Nemesis build

[Jack]

Here is my next project I'm going to try.

When I try and build Nemesis I will only boot up Always Fresh mode and the only modules will be in boot up is 000-kernel and 001-core.

Next week I'm going to try and build 001-core with this script but will build new build or will it just do a upgrade build?

Code: Select all

#!/bin/bash
# UPnemesis-base (alias upbase)
# Updates NEMESIS base modules ( $PORTDIR/base )
#
# https://forum.porteus.org/viewtopic.php?p=85205#p85205
#

[[ $EUID -eq 0 ]] || su -c "$0" #FIXME [[ $? -ne 0 ]] && exit

confirm() { echo; tput bold; tput setaf 6; read -n1 -rsp "$1"; tput sgr0; echo -e "\n"; [[ $REPLY =~ ^[Yy]$ ]]; }
warn() { echo; echo "$(tput setaf 1) $1 $(tput sgr0)"; echo; }; 
[ ! $(grep -o 'base_only' /proc/cmdline) ] && warn "Please start Nemesis with **Always Fresh** boot parameters" && exit

the_end() {
	cd /tmp/updBASE || exit
	[[ -z $(\ls -A LOCALES) ]] || dir2xzm LOCALES LOCALES.xzm
	rm -r LOCALES "$outMOD" >/dev/null 2>&1
	echo " All Done!"; echo "Your files are here: $PWD"; xdg-open . & disown ### FIXME // exo-open . // thunar .
	unset pkgAdd pkgRem outMOD
	eval "exit $?"
}
trap the_end SIGHUP SIGINT SIGTERM #SIGQUIT  EXIT HUP INT TERM

### stat -c '%A %a %G %g %n' $(find ./usr/bin -mindepth 1 -maxdepth 1 '(' -type f -not -perm 0755 ')') -o '(' -type d -not -perm 0755 ')' ### -o '(' -type f -not -perm 0644 ')') #FIXME
fixPERMS() {
	chmod -f 711 "$1"/var/db/sudo/ >/dev/null 2>&1
	chmod -f 700 "$1"/var/db/sudo/lectured/ "$1"/var/lib/NetworkManager/ "$1"/etc/NetworkManager/system-connections/ >/dev/null 2>&1
	chmod -f 750 "$1"/root "$1"/etc/sudoers.d/ "$1"/etc/openvpn/{client,server}/ "$1"/{usr/share,etc}/polkit-1/rules.d/ >/dev/null 2>&1
	chmod -f 755 "$1"/etc "$1"/etc/local.d "$1"/usr "$1"/usr/local "$1"/usr/local/bin >/dev/null 2>&1
	chmod -f 555 "$1"/{proc,sys}/ "$1"/srv/ftp >/dev/null 2>&1
	chmod -f 775 "$1"/var/games >/dev/null 2>&1
	chmod -f 1777 "$1"/var/{spool/mail,tmp} >/dev/null 2>&1
	find "$1"/usr/share/icons -type d -exec chmod 755 {} + >/dev/null 2>&1
	find "$1"/usr/share/icons -type f -exec chmod 644 {} + >/dev/null 2>&1
}

### Bypass adwaita-icon-theme
remADWAITA() {
	[ -d "$1"/usr/share/themes/Adwaita ] || return
	rm "$1"/usr/share/mime/packages/freedesktop.org.xml "$1"/usr/lib/gtk-2.0/2.10.0/engines/libadwaita.so >/dev/null 2>&1
	rm -r "$1"/usr/share/themes/{Adwaita,Adwaita-dark,HighContrast} >/dev/null 2>&1 #FIXME
}

### [[ $? = 1 ]]
prepareSYS() {
	fixPERMS ""
	### WORKAROUND to --> "Please ensure you have a connection and try again. Exit code: 1" /// caused by /etc/local.d/firewall.start
	setup-pman || { pacman-db-upgrade; haveged; pacman-key --init; pacman-key --populate archlinux artix; pkill haveged; update-ca-trust; pacman -Sy; }
	[[ $(pacman -Qu | wc -l) -eq 0 ]] || pacman -Syyu --overwrite '*' ### --ignore '*' >/dev/null
	mkdir /tmp/updBASE || exit ### avoid iterations
	clear; echo "  Main system: updated  "; echo #FIXME
}

patchCORE() {
# mount -t proc proc proc/
# mount -t sysfs sys sys/
# mount --bind /dev dev/
# mount -t devpts pts dev/pts/ rw,mode=0620,gid=5 0 0
# umount -R "$1"/{proc,sys,dev}
	#for mp in proc sys dev dev/pts run; do mount --bind /$mp /tmp/"$outMOD"/$mp; done &
	#chroot /tmp/"$outMOD" /bin/bash

### Pre/Post transaction hooks
	# *** WARNING: USE THEM AT YOUR OWN RISK ***
	# THESE ARE SOME TASKS ('HOOKS') EXECUTED AFTER PACMAN FINISHES UPDATING PACKAGES
	# YOU CAN FIND THESE LOCATED AT: /usr/share/libalpm/hooks/
	# THEY NEED TO BE EXECUTED IN REAL ENVIRONMENT, SO YOU NEED TO chroot PRIOR TO USE THEM
	# MOST OF THEM WILL FAIL UNLESS YOU RECREATE A INSTALLED SYSTEM WITH THE NEEDED MOUNTPOINTS
	# *** YOU'VE BEEN WARNED ***

	pacman-db-upgrade -r /tmp/updBASE/"$outMOD"
	sysusers --root=/tmp/updBASE/"$outMOD"/ ### emulates '20-sysusers.hook' execution in our target root #FIXME
	tmpfiles --root=/tmp/updBASE/"$outMOD"/ --create #FIXME
	# usr/bin/update-ca-trust
	# usr/bin/gio-querymodules usr/lib/gio/modules
	# usr/bin/gtk-query-immodules-3.0 --update-cache
	# usr/bin/gdk-pixbuf-query-loaders --update-cache
	# usr/share/libalpm/scripts/gtk-update-icon-cache
	# glib-compile-schemas usr/share/glib-2.0/schemas
	# usr/share/libalpm/scripts/openrc-hook sysctl
	# usr/share/libalpm/scripts/openrc-hook reexec
	# usr/share/libalpm/scripts/dconf-update
	# usr/share/libalpm/scripts/openrc-hook reload dbus
	# umount -R {proc,sys,dev} ### WARNING
	#for mp in proc sys dev dev/pts; do mount --bind /$mp /$mp; done &
	return
}

updateBASE() {
	[ -d /tmp/updBASE ] || prepareSYS
	cd /tmp/updBASE || exit
	[ -d LOCALES ] || mkdir -p LOCALES
	PS3=$'\n'$'\e[00;36mPlease, select base module to update or exit (1-6): \e[0m'
	select outMOD in 003-lxde 003-mate 003-xfce 002-xtra 002-gui 05-devel 001-core end #FIXME
	do
		pkgAdd=""
		pkgRem=""
		case $outMOD in
			*lxde) pkgAdd=""; pkgRem="";; ### --overwrite '*' #FIXME			
            *mate) pkgAdd=""; pkgRem="";; ### --overwrite '*' #FIXME
            *xfce) pkgAdd=""; pkgRem="";; ### --overwrite '*' #FIXME
			*xtra) pkgAdd=""; pkgRem="";; ### --overwrite '*' #FIXME
			 *gui) pkgAdd=""; pkgRem="";; ### --overwrite '*' #FIXME
			*devel) pkgAdd=""; pkgRem="";; ### --overwrite '*' #FIXME
			*core) pkgAdd=""; pkgRem="";; ### --overwrite '*';; ### --ignore '*' #FIXME
			end*) the_end;;
		esac
	#outMOD="$(basename "$(\ls -1 "$PORTDIR"/base/*$outMOD*)" | cut -d- -f-2)" ### \ls escapes user alias ;) #FIXME
	break
	done

	### rsync -a /mnt/live/memory/images/$outMOD*.xzm/ "$outMOD" ### unsquash uses parallel processing and seems to be faster #FIXME
    ### -b, --dbpath <path>  set an alternate database location --cachedir "/var/cache/pacman/pkg" #FIXME
	unsquashfs -f -d "$outMOD" "$PORTDIR"/base/"$outMOD"*
	cp -au --parents /var/lib/pacman/{sync/,local/ALPM_DB_VERSION} "$outMOD"
	if [[ $(pacman -Qur "$outMOD" | wc -l) -eq 0 ]]; then warn "$outMOD is up to date"; rm -r "$outMOD"; return; fi
	pacman -Qqnr "$outMOD" | pacman -Sddur "$outMOD" --overwrite '*' --noconfirm --needed - ### --ignore '*'
### pacman -r "$outMOD" --cachedir="/var/cache/pacman/pkg" -U /var/cache/pacman/pkg/*.{zst,xz}
	### Add / Remove packages --> Useful i.e. to avoid duplicate database entries
	[[ -z $pkgAdd ]] || eval "pacman -Sddr $outMOD $pkgAdd"
	[[ -z $pkgRem ]] || eval "pacman -Rddr $outMOD $pkgRem"
	#pacman -Qqmr $outMOD | pacman -Rddr $outMOD - ### Qq existing Qqn native Qqm foreign (aur,etc.), Qqt unrequired Qqe explicit QQd dependencies // pacman -Qet explicitly installed and not required as dependencies

cd /tmp/updBASE/"$outMOD" || exit
	### ADDED Get usr locale environment from cheatcodes and $LANG env variable
	KMAP=$(grep -Eo " kmap=[^ ]+" /proc/cmdline | cut -d= -f2)
	[[ -z $LANG ]] && LANG="$KMAP" || LANG="${LANG%.*}"
	[[ -z $LANG ]] && warn "Couldn't set your locale config" ### get_locale
	###	find usr/share/locale \( -name 'e[ns]_[EU]S' -o -name 'e[ns]' -o -iname 'locale.alias' \) -exec cp -au --parents {} /tmp/LOCALES \;
	find usr/share/locale \( -name "en" -o -name "en_US" -o -name "$KMAP" -o -name "$LANG" -o -iname 'locale.alias' \) -exec cp -au --parents {} /tmp/updBASE/LOCALES \;
	unset KMAP

	### strip out ~ 270 MB from core stuff
	[[ "$outMOD" = "001-core" ]] && {
		#patchCORE  ### OMIT BY DEFAULT chgrp root etc/shadow*
		rm -r usr/lib/{libasan,libgfortran,libgo,libtsan}.so* usr/lib/*.a usr/bin/js78* lib/pkgconfig usr/share/i18n/charmaps/*.gz >/dev/null 2>&1 #FIXME libgomp, seems to be necessary for ffmpeg
	}
	rm -r usr/share/{doc,gir-1.0,gtk-doc,info,licenses,locale,man} usr/include/* usr/lib/systemd/* tmp/* var/lib/pacman/{sync/,local/ALPM_DB_VERSION} >/dev/null 2>&1

cd /tmp/updBASE || exit
	fixPERMS "$outMOD"
	[ -d "$outMOD"/home/guest ] && chown -R 1000.1000 "$outMOD"/home/guest >/dev/null 2>&1
	#confirm "Press any key when ready "
	mv "$outMOD"/var/log/pacman.log "$outMOD"-pacman.log >/dev/null 2>&1
	dir2xzm "$outMOD" "$outMOD-$(date '+%Y%m%d').xzm"
	rm -r "$outMOD"
}

# Main loop
while confirm "Shall we update [y/*]? "; do updateBASE; done

warn " Aborted. Exit code: $?"

If I get it built and works then I will build 002-gui. When I try all I have will be 000-kernel and 001-core to see if works.

When I build 002-gui but I will need a script to do it.

Then I will build 002-xtra but I will need a script to do it.

And then I will build 003-mate I will use this script to do it. Will be a new build or will it just do a upgrade build?

Code: Select all

setup-pman
pacman -Syu
# create a dir (name it 003-MATE-Nemesis) or the like
mkdir 003-MATE-Nemesis
PATH1=003-MATE-Nemesis
cp --parents -au /var/lib/pacman/local/ALPM_DB_VERSION $PATH1
pacman -Syyr $PATH1
pacman -Sr mate mate-extras
rm -rf $PATH1/usr/include/* $PATH1/usr/lib/systemd/* $PATH1/tmp
rm -rf $PATH1/usr/share/{info/*,doc/*,gir-1.0/*,gtk-doc/*,licenses/*,locale/*,man/*} >/dev/null 2>&1
rm -r $PATH1/var/lib/pacman/{sync/,local/ALPM_DB_VERSION} >/dev/null 2>&1
rm /var/cache/pacman/pkg/* >/dev/null 2>&1
dir2xzm 003-MATE-Nemesis/ 003-MATE-Nemesis.xzm

Just tell me what you think on what I'm going to do.

[Ed_P]

I think you are going to learn a lot.

[Jack]

I think you are going to learn a lot.

That why I want to try it and it might help me understand more about it.

[Jack]

I found thunar in this line but could it cause a problem? I don't have xfce installed.

Code: Select all

echo " All Done!"; echo "Your files are here: $PWD"; thunar . & disown

[M. Eerie]

I found thunar in this line but could it cause a problem? I don't have xfce installed.

Code: Select all

echo " All Done!"; echo "Your files are here: $PWD"; thunar . & disown

change thunar to xdg-open

Please, hold on...

[M. Eerie]

Next week I'm going to try and build 001-core with this script but will build new build or will it just do a upgrade build?

This script works for me and allows to update without problems everything ___but___ core module. So I think you better do the reverse path...

The core module, involves to perform changes in a real environment with the following mount points:

Code: Select all

# System mounts:
aufs / aufs defaults 0 0
proc /proc proc defaults 0 0
sysfs /sys sysfs defaults 0 0
devtmpfs /dev devtmpfs defaults 0 0
devpts /dev/pts devpts rw,mode=0620,gid=5 0 0

Since we are doing this in a booted system, we can circumvent this by using a fakeroot account.

In between, from Porteus, there's already a script that can help:

Code: Select all

#!/bin/bash
# newroot
#
# A script to automate the chroot task

# Source the functions file
. /usr/share/porteus/porteus-functions
get_colors

[ -z $1 ] && { echo "$0 /path/to/chroot"; exit; }
fail(){ red "Could not mount $1"; exit; }


if [ -d $1 ]; then
	mount -t proc /proc $1/proc || fail "proc at: $1/proc"
	mount --rbind /dev $1/dev || fail "dev at: $1/dev"
	mount --rbind /sys $1/sys || fail "sys at: $1/sys"
	chroot $1 /bin/bash || { red "Failed to chroot to $1"; exit; }
	exit
else
    exit
    red "$1 is not a directory"
fi

If you end with a fully working script, please share.
I will try... When I have the time, but I can't go at your pace, even being 15 years younger.

Edited...

[M. Eerie]

@Jack

Start from the most recent script version I've published.

2021 Updated Nemesis Base Modules (Post by M. Eerie #85205)

Thanks.

[Jack]

Next week I'm going to try and build 001-core with this script but will build new build or will it just do a upgrade build?

This script works for me and allows to update without problems everything ___but___ core module. So I think you better do the reverse path...

The core module, involves to perform changes in a real environment with the following mount points:

Code: Select all

# System mounts:
aufs / aufs defaults 0 0
proc /proc proc defaults 0 0
sysfs /sys sysfs defaults 0 0
devtmpfs /dev devtmpfs defaults 0 0
devpts /dev/pts devpts rw,mode=0620,gid=5 0 0

Since we are doing this in a booted system, we can circumvent this by using a fakeroot account.

In between, from Porteus, there's already a script that can help:

Code: Select all

#!/bin/bash
# newroot
#
# A script to automate the chroot task

# Source the functions file
. /usr/share/porteus/porteus-functions
get_colors

[ -z $1 ] && { echo "$0 /path/to/chroot"; exit; }
fail(){ red "Could not mount $1"; exit; }


if [ -d $1 ]; then
	mount -t proc /proc $1/proc || fail "proc at: $1/proc"
	mount --rbind /dev $1/dev || fail "dev at: $1/dev"
	mount --rbind /sys $1/sys || fail "sys at: $1/sys"
	chroot $1 /bin/bash || { red "Failed to chroot to $1"; exit; }
	exit
else
    exit
    red "$1 is not a directory"
fi

If you end with a fully working script, please share.
I will try... When I have the time, but I can't go at your pace, even being 15 years younger.

Edited...

I will wait tell you have it ready but take your time just let me know. Sorry if I'm going to fast I will slow down.

[Jack]

Well if I can't build 001-core right now then I can try and build 002-gui and 002-xtra at lease I'm learning something. And in a month or 2 I will build 003-mate and 003-xtra. That way most will be up to date.

[M. Eerie]

Well if I can't build 001-core right now then I can try and build 002-gui and 002-xtra at lease I'm learning something. And in a month or 2 I will build 003-mate and 003-xtra

Basically both scripts do the same thing. The former, doing it automatically, the later is intended to be copy-pasted line by line in a terminal.

So, right now, you should be able to update without trouble everything except 001-core.

Speaking of which, since the last update, it seems pacman doesn't get any package updates in a while as if the database became stalled. Is it intended, ncmprhnsbl?

[ncmprhnsbl]

Speaking of which, since the last update, it seems pacman doesn't get any package updates in a while as if the database became stalled. Is it intended, ncmprhnsbl?

NEW: isos, modules 2021 (Post by ncmprhnsbl #84639) :

mirrorlists set to frozen archive repos set at 2021-10-06
new command: mirrorlist-toggle : that toggles between archive repos and rolling repos . (use `inxi -r` to check what is in use)
(be sure to deactivate pm-conf.xzm if you have it or if using changes: cp -a /mnt/live/memory/images/001-core.xzm/etc/pacman.d{mirrorlist,mirrorlist-arch,mirrorlist.bak,mirrorlist-arch.bak} /etc/pacman.d/

(and rerun setup-pman)
alternatively, instead setting to rolling repos you can manually edit the archive mirrolists to a later date (note: arch archive repos seem to lag behind artix by a half a day or so...)
i suggest doing that or using rolling repos only if you're updating the base or if what you want doesn't pull any base deps.. (see whichmod command).