mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-27 16:41:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
flatcar-scripts/build_library/prod_image_util.sh
Michael Marineau 70051bf6ef prod_image_util: install GCC libraries to /usr/lib 
Normally GCC is installed in a way that allows installing multiple
versions and switching between them. Our production images do not need
this and additionally the only things from the GCC package that are
needed are the shared libraries. To ensure these libraries are *always*
locatable regardless of the presence of /etc/ld.so.conf and
/etc/ld.so.cache we can install those libraries to plain old /usr/lib.
The GCC packages don't have a built in way to do this but we can get
away with extracting the libraries directly from the binary package.

This is actually similar to what ChromeOS did with a few exceptions:
 - We use a native GCC build instead of the cross toolchain
 - The archive is properly extracted from the package instead of feeding
   the package directly to tar and ignoring the resulting warnings.

As an added benefit switching from a blacklist to a whitelist ensures
that extra cruft does not slip through the cracks, saving 5-10MB.
2014-08-27 20:23:39 -07:00

97 lines
3.5 KiB
Bash
Executable File
Raw Blame History

# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
# Copyright (c) 2013 The CoreOS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# The GCC package includes both its libraries and the compiler.
# In prod images we only need the shared libraries.
extract_prod_gcc() {
local root_fs_dir="$1"; shift
local gcc=$(portageq-${BOARD} best_version "${BOARD_ROOT}" sys-devel/gcc)
local pkg="$(portageq-${BOARD} pkgdir)/${gcc}.tbz2"
if [[ ! -f "${pkg}" ]]; then
die "Binary package missing: $pkg"
fi
# Normally GCC's shared libraries are installed to:
# /usr/lib/gcc/x86_64-cros-linux-gnu/$version/*
# Instead we extract them to plain old /usr/lib
qtbz2 -O -t "${pkg}" | \
sudo tar -C "${root_fs_dir}" -xj \
--transform 's#/usr/lib/.*/#/usr/lib/#' \
--wildcards './usr/lib/gcc/*.so*'
package_provided "${gcc}"
}
create_prod_image() {
local image_name="$1"
local disk_layout="$2"
local update_group="$3"
info "Building production image ${image_name}"
local root_fs_dir="${BUILD_DIR}/rootfs"
local image_contents="${image_name%.bin}_contents.txt"
local image_packages="${image_name%.bin}_packages.txt"
start_image "${image_name}" "${disk_layout}" "${root_fs_dir}" "${update_group}"
# Install minimal GCC (libs only) and then everything else
set_image_profile prod
extract_prod_gcc "${root_fs_dir}"
emerge_to_image "${root_fs_dir}" coreos-base/coreos
write_packages "${root_fs_dir}" "${BUILD_DIR}/${image_packages}"
# Assert that if this is supposed to be an official build that the
# official update keys have been used.
if [[ ${COREOS_OFFICIAL:-0} -eq 1 ]]; then
grep -q official \
"${root_fs_dir}"/var/db/pkg/coreos-base/coreos-au-key-*/USE \
|| die_notrace "coreos-au-key is missing the 'official' use flag"
fi
# clean-ups of things we do not need
sudo rm ${root_fs_dir}/etc/csh.env
sudo rm -rf ${root_fs_dir}/var/db/pkg
sudo rm ${root_fs_dir}/var/db/Makefile
sudo rm ${root_fs_dir}/etc/locale.gen
sudo rm -rf ${root_fs_dir}/etc/lvm/
# Move the ld.so configs into /usr so they can be symlinked from /
sudo mv ${root_fs_dir}/etc/ld.so.conf ${root_fs_dir}/usr/lib
sudo mv ${root_fs_dir}/etc/ld.so.conf.d ${root_fs_dir}/usr/lib
sudo ln --symbolic ../usr/lib/ld.so.conf ${root_fs_dir}/etc/ld.so.conf
# Add a tmpfiles rule that symlink ld.so.conf from /usr into /
sudo tee "${root_fs_dir}/usr/lib64/tmpfiles.d/baselayout-ldso.conf" \
> /dev/null <<EOF
L+ /etc/ld.so.conf - - - - ../usr/lib/ld.so.conf
EOF
# clear them out explicitly, so this fails if something else gets dropped
# into xinetd.d
sudo rm ${root_fs_dir}/etc/xinetd.d/rsyncd
sudo rmdir ${root_fs_dir}/etc/xinetd.d
# Only try to disable rw on /usr if there is a /usr partition
local disable_read_write=${FLAGS_enable_rootfs_verification}
if ! mountpoint -q "${root_fs_dir}/usr"; then
disable_read_write=${FLAGS_FALSE}
fi
finish_image "${disk_layout}" "${root_fs_dir}" "${image_contents}"
# Make the filesystem un-mountable as read-write.
if [[ ${disable_read_write} -eq ${FLAGS_TRUE} ]]; then
"${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \
tune --disable2fs_rw "${BUILD_DIR}/${image_name}" "USR-A"
fi
upload_image -d "${BUILD_DIR}/${image_name}.bz2.DIGESTS" \
"${BUILD_DIR}/${image_contents}" \
"${BUILD_DIR}/${image_packages}" \
"${BUILD_DIR}/${image_name}"
}
Reference in New Issue View Git Blame Copy Permalink