Added febootstrap-install program.
configure
febootstrap
febootstrap-run
+febootstrap-install
febootstrap-minimize
febootstrap-to-initramfs
install-sh
bin_SCRIPTS = \
febootstrap \
febootstrap-run \
+ febootstrap-install \
febootstrap-minimize \
febootstrap-to-initramfs
DISTCLEANFILES = $(bin_SCRIPTS)
chmod 0555 $@-t
mv $@-t $@
+febootstrap-install: febootstrap-install.sh
+ rm -f $@
+ cp $< $@-t
+ chmod 0555 $@-t
+ mv $@-t $@
+
febootstrap-minimize: febootstrap-minimize.sh
rm -f $@
cp $< $@-t
man_MANS = \
febootstrap.8 \
febootstrap-run.8 \
+ febootstrap-install.8 \
febootstrap-minimize.8 \
febootstrap-to-initramfs.8
febootstrap-run.txt: febootstrap-run.pod
pod2text $< > $@
+febootstrap-install.8: febootstrap-install.pod
+ pod2man \
+ --section 8 \
+ -c "Virtualization Support" \
+ --release "$(PACKAGE_NAME)-$(PACKAGE_VERSION)" \
+ $< > $@
+
+febootstrap-install.txt: febootstrap-install.pod
+ pod2text $< > $@
+
febootstrap-minimize.8: febootstrap-minimize.pod
pod2man \
--section 8 \
febootstrap.sh \
febootstrap-run.8 febootstrap-run.txt febootstrap-run.pod \
febootstrap-run.sh \
+ febootstrap-install.8 febootstrap-install.txt febootstrap-install.pod \
+ febootstrap-install.sh \
febootstrap-minimize.8 febootstrap-minimize.txt \
febootstrap-minimize.pod \
febootstrap-minimize.sh \
--- /dev/null
+=head1 NAME
+
+febootstrap-install - Install a file in an febootstrap root filesystem
+
+=head1 SYNOPSIS
+
+ febootstrap-install ROOT LOCALFILE TARGETPATH MODE OWNER[.GROUP]
+
+=head1 DESCRIPTION
+
+This can be used to safely install a new file in an febootstrap
+root filesystem.
+
+Just copying a file in isn't usually safe, for reasons which are to do
+with the L<fakeroot(8)> command.
+
+=head1 EXAMPLE
+
+ febootstrap-install initramfs new-fstab /etc/fstab ugo=rw root.root
+
+=head1 SEE ALSO
+
+L<febootstrap(8)>,
+L<febootstrap-run(8)>,
+L<fakeroot(1)>,
+L<fakechroot(1)>.
+
+=head1 AUTHORS
+
+Richard W.M. Jones <rjones @ redhat . com>
+
+=head1 COPYRIGHT
+
+(C) Copyright 2009 Red Hat Inc.,
+L<http://et.redhat.com/~rjones/febootstrap>.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
--- /dev/null
+#!/bin/bash -
+# febootstrap-install
+# (C) Copyright 2009 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+# Written by Richard W.M. Jones <rjones@redhat.com>
+
+unset CDPATH
+
+usage ()
+{
+ echo "Usage: febootstrap-install ROOT LOCALFILE TARGETPATH MODE OWNER[.GROUP]"
+ echo "Please read febootstrap-install(8) man page for more information."
+}
+
+if [ $# != 5 ]; then
+ usage
+ exit 1
+fi
+
+set -e
+
+# This is a carefully chosen sequence of commands which
+# tries not to disturb any inode numbers apart from the
+# one for the new file.
+cp "$2" "$1"/"$3"
+ino=$(ls -i "$1"/"$3" | awk '{print $1}')
+cp "$1"/fakeroot.log "$1"/fakeroot.log.old
+grep -v "ino=$ino," "$1"/fakeroot.log.old > "$1"/fakeroot.log
+rm "$1"/fakeroot.log.old
+febootstrap-run "$1" -- chmod "$4" "$3"
+febootstrap-run "$1" -- chown "$5" "$3"
#----------------------------------------------------------------------
+# ***NOTE*** Wildcards cannot be passed to febootstrap-run.
+
if [ "$keep_locales" != "yes" ]; then
- rm -rf "$target"/usr/lib/locale/*
- rm -rf "$target"/usr/share/locale
- rm -rf "$target"/usr/lib*/gconv
- rm -f "$target"/usr/bin/localedef
- rm -f "$target"/usr/sbin/build-locale-archive
+ febootstrap-run "$target" -- rm -rf usr/lib/locale
+ febootstrap-run "$target" -- rm -rf usr/share/locale
+ febootstrap-run "$target" -- rm -rf usr/lib/gconv usr/lib64/gconv
+ febootstrap-run "$target" -- rm -f usr/bin/localedef
+ febootstrap-run "$target" -- rm -f usr/sbin/build-locale-archive
fi
if [ "$keep_docs" != "yes" ]; then
- rm -rf "$target"/usr/share/man
- rm -rf "$target"/usr/share/doc
- rm -rf "$target"/usr/share/info
- rm -rf "$target"/usr/share/gnome/help
+ febootstrap-run "$target" -- rm -rf usr/share/man
+ febootstrap-run "$target" -- rm -rf usr/share/doc
+ febootstrap-run "$target" -- rm -rf usr/share/info
+ febootstrap-run "$target" -- rm -rf usr/share/gnome/help
fi
if [ "$keep_cracklib" != "yes" ]; then
- rm -rf "$target"/usr/share/cracklib
+ febootstrap-run "$target" -- rm -rf usr/share/cracklib
fi
if [ "$keep_i18n" != "yes" ]; then
- rm -rf "$target"/usr/share/i18n
+ febootstrap-run "$target" -- rm -rf usr/share/i18n
fi
if [ "$keep_zoneinfo" != "yes" ]; then
mv "$target"/usr/share/zoneinfo/{UCT,UTC,Universal,Zulu,GMT*,*.tab} \
"$target"
- rm -rf "$target"/usr/share/zoneinfo/*
+ febootstrap-run "$target" -- rm -rf usr/share/zoneinfo
+ febootstrap-run "$target" -- mkdir -p --mode=0755 usr/share/zoneinfo
mv "$target"/{UCT,UTC,Universal,Zulu,GMT*,*.tab} \
"$target"/usr/share/zoneinfo/
fi
if [ "$keep_rpmdb" != "yes" ]; then
- rm -rf "$target"/var/lib/rpm/*
+ febootstrap-run "$target" -- rm -rf var/lib/rpm
+ febootstrap-run "$target" -- mkdir -p --mode=0755 var/lib/rpm
fi
if [ "$keep_yum_cache" != "yes" ]; then
- rm -rf "$target"/var/cache/yum/*
+ febootstrap-run "$target" -- rm -rf var/cache/yum
+ febootstrap-run "$target" -- mkdir -p --mode=0755 var/cache/yum
fi
if [ "$keep_services" != "yes" ]; then
fi
if [ "$keep_sln" != "yes" ]; then
- rm -f "$target"/sbin/sln
+ febootstrap-run "$target" -- rm -f sbin/sln
fi
if [ "$keep_ldconfig" != "yes" ]; then
- rm -f "$target"/sbin/ldconfig
- rm -f "$target"/etc/ld.so.cache
- rm -rf "$target"/var/cache/ldconfig/*
+ febootstrap-run "$target" -- rm -f sbin/ldconfig
+ febootstrap-run "$target" -- rm -f etc/ld.so.cache
+ febootstrap-run "$target" -- rm -rf var/cache/ldconfig
+ febootstrap-run "$target" -- mkdir -p --mode=0755 var/cache/ldconfig
fi
if [ "$pack_executables" = "yes" ]; then
=head1 EXAMPLES
-One way to create a new file with specific ownership and permissions
-from a script is to create new content for a file as C<root/file.new>:
+Remove a directory subtree safely:
- #!/bin/bash
-
- echo blah > root/file.new
-
-then "install" it with the correct ownership and permissions.
-
- febootstrap-run root -- install -m 0644 -o root -g root /file.new /file
- rm root/file.new
+ febootstrap-run initramfs -- rm -r /etc
-(This requires that the C</usr/bin/install> command from coreutils
-exists inside the root.)
+(This requires that you have a compatible 'rm' command in the root).
Another way to do complex operations from a script is to export a
function:
=head1 SEE ALSO
L<febootstrap(8)>,
+L<febootstrap-install(8)>,
L<fakeroot(1)>,
L<fakechroot(1)>.
exit 1
fi
+set -e
+
if [ -f fakeroot.log ]; then
fakeroot -i fakeroot.log \
sh -c 'find -not -name fakeroot.log -a -print0 | cpio -o0c | gzip --best'
directory as C<I<TARGET>/fakeroot.log>.
This logfile is indexed by inode number, which makes certain
-operations safe and other operations unsafe. For example, deleting
-files is usually safe. Files should be replaced only by doing:
+operations safe and other operations unsafe.
+Files should be replaced only by doing:
echo updated-content > old-file
Deleting files and then creating new ones (even with a different name)
is usually unsafe, because the new files might reuse inodes claimed by
the old files, and so appear with peculiar permissions
-(eg. unreadable, or as a symbolic link). (XXX We need an
-C<febootstrap-install> utility to automate installing new files safely
-into a filesystem).
+(eg. unreadable, or as a symbolic link).
+
+Deleting files is also usually unsafe, although the reasons are more
+subtle. If you just use C<rm> then the inode number is not deleted
+from C<fakeroot.log> which means it can be reused by another file
+later on.
In most cases it's usually safest to use C<febootstrap-run>.
=item *
+Use L<febootstrap-install(8)> to install a file with permissions
+in the root filesystem.
+
+=item *
+
Generate an initramfs (compressed cpio) file containing the correct
permissions using the tool C<febootstrap-to-initramfs>.
L<febootstrap-to-initramfs(8)>,
L<febootstrap-minimize(8)>,
L<febootstrap-run(8)>,
+L<febootstrap-install(8)>,
L<fakeroot(1)>,
L<fakechroot(1)>,
L<yum(8)>,