Re: foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation

To: debian-embedded@lists.debian.org
Subject: Re: foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation
From: Stappers <stappers@stappers.nl>
Date: Thu, 16 Jun 2011 19:15:35 +0200
Message-id: <[🔎] 20110616171535.GW17838@gpm.stappers.nl>
In-reply-to: <[🔎] 1582353999.615687.1308213601569.JavaMail.fmail@mwmweb024>
References: <[🔎] 1582353999.615687.1308213601569.JavaMail.fmail@mwmweb024>

On Thu, Jun 16, 2011 at 10:40:01AM +0200, Johannes Schauer wrote:
> hi,
> 
> as a follow up for "fakechroot + qemu user emulation" in january 2011 and my
> solution explained in "fakechroot + qemu user emulation (it works now)" in
> april 2011 and by the request of wookey who suggested I should post it here,
> let me just paste the links to four scripts of mine.
> 
> notioninkadam: http://mister-muffin.de/p/_8K5
> touchbook: http://mister-muffin.de/p/9nQ4
> openmoko: http://mister-muffin.de/p/wFep
> kirkwood: http://mister-muffin.de/p/l0U_

The openmoko one for further (in-line) discussion
fetched with `wget -O - openmoko: http://mister-muffin.de/p/wFep`

--2011-06-16 19:09:47--  http://mister-muffin.de/p/wFep
Herleiden van mister-muffin.de... 62.75.187.73
Verbinding maken met mister-muffin.de|62.75.187.73|:80... verbonden.
HTTP-verzoek is verzonden; wachten op antwoord... 200 OK
Lengte: 5838 (5,7K) [text/plain]
Wordt geschreven naar: `STDOUT'
#!/bin/sh -ex

if [ "$LOGNAME" = "root" ] \
|| [ "$USER" = "root" ] \
|| [ "$USERNAME" = "root" ] \
|| [ "$SUDO_COMMAND" != "" ] \
|| [ "$SUDO_USER" != "" ] \
|| [ "$SUDO_UID" != "" ] \
|| [ "$SUDO_GID" != "" ]; then
	echo "don't run this script as root - there is no need to"
	exit
fi

if [ "$FAKEROOTKEY" = "" ]; then
        echo "re-executing script inside fakeroot"
        fakeroot $0;
        exit
fi

DIST="sid"
ROOTDIR="debian-$DIST-multistrap"
MIRROR="http://127.0.0.1:3142/ftp.de.debian.org/debian";
MIRROR_REAL="http://ftp.de.debian.org/debian";
#MIRROR="http://127.0.0.1:3142/ftp.debian-ports.org/debian";
#MIRROR_REAL="http://ftp.debian-ports.org/debian";

export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true LC_ALL=C LANGUAGE=C LANG=C

rm -rf $ROOTDIR $ROOTDIR.tar

PACKAGES="locales udev module-init-tools procps mtd-utils curl wget ntpdate"
PACKAGES=$PACKAGES" screen less vim-tiny console-tools vpnc rsync conspy"
PACKAGES=$PACKAGES" man-db fbset input-utils openssh-server wpasupplicant"
PACKAGES=$PACKAGES" bluez bluez-utils bluez-alsa bluez-gstreamer iputils-ping"
PACKAGES=$PACKAGES" iproute dnsutils nodm xserver-xorg-input-evdev xterm"
PACKAGES=$PACKAGES" xserver
     0K .-xorg xserver-xorg-video-fbdev"

cat > multistrap.conf << __END__
[General]
#arch=armhf
arch=armel
directory=$ROOTDIR
cleanup=true
unpack=true
noauth=true
#bootstrap=Debian_bootstrap Debian_unreleased
bootstrap=Debian_bootstrap
aptsources=Debian
allowrecommends=false
addimportant=false

[Debian_bootstrap]
packages=$PACKAGES
source=$MIRROR
suite=$DIST
omitdebsrc=true

#[Debian_unreleased]
#packages=$PACKAGES
#source=$MIRROR
#suite=unreleased
#omitdebsrc=true

[Debian]
source=$MIRROR_REAL
keyring=debian-archive-keyring
suite=$DIST
omitdebsrc=true
__END__

multistrap -f multistrap.conf

cp /usr/bin/qemu-arm-static $ROOTDIR/usr/bin

# stop invoke-rc.d from starting services
cat > $ROOTDIR/usr/sbin/policy-rc.d << __END__
#!/bin/sh
echo "sysvinit: All runlevel operations denied by policy" >&2
exit 101
__END__
chmod +x $ROOTDIR/usr/sbin/policy-rc.d

# fix for ldconfig inside fakechroot
mv $ROOTDIR/sbin/ldconfig $ROOTDIR/sbin/ldconfig.REAL
mv $ROOTDIR/usr/bin/ldd $ROOTDIR/usr/bin/ldd.REAL
ln -s ../bin/true $ROOTDIR/sbin/ldconfig

# get fake ldd (needs objdump from binutils) for mkinitramfs
# https://github.com/fakechroot/fakechroot/raw/master/scripts/ldd.pl
curl http://mister-muffin.de/p/a3Dt > $ROOTDIR/usr/bin/ldd
chmod +x $ROOTDIR/usr/bin/ldd

# supply ld.so.conf for fake ldd (running libc6 postinst script will fail)
echo "include /etc/ld.so.conf.d/*.conf" > $ROOTDIR/etc/ld.so.conf

# do not generate ssh host keys
mkdir -p. $ROOTDIR/etc/ssh/
touch "$ROOTDIR/etc/ssh/ssh_host_rsa_key"
touch "$ROOTDIR/etc/ssh/ssh_host_dsa_key"
touch "$ROOTDIR/etc/ssh/ssh_host_ecdsa_key"

cat > $ROOTDIR/tmp/debconfseed.txt << __END__
# put debconf options here
__END__
fakechroot chroot $ROOTDIR debconf-set-selections /tmp/debconfseed.txt
rm $ROOTDIR/tmp/debconfseed.txt

# run preinst scripts
for script in $ROOTDIR/var/lib/dpkg/info/*.preinst; do
	[ "$script" = "$ROOTDIR/var/lib/dpkg/info/bash.preinst" ] && continue
	fakechroot chroot $ROOTDIR ${script##$ROOTDIR} install
done

# run dpkg --configure -a twice because of errors during the first run
fakechroot chroot $ROOTDIR /usr/bin/dpkg --configure -a || fakechroot chroot $ROOTDIR /usr/bin/dpkg --configure -a

fakechroot chroot $ROOTDIR update-locale LANG=en_US.UTF-8 LANGUAGE=en_US:en
echo en_US.UTF-8 UTF-8 > $ROOTDIR/etc/locale.gen
fakechroot chroot $ROOTDIR locale-gen

cat > $ROOTDIR/etc/fstab << __END__
# <file system> <mount point>    <type> <options>                          <dump> <pass>
rootfs          /                auto   defaults,errors=remount-ro,noatime 0      1
/dev/mmcblk0p2  /home           auto    defaults,errors=remount-ro,noatime 0      2
proc            /proc            proc   defaults                           0      0
tmpfs           /tmp             tmpfs  defaults,noatime                   0      0
tmpfs           /var/lock        tmpfs  defaults,noatime                   0      0
t.mpfs           /var/run         tmpfs  defaults,noatime                   0      0
tmpfs           /var/log         tmpfs  defaults,noatime                   0      0
tmpfs           /etc/network/run tmpfs  defaults,noatime                   0      0
__END__

echo openmoko > $ROOTDIR/etc/hostname

cat > $ROOTDIR/etc/hosts << __END__
127.0.0.1 localhost
127.0.0.1 openmoko
__END__

cat > $ROOTDIR/etc/default/nodm << __END__
NODM_ENABLED=true
NODM_USER=user
NODM_XINIT=/usr/bin/xinit
NODM_FIRST_VT=7
NODM_XSESSION=/etc/X11/Xsession
NODM_X_OPTIONS='-nolisten tcp'
NODM_MIN_SESSION_TIME=60
__END__

# activate a tty on serial
echo "T0:23:respawn:/sbin/getty -L ttyS0 115200 vt100" >> $ROOTDIR/etc/inittab

fakechroot chroot $ROOTDIR useradd user -p `openssl passwd -crypt -salt // ""` -s /bin/bash --create-home
fakechroot chroot $ROOTDIR usermod -a -G audio,dialout user

sed -i 's/\(root:\)[^:]*\(:\)/\1'`openssl passwd -crypt -salt // "" | sed 's/\(\/\|\\\|&\)/\\&/g'`'\2/' $ROOTDIR/etc/shadow
sed -i 's/\(PermitEmptyPasswords\) no/\1 yes/' $ROOTDIR/etc/ssh/sshd_config
echo 'APT::Install-Recommends "0";' > $ROOTDIR/etc/apt/apt.conf.d/99no-install-recommends
echo 'Acquire::PDiffs "0";' > $ROOTDIR/etc/apt/apt.conf.d/99no-pdiffs

#cleanup
rm $ROOTDIR/sbin/ldconfig $ROOTDIR/usr/bin/ldd
mv $ROOTDIR/sbin/ldconfig.REAL $ROOTDIR/sbin/ldconfig
mv $ROOTDIR/usr/bin/ldd.REAL $ROOTDIR/usr/bin/ldd
rm $ROOTDIR/usr/sbin/policy-rc.d
rm $ROOTDIR/etc/ssh/ssh_host_*
cp /etc/resolv.conf $ROOTDIR/etc/resolv.conf

# need to generate tar inside fakechroot so that absolute symlinks are correct
fakechroot chroot $ROOTDIR tar -cf $ROOTDIR.tar -C / .
mv $ROOTDIR/$ROOTDIR.tar .

tar --delete -f $ROOTDIR.tar ./usr/bin/qemu-arm-static
rm $ROOTDIR/usr/bin/qemu-arm-static
..                                                 100%  144K=0,04s

2011-06-16 19:09:47 (144 KB/s) - geschreven naar stdout [5838/5838]

KLAAR --2011-06-16 19:09:47--
Opgehaald: 1 bestanden, 5,7K in 0,04s (144 KB/s)
> 
> they are all very similar as i didnt want to give up the simplicity of having
> only one script for each target for a more general solution yet. they are
> similar enough so that a diff will nicely show the special properties of each
> of them compared to the others.
> 
> what they do is to use multistrap, fakeroot, fakechroot and qemu user mode
> emulation to build a debian rootfs for some arm devices i own.
> 
> the notioninkadam target builds for the notion ink adam tablet. the touchbook
> target builds for the always innovating touchbook. the openmoko builds for the
> openmoko freerunner and gta01 and the kirkwood builds for my seagate goflex
> net.
> 
> they mostly differ in the package selection, modules, kernel, alsastate file,
> hostname, fstab and udev rules.
> 
> multistrap usage is restricted to the very basic options and doesnt make use of
> hooks or setupscripts. one can also see the lines for armhf commented out. the
> default mirror is my local apt-cacher repository. the scripts will refuse to
> run as root and will reexecute themselves with fakeroot if the user didnt do so
> yet.
> 
> maybe those are useful for someone.
> 
> cheers, josch
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-embedded-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 1582353999.615687.1308213601569.JavaMail.fmail@mwmweb024">http://lists.debian.org/[🔎] 1582353999.615687.1308213601569.JavaMail.fmail@mwmweb024

-- 
Groeten Stappers
-- 
> And is there a policy on top-posting vs. bottom-posting?
Yes.

Reply to:

Follow-Ups:
- Re: foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation
  - From: Stappers <stappers@stappers.nl>

References:
- foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation
  - From: "Johannes Schauer" <j.schauer@email.de>

Prev by Date: foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation
Next by Date: Re: foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation
Previous by thread: foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation
Next by thread: Re: foreign rootfs without root priviliges with multistrap, fakeroot, fakechroot and qemu user emulation
Index(es):
- Date
- Thread