357c2de681
Most of our build process runs as root and the overhead of explicitly tracking sudo commands in the shipped sudoers.d file, plus the operational overhead of keeping the sudoers.d file updated on build hosts over time, is now considered to be unnecessary. Instead, we now document that the build process will expect sudo commands to work and the operator must make this happen (either by running as root, via sudo -E, or allowing passwordless sudo for the build user). Change-Id: If2628e7d0c7efde0fb99c84a217523ba29b1b38d
233 lines
6.7 KiB
Bash
233 lines
6.7 KiB
Bash
# vim: syntax=sh ts=4 sts=4 sw=2:et
|
|
# Copyright 2012 Hewlett-Packard Development Company, L.P.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
function tmpfs_check() {
|
|
[ "$DIB_NO_TMPFS" == "0" ] || return 1
|
|
[ -r /proc/meminfo ] || return 1
|
|
total_kB=$(awk '/^MemTotal/ { print $2 }' /proc/meminfo)
|
|
[ $total_kB -lt $((4*1024*1024)) ] || return 0
|
|
echo "Not enough RAM to use tmpfs for build. ($total_kB < 4G)"
|
|
return 1
|
|
}
|
|
|
|
function mk_build_dir () {
|
|
TMP_BUILD_DIR=$(mktemp -t -d --tmpdir=${TMP_DIR:-/tmp} image.XXXXXXXX)
|
|
[ $? -eq 0 ] || die "Failed to create tmp directory"
|
|
export TMP_BUILD_DIR
|
|
if tmpfs_check ; then
|
|
sudo mount -t tmpfs tmpfs $TMP_BUILD_DIR
|
|
fi
|
|
sudo chown $(id -u):$(id -g) $TMP_BUILD_DIR
|
|
trap cleanup EXIT
|
|
echo Building in $TMP_BUILD_DIR
|
|
export TMP_IMAGE_PATH=$TMP_BUILD_DIR/image.raw
|
|
export TMP_HOOKS_PATH=$TMP_BUILD_DIR/hooks
|
|
}
|
|
|
|
function save_image () {
|
|
# TODO: this really should rename the old file
|
|
if [ -f $1 ] ; then
|
|
echo "Old Image file Found REMOVING"
|
|
rm -f $1
|
|
fi
|
|
|
|
cp $TMP_IMAGE_PATH $1
|
|
cleanup_dirs
|
|
# All done!
|
|
trap EXIT
|
|
echo "Image file $1 created..."
|
|
}
|
|
|
|
function generate_hooks () {
|
|
mkdir -p $TMP_HOOKS_PATH
|
|
for _ELEMENT in $IMAGE_ELEMENT ; do
|
|
for dir in $(echo $ELEMENTS_PATH | tr ":" " ") ; do
|
|
[ -d $dir/$_ELEMENT ] || continue
|
|
cp -t $TMP_HOOKS_PATH -a $dir/$_ELEMENT/* ;
|
|
break
|
|
done
|
|
done
|
|
}
|
|
|
|
# Call the supplied break-in routine if the named point is listed in the break
|
|
# list.
|
|
# $1 the break point.
|
|
# $2.. what to call if a break is needed
|
|
function check_break () {
|
|
if echo "$break" | egrep -e "(,|^)$1(,|$)" -q; then
|
|
echo "Starting debug shell. Exit to resume building." >&2
|
|
echo At stage $1 >&2
|
|
shift
|
|
"$@"
|
|
echo "Resuming" >&2
|
|
fi
|
|
}
|
|
|
|
# Check that a real element has been chosen (prevents foot-guns)
|
|
function check_element () {
|
|
[ -d $TMP_HOOKS_PATH ] || generate_hooks
|
|
}
|
|
|
|
# Run a hook, looking for a regex in its stdout, and eval the matched lines.
|
|
# $1 is the hook to run
|
|
# $2 is the regex to look for
|
|
function eval_run_d () {
|
|
local TEMP=`run_d $1`
|
|
echo "$TEMP"
|
|
if [ `echo "$TEMP" | grep -s "$2"` ]; then
|
|
TEMP=`echo "$TEMP" | grep "$2"`
|
|
eval "$TEMP"
|
|
fi
|
|
}
|
|
|
|
# Usage: map_nbd $image
|
|
# Returns nbd device path
|
|
function map_nbd {
|
|
(lsmod | grep '^nbd ') || sudo modprobe nbd max_part=16
|
|
|
|
if [[ $(qemu-nbd --help | grep cache) == *writeback* ]] ; then
|
|
CACHE="--cache=writeback"
|
|
else
|
|
echo "Warning: qemu-nbd without --cache=writeback is /slow/."
|
|
CACHE=""
|
|
fi
|
|
NBD_DEV=
|
|
for i in `seq 0 15`; do
|
|
if [ ! -e /sys/block/nbd$i/pid ]; then
|
|
NBD_DEV=/dev/nbd$i
|
|
# Connect to nbd and wait till it is ready
|
|
sudo qemu-nbd -c $NBD_DEV $CACHE $1
|
|
if ! timeout 60 sh -c "while ! [ -e /sys/block/nbd$i/pid ]; do sleep 1; done"; then
|
|
echo "Couldn't connect $NBD_DEV"
|
|
exit 1
|
|
fi
|
|
break
|
|
fi
|
|
done
|
|
if [ -z "$NBD_DEV" ]; then
|
|
echo "No free NBD slots"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
# Delete and unmount the working dir used in extracting kernel/initrd
|
|
function unmount_qcow_image () {
|
|
sudo umount $WORK_DIR || true
|
|
sudo qemu-nbd -d $NBD_DEV || true
|
|
sudo rm -rf $WORK_DIR
|
|
|
|
trap - SIGHUP SIGINT SIGTERM EXIT
|
|
}
|
|
|
|
function mount_qcow_image() {
|
|
trap unmount_qcow_image SIGHUP SIGINT SIGTERM EXIT
|
|
|
|
WORK_DIR=$(mktemp -d)
|
|
map_nbd $1
|
|
if [ -e "${NBD_DEV}p1" ]; then
|
|
sudo mount ${NBD_DEV}p1 $WORK_DIR
|
|
else
|
|
sudo mount ${NBD_DEV} $WORK_DIR
|
|
fi
|
|
}
|
|
|
|
function cleanup_dirs () {
|
|
sudo rm -rf $TMP_BUILD_DIR/built
|
|
sudo rm -rf $TMP_BUILD_DIR/mnt
|
|
sudo umount -f $TMP_BUILD_DIR || true
|
|
rm -rf $TMP_BUILD_DIR
|
|
}
|
|
|
|
# Run a directory of hooks outside the target.
|
|
function run_d() {
|
|
check_element
|
|
check_break before-$1 bash
|
|
if [ -d ${TMP_HOOKS_PATH}/$1.d ] ; then
|
|
${SCRIPT_HOME}/dib-run-parts ${TMP_HOOKS_PATH}/$1.d
|
|
fi
|
|
check_break after-$1 bash
|
|
}
|
|
|
|
function detach_loopback() {
|
|
local loopdev=$1
|
|
# loopback dev may be tied up a bit by udev events triggered by partition events
|
|
for try in $(seq 10 -1 1) ; do
|
|
if sudo losetup -d $loopdev ; then
|
|
return 0
|
|
fi
|
|
echo $loopdev may be busy, sleeping up to $try more seconds...
|
|
sleep 1
|
|
done
|
|
echo Gave up trying to detach $loopdev
|
|
return 1
|
|
}
|
|
|
|
function arg_to_elements() {
|
|
for arg do IMAGE_ELEMENT="$IMAGE_ELEMENT $arg" ; done
|
|
|
|
if [ "$SKIP_BASE" != "1" ]; then
|
|
IMAGE_ELEMENT="base $IMAGE_ELEMENT"
|
|
fi
|
|
if [ "$IS_RAMDISK" == "1" ]; then
|
|
IMAGE_ELEMENT="ramdisk $IMAGE_ELEMENT"
|
|
fi
|
|
echo "Building elements: $IMAGE_ELEMENT"
|
|
|
|
IMAGE_ELEMENT=$($SCRIPT_HOME/element-info --expand-dependencies $IMAGE_ELEMENT)
|
|
|
|
echo "Expanded element dependencies to: $IMAGE_ELEMENT"
|
|
}
|
|
|
|
function create_base () {
|
|
mkdir $TMP_BUILD_DIR/mnt
|
|
export TMP_MOUNT_PATH=$TMP_BUILD_DIR/mnt
|
|
# Copy data in to the root.
|
|
TARGET_ROOT=$TMP_MOUNT_PATH run_d root
|
|
if [ -z "$(ls $TMP_MOUNT_PATH | grep -v lost+found)" ] ; then
|
|
# Nothing copied in, use Ubuntu.
|
|
echo "Adding ubuntu element as / had no contents"
|
|
IMAGE_ELEMENT=$($SCRIPT_HOME/element-info --expand-dependencies $IMAGE_ELEMENT ubuntu)
|
|
generate_hooks
|
|
echo "Now building: $IMAGE_ELEMENT"
|
|
TARGET_ROOT=$TMP_MOUNT_PATH run_d root
|
|
fi
|
|
|
|
# Configure Image
|
|
# Setup resolv.conf so we can chroot to install some packages
|
|
if [ -L $TMP_MOUNT_PATH/etc/resolv.conf ] || [ -f $TMP_MOUNT_PATH/etc/resolv.conf ] ; then
|
|
sudo mv $TMP_MOUNT_PATH/etc/resolv.conf $TMP_MOUNT_PATH/etc/resolv.conf.ORIG
|
|
fi
|
|
|
|
# Recreate resolv.conf
|
|
sudo touch $TMP_MOUNT_PATH/etc/resolv.conf
|
|
sudo chmod 777 $TMP_MOUNT_PATH/etc/resolv.conf
|
|
# use system configured resolv.conf if available to support internal proxy resolving
|
|
if [ -e /etc/resolv.conf ]
|
|
then
|
|
cat /etc/resolv.conf > $TMP_MOUNT_PATH/etc/resolv.conf
|
|
else
|
|
echo nameserver 8.8.8.8 > $TMP_MOUNT_PATH/etc/resolv.conf
|
|
fi
|
|
mount_proc_dev_sys
|
|
}
|
|
|
|
function mount_proc_dev_sys () {
|
|
# supporting kernel file systems
|
|
sudo mount -t proc none $TMP_MOUNT_PATH/proc
|
|
sudo mount --bind /dev $TMP_MOUNT_PATH/dev
|
|
sudo mount -t sysfs none $TMP_MOUNT_PATH/sys
|
|
}
|
|
|