From 0ac89e2596ca034dd6066d2e979f872ef33f2f55 Mon Sep 17 00:00:00 2001 From: Nulo Date: Thu, 23 Feb 2023 18:27:13 -0300 Subject: [PATCH] montar squashfs de adentro del /persist --- fstab.ts | 5 +- index.ts | 2 +- initramfs-init | 293 +++++++++++++++++++++++++++++++++++++++++++++++++ kernel.ts | 7 ++ qemu.ts | 24 +++- 5 files changed, 324 insertions(+), 7 deletions(-) create mode 100755 initramfs-init diff --git a/fstab.ts b/fstab.ts index d883d8e..634e2c5 100644 --- a/fstab.ts +++ b/fstab.ts @@ -6,7 +6,10 @@ export class Fstab { this.alpine = alpine; } - private mounts: string[] = ["tmpfs /tmp tmpfs defaults 0 0"]; + private mounts: string[] = [ + "/current.squashfs / squashfs defaults 0 0", + "tmpfs /tmp tmpfs defaults 0 0", + ]; async addMount(mount: string) { this.mounts.push(mount); await this.write(); diff --git a/index.ts b/index.ts index 36d130f..194435b 100644 --- a/index.ts +++ b/index.ts @@ -51,7 +51,7 @@ socat tcp-listen:80,reuseaddr,fork tcp:localhost:3050 & `, { uid: 0, gid: 0 } ); - await alpine.fstab.addMount("/dev/sdb /persist ext4 defaults 0 0"); + await alpine.fstab.addMount("/dev/sda /persist ext4 defaults 0 0"); await timed(() => installFluentBit(alpine)); const runit = await timed(() => Runit.setup(alpine)); await timed(() => setupDhcpcd(alpine, runit)); diff --git a/initramfs-init b/initramfs-init new file mode 100755 index 0000000..62b9eda --- /dev/null +++ b/initramfs-init @@ -0,0 +1,293 @@ +#!/bin/sh + +# basado en https://gitlab.alpinelinux.org/alpine/mkinitfs/-/blob/6a09876be6297e601920382ca93555917e31f1f1/initramfs-init.in + +VERSION=420.69 +SINGLEMODE=no +sysroot=/sysroot +splashfile=/.splash.ctrl + +# some helpers +ebegin() { + last_emsg="$*" + echo "$last_emsg..." > /dev/kmsg + [ "$KOPT_quiet" = yes ] && return 0 + echo -n " * $last_emsg: " +} +eend() { + local msg + if [ "$1" = 0 ] || [ $# -lt 1 ] ; then + echo "$last_emsg: ok." > /dev/kmsg + [ "$KOPT_quiet" = yes ] && return 0 + echo "ok." + else + shift + echo "$last_emsg: failed. $*" > /dev/kmsg + if [ "$KOPT_quiet" = "yes" ]; then + echo -n "$last_emsg " + fi + echo "failed. $*" + echo "initramfs emergency recovery shell launched. Type 'exit' to continue boot" + /bin/busybox sh + fi +} + +# find mount dir for given device in an fstab +# returns global MNTOPTS +find_mnt() { + local search_dev="$1" + local fstab="$2" + case "$search_dev" in + UUID*|LABEL*) search_dev=$(findfs "$search_dev");; + esac + MNTOPTS= + [ -r "$fstab" ] || return 1 + local search_maj_min=$(stat -L -c '%t,%T' $search_dev) + while read dev mnt fs MNTOPTS chk; do + case "$dev" in + UUID*|LABEL*) dev=$(findfs "$dev");; + esac + if [ -b "$dev" ]; then + local maj_min=$(stat -L -c '%t,%T' $dev) + if [ "$maj_min" = "$search_maj_min" ]; then + echo "$mnt" + return + fi + fi + done < $fstab + MNTOPTS= +} + +# Do some tasks to make sure mounting the ZFS pool is A-OK +prepare_zfs_root() { + local _root_vol=${KOPT_root#ZFS=} + local _root_pool=${_root_vol%%/*} + + # Force import if this has been imported on a different system previously. + # Import normally otherwise + if [ "$KOPT_zfs_force" = 1 ]; then + zpool import -N -d /dev -f $_root_pool + else + zpool import -N -d /dev $_root_pool + fi + + # Ask for encryption password + if [ $(zpool list -H -o feature@encryption $_root_pool) = "active" ]; then + local _encryption_root=$(zfs get -H -o value encryptionroot $_root_vol) + if [ "$_encryption_root" != "-" ]; then + eval zfs load-key $_encryption_root + fi + fi +} + +/bin/busybox mkdir -p /usr/bin /usr/sbin /proc /sys /dev $sysroot /persist \ + /media/cdrom /media/usb /tmp /run/cryptsetup + +# Spread out busybox symlinks and make them available without full path +/bin/busybox --install -s +export PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# Make sure /dev/null is a device node. If /dev/null does not exist yet, the command +# mounting the devtmpfs will create it implicitly as an file with the "2>" redirection. +# The -c check is required to deal with initramfs with pre-seeded device nodes without +# error message. +[ -c /dev/null ] || mknod -m 666 /dev/null c 1 3 + +mount -t sysfs -o noexec,nosuid,nodev sysfs /sys +mount -t devtmpfs -o exec,nosuid,mode=0755,size=2M devtmpfs /dev 2>/dev/null \ + || mount -t tmpfs -o exec,nosuid,mode=0755,size=2M tmpfs /dev + +# Make sure /dev/kmsg is a device node. Writing to /dev/kmsg allows the use of the +# earlyprintk kernel option to monitor early init progress. As above, the -c check +# prevents an error if the device node has already been seeded. +[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11 + +mount -t proc -o noexec,nosuid,nodev proc /proc +# pty device nodes (later system will need it) +[ -c /dev/ptmx ] || mknod -m 666 /dev/ptmx c 5 2 +[ -d /dev/pts ] || mkdir -m 755 /dev/pts +mount -t devpts -o gid=5,mode=0620,noexec,nosuid devpts /dev/pts + +# shared memory area (later system will need it) +[ -d /dev/shm ] || mkdir /dev/shm +mount -t tmpfs -o nodev,nosuid,noexec shm /dev/shm + + +# read the kernel options. we need surve things like: +# acpi_osi="!Windows 2006" xen-pciback.hide=(01:00.0) +set -- $(cat /proc/cmdline) + +myopts="alpine_dev autodetect autoraid cryptroot cryptdm cryptheader cryptoffset + cryptdiscards cryptkey debug_init dma init init_args modules + quiet root_size root usbdelay alpine_start splash + blacklist overlaytmpfs overlaytmpfsflags rootfstype rootflags nbd resume + ssh_key BOOTIF" + +for opt; do + case "$opt" in + s|single|1) + SINGLEMODE=yes + continue + ;; + console=*) + opt="${opt#*=}" + KOPT_consoles="${opt%%,*} $KOPT_consoles" + switch_root_opts="-c /dev/${opt%%,*}" + continue + ;; + esac + + for i in $myopts; do + case "$opt" in + $i=*) eval "KOPT_${i}"='${opt#*=}';; + $i) eval "KOPT_${i}=yes";; + no$i) eval "KOPT_${i}=no";; + esac + done +done + +echo "Nulo Init $VERSION" > /dev/kmsg +[ "$KOPT_quiet" = yes ] || echo "Nulo Init $VERSION" + +# enable debugging if requested +[ -n "$KOPT_debug_init" ] && set -x + +# set default values +: ${KOPT_init:=/sbin/init} + +# pick first keymap if found +for map in /etc/keymap/*; do + if [ -f "$map" ]; then + ebegin "Setting keymap ${map##*/}" + zcat "$map" | loadkmap + eend + break + fi +done + +# hide kernel messages +[ "$KOPT_quiet" = yes ] && dmesg -n 1 + +# optional blacklist +for i in ${KOPT_blacklist//,/ }; do + echo "blacklist $i" >> /etc/modprobe.d/boot-opt-blacklist.conf +done + +# make sure we load zfs module if root=ZFS=... +rootfstype=${KOPT_rootfstype} +if [ -z "$rootfstype" ]; then + case "$KOPT_root" in + ZFS=*) rootfstype=zfs ;; + esac +fi + +# load available drivers to get access to modloop media +ebegin "Loading boot drivers" + +modprobe -a $(echo "$KOPT_modules $rootfstype" | tr ',' ' ' ) loop squashfs simpledrm 2> /dev/null +if [ -f /etc/modules ] ; then + sed 's/\#.*//g' < /etc/modules | + while read module args; do + modprobe -q $module $args + done +fi +eend 0 + +if [ -n "$KOPT_cryptroot" ]; then + cryptopts="-c ${KOPT_cryptroot}" + if [ "$KOPT_cryptdiscards" = "yes" ]; then + cryptopts="$cryptopts -D" + fi + if [ -n "$KOPT_cryptdm" ]; then + cryptopts="$cryptopts -m ${KOPT_cryptdm}" + fi + if [ -n "$KOPT_cryptheader" ]; then + cryptopts="$cryptopts -H ${KOPT_cryptheader}" + fi + if [ -n "$KOPT_cryptoffset" ]; then + cryptopts="$cryptopts -o ${KOPT_cryptoffset}" + fi + if [ "$KOPT_cryptkey" = "yes" ]; then + cryptopts="$cryptopts -k /crypto_keyfile.bin" + elif [ -n "$KOPT_cryptkey" ]; then + cryptopts="$cryptopts -k ${KOPT_cryptkey}" + fi +fi + +# zpool reports /dev/zfs missing if it can't read /etc/mtab +ln -s /proc/mounts /etc/mtab + +# check if root=... was set +if [ -n "$KOPT_root" ]; then + # run nlplug-findfs before SINGLEMODE so we load keyboard drivers + ebegin "Mounting root" + nlplug-findfs $cryptopts -p /sbin/mdev ${KOPT_debug_init:+-d} \ + $KOPT_root + + if [ "$SINGLEMODE" = "yes" ]; then + echo "Entering single mode. Type 'exit' to continue booting." + sh + fi + + if echo "$KOPT_modules $rootfstype" | grep -qw btrfs; then + /sbin/btrfs device scan >/dev/null || \ + echo "Failed to scan devices for btrfs filesystem." + fi + + if [ -n "$KOPT_resume" ]; then + echo "Resume from disk" + if [ -e /sys/power/resume ]; then + case "$KOPT_resume" in + UUID*|LABEL*) resume_dev=$(findfs "$KOPT_resume");; + *) resume_dev="$KOPT_resume";; + esac + printf "%d:%d" $(stat -Lc "0x%t 0x%T" "$resume_dev") >/sys/power/resume + else + echo "resume: no hibernation support found" + fi + fi + + # TODO: implementar esto que podría ser particularmente útil + # if [ "$KOPT_overlaytmpfs" = "yes" ]; then + # # Create mountpoints + # mkdir -p /media/root-ro /media/root-rw $sysroot/media/root-ro \ + # $sysroot/media/root-rw + # # Mount read-only underlying rootfs + # rootflags="${KOPT_rootflags:+$KOPT_rootflags,}ro" + # mount ${KOPT_rootfstype:+-t $KOPT_rootfstype} -o $rootflags \ + # $KOPT_root /media/root-ro + # # Mount writable overlay tmpfs + # overlaytmpfsflags="mode=0755,${KOPT_overlaytmpfsflags:+$KOPT_overlaytmpfsflags,}rw" + # mount -t tmpfs -o $overlaytmpfsflags root-tmpfs /media/root-rw + # # Create additional mountpoints and do the overlay mount + # mkdir -p /media/root-rw/work /media/root-rw/root + # mount -t overlay -o \ + # lowerdir=/media/root-ro,upperdir=/media/root-rw/root,workdir=/media/root-rw/work \ + # overlayfs $sysroot + # else + if [ "$rootfstype" = "zfs" ]; then + prepare_zfs_root + fi + + echo "nulo => Montando /persist" + mount ${rootfstype:+-t} ${rootfstype} \ + -o ${KOPT_rootflags:-rw} \ + ${KOPT_root#ZFS=} /persist \ + || eend "$?" + + echo "nulo => Montando current.squashfs en /sysroot" + mount "/persist/current.squashfs" "$sysroot" + # fi + + eend $? + cat /proc/mounts | while read DEV DIR TYPE OPTS ; do + if [ "$DIR" != "/" -a "$DIR" != "$sysroot" -a -d "$DIR" ]; then + mkdir -p $sysroot/$DIR + mount -o move $DIR $sysroot/$DIR + fi + done + sync + exec /bin/busybox switch_root $switch_root_opts $sysroot "$KOPT_init" $KOPT_init_args + echo "initramfs emergency recovery shell launched" + exec /bin/busybox sh +fi diff --git a/kernel.ts b/kernel.ts index 84bcd21..150e14e 100644 --- a/kernel.ts +++ b/kernel.ts @@ -81,6 +81,11 @@ disable_trigger=yes` "utf-8" ) ).trim(); + // TODO: poner en un mejor lugar + await alpine.writeExecutable( + "/etc/mkinitfs/init", + await readFile("./initramfs-init", "utf-8") + ); // run mkinitfs manually as trigger was diabled await execFile("chroot", [ alpine.dir, @@ -89,6 +94,8 @@ disable_trigger=yes` "zstd", "-o", `/boot/initramfs-${kind}`, + "-i", + "/etc/mkinitfs/init", kernelRelease, ]); diff --git a/qemu.ts b/qemu.ts index 7eec185..ce5bcdb 100644 --- a/qemu.ts +++ b/qemu.ts @@ -1,6 +1,6 @@ -import { mkdtemp, rm } from "node:fs/promises"; +import { cp, mkdir, mkdtemp, rm } from "node:fs/promises"; import { tmpdir } from "node:os"; -import path from "node:path"; +import path, { join } from "node:path"; import { canAccess, execFile } from "./helpers/better-api.js"; import { sudoChownToRunningUser } from "./helpers/sudo.js"; @@ -23,10 +23,24 @@ export async function runQemu( await execFile("fallocate", ["--length", "1G", disk]); await execFile("mkfs.ext4", ["-F", disk]); } + { + const mountpoint = join(tmp, "persist-mount"); + await mkdir(mountpoint); + await execFile("sudo", ["mount", disk, mountpoint]); + try { + await execFile("sudo", [ + "cp", + squashfs, + join(mountpoint, "current.squashfs"), + ]); + } finally { + await execFile("sudo", ["umount", mountpoint]); + } + } let kernelAppend = [ "root=/dev/sda", - "rootfstype=squashfs", + "rootfstype=ext4", "modules=ext4", "quiet", "init=/sbin/runit-init", @@ -44,8 +58,8 @@ export async function runQemu( "-enable-kvm", "-m", "2048", - "-drive", - `file=${squashfs},media=disk,format=raw`, + // "-drive", + // `file=${squashfs},media=disk,format=raw`, "-drive", `file=${disk},media=disk,format=raw`, "-net",