#!/usr/bin/env bash # veilor-os — ISO builder (host-native via livemedia-creator) # # Why host-native: rootful podman fights btrfs (overlay unsupported) and # rootless can't losetup. Container build env added too much friction; # host-native is the clean path. Required RPMs: # sudo dnf install lorax livecd-tools pykickstart anaconda-tui \ # squashfs-tools xorriso # # Run from repo root. set -euo pipefail REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)" OUT_DIR="$REPO_ROOT/build/out" CACHE_DIR="$REPO_ROOT/build/cache" KS="$REPO_ROOT/kickstart/veilor-os.ks" RELEASEVER="${RELEASEVER:-43}" DATE="$(date +%Y%m%d-%H%M%S)" ISO_NAME="veilor-os-${RELEASEVER}-${DATE}.iso" BOOT_ISO="${BOOT_ISO:-$CACHE_DIR/Fedora-Everything-netinst-x86_64-43-1.6.iso}" mkdir -p "$OUT_DIR" # ── Validate kickstart ── ksvalidator "$KS" # ── Require root (loop devices, mount, dnf install into chroot) ── if [[ $EUID -ne 0 ]]; then echo "[INFO] Re-executing under sudo (loop devices + chroot mounts need root)" exec sudo -E SUDO_ASKPASS="${SUDO_ASKPASS:-/usr/bin/ksshaskpass}" -A "$0" "$@" fi # ── Required tooling check ── for cmd in livemedia-creator ksvalidator mksquashfs xorriso; do command -v "$cmd" >/dev/null || { echo "[ERR] $cmd not found. Install: dnf install lorax livecd-tools pykickstart anaconda-tui squashfs-tools xorriso" exit 1 } done # ── Clean stale build dirs (resultdir only — let lmc manage own tmp) ── rm -rf "$OUT_DIR/build-${DATE}" mkdir -p /tmp/veilor-lmc # ── Build ISO ── # --no-virt: chroot install on host. selinux-policy %triggerin always # fails exit 255 in chroot (no /sys/fs/selinux). Host's anaconda is # patched (transaction_progress.py: log warning instead of raise on # non-fatal tx error). --virt would be cleaner but needs iso9660 # kernel module which veilor host has locked (modules_disabled=1). livemedia-creator \ --make-iso \ --no-virt \ --ks "$KS" \ --resultdir "$OUT_DIR/build-${DATE}" \ --project veilor-os \ --releasever "$RELEASEVER" \ --volid VEILOR_OS \ --tmp /tmp/veilor-lmc \ --logfile "$OUT_DIR/build-${DATE}.log" # ── Move + checksum ── ISO_SRC="$(find "$OUT_DIR/build-${DATE}" -name '*.iso' -type f | head -1)" [[ -n $ISO_SRC ]] || { echo "[ERR] No ISO produced"; exit 1; } mv "$ISO_SRC" "$OUT_DIR/$ISO_NAME" sha256sum "$OUT_DIR/$ISO_NAME" > "$OUT_DIR/$ISO_NAME.sha256" echo echo "════════════════════════════════════════════════════════" echo " ISO ready: $OUT_DIR/$ISO_NAME" echo " Checksum: $OUT_DIR/$ISO_NAME.sha256" echo " Build log: $OUT_DIR/build-${DATE}.log" echo "════════════════════════════════════════════════════════" echo echo " Test in VM: ./test/run-vm.sh" echo " Write to USB: dd if=$OUT_DIR/$ISO_NAME of=/dev/sdX bs=4M status=progress conv=fsync"