will be down from Thursday, 20 March 2025, 07:30:00 UTC for a duration of approximately 2 hours

Commit 4fd210a1 authored by iv's avatar iv

[nayuos] Consolidate changes from Isabelle and Tristain

-  improve bashrc file
-  drop nodejs package which was causing troubles
-  add nayuos policy for duckduckgo to be the default search engine
-  refactor build script
parent a21caad5
# NayuOS
This is a SlapOS recipe to build NayuOS. It needs to be put in the <code>/srv/slapgrid/\<part\>/srv/runner/project/slapos/software/</code> directory. The created directory is called <code>\<nayuos_build_dirname\></code> in this documentation.
This is a SlapOS recipe to build NayuOS.
## License
......@@ -8,42 +8,61 @@ GPL v2 or later
## Requirements
* sudo on the host (for now)
* some environment variables need to be authorized to be propagated when cros_sdk calls sudo:
* sudo on the host
* environment variables need to be authorized to be propagated when cros_sdk calls sudo: `: Defaults env_keep += "CROS_CACHEDIR DEPOT_TOOLS"`
* slapuser with sudo rights to execute the cros_sdk scripts (needed to access the chroot environment provided by Chromium OS)
in /etc/sudoers (replace slapuser9 by your user, and release-R48-7647.B by the release you have chosen): `: slapuser9 ALL=NOPASSWD: /srv/slapgrid/slappart9/srv/runner/instance/slappart0/parts/chromiumos/release-R48-7647.B/chromite/bin/cros_sdk, /srv/slapgrid/slappart9/srv/runner/instance/slappart0/wrapper_bin/wrapper_cros_sdk, /bin/kill`
: Defaults env_keep += "CROS_CACHEDIR DEPOT_TOOLS"
It's useful to have the right to kill cros_sdk processes, when needed. ;)
* slapuser with sudo rights to execute the cros_sdk scripts (needed to access the chroot environment provided by Chromium OS)
in /etc/sudoers (replace slapuser9 by your user, and release-R48-7647.B by the release you have chosen):
## Technical notes
: slapuser9 ALL=NOPASSWD: /srv/slapgrid/slappart9/srv/runner/instance/slappart0/parts/chromiumos/release-R48-7647.B/chromite/bin/cros_sdk, /srv/slapgrid/slappart9/srv/runner/instance/slappart0/wrapper_bin/wrapper_cros_sdk, /bin/kill
After any change to the build process it is necessary to delete (using sudo)
the building environment at `~/srv/runner/instance/slappart0/parts/chromiumos/<TAG>`.
BEWARE that the web runner is serving images for the [official website](
NayuOS and ChromiumOS is "just" a version of Gentoo. Thus it uses `ebuild` packages
and anything installable in Gentoo can be installed to NayuOS too. Of course only
during OS build phase and one has to count with limited space.
### Upgrading (building new image)
Please read **Requirements** section carefully. After selecting your desired
`release` from the list <>
it is **necessary** to add `sudo` rules for that release as shown there.
It's useful to have the right to kill cros_sdk processes, when needed. ;)
## Input
In the vifib parameters (softinst\<nb\> \> Services \> Parameters):
* board / ex: peppy, swanky, ... (choosing daisy will accept all licenses for the daisy board build only, in order to use Mali drivers, see [chromium mailing list](!topic/chromium-os-dev/Pf9ZG2itxWM))
* branch / ex: release-R46-7390.B (you can find the release in the [Chromium OS source tree](
* keep_cache / yes|no (choosing "no" saves about 15Go of disk space per board, choosing "yes" will makes next build faster and less expensive in term of needed ressources because of not rebuilding everything)
* **board** / ex: peppy, swanky, ... (choosing daisy will accept all licenses for the daisy board build only, in order to use Mali drivers, see [chromium mailing list](!topic/chromium-os-dev/Pf9ZG2itxWM))
* **branch** / ex: release-R46-7390.B (you can find the release in the [Chromium OS source tree](
* **keep_cache** / yes|no (choosing "no" saves about 15Go of disk space per board, choosing "yes" will makes next build faster and less expensive in term of needed ressources because of not rebuilding everything)
## Output
The image will be produced in:
and the logs are in:
<code>/srv/slapgrid/\<part\>/srv/runner/instance/\<inst_part\>/var/log/cros_sources_dl.log</code> and <code>/srv/slapgrid/\<part\>/srv/runner/instance/\<inst_part\>/var/log/cros_build.log</code>
The script that download the sources and build is located in
Software release produces a build script `<instance_partition>/etc/run/cros_full_build`.
Build produces
* Image: `<instance_partition>/parts/chromiumos/images/`
* Compilation logs: `<instance_partition>/var/log/cros_sources_dl.log`
* Build logs: `<instance_partition>/var/log/cros_build.log`
## External documents
* [ <code>repo</code> command reference ](
* [ NayuOS official website ](
* [ `repo` command reference ](
* [ NayuOS official website ](
* [ crouton for chroot ]( ([warning about verified boot](
## Notes for possible improvements
* [ Running virtual machines on your chromebook ](
* to have a more common User Agent (the one of ChromiumOS/NayuOS is quite rare and identifies the user, see [studies of the EFF](, it seems possible to change the User-Agent flag for guest mode in the getOffTheRecord function, and adding a line (key "kUserAgent" , value "some common user agent" string). Then rebuild Chromium and [add it to NayuOS](
* remove need of root priviledge for entering the chroot, maybe by using fakeroot in 'scripts/'?
* change more options on Chromium OS "Privacy" part by default: there are [a few options]( which still use Google services
* provide ChromiumOS package manager [ chromebrew ]( by default
parts =
# eggs given by software.cfg
# standard declaration of eggs directories
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
......@@ -16,6 +17,7 @@ develop-eggs-directory = {{ develop_eggs_directory }}
recipe =
repository =
branch = master
git-executable = {{ git_path }}/git
# add depot tools directory (for cros_sdk binary among others) and git directory to the path
......@@ -25,6 +27,8 @@ command =
recipe =
repository =
branch = master
git-executable = {{ git_path }}/git
......@@ -44,6 +48,7 @@ cert = ${slap_connection:cert_file}
recipe = slapos.cookbook:mkdirectory
log = ${buildout:directory}/var/log
run = ${buildout:directory}/etc/run
promise = ${buildout:directory}/etc/promise
wrapper_dir = ${buildout:directory}/wrapper_bin
cros_location = ${buildout:directory}/parts/chromiumos
ebuilds_dir = ${nayuos-ebuilds:location}
......@@ -55,6 +60,13 @@ wrapper_cros_sdk=${directory:wrapper_dir}/wrapper_cros_sdk
# assert sudo is installed on the slapos host, as it is required to enter the
# chroot 'cros_sdk'
recipe = slapos.cookbook:wrapper
wrapper-path = !py! '${directory:promise}/' + '${:_buildout_section_name_}'[8:]
command-line = sudo -V
recipe = slapos.recipe.template:jinja2
template = {{ scripts_dir }}/
......@@ -75,7 +87,7 @@ mode = 0700
context =
# XXX bash path is the one from the host
key bash_path bin:bash
raw git_path {{ git_path }}
raw git_path {{ git_path }}
raw curl_path {{ curl_path }}
......@@ -84,17 +96,18 @@ context =
recipe = slapos.recipe.template:jinja2
template = {{ scripts_dir }}/
rendered = ${directory:run}/cros_full_build
md5sum = 75599e6b8418a5f3756c7c7b26600399
md5sum = 2bb9dd83260ea96dd6a6602f6faa9794
mode = 0700
context =
key bash_path bin:bash
key instance_log_dir directory:log
key cros_location directory:cros_location
key export_path_cmd customize-path:command
key branch parameters:configuration.branch
key boards_list parameters:configuration.boards
key keep_cache parameters:configuration.keep_cache
key ebuilds_dir directory:ebuilds_dir
key scripts_dir directory:scripts_dir
key logo_dir directory:logo_dir
raw nayu_dev_packages net-libs/nodejs net-misc/re6stnet dev-vcs/git dev-python/flask dev-python/virtualenv sys-fs/cryptsetup
key bash_path bin:bash
key instance_log_dir directory:log
key cros_location directory:cros_location
key export_path_cmd customize-path:command
key branch parameters:configuration.branch
key boards_list parameters:configuration.boards
key keep_cache parameters:configuration.keep_cache
key ebuilds_dir directory:ebuilds_dir
key scripts_dir directory:scripts_dir
key logo_dir directory:logo_dir
raw nayu_dev_rootfs_packages app-misc/nayuos-chromium-policy
raw nayu_dev_packages net-misc/re6stnet dev-vcs/git dev-python/flask dev-python/virtualenv sys-fs/cryptsetup
This diff is collapsed.
......@@ -14,8 +14,10 @@ ORIGINAL_GRANDENET_SCRIPT=~/trunk/src/third_party/chromiumos-overlay/net-misc/re
EXPECTED_ALIAS="alias git='git --exec-path=/usr/local/libexec/git-core/'"
GIT_EXPECTED_EXPORT="export GIT_EXEC_PATH=/usr/local/libexec/git-core"
......@@ -32,14 +34,17 @@ function print_result() {
install -d ${MOUNTPOINT}
install -d "${MOUNTPOINT}"
./ --safe -f $( ./ --board=${BOARD} ) -r ${MOUNTPOINT}
echo $(ls "${MOUNTPOINT}/usr/local")
if [[ $(ls "${MOUNTPOINT}/usr/local") ]] ; then
opensshd_config=$(ls "${MOUNTPOINT}/${INIT_SSH_SERVER}")
gitalias=$(grep "${EXPECTED_ALIAS}" "${MOUNTPOINT}/${BASHRC}")
gitcore=$(ls "${MOUNTPOINT}/${GIT_CORE}")
gitexport=$(grep "${GIT_EXPECTED_EXPORT}" "${MOUNTPOINT}/${BASHRC}")
virtualenvbin=$(ls "${MOUNTPOINT}/${VIRTUALENV_BIN}")
chromium_policy=$(ls "${MOUNTPOINT}/${CHROMIUM_POLICY}")
......@@ -50,7 +55,7 @@ rmdir ${MOUNTPOINT}
echo "* test if /usr/local exists"
if [[ ${is_empty} == 1 ]] ; then
if [[ "${is_empty}" == "1" ]] ; then
print_result ${FAILURE} "/usr/local is empty."
print_result ${SUCCESS} "/usr/local is not empty."
......@@ -71,10 +76,18 @@ else
print_result ${SUCCESS} "opensshd config removed."
echo "* test git quick fix for option --exec-path"
echo "* test if git core directory is not empty"
if [[ "${gitcore}" == "" ]] ; then
print_result ${FAILURE} "No git file in ${MOUNTPOINT}/${GIT_CORE}."
print_result ${SUCCESS} "git core directory exists and is not empty."
echo "* test bashrc changes for git paths quick fix"
if [[ ${gitalias} == "" ]] ; then
print_result ${FAILURE} "Expected alias for git command not in ${MOUNTPOINT}/${BASHRC}. Should be: ${EXPECTED_ALIAS}"
if [[ "${gitexport}" == "" ]] ; then
print_result ${FAILURE} "Expected alias for git command not in ${MOUNTPOINT}/${BASHRC}. There should be: ${GIT_EXPECTED_EXPORT}"
print_result ${SUCCESS} "git alias is correct."
......@@ -86,6 +99,14 @@ else
print_result ${FAILURE} "Expected virtualenv binary not in ${MOUNTPOINT}/${VIRTUALENV_BIN}."
echo "* test if Chromium policies are installed"
if [[ ${chromium_policy} ]] ; then
print_result ${SUCCESS} "Chromium policies are installed."
print_result ${FAILURE} "Expected Chromium policies file not in ${MOUNTPOINT}/${CHROMIUM_POLICY}."
exit ${HAS_FAILED}
......@@ -6,19 +6,19 @@ extends =
parts +=
# use stack/slapos.cfg
# 2017-06-28: XXX is this really necessary? Remove after successful build
#add eggs needed by the instance
#find-links +=
versions = versions
slapos.recipe.template = 3.0
recipe = plone.recipe.command
stop-on-error = true
# run the same command when installing and on updates
update-command = ${:command}
command = sudo -V
# create the instance.cfg file in the buildout directory
......@@ -26,24 +26,17 @@ command = sudo -V
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/instance.cfg
rendered = ${buildout:directory}/instance.cfg
md5sum = be6bd665c0b356a84090d200ea14b33c
mode = 0644
md5sum = 085560ea84a5a7f633de0ef63a6ba7aa
scripts_dir = ${:_profile_base_location_}/scripts
logo_dir = ${:_profile_base_location_}/logo
curl_path = ${curl:location}/bin
git_path = ${git:location}/bin
context =
# for access to the eggs from the instance
key eggs_directory buildout:eggs-directory
key develop_eggs_directory buildout:develop-eggs-directory
key scripts_dir :scripts_dir
key logo_dir :logo_dir
key curl_path :curl_path
key git_path :git_path
key scripts_dir :scripts_dir
key logo_dir :logo_dir
key curl_path :curl_path
key git_path :git_path
key eggs_directory buildout:eggs-directory
key develop_eggs_directory buildout:develop-eggs-directory
# after installation of the eggs, the recipes
# will be available (added to sys.path)
recipe = zc.recipe.egg
eggs =
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment