On Wed, Oct 14, 2020 at 08:21:31PM +0800, Wu Fengguang wrote:
On Tue, Oct 13, 2020 at 10:19:44AM +0800, Wang Chenglong wrote:
Use the tool to create a new centos-$version initramfs image with one command. and we also can customize the pre-installed software by configuring ./bin/packages-to-install. --- container/osimage/centos/README.md | 15 +++++++ container/osimage/centos/bin/create-image | 36 ++++++++++++++++ container/osimage/centos/bin/lib | 41 +++++++++++++++++++ .../osimage/centos/bin/packages-to-install | 2 + .../osimage/centos/bin/packages-to-remove | 8 ++++
/bin/ may be improved -- packages-* are not bin, so does lib.
Ok, i move packages-* and lib in .../osimage/centos/
Perhaps we can just remove this extra level of path.
Ok. i delete this path
+$HOME/.config/compass-ci/rootfs.passwd + Set the password for the image into this file.
rootfs.passwd => rootfs-passwd .passwd is not valid file suffix.
got it.
+# Configure rootfs +make_rootfs() +{ + yum repolist + yum -y install --skip-broken $(</root/bin/packages-to-install) + yum clean all + rm -rf $(</root/bin/packages-to-remove)
Do not rm. Filter out with grep in pack_cgz() instead.
Ok
+ ln -fs /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ok
Please split this function to install and setup functions.
ok. add functions install_packages() setup_rootfs()
+} + +# Config password +pre_config_rootfs() {
pre_config_rootfs => setup_login
+ [ -n "$ROOT_NEW_PASSWD" ] && {
|| return
to reduce indent below.
got it.
+ echo "Changing root password" + passwd_md5=$(openssl passwd -1 "$ROOT_NEW_PASSWD") + sed -i -r "s/^root:[^:]*:(.*)/root:${passwd_md5//\//\\/}:\1/" "$ROOTFS_DIR/etc/shadow" # Change the password in shadow
blank line here
ok
remove useless comments
ok
+ sed -i 's/[# ]PermitRootLogin.*/PermitRootLogin yes/' "$ROOTFS_DIR/etc/ssh/sshd_config" # Configure ssh service + cd / + find ./ ! -path "./${image_name}" | cpio -o -Hnewc | gzip -9 > /${image_name}
Remove ./ ? A bit safer to save image_name to /tmp/, and exclude /tmp/ from cpio.
ok. remove "cd /" and "./" find / ! -path "/tmp/${image_name}" |grep -vf /tmp/packages-to-remove | ... > /tmp/${image_name}
+ chmod 644 /${image_name} +} +# Check password file +check_passwd_file() { + root_pwd_file="$HOME/.config/compass-ci/rootfs.passwd"
local
Sorry, I don't understand "local". User can write their passwords in local rootfs-passwd file.
+ export ROOT_NEW_PASSWD= + [ -f "$root_pwd_file" ] || { + echo "[INFO] Please set the password file." + echo "$HOME/.config/compass-ci/rootfs.passwd" + exit 1 + } + + export ROOT_NEW_PASSWD=$(cat "$root_pwd_file") +} + +check_passwd_file "$root_pwd_file"
Remove $root_pwd_file parameter -- it's defined inside check_passwd_file()!
Ok, fixed. Thanks, Chenglong
+DIR=$(dirname $(realpath $0)) +cmd=( + docker run + --name init_docker + -v $DIR/bin/:/root/bin + -e ROOT_NEW_PASSWD=$ROOT_NEW_PASSWD + -e image_name=$image_name + $image + /root/bin/create-image +) + +pull_docker_image +${cmd[@]} +cp_image +docker_rm init_docker &> /dev/null +echo "build finished" + -- 2.23.0