From 2a7dad7f3898b2fb5d1dfae39e79917d10a31c15 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Paul=20H=C3=A4nsch?= <paul@plutz.net>
Date: Tue, 24 Jul 2018 13:33:32 +0200
Subject: [PATCH] updated files from master

---
 .gitignore                                  |  4 ++
 Makefile                                    | 65 +++++++++++++++++----
 config_base/etc/X11/Xresources/xscreensaver |  2 +
 config_base/etc/apt/preferences             |  3 +
 config_base/etc/apt/sources.list            |  2 +
 config_base/etc/hostname                    |  2 +-
 config_base/etc/hosts                       |  5 ++
 config_base/etc/lxdm/lxdm.conf              | 61 +++++++++++++++++++
 {config_elok => config_base}/etc/sudoers    |  0
 config_elok/etc/sddm.conf                   |  3 -
 partitions                                  |  6 ++
 permissions.mk                              | 22 +++++++
 12 files changed, 161 insertions(+), 14 deletions(-)
 create mode 100644 config_base/etc/apt/preferences
 create mode 100644 config_base/etc/hosts
 create mode 100644 config_base/etc/lxdm/lxdm.conf
 rename {config_elok => config_base}/etc/sudoers (100%)
 delete mode 100644 config_elok/etc/sddm.conf
 create mode 100644 partitions
 create mode 100644 permissions.mk

diff --git a/.gitignore b/.gitignore
index 82234ff..a7074f2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,6 @@
 stretch_*_config/
 stretch_*_root/
+stretch_*.squashfs
+mount/
+vmlinuz
+initrd.img
diff --git a/Makefile b/Makefile
index a80a8a7..00c2c4e 100644
--- a/Makefile
+++ b/Makefile
@@ -7,20 +7,22 @@ GROUPS := sudo
 ARCH := amd64
 CONFIG := config_base/
 
-PACKAGES := apt bilibop-lockfs btrfs-tools busybox-static bzip2 ca-certificates cron deborphan extlinux gzip htop ifupdown init iputils-ping irqbalance isc-dhcp-client less live-boot live-boot-initramfs-tools make man-db nbd-client net-tools nmap ntpdate openssh-client openssh-server p7zip-full pciutils rsync squashfs-tools sshfs sudo systemd unace unrar-free unzip vim wget wireless-tools wpasupplicant xz-utils zip
+PACKAGES := apt bilibop-lockfs btrfs-tools busybox-static bzip2 ca-certificates cron deborphan efibootmgr firmware-linux-free gzip htop ifupdown init iputils-ping irqbalance isc-dhcp-client less live-boot live-boot-initramfs-tools make man-db nbd-client net-tools nmap ntpdate openssh-client openssh-server p7zip-full pciutils rsync squashfs-tools sshfs sudo syslinux syslinux-common syslinux-efi systemd unace unrar-free unzip vim wget wireless-tools wpasupplicant xz-utils zip
 
-Include *.mk
+include *.mk
+
+.PRECIOUS: stretch_%_root/bin/sh
 
 stretch_%_root/bin/sh:
 	btrfs subvolume create "$(subst bin/sh,,$@)" || mkdir "$(subst bin/sh,,$@)"
 	chmod 755 "$(subst bin/sh,,$@)"
 	debootstrap --arch=${ARCH} --variant=minbase stretch "$(subst bin/sh,,$@)"
 
-stretch_%_root/: stretch_%_root/bin/sh ${CONFIG} .FORCE
+stretch_%_root/: stretch_%_root/bin/sh ${CONFIG} permissions .FORCE
 	for tree in ${CONFIG}; do for file in apt default timezone; do cp -av "$$tree/etc/$$file" "$@/etc/" || true; done; done
 	chroot "$@" ln -sf /bin/true /usr/local/sbin/invoke-rc.d
 	chroot "$@" sh -c 'apt-mark showmanual |xargs apt-mark auto || true'
-	chroot "$@" apt-get update
+	-chroot "$@" apt-get update
 	chroot "$@" umount /proc /dev || true
 	chroot "$@" mount -t devtmpfs udev /dev
 	chroot "$@" mount -t proc proc /proc
@@ -32,16 +34,59 @@ stretch_%_root/: stretch_%_root/bin/sh ${CONFIG} .FORCE
 	chroot "$@" apt-get clean
 	touch "$@"
 
-stretch_%_config/: stretch_%_root/ ${CONFIG} .FORCE
-	btrfs subvolume delete "$@" || rm -r "$@" || true
+stretch_%_config/: stretch_%_root/ ${CONFIG} permissions .FORCE
+	if [ -d "$@" ]; then btrfs subvolume delete "$@" || rm -r "$@"; else true; fi
 	btrfs subvolume snapshot "$<" "$@" || cp -rlv "$<" "$@"
 	cp -av $(addsuffix /*, ${CONFIG}) "$@"
-	chroot "$@" locale-gen
-	chroot "$@" update-locale
-	chroot "$@" useradd -M -p "$$(printf %s\\n '${PASS}' |mkpasswd -m sha-256 -s)" '${USER}'
-	for g in ${GROUPS}; do chroot "$@" adduser '${USER}' "$$g"; done
+	-chroot "$@" locale-gen
+	-chroot "$@" update-locale
+	-chroot "$@" useradd -M -p "$$(printf %s\\n '${PASS}' |mkpasswd -m sha-256 -s)" '${USER}'
+	-for g in ${GROUPS}; do chroot "$@" adduser '${USER}' "$$g"; done
 	touch "$@"
 
 stretch_%.squashfs: stretch_%_config/
 	rm "$@" || true
 	mksquashfs "$<" "$@" -comp xz
+	chmod a+r "$@"
+
+vmlinuz: stretch_*_root/
+	ln -fs '$<$@' ./
+
+initrd.img: stretch_*_root/
+	ln -fs '$<$@' ./
+
+/dev/sd%: partitions .FORCE
+	sfdisk ${@} <partitions
+	dd of=${@} if=/usr/lib/syslinux/mbr/gptmbr.bin
+
+/dev/sd%1: /dev/sd% vmlinuz initrd.img syslinux.cfg syslia32.cfg syslx64.cfg bootmenu.cfg .FORCE
+	mkdir -p mount
+	mkfs.vfat -n SQUASHBOOT ${@}
+	syslinux -i ${@}
+	mount -t vfat ${@} mount
+	mkdir -p $(addprefix mount/, EFI/BOOT efi32 efi64 bios)
+	cp /usr/lib/SYSLINUX.EFI/efi32/syslinux.efi mount/EFI/BOOT/BOOTIA32.EFI
+	cp /usr/lib/SYSLINUX.EFI/efi64/syslinux.efi mount/EFI/BOOT/BOOTX64.EFI
+	cp $(addprefix /usr/lib/syslinux/modules/efi32/, ldlinux.e32 menu.c32 libutil.c32) mount/efi32/
+	cp $(addprefix /usr/lib/syslinux/modules/efi64/, ldlinux.e64 menu.c32 libutil.c32) mount/efi64/
+	cp $(addprefix /usr/lib/syslinux/modules/bios/, menu.c32 libutil.c32) mount/bios/
+	cp -L vmlinuz initrd.img *.squashfs Makefile partitions mount/
+	cp syslia32.cfg syslx64.cfg syslinux.cfg bootmenu.cfg mount/
+	# Temporary workaround, Uncomment for syslinux 6.04+
+	cp $(addprefix /usr/lib/syslinux/modules/, efi32/ldlinux.e32 efi64/ldlinux.e64) mount/EFI/BOOT/
+	cp syslx64.cfg mount/EFI/BOOT/syslinux.cfg
+	umount mount/
+	sync
+
+/dev/sd%2: /dev/sd% .FORCE
+	mkswap -L SWAP ${@}
+	sync
+
+/dev/sd%3: /dev/sd% .FORCE
+	mkdir -p mount
+	mkfs.btrfs -fL SQUASHCLIENT ${@}
+	mount -t btrfs ${@} mount
+	btrfs subvolume create mount/home
+	chmod 0755 mount/home
+	umount mount/
+	sync
diff --git a/config_base/etc/X11/Xresources/xscreensaver b/config_base/etc/X11/Xresources/xscreensaver
index 657bf26..6c4d7e8 100644
--- a/config_base/etc/X11/Xresources/xscreensaver
+++ b/config_base/etc/X11/Xresources/xscreensaver
@@ -1,2 +1,4 @@
 xscreensaver.mode: one
 xscreensaver.selected: 151
+xscreensaver.newLoginCommand: /usr/sbin/lxdm -c USER_SWITCH
+
diff --git a/config_base/etc/apt/preferences b/config_base/etc/apt/preferences
new file mode 100644
index 0000000..6534992
--- /dev/null
+++ b/config_base/etc/apt/preferences
@@ -0,0 +1,3 @@
+Package: *
+Pin: release n=stretch
+Pin-Priority: 900
diff --git a/config_base/etc/apt/sources.list b/config_base/etc/apt/sources.list
index 10a702f..bd5d70e 100644
--- a/config_base/etc/apt/sources.list
+++ b/config_base/etc/apt/sources.list
@@ -1,2 +1,4 @@
 deb http://deb.debian.org/debian stretch main
 deb http://security.debian.org/ stretch/updates main
+
+deb http://deb.debian.org/debian buster main
diff --git a/config_base/etc/hostname b/config_base/etc/hostname
index 104920e..9327fc4 100644
--- a/config_base/etc/hostname
+++ b/config_base/etc/hostname
@@ -1 +1 @@
-stretch-i386
+stretch-squash
diff --git a/config_base/etc/hosts b/config_base/etc/hosts
new file mode 100644
index 0000000..db93d46
--- /dev/null
+++ b/config_base/etc/hosts
@@ -0,0 +1,5 @@
+127.0.0.1	localhost stretch-squash
+::1		localhost ip6-localhost ip6-loopback
+ff02::1		ip6-allnodes
+ff02::2		ip6-allrouters
+
diff --git a/config_base/etc/lxdm/lxdm.conf b/config_base/etc/lxdm/lxdm.conf
new file mode 100644
index 0000000..ceb4ca6
--- /dev/null
+++ b/config_base/etc/lxdm/lxdm.conf
@@ -0,0 +1,61 @@
+[base]
+## uncomment and set autologin username to enable autologin
+# autologin=dgod
+
+## uncomment and set timeout to enable timeout autologin,
+## the value should >=5
+# timeout=10
+
+## default session or desktop used when no systemwide config
+session=/usr/bin/startxfce4
+
+## uncomment and set to set numlock on your keyboard
+# numlock=0
+
+## set this if you don't want to put xauth file at ~/.Xauthority
+# xauth_path=/tmp
+
+# not ask password for users who have empty password
+# skip_password=1
+
+## greeter used to welcome the user
+greeter=/usr/lib/lxdm/lxdm-greeter-gtk
+
+[server]
+## arg used to start xserver, not fully function
+# arg=/usr/bin/X -background vt1
+# uncomment this if you really want xserver listen to tcp
+# tcp_listen=1
+
+[display]
+## gtk theme used by greeter
+gtk_theme=Clearlooks
+
+## background of the greeter
+#bg=/usr/share/backgrounds/default.png
+bg=/usr/share/images/desktop-base/login-background.svg
+
+## if show bottom pane
+bottom_pane=1
+
+## if show language select control
+lang=1
+
+## if show keyboard layout select control
+keyboard=0
+
+## the theme of greeter
+theme=Industrial
+
+[input]
+
+[userlist]
+## if disable the user list control at greeter
+disable=0
+
+## whitelist user
+white=
+
+## blacklist user
+black=
+
diff --git a/config_elok/etc/sudoers b/config_base/etc/sudoers
similarity index 100%
rename from config_elok/etc/sudoers
rename to config_base/etc/sudoers
diff --git a/config_elok/etc/sddm.conf b/config_elok/etc/sddm.conf
deleted file mode 100644
index 542c329..0000000
--- a/config_elok/etc/sddm.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-[Autologin]
-User=guest
-Session=plasma.desktop
diff --git a/partitions b/partitions
new file mode 100644
index 0000000..a02f341
--- /dev/null
+++ b/partitions
@@ -0,0 +1,6 @@
+label: gpt
+unit: sectors
+
+: start=2048, size=2G, type=1, attrs="LegacyBIOSBootable"
+: size=3G, type=19
+: type=28
diff --git a/permissions.mk b/permissions.mk
new file mode 100644
index 0000000..165f3b4
--- /dev/null
+++ b/permissions.mk
@@ -0,0 +1,22 @@
+.PHONY: permissions
+
+permissions: ${CONFIG} .FORCE                                                                                           
+	chown -R root:root config_*/ 
+	chmod 0755 config_*/
+	-chmod -R a+rX config_*/etc/
+	-chmod -R a+rX config_*/var/
+	-chmod -R a+rX config_*/lib/
+	-chmod -R a+rX config_*/usr/
+	-chmod -R a+rX config_*/opt/
+	-chmod 0700 config_*/var/lib/polkit-1/
+	-chgrp -R 107 config_*/var/spool/cron/crontabs/
+	-chmod 1730 config_*/var/spool/cron/crontabs/
+	-chmod 0600 config_*/var/spool/cron/crontabs/*
+	-chmod 0600 config_*/etc/NetworkManager/system-connections/*
+	-chmod 0750 config_*/root/
+	-chmod 0700 config_*/root/.ssh/
+	-chmod 0600 config_*/root/.ssh/authorized_keys
+	-chmod 0750 config_*/home/*/
+	-chmod 0700 config_*/home/*/.ssh/
+	-chmod 0600 config_*/home/*/.ssh/authorized_keys
+	-chown 1014:1014 config_*/home/guest
-- 
2.39.2