X-Git-Url: http://git.annexia.org/?p=libguestfs.git;a=blobdiff_plain;f=appliance%2Fmake.sh.in;h=15a2f65b8b595b86a825e0382114a7bc30b8ab36;hp=fc42d7e70d4ae559dfc517d1d151a033ac423a3a;hb=e00b27fea31a67f3bae2f91c70ab1e6816673c4d;hpb=812a2d57a8b847247796da2cd79a73aa1ab16b66

diff --git a/appliance/make.sh.in b/appliance/make.sh.in
index fc42d7e..15a2f65 100755
--- a/appliance/make.sh.in
+++ b/appliance/make.sh.in
@@ -77,35 +77,49 @@ rm -f $koutput
 # Don't need any firmware.
 @FEBOOTSTRAP_RUN@ initramfs -- rm -rf /lib/firmware
 
-# Modules take up nearly half of the image.  It's a rough guess that
-# we don't need many drivers (which take up most of the space).
-(cd initramfs && find lib/modules/*/kernel \
-  -name '*.ko' \
-  -a ! -name 'virtio.ko' \
-  -a ! -name 'virtio_net.ko' \
-  -a ! -name 'virtio_pci.ko' \
-  -a ! -name 'virtio_ring.ko' \
-  -a ! -name 'ext2.ko' \
-  -a ! -name 'ext3.ko' \
-  -a ! -name 'ext4*.ko' \
-  -a ! -name 'crc16.ko' \
-  -a ! -name 'jbd.ko' \
-  -a ! -name 'jbd2.ko' \
-  -a ! -name 'fuse.ko' \
-  -a ! -name 'vfat.ko' \
-  -a ! -name 'fat.ko' \
-  -a ! -name 'udf.ko' \
-  -a ! -name 'crc_itu_t.ko' \
-  -a ! -name 'nls_utf8.ko' \
-  -a ! -name 'dm-*.ko' \
-  -a ! -name 'cramfs.ko' \
-  -a ! -name 'squashfs.ko' \
-  -a ! -name 'hfsplus.ko' \
-  -a ! -name 'ufs.ko' \
-  -a ! -name 'exportfs.ko' \
-  -a ! -name 'xfs.ko' \
-  -a -print0 ) |
-  xargs -0 @FEBOOTSTRAP_RUN@ initramfs -- rm
+# Don't need any keyboard maps.
+@FEBOOTSTRAP_RUN@ initramfs -- rm -rf /lib/kbd
+
+# Remove anything in home directory.  Because this is potentially
+# liable to monstrous fuck-ups, we don't put a slash before 'home'.
+(cd initramfs && echo home/*) |
+  xargs @FEBOOTSTRAP_RUN@ initramfs -- rm -rf
+
+# Remove /var/lib/yum stuff.
+@FEBOOTSTRAP_RUN@ initramfs -- rm -rf /var/lib/yum
+
+# Remove some unreadable binaries which are incompatible with
+# the supermin appliance.  Since these binaries can't be read
+# from the host filesystem, they generate warnings like:
+#   cpio: ./usr/bin/chfn: Cannot open: Permission denied
+# These binaries are not needed for operation of the appliance.
+@FEBOOTSTRAP_RUN@ initramfs -- rm -f \
+  /usr/bin/chfn \
+  /usr/bin/chsh \
+  /usr/libexec/pt_chown \
+  /usr/sbin/groupdel \
+  /usr/sbin/groupadd \
+  /usr/sbin/useradd \
+  /usr/sbin/tzdata-update \
+  /usr/sbin/userdel \
+  /usr/sbin/usermod \
+  /usr/sbin/groupmod \
+  /usr/sbin/groupmems \
+  /sbin/unix_update \
+  $(cd initramfs && echo usr/sbin/glibc_post_upgrade.*)
+
+# Kernel modules take up nearly half of the image.  Only include ones
+# which are on the whitelist.
+exec 5<appliance/kmod.whitelist
+whitelist=
+while read kmod 0<&5; do
+    whitelist="$whitelist -a -not -name $kmod"
+done
+exec 5<&-
+
+(cd initramfs && \
+  find lib/modules/*/kernel -name '*.ko' $whitelist -a -print0 ) |
+  xargs -0 febootstrap-run initramfs -- rm
 
 # Pull the kernel out into the current directory.  We don't want it in
 # the initramfs image.