projects / mesa.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
gitlab-ci: More stable URL for kernel and ramdisk artifacts, for LAVA
[mesa.git] / .gitlab-ci / create-rootfs.sh
1 #!/bin/bash
2
3 set -ex
4
5 apt-get -y install --no-install-recommends \
6 ca-certificates \
7 initramfs-tools \
8 libpng16-16 \
9 strace \
10 libsensors5 \
11 libexpat1 \
12 libdrm2 \
13 libdrm-nouveau2 \
14 libx11-6 \
15 libx11-xcb1 \
16 netcat-openbsd \
17 python3 \
18 libpython3.7 \
19 python3-pil \
20 python3-pytest \
21 python3-requests \
22 python3-yaml \
23 wget \
24 xz-utils
25
26 if [ -n "$INCLUDE_VK_CTS" ]; then
27 apt-get install -y libvulkan1
28 fi
29
30 passwd root -d
31 chsh -s /bin/sh
32
33 cat > /init <<EOF
34 #!/bin/sh
35 export PS1=lava-shell:
36 exec sh
37 EOF
38 chmod +x /init
39
40 #######################################################################
41 # Strip the image to a small minimal system without removing the debian
42 # toolchain.
43
44 # xz compress firmware so it doesn't waste RAM at runtime.
45 find /lib/firmware -type f -print0 | \
46 xargs -0r -P4 -n4 xz -T1 -C crc32
47
48 # Copy timezone file and remove tzdata package
49 rm -rf /etc/localtime
50 cp /usr/share/zoneinfo/Etc/UTC /etc/localtime
51
52 UNNEEDED_PACKAGES="libfdisk1
53 tzdata
54 diffutils"
55
56 export DEBIAN_FRONTEND=noninteractive
57
58 # Removing unused packages
59 for PACKAGE in ${UNNEEDED_PACKAGES}
60 do
61 echo ${PACKAGE}
62 if ! apt-get remove --purge --yes "${PACKAGE}"
63 then
64 echo "WARNING: ${PACKAGE} isn't installed"
65 fi
66 done
67
68 apt-get autoremove --yes || true
69
70 # Dropping logs
71 rm -rf /var/log/*
72
73 # Dropping documentation, localization, i18n files, etc
74 rm -rf /usr/share/doc/*
75 rm -rf /usr/share/locale/*
76 rm -rf /usr/share/X11/locale/*
77 rm -rf /usr/share/man
78 rm -rf /usr/share/i18n/*
79 rm -rf /usr/share/info/*
80 rm -rf /usr/share/lintian/*
81 rm -rf /usr/share/common-licenses/*
82 rm -rf /usr/share/mime/*
83
84 # Dropping reportbug scripts
85 rm -rf /usr/share/bug
86
87 # Drop udev hwdb not required on a stripped system
88 rm -rf /lib/udev/hwdb.bin /lib/udev/hwdb.d/*
89
90 # Drop all gconv conversions && binaries
91 rm -rf usr/bin/iconv
92 rm -rf usr/sbin/iconvconfig
93 rm -rf usr/lib/*/gconv/
94
95 # Remove libusb database
96 rm -rf usr/sbin/update-usbids
97 rm -rf var/lib/usbutils/usb.ids
98 rm -rf usr/share/misc/usb.ids
99
100 #######################################################################
101 # Crush into a minimal production image to be deployed via some type of image
102 # updating system.
103 # IMPORTANT: The Debian system is not longer functional at this point,
104 # for example, apt and dpkg will stop working
105
106 UNNEEDED_PACKAGES="apt libapt-pkg6.0 "\
107 "ncurses-bin ncurses-base libncursesw6 libncurses6 "\
108 "perl-base "\
109 "debconf libdebconfclient0 "\
110 "e2fsprogs e2fslibs libfdisk1 "\
111 "insserv "\
112 "udev "\
113 "init-system-helpers "\
114 "bash "\
115 "cpio "\
116 "xz-utils "\
117 "passwd "\
118 "libsemanage1 libsemanage-common "\
119 "libsepol1 "\
120 "gpgv "\
121 "hostname "\
122 "adduser "\
123 "debian-archive-keyring "\
124 "libegl1-mesa-dev "\
125 "libegl-mesa0 "\
126 "libgl1-mesa-dev "\
127 "libgl1-mesa-dri "\
128 "libglapi-mesa "\
129 "libgles2-mesa-dev "\
130 "libglx-mesa0 "\
131 "mesa-common-dev "\
132 "libz3-4 "\
133
134 # Removing unneeded packages
135 for PACKAGE in ${UNNEEDED_PACKAGES}
136 do
137 echo "Forcing removal of ${PACKAGE}"
138 if ! dpkg --purge --force-remove-essential --force-depends "${PACKAGE}"
139 then
140 echo "WARNING: ${PACKAGE} isn't installed"
141 fi
142 done
143
144 # Show what's left package-wise before dropping dpkg itself
145 COLUMNS=300 dpkg-query -W --showformat='${Installed-Size;10}\t${Package}\n' | sort -k1,1n
146
147 # Drop dpkg
148 dpkg --purge --force-remove-essential --force-depends dpkg
149
150 # No apt or dpkg, no need for its configuration archives
151 rm -rf etc/apt
152 rm -rf etc/dpkg
153
154 # Drop directories not part of ostree
155 # Note that /var needs to exist as ostree bind mounts the deployment /var over
156 # it
157 rm -rf var/* opt srv share
158
159 # ca-certificates are in /etc drop the source
160 rm -rf usr/share/ca-certificates
161
162 # No bash, no need for completions
163 rm -rf usr/share/bash-completion
164
165 # No zsh, no need for comletions
166 rm -rf usr/share/zsh/vendor-completions
167
168 # drop gcc-6 python helpers
169 rm -rf usr/share/gcc-6
170
171 # Drop sysvinit leftovers
172 rm -rf etc/init.d
173 rm -rf etc/rc[0-6S].d
174
175 # Drop upstart helpers
176 rm -rf etc/init
177
178 # Various xtables helpers
179 rm -rf usr/lib/xtables
180
181 # Drop all locales
182 # TODO: only remaining locale is actually "C". Should we really remove it?
183 rm -rf usr/lib/locale/*
184
185 # partition helpers
186 rm -rf usr/sbin/*fdisk
187
188 # local compiler
189 rm -rf usr/bin/localedef
190
191 # Systemd dns resolver
192 find usr etc -name '*systemd-resolve*' -prune -exec rm -r {} \;
193
194 # Systemd network configuration
195 find usr etc -name '*networkd*' -prune -exec rm -r {} \;
196
197 # systemd ntp client
198 find usr etc -name '*timesyncd*' -prune -exec rm -r {} \;
199
200 # systemd hw database manager
201 find usr etc -name '*systemd-hwdb*' -prune -exec rm -r {} \;
202
203 # No need for fuse
204 find usr etc -name '*fuse*' -prune -exec rm -r {} \;
205
206 # lsb init function leftovers
207 rm -rf usr/lib/lsb
208
209 # Only needed when adding libraries
210 rm -rf usr/sbin/ldconfig*
211
212 # Games, unused
213 rmdir usr/games
214
215 # Remove pam module to authenticate against a DB
216 # plus libdb-5.3.so that is only used by this pam module
217 rm -rf usr/lib/*/security/pam_userdb.so
218 rm -rf usr/lib/*/libdb-5.3.so
219
220 # remove NSS support for nis, nisplus and hesiod
221 rm -rf usr/lib/*/libnss_hesiod*
222 rm -rf usr/lib/*/libnss_nis*