alfred/bash-stuff
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix kernel build functionality + add features to detect failures and react.

Browse Source
This commit is contained in:
Captain ALM 2024-08-21 14:31:35 +01:00
parent 47e122a3a4
commit 40c32b1ad9
Signed by: alfred
GPG Key ID: 4E4ADD02609997B1
1 changed files with 96 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

164
bash_aliases
View File

@ -21,74 +21,102 @@ function kernel-build() {
cwd=$(pwd);
mkdir -p ~/kernel;
cd ~/kernel;
for _dir in *"linux"*; do
[ -d "${_dir}" ] && linuxdir="${_dir}" && break;
done;
echo "[-] Removing Sources...";
rm -rf "$linuxdir";
sudo rm -rf deb-contents;
rm -f *.gz;
rm -f *.dsc;
echo "[*] Archiving old packages...";
mkdir -p old-debs;
touch dummy.deb;
mv *.deb old-debs/;
echo "[+] Obtaining Sources...";
apt-get source linux-image-unsigned-$(uname -r);
for _dir in *"linux"*; do
[ -d "${_dir}" ] && linuxdir="${_dir}" && break;
done;
cd "$linuxdir";
echo "[*] Patching source and configuration...";
sed -i "s/.*CONFIG_MODULE_SIG_FORCE.*/CONFIG_MODULE_SIG_FORCE policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 's390x': 'y'}>/" debian.master/config/annotations;
git apply --verbose ~/Downloads/patches/hibernate/0001-Hibernate-Patch.patch;
echo "[*] Cleaning kernel build...";
chmod a+x debian/rules;
chmod a+x debian/scripts/*;
chmod a+x debian/scripts/misc/*;
fakeroot debian/rules clean;
mkdir -p debian/build/build-generic/certs;
sudo cp /cert/mok/signing_key.pem ../;
sudo chmod u=rw,g=rw,o=rw ../signing_key.pem;
(((until [ -f debian/build/build-generic/certs/signing_key.pem ]; do sleep 0.1; done) && while lsof debian/build/build-generic/certs/signing_key.pem; do sleep 0.1; done) && mv -f ../signing_key.pem debian/build/build-generic/certs/signing_key.pem) &
echo "[*] Building kernel...";
fakeroot debian/rules binary;
echo "[*] Build Complete!";
rm -f debian/build/build-generic/certs/signing_key.pem;
rm -f ../signing_key.pem;
echo "[+] Extracting kernel package...";
cd ~/kernel;
mkdir -p deb-contents;
dpkg-deb -R $(ls linux-image-unsigned-* | head -1) deb-contents;
cd "$linuxdir";
echo "[*] Making kernel signed...";
pkgarch=$(dpkg-architecture -qDEB_HOST_ARCH);
pkgver=$(dpkg-parsechangelog --show-field Version);
cd ~/kernel/deb-contents;
pkgunom=$(head -1 DEBIAN/control | sed -e 's/Package: //');
find ./ -type f -exec sed -i -e 's/-unsigned//g' {} \;
find ./ -type f -exec sed -i -e 's/ unsigned//g' {} \;
pkgnom=$(head -1 DEBIAN/control | sed -e 's/Package: //');
sudo mv usr/share/doc/$pkgunom usr/share/doc/$pkgnom;
tlinuz=$(ls boot/vmlinuz-* | head -1);
sudo sbsign --key /cert/BMOK.priv --cert /cert/BMOK.pem $tlinuz --output $tlinuz;
sed -i "s/.*Conflicts: .*/Conflicts: $pkgunom/" DEBIAN/control;
pkgisz=$(du -ks * | grep -v DEBIAN | cut -f1 | xargs | sed -e 's/\ /+/g' | bc);
find ./ -path '*/DEBIAN' -prune -o -type f -exec md5sum {} \; | awk '{ print $1 " " substr($2, 10) }' > DEBIAN/md5sums;
sed -i "s/.*Installed-Size: .*/Installed-Size: $pkgisz/" DEBIAN/control;
echo "[+] Packing signed kernel...";
cd ~/kernel;
dpkg-deb -b deb-contents ${pkgnom}_${pkgver}_${pkgarch}.deb;
sudo rm -rf deb-contents;
echo "[+] Deploying Packages Locally...";
sudo cp ${pkgnom}_${pkgver}_${pkgarch}.deb /usr/local/mydebs/;
sudo cp linux-headers-* /usr/local/mydebs/;
sudo cp linux-libc-dev* /usr/local/mydebs/;
sudo cp linux-modules* /usr/local/mydebs/;
sudo cp linux-lib-rust* /usr/local/mydebs/;
sudo update-mydebs;
cd "$cwd";
echo "Kernel Build Finished!";
doNotContinueKernelBuild=0;
if [ -f last-build-failed ]; then
echo "[*] Resuming last build; delete last-build-failed in the kernel directory before starting a kernel build to re-obtain sources.";
rm -f last-build-failed;
for _dir in *"linux"*; do
[ -d "${_dir}" ] && linuxdir="${_dir}" && break;
done;
cd "$linuxdir";
else
for _dir in *"linux"*; do
[ -d "${_dir}" ] && linuxdir="${_dir}" && break;
done;
echo "[-] Removing Sources...";
rm -rf "$linuxdir";
sudo rm -rf deb-contents;
rm -f *.gz;
rm -f *.dsc;
echo "[*] Archiving old packages...";
mkdir -p old-debs;
touch dummy.deb;
mv *.deb old-debs/;
echo "[+] Obtaining Sources...";
apt-get source linux-image-unsigned-$(uname -r);
if [ $? -eq 0 ]; then
for _dir in *"linux"*; do
[ -d "${_dir}" ] && linuxdir="${_dir}" && break;
done;
cd "$linuxdir";
echo "[*] Patching source and configuration...";
sed -i "s/.*CONFIG_MODULE_SIG_FORCE.*/CONFIG_MODULE_SIG_FORCE policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 's390x': 'y'}>/" debian.master/config/annotations;
git apply --verbose ~/Downloads/patches/hibernate/0001-Hibernate-Patch.patch;
echo "[*] Cleaning kernel build...";
chmod a+x debian/rules;
chmod a+x debian/scripts/*;
chmod a+x debian/scripts/misc/*;
fakeroot debian/rules clean;
mkdir -p debian/build/build-generic/certs;
sudo cp /cert/mok/signing_key.pem ../ -f;
sudo chmod u=rw,g=rw,o=rw ../signing_key.pem;
sudo cp /var/lib/shim-signed/mok/MOK.der ../signing_key.x509 -f;
sudo chmod u=rw,g=rw,o=rw ../signing_key.x509;
(((until [ -f debian/build/build-generic/certs/signing_key.pem ]; do sleep 0.1; done) && while lsof debian/build/build-generic/certs/signing_key.pem; do sleep 0.1; done) && mv -f ../signing_key.pem debian/build/build-generic/certs/signing_key.pem) &
(((until [ -f debian/build/build-generic/certs/signing_key.x509 ]; do sleep 0.1; done) && while lsof debian/build/build-generic/certs/signing_key.x509; do sleep 0.1; done) && mv -f ../signing_key.x509 debian/build/build-generic/certs/signing_key.x509) &
else
echo "[-] Failed to obtain sources!";
doNotContinueKernelBuild=1;
fi;
fi;
if [ $doNotContinueKernelBuild -eq 0 ]; then
echo "[*] Building kernel...";
fakeroot debian/rules binary;
if [ $? -eq 0 ]; then
echo "[*] Build Complete!";
rm -f debian/build/build-generic/certs/signing_key.pem;
rm -f ../signing_key.pem;
rm -f ../signing_key.x509;
echo "[+] Extracting kernel package...";
cd ~/kernel;
mkdir -p deb-contents;
dpkg-deb -R $(ls linux-image-unsigned-* | head -1) deb-contents;
cd "$linuxdir";
echo "[*] Making kernel signed...";
pkgarch=$(dpkg-architecture -qDEB_HOST_ARCH);
pkgver=$(dpkg-parsechangelog --show-field Version);
cd ~/kernel/deb-contents;
pkgunom=$(head -1 DEBIAN/control | sed -e 's/Package: //');
find ./ -type f -exec sed -i -e 's/-unsigned//g' {} \;
find ./ -type f -exec sed -i -e 's/ unsigned//g' {} \;
pkgnom=$(head -1 DEBIAN/control | sed -e 's/Package: //');
sudo mv usr/share/doc/$pkgunom usr/share/doc/$pkgnom;
tlinuz=$(ls boot/vmlinuz-* | head -1);
sudo sbsign --key /cert/BMOK.priv --cert /cert/BMOK.pem $tlinuz --output $tlinuz;
sed -i "s/.*Conflicts: .*/Conflicts: $pkgunom/" DEBIAN/control;
pkgisz=$(du -ks * | grep -v DEBIAN | cut -f1 | xargs | sed -e 's/\ /+/g' | bc);
find ./ -path '*/DEBIAN' -prune -o -type f -exec md5sum {} \; | awk '{ print $1 " " substr($2, 10) }' > DEBIAN/md5sums;
sed -i "s/.*Installed-Size: .*/Installed-Size: $pkgisz/" DEBIAN/control;
echo "[+] Packing signed kernel...";
cd ~/kernel;
dpkg-deb -b deb-contents ${pkgnom}_${pkgver}_${pkgarch}.deb;
sudo rm -rf deb-contents;
echo "[+] Deploying Packages Locally...";
sudo cp ${pkgnom}_${pkgver}_${pkgarch}.deb /usr/local/mydebs/;
sudo cp linux-headers-* /usr/local/mydebs/;
sudo cp linux-libc-dev* /usr/local/mydebs/;
sudo cp linux-modules* /usr/local/mydebs/;
sudo cp linux-lib-rust* /usr/local/mydebs/;
sudo update-mydebs;
cd "$cwd";
echo "[+] Kernel Build Finished!";
else
echo "[*] Build Failed!";
cd ~/kernel;
touch last-build-failed;
cd "$cwd";
fi;
fi;
}
function install-tar() {
if [ $# -gt 0 ]; then