Add root.mount to ignored files

diff --git a/.gitignore b/.gitignore
index dff65a8390d56139a75ac0a2ed6ac2e3c2cbcc95..06dc2f0c0f3fb7972c946d113e1935a6ddd51b07 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,6 @@
 root
 root.conf
+root.mount
 root.tar.xz
 lib/config.sh
 ihttpd-*.rpm

diff --git a/config/flavour.conf b/config/flavour.conf
index 8881256aebaebe75731044c29c054983b3a9d635..a6744fa813734e5bf268a40246917cefc8572e11 100644 (file)
--- a/config/flavour.conf
+++ b/config/flavour.conf
@@ -1,4 +1,4 @@
-# Mageia arch (i586|x86_64)
+# Mageia arch (aarch64|i586|x86_64)
 ARCH='x86_64'
-# Mageia release (1|2|3|4|5|6|cauldron)
-MGARELEASE='7'
+# Mageia release (1|2|3|4|5|6|7|8|9|cauldron)
+MGARELEASE='9'

diff --git a/cook b/cook
index c3d1a4fba25f078704d1fd89e6d0e2af48ee4931..5b50b50ec364aa8e0b5aad7d0b4ad5fbe1c378ea 100755 (executable)
--- a/cook
+++ b/cook
@@ -11,7 +11,7 @@ cat config/*.conf | perl -pne 'if (/^#/) {undef $_;} else {s/^/export /;}' >> li
 . lib/config.sh
 
 # Configure urpmi
-#. lib/urpmi.sh
+. lib/urpmi.sh
 
 # Install rpm
 . lib/install.sh

diff --git a/lib/install.sh b/lib/install.sh
index c3be52159b7a411bde35aab6bad727d085c98321..43120cf957d1daeea3939eb514c8e062abd2a485 100755 (executable)
--- a/lib/install.sh
+++ b/lib/install.sh
@@ -80,7 +80,7 @@ LC_ALL=C urpmi --downloader=wget --no-verify-rpm --no-recommends --noclean --aut
        mdadm \
        microcode \
        mirrordir \
-       mlocate \
+       plocate \
        msec \
        nail \
        ntfs-3g \
@@ -95,7 +95,6 @@ LC_ALL=C urpmi --downloader=wget --no-verify-rpm --no-recommends --noclean --aut
        rsnapshot \
        rsync \
        screen \
-       sectool \
        shorewall \
        shorewall-ipv6 \
        smartmontools \

diff --git a/lib/pattern.sh b/lib/pattern.sh
index ee96decda60a7554f9f9bf468a8bf58e2ccb9792..4c167fb132a486c1a070187e162e200b6760cc55 100755 (executable)
--- a/lib/pattern.sh
+++ b/lib/pattern.sh
@@ -4,7 +4,8 @@
 perl -pne 's%(?:(COMP_CONFIGURE_HINTS|COMP_TAR_INTERNAL_PATHS)=1?)%${1}=1%' -i "$PWD/root/etc/sysconfig/bash-completion"
 
 #Disable gpg agent
-perl -pne 's%(?:(START_GPGAGENT|START_GPGAGENT_SH)=(?:"?(no|yes)"?)?)%${1}="no"%' -i "$PWD/root/etc/sysconfig/gnupg2"
+#XXX: moved to a user systemd service
+#perl -pne 's%(?:(START_GPGAGENT|START_GPGAGENT_SH)=(?:"?(no|yes)"?)?)%${1}="no"%' -i "$PWD/root/etc/sysconfig/gnupg2"
 
 #Locale config
 cat << EOF > "$PWD/root/etc/vconsole.conf"
@@ -82,13 +83,21 @@ DHCP=yes
 EOF
 fi
 
+#Mysql
+mkdir -p "$PWD/root/var/lib/mysql"
+
+#Mail
+mkdir -p "$PWD/root/var/spool/mail"
+
 #Fstab
 cat << EOF > "$PWD/root/etc/fstab"
-UUID=${BOOTUUID}       /boot   ext3    defaults,noatime 1 2
-UUID=${DATAUUID}       /       btrfs   subvol=/slash,defaults,relatime 1 1
-UUID=${SWAPAUUID}      none    swap    sw 0 0
-UUID=${SWAPBUUID}      none    swap    sw 0 0
-UUID=${DATAUUID}       /home   btrfs   subvol=/home,defaults,relatime 1 1
+UUID=${BOOTUUID}       /boot           ext3    defaults,noatime 1 2
+UUID=${DATAUUID}       /               btrfs   subvol=/slash,defaults,relatime 1 1
+UUID=${SWAPAUUID}      none            swap    sw 0 0
+UUID=${SWAPBUUID}      none            swap    sw 0 0
+UUID=${DATAUUID}       /home           btrfs   subvol=/home,defaults,relatime 1 1
+UUID=${DATAUUID}       /var/lib/mysql  btrfs   subvol=/mysql,defaults,relatime 1 1
+UUID=${DATAUUID}       /var/spool/mail btrfs   subvol=/mail,defaults,relatime 1 1
 proc                                           /proc   proc    defaults 0 0
 EOF
 
@@ -221,14 +230,38 @@ chroot "$PWD/root" /usr/sbin/sshd-keygen
 #XXX: forced because msec decides otherwise
 perl -pne 's%^PermitRootLogin .*%PermitRootLogin yes%' -i "$PWD/root/etc/ssh/sshd_config"
 
-# Add rsa key if available
-#XXX: dsa is unsupported anymore
-if [ -e "$HOME/.ssh/id_rsa.pub" ]; then
-       [ ! -d "$PWD/root/root/.ssh" ] && mkdir -m 0700 "$PWD/root/root/.ssh"
-       cp -f "$HOME/.ssh/id_rsa.pub" "$PWD/root/root/.ssh/authorized_keys"
+# Prevent btmp warning
+cat << EOF > "$PWD/root/etc/tmpfiles.d/var.conf"
+# See tmpfiles.d(5) for details
+
+# Prevent msec warning about enforcing permissions
+f /var/log/btmp 0600 root utmp -
+EOF
+
+# Authorized keys
+if [ -e "$HOME/.ssh/id_rsa.pub" -o -e "$HOME/.ssh/id_ed25519.pub" ]; then
+       mkdir -m 0700 "$PWD/root/root/.ssh"
+       touch "$PWD/root/root/.ssh/authorized_keys"
+       chmod u=rw,go=r "$PWD/root/root/.ssh/authorized_keys"
+
+       # Add rsa key if available
+       if [ -e "$HOME/.ssh/id_rsa.pub" ]; then
+               cat "$HOME/.ssh/id_rsa.pub" >> "$PWD/root/root/.ssh/authorized_keys"
+       fi
+
+       # Add ed25519 key if available
+       if [ -e "$HOME/.ssh/id_ed25519.pub" ]; then
+               cat "$HOME/.ssh/id_ed25519.pub" >> "$PWD/root/root/.ssh/authorized_keys"
+       fi
 fi
 
 #TODO ntp /etc/systemd/timesyncd.conf
 
+# Force enable systemd-networkd.service
+chroot "$PWD/root" /usr/bin/systemctl enable systemd-networkd.service
+
+# Force enable systemd-resolved.service
+chroot "$PWD/root" /usr/bin/systemctl enable systemd-resolved.service
+
 # Cleanup tmp and run
 rm -fr $PWD/root/tmp/* $PWD/root/run/*

diff --git a/lib/urpmi.sh b/lib/urpmi.sh
index 5d72d1cf8fd5b0d653889df4f35857f78b49cb87..98e138ec830883ad2a9ddc4ce722e4f9334efb37 100755 (executable)
--- a/lib/urpmi.sh
+++ b/lib/urpmi.sh
@@ -1,6 +1,6 @@
 #! /bin/sh -e
 urpmi.removemedia -a
 urpmi.addmedia --distrib --all-media --mirrorlist http://mirrors.mageia.org/api/mageia.$MGARELEASE.$ARCH.list
-perl -pne 's%(.*testing.*) {\n%\1 {\n  ignore\n%i' -i /etc/urpmi/urpmi.cfg
+perl -pne 's%(.*(?:testing|debug|sources).*) {\n%\1 {\n  ignore\n%i' -i /etc/urpmi/urpmi.cfg
 #remove distrib-coffee line from mirrors cache
 #perl -pne 'undef $/; s% +{(?:\n +.(?:country|proximity|longitude|arch|version|zone|latitude).[^,]+,){7}\n +.url.[^,]+distrib-coffee[^,]+,(?:\n +.(?:type|proximity_corrected).[^,]+,){2}\n%%' -i /var/cache/urpmi/mirrors.cache