asahi-kiwi-descriptions/config.sh

#!/bin/bash

set -euxo pipefail

#======================================
# Functions...
#--------------------------------------
test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile

#======================================
# Greeting...
#--------------------------------------
echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."

#======================================
# Turn on sticky vendors
#--------------------------------------
echo "allow_vendor_change=False" >> /etc/dnf/dnf.conf

#======================================
# Set SELinux booleans
#--------------------------------------
## Fixes KDE Plasma, see rhbz#2058657
setsebool -P selinuxuser_execmod 1

#======================================
# Clear machine specific configuration
#--------------------------------------
## Clear machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
## remove random seed, the newly installed instance should make its own
rm -f /var/lib/systemd/random-seed

#======================================
# Delete & lock the root user password
#--------------------------------------
passwd -d root
passwd -l root

#======================================
# Setup default services
#--------------------------------------

## Enable chrony
systemctl enable sshd.service
## Enable NetworkManager
systemctl enable NetworkManager.service
## Enable chrony
systemctl enable chronyd.service
## Enable persistent journal
mkdir -p /var/log/journal

#======================================
# Setup firstboot initial setup
#--------------------------------------

## Enable initial-setup
systemctl enable initial-setup.service
## Enable reconfig mode
touch /etc/reconfigSys

#======================================
# Setup default target
#--------------------------------------
if [[ "$kiwi_profiles" == *"GNOME"* ]] || [[ "$kiwi_profiles" == *"KDE"* ]]; then
	systemctl set-default graphical.target
else
	systemctl set-default multi-user.target
fi

#======================================
# Setup device firmware
#--------------------------------------

# Find the architecture we are on
arch=$(uname -m)

# Setup Raspberry Pi firmware
if [[ "$arch" == "aarch64" ]]; then
	cp -P /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin
	cp -P /usr/share/uboot/rpi_4/u-boot.bin /boot/efi/rpi4-u-boot.bin
	cp -P /usr/share/uboot/rpi_arm64/u-boot.bin /boot/efi/rpi-u-boot.bin
fi

#======================================
# Import GPG keys
#--------------------------------------

releasever=$(rpm --eval '%{fedora}')
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-primary
echo "Packages within this disk image"
rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn

# Note that running rpm recreates the rpm db files which aren't needed or wanted
rm -f /var/lib/rpm/__db*

exit 0
Initial commit 2022-09-17 12:16:13 +00:00			`#!/bin/bash`

			`set -euxo pipefail`

			`#======================================`
			`# Functions...`
			`#--------------------------------------`
			`test -f /.kconfig && . /.kconfig`
			`test -f /.profile && . /.profile`

			`#======================================`
			`# Greeting...`
			`#--------------------------------------`
			`echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."`

			`#======================================`
			`# Turn on sticky vendors`
			`#--------------------------------------`
			`echo "allow_vendor_change=False" >> /etc/dnf/dnf.conf`

			`#======================================`
			`# Set SELinux booleans`
			`#--------------------------------------`
			`## Fixes KDE Plasma, see rhbz#2058657`
			`setsebool -P selinuxuser_execmod 1`

			`#======================================`
			`# Clear machine specific configuration`
			`#--------------------------------------`
			`## Clear machine-id on pre generated images`
			`rm -f /etc/machine-id`
			`touch /etc/machine-id`
			`## remove random seed, the newly installed instance should make its own`
			`rm -f /var/lib/systemd/random-seed`

			`#======================================`
			`# Delete & lock the root user password`
			`#--------------------------------------`
			`passwd -d root`
			`passwd -l root`

			`#======================================`
			`# Setup default services`
			`#--------------------------------------`

			`## Enable chrony`
			`systemctl enable sshd.service`
			`## Enable NetworkManager`
			`systemctl enable NetworkManager.service`
			`## Enable chrony`
			`systemctl enable chronyd.service`
			`## Enable persistent journal`
			`mkdir -p /var/log/journal`

			`#======================================`
			`# Setup firstboot initial setup`
			`#--------------------------------------`

			`## Enable initial-setup`
			`systemctl enable initial-setup.service`
			`## Enable reconfig mode`
			`touch /etc/reconfigSys`

			`#======================================`
			`# Setup default target`
			`#--------------------------------------`
			`if [[ "$kiwi_profiles" == "GNOME" ]] \|\| [[ "$kiwi_profiles" == "KDE" ]]; then`
			`systemctl set-default graphical.target`
			`else`
			`systemctl set-default multi-user.target`
			`fi`

			`#======================================`
			`# Setup device firmware`
			`#--------------------------------------`

			`# Find the architecture we are on`
			`arch=$(uname -m)`

			`# Setup Raspberry Pi firmware`
			`if [[ "$arch" == "aarch64" ]]; then`
			`cp -P /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin`
			`cp -P /usr/share/uboot/rpi_4/u-boot.bin /boot/efi/rpi4-u-boot.bin`
			`cp -P /usr/share/uboot/rpi_arm64/u-boot.bin /boot/efi/rpi-u-boot.bin`
			`fi`

			`#======================================`
			`# Import GPG keys`
			`#--------------------------------------`

			`releasever=$(rpm --eval '%{fedora}')`
			`rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-primary`
			`echo "Packages within this disk image"`
			`rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' \|sort -rn`

			`# Note that running rpm recreates the rpm db files which aren't needed or wanted`
			`rm -f /var/lib/rpm/__db*`

			`exit 0`