r00t2/bdisk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Compare commits

base: r00t2:v3.08
Branches Tags
r00t2:master r00t2:4.x_rewrite r00t2:features r00t2:bash_OBSOLETE r00t2:python_rewrite
r00t2:v3.10 r00t2:v3.09 r00t2:v3.08 r00t2:v3.07 r00t2:v3.06 r00t2:v3.05 r00t2:v3.04 r00t2:v3.03 r00t2:v3.03-BETA r00t2:v3.02 r00t2:v3.01 r00t2:v3.00 r00t2:v3.00-BETA r00t2:v2.70 r00t2:v2.63 r00t2:v2.62 r00t2:v2.61 r00t2:v2.60 r00t2:v2.51 r00t2:v2.50 r00t2:v2.01 r00t2:v2.00 r00t2:v1.60 r00t2:v1.52 r00t2:v1.51 r00t2:v1.50 r00t2:v1.20 r00t2:v1.13 r00t2:v1.12 r00t2:v1.11 r00t2:v1.10 r00t2:v1.09 r00t2:v1.08 r00t2:OverlayFS r00t2:v1.07-ALPHA r00t2:v1.06-BETA r00t2:AUFS3 r00t2:v1.05 r00t2:v1.04 r00t2:v1.03 r00t2:v1.02 r00t2:v1.01 r00t2:v1.00 r00t2:v0.06-ALPHA r00t2:v0.05-ALPHA r00t2:v0.04-ALPHA r00t2:v0.03-ALPHA r00t2:v0.02-ALPHA r00t2:v0.01-ALPHA
..
compare: r00t2:v3.09
Branches Tags
r00t2:4.x_rewrite r00t2:master r00t2:features r00t2:bash_OBSOLETE r00t2:python_rewrite
r00t2:v3.10 r00t2:v3.09 r00t2:v3.08 r00t2:v3.07 r00t2:v3.06 r00t2:v3.05 r00t2:v3.04 r00t2:v3.03 r00t2:v3.03-BETA r00t2:v3.02 r00t2:v3.01 r00t2:v3.00 r00t2:v3.00-BETA r00t2:v2.70 r00t2:v2.63 r00t2:v2.62 r00t2:v2.61 r00t2:v2.60 r00t2:v2.51 r00t2:v2.50 r00t2:v2.01 r00t2:v2.00 r00t2:v1.60 r00t2:v1.52 r00t2:v1.51 r00t2:v1.50 r00t2:v1.20 r00t2:v1.13 r00t2:v1.12 r00t2:v1.11 r00t2:v1.10 r00t2:v1.09 r00t2:v1.08 r00t2:OverlayFS r00t2:v1.07-ALPHA r00t2:v1.06-BETA r00t2:AUFS3 r00t2:v1.05 r00t2:v1.04 r00t2:v1.03 r00t2:v1.02 r00t2:v1.01 r00t2:v1.00 r00t2:v0.06-ALPHA r00t2:v0.05-ALPHA r00t2:v0.04-ALPHA r00t2:v0.03-ALPHA r00t2:v0.02-ALPHA r00t2:v0.01-ALPHA

3 Commits
v3.08 ... v3.09

Author SHA1 Message Date
r00t
614c1b3e6f update to remain compatible with https://lists.archlinux.org/pipermail/arch-releng/2017-October/003796.html 2017-10-16 03:25:47 -04:00
r00t
80d5d127ca doc additions, TODO update 2017-10-01 12:09:14 -04:00
r00t
c10ceaa225 support for user-specified build.ini. untested. should probably then modify te config parser to search for a config if this is set to None, not to /etc/bdisk/build.ini. 2017-09-30 05:15:52 -04:00
6 changed files with 39 additions and 13 deletions
Expand all files Collapse all files

31
bdisk/bdisk.py
View File

@@ -1,4 +1,6 @@
#!/bin/env python3 #!/bin/env python3
import argparse
import host import host
import prep import prep
import bchroot import bchroot
@@ -10,15 +12,15 @@ import bsync
import bGPG import bGPG
import os import os
# we need to:
# we also need to figure out how to implement "mentos" (old bdisk) like functionality, letting us reuse an existing chroot install if possible to save time for future builds. def bdisk(args):
# if not, though, it's no big deal. # we also need to figure out how to implement "mentos" (old bdisk) like functionality, letting us reuse an
# still on the todo: iPXE # existing chroot install if possible to save time for future builds.
if __name__ == '__main__': # if not, though, it's no big deal.
if os.getuid() != 0: if os.getuid() != 0:
exit('{0}: ERROR: BDisk *must* be run as the root user or with sudo!'.format(datetime.datetime.now())) exit('{0}: ERROR: BDisk *must* be run as the root user or with sudo!'.format(datetime.datetime.now()))
print('{0}: Starting.'.format(datetime.datetime.now())) print('{0}: Starting.'.format(datetime.datetime.now()))
conf = host.parseConfig(host.getConfig())[1] conf = host.parseConfig(host.getConfig(conf_file = args['buildini']))[1]
prep.dirChk(conf) prep.dirChk(conf)
conf['gpgobj'] = bGPG.genGPG(conf) conf['gpgobj'] = bGPG.genGPG(conf)
prep.buildChroot(conf, keep = False) prep.buildChroot(conf, keep = False)
@@ -50,3 +52,20 @@ if __name__ == '__main__':
bsync.git(conf) bsync.git(conf)
bsync.rsync(conf) bsync.rsync(conf)
print('{0}: Finish.'.format(datetime.datetime.now())) print('{0}: Finish.'.format(datetime.datetime.now()))
def parseArgs():
args = argparse.ArgumentParser(description = 'BDisk - a tool for building live/rescue media.',
epilog = 'brent s. || 2017 || https://bdisk.square-r00t.net')
args.add_argument('buildini',
metavar = '/path/to/build.ini',
default = '/etc/bdisk/build.ini',
nargs = '?',
help = 'The full/absolute path to the build.ini to use for this run. The default is /etc/bdisk/build.ini, but see https://bdisk.square-r00t.net/#the_code_build_ini_code_file.')
return(args)
def main():
args = vars(parseArgs().parse_args())
bdisk(args)
if __name__ == '__main__':
main()

4
bdisk/bsync.py
View File

@@ -32,7 +32,7 @@ def http(conf):
datetime.datetime.now(), datetime.datetime.now(),
httpdir)) httpdir))
for a in arch: for a in arch:
for i in ('md5', 'sfs', 'sha256'): for i in ('md5', 'sfs', 'sha256', 'sha512'):
httpfiles['{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)] = '{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i) httpfiles['{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)] = '{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)
httpfiles['VERSION_INFO.txt'] = 'VERSION_INFO.txt' httpfiles['VERSION_INFO.txt'] = 'VERSION_INFO.txt'
if 'x86_64' in arch: if 'x86_64' in arch:
@@ -81,7 +81,7 @@ def tftp(conf):
datetime.datetime.now(), datetime.datetime.now(),
tftpdir)) tftpdir))
for a in arch: for a in arch:
for i in ('md5', 'sfs', 'sha256'): for i in ('md5', 'sfs', 'sha256', 'sha512'):
tftpfiles['{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)] = '{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i) tftpfiles['{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)] = '{0}/{1}/airootfs.{2}'.format(bdisk['name'], a, i)
tftpfiles['VERSION_INFO.txt'] = 'VERSION_INFO.txt' tftpfiles['VERSION_INFO.txt'] = 'VERSION_INFO.txt'
if 'x86_64' in arch: if 'x86_64' in arch:

9
bdisk/build.py
View File

@@ -21,6 +21,7 @@ def genImg(conf):
basedir = build['basedir'] basedir = build['basedir']
prepdir = build['prepdir'] prepdir = build['prepdir']
hashes = {} hashes = {}
hashes['sha512'] = {}
hashes['sha256'] = {} hashes['sha256'] = {}
hashes['md5'] = {} hashes['md5'] = {}
squashfses = [] squashfses = []
@@ -52,9 +53,10 @@ def genImg(conf):
humanize.naturalsize( humanize.naturalsize(
os.path.getsize(squashimg)))) os.path.getsize(squashimg))))
# Generate the checksum files # Generate the checksum files
print("{0}: [BUILD] Generating SHA256, MD5 checksums ({1})...".format( print("{0}: [BUILD] Generating SHA512 SHA256, MD5 checksums ({1})...".format(
datetime.datetime.now(), datetime.datetime.now(),
squashimg)) squashimg))
hashes['sha512'][a] = hashlib.sha512()
hashes['sha256'][a] = hashlib.sha256() hashes['sha256'][a] = hashlib.sha256()
hashes['md5'][a] = hashlib.md5() hashes['md5'][a] = hashlib.md5()
with open(squashimg, 'rb') as f: with open(squashimg, 'rb') as f:
@@ -63,8 +65,11 @@ def genImg(conf):
if not stream: if not stream:
break break
# NOTE: these items are hashlib objects, NOT strings! # NOTE: these items are hashlib objects, NOT strings!
hashes['sha512'][a].update(stream)
hashes['sha256'][a].update(stream) hashes['sha256'][a].update(stream)
hashes['md5'][a].update(stream) hashes['md5'][a].update(stream)
with open(airoot + 'airootfs.sha512', 'w+') as f:
f.write("{0} airootfs.sfs\n".format(hashes['sha512'][a].hexdigest()))
with open(airoot + 'airootfs.sha256', 'w+') as f: with open(airoot + 'airootfs.sha256', 'w+') as f:
f.write("{0} airootfs.sfs\n".format(hashes['sha256'][a].hexdigest())) f.write("{0} airootfs.sfs\n".format(hashes['sha256'][a].hexdigest()))
with open(airoot + 'airootfs.md5', 'w+') as f: with open(airoot + 'airootfs.md5', 'w+') as f:

2
docs/TODO
View File

@@ -1,5 +1,5 @@
-investigate weird signing issue- if you specify a key to sign with, it appears that the squashed images (at least in the http dir) doesn't have a sig/asc. do they need to copy it over? or is it not even signing them? -investigate weird signing issue- if you specify a key to sign with, it appears that the squashed images (at least in the http dir) doesn't have a sig/asc. do they need to copy it over? or is it not even signing them?
-allow specifying explicit (path to) build.ini -switch from python-pygpgme to python-gpgme for better performance. also clean up bGPG in general; reference KANT.
-i_am_a_racecar optimizations -i_am_a_racecar optimizations
- different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411 - different distro guests (debian, etc.)- https://stackoverflow.com/questions/2349991/python-how-to-import-other-python-files/20749411#20749411

2
docs/manual/user/GETTING_STARTED.adoc
View File

@@ -64,6 +64,8 @@ While not strictly necessary, these will greatly enhance your BDisk usage. I've
NOTE: If you do not wish to install any of these or cannot install them, be sure to disable the relevant options in the `build.ini` file (we'll talk about that later). The default `extra/dist.build.ini` should be sane enough to not require any of these. NOTE: If you do not wish to install any of these or cannot install them, be sure to disable the relevant options in the `build.ini` file (we'll talk about that later). The default `extra/dist.build.ini` should be sane enough to not require any of these.
* http://cdrtools.sourceforge.net/private/cdrecord.html[cdrtools^]
** Needed for building iPXE.
* http://gcc.gnu.org[gcc (multilib)^] (>=6.x) * http://gcc.gnu.org[gcc (multilib)^] (>=6.x)
** Needed for building iPXE. ** Needed for building iPXE.
* http://gcc.gnu.org[gcc-libs (multilib)^] (>=6.x) * http://gcc.gnu.org[gcc-libs (multilib)^] (>=6.x)

4
docs/manual/user/advanced/SSH.adoc
View File

@@ -17,7 +17,7 @@ First, create a file: `<basedir>/overlay/etc/ssh/sshd_config` using the followin
Subsystem sftp /usr/lib/ssh/sftp-server Subsystem sftp /usr/lib/ssh/sftp-server
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
We'll also want to implement a more secure `ssh_config` file to avoid possible leaks. The following is `<basedir>/overlay/etc/ssh/ssh_config`: We'll also want to implement a more secure `ssh_config` file to avoid possible leaks. The following is `<basedir>/overlay/etc/ssh/ssh_config`:
@@ -28,7 +28,7 @@ We'll also want to implement a more secure `ssh_config` file to avoid possible l
PubkeyAuthentication yes PubkeyAuthentication yes
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
We'll want to create our own moduli. This can take a long time, but only needs to be done once -- it doesn't need to be done for every build. The following commands should be run in `<basedir>/overlay/etc/ssh/`: We'll want to create our own moduli. This can take a long time, but only needs to be done once -- it doesn't need to be done for every build. The following commands should be run in `<basedir>/overlay/etc/ssh/`: