Skip to content
This repository has been archived by the owner on Oct 11, 2023. It is now read-only.

Commit

Permalink
Add a script that can flush custom certs to iso file
Browse files Browse the repository at this point in the history
  • Loading branch information
niusmallnan committed Jul 10, 2019
1 parent f87c5f0 commit ba2cfe8
Showing 1 changed file with 71 additions and 0 deletions.
71 changes: 71 additions & 0 deletions scripts/tools/flush_crt_iso.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
#!/bin/bash

# How to use:
# make shell-bind
# cd scripts/tools/
# wget https://link/rancheros-xxx.iso
# wget http://link/custom.crt
# ./flush_crt_iso.sh --iso rancheros-vmware-autoformat.iso --cert custom.crt
# exit
# ls ./build/
#

set -ex

BASE_DIR=/tmp
ORIGIN_DIR=/tmp/origin
NEW_DIR=/tmp/new
WORK_DIR=/tmp/work

mkdir -p ${ORIGIN_DIR} ${NEW_DIR} ${WORK_DIR} ${DAPPER_SOURCE}/build

while [ "$#" -gt 0 ]; do
case $1 in
--iso)
shift 1
ISO_FILE=$(readlink -f $1)
;;
--cert)
shift 1
CERT_FILE=$(readlink -f $1)
;;
*)
break
;;
esac
shift 1
done

# copy the iso content
mount -t iso9660 -o loop ${ISO_FILE} ${ORIGIN_DIR}
cp -rf ${ORIGIN_DIR}/* ${NEW_DIR}

# copy the initrd file
INITRD_NAME=$(basename ${ORIGIN_DIR}/boot/initrd-*)
cp ${ORIGIN_DIR}/boot/initrd-* ${WORK_DIR}/

# update and rebuild the initrd
pushd ${WORK_DIR}
mv initrd-* ${INITRD_NAME}.gz
gzip -d ${INITRD_NAME}.gz
cpio -i -F ${INITRD_NAME}
rm -f ${INITRD_NAME}

cat ${CERT_FILE} >> ${WORK_DIR}/usr/etc/ssl/certs/ca-certificates.crt

find | cpio -H newc -o | gzip -9 > ${NEW_DIR}/boot/${INITRD_NAME}
popd

pushd ${NEW_DIR}
xorriso \
-as mkisofs \
-l -J -R -V "${DISTRIB_ID}" \
-no-emul-boot -boot-load-size 4 -boot-info-table \
-b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat \
-isohybrid-mbr /usr/lib/ISOLINUX/isohdpfx.bin \
-o $(basename ${ISO_FILE}) .
popd

# copy out
umount ${ORIGIN_DIR}
cp ${NEW_DIR}/$(basename ${ISO_FILE}) ${DAPPER_SOURCE}/build/

0 comments on commit ba2cfe8

Please sign in to comment.