# -*-mic2-options-*- -A armv7l -f loop --pack-to=@NAME@.tar.gz -*-mic2-options-*- # # Do not Edit! Generated by: # kickstarter.py # lang en_US.UTF-8 keyboard us timezone --utc America/Los_Angeles part / --exclude-from-image --fstype="ext4" --size=512 --ondisk=mmcblk0 --active --label dummy --fsoptions=defaults,noatime part /mnt/vendor/hal --fstype="squashfs" --size=128 --ondisk=mmcblk0 --active --label 99-hal-vendor --fsoptions=defaults,noatime part /mnt/vendor/platform --fstype="squashfs" --size=128 --ondisk=mmcblk0 --active --label 99-platform-vendor --fsoptions=defaults,noatime rootpw tizen xconfig --startxonboot bootloader --timeout=3 --append="rw vga=current splash rootwait rootfstype=ext4" --ptable=gpt --menus="install:Wipe and Install:systemd.unit=system-installer.service:test" desktop --autologinuser=guest user --name guest --groups audio,video --password 'tizen' repo --name=unified-standard --baseurl=http://download.tizen.org/snapshots/TIZEN/Tizen/Tizen-Unified/@BUILD_ID@/repos/standard/packages/ --ssl_verify=no repo --name=base-standard --baseurl=http://download.tizen.org/snapshots/TIZEN/Tizen/Tizen-Base/latest/repos/standard/packages/ --ssl_verify=no %packages # @ IoT Vendor Base capi-system-info coreutils findutils gawk grep package-groups rpm sed tizen-release xmlstarlet # Others %end %post #!/bin/sh echo "#################### generic-adaptation.post ####################" # fix TIVI-2291 sed -ri "s/(^blacklist i8042.*$)/#fix from base-general.post \1/" /etc/modprobe.d/blacklist.conf #!/bin/sh echo "#################### generic-base.post ####################" test ! -e /opt/var && mkdir -p /opt/var test -d /var && cp -arf /var/* /opt/var/ rm -rf /var ln -snf opt/var /var test ! -e /opt/usr/home && mkdir -p /opt/usr/home test -d /home && cp -arf /home/* /opt/usr/home/ rm -rf /home ln -snf opt/usr/home /home build_ts=$(date -u +%s) build_date_local=$(date -u --date @$build_ts +%Y%m%d_%H%M%S) build_date=$(echo @BUILD_DATE@ | sed -r -e "s/@BUILD_DATE[@]/$build_date_local/g") build_time=$(date -u --date @$build_ts +%H:%M:%S) sed -ri \ -e 's|@BUILD_ID[@]|@BUILD_ID@|g' \ -e "s|@BUILD_DATE[@]|$build_date|g" \ -e "s|@BUILD_TIME[@]|$build_time|g" \ -e "s|@BUILD_TS[@]|$build_ts|g" \ /etc/tizen-build.conf # setup systemd default target for user session cat <<'EOF' >>/usr/lib/systemd/user/default.target [Unit] Description=User session default target EOF mkdir -p /usr/lib/systemd/user/default.target.wants # sdx: fix smack labels on /var/log chsmack -a '*' /var/log # create appfw dirs inside homes function generic_base_user_exists() { user=$1 getent passwd | grep -q ^${user}: } function generic_base_user_home() { user=$1 getent passwd | grep ^${user}: | cut -f6 -d':' } function generic_base_fix_user_homedir() { user=$1 generic_base_user_exists $user || return 1 homedir=$(generic_base_user_home $user) mkdir -p $homedir/apps_rw for appdir in desktop manifest dbspace; do mkdir -p $homedir/.applications/$appdir done find $homedir -type d -exec chsmack -a User {} \; chown -R $user:users $homedir return 0 } # fix TC-320 for SDK . /etc/tizen-build.conf [ "${TZ_BUILD_WITH_EMULATOR}" == "1" ] && generic_base_fix_user_homedir developer # Add info.ini for system-info CAPI (TC-2047) /etc/make_info_file.sh #!/bin/sh echo "#################### generic-users.post ####################" if ! generic_base_user_exists owner; then # By default GUM will create users in /opt/etc/passwd, which is # additional users database suitable for end-user created accounts. # However, the 'owner' user is shipped by Tizen system itself and # it's its default user. Consequently, it should always be available # and thus, it should be added to /etc/passwd. conf=/etc/gumd/gumd.conf origf=${conf}.orig mv -v $conf $origf sed -e 's,^\(PASSWD_FILE\).*,\1=/etc/passwd,' -e 's,^\(SHADOW_FILE\).*,\1=/etc/shadow,' <$origf >$conf gum-utils --offline --add-user --username=owner --usertype=admin --usecret="" mv -v $origf $conf fi #!/bin/sh echo "############### iot-headless-base.post ################" ######### Execute pkg_initdb if there is no pkgmgr-tool pacakge rpm -qa | grep pkgmgr-tool if [ $? != 0 ] then pkg_initdb --ro fi #!/bin/sh echo "#################### generic-wayland.post ####################" #!/bin/sh echo "#################### generic-middleware.post ####################" #!/bin/sh echo "#################### generic-applications.post ####################" #!/bin/sh echo "#################### generic-bluetooth.post ####################" #!/bin/sh echo "#################### generic-multimedia.post ####################" #!/bin/sh echo "#################### generic-desktop-applications.post ####################" # depends on generic-base functions function generic_desktop_applications_fix_userhome() { user=$1 generic_base_user_exists $user || return 1 homedir=$(generic_base_user_home $user) echo "Fix app_info.db of $user" chown -R $user:users $homedir/.applications/dbspace/ } # fix TC-320 for SDK . /etc/tizen-build.conf # Disable to run below line because this results in always failure, so it can be regarded as useless. #[ "${TZ_BUILD_WITH_EMULATOR}" == "1" ] && generic_desktop_applications_fix_userhome developer #!/bin/sh echo "#################### generic-crosswalk.post ####################" #!/bin/sh echo "############### common-crosswalk.post ################" # start wrt widgets preinstall rpm -qa | grep wrt-widget if [ $? = 0 ] then prepare_widgets.sh fi #!/bin/sh echo "#################### generic-dbus-policychecker.post ####################" if [ -x /usr/bin/dbuspolicy-checker ] ; then fail_cnt=0 for f in /etc/dbus-1/system.d/*.conf /usr/share/dbus-1/system.d/*.conf; do echo echo "$0: Checking D-Bus policy file: $f" result=$(/usr/bin/dbuspolicy-checker "$f") fail=$(echo "$result" | grep FAILED | wc -l) echo "$result" if [ $fail -gt 0 ]; then echo "Found $fail Fails" echo "Remove conf file : mv $f $f.fail" mv "$f" "${f}.fail" fail_cnt=$(( ${fail_cnt} + 1 )) fi done if [ $fail_cnt -gt 0 ]; then echo "Error: MIC build exits due to failed cases on dbus policy checker.(${fail_cnt} errors)" exit 1 fi fi #!/bin/sh echo "#################### generic-security.post ####################" if [ -e /usr/share/security-config/set_capability ]; then echo 'Give capabilities to daemons via set_capability from security-config package' /usr/share/security-config/set_capability fi if [ -e /opt/share/security-config/test/image_test.sh ]; then echo 'Run security-test' /opt/share/security-config/test/image_test.sh fi # 04-15-2019 : This is to create security-manager DB backup file. security-manager-cmd -b #!/bin/sh echo "############### iot-making-ABB-tag.post ################" if [ -f /opt/share/bb/make_ABB_tag.sh ] then /opt/share/bb/make_ABB_tag.sh /opt/share/bb/mapping-bb-rs.xml > /etc/config/tizen_abb_tag.cfg else echo "There is no script file - /opt/share/bb/make_ABB_bb.sh" fi #!/bin/sh echo "############### iot-making-building-blocks-dll.post ################" export DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 export MIC_CROSSGEN2_ENABLED=1 DOTNET_MIC_DIR=/opt/usr/dotnet/mic if [ -f /opt/share/bb/make_tizenfx_from_bb.sh ] then /opt/share/bb/make_tizenfx_from_bb.sh if [ -f /usr/bin/dotnettool ] then # remove previous native image dotnettool --ni-reset-system chmod 755 /usr/bin/patchelf chmod 755 $DOTNET_MIC_DIR/* # set the patchelf /usr/bin/patchelf --set-interpreter $DOTNET_MIC_DIR/ld-linux-x86-64.so.2 $DOTNET_MIC_DIR/crossgen2 /usr/bin/patchelf --set-rpath $DOTNET_MIC_DIR $DOTNET_MIC_DIR/crossgen2 for file in $( find $DOTNET_MIC_DIR -type f \( -name "*.so" -or -name "*.so.*" \) -not -name "*.dbg" -not -name "ld-*.so*" ) do /usr/bin/patchelf --set-rpath $DOTNET_MIC_DIR ${file} done # generate native image for system dotnettool --ni-system --inputbubble --print-cmd # generate native image for all app dotnettool --ni-regen-all-app --print-cmd dotnettool --tac-regen-all --print-cmd else echo "There is no execute file - /usr/bin/dotnettool" fi else echo "There is no script file - /opt/share/bb/make_tizenfx_from_bb.sh" fi # remove files and package related to dotnet used only in MIC rm -rf $DOTNET_MIC_DIR rpm -e patchelf --nodeps rpm -e crossgen2-mic --nodeps #!/bin/sh echo "############### common-cleanup-directory.post ################" # remove manuals, docs and headers rm -rf /usr/include rm -rf /usr/share/man rm -rf /usr/share/doc # remove libzypp history rm -rf /var/log/zypp #!/bin/sh echo "#################### common-hal-directory-check.post ####################" if [ -d /hal ]; then VALUE=`/usr/bin/ls -R /hal | /usr/bin/grep -v "hal\:"` if [ "$VALUE" ]; then echo "WARNING!! There are some files to install to wrong path (/hal)" echo "WARNING!! It has to be nothing under hal directory." FILES=`/usr/bin/ls -R /hal` for file in $FILES; do if [[ $file =~ ":" ]]; then echo $file DIR=`echo $file | /usr/bin/awk -F ":" '{print $1}'` fi if [ -f $DIR/$file ]; then echo $file fi done fi fi #!/bin/bash echo "############### iot-vendor.post ################" VENDOR_CFG_DIR="/etc/vendor" VENDOR_MNT_DIR="/mnt/vendor" VENDOR_PACKAGES=() VENDOR_FORBIDDEN_RW_DIRS=("dev" "sys" "proc" "opt" "run" "tmp" "mnt" "home" "media" "var") uninstall_building_blocks() { local building_block="${1}" echo "Uninstalling building-block ${building_block}" local packages packages="$(/usr/bin/rpm -qR "${building_block}" | /usr/bin/uniq | /bin/grep -v "^rpmlib" | /bin/grep -v ".\+\.so\..\+" | /bin/grep -v "^\/" | /bin/grep -v "=" | /bin/grep -v "(.\+)")" if ! rpm -e "${building_block}"; then echo "Erasing building-block ${building_block} failed" exit 1 fi for package in ${packages}; do if [[ "${package}" =~ "building-blocks" ]]; then uninstall_building_blocks "${package}" fi done } create_vendor_dependency_file() { local img_path="${1}" echo "Creating ${img_path} Vendor Image Dependency List" local list_img_path="${img_path}"/list local rpm_img_path="${img_path}"/rpm local packages if ! packages="$(rpm -qa)"; then echo "Could not query all packages" exit 1 fi for package in ${packages}; do local found=0 while read line; do if [ "${line}" == "${package}" ]; then found=1 break fi done < "${list_img_path}"/vendor-list.ini if [ "${found}" -eq 0 ]; then if ! rpm -e --justdb "${package}" --nodeps --noscripts --dbpath="${rpm_img_path}"; then echo "Could not remove ${package} from ${rpm_img_path}" exit 1 fi fi done if ! rm -rf "${list_img_path}"; then echo "Could not remove ${list_img_path}" exit 1 fi echo "Finished creating ${img_path} Vendor Image Dependency List" } create_license() { local type=$1 if [ "${type}" = "hal" ]; then echo "Licenses of hal vendor images will not be processed" return 1 fi local license_src_dir=/usr/share/licenses/ local license_dst_dir="${VENDOR_MNT_DIR}"/"${type}"/usr/share/vendor/licenses/ if [ ! -d "${license_dst_dir}" ]; then mkdir -p "${license_dst_dir}" fi for package in "${VENDOR_PACKAGES[@]}"; do if [ -d "${license_src_dir}"/"${package}" ]; then mv "${license_src_dir}"/"${package}" "${license_dst_dir}" fi done } process_vendor_cfg() { local type_dir="${1}" if [ ! -d "${type_dir}" ] || { [ "${type_dir}" != "${VENDOR_CFG_DIR}"/hal ] && [ "${type_dir}" != "${VENDOR_CFG_DIR}"/platform ]; }; then echo "${type_dir} is not a directory or its name is not equal to ${VENDOR_CFG_DIR}/hal or ${VENDOR_CFG_DIR}/platform" return 1 fi local type type="$(basename "${type_dir}")" local img_path="${VENDOR_MNT_DIR}"/"${type}" if [ ! -d "${img_path}" ]; then echo "${img_path} does not exist" return 1 fi local rpm_img_path="${img_path}"/rpm local list_img_path="${img_path}"/list if ! mkdir -p "${list_img_path}"; then echo "Could not create ${list_img_path}" return 1 fi if ! mkdir -p "${rpm_img_path}"; then echo "Could not create ${rpm_img_path}" return 1 fi echo "Initialize rpmdb for ${type} Vendor Image" if ! cp /var/lib/rpm/Packages "${rpm_img_path}"; then echo "Could not copy /var/lib/rpm/Packages to ${rpm_img_path}" return 1 fi if ! rpm --rebuilddb --dbpath="${rpm_img_path}"; then echo "Could not rebuild db in ${rpm_img_path}" return 1 fi for entry in "${type_dir}"/*; do # Put a package name in a list used to create db local package=${entry#*vendor-} package=${package%.cfg*} if installed="$(rpm -q "${package}")"; then echo -e "${installed}" >> "${list_img_path}"/vendor-list.ini else echo "Package ${package} is not installed." return 1 fi # Copy all files of a package to a proper mnt point while IFS="" read -r line || [ -n "$line" ]; do if [ "${type}" = "hal" ]; then if [[ "${line}" != /hal/* ]]; then echo "A HAL vendor package contains $line file which would be installed in a different path than /hal" return 1 fi fi if [ "${type}" = "platform" ]; then if [[ "${line}" == /hal/* ]]; then echo "A Platform vendor package contains $line file which would be installed in /hal" return 1 fi fi for forbidden_dir in ${VENDOR_FORBIDDEN_RW_DIRS[@]}; do if [[ "${line}" == /"${forbidden_dir}"/* ]]; then echo "A vendor package contains $line file. Files in /${forbidden_dir} are forbidden" return 1 fi done local path_to_file path_to_file="$(dirname "${line}")" if ! mkdir -p "${img_path}"/"${path_to_file}"; then echo "Could not create ${img_path}/${path_to_file}" return 1 fi if [[ "${line}" =~ ^\/usr\/share\/licenses(\/.*)?$ ]]; then echo "WARNING! A license file could be deleted by a previous post script. In case of an error modify your vendor package. Place license files in /usr/share/vendor/licenses" fi if [[ "${line}" =~ ^\/usr\/include(\/.*)?$ ]]; then echo "WARNING! /usr/include could be deleted by a previous post script. In case of an error modify your vendor package by removing /usr/include" fi if [[ "${line}" =~ ^\/usr\/share\/man(\/.*)?$ ]]; then echo "WARNING! /usr/share/man could be deleted by a previous post script. In case of an error modify your vendor package by removing /usr/share/man" fi if [[ "${line}" =~ ^\/usr\/share\/doc(\/.*)?$ ]]; then echo "WARNING! /usr/share/doc could be deleted by a previous post script. In case of an error modify your vendor package by removing /usr/share/doc" fi if ! mv "${line}" "${img_path}"/"${path_to_file}"; then echo "Could not move ${line} to ${img_path}/${path_to_file}" return 1 fi done < "${entry}" VENDOR_PACKAGES+=("${package}") done create_vendor_dependency_file "${img_path}" #Create exportdb file to update a rpmdb of core image if ! mkdir -p "${img_path}"/etc; then echo "Could not create ${img_path}/etc" return 1 fi if ! rpmdb --dbpath="${rpm_img_path}" --exportdb > "${img_path}"/etc/vendor-"${type}"-rpmdb.ini; then echo "Could not export ${rpm_img_path} to ${img_path}/etc/vendor-${type}-rpmdb.ini" return 1 fi if [ "${type}" = "platform" ]; then create_license "${type}" fi ### Create config file for crash-worker - START ### # In order to write vendor rpm db location to a file, # priority of the image is needed. It can be found in the environment # variable called INSTALLERFW_PARTX_LABEL. X has to be established # using image path which is known. # find PARTX in INSTALLERFW_PARTX_MOUNTPOINT variable containing ${img_path} local vendor_part_mntpnt if ! vendor_part_mntpnt="$(printenv | grep "${img_path}")"; then echo "printenv did not print a line containing ${img_path}. Could not find corresponding INSTALLERFW_PARTX_MOUNTPOINT variable" return 1 fi vendor_part_mntpnt="${vendor_part_mntpnt%=*}" # get variable name vendor_part_mntpnt="${vendor_part_mntpnt%_*}" # get rid of MOUNTPOINT suffix if [ -z "${vendor_part_mntpnt}" ]; then echo "Could not extract INSTALLERFW_PARTX from INSTALLERFW_PARTX_MOUNTPOINT" return 1 fi # find priority stored in INSTALLERFW_PARTX_LABEL local vendor_part_label="${vendor_part_mntpnt}"_LABEL local vendor_part_priority="${!vendor_part_label}" vendor_part_priority="${vendor_part_priority%%-*}" if ! [[ "${vendor_part_priority}" =~ ^[0-9]{2}$ ]]; then echo "vendor partition priority should be [0-9][0-9] whereas is equal to ${vendor_part_priority}" return 1 fi # write rpm db path to conf file local crash_mgr_dir if [ "${type}" = "platform" ]; then crash_mgr_dir="${img_path}"/etc/crash-manager.conf.d else crash_mgr_dir="${img_path}"/hal/etc/crash-manager.conf.d fi if ! mkdir -p "${crash_mgr_dir}"; then echo "Could not create ${crash_mgr_dir}" return 1 fi local crash_mgr_conf="${crash_mgr_dir}"/"${vendor_part_priority}"-"${type}"-vendor.conf echo "[ExtraRpmDbPaths]" > "${crash_mgr_conf}" echo "ExtraRpmDbPaths=/opt/vendor/mnt/${type}/${vendor_part_priority}/rpm" >> "${crash_mgr_conf}" ### Create config file for crash-worker - END ### } if [ ! -d "${VENDOR_CFG_DIR}" ]; then echo "${VENDOR_CFG_DIR} does not exist. Skipping vendor image creation." else if [ ! -d "${VENDOR_CFG_DIR}"/hal ] && [ ! -d "${VENDOR_CFG_DIR}"/platform ]; then echo "${VENDOR_CFG_DIR}/hal and ${VENDOR_CFG_DIR}/platform does not exist. No cfgs to process" exit 1 fi if [ -d "${VENDOR_CFG_DIR}"/hal ]; then if ! process_vendor_cfg "${VENDOR_CFG_DIR}"/hal; then echo "Failed to process hal vendor cfgs" exit 1 fi fi if [ -d "${VENDOR_CFG_DIR}"/platform ]; then if ! process_vendor_cfg "${VENDOR_CFG_DIR}"/platform; then echo "Failed to process platform vendor cfgs" exit 1 fi fi PKGGROUP="$(/usr/bin/rpm -qa | /bin/grep package-groups)" if [ "${PKGGROUP}" ]; then #Supported Target's list TARGETS=("RPI4" "VIM3" "C4" "GENERIC" "VISIONFIVE2" "BPIF3" "LPI4A"); for target in "${TARGETS[@]}"; do if /usr/bin/rpm -qa | /usr/bin/grep "${target}" > /dev/null 2>&1; then break; fi done case $target in RPI4) BACKEND="$(/usr/bin/xmlstarlet sel -t -v '//group[name = "IoT Vendor RPI4"]/packagelist/packagereq' -n /usr/share/package-groups/group.xml)" ;; VIM3) BACKEND="$(/usr/bin/xmlstarlet sel -t -v '//group[name = "IoT Vendor VIM3"]/packagelist/packagereq' -n /usr/share/package-groups/group.xml)" ;; C4) BACKEND="$(/usr/bin/xmlstarlet sel -t -v '//group[name = "IoT Vendor C4"]/packagelist/packagereq' -n /usr/share/package-groups/group.xml)" ;; GENERIC) BACKEND="$(/usr/bin/xmlstarlet sel -t -v '//group[name = "IoT Vendor GENERIC"]/packagelist/packagereq' -n /usr/share/package-groups/group.xml)" ;; VISIONFIVE2) BACKEND="$(/usr/bin/xmlstarlet sel -t -v '//group[name = "IoT Vendor VISIONFIVE2"]/packagelist/packagereq' -n /usr/share/package-groups/group.xml)" ;; BPIF3) BACKEND="$(/usr/bin/xmlstarlet sel -t -v '//group[name = "IoT Vendor BPIF3"]/packagelist/packagereq' -n /usr/share/package-groups/group.xml)" ;; LPI4A) BACKEND="$(/usr/bin/xmlstarlet sel -t -v '//group[name = "IoT Vendor LPI4A"]/packagelist/packagereq' -n /usr/share/package-groups/group.xml)" ;; esac if [ -n "${BACKEND}" ]; then #Get Vendor Backend Package List# BUILDING_BLOCK_PACKAGES="$(/usr/bin/rpm -q ${BACKEND})" for building_block in ${BUILDING_BLOCK_PACKAGES}; do uninstall_building_blocks "${building_block}" done fi fi for package in "${VENDOR_PACKAGES[@]}"; do if ! rpm -e --nodeps "${package}" > /dev/null 2>&1; then echo "Erasing ${package} failed" exit 1 else if ! rpm -e --nodeps "${package}"-vendor > /dev/null 2>&1; then echo "Erasing ${package}-vendor failed. It is possible that cfg for ${package} was in a different *-vendor package." fi fi done fi %end %post --nochroot %end