diskimage-builder/elements/gentoo/post-install.d/99-cleanup
Matthew Thode 01fce7b70c
Fix Gentoo hardened support
This checks the profile, if it has hardened in it's name it needs xattr support
unfortunately xattr support cannot yet be relied on everywhere, so it needs to
be disabled for hardened profile builds to correctly pax-mark.

Change-Id: I7fb855249a9e6c9b6497ab5061b4ea3c014f5081
Closes-Bug: 1537177
2016-02-01 20:56:37 -06:00

39 lines
1.3 KiB
Bash
Executable file

#!/bin/bash
if [[ ${DIB_DEBUG_TRACE:-0} -gt 0 ]]; then
set -x
fi
set -eu
set -o pipefail
# make sure system is in a consistant state
USE="-build" emerge -uDNv --with-bdeps=y --jobs=2 @world
USE="-build" emerge --verbose=n --depclean
USE="-build" emerge -v --usepkg=n @preserved-rebuild
# update config files
etc-update --automode -5
# clean up portage files
emerge --verbose=n --depclean
emaint all -f
eselect news read all
eclean-dist --destructive
# clean up files that may have been changed during build
shopt -s extglob
rm -Rf /tmp/!(ccache|in_target*|profiledir*)
shopt -u extglob
rm -Rf /root/.ccache/* /usr/portage/* /usr/src/* /var/cache/edb/dep/* /var/cache/genkernel/* /var/empty/* /var/run/* /var/state/* /var/tmp/* /var/cache/portage/distfiles
rm -Rf /etc/*- /etc/*.old /etc/ssh/ssh_host_* /root/.*history /root/.lesshst /root/.ssh/known_hosts /root/.viminfo /usr/share/genkernel /usr/lib64/python*/site-packages/gentoolkit/test/eclean/testdistfiles.tar.gz
# shrink a bit
for i in $(find /var/log -type f); do echo > $i; done
find /usr/share/man/ -mindepth 1 -maxdepth 1 -path "/usr/share/man/man*" -prune -o -exec rm -rf {} \;
# make it so we don't have to reinstall grub
if [[ -a /usr/sbin/grub2-install ]]; then
mkdir -p /tmp/grub
touch /tmp/grub/install
fi