initramfs: switch to passwd -d -R in scripts/lib/initramfs.sh:initramfs_finalize_customization() for shadow-aware passwordless root (aligned with 9423b708 intent), drop sed and chpasswd paths, and add validation diagnostics. common: normalize INSTALL_DIR/COMPONENTS_DIR/KERNEL_DIR/DIST_DIR to absolute paths after sourcing config to prevent validation resolving under kernel/current. Dockerfile: include shadow (for passwd/chpasswd), ensure openssl and openssl-dev present; remove perl. config: introduce ZEROOS_PASSWORDLESS_ROOT default true and comment password vars. docs: NOTES.md updated with diagnostics and flow.
• Normalize CWD inside container to PROJECT_ROOT to prevent relative path issues in validation and downstream stages via [bash.setup_build_environment()](scripts/build.sh:133)
• Complements earlier hardening in [bash.initramfs_validate()](scripts/lib/initramfs.sh:774) that resolves absolute paths and checks existence
• Resolve input dir to absolute with resolve_path and perform early -d check in [bash.initramfs_validate()](scripts/lib/initramfs.sh:774) to avoid safe_execute aborts on missing paths
• Use plain ls/find logging for sanity snapshot (not safe_execute) so validation reports context even if directory is absent
• Ensure host/rootless traversal for zinit configs: make etc/zinit and etc/zinit/init 755 prior to recursive normalization; then set dirs=755, files=644, and mark *.sh executable in [bash.initramfs_setup_zinit()](scripts/lib/initramfs.sh:12)
• Add pre-CPIO sanity logs to catch empty/mis-scoped archives: top-level ls, file count, and essential presence checks in [bash.initramfs_create_cpio()](scripts/lib/initramfs.sh:658)
• Add validation-time sanity snapshot of top-level and entry count in [bash.initramfs_validate()](scripts/lib/initramfs.sh:754)
• scripts/lib/initramfs.sh: write /etc/ntp.conf, symlink ntpd.conf if absent; compute absolute output path before cd so cpio|xz redirection works; emit verification logs around initramfs_finalize_customization()
• config/zinit/init/ntpd.sh: robust parsing of kernel ntp=, safe defaults, and launch BusyBox ntpd with -p servers
- Use container modules from kernel_modules stage for dependency resolution
- Remove dependency on initramfs modules that haven't been copied yet
- Fixes regression where clean builds had empty stage1.list
- Dependency resolution now works correctly in clean build scenarios
- zinit uses YAML configuration files, not zinit.conf
- Update validation to check for *.yaml files in /etc/zinit directory
- Fixes false validation error when zinit configuration is properly present
- Preserve essential APK database files in /lib/apk/db for apk update functionality
- Only remove cache archives and backup files, not core database structure
- Add ntpd.conf with Google NTP servers for reliable time synchronization
- Create /var/lib/ntp directory for drift file
- Fixes 'Unable to lock database' error in Zero-OS
- Initialize CLEAN_STAGES variable to fix unbound variable error
- Add .build-stages to artifacts_to_clean list for complete cleanup
- Ensures stage markers are reset when cleaning build artifacts
- Use config/init instead of configs/init path
- Simplify /sbin/init validation to just check if it's an executable script
- Component copying with strip + UPX optimization working: 46.1M → 13M (68% reduction)
- Remove component copying from build functions (build_zinit, build_rfs, etc)
- Add initramfs_copy_components() function to copy built components to initramfs
- Add components_copy stage between init_script and modules_setup
- Fix components_verify to check built components (not initramfs locations)
- Now supports partial builds: build components separately, copy later
- All 4 components (zinit 8.1M, rfs 13M, mycelium 21M, corex 4.0M) working
- Copy configs/init as /sbin/init instead of creating symlink to zinit
- Remove automatic cleanup of build artifacts - always preserve for incremental builds
- Allows rebuilding initramfs with existing components
- Use ./scripts/clean.sh to manually clean when needed
- Use depmod -av + modinfo -k approach for accurate dependency detection
- Copy modules to container /lib/modules for proper modinfo -k usage
- Recursive resolution until no more dependencies found
- Copy resolved modules to initramfs + run final depmod in chroot context
- Now properly finds missing core modules like virtio.ko, virtio_ring.ko
- Validates symbol dependencies with proper module database
- Fixed KERNEL_OUTPUT variable binding in build summary
- Fix dependency resolution to use built modules from /lib/modules/6.12.44-Zero-OS instead of fresh container
- Fix stage1/stage2 configuration mismatch (only using stage1 modules as intended)
- Fix firmware parsing to ignore comments in modules.conf
- Fix variable binding issues for incremental builds (FULL_KERNEL_VERSION, KERNEL_OUTPUT)
- Module resolution now properly expands 31 → 48 modules with dependencies
- Firmware requirements reduced from 157 bogus → 3 correct packages
- All 48/48 resolved modules validated as available .ko files
- Fix container output visibility with proper TTY handling and debug mode
- Fix build order: kernel modules built before initramfs creation
- Implement two-stage kernel build to resolve chicken-and-egg dependency
- Fix sed command issues in kernel configuration with direct execution
- Add diffutils package to container for proper kernel build support
- Enhance NIC module/firmware correlation with intelligent selection
- Fix module staging logic: all NICs loaded in stage1 before network up
- Add smart firmware installation based on module requirements
- Create comprehensive function documentation (scripts/functionlist.md)
- Add debug container script for troubleshooting
Major fixes:
* Container builds now show real-time output
* Kernel builds work with proper GNU diff support
* Module/firmware selection optimized for common hardware
* Build process handles dependencies correctly
* Documentation provides complete function reference
- Fix build_zinit to cd to correct component directory
- Add proper working directory logging
- Fix branch names for ThreeFold components
- Prepare for successful Rust compilation
- Change from colon to space separation to avoid URL parsing issues
- Update sources.conf format: TYPE NAME URL VERSION BUILD_FUNCTION [EXTRA]
- Implement awk-based parsing for reliable field extraction
- Fix firmware package list (remove unavailable linux-firmware-marvell)
- Remove --no-container option (never build on real host)
- Simplify build.sh to always use containers
- Fix Dockerfile user permissions
- Update help text and argument parsing
- Pass arguments correctly to container builds
- Fix docker_run_build to properly extract script path from full command
- Separate script path from arguments for chmod execution
- Prevents chmod errors when passing arguments to build script
- Remove rustup dependency from Dockerfile (not available in Alpine)
- Update Rust environment setup to handle both rustup and system Rust
- Fix musl-gcc linker configuration for Alpine containers
- Support both GitHub Actions (rustup) and Alpine container (system) environments
- Add Alpine firmware package installation support
- Implement recursive module dependency resolution using modinfo
- Add config/firmware.conf for NIC firmware selection
- Enhanced initramfs_setup_modules with dependency tracking
- Firmware installation integrated into main build process
Features:
- Automatic dependency resolution for kernel modules
- Alpine's separate firmware APK packages for optimal size
- Stage1/Stage2 module loading with complete dependencies
- No duplicate modules between stages
