diff --git a/alt_on_ostree.md b/alt_on_ostree.md index c76303a..840874a 100644 --- a/alt_on_ostree.md +++ b/alt_on_ostree.md @@ -15,14 +15,26 @@ cd - ``` mkdir root sudo tar xf out/acos-latest-x86_64.tar -C root/ --exclude=./dev/tty --exclude=./dev/tty0 --exclude=./dev/console --exclude=./dev/urandom --exclude=./dev/random --exclude=./dev/full --exclude=./dev/zero --exclude=/dev/null --exclude=./dev/pts/ptmx --exclude=./dev/null -sudo chroot root/ systemctl enable ignition-firstboot-complete.service sshd +sudo chroot root/ systemctl enable ignition-firstboot-complete.service ostree-remount.service sshd docker sudo sed -i 's/^LABEL=ROOT\t/LABEL=boot\t/g' root/etc/fstab sudo sed -i 's/^AcceptEnv /#AcceptEnv /g' root/etc/openssh/sshd_config sudo sed -i 's/^# WHEEL_USERS ALL=(ALL) ALL$/WHEEL_USERS ALL=(ALL) ALL/g' root/etc/sudoers +sudo sed -i 's|^HOME=/home$|HOME=/var/home|g' root/etc/default/useradd echo "blacklist floppy" | sudo tee root/etc/modprobe.d/blacklist-floppy.conf sudo mkdir root/sysroot sudo ln -s sysroot/ostree root/ostree -sudo chroot root/ chown :wheel /usr/bin/sudo /bin/su + +sudo mv root/home root/opt root/srv root/mnt root/var/ +sudo mv root/root root/var/roothome +sudo mv root/usr/local root/var/usrlocal +sudo ln -s var/home root/home +sudo ln -s var/opt root/opt +sudo ln -s var/srv root/srv +sudo ln -s var/roothome root/root +sudo ln -s ../var/usrlocal root/usr/local +sudo ln -s var/mnt root/mnt + +sudo chroot root/ chgrp wheel /usr/bin/sudo /bin/su sudo chroot root/ chmod 710 /usr/bin/sudo /bin/su sudo chroot root/ chmod ug+s /usr/bin/sudo /bin/su @@ -31,11 +43,21 @@ SHA=`sudo sha256sum "$KERNEL" | awk '{print $1;}'` sudo mv "$KERNEL" "$KERNEL-$SHA" sudo rm -f root/boot/vmlinuz sudo rm -f root/boot/initrd* -sudo chroot root/ dracut --reproducible --gzip -v --add ignition --add ostree -f /boot/initramfs-$SHA --no-hostonly --omit-drivers=floppy --omit=nfs --omit=lvm --omit=iscsi --kver `ls root/lib/modules` + +cat < /tmp/ostree.conf +d /run/ostree 0755 root root - +f /run/ostree/initramfs-mount-var 0755 root root - +EOF +sudo cp /tmp/ostree.conf root/ +sudo chroot root/ dracut --reproducible --gzip -v --add ignition --add ostree -f /boot/initramfs-$SHA --include /ostree.conf /etc/tmpfiles.d/ostree.conf --no-hostonly --omit-drivers=floppy --omit=nfs --omit=lvm --omit=iscsi --kver `ls root/lib/modules` +sudo rm -f root/ostree.conf sudo rm -rf root/usr/etc sudo mv root/etc root/usr/etc +sudo mv root/var ./var +sudo mkdir root/var + ostree init --repo=repo --mode=archive sudo ostree commit --repo=repo --tree=dir=root -b alt/x86_64/coreos/stable --no-xattrs --no-bindings --parent=none --mode-ro-executables --add-metadata-string=version=sisyphus.`date +%Y%m%d`.0.0 ``` @@ -67,6 +89,9 @@ sudo ostree config --repo /tmp/acos/ostree/repo set sysroot.bootloader grub2 sudo ostree refs --repo /tmp/acos/ostree/repo --create alt:alt/x86_64/coreos/stable alt/x86_64/coreos/stable sudo ostree admin os-init alt-coreos --sysroot /tmp/acos OSTREE_BOOT_PARTITION="/boot" sudo ostree admin deploy alt:alt/x86_64/coreos/stable --sysroot /tmp/acos --os alt-coreos --karg-append=ignition.platform.id=metal --karg-append=\$ignition_firstboot --karg-append=quiet --karg-append=root=UUID=`sudo blkid --match-tag UUID -o value "$DEVICE"1` +sudo rm -r /tmp/acos/ostree/deploy/alt-coreos/var +sudo mv var /tmp/acos/ostree/deploy/alt-coreos/var +sudo touch /tmp/acos/ostree/deploy/alt-coreos/var/.ostree-selabeled ``` Установить пароль рута в новой системе diff --git a/upgrade_acos.md b/upgrade_acos.md index b5bcb01..0d40418 100644 --- a/upgrade_acos.md +++ b/upgrade_acos.md @@ -2,10 +2,10 @@ На сервере в ветке, из которой была установлена ОС в ostree [подробнее об установке](alt_on_ostree.md), создать новый коммит. Для этого внести изменения в каталог root и вызвать ostree commit без параметра --parent=none. Указать версию. Например так: ``` -touch root/usr/bin/privet -chmod a+x root/usr/bin/privet -echo "echo Privet" > root/usr/bin/privet -sudo ostree commit --repo=repo --tree=dir=root -b alt/x86_64/coreos/stable --owner-uid 0 --owner-gid 0 --no-xattrs --no-bindings --mode-ro-executables --add-metadata-string=version=sisyphus.`date +%Y%m%d`.0.1 +sudo touch root/usr/bin/privet +sudo chmod a+x root/usr/bin/privet +echo "echo Privet"|sudo tee root/usr/bin/privet +sudo ostree commit --repo=repo --tree=dir=root -b alt/x86_64/coreos/stable --no-xattrs --no-bindings --mode-ro-executables --add-metadata-string=version=sisyphus.`date +%Y%m%d`.0.1 ``` Результат можно будет проверить следующими командами: