ee46e2f9b7
Make a version-less RHEL element to handle both '7' and '8' DIB_RELEASE. The element usage should align with other elements which operate in the same way such as the Fedora element. Additionally, this patch adds support for RHEL8 that operates with Python 3. As of now, users of diskimage-builder will still be able to use the 'rhel7' element, or migrate to 'rhel' and specify their respective DIB_RELEASE value. * mount the xfs file-system for extraction as read-only. vaguely based on explaination in [1] and the fact we only read the image data into a tar, so can ignore this. XFS (dm-1): Superblock has unknown read-only compatible features (0x4) enabled. * Use the redhat system python as the dib-python version. dib was ahead of it's time making an abstracted python interpreter for system work ;) the system python should work for running the various dib element scripts. [1] https://unix.stackexchange.com/questions/247550/unmountable-xfs-filesystem Redhat-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1700253 Co-Authored-By: Ian Wienand <iwienand@redhat.com> Change-Id: I90540675c70bb475d9db2ae24f81c648a31f3f95
130 lines
5 KiB
Bash
Executable file
130 lines
5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Intended to be called from the root.d cloud-image script as follows:
|
|
# $TMP_HOOKS_PATH/bin/extract-image $BASE_IMAGE_FILE $BASE_IMAGE_TAR $IMAGE_LOCATION $CACHED_IMAGE
|
|
|
|
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -eu
|
|
set -o pipefail
|
|
|
|
BASE_IMAGE_FILE=$1
|
|
BASE_IMAGE_TAR=$2
|
|
IMAGE_LOCATION=$3
|
|
CACHED_IMAGE=$4
|
|
|
|
CACHED_TAR=$DIB_IMAGE_CACHE/$BASE_IMAGE_TAR
|
|
DIB_LOCAL_IMAGE=${DIB_LOCAL_IMAGE:-""}
|
|
TAR_LOCK=$CACHED_TAR.lock
|
|
|
|
function extract_image() {
|
|
if [ -n "$DIB_OFFLINE" -a -f "$CACHED_TAR" ] ; then
|
|
echo "Not checking freshness of cached $CACHED_TAR."
|
|
else
|
|
if [ -z "$DIB_LOCAL_IMAGE" ]; then
|
|
echo "Fetching Base Image"
|
|
|
|
# There seems to be some bad Fedora mirrors returning http 404's for the cloud image.
|
|
# If the image fails to download due to a 404 we retry once.
|
|
set +e
|
|
$TMP_HOOKS_PATH/bin/cache-url $IMAGE_LOCATION $CACHED_IMAGE
|
|
RV=$?
|
|
set -e
|
|
|
|
if [ "$RV" == "44" ] ; then
|
|
$TMP_HOOKS_PATH/bin/cache-url $IMAGE_LOCATION $CACHED_IMAGE
|
|
elif [ "$RV" != "0" ] ; then
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
if [ ! -f $CACHED_TAR -o \
|
|
$CACHED_IMAGE -nt $CACHED_TAR ] ; then
|
|
echo "Repacking base image as tarball."
|
|
|
|
WORKING=$(mktemp --tmpdir=${TMP_DIR:-/tmp} -d)
|
|
EACTION="rm -r $WORKING"
|
|
trap "$EACTION" EXIT
|
|
echo "Working in $WORKING"
|
|
|
|
RAW_FILE=$(mktemp --tmpdir=$WORKING XXXXXX.raw)
|
|
|
|
if [ "${CACHED_IMAGE: -3}" == ".xz" ] ; then
|
|
QCOW2_FILE=$(mktemp --tmpdir=$WORKING XXXXXX.qcow2)
|
|
# This leaves the old image in place so cache-url wont get it again
|
|
unxz --stdout $CACHED_IMAGE > $QCOW2_FILE
|
|
CACHED_IMAGE=$QCOW2_FILE
|
|
fi
|
|
|
|
qemu-img convert -f qcow2 -O raw $CACHED_IMAGE $RAW_FILE
|
|
|
|
ROOT_PARTITION=p$(sudo kpartx -l $RAW_FILE | awk "/loop[0-9]+p/"|wc -l)
|
|
sudo udevadm settle
|
|
|
|
# kpartx fails if no /dev/loop* exists, "losetup -f" prints first unused
|
|
# loop device and creates it if it doesn't exist
|
|
sudo losetup -f
|
|
|
|
# XXX: Parsing stdout is dangerous, would like a better way to discover
|
|
# the device used for the image.
|
|
ROOT_LOOPDEV=$(sudo kpartx -av $RAW_FILE | \
|
|
awk "/loop[0-9]+$ROOT_PARTITION/ {print \$3}")
|
|
# If running inside Docker, make our nodes manually, because udev will not be working.
|
|
if [ -f /.dockerenv ]; then
|
|
sudo dmsetup --noudevsync mknodes
|
|
fi
|
|
if ! timeout 5 sh -c "while ! [ -e /dev/mapper/$ROOT_LOOPDEV ]; do sleep 1; done"; then
|
|
echo "Error: Could not find /dev/mapper/$ROOT_LOOPDEV"
|
|
exit 1
|
|
fi
|
|
EACTION="sudo kpartx -d $RAW_FILE ; $EACTION"
|
|
trap "$EACTION" EXIT
|
|
mkdir $WORKING/mnt
|
|
if [ "xfs" = "$(sudo blkid -o value -s TYPE /dev/mapper/$ROOT_LOOPDEV)" ]; then
|
|
# mount xfs with nouuid, just in case that uuid is already mounted
|
|
# use ro to avoid/workaround xfs uuid issues on older
|
|
# kernels with newer rhel images which seem to set
|
|
# flags to generate unique uuid's:
|
|
# xfs superblock has incompatible features (0x4)
|
|
# we don't need to worry about this, we just want the data
|
|
MOUNTOPTS="-o nouuid,ro"
|
|
else
|
|
MOUNTOPTS=""
|
|
fi
|
|
|
|
sudo mount $MOUNTOPTS /dev/mapper/$ROOT_LOOPDEV $WORKING/mnt
|
|
EACTION="sudo umount -f $WORKING/mnt ; $EACTION"
|
|
trap "$EACTION" EXIT
|
|
|
|
# find out if chroot tar has full xattr support
|
|
if [ 0 == `sudo chroot $WORKING/mnt bin/tar --help | grep -c xattrs-exclude` ]; then
|
|
TAROPTS="--no-xattrs"
|
|
else
|
|
TAROPTS="--xattrs --xattrs-include=* --xattrs-exclude=security.selinux"
|
|
fi
|
|
# Chroot in so that we get the correct uid/gid
|
|
sudo chroot $WORKING/mnt bin/tar $TAROPTS -cz . > $WORKING/tmp.tar
|
|
mv $WORKING/tmp.tar $CACHED_TAR
|
|
else
|
|
echo "Using cached tar from $CACHED_TAR"
|
|
fi
|
|
fi
|
|
|
|
# Extract the base image (use --numeric-owner to avoid UID/GID mismatch between
|
|
# image tarball and host OS e.g. when building Fedora image on an openSUSE host)
|
|
# Include all xattrs except selinux because the selinux ones cause issues in our
|
|
# chroot environment, and we restore all of those at the end of the build anyway.
|
|
echo "Extracting base root image from $CACHED_TAR"
|
|
sudo tar -C $TARGET_ROOT --numeric-owner --xattrs --xattrs-include='*' --xattrs-exclude='security.selinux' -xzf $CACHED_TAR
|
|
}
|
|
|
|
(
|
|
echo "Getting $TAR_LOCK: $(date)"
|
|
# Wait up to 20 minutes for another process to download
|
|
if ! flock -w 1200 9 ; then
|
|
echo "Did not get $TAR_LOCK: $(date)"
|
|
exit 1
|
|
fi
|
|
extract_image
|
|
) 9> $TAR_LOCK
|