We don't always have an initramfs-extra anymore, implement the
deviceinfo check for this. Also ensure we init the chroot before trying
to use it.
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
Put ourselves in a new PID namespace so that daemons we might start in
the chroot like adbd will be killed on exit.
This simplifies "shutdown" since we no longer need to kill these
processes.
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
We don't need to bother unmounting stuff anymore since that will be
handled automatically when all processes in the namespace exit.
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
Refactor the install code to stop using loop devices and instead create
and manipulate a disk image directly. Both ext4 and vfat have mechanisms
for formatting and populating partitions at an offset inside an image,
other filesystems likely do as well but so far have not been implemented
or tested.
With this "pmbootstrap install" works for standard EFI disk images (e.g.
QEMU, X64 or trailblazer) entirely rootless.
Since the creation of the disk images happens in the same user namespace
as everything else, the resulting disk images have correct ownership and
permissions even though from the host perspective they are all subuids.
This gets image building working properly *for the default case*. We can
now build disk images! In particular, we can build disk images with a 4k
sector size even on a host with a 512 byte sector size (or block size in
the filesystem). This is surprisingly hard for some reason since not all
libfdisk tools have the right flags. Thankfully sfdisk does.
In addition, we now generate UUIDs ourselves, to break the loop between
generating fstab and running mkfs (since we also populate the disk image
/with/ mkfs, we need to already know the UUID when we run it...).
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
Rework how we handle binfmt_misc so it will work inside a user
namespace.
* Use a custom mountpoint (only accessible inside the mount namespace),
this is the crux of the change, allowing us to mount it as non-root
and avoid messing with any host configs too!
* No longer explicitly modprobe binfmt_misc, any modern system should
probe it automatically when we try to mount it... I think so anyways
heh
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
They might be symlinks in some quirky setups, we need the absolute paths
for bind mounts to work correctly.
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
sandbox has some nice and clever function to set up /dev as a tmpfs
inside the chroot. Since we can't run mknod() in the user namespace it
bind mounts from the host instead.
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
- Properly run commands at host to mount rootfs
- Always refuse to zap chroot_image, since it is never added to workdir.cfg
Co-authored-by: Newbyte <newbyte@postmarketos.org>
This name is what's used at the one call site the codebase currently
has, and it means we can have an explicit re-export which Ruff won't
complain about.
The unpacking operator can unpack any iterable of any type, unlike the +
operator which only works on some sequences and requires them to be of
the same type usually. Using it allows us to get rid of the line that
disables the "operator" error code for this function.
I tried my best to get the right author based on git commit history, but
in the case of code being moved from one file to make another I might
have gotten something wrong.
Remove this chroot-specific helper and merge it in with the existing
require_programs() logic. Now we have one unified way to discover and
use programs from the host and where we can put any additional special
handling we might need.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
Since all apk invocations withing pmbootstrap now use apk.static by
default, apk_static.run() isn't called anymore, so let's remove it.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
In 0b4fb9119f (chroot: always run apk static v2 (MR 2423)) we adjusted
install_run_apk() to run apk static on the host and pass in the local
binary repo with "--repository". This function can call apk in two ways,
either with the progress bar handling or without, the second case was
never updated and still ran apk inside the chroot incorrectly and with
an incorrect --repository flag.
Let's finish the job by refactoring helpers/apk.py to support all our
usecases and pointing everything to it, removing the last few situations
where we call "pmb.chroot.root(["apk", ...]).
The apk_with_progress() function is replaced by a generic "run()"
function which takes a boolean to indicate if we should render apk
progress.
Additionally, a new cache_clean() function is added so that "pmbootstrap
zap --pkgs-online-mismatch" can FINALLY be refactored to not rely on a
chroot existing. This requires some hacks but nothing serious, see the
comments in the function for details.
The chroot.init() code is now simplified since handling the --root,
--arch, --cache-dir, and --repository flags is now all done by
apk._prepare_cmd() as and when appropriate.
Lastly, this fixes a (previously unnoticed) bug where apk.static was
actually using /var/cache/apk on your host machine for its cache... This
is definitely not good behaviour....
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
This function better belongs here, especially as it will be used outside
of the context of a chroot() soon.
Additionally, it's adjusted to take the rootfs path as its first
argument rather than a chroot, since it could operate on any rootfs.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
Now that we don't need weird apk-tools hacks for systemd, we can
re-implement this optimisation and always run apk static rather than
running apk through the chroot.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
We plan to ship systemd with split /usr until the /usr merge is complete
in Alpine. Let's not drop all our code yet but just forcefully disable
it.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
Currently the usr-merge script fails, and this leads to a very confusing
error when running pmbootstrap the next time:
(stack trace)
KeyError: 'apk-tools'
Show a more helpful error instead.
Let us install packages without announcing. Useful if there is some more
contextual message display already.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
Ensure we get our fork of apk straight away without having to run `apk
upgrade -a` immediately afterwards.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
As we don't call apk from outside of the chroot, the paths need to be
adjusted to be /mnt/pmbootstrap instead of the outside paths.
This should be reverted together with the other TEMP commit after we
upgraded apk to fix this properly (see issue 2388).
Fixes: f5122420 ("TEMP: chroot: apk: run apk through QEMU again (MR 2351)")
This revers b82c4eb167 ("chroot: always run apk static (MR 2252)")
since the current iteration of the apk-tools /usr merge patches
don't handle --root properly and will behave differently based on your
host systems directory structure (specifially for /usr merge).
This commit can be reverted once we fix apk-tools.
Signed-off-by: Caleb Connolly <caleb@postmarketos.org>
