From d78b5b8e8de6ab2f78ab3ab8ac29009c57cef70a Mon Sep 17 00:00:00 2001 From: adi1090x Date: Fri, 7 Oct 2022 11:49:14 +0530 Subject: [PATCH] Added XFCE ISO profile --- .gitignore | 5 + .../etc/X11/xorg.conf.d/02-touchpad-ttc.conf | 6 + profile/airootfs/etc/environment | 8 + profile/airootfs/etc/group | 18 + profile/airootfs/etc/gshadow | 18 + profile/airootfs/etc/hostname | 1 + profile/airootfs/etc/locale.conf | 1 + profile/airootfs/etc/localtime | 1 + profile/airootfs/etc/mkinitcpio.conf | 67 + .../airootfs/etc/mkinitcpio.d/linux.preset | 8 + .../airootfs/etc/modprobe.d/broadcom-wl.conf | 7 + profile/airootfs/etc/motd | 9 + .../etc/pacman.d/hooks/uncomment-mirrors.hook | 13 + ...z99-remove-custom-hooks-from-airootfs.hook | 18 + profile/airootfs/etc/passwd | 2 + .../localauthority/50-local.d/10-udisks.pkla | 14 + .../50-org.freedesktop.NetworkManager.rules | 5 + .../etc/polkit-1/rules.d/50-udiskie.rules | 25 + .../rules.d/allow-mount-internal.rules | 8 + .../polkit-1/rules.d/always-allow-wheel.rules | 7 + .../rules.d/udisks-no-consolekit.rules | 10 + profile/airootfs/etc/resolv.conf | 1 + profile/airootfs/etc/sddm.conf | 38 + .../etc/sddm.conf.d/kde_settings.conf | 17 + profile/airootfs/etc/shadow | 2 + profile/airootfs/etc/ssh/sshd_config | 116 ++ profile/airootfs/etc/sudoers.d/01_pw_feedback | 1 + profile/airootfs/etc/sudoers.d/02_g_wheel | 1 + .../journald.conf.d/volatile-storage.conf | 2 + .../systemd/logind.conf.d/do-not-suspend.conf | 4 + .../etc/systemd/network/20-ethernet.network | 21 + .../etc/systemd/network/20-wlan.network | 17 + .../etc/systemd/network/20-wwan.network | 17 + .../systemd-gpt-auto-generator | 1 + .../bluetooth.target.wants/bluetooth.service | 1 + .../etc/systemd/system/choose-mirror.service | 10 + .../cloud-config.service | 1 + .../cloud-final.service | 1 + .../cloud-init-local.service | 1 + .../cloud-init.service | 1 + .../etc/systemd/system/dbus-org.bluez.service | 1 + ...dbus-org.freedesktop.ModemManager1.service | 1 + ...dbus-org.freedesktop.nm-dispatcher.service | 1 + .../dbus-org.freedesktop.resolve1.service | 1 + .../etc/systemd/system/default.target | 1 + .../systemd/system/display-manager.service | 1 + .../systemd/system/etc-pacman.d-gnupg.mount | 8 + .../ModemManager.service | 1 + .../NetworkManager.service | 1 + .../choose-mirror.service | 1 + .../hv_fcopy_daemon.service | 1 + .../hv_kvp_daemon.service | 1 + .../hv_vss_daemon.service | 1 + .../pacman-init.service | 1 + .../qemu-guest-agent.service | 1 + .../multi-user.target.wants/reflector.service | 1 + .../multi-user.target.wants/sshd.service | 1 + .../systemd-resolved.service | 1 + .../vboxservice.service | 1 + .../multi-user.target.wants/vmtoolsd.service | 1 + .../vmware-vmblock-fuse.service | 1 + .../wpa_supplicant.service | 1 + .../NetworkManager-wait-online.service | 1 + .../etc/systemd/system/pacman-init.service | 13 + .../system/reflector.service.d/archiso.conf | 6 + .../system/sockets.target.wants/cups.socket | 1 + .../etc/udev/rules.d/70-backlight.rules | 2 + profile/airootfs/etc/vconsole.conf | 3 + .../airootfs/etc/xdg/reflector/reflector.conf | 8 + profile/airootfs/root/.automated_script.sh | 34 + profile/airootfs/root/.zlogin | 6 + profile/airootfs/root/customize_airootfs.sh | 141 ++ profile/airootfs/usr/local/bin/choose-mirror | 28 + profile/bootstrap_packages.x86_64 | 2 + .../entries/01-archcraftiso-x86_64-linux.conf | 7 + profile/efiboot/loader/loader.conf | 3 + profile/grub/grub.cfg | 62 + profile/mkarchcraftiso | 1762 +++++++++++++++++ profile/packages.x86_64 | 343 ++++ profile/pacman.conf | 105 + profile/profiledef.sh | 26 + profile/syslinux/archcraftiso_head.cfg | 42 + profile/syslinux/archcraftiso_pxe-linux.cfg | 20 + profile/syslinux/archcraftiso_pxe.cfg | 5 + profile/syslinux/archcraftiso_sys-linux.cfg | 6 + profile/syslinux/archcraftiso_sys.cfg | 8 + profile/syslinux/archcraftiso_tail.cfg | 17 + profile/syslinux/splash.png | Bin 0 -> 9196 bytes profile/syslinux/syslinux.cfg | 11 + 89 files changed, 3195 insertions(+) create mode 100644 .gitignore create mode 100644 profile/airootfs/etc/X11/xorg.conf.d/02-touchpad-ttc.conf create mode 100644 profile/airootfs/etc/environment create mode 100644 profile/airootfs/etc/group create mode 100644 profile/airootfs/etc/gshadow create mode 100644 profile/airootfs/etc/hostname create mode 100644 profile/airootfs/etc/locale.conf create mode 120000 profile/airootfs/etc/localtime create mode 100644 profile/airootfs/etc/mkinitcpio.conf create mode 100644 profile/airootfs/etc/mkinitcpio.d/linux.preset create mode 100644 profile/airootfs/etc/modprobe.d/broadcom-wl.conf create mode 100644 profile/airootfs/etc/motd create mode 100644 profile/airootfs/etc/pacman.d/hooks/uncomment-mirrors.hook create mode 100644 profile/airootfs/etc/pacman.d/hooks/zzzz99-remove-custom-hooks-from-airootfs.hook create mode 100644 profile/airootfs/etc/passwd create mode 100644 profile/airootfs/etc/polkit-1/localauthority/50-local.d/10-udisks.pkla create mode 100644 profile/airootfs/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules create mode 100644 profile/airootfs/etc/polkit-1/rules.d/50-udiskie.rules create mode 100644 profile/airootfs/etc/polkit-1/rules.d/allow-mount-internal.rules create mode 100644 profile/airootfs/etc/polkit-1/rules.d/always-allow-wheel.rules create mode 100644 profile/airootfs/etc/polkit-1/rules.d/udisks-no-consolekit.rules create mode 120000 profile/airootfs/etc/resolv.conf create mode 100644 profile/airootfs/etc/sddm.conf create mode 100644 profile/airootfs/etc/sddm.conf.d/kde_settings.conf create mode 100644 profile/airootfs/etc/shadow create mode 100644 profile/airootfs/etc/ssh/sshd_config create mode 100644 profile/airootfs/etc/sudoers.d/01_pw_feedback create mode 100644 profile/airootfs/etc/sudoers.d/02_g_wheel create mode 100644 profile/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf create mode 100644 profile/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf create mode 100644 profile/airootfs/etc/systemd/network/20-ethernet.network create mode 100644 profile/airootfs/etc/systemd/network/20-wlan.network create mode 100644 profile/airootfs/etc/systemd/network/20-wwan.network create mode 120000 profile/airootfs/etc/systemd/system-generators/systemd-gpt-auto-generator create mode 120000 profile/airootfs/etc/systemd/system/bluetooth.target.wants/bluetooth.service create mode 100644 profile/airootfs/etc/systemd/system/choose-mirror.service create mode 120000 profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service create mode 120000 profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service create mode 120000 profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service create mode 120000 profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service create mode 120000 profile/airootfs/etc/systemd/system/dbus-org.bluez.service create mode 120000 profile/airootfs/etc/systemd/system/dbus-org.freedesktop.ModemManager1.service create mode 120000 profile/airootfs/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service create mode 120000 profile/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service create mode 120000 profile/airootfs/etc/systemd/system/default.target create mode 120000 profile/airootfs/etc/systemd/system/display-manager.service create mode 100644 profile/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/ModemManager.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/NetworkManager.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_fcopy_daemon.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_kvp_daemon.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_vss_daemon.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/vmtoolsd.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service create mode 120000 profile/airootfs/etc/systemd/system/multi-user.target.wants/wpa_supplicant.service create mode 120000 profile/airootfs/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service create mode 100644 profile/airootfs/etc/systemd/system/pacman-init.service create mode 100644 profile/airootfs/etc/systemd/system/reflector.service.d/archiso.conf create mode 120000 profile/airootfs/etc/systemd/system/sockets.target.wants/cups.socket create mode 100644 profile/airootfs/etc/udev/rules.d/70-backlight.rules create mode 100644 profile/airootfs/etc/vconsole.conf create mode 100644 profile/airootfs/etc/xdg/reflector/reflector.conf create mode 100755 profile/airootfs/root/.automated_script.sh create mode 100644 profile/airootfs/root/.zlogin create mode 100755 profile/airootfs/root/customize_airootfs.sh create mode 100755 profile/airootfs/usr/local/bin/choose-mirror create mode 100644 profile/bootstrap_packages.x86_64 create mode 100644 profile/efiboot/loader/entries/01-archcraftiso-x86_64-linux.conf create mode 100644 profile/efiboot/loader/loader.conf create mode 100644 profile/grub/grub.cfg create mode 100755 profile/mkarchcraftiso create mode 100644 profile/packages.x86_64 create mode 100644 profile/pacman.conf create mode 100644 profile/profiledef.sh create mode 100644 profile/syslinux/archcraftiso_head.cfg create mode 100644 profile/syslinux/archcraftiso_pxe-linux.cfg create mode 100644 profile/syslinux/archcraftiso_pxe.cfg create mode 100644 profile/syslinux/archcraftiso_sys-linux.cfg create mode 100644 profile/syslinux/archcraftiso_sys.cfg create mode 100644 profile/syslinux/archcraftiso_tail.cfg create mode 100644 profile/syslinux/splash.png create mode 100644 profile/syslinux/syslinux.cfg diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c5c0b58 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +# Work Directory +/profile/work + +# ISO Directory +/profile/out diff --git a/profile/airootfs/etc/X11/xorg.conf.d/02-touchpad-ttc.conf b/profile/airootfs/etc/X11/xorg.conf.d/02-touchpad-ttc.conf new file mode 100644 index 0000000..90d5497 --- /dev/null +++ b/profile/airootfs/etc/X11/xorg.conf.d/02-touchpad-ttc.conf @@ -0,0 +1,6 @@ +Section "InputClass" + Identifier "tap-by-default" + MatchIsTouchpad "on" + MatchDriver "libinput" + Option "Tapping" "on" +EndSection diff --git a/profile/airootfs/etc/environment b/profile/airootfs/etc/environment new file mode 100644 index 0000000..427988a --- /dev/null +++ b/profile/airootfs/etc/environment @@ -0,0 +1,8 @@ +# +# This file is parsed by pam_env module +# +# Syntax: simple "KEY=VAL" pairs on separate lines +# +QT_QPA_PLATFORMTHEME=qt5ct +EDITOR=nano +BROWSER=firefox diff --git a/profile/airootfs/etc/group b/profile/airootfs/etc/group new file mode 100644 index 0000000..fbe9da6 --- /dev/null +++ b/profile/airootfs/etc/group @@ -0,0 +1,18 @@ +root:x:0:root +sys:x:3:bin,liveuser +network:x:90:liveuser +power:x:98:liveuser +adm:x:999:liveuser +lp:x:992:liveuser +wheel:x:998:liveuser +uucp:x:987:liveuser +optical:x:990:liveuser +scanner:x:991:liveuser +rfkill:x:983:liveuser +video:x:986:liveuser +storage:x:988:liveuser +audio:x:995:liveuser +users:x:985:liveuser +nopasswdlogin:x:966:liveuser +autologin:x:967:liveuser +liveuser:x:1000: diff --git a/profile/airootfs/etc/gshadow b/profile/airootfs/etc/gshadow new file mode 100644 index 0000000..d1df9df --- /dev/null +++ b/profile/airootfs/etc/gshadow @@ -0,0 +1,18 @@ +root:::root +sys:!!::liveuser +network:!!::liveuser +power:!!::liveuser +adm:!!::liveuser +lp:!!::liveuser +wheel:!!::liveuser +uucp:!!::liveuser +optical:!!::liveuser +scanner:!!::liveuser +rfkill:!!::liveuser +video:!!::liveuser +storage:!!::liveuser +audio:!!::liveuser +users:!!::liveuser +nopasswdlogin:!::liveuser +autologin:!::liveuser +liveuser:!:: diff --git a/profile/airootfs/etc/hostname b/profile/airootfs/etc/hostname new file mode 100644 index 0000000..eca2934 --- /dev/null +++ b/profile/airootfs/etc/hostname @@ -0,0 +1 @@ +archcraft diff --git a/profile/airootfs/etc/locale.conf b/profile/airootfs/etc/locale.conf new file mode 100644 index 0000000..f9c983c --- /dev/null +++ b/profile/airootfs/etc/locale.conf @@ -0,0 +1 @@ +LANG=C.UTF-8 diff --git a/profile/airootfs/etc/localtime b/profile/airootfs/etc/localtime new file mode 120000 index 0000000..0e35b57 --- /dev/null +++ b/profile/airootfs/etc/localtime @@ -0,0 +1 @@ +/usr/share/zoneinfo/UTC \ No newline at end of file diff --git a/profile/airootfs/etc/mkinitcpio.conf b/profile/airootfs/etc/mkinitcpio.conf new file mode 100644 index 0000000..6faa7f6 --- /dev/null +++ b/profile/airootfs/etc/mkinitcpio.conf @@ -0,0 +1,67 @@ +# vim:set ft=sh +# MODULES +# The following modules are loaded before any boot hooks are +# run. Advanced users may wish to specify all system modules +# in this array. For instance: +# MODULES=(piix ide_disk reiserfs) +MODULES=(i915? amdgpu? radeon? nvidia? nouveau? vboxvideo? vmwgfx?) + +# BINARIES +# This setting includes any additional binaries a given user may +# wish into the CPIO image. This is run last, so it may be used to +# override the actual binaries included by a given hook +# BINARIES are dependency parsed, so you may safely ignore libraries +BINARIES=() + +# FILES +# This setting is similar to BINARIES above, however, files are added +# as-is and are not parsed in any way. This is useful for config files. +FILES=() + +# HOOKS +# This is the most important setting in this file. The HOOKS control the +# modules and scripts added to the image, and what happens at boot time. +# Order is important, and it is recommended that you do not change the +# order in which HOOKS are added. Run 'mkinitcpio -H ' for +# help on a given hook. +# 'base' is _required_ unless you know precisely what you are doing. +# 'udev' is _required_ in order to automatically load modules +# 'filesystems' is _required_ unless you specify your fs modules in MODULES +# Examples: +## This setup specifies all modules in the MODULES setting above. +## No raid, lvm2, or encrypted root is needed. +# HOOKS=(base) +# +## This setup will autodetect all modules for your system and should +## work as a sane default +# HOOKS=(base udev autodetect block filesystems) +# +## This setup will generate a 'full' image which supports most systems. +## No autodetection is done. +# HOOKS=(base udev block filesystems) +# +## This setup assembles a pata mdadm array with an encrypted root FS. +## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. +# HOOKS=(base udev block mdadm encrypt filesystems) +# +## This setup loads an lvm2 volume group on a usb device. +# HOOKS=(base udev block lvm2 filesystems) +# +## NOTE: If you have /usr on a separate partition, you MUST include the +# usr, fsck and shutdown hooks. +HOOKS=(base udev plymouth archiso archiso_loop_mnt archiso_kms modconf block filesystems keyboard) + +# COMPRESSION +# Use this to compress the initramfs image. By default, gzip compression +# is used. Use 'cat' to create an uncompressed image. +#COMPRESSION="gzip" +#COMPRESSION="bzip2" +#COMPRESSION="lzma" +#COMPRESSION="xz" +#COMPRESSION="lzop" +#COMPRESSION="lz4" +COMPRESSION="zstd" + +# COMPRESSION_OPTIONS +# Additional options for the compressor +#COMPRESSION_OPTIONS=() diff --git a/profile/airootfs/etc/mkinitcpio.d/linux.preset b/profile/airootfs/etc/mkinitcpio.d/linux.preset new file mode 100644 index 0000000..9f67184 --- /dev/null +++ b/profile/airootfs/etc/mkinitcpio.d/linux.preset @@ -0,0 +1,8 @@ +# mkinitcpio preset file for the 'linux' package on archiso + +PRESETS=('archiso') + +ALL_kver='/boot/vmlinuz-linux' +ALL_config='/etc/mkinitcpio.conf' + +archiso_image="/boot/initramfs-linux.img" diff --git a/profile/airootfs/etc/modprobe.d/broadcom-wl.conf b/profile/airootfs/etc/modprobe.d/broadcom-wl.conf new file mode 100644 index 0000000..0eae70c --- /dev/null +++ b/profile/airootfs/etc/modprobe.d/broadcom-wl.conf @@ -0,0 +1,7 @@ +# The broadcom-wl package requires some modules to be disabled in order to use +# wl. Since the ISO image needs to cover many hardware cases, this file +# overrides the default blacklist in /usr/lib/modprobe.d/ +# +# If you need to use wl, you may need to delete this file, then `rmmod` any +# already-loaded modules that are now blacklisted before proceeding to modprobe +# wl itself. diff --git a/profile/airootfs/etc/motd b/profile/airootfs/etc/motd new file mode 100644 index 0000000..1b94138 --- /dev/null +++ b/profile/airootfs/etc/motd @@ -0,0 +1,9 @@ +Welcome to Archcraft! + +Home: https://archcraft.io +Wiki: https://wiki.archcraft.io + +Developed By: Aditya Shakya  + +        + diff --git a/profile/airootfs/etc/pacman.d/hooks/uncomment-mirrors.hook b/profile/airootfs/etc/pacman.d/hooks/uncomment-mirrors.hook new file mode 100644 index 0000000..342aa95 --- /dev/null +++ b/profile/airootfs/etc/pacman.d/hooks/uncomment-mirrors.hook @@ -0,0 +1,13 @@ +# remove from airootfs! +[Trigger] +Operation = Install +Operation = Upgrade +Type = Package +Target = pacman-mirrorlist + +[Action] +Description = Uncommenting all mirrors in /etc/pacman.d/mirrorlist... +When = PostTransaction +Depends = pacman-mirrorlist +Depends = sed +Exec = /usr/bin/sed -i "s/#Server/Server/g" /etc/pacman.d/mirrorlist diff --git a/profile/airootfs/etc/pacman.d/hooks/zzzz99-remove-custom-hooks-from-airootfs.hook b/profile/airootfs/etc/pacman.d/hooks/zzzz99-remove-custom-hooks-from-airootfs.hook new file mode 100644 index 0000000..8dfb943 --- /dev/null +++ b/profile/airootfs/etc/pacman.d/hooks/zzzz99-remove-custom-hooks-from-airootfs.hook @@ -0,0 +1,18 @@ +# remove from airootfs! +# As a workaround for https://bugs.archlinux.org/task/49347 , remove pacman hooks specific to the ISO build process. +# If not, they would be used when pacstrap is run in the live environment. + +[Trigger] +Operation = Install +Operation = Upgrade +Operation = Remove +Type = Package +Target = * + +[Action] +Description = Work around FS#49347 by removing custom pacman hooks that are only required during ISO build... +When = PostTransaction +Depends = sh +Depends = coreutils +Depends = grep +Exec = /bin/sh -c "rm -- $(grep -Frl 'remove from airootfs' /etc/pacman.d/hooks/)" diff --git a/profile/airootfs/etc/passwd b/profile/airootfs/etc/passwd new file mode 100644 index 0000000..be2f4c6 --- /dev/null +++ b/profile/airootfs/etc/passwd @@ -0,0 +1,2 @@ +root:x:0:0:root:/root:/usr/bin/zsh +liveuser:x:1000:1000::/home/liveuser:/usr/bin/zsh diff --git a/profile/airootfs/etc/polkit-1/localauthority/50-local.d/10-udisks.pkla b/profile/airootfs/etc/polkit-1/localauthority/50-local.d/10-udisks.pkla new file mode 100644 index 0000000..c682044 --- /dev/null +++ b/profile/airootfs/etc/polkit-1/localauthority/50-local.d/10-udisks.pkla @@ -0,0 +1,14 @@ +[udisks1] +Identity=unix-group:storage +Action=org.freedesktop.udisks.filesystem-mount;org.freedesktop.udisks.luks-unlock;org.freedesktop.udisks.drive-eject;org.freedesktop.udisks.drive-detach +ResultAny=yes + +[udisks2] +Identity=unix-group:storage +Action=org.freedesktop.udisks2.filesystem-mount;org.freedesktop.udisks2.encrypted-unlock;org.freedesktop.udisks2.eject-media;org.freedesktop.udisks2.power-off-drive +ResultAny=yes + +[udisks2-other-seat] +Identity=unix-group:storage +Action=org.freedesktop.udisks2.filesystem-mount-other-seat;org.freedesktop.udisks2.filesystem-unmount-others;org.freedesktop.udisks2.encrypted-unlock-other-seat;org.freedesktop.udisks2.eject-media-other-seat;org.freedesktop.udisks2.power-off-drive-other-seat +ResultAny=yes diff --git a/profile/airootfs/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules b/profile/airootfs/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules new file mode 100644 index 0000000..b6fe9c7 --- /dev/null +++ b/profile/airootfs/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules @@ -0,0 +1,5 @@ +polkit.addRule(function(action, subject) { + if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) { + return polkit.Result.YES; + } +}); diff --git a/profile/airootfs/etc/polkit-1/rules.d/50-udiskie.rules b/profile/airootfs/etc/polkit-1/rules.d/50-udiskie.rules new file mode 100644 index 0000000..ab81971 --- /dev/null +++ b/profile/airootfs/etc/polkit-1/rules.d/50-udiskie.rules @@ -0,0 +1,25 @@ +polkit.addRule(function(action, subject) { + var YES = polkit.Result.YES; + // NOTE: there must be a comma at the end of each line except for the last: + var permission = { + // required for udisks1: + "org.freedesktop.udisks.filesystem-mount": YES, + "org.freedesktop.udisks.luks-unlock": YES, + "org.freedesktop.udisks.drive-eject": YES, + "org.freedesktop.udisks.drive-detach": YES, + // required for udisks2: + "org.freedesktop.udisks2.filesystem-mount": YES, + "org.freedesktop.udisks2.encrypted-unlock": YES, + "org.freedesktop.udisks2.eject-media": YES, + "org.freedesktop.udisks2.power-off-drive": YES, + // required for udisks2 if using udiskie from another seat (e.g. systemd): + "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, + "org.freedesktop.udisks2.filesystem-unmount-others": YES, + "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, + "org.freedesktop.udisks2.eject-media-other-seat": YES, + "org.freedesktop.udisks2.power-off-drive-other-seat": YES + }; + if (subject.isInGroup("storage")) { + return permission[action.id]; + } +}); diff --git a/profile/airootfs/etc/polkit-1/rules.d/allow-mount-internal.rules b/profile/airootfs/etc/polkit-1/rules.d/allow-mount-internal.rules new file mode 100644 index 0000000..90a84f9 --- /dev/null +++ b/profile/airootfs/etc/polkit-1/rules.d/allow-mount-internal.rules @@ -0,0 +1,8 @@ +polkit.addRule(function(action, subject) { + if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" || + action.id == "org.freedesktop.udisks.filesystem-mount-system-internal") && + subject.local && subject.active && subject.isInGroup("users")) + { + return polkit.Result.YES; + } +}); diff --git a/profile/airootfs/etc/polkit-1/rules.d/always-allow-wheel.rules b/profile/airootfs/etc/polkit-1/rules.d/always-allow-wheel.rules new file mode 100644 index 0000000..d41dc47 --- /dev/null +++ b/profile/airootfs/etc/polkit-1/rules.d/always-allow-wheel.rules @@ -0,0 +1,7 @@ +polkit.addRule(function(action, subject) { + if (/^org\.freedesktop\.udisks\./.test(action.id) + && subject.isInGroup("wheel")) + { + return polkit.Result.YES; + } +}); diff --git a/profile/airootfs/etc/polkit-1/rules.d/udisks-no-consolekit.rules b/profile/airootfs/etc/polkit-1/rules.d/udisks-no-consolekit.rules new file mode 100644 index 0000000..f2d268e --- /dev/null +++ b/profile/airootfs/etc/polkit-1/rules.d/udisks-no-consolekit.rules @@ -0,0 +1,10 @@ +polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.udisks.filesystem-mount") { + if (subject.isInGroup("wheel")) + return polkit.Result.YES; + else + return polkit.Result.AUTH_ADMIN_KEEP; + } else if (/^org\.freedesktop\.udisks\./.test(action.id)) { + return polkit.Result.AUTH_ADMIN_KEEP; + } +}); diff --git a/profile/airootfs/etc/resolv.conf b/profile/airootfs/etc/resolv.conf new file mode 120000 index 0000000..3639662 --- /dev/null +++ b/profile/airootfs/etc/resolv.conf @@ -0,0 +1 @@ +/run/systemd/resolve/stub-resolv.conf \ No newline at end of file diff --git a/profile/airootfs/etc/sddm.conf b/profile/airootfs/etc/sddm.conf new file mode 100644 index 0000000..bb6424f --- /dev/null +++ b/profile/airootfs/etc/sddm.conf @@ -0,0 +1,38 @@ +[General] +InputMethod= +Namespaces= +Numlock=on + +[Theme] +DisableAvatarsThreshold=7 +EnableAvatars=true +FacesDir=/usr/share/sddm/faces +ThemeDir=/usr/share/sddm/themes + +[Users] +DefaultPath=/usr/local/sbin:/usr/local/bin:/usr/bin +HideShells= +HideUsers= +RememberLastSession=true +RememberLastUser=true +ReuseSession=true + +[Wayland] +EnableHiDPI=true +SessionCommand=/usr/share/sddm/scripts/wayland-session +SessionDir=/usr/share/wayland-sessions +SessionLogFile=.local/share/sddm/wayland-session.log + +[X11] +DisplayCommand=/usr/share/sddm/scripts/Xsetup +DisplayStopCommand=/usr/share/sddm/scripts/Xstop +EnableHiDPI=true +MinimumVT=1 +ServerArguments=-nolisten tcp +ServerPath=/usr/bin/X +SessionCommand=/usr/share/sddm/scripts/Xsession +SessionDir=/usr/share/xsessions +SessionLogFile=.local/share/sddm/xorg-session.log +UserAuthFile=.Xauthority +XauthPath=/usr/bin/xauth +XephyrPath=/usr/bin/Xephyr diff --git a/profile/airootfs/etc/sddm.conf.d/kde_settings.conf b/profile/airootfs/etc/sddm.conf.d/kde_settings.conf new file mode 100644 index 0000000..99c5d86 --- /dev/null +++ b/profile/airootfs/etc/sddm.conf.d/kde_settings.conf @@ -0,0 +1,17 @@ +[Autologin] +Relogin=false +Session=xfce +User=liveuser + +[General] +HaltCommand=/usr/bin/systemctl poweroff +RebootCommand=/usr/bin/systemctl reboot + +[Theme] +Current=archcraft +CursorTheme=Qogirr +Font=Iosevka,10,-1,0,50,0,0,0,0,0 + +[Users] +MaximumUid=60513 +MinimumUid=1000 diff --git a/profile/airootfs/etc/shadow b/profile/airootfs/etc/shadow new file mode 100644 index 0000000..08ccaa0 --- /dev/null +++ b/profile/airootfs/etc/shadow @@ -0,0 +1,2 @@ +root::14871:::::: +liveuser:$6$TMf6RYQ5138CZrJJ$NwesWINLnlu2ailpwPZOKLvFfO19uZZNhQcz8WBkyTtGXWu0kpAMhKjJ5X0AzQ8MT7LCRiGuJ74IZi31pC4/S1:14871:::::: diff --git a/profile/airootfs/etc/ssh/sshd_config b/profile/airootfs/etc/ssh/sshd_config new file mode 100644 index 0000000..93f7d63 --- /dev/null +++ b/profile/airootfs/etc/ssh/sshd_config @@ -0,0 +1,116 @@ +# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#KbdInteractiveAuthentication yes + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the KbdInteractiveAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via KbdInteractiveAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and KbdInteractiveAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no # pam does that +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib/ssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/profile/airootfs/etc/sudoers.d/01_pw_feedback b/profile/airootfs/etc/sudoers.d/01_pw_feedback new file mode 100644 index 0000000..f9e5ff2 --- /dev/null +++ b/profile/airootfs/etc/sudoers.d/01_pw_feedback @@ -0,0 +1 @@ +Defaults env_reset,pwfeedback,insults diff --git a/profile/airootfs/etc/sudoers.d/02_g_wheel b/profile/airootfs/etc/sudoers.d/02_g_wheel new file mode 100644 index 0000000..8c45359 --- /dev/null +++ b/profile/airootfs/etc/sudoers.d/02_g_wheel @@ -0,0 +1 @@ +%wheel ALL=(ALL) NOPASSWD: ALL diff --git a/profile/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf b/profile/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf new file mode 100644 index 0000000..b69850d --- /dev/null +++ b/profile/airootfs/etc/systemd/journald.conf.d/volatile-storage.conf @@ -0,0 +1,2 @@ +[Journal] +Storage=volatile diff --git a/profile/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf b/profile/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf new file mode 100644 index 0000000..f3ecb39 --- /dev/null +++ b/profile/airootfs/etc/systemd/logind.conf.d/do-not-suspend.conf @@ -0,0 +1,4 @@ +[Login] +HandleSuspendKey=ignore +HandleHibernateKey=ignore +HandleLidSwitch=ignore diff --git a/profile/airootfs/etc/systemd/network/20-ethernet.network b/profile/airootfs/etc/systemd/network/20-ethernet.network new file mode 100644 index 0000000..9ada778 --- /dev/null +++ b/profile/airootfs/etc/systemd/network/20-ethernet.network @@ -0,0 +1,21 @@ +[Match] +# Matching with "Type=ether" causes issues with containers because it also matches virtual Ethernet interfaces (veth*). +# See https://bugs.archlinux.org/task/70892 +# Instead match by globbing the network interface name. +Name=en* +Name=eth* + +[Network] +DHCP=yes +IPv6PrivacyExtensions=yes + +# systemd-networkd does not set per-interface-type default route metrics +# https://github.com/systemd/systemd/issues/17698 +# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband. +# Use values from NetworkManager. From nm_device_get_route_metric_default in +# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c +[DHCPv4] +RouteMetric=100 + +[IPv6AcceptRA] +RouteMetric=100 diff --git a/profile/airootfs/etc/systemd/network/20-wlan.network b/profile/airootfs/etc/systemd/network/20-wlan.network new file mode 100644 index 0000000..601d5b8 --- /dev/null +++ b/profile/airootfs/etc/systemd/network/20-wlan.network @@ -0,0 +1,17 @@ +[Match] +Name=wl* + +[Network] +DHCP=yes +IPv6PrivacyExtensions=yes + +# systemd-networkd does not set per-interface-type default route metrics +# https://github.com/systemd/systemd/issues/17698 +# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband. +# Use values from NetworkManager. From nm_device_get_route_metric_default in +# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c +[DHCPv4] +RouteMetric=600 + +[IPv6AcceptRA] +RouteMetric=600 diff --git a/profile/airootfs/etc/systemd/network/20-wwan.network b/profile/airootfs/etc/systemd/network/20-wwan.network new file mode 100644 index 0000000..9104c24 --- /dev/null +++ b/profile/airootfs/etc/systemd/network/20-wwan.network @@ -0,0 +1,17 @@ +[Match] +Name=ww* + +[Network] +DHCP=yes +IPv6PrivacyExtensions=yes + +# systemd-networkd does not set per-interface-type default route metrics +# https://github.com/systemd/systemd/issues/17698 +# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband. +# Use values from NetworkManager. From nm_device_get_route_metric_default in +# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c +[DHCPv4] +RouteMetric=700 + +[IPv6AcceptRA] +RouteMetric=700 diff --git a/profile/airootfs/etc/systemd/system-generators/systemd-gpt-auto-generator b/profile/airootfs/etc/systemd/system-generators/systemd-gpt-auto-generator new file mode 120000 index 0000000..dc1dc0c --- /dev/null +++ b/profile/airootfs/etc/systemd/system-generators/systemd-gpt-auto-generator @@ -0,0 +1 @@ +/dev/null \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/bluetooth.target.wants/bluetooth.service b/profile/airootfs/etc/systemd/system/bluetooth.target.wants/bluetooth.service new file mode 120000 index 0000000..d256bfe --- /dev/null +++ b/profile/airootfs/etc/systemd/system/bluetooth.target.wants/bluetooth.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/bluetooth.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/choose-mirror.service b/profile/airootfs/etc/systemd/system/choose-mirror.service new file mode 100644 index 0000000..b6a3562 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/choose-mirror.service @@ -0,0 +1,10 @@ +[Unit] +Description=Choose mirror from the kernel command line +ConditionKernelCommandLine=mirror + +[Service] +Type=oneshot +ExecStart=/usr/local/bin/choose-mirror + +[Install] +WantedBy=multi-user.target diff --git a/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service new file mode 120000 index 0000000..ebc50f0 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-config.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service new file mode 120000 index 0000000..80fa3c8 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-final.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service new file mode 120000 index 0000000..dd8e9f1 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-init-local.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service new file mode 120000 index 0000000..24c7a26 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-init.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/dbus-org.bluez.service b/profile/airootfs/etc/systemd/system/dbus-org.bluez.service new file mode 120000 index 0000000..d256bfe --- /dev/null +++ b/profile/airootfs/etc/systemd/system/dbus-org.bluez.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/bluetooth.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.ModemManager1.service b/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.ModemManager1.service new file mode 120000 index 0000000..dcf7c8e --- /dev/null +++ b/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.ModemManager1.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/ModemManager.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service b/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service new file mode 120000 index 0000000..a7e5cd4 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/NetworkManager-dispatcher.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service b/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service new file mode 120000 index 0000000..4f6ae34 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/dbus-org.freedesktop.resolve1.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-resolved.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/default.target b/profile/airootfs/etc/systemd/system/default.target new file mode 120000 index 0000000..cf9fa51 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/default.target @@ -0,0 +1 @@ +/usr/lib/systemd/system/graphical.target \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/display-manager.service b/profile/airootfs/etc/systemd/system/display-manager.service new file mode 120000 index 0000000..66383b4 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/display-manager.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/sddm-plymouth.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount b/profile/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount new file mode 100644 index 0000000..0ba0e67 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount @@ -0,0 +1,8 @@ +[Unit] +Description=Temporary /etc/pacman.d/gnupg directory + +[Mount] +What=ramfs +Where=/etc/pacman.d/gnupg +Type=ramfs +Options=mode=0755 diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/ModemManager.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/ModemManager.service new file mode 120000 index 0000000..dcf7c8e --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/ModemManager.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/ModemManager.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/NetworkManager.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/NetworkManager.service new file mode 120000 index 0000000..e874a9b --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/NetworkManager.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/NetworkManager.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service new file mode 120000 index 0000000..2d8d256 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/choose-mirror.service @@ -0,0 +1 @@ +../choose-mirror.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_fcopy_daemon.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_fcopy_daemon.service new file mode 120000 index 0000000..20ac7b2 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_fcopy_daemon.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/hv_fcopy_daemon.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_kvp_daemon.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_kvp_daemon.service new file mode 120000 index 0000000..a7eac4a --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_kvp_daemon.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/hv_kvp_daemon.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_vss_daemon.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_vss_daemon.service new file mode 120000 index 0000000..eae19ef --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/hv_vss_daemon.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/hv_vss_daemon.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service new file mode 120000 index 0000000..d09eec6 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/pacman-init.service @@ -0,0 +1 @@ +../pacman-init.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service new file mode 120000 index 0000000..8e3ff80 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/qemu-guest-agent.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service new file mode 120000 index 0000000..d372729 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/reflector.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/reflector.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service new file mode 120000 index 0000000..d21ebd9 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/sshd.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service new file mode 120000 index 0000000..4f6ae34 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-resolved.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service new file mode 120000 index 0000000..cb2d560 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/vboxservice.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/vmtoolsd.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/vmtoolsd.service new file mode 120000 index 0000000..e0a11a7 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/vmtoolsd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/vmtoolsd.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service new file mode 120000 index 0000000..173f306 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/vmware-vmblock-fuse.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/multi-user.target.wants/wpa_supplicant.service b/profile/airootfs/etc/systemd/system/multi-user.target.wants/wpa_supplicant.service new file mode 120000 index 0000000..1aff68e --- /dev/null +++ b/profile/airootfs/etc/systemd/system/multi-user.target.wants/wpa_supplicant.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/wpa_supplicant.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service b/profile/airootfs/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service new file mode 120000 index 0000000..b78b586 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/NetworkManager-wait-online.service \ No newline at end of file diff --git a/profile/airootfs/etc/systemd/system/pacman-init.service b/profile/airootfs/etc/systemd/system/pacman-init.service new file mode 100644 index 0000000..b18f7f8 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/pacman-init.service @@ -0,0 +1,13 @@ +[Unit] +Description=Initializes Pacman keyring +Requires=etc-pacman.d-gnupg.mount +After=etc-pacman.d-gnupg.mount + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/pacman-key --init +ExecStart=/usr/bin/pacman-key --populate + +[Install] +WantedBy=multi-user.target diff --git a/profile/airootfs/etc/systemd/system/reflector.service.d/archiso.conf b/profile/airootfs/etc/systemd/system/reflector.service.d/archiso.conf new file mode 100644 index 0000000..de6664d --- /dev/null +++ b/profile/airootfs/etc/systemd/system/reflector.service.d/archiso.conf @@ -0,0 +1,6 @@ +[Unit] +ConditionKernelCommandLine=!mirror + +[Service] +Restart=on-failure +RestartSec=10 diff --git a/profile/airootfs/etc/systemd/system/sockets.target.wants/cups.socket b/profile/airootfs/etc/systemd/system/sockets.target.wants/cups.socket new file mode 120000 index 0000000..8015ac2 --- /dev/null +++ b/profile/airootfs/etc/systemd/system/sockets.target.wants/cups.socket @@ -0,0 +1 @@ +/usr/lib/systemd/system/cups.socket \ No newline at end of file diff --git a/profile/airootfs/etc/udev/rules.d/70-backlight.rules b/profile/airootfs/etc/udev/rules.d/70-backlight.rules new file mode 100644 index 0000000..9b8fdf4 --- /dev/null +++ b/profile/airootfs/etc/udev/rules.d/70-backlight.rules @@ -0,0 +1,2 @@ +ACTION=="add", SUBSYSTEM=="backlight", RUN+="/bin/chgrp video /sys/class/backlight/%k/brightness" +ACTION=="add", SUBSYSTEM=="backlight", RUN+="/bin/chmod g+w /sys/class/backlight/%k/brightness" diff --git a/profile/airootfs/etc/vconsole.conf b/profile/airootfs/etc/vconsole.conf new file mode 100644 index 0000000..cb9068a --- /dev/null +++ b/profile/airootfs/etc/vconsole.conf @@ -0,0 +1,3 @@ +KEYMAP=us +FONT=default8x16 +FONT_MAP=8859-2 diff --git a/profile/airootfs/etc/xdg/reflector/reflector.conf b/profile/airootfs/etc/xdg/reflector/reflector.conf new file mode 100644 index 0000000..7c830d2 --- /dev/null +++ b/profile/airootfs/etc/xdg/reflector/reflector.conf @@ -0,0 +1,8 @@ +# Reflector configuration file for the systemd service. + +--save /etc/pacman.d/mirrorlist +--ipv4 +--ipv6 +--protocol https +--latest 20 +--sort rate diff --git a/profile/airootfs/root/.automated_script.sh b/profile/airootfs/root/.automated_script.sh new file mode 100755 index 0000000..52c47e6 --- /dev/null +++ b/profile/airootfs/root/.automated_script.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash + +script_cmdline () +{ + local param + for param in $(< /proc/cmdline); do + case "${param}" in + script=*) echo "${param#*=}" ; return 0 ;; + esac + done +} + +automated_script () +{ + local script rt + script="$(script_cmdline)" + if [[ -n "${script}" && ! -x /tmp/startup_script ]]; then + if [[ "${script}" =~ ^((http|https|ftp)://) ]]; then + curl "${script}" --location --retry-connrefused --retry 10 -s -o /tmp/startup_script >/dev/null + rt=$? + else + cp "${script}" /tmp/startup_script + rt=$? + fi + if [[ ${rt} -eq 0 ]]; then + chmod +x /tmp/startup_script + /tmp/startup_script + fi + fi +} + +if [[ $(tty) == "/dev/tty1" ]]; then + automated_script +fi diff --git a/profile/airootfs/root/.zlogin b/profile/airootfs/root/.zlogin new file mode 100644 index 0000000..0fb119d --- /dev/null +++ b/profile/airootfs/root/.zlogin @@ -0,0 +1,6 @@ +# fix for screen readers +if grep -Fq 'accessibility=' /proc/cmdline &> /dev/null; then + setopt SINGLE_LINE_ZLE +fi + +~/.automated_script.sh diff --git a/profile/airootfs/root/customize_airootfs.sh b/profile/airootfs/root/customize_airootfs.sh new file mode 100755 index 0000000..6b513f3 --- /dev/null +++ b/profile/airootfs/root/customize_airootfs.sh @@ -0,0 +1,141 @@ +#!/usr/bin/env bash + +## Script to perform several important tasks before `mkarchcraftiso` create filesystem image. + +set -e -u + +## -------------------------------------------------------------- ## + +## Fix Initrd Generation in Installed System +cat > "/etc/mkinitcpio.d/linux.preset" <<- _EOF_ + # mkinitcpio preset file for the 'linux' package + + ALL_kver="/boot/vmlinuz-linux" + ALL_config="/etc/mkinitcpio.conf" + + PRESETS=('default' 'fallback') + + #default_config="/etc/mkinitcpio.conf" + default_image="/boot/initramfs-linux.img" + #default_options="" + + #fallback_config="/etc/mkinitcpio.conf" + fallback_image="/boot/initramfs-linux-fallback.img" + fallback_options="-S autodetect" +_EOF_ + +## -------------------------------------------------------------- ## + +## Enable Parallel Downloads +sed -i -e 's|#ParallelDownloads.*|ParallelDownloads = 5|g' /etc/pacman.conf +sed -i -e '/#\[testing\]/Q' /etc/pacman.conf + +## Append archcraft repository to pacman.conf +cat >> "/etc/pacman.conf" <<- EOL + [archcraft] + SigLevel = Optional TrustAll + Include = /etc/pacman.d/archcraft-mirrorlist + + #[testing] + #Include = /etc/pacman.d/mirrorlist + + [core] + Include = /etc/pacman.d/mirrorlist + + [extra] + Include = /etc/pacman.d/mirrorlist + + #[community-testing] + #Include = /etc/pacman.d/mirrorlist + + [community] + Include = /etc/pacman.d/mirrorlist + + # If you want to run 32 bit applications on your x86_64 system, + # enable the multilib repositories as required here. + + #[multilib-testing] + #Include = /etc/pacman.d/mirrorlist + + #[multilib] + #Include = /etc/pacman.d/mirrorlist + + # An example of a custom package repository. See the pacman manpage for + # tips on creating your own repositories. + #[custom] + #SigLevel = Optional TrustAll + #Server = file:///home/custompkgs +EOL + +## -------------------------------------------------------------- ## + +## Copy Few Configs Into Root Dir +rdir="/root/.config" +sdir="/etc/skel" +if [[ ! -d "$rdir" ]]; then + mkdir "$rdir" +fi + +rconfig=(geany gtk-3.0 Kvantum neofetch qt5ct ranger Thunar xfce4) +for cfg in "${rconfig[@]}"; do + if [[ -e "$sdir/.config/$cfg" ]]; then + cp -rf "$sdir"/.config/"$cfg" "$rdir" + fi +done + +rcfg=('.oh-my-zsh' '.vim_runtime' '.vimrc' '.zshrc') +for cfile in "${rcfg[@]}"; do + if [[ -e "$sdir/$cfile" ]]; then + cp -rf "$sdir"/"$cfile" /root + fi +done + +## -------------------------------------------------------------- ## + +## Fix wallpaper in xfce +mv /usr/share/backgrounds/xfce/xfce-verticals.png /usr/share/backgrounds/xfce/xfce_verticals.png +cp -rf /usr/share/backgrounds/default.jpg /usr/share/backgrounds/xfce/xfce-verticals.png + +## -------------------------------------------------------------- ## + +## Copy Calamares to Desktop +_desktop="/home/liveuser/Desktop" + +if [[ ! -d "${_desktop}" ]]; then + mkdir -p "${_desktop}" +fi + +cp /usr/share/applications/calamares.desktop "${_desktop}" +chown -R liveuser:users "${_desktop}" +chmod +x "${_desktop}"/calamares.desktop + +## -------------------------------------------------------------- ## + +## Set `Qogirr` as default cursor theme +sed -i -e 's|Inherits=.*|Inherits=Qogirr|g' /usr/share/icons/default/index.theme + +## Update xdg-user-dirs for bookmarks in thunar and pcmanfm +runuser -l liveuser -c 'xdg-user-dirs-update' +runuser -l liveuser -c 'xdg-user-dirs-gtk-update' +xdg-user-dirs-update +xdg-user-dirs-gtk-update + +## -------------------------------------------------------------- ## + +## Hide Unnecessary Apps +adir="/usr/share/applications" +apps=(avahi-discover.desktop bssh.desktop bvnc.desktop echomixer.desktop \ + envy24control.desktop exo-preferred-applications.desktop feh.desktop \ + hdajackretask.desktop hdspconf.desktop hdspmixer.desktop hwmixvolume.desktop lftp.desktop \ + libfm-pref-apps.desktop lxshortcut.desktop lstopo.desktop \ + networkmanager_dmenu.desktop nm-connection-editor.desktop pcmanfm-desktop-pref.desktop \ + qv4l2.desktop qvidcap.desktop stoken-gui.desktop stoken-gui-small.desktop thunar-bulk-rename.desktop \ + thunar-settings.desktop thunar-volman-settings.desktop yad-icon-browser.desktop) + +for app in "${apps[@]}"; do + if [[ -e "$adir/$app" ]]; then + sed -i '$s/$/\nNoDisplay=true/' "$adir/$app" + fi +done + +## -------------------------------------------------------------- ## diff --git a/profile/airootfs/usr/local/bin/choose-mirror b/profile/airootfs/usr/local/bin/choose-mirror new file mode 100755 index 0000000..b021945 --- /dev/null +++ b/profile/airootfs/usr/local/bin/choose-mirror @@ -0,0 +1,28 @@ +#!/bin/bash +# +# SPDX-License-Identifier: GPL-3.0-or-later + +get_cmdline() { + local param + for param in $(< /proc/cmdline); do + case "${param}" in + $1=*) echo "${param##*=}"; + return 0 + ;; + esac + done +} + +mirror=$(get_cmdline mirror) +[[ $mirror = auto ]] && mirror=$(get_cmdline archiso_http_srv) +[[ $mirror ]] || exit 0 + +mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig +cat >/etc/pacman.d/mirrorlist << EOF +# +# Arch Linux repository mirrorlist +# Generated by archiso +# + +Server = ${mirror%%/}/\$repo/os/\$arch +EOF diff --git a/profile/bootstrap_packages.x86_64 b/profile/bootstrap_packages.x86_64 new file mode 100644 index 0000000..64966d0 --- /dev/null +++ b/profile/bootstrap_packages.x86_64 @@ -0,0 +1,2 @@ +arch-install-scripts +base diff --git a/profile/efiboot/loader/entries/01-archcraftiso-x86_64-linux.conf b/profile/efiboot/loader/entries/01-archcraftiso-x86_64-linux.conf new file mode 100644 index 0000000..fea2d72 --- /dev/null +++ b/profile/efiboot/loader/entries/01-archcraftiso-x86_64-linux.conf @@ -0,0 +1,7 @@ +title Boot Archcraft (64bit, UEFI) +sort-key 01 +linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux +initrd /%INSTALL_DIR%/boot/intel-ucode.img +initrd /%INSTALL_DIR%/boot/amd-ucode.img +initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img +options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% quiet splash loglevel=3 udev.log_level=3 vt.global_cursor_default=0 cow_spacesize=5G diff --git a/profile/efiboot/loader/loader.conf b/profile/efiboot/loader/loader.conf new file mode 100644 index 0000000..e311ec6 --- /dev/null +++ b/profile/efiboot/loader/loader.conf @@ -0,0 +1,3 @@ +timeout 10 +default 01-archcraftiso-x86_64-linux.conf +beep on diff --git a/profile/grub/grub.cfg b/profile/grub/grub.cfg new file mode 100644 index 0000000..c8d279a --- /dev/null +++ b/profile/grub/grub.cfg @@ -0,0 +1,62 @@ +# Load partition table and file system modules +insmod part_gpt +insmod part_msdos +insmod fat +insmod iso9660 + +# Use graphics-mode output +insmod all_video +insmod font +if loadfont "${prefix}/fonts/unicode.pf2" ; then + insmod gfxterm + set gfxmode="auto" + terminal_input console + terminal_output gfxterm +fi + +# Enable serial console +if serial --unit=0 --speed=115200; then + terminal_input --append serial + terminal_output --append serial +fi + +# Set default menu entry +default=archcraft +timeout=10 +timeout_style=menu + +# Menu entries +menuentry "Boot Archcraft (64bit, UEFI)" --class archcraft --class arch --class gnu-linux --class gnu --class os --id 'archcraft' { + set gfxpayload=keep + search --no-floppy --set=root --label %ARCHISO_LABEL% + linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% quiet splash loglevel=3 udev.log_level=3 vt.global_cursor_default=0 cow_spacesize=5G + initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img +} + +if [ "${grub_platform}" == "efi" ]; then + if [ "${grub_cpu}" == "x86_64" ]; then + menuentry "UEFI Shell" --class recovery { + insmod chain + search --no-floppy --set=root --label %ARCHISO_LABEL% + chainloader /shellx64.efi + } + elif [ "${grub_cpu}" == "i386" ]; then + menuentry "UEFI Shell" --class recovery { + insmod chain + search --no-floppy --set=root --label %ARCHISO_LABEL% + chainloader /shellia32.efi + } + fi + + menuentry 'UEFI Firmware Settings' --class recovery --id 'uefi-firmware' { + fwsetup + } +fi + +menuentry "System shutdown" --class shutdown --class poweroff { + halt +} + +menuentry "System restart" --class restart --class reboot { + reboot +} diff --git a/profile/mkarchcraftiso b/profile/mkarchcraftiso new file mode 100755 index 0000000..c1f0e4d --- /dev/null +++ b/profile/mkarchcraftiso @@ -0,0 +1,1762 @@ +#!/usr/bin/env bash +# +# SPDX-License-Identifier: GPL-3.0-or-later + +set -e -u +shopt -s extglob + +# Control the environment +umask 0022 +export LC_ALL="C.UTF-8" +if [[ -v LANGUAGE ]]; then + # LC_ALL=C.UTF-8, unlike LC_ALL=C, does not override LANGUAGE. + # See https://sourceware.org/bugzilla/show_bug.cgi?id=16621 and https://savannah.gnu.org/bugs/?62815 + unset LANGUAGE +fi +[[ -v SOURCE_DATE_EPOCH ]] || printf -v SOURCE_DATE_EPOCH '%(%s)T' -1 +export SOURCE_DATE_EPOCH + +# Set application name from the script's file name +app_name="${0##*/}" + +# Define global variables. All of them will be overwritten later +pkg_list=() +bootstrap_pkg_list=() +quiet="" +work_dir="" +out_dir="" +gpg_key="" +gpg_sender="" +iso_name="" +iso_label="" +iso_publisher="" +iso_application="" +iso_version="" +install_dir="" +arch="" +pacman_conf="" +packages="" +bootstrap_packages="" +pacstrap_dir="" +buildmodes=() +bootmodes=() +airootfs_image_type="" +airootfs_image_tool_options=() +cert_list=() +sign_netboot_artifacts="" +declare -A file_permissions=() +efibootimg="" +efiboot_files=() +# adapted from GRUB_EARLY_INITRD_LINUX_STOCK in https://git.savannah.gnu.org/cgit/grub.git/tree/util/grub-mkconfig.in +readonly ucodes=('intel-uc.img' 'intel-ucode.img' 'amd-uc.img' 'amd-ucode.img' 'early_ucode.cpio' 'microcode.cpio') + + +# Show an INFO message +# $1: message string +_msg_info() { + local _msg="${1}" + [[ "${quiet}" == "y" ]] || printf '[%s] INFO: %s\n' "${app_name}" "${_msg}" +} + +# Show a WARNING message +# $1: message string +_msg_warning() { + local _msg="${1}" + printf '[%s] WARNING: %s\n' "${app_name}" "${_msg}" >&2 +} + +# Show an ERROR message then exit with status +# $1: message string +# $2: exit code number (with 0 does not exit) +_msg_error() { + local _msg="${1}" + local _error=${2} + printf '[%s] ERROR: %s\n' "${app_name}" "${_msg}" >&2 + if (( _error > 0 )); then + exit "${_error}" + fi +} + +# Show help usage, with an exit status. +# $1: exit status number. +_usage() { + IFS='' read -r -d '' usagetext < + options: + -A Set an application name for the ISO + Default: '${iso_application}' + -C pacman configuration file. + Default: '${pacman_conf}' + -D Set an install_dir. All files will by located here. + Default: '${install_dir}' + NOTE: Max 8 characters, use only [a-z0-9] + -L