install.sh: Add new install.sh and backup the old one as old.install.sh

dracut.module/dracut.conf: Add some tweaks. dracut.module/90metadata-collect/collect.sh: Scan only . (/sbin) for now.

install.sh: Add new install.sh and backup the old one as old.install.sh
dracut.module/dracut.conf: Add some tweaks. dracut.module/90metadata-collect/collect.sh: Scan only . (/sbin) for now.
df5cf71e · Ophélie Gagnard · be60a480 · df5cf71e · df5cf71e · df5cf71e
Commit df5cf71e authored Mar 25, 2022 by Ophélie Gagnard
4 changed files
--- a/dracut.module/90metadata-collect/collect.sh
+++ b/dracut.module/90metadata-collect/collect.sh
@@ -16,7 +16,8 @@ ls -Rl /etc >> $MCA_LOG_FILE
 echo "********** /lib **********" >> $MCA_LOG_FILE
 ls -Rl /lib >> $MCA_LOG_FILE

-sbin/metadata-collect-agent "$NEWROOT"
+#sbin/metadata-collect-agent "$NEWROOT"
+sbin/metadata-collect-agent .

 #sleep 10 " DEBUG

--- a/dracut.module/dracut.conf
+++ b/dracut.module/dracut.conf
@@ -3,7 +3,8 @@ add_dracutmodules="metadata-collect"
 compress=xz
 hostonly=no
 hostonly_cmdline=no
-kernel_cmdline="root=LABEL=ROOT ip=dhcp rd.neednet=1"
+#kernel_cmdline="root=LABEL=ROOT ip=dhcp rd.neednet=1"
+kernel_cmdline="ip=dhcp rd.neednet=1"
 show_modules=yes
 reproducible=yes
 #loginstall=./loginstall/

--- a/install.sh
+++ b/install.sh
-#!/bin/bash

-set -eux
+# Create an initramfs image
+dracut -c ./dracut.module/dracut.conf --force

-# installing miscellaneous useful packages
-apt -y install make autopoint autoconf libtool libattr1-dev musl-tools mmv sbsigntool
-# installing more necessary packages to activate Secure Boot with our own keys
-apt -y install efitools
-# installing (download and compile)a specific version of python to make sure the whole installation process work
-if [ ! -d "/opt/python-3.7.12/include/python3.7m" ]; then
-  wget https://www.python.org/ftp/python/3.7.12/Python-3.7.12.tgz
-  tar zxf Python-3.7.12.tgz
-  cd Python-3.7.12/
-  ./configure --prefix=/opt/python-3.7.12
-  make
-  make install
-  cd ..
-fi
-rm -f Python-3.7.12.tgz
-rm -rf Python-3.7.12/
-
-## Install dracut
-if ! which dracut ; then
-  wget http://ftp.us.debian.org/debian/pool/main/d/dracut/dracut-core_051-1_amd64.deb
-  wget http://ftp.us.debian.org/debian/pool/main/d/dracut/dracut_051-1_all.deb
-  wget http://ftp.us.debian.org/debian/pool/main/d/dracut/dracut-network_051-1_all.deb
-  apt -y install ./dracut-core_051-1_amd64.deb ./dracut_051-1_all.deb ./dracut-network_051-1_all.deb
-  rm dracut*.deb
-fi
-
-#if [ ! -e "$HOME/.cargo/bin" ]; then
-#  curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
-#fi
-#export PATH=$PATH:$HOME/.cargo/bin
-#rustup target add x86_64-unknown-linux-musl
-
-## Install others
-apt -y install libssl-dev
-# needed to build fmt library
-apt -y install cmake
-
-## Install Go
-# needed for dracut.module/ make install
-GOVERSION=1.16.5
-if [ ! -e "/usr/local/go/VERSION" ] || [ go${GOVERSION} != $(cat /usr/local/go/VERSION) ]; then
-  wget https://golang.org/dl/go${GOVERSION}.linux-amd64.tar.gz
-  rm -rf /usr/local/go
-  tar -C /usr/local -xzf go${GOVERSION}.linux-amd64.tar.gz
-  rm go*.tar.gz*
-  # TODO: write in /etc/profile.d/ instead
-  echo -e "\n" >> /etc/profile
-  echo 'export PATH=$PATH:/usr/local/go/bin' >> /etc/profile
-  source /etc/profile
-fi
-
-## Install Cython+
-# needed for scan-filesystem/ make nopython
-# WARNING: it does not differentiate Cython+ from Cython
-if ! which cython3 ; then
-  mkdir -p build_cythonplus && cd build_cythonplus
-  wget https://lab.nexedi.com/nexedi/cython/raw/debian/build_cythonplus
-  chmod 744 build_cythonplus
-  ./build_cythonplus
-  apt -y install ./cython3_*
-  cd ..
-fi
-
-## Install fmt library
-# needed for scan-filesystem/ make nopython
-if [ ! -d "fmt" ]; then
-  git clone https://github.com/fmtlib/fmt.git
-  cd fmt && mkdir -p build_fmt && cd build_fmt
-  cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE ..
-  make
-  make install
-  cd ../..
-fi
-
-cd dracut.module
-make install
-cd ..
-
-apt -y autoremove
-
-
-echo -e '\nInstallation finished.\nType ^C (ctrl+C) to exit.\nType Enter to proceed to building the UEFI application.\n'
-read
-
-## Build UEFI application
-
-if [ ! -e uefi-key ]; then
-  mkdir uefi-key
-  cd uefi-key
-  ../mkkeys.sh
-  cd ..
-fi
-if [ ! -e /etc/uefi-key ]; then
-  mkdir /etc/uefi-key
-  cp uefi-key/DB.cer /etc/uefi-key/db.cer
-  cp uefi-key/DB.crt /etc/uefi-key/db.crt
-  cp uefi-key/DB.key /etc/uefi-key/db.key
-fi
-
-# TODO: write a separate script: one to install stuff, the other to build the UEFI application
-: '
-# creates the keys needed to sign the UEFI application if they do not exist
-# when creating and copying (or simply copying) the keys in /etc/uefi-key/ by hand,
-# the following lines wont be executed
-if [ ! -e /etc/uefi-key/db.crt ]; then
-  openssl req -newkey rsa:2048 -nodes -keyout /etc/uefi-key/db.key -new -x509 -sha256 -days 36500 -subj "/CN=TEST" -out /etc/uefi-key/db.crt
-  openssl x509 -outform DER -in /etc/uefi-key/db.crt -out /etc/uefi-key/db.cer
-fi
-#'
-#source secure-boot-automation.sh
-
-rm -rf dracut_tmp
-mkdir dracut_tmp
-
-disk_info=$(/sbin/fdisk -l | grep '^/dev' | cut -d' ' -f1)
-
-disk_info_list=(${disk_info//' '/})
-
-
-/sbin/e2label ${disk_info_list[4]} ROOT
-
-rm -rf /boot/efi/EFI/Linux/*
-#mmv '/boot/efi/EFI/Linux/*.*' '/boot/efi/EFI/Linux/#1_1.#2'
-dracut --force  -c ./dracut.module/dracut.conf --confdir dracut_tmp
-
-cp -r /boot/efi/EFI /EFI
-#maybe not necessary
-cp /etc/uefi-key/db.cer /EFI/db.cer
-cp /etc/uefi-key/db.cer /boot/efi/db.cer
-uefi=$(ls /EFI/Linux)
-
-efibootmgr --quiet --create --disk ${disk_info_list[3]} --label 'debian UEFI test_root' --loader /EFI/Linux/$uefi
+# Set the image as a boot option
+efibootmgr --create --disk /dev/nvme1n1p1 --label "test_deploy" --loader /boot/efi/EFI/Linux/linux-5.10.0-11-amd64-7148af38f67e4d3d98495ccf849b82f4.efi
--- a/old.install.sh
+++ b/old.install.sh
+#!/bin/bash
+
+set -eux
+
+# installing miscellaneous useful packages
+apt -y install make autopoint autoconf libtool libattr1-dev musl-tools mmv sbsigntool
+# installing more necessary packages to activate Secure Boot with our own keys
+apt -y install efitools
+# installing (download and compile)a specific version of python to make sure the whole installation process work
+if [ ! -d "/opt/python-3.7.12/include/python3.7m" ]; then
+  wget https://www.python.org/ftp/python/3.7.12/Python-3.7.12.tgz
+  tar zxf Python-3.7.12.tgz
+  cd Python-3.7.12/
+  ./configure --prefix=/opt/python-3.7.12
+  make
+  make install
+  cd ..
+fi
+rm -f Python-3.7.12.tgz
+rm -rf Python-3.7.12/
+
+## Install dracut
+if ! which dracut ; then
+  wget http://ftp.us.debian.org/debian/pool/main/d/dracut/dracut-core_051-1_amd64.deb
+  wget http://ftp.us.debian.org/debian/pool/main/d/dracut/dracut_051-1_all.deb
+  wget http://ftp.us.debian.org/debian/pool/main/d/dracut/dracut-network_051-1_all.deb
+  apt -y install ./dracut-core_051-1_amd64.deb ./dracut_051-1_all.deb ./dracut-network_051-1_all.deb
+  rm dracut*.deb
+fi
+
+#if [ ! -e "$HOME/.cargo/bin" ]; then
+#  curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
+#fi
+#export PATH=$PATH:$HOME/.cargo/bin
+#rustup target add x86_64-unknown-linux-musl
+
+## Install others
+apt -y install libssl-dev
+# needed to build fmt library
+apt -y install cmake
+
+## Install Go
+# needed for dracut.module/ make install
+GOVERSION=1.16.5
+if [ ! -e "/usr/local/go/VERSION" ] || [ go${GOVERSION} != $(cat /usr/local/go/VERSION) ]; then
+  wget https://golang.org/dl/go${GOVERSION}.linux-amd64.tar.gz
+  rm -rf /usr/local/go
+  tar -C /usr/local -xzf go${GOVERSION}.linux-amd64.tar.gz
+  rm go*.tar.gz*
+  # TODO: write in /etc/profile.d/ instead
+  echo -e "\n" >> /etc/profile
+  echo 'export PATH=$PATH:/usr/local/go/bin' >> /etc/profile
+  source /etc/profile
+fi
+
+## Install Cython+
+# needed for scan-filesystem/ make nopython
+# WARNING: it does not differentiate Cython+ from Cython
+if ! which cython3 ; then
+  mkdir -p build_cythonplus && cd build_cythonplus
+  wget https://lab.nexedi.com/nexedi/cython/raw/debian/build_cythonplus
+  chmod 744 build_cythonplus
+  ./build_cythonplus
+  apt -y install ./cython3_*
+  cd ..
+fi
+
+## Install fmt library
+# needed for scan-filesystem/ make nopython
+if [ ! -d "fmt" ]; then
+  git clone https://github.com/fmtlib/fmt.git
+  cd fmt && mkdir -p build_fmt && cd build_fmt
+  cmake -DCMAKE_POSITION_INDEPENDENT_CODE=TRUE ..
+  make
+  make install
+  cd ../..
+fi
+
+cd dracut.module
+make install
+cd ..
+
+apt -y autoremove
+
+
+echo -e '\nInstallation finished.\nType ^C (ctrl+C) to exit.\nType Enter to proceed to building the UEFI application.\n'
+read
+
+## Build UEFI application
+
+if [ ! -e uefi-key ]; then
+  mkdir uefi-key
+  cd uefi-key
+  ../mkkeys.sh
+  cd ..
+fi
+if [ ! -e /etc/uefi-key ]; then
+  mkdir /etc/uefi-key
+  cp uefi-key/DB.cer /etc/uefi-key/db.cer
+  cp uefi-key/DB.crt /etc/uefi-key/db.crt
+  cp uefi-key/DB.key /etc/uefi-key/db.key
+fi
+
+# TODO: write a separate script: one to install stuff, the other to build the UEFI application
+: '
+# creates the keys needed to sign the UEFI application if they do not exist
+# when creating and copying (or simply copying) the keys in /etc/uefi-key/ by hand,
+# the following lines wont be executed
+if [ ! -e /etc/uefi-key/db.crt ]; then
+  openssl req -newkey rsa:2048 -nodes -keyout /etc/uefi-key/db.key -new -x509 -sha256 -days 36500 -subj "/CN=TEST" -out /etc/uefi-key/db.crt
+  openssl x509 -outform DER -in /etc/uefi-key/db.crt -out /etc/uefi-key/db.cer
+fi
+#'
+#source secure-boot-automation.sh
+
+rm -rf dracut_tmp
+mkdir dracut_tmp
+
+disk_info=$(/sbin/fdisk -l | grep '^/dev' | cut -d' ' -f1)
+
+disk_info_list=(${disk_info//' '/})
+
+
+/sbin/e2label ${disk_info_list[4]} ROOT
+
+rm -rf /boot/efi/EFI/Linux/*
+#mmv '/boot/efi/EFI/Linux/*.*' '/boot/efi/EFI/Linux/#1_1.#2'
+dracut --force  -c ./dracut.module/dracut.conf --confdir dracut_tmp
+
+cp -r /boot/efi/EFI /EFI
+#maybe not necessary
+cp /etc/uefi-key/db.cer /EFI/db.cer
+cp /etc/uefi-key/db.cer /boot/efi/db.cer
+uefi=$(ls /EFI/Linux)
+
+efibootmgr --quiet --create --disk ${disk_info_list[3]} --label 'debian UEFI test_root' --loader /EFI/Linux/$uefi