From 36190f67048830c902b67e92750f0fe0a7092eb9 Mon Sep 17 00:00:00 2001 From: Jan De Landtsheer Date: Tue, 9 Sep 2025 09:41:34 +0200 Subject: [PATCH] initramfs: use /etc/ntp.conf (with ntpd.conf symlink), fix CPIO redirection, add customization logs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit • scripts/lib/initramfs.sh: write /etc/ntp.conf, symlink ntpd.conf if absent; compute absolute output path before cd so cpio|xz redirection works; emit verification logs around initramfs_finalize_customization() • config/zinit/init/ntpd.sh: robust parsing of kernel ntp=, safe defaults, and launch BusyBox ntpd with -p servers --- config/zinit/init/ntpd.sh | 12 ++++---- initramfs/etc/apk/world | 1 + scripts/build.sh | 14 ++++++--- scripts/lib/initramfs.sh | 64 +++++++++++++++++++++++++++++---------- 4 files changed, 64 insertions(+), 27 deletions(-) diff --git a/config/zinit/init/ntpd.sh b/config/zinit/init/ntpd.sh index 8c03c0c..483a17f 100755 --- a/config/zinit/init/ntpd.sh +++ b/config/zinit/init/ntpd.sh @@ -1,24 +1,24 @@ #!/bin/sh -set -e +set -eu # Ensure /etc/ntp.conf exists for tools/hooks expecting it -if [ -f /etc/ntpd.conf ] && [ ! -e /etc/ntp.conf ]; then +if [ ! -e /etc/ntp.conf ] && [ -f /etc/ntpd.conf ]; then ln -sf /etc/ntpd.conf /etc/ntp.conf fi # dhcpcd hook may write into /var/lib/ntp mkdir -p /var/lib/ntp # Extract ntp=... from kernel cmdline if present -ntp_flags="" +ntp_flags="$(grep -o 'ntp=[^ ]*' /proc/cmdline 2>/dev/null | sed 's/^ntp=//' || true)" params="" -if [ -n "" ]; then +if [ -n "${ntp_flags}" ]; then # Convert comma-separated list into multiple -p args - params="-p " + params="-p $(printf '%s' "${ntp_flags}" | sed 's/,/ -p /g')" else # Sensible defaults when no ntp= is provided params="-p time.google.com -p time1.google.com -p time2.google.com -p time3.google.com" fi # BusyBox ntpd uses -p servers on CLI; /etc/ntp.conf symlink above helps alternative daemons. -exec ntpd -n +exec ntpd -n ${params} diff --git a/initramfs/etc/apk/world b/initramfs/etc/apk/world index 3ce8d64..1fabb92 100644 --- a/initramfs/etc/apk/world +++ b/initramfs/etc/apk/world @@ -23,6 +23,7 @@ linux-firmware-intel linux-firmware-qlogic linux-firmware-realtek musl +nftables openssh-server tcpdump util-linux diff --git a/scripts/build.sh b/scripts/build.sh index ea51649..190de95 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -297,12 +297,16 @@ function main_build_process() { export FULL_KERNEL_VERSION log_info "Resolved FULL_KERNEL_VERSION: ${FULL_KERNEL_VERSION}" fi - - # Ensure rfs scripts are executable (avoid subshell to preserve quoting) - safe_execute chmod +x ./scripts/rfs/*.sh + echo ============= $(pwd) + # Ensure rfs scripts are executable when present (be robust if directory is missing) + if [[ -d "./scripts/rfs" ]]; then + safe_execute find ./scripts/rfs -type f -name "*.sh" -exec chmod +x {} \; + else + log_warn "scripts/rfs directory not found; will invoke packers via bash to avoid +x requirement" + fi # Build modules flist (writes to dist/flists/modules-${FULL_KERNEL_VERSION}.fl) - safe_execute ./scripts/rfs/pack-modules.sh + safe_execute bash ./scripts/rfs/pack-modules.sh # Build firmware flist with a reproducible tag: # Priority: env FIRMWARE_TAG > config/build.conf: FIRMWARE_TAG > "latest" @@ -317,7 +321,7 @@ function main_build_process() { fw_tag="${FIRMWARE_TAG:-latest}" fi log_info "Using firmware tag: ${fw_tag}" - safe_execute env FIRMWARE_TAG="${fw_tag}" ./scripts/rfs/pack-firmware.sh + safe_execute env FIRMWARE_TAG="${fw_tag}" bash ./scripts/rfs/pack-firmware.sh # Embed flists inside initramfs at /etc/rfs for zinit init scripts local etc_rfs_dir="${INSTALL_DIR}/etc/rfs" diff --git a/scripts/lib/initramfs.sh b/scripts/lib/initramfs.sh index 19ddf55..69c7199 100644 --- a/scripts/lib/initramfs.sh +++ b/scripts/lib/initramfs.sh @@ -602,9 +602,9 @@ Built on \l EOF - # Create ntpd.conf pointing to Google NTP servers - log_info "Creating ntpd.conf with Google NTP servers" - cat > "${initramfs_dir}/etc/ntpd.conf" << 'EOF' + # Create ntp.conf pointing to Google NTP servers (canonical name for hooks) + log_info "Creating ntp.conf with Google NTP servers" + cat > "${initramfs_dir}/etc/ntp.conf" << 'EOF' # Zero-OS NTP Configuration # Using Google public NTP servers for reliable time sync @@ -626,11 +626,16 @@ restrict -6 ::1 # Drift file for time stability driftfile /var/lib/ntp/ntp.drift EOF + + # Provide BusyBox ntpd compatibility symlink if needed + if [[ ! -e "${initramfs_dir}/etc/ntpd.conf" ]]; then + (cd "${initramfs_dir}/etc" && ln -sf ntp.conf ntpd.conf) + fi # Set proper permissions safe_execute chmod 644 "${initramfs_dir}/etc/motd" safe_execute chmod 644 "${initramfs_dir}/etc/issue" - safe_execute chmod 644 "${initramfs_dir}/etc/ntpd.conf" + safe_execute chmod 644 "${initramfs_dir}/etc/ntp.conf" # Create ntp drift directory safe_mkdir "${initramfs_dir}/var/lib/ntp" @@ -652,38 +657,64 @@ function initramfs_create_cpio() { fi # Ensure output directory exists - local output_dir=$(dirname "$output_file") + local output_dir + output_dir=$(dirname "$output_file") safe_mkdir "$output_dir" - + + # Resolve absolute output path BEFORE cd so redirection doesn't target initramfs/ + local output_file_abs + if [[ "$output_file" == /* ]]; then + output_file_abs="$output_file" + else + # Make absolute based on current working directory and output_dir + output_file_abs="$(cd "$output_dir" && pwd)/$(basename "$output_file")" + fi + # Remove any existing output file - safe_execute rm -f "$output_file" + safe_execute rm -f "$output_file_abs" log_info "Source directory: ${initramfs_dir}" log_info "Output file: ${output_file}" log_info "Compression: ${compression}" - # Run final Zero-OS customization before creating CPIO + # Run final Zero-OS customization before creating CPIO (with explicit verification logs) + log_info "Calling initramfs_finalize_customization on: ${initramfs_dir}" initramfs_finalize_customization "$initramfs_dir" - + if [[ -f "${initramfs_dir}/etc/ntpd.conf" ]]; then + log_info "Customization check: /etc/ntpd.conf present" + else + log_warn "Customization check: /etc/ntpd.conf missing" + fi + if [[ -f "${initramfs_dir}/etc/motd" ]]; then + log_info "Customization check: /etc/motd present" + else + log_warn "Customization check: /etc/motd missing" + fi + if [[ -d "${initramfs_dir}/var/lib/ntp" ]]; then + log_info "Customization check: /var/lib/ntp present" + else + log_warn "Customization check: /var/lib/ntp missing" + fi + # Change to initramfs directory for relative paths safe_execute cd "$initramfs_dir" case "$compression" in "xz") log_info "Creating XZ compressed CPIO archive" - safe_execute find . -print0 | cpio -o -H newc -0 | xz -${XZ_COMPRESSION_LEVEL} --check=crc32 > "$output_file" + safe_execute find . -print0 | cpio -o -H newc -0 | xz -${XZ_COMPRESSION_LEVEL} --check=crc32 > "$output_file_abs" ;; "gzip"|"gz") log_info "Creating gzip compressed CPIO archive" - safe_execute find . -print0 | cpio -o -H newc -0 | gzip -9 > "$output_file" + safe_execute find . -print0 | cpio -o -H newc -0 | gzip -9 > "$output_file_abs" ;; "zstd") log_info "Creating zstd compressed CPIO archive" - safe_execute find . -print0 | cpio -o -H newc -0 | zstd -19 > "$output_file" + safe_execute find . -print0 | cpio -o -H newc -0 | zstd -19 > "$output_file_abs" ;; "none"|"uncompressed") log_info "Creating uncompressed CPIO archive" - safe_execute find . -print0 | cpio -o -H newc -0 > "$output_file" + safe_execute find . -print0 | cpio -o -H newc -0 > "$output_file_abs" ;; *) log_error "Unsupported compression format: ${compression}" @@ -692,13 +723,14 @@ function initramfs_create_cpio() { esac # Verify output file was created - if [[ ! -f "$output_file" ]]; then - log_error "Failed to create initramfs archive: ${output_file}" + if [[ ! -f "$output_file_abs" ]]; then + log_error "Failed to create initramfs archive: ${output_file_abs}" return 1 fi # Report final size - local final_size=$(get_file_size "$output_file") + local final_size + final_size=$(get_file_size "$output_file_abs") local uncompressed_size=$(du -sh "$initramfs_dir" | cut -f1) log_info "Initramfs creation complete:"