4B-00A0C93EC93B' "${work_dir}/efiboot.img"
        # Ensure GPT is used as some systems do not support UEFI booting without it
        '-appended_part_as_gpt'
    )
}

# systemd-boot via El Torito
_add_xorrisofs_options_uefi-x64.systemd-boot.eltorito() {
    # shellcheck disable=SC2076
    if [[ " ${bootmodes[*]} " =~ ' uefi-x64.systemd-boot.esp ' ]]; then
        # systemd-boot in an attached EFI system partition via El Torito
        xorrisofs_options+=(
            # Start a new El Torito boot entry for UEFI
            '-eltorito-alt-boot'
            # Set the second partition as the El Torito UEFI boot image
            '-e' '--interval:appended_partition_2:all::'
            # Boot image is not emulating floppy or hard disk; required for all known boot loaders
            '-no-emul-boot'
        )
    else
        # The ISO will not contain a GPT partition table, so to be able to reference efiboot.img, place it as a
        # file inside the ISO 9660 file system
        install -d -m 0755 -- "${isofs_dir}/EFI/archiso"
        cp -a -- "${work_dir}/efiboot.img" "${isofs_dir}/EFI/archiso/efiboot.img"
        # systemd-boot in an embedded efiboot.img via El Torito
        xorrisofs_options+=(
            # Start a new El Torito boot entry for UEFI
            '-eltorito-alt-boot'
            # Set efiboot.img as the El Torito UEFI boot image
            '-e' 'EFI/archiso/efiboot.img'
            # Boot image is not emulating floppy or hard disk; required for all known boot loaders
            '-no-emul-boot'
        )
    fi
    # Specify where to save the El Torito boot catalog file in case it is not already set by bios.syslinux.eltorito
    # shellcheck disable=SC2076
    [[ " ${bootmodes[*]} " =~ ' bios.' ]] || xorrisofs_options+=('-eltorito-catalog' 'EFI/boot.cat')
}

746
# Build ISO
747
_build_iso() {
748
    local xorrisofs_options=()
749
    local bootmode
750

751
752
    [[ -d "${out_dir}" ]] || install -d -- "${out_dir}"

753
    [[ "${quiet}" == "y" ]] && xorrisofs_options+=('-quiet')
754

755
756
757
758
    # Add required xorrisofs options for each boot mode
    for bootmode in "${bootmodes[@]}"; do
        typeset -f "_add_xorrisofs_options_${bootmode}" &> /dev/null && "_add_xorrisofs_options_${bootmode}"
    done
759
760
761
762
763

    _msg_info "Creating ISO image..."
    xorriso -as mkisofs \
            -iso-level 3 \
            -full-iso9660-filenames \
nl6720's avatar
nl6720 committed
764
765
            -joliet \
            -joliet-long \
766
767
768
769
770
771
772
773
            -rational-rock \
            -volid "${iso_label}" \
            -appid "${iso_application}" \
            -publisher "${iso_publisher}" \
            -preparer "prepared by ${app_name}" \
            "${xorrisofs_options[@]}" \
            -output "${out_dir}/${img_name}" \
            "${isofs_dir}/"
774
775
    _msg_info "Done!"
    du -h -- "${out_dir}/${img_name}"
776
777
778
}

# Read profile's values from profiledef.sh
779
_read_profile() {
780
781
782
783
784
785
786
787
    if [[ -z "${profile}" ]]; then
        _msg_error "No profile specified!" 1
    fi
    if [[ ! -d "${profile}" ]]; then
        _msg_error "Profile '${profile}' does not exist!" 1
    elif [[ ! -e "${profile}/profiledef.sh" ]]; then
        _msg_error "Profile '${profile}' is missing 'profiledef.sh'!" 1
    else
788
789
        cd -- "${profile}"

790
791
792
793
        # Source profile's variables
        # shellcheck source=configs/releng/profiledef.sh
        . "${profile}/profiledef.sh"

794
795
796
        # Resolve paths of files that are expected to reside in the profile's directory
        [[ -n "$packages" ]] || packages="${profile}/packages.${arch}"
        packages="$(realpath -- "${packages}")"
797
798
799
        pacman_conf="$(realpath -- "${pacman_conf}")"

        cd -- "${OLDPWD}"
800
801
    fi
}
802

803
804
805
806
807
808
809
810
811
812
# Validate set options
_validate_options() {
    local validation_error=0 bootmode
    local pkg_list_from_file=()
    _msg_info "Validating options..."
    # Check if the package list file exists and read packages from it
    if [[ -e "${packages}" ]]; then
        mapfile -t pkg_list_from_file < <(sed '/^[[:blank:]]*#.*/d;s/#.*//;/^[[:blank:]]*$/d' "${packages}")
        pkg_list+=("${pkg_list_from_file[@]}")
        if (( ${#pkg_list_from_file} < 1 )); then
813
            (( validation_error=validation_error+1 ))
814
            _msg_error "No package specified in '${packages}'." 0
815
        fi
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
    else
        (( validation_error=validation_error+1 ))
        _msg_error "File '${packages}' does not exist." 0

    fi

    # Check if pacman configuration file exists
    if [[ ! -e "${pacman_conf}" ]]; then
        (( validation_error=validation_error+1 ))
        _msg_error "File '${pacman_conf}' does not exist." 0
    fi
    # Check if the specified bootmodes are supported
    for bootmode in "${bootmodes[@]}"; do
        if typeset -f "_make_bootmode_${bootmode}" &> /dev/null; then
            if typeset -f "_validate_requirements_bootmode_${bootmode}" &> /dev/null; then
                "_validate_requirements_bootmode_${bootmode}"
832
            else
833
                _msg_warning "Function '_validate_requirements_bootmode_${bootmode}' does not exist. Validating the requirements of '${bootmode}' boot mode will not be possible."
834
835
836
            fi
        else
            (( validation_error=validation_error+1 ))
837
            _msg_error "${bootmode} is not a valid boot mode!" 0
838
        fi
839
840
841
842
843
844
845
    done
    # Check if the specified airootfs_image_type is supported
    if typeset -f "_mkairootfs_${airootfs_image_type}" &> /dev/null; then
        if typeset -f "_validate_requirements_airootfs_image_type_${airootfs_image_type}" &> /dev/null; then
            "_validate_requirements_airootfs_image_type_${airootfs_image_type}"
        else
            _msg_warning "Function '_validate_requirements_airootfs_image_type_${airootfs_image_type}' does not exist. Validating the requirements of '${airootfs_image_type}' airootfs image type will not be possible."
846
        fi
847
848
849
850
851
852
    else
        (( validation_error=validation_error+1 ))
        _msg_error "Unsupported image type: '${airootfs_image_type}'" 0
    fi
    if (( validation_error )); then
        _msg_error "${validation_error} errors were encountered while validating the profile. Aborting." 1
853
    fi
David Runge's avatar
David Runge committed
854
    _msg_info "Done!"
855
856
}

857
# Set defaults and, if present, overrides from mkarchiso command line option parameters
858
_set_overrides() {
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
    # Set variables that have command line overrides
    if [[ -v override_work_dir ]]; then
        work_dir="$override_work_dir"
    elif [[ -z "$work_dir" ]]; then
        work_dir='./work'
    fi
    work_dir="$(realpath -- "$work_dir")"
    if [[ -v override_out_dir ]]; then
        out_dir="$override_out_dir"
    elif [[ -z "$out_dir" ]]; then
        out_dir='./out'
    fi
    out_dir="$(realpath -- "$out_dir")"
    if [[ -v override_pacman_conf ]]; then
        pacman_conf="$override_pacman_conf"
    elif [[ -z "$pacman_conf" ]]; then
        pacman_conf="/etc/pacman.conf"
    fi
    pacman_conf="$(realpath -- "$pacman_conf")"
    [[ ! -v override_pkg_list ]] || pkg_list+=("${override_pkg_list[@]}")
    if [[ -v override_iso_label ]]; then
        iso_label="$override_iso_label"
    elif [[ -z "$iso_label" ]]; then
        iso_label="${app_name^^}"
    fi
    if [[ -v override_iso_publisher ]]; then
        iso_publisher="$override_iso_publisher"
    elif [[ -z "$iso_publisher" ]]; then
        iso_publisher="${app_name}"
    fi
    if [[ -v override_iso_application ]]; then
        iso_application="$override_iso_application"
    elif [[ -z "$iso_application" ]]; then
        iso_application="${app_name} iso"
    fi
    if [[ -v override_install_dir ]]; then
        install_dir="$override_install_dir"
    elif [[ -z "$install_dir" ]]; then
        install_dir="${app_name}"
    fi
    [[ ! -v override_gpg_key ]] || gpg_key="$override_gpg_key"
    if [[ -v override_quiet ]]; then
        quiet="$override_quiet"
    elif [[ -z "$quiet" ]]; then
        quiet="y"
    fi

    # Set variables that do not have overrides
    [[ -n "$arch" ]] || arch="$(uname -m)"
    [[ -n "$airootfs_image_type" ]] || airootfs_image_type="squashfs"
    [[ -n "$iso_name" ]] || iso_name="${app_name}"
    [[ -n "$img_name" ]] || img_name="${iso_name}-${iso_version}-${arch}.iso"
911
912
}

913
_export_gpg_publickey() {
914
    gpg --batch --output "${work_dir}/pubkey.gpg" --export "${gpg_key}"
915
916
}

917
918
919
920
921
922
923
924
925
_make_version() {
    install -d -m 0755 -- "${isofs_dir}/${install_dir}"
    _msg_info "Creating files with iso version..."
    printf '%s\n' "${iso_version}" > "${airootfs_dir}/version"
    printf '%s\n' "${iso_version}" > "${isofs_dir}/${install_dir}/version"
    printf '%.1024s' "$(printf '# GRUB Environment Block\nVERSION=%s\n%s' "${iso_version}" \
        "$(printf '%0.1s' "#"{1..1024})")" > "${isofs_dir}/${install_dir}/grubenv"
    _msg_info "Done!"
}
926
927

_make_pkglist() {
928
    install -d -m 0755 -- "${isofs_dir}/${install_dir}"
929
    _msg_info "Creating a list of installed packages on live-enviroment..."
930
    pacman -Q --sysroot "${airootfs_dir}" > "${isofs_dir}/${install_dir}/pkglist.${arch}.txt"
931
    _msg_info "Done!"
932
}
933

934
_build_profile() {
935
936
    # Set up essential directory paths
    airootfs_dir="${work_dir}/${arch}/airootfs"
937
    isofs_dir="${work_dir}/iso"
938
939
    # Create working directory
    [[ -d "${work_dir}" ]] || install -d -- "${work_dir}"
940
941
942
943
944
945
    # Write build date to file or if the file exists, read it from there
    if [[ -e "${work_dir}/build_date" ]]; then
        SOURCE_DATE_EPOCH="$(<"${work_dir}/build_date")"
    else
        printf '%s\n' "$SOURCE_DATE_EPOCH" > "${work_dir}/build_date"
    fi
946

947
    [[ "${quiet}" == "y" ]] || _show_config
948
    _run_once _make_pacman_conf
949
    [[ -z "${gpg_key}" ]] || _run_once _export_gpg_publickey
950
951
    _run_once _make_custom_airootfs
    _run_once _make_packages
952
    _run_once _make_version
953
954
    _run_once _make_customize_airootfs
    _run_once _make_pkglist
955
    _make_bootmodes
956
957
958
    _run_once _cleanup_airootfs
    _run_once _prepare_airootfs_image
    _run_once _build_iso
959
960
}

961
while getopts 'p:C:L:P:A:D:w:o:g:vh?' arg; do
962
    case "${arg}" in
963
964
        p) read -r -a override_pkg_list <<< "${OPTARG}" ;;
        C) override_pacman_conf="${OPTARG}" ;;
965
966
967
968
        L) override_iso_label="${OPTARG}" ;;
        P) override_iso_publisher="${OPTARG}" ;;
        A) override_iso_application="${OPTARG}" ;;
        D) override_install_dir="${OPTARG}" ;;
969
970
        w) override_work_dir="${OPTARG}" ;;
        o) override_out_dir="${OPTARG}" ;;
971
        g) override_gpg_key="${OPTARG}" ;;
972
        v) override_quiet="n" ;;
973
974
975
976
977
978
979
980
        h|?) _usage 0 ;;
        *)
            _msg_error "Invalid argument '${arg}'" 0
            _usage 1
            ;;
    esac
done

981
982
983
shift $((OPTIND - 1))

if (( $# < 1 )); then
984
    _msg_error "No profile specified" 0
985
986
987
    _usage 1
fi

988
989
990
991
if (( EUID != 0 )); then
    _msg_error "${app_name} must be run as root." 1
fi

992
993
# get the absolute path representation of the first non-option argument
profile="$(realpath -- "${1}")"
994

995
996
_read_profile
_set_overrides
997
_validate_options
998
_build_profile
999
1000

# vim:ts=4:sw=4:et: