V8.13.294.2025.10.28

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-10-28 09:56:37 +01:00
parent 354e78c5a2
commit 7a0fc6127d
46 changed files with 187 additions and 78 deletions
--- a/config/hooks/live/0001_initramfs_modules.chroot
+++ b/config/hooks/live/0001_initramfs_modules.chroot
@@ -224,7 +224,7 @@ cat << 'EOF' >| /etc/initramfs-tools/update-initramfs.conf
 # If set to all update-initramfs will update all initramfs
 # If set to no disables any update to initramfs besides kernel upgrade

-update_initramfs=yes
+update_initramfs=all

 #
 # backup_initramfs [ yes | no ]
@@ -303,7 +303,7 @@ COMPRESS=zstd
 # 1-9 for gzip|bzip2|lzma|lzop
 # 0-9 for  lz4|xz
 # 0-19 for zstd
-# COMPRESSLEVEL=3
+COMPRESSLEVEL=10

 #
 # DEVICE: ...
@@ -355,24 +355,95 @@ cat << 'EOF' >> /etc/initramfs-tools/hooks/ciss_debian_live_builder

 set -e

+printf "\e[95mStarting: [0001_initramfs_modules.chroot] \n\e[0m"
+
 PREREQ=""
-prereqs() { echo "$PREREQ"; }
-case $1 in
+prereqs() { echo "${PREREQ}"; }
+# shellcheck disable=SC2249
+case "${1}" in
  prereqs) prereqs; exit 0 ;;
 esac

 . /usr/share/initramfs-tools/hook-functions

-mkdir -p "${DESTDIR}/bin" "${DESTDIR}/usr/bin" "${DESTDIR}/usr/local/bin"

-# Include Bash
-copy_exec /usr/bin/bash /usr/bin
+### Ensure directory structure in initramfs
+mkdir -p "${DESTDIR}/usr/bin"
+mkdir -p "${DESTDIR}/etc/keys"
+mkdir -p "${DESTDIR}/usr/local/bin"
+mkdir -p "${DESTDIR}/etc/initramfs-tools/conf.d"
+mkdir -p "${DESTDIR}/etc/initramfs-tools/scripts/init-premount"
+mkdir -p "${DESTDIR}/usr/sbin"

-# Include lsblk (block device information tool)
-copy_exec /usr/bin/lsblk /usr/bin

-# Include udevadm (udev management tool)
-copy_exec /usr/bin/udevadm /usr/bin
+### Include bash
+copy_exec /usr/bin/bash /usr/bin/bash
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/bash /usr/bin/bash] \n\e[0m"
+
+
+### Include blkid
+copy_exec /usr/sbin/blkid /usr/sbin/blkid
+printf "\e[92mSuccessfully executed: [copy_exec /usr/sbin/blkid /usr/sbin/blkid] \n\e[0m"
+
+
+### Include busybox
+copy_exec /usr/bin/busybox /usr/busybox
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/busybox /usr/busybox] \n\e[0m"
+
+
+### Include GNU coreutils 'sort' (has -V)
+copy_exec /usr/bin/sort /usr/bin/sort
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/sort /usr/bin/sort] \n\e[0m"
+
+
+### Include gpgv
+copy_exec /usr/bin/gpgv /usr/bin/gpgv
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/gpgv /usr/bin/gpgv] \n\e[0m"
+
+
+### Include lsblk
+copy_exec /usr/bin/lsblk /usr/bin/lsblk
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/lsblk /usr/bin/lsblk] \n\e[0m"
+
+
+### Include mkpasswd
+copy_exec /usr/bin/mkpasswd /usr/mkpasswd
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/mkpasswd /usr/mkpasswd] \n\e[0m"
+copy_exec /usr/bin/mkpasswd /usr/bin/mkpasswd
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/mkpasswd /usr/bin/mkpasswd] \n\e[0m"
+
+
+### Include udevadm (udev management tool)
+copy_exec /usr/bin/udevadm /usr/bin/udevadm
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/udevadm /usr/bin/udevadm] \n\e[0m"
+
+
+### Include sha384sum, sha512sum
+copy_exec /usr/bin/sha384sum /usr/bin/sha384sum
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/sha384sum /usr/bin/sha384sum ] \n\e[0m"
+copy_exec /usr/bin/sha512sum /usr/bin/sha512sum
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/sha512sum /usr/bin/sha512sum] \n\e[0m"
+
+
+### Include tree
+copy_exec /usr/bin/tree /usr/bin/tree
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/tree /usr/bin/tree] \n\e[0m"
+
+
+### Include whois
+copy_exec /usr/bin/whois /usr/bin/whois
+printf "\e[92mSuccessfully executed: [copy_exec /usr/bin/whois /usr/bin/whois] \n\e[0m"
+
+
+### Link busybox applets for compatibility
+for dir in bin usr/bin; do
+  ln -sf busybox "${DESTDIR}/${dir}/cat"
+  ln -sf busybox "${DESTDIR}/${dir}/sleep"
+done
+
+printf "\e[92mSuccessfully executed: [0001_initramfs_modules.chroot] \n\e[0m"
+
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF

 chmod 0755 /etc/initramfs-tools/hooks/ciss_debian_live_builder
--- a/config/hooks/live/0007_update_logrotate.chroot
+++ b/config/hooks/live/0007_update_logrotate.chroot
@@ -24,10 +24,10 @@ cat << EOF >| "/etc/logrotate.conf"
 daily

 # Keep 384 daily worth of backlogs.
-rotate 384
+rotate 90

 # Hard cap: delete rotated logs older than 384 days.
-maxage 384
+maxage 90

 # Do not rotate the log if it is empty (this overrides the ifempty option).
 notifempty
--- a/config/hooks/live/9998_sources_list_trixie.chroot
+++ b/config/hooks/live/9998_sources_list_trixie.chroot
@@ -126,7 +126,7 @@ fi

 apt-get update -qq
 apt-get dist-upgrade -y        # (= apt full-upgrade) allow installs/replacements/removals.
-apt-get autoremove --purge -y  # 'autopurge' == 'autoremove --purge'; don't run both.
+apt-get autoremove --purge -y  # 'autopurge' == 'autoremove --purge'.
 apt-get clean -y               # Stronger than autoclean: removes the entire '.deb'-cache.

 printf "\e[92m++++ ++++ ++++ ++++ ++++ ++++ ++ ✅ '%s' applied successfully. \e[0m\n" "${0}"
--- a/config/hooks/live/9999_yyyy_logrotate.chroot
+++ b/config/hooks/live/9999_yyyy_logrotate.chroot
@@ -37,13 +37,17 @@ declare     var_file="" var_log=""
 export DEBIAN_FRONTEND="noninteractive"

 for var_log in "${ary_logrotate[@]}"; do
+
  var_file="/etc/logrotate.d/${var_log}"
+
  [[ -e "${var_file}" ]] || continue
+
  ### Replace leading 'monthly'/'weekly' directives with 'daily', preserving indentation and trailing comments.
  sed -E -i \
    -e 's/^([[:space:]]*)(monthly|weekly)([[:space:]]*)(#.*)?$/\1daily\3\4/' \
-    -e 's/^([[:space:]]*)rotate([[:space:]]+[0-9]+)?([[:space:]]*)(#.*)?$/\1rotate 384\3\4/' \
+    -e 's/^([[:space:]]*)rotate([[:space:]]+[0-9]+)?([[:space:]]*)(#.*)?$/\1rotate 90\3\4/' \
    "${var_file}"
+
 done

 if ! logrotate -d /etc/logrotate.conf; then