diff --git a/CONF.sh b/CONF.sh new file mode 100644 index 0000000..a3529f8 --- /dev/null +++ b/CONF.sh @@ -0,0 +1,472 @@ +# +# This file will have to be sourced where needed + +# To prevent sourcing this file twice when using scripts to build CD images, +# use the following code at the top of your script: +# CF=CONF.sh +# . $CF +# export DEBIAN_CD_CONF_SOURCED=true + +# Allow to prevent double sourcing of this file +if [ "$DEBIAN_CD_CONF_SOURCED" = true ]; then + return 0 +fi + +# Unset all optional variables first to start from a clean state +unset NONFREE || true +unset CONTRIB || true +unset EXTRANONFREE || true +unset LOCAL || true +unset LOCALDEBS || true +unset SECURITY || true +unset PROPOSED_UPDATES || true +unset UNRELEASED || true +unset BOOTDIR || true +unset SYMLINK || true +unset COPYLINK || true +unset MKISOFS || true +unset MKISOFS_OPTS || true +unset ISOLINUX || true +unset EXCLUDE || true +unset NORECOMMENDS || true +unset NOSUGGESTS || true +unset IMAGESUMS || true +unset JIGDOTEMPLATEURL || true +unset JIGDOFALLBACKURLS || true +unset JIGDOINCLUDEURLS || true +unset JIGDOSCRIPT || true +unset JIGDO_OPTS || true +unset PUBLISH_URL || true +unset PUBLISH_PATH || true +unset UDEB_INCLUDE || true +unset UDEB_EXCLUDE || true +unset BASE_INCLUDE || true +unset BASE_EXCLUDE || true +unset INSTALLER_CD || true +unset MAXCDS || true +unset MAXISOS || true +unset MAXJIGDOS || true +unset SPLASHPNG || true +unset OMIT_MANUAL || true +unset OMIT_RELEASE_NOTES || true +unset OMIT_DOC_TOOLS || true +unset MAX_PKG_SIZE || true +unset DEBOOTSTRAP_OPTS || true +unset ARCHIVE_KEYRING_PACKAGE || true +unset ARCHIVE_KEYRING_FILE || true + +# The debian-cd dir +# Where I am (hoping I'm in the debian-cd dir) +export BASEDIR=/usr/share/debian-cd + +# Name of the distribution for the image filename (Defaults to 'debian') +export CDNAME=kali + +# Building $codename cd set ... +# export CODENAME=buster # set by build.sh + +# By default use Debian installer packages from $CODENAME +if [ -z "$DI_CODENAME" ]; then + export DI_CODENAME=$CODENAME +fi +# If you want backported d-i (e.g. by setting +# DI_CODENAME=jessie-backports, then you'll almost definitely also +# want to enable BACKPORTS below as well + +# Should we include some packages from backports? If so, point at a +# file containing a list of binary packages to include here. Packages +# contained in that list will be chosen by preference from +# ${CODENAME}-backports rather than just ${CODENAME}, along with +# dependencies if they're needed as well +#export BACKPORTS=backports-list + +# If set, controls where the d-i components are downloaded from. +# This may be an url, or "default", which will make it use the default url +# for the daily d-i builds. If not set, uses the official d-i images from +# the Debian mirror. +#export DI_WWW_HOME=default + +# Version number, "2.2 r0", "2.2 r1" etc. +# export DEBVERSION="10.0.0" # set by build.sh + +# Official or non-official set. +# NOTE: THE "OFFICIAL" DESIGNATION IS ONLY ALLOWED FOR IMAGES AVAILABLE +# ON THE OFFICIAL DEBIAN CD WEBSITE https://cdimage.debian.org +#export OFFICIAL="Unofficial" +export OFFICIAL="Official" +#export OFFICIAL="Official Beta" + +# ... for arch +if [ -z "$ARCHES" ]; then + CPU=`dpkg-architecture -qDEB_HOST_ARCH_CPU 2>/dev/null || true` + if [ -z "$CPU" ]; then + CPU=`dpkg-architecture -qDEB_HOST_ARCH` + fi + KERNEL=`dpkg-architecture -qDEB_HOST_ARCH_OS 2>/dev/null || true` + if [ -z "$KERNEL" ]; then + KERNEL=linux + fi + if [ $KERNEL = linux ] ; then + ARCHES=$CPU + else + ARCHES="$KERNEL-$CPU" + fi + export ARCHES +fi + +# IMPORTANT : The 4 following paths must be on the same partition/device. +# If they aren't then you must set COPYLINK below to 1. This +# takes a lot of extra room to create the sandbox for the ISO +# images, however. Also, if you are using an NFS partition for +# some part of this, you must use this option. +# Paths to the mirrors + +# XXX: All set by build.sh + +# Do I want to have NONFREE merged in the CD set +export NONFREE=1 + +# Do I want to have CONTRIB merged in the CD set +export CONTRIB=1 + +# Do I want to have NONFREE on a separate CD (the last CD of the CD set) +# WARNING: Don't use NONFREE and EXTRANONFREE at the same time ! +# export EXTRANONFREE=1 + +# Do I want to force (potentially non-free) firmware packages to be +# placed on disc 1? Will make installation much easier if systems +# contain hardware that depends on this firmware +export FORCE_FIRMWARE=1 + +# If you have a $MIRROR/dists/$CODENAME/local/binary-$ARCH dir with +# local packages that you want to put on the CD set then +# uncomment the following line +# export LOCAL=1 + +# If your local packages are not under $MIRROR, but somewhere else, +# you can uncomment this line and edit to to point to a directory +# containing dists/$CODENAME/local/binary-$ARCH +# export LOCALDEBS=/home/joey/debian/va/debian + +# Where to find the security patches. This directory should be the +# top directory of a security.debian.org mirror. +#export SECURITY="$TOPDIR"/debian/debian-security + +# Include proposed updates +# Note that on the CDs it will not be visible where packages came from: +# from the released archive or from proposed updates archive. +# NOTE: intended to be used for pre-release testing, not for publication! +#export PROPOSED_UPDATES=$CODENAME-proposed-updates + +# Include packages from Debian Ports unreleased +#export UNRELEASED=1 + +# Sparc only : bootdir (location of cd.b and second.b) +# export BOOTDIR=/boot + +# Symlink farmers should uncomment this line : +# export SYMLINK=1 + +# Use this to force copying the files instead of symlinking or hardlinking +# them. This is useful if your destination directories are on a different +# partition than your source files. +# export COPYLINK=1 + +# Options +# export MKISOFS=mkisofs +# export MKISOFS_OPTS="-r" #For normal users +# export MKISOFS_OPTS="-r -F ." #For symlink farmers + +# Override for i386 and amd64 to use xorriso instead of +# mkisofs/genisoimage. Allows creation of isohybrid images: ISO images +# that will burn correctly onto a CD and also can be written raw to a +# USB stick. xorriso 0.6.5 and later has working support for this. +#export i386_MKISOFS="xorriso" +#export i386_MKISOFS_OPTS="-as mkisofs -r -checksum_algorithm_iso sha256,sha512" +#export amd64_MKISOFS="xorriso" +#export amd64_MKISOFS_OPTS="-as mkisofs -r -checksum_algorithm_iso sha256,sha512" + +# Keyring (defaults): +ARCHIVE_KEYRING_PACKAGE=kali-archive-keyring +# The path to the keyring file relative to $TDIR/archive-keyring/ +ARCHIVE_KEYRING_FILE=usr/share/keyrings/kali-archive-keyring.gpg + +# By default we use debootstrap --no-check-gpg to find out the minimal set +# of packages because there's no reason to not trust the local mirror. But +# you can be paranoid and then you need to indicate the keyring to use to +# validate the mirror. +#export DEBOOTSTRAP_OPTS="--keyring $TDIR/archive-keyring/$ARCHIVE_KEYRING_FILE" + +# ISOLinux support for multiboot on CD1 for i386 +export ISOLINUX=1 + +# uncomment this to if you want to see more of what the Makefile is doing +#export VERBOSE_MAKE=1 + +# The maximum size allowed for an individual package, in bytes; if +# larger than this, it will be excluded (and all dependents, of +# course). We'll create a README.excluded in the root of CD1 listing +# them too +export MAX_PKG_SIZE=600000000 + +# Should build_all.sh try to build a simple CD image if the proper official +# CD run does not work? +ATTEMPT_FALLBACK=yes + +# Set your disk type here. Known types are: +# BC (businesscard): 650 MiB max (should be limited elsewhere, +# should never fill a CD anyway) +# NETINST: 650 MiB max (ditto) +# CD: standard 74-min CD (650 MiB) +# CD700: (semi-)standard 80-min CD (700 MiB) +# DVD: standard 4.7 GB DVD +# DLDVD: standard 8.5 GB dual-layer DVD +# BD: standard 25 GB blu-ray +# DLBD: standard 50 GB dual-layer blu-ray +# STICKGB: GB USB stick or similar +# CUSTOM: up to you - specify a size to go with it (in 2K blocks) +#export DISKTYPE=CD +#export DISKTYPE=CUSTOM +#export CUSTOMSIZE=XXXX +# If you want to over-ride this choice (e.g. to make a larger version of a given disk), +# you can do the following: +# export FORCE_CD_SIZE= to change all the sizes in a given run +# export FORCE_CD_SIZE1= to change the size of disk 1 (only) + +# Extra variants to enable. See docs/README.variants for more information. +export VARIANTS= + +# We don't want certain packages to take up space on CD1... +#export EXCLUDE1=exclude +# ...but they are okay for other CDs (UNEXCLUDEx == may be included +# on CD x if not already covered) +#export UNEXCLUDE2=unexclude-CD2 +# Any packages listed in EXCLUDEx but not in any UNEXCLUDE will be +# excluded completely. The same goes for packages listed in EXCLUDE. + +# Set this if the recommended packages should be skipped when adding +# package on the CD. The default is 'true'. +export NORECOMMENDS=0 + +# Set this if the suggested packages should be skipped when adding +# package on the CD. The default is 'true'. +export NOSUGGESTS=1 + +# Set to 1 to generate checksum files for generated images +export IMAGESUMS=1 + +# And define the set of checksum algorithms you want here. Default is +# sha512 sha256 +# export CHECKSUMS="sha512 sha256" + +# We may have to extract files from packages to put them onto the CD +# (e.g. bootloader files). If you make those packages (and their +# sources) available somewhere, list it here so that README.source +# can point to it. Note that your mirror must have repositories of +# source packages if you enable this option. +# export ARCHIVE_EXTRACTED_SOURCES="https://cdimage.debian.org/cdimage/cd-sources/" + +# Produce iso/jigdo files: specify how many iso/jigdo files should be +# produced in your set. If not set or when the value is "ALL" they will +# be created for all images. One of the variables can be set to zero if +# either iso or jigdo files are not wanted. +# Replaces the old "DOJIGDO" setting with something much more flexible. +export MAXISOS=1 +export MAXJIGDOS=0 + +# HTTP/FTP URL for directory where you intend to make the templates +# available. You should not need to change this; the default value "" +# means "template in same dir as the .jigdo file", which is usually +# correct. If it is non-empty, it needs a trailing slash. "%ARCH%" +# will be substituted by the current architecture. +#export JIGDOTEMPLATEURL="" +# +# Name of a directory on disc to create data for a fallback server in. +# Should later be made available by you at the URL given in +# JIGDOFALLBACKURLS. In the directory, two subdirs named "Debian" and +# "Non-US" will be created, and filled with hard links to the actual +# files in your FTP archive. Because of the hard links, the dir must +# be on the same partition as the FTP archive! If unset, no fallback +# data is created, which may cause problems - see README. +#export JIGDOFALLBACKPATH="$(OUT)/snapshot/" +# +# Space-separated list of label->URL mappings for "jigdo fallback +# server(s)" to add to .jigdo file. If unset, no fallback URL is +# added, which may cause problems - see README. +#export JIGDOFALLBACKURLS="Debian=http://myserver/snapshot/Debian/ Non-US=http://myserver/snapshot/Non-US/" +# +# Space-separated list of "include URLs" to add to the .jigdo file. +# The included files are used to provide an up-to-date list of Debian +# mirrors to the jigdo _GUI_application_ (_jigdo-lite_ doesn't support +# "[Include ...]"). +export JIGDOINCLUDEURLS="https://cdimage.debian.org/debian-cd/debian-servers.jigdo" +# +# $JIGDOTEMPLATEURL and $JIGDOINCLUDEURLS are passed to +# "tools/jigdo_header", which is used by default to generate the +# [Image] and [Servers] sections of the .jigdo file. You can provide +# your own script if you need the .jigdo file to contain different +# data. +#export JIGDOSCRIPT="myscript" + +# A couple of things used only by publish_cds, so it can tweak the +# jigdo files, and knows where to put the results. +# You need to run publish_cds manually, it is not run by the Makefile. +export PUBLISH_URL="https://cdimage.debian.org/jigdo-area" +export PUBLISH_PATH="/home/jigdo-area/" + +# Specify files and directories to *exclude* from jigdo processing. These +# files on each CD are expected to be different to those on the mirror, or +# are often subject to change. Any files matching entries in this list will +# simply be placed straight into the template file. +export JIGDO_EXCLUDE="'README*' /doc/ /md5sum.txt /.disk/ /pics/ 'Release*' 'Packages*' 'Sources*'" + +# Specify files that MUST match entries in the externally-supplied +# md5-list. If they do not, the CD build process will fail; something +# must have been corrupted. Replaces the old mirrorcheck code. +export JIGDO_INCLUDE="/pool/" + +# Specify the minimum file size to consider for jigdo processing. Any files +# smaller than this will simply be placed straight into the template file. +export JIGDO_OPTS="-jigdo-min-file-size 1024" + +for EXCL in $JIGDO_EXCLUDE; do + JIGDO_OPTS="$JIGDO_OPTS -jigdo-exclude $EXCL" +done + +for INCL in $JIGDO_INCLUDE; do + JIGDO_OPTS="$JIGDO_OPTS -jigdo-force-md5 $INCL" +done + +# Base link for snapshot.debian.org or similar +# "SNAPDATETIME" will be replaced at runtime with the correct data +# Leave this unset to not add this entry +export SNAPURL=Debian=https://snapshot.debian.org/archive/debian/SNAPDATETIME/ + +# File with list of packages to include when fetching modules for the +# first stage installer (debian-installer). One package per line. +# Lines starting with '#' are comments. The package order is +# important, as the packages will be installed in the given order. +#export UDEB_INCLUDE="$BASEDIR"/data/$CODENAME/udeb_include + +# File with list of packages to exclude as above. +#export UDEB_EXCLUDE="$BASEDIR"/data/$CODENAME/udeb_exclude + +# File with list of packages to include when running debootstrap from +# the first stage installer (currently only supported in +# debian-installer). One package per line. Lines starting with '#' +# are comments. The package order is important, as the packages will +# be installed in the given order. +#export BASE_INCLUDE="$BASEDIR"/data/$CODENAME/base_include + +# File with list of packages to exclude as above. +#export BASE_EXCLUDE="$BASEDIR"/data/$CODENAME/base_exclude + +# Only put the installer onto the cd (set NORECOMMENDS,... as well, +# and if you're not using build.sh then also make sure you set TASK +# appropriately here) +# INSTALLER_CD=0: nothing special (default) +# INSTALLER_CD=1: just add debian-installer (use TASK=debian-installer) +# INSTALLER_CD=2: add d-i and base (use TASK=debian-installer+kernel) +export INSTALLER_CD=2 +export TASK=kali + +# Parameters to pass to kernel (or d-i) when the CD boots. Not currently +# supported for all architectures. +#export KERNEL_PARAMS="DEBCONF_PRIORITY=critical" + +# Default desktop (currently only used by win32-loader) +export DESKTOP=xfce + +# If set, limits the number of images to produce. The maximum +# value of MAXISOS and MAXJIGDOS are limited to this setting. +export MAXCDS=1 + +# If set, overrides the boot picture used. +#export SPLASHPNG="$BASEDIR/data/$CODENAME/splash-img.png" + +# Set to 1 to save space by omitting the installation manual. +# If so the README will link to the manual on the web site. +export OMIT_MANUAL=1 + +# Set to 1 to save space by omitting the release notes +# If so we will link to them on the web site. +export OMIT_RELEASE_NOTES=1 + +# Set this to override the default location +#export RELEASE_NOTES_LOCATION="https://www.debian.org/releases/$CODENAME" + +# Set to 1 to not include the doc/tools directories on CD1 +# Useful to save space and avoids failures if you have a mirror +# without those directories. +export OMIT_DOC_TOOLS=1 + +case "$OFFICIAL" in + "Official") + export OFFICIAL_VAL=2 + ;; + "Official Beta") + export OFFICIAL_VAL=1 + ;; + *) + export OFFICIAL_VAL=0 + ;; +esac + +# Add options to wget to include support for the Debian CA, so +# https://d-i.debian.org et al will work. +if [ -d "/etc/ssl/ca-debian" ]; then + export WGET_OPTS="--ca-directory /etc/ssl/ca-debian/" +fi +export WGET="wget $WGET_OPTS" + +# Set this to force the Release file(s) to say "stable". Used in first +# Etch builds to allow us to build before the archive updated +#EARLY_BUILD_HACK=1 + +################################## +# LOCAL HOOK DEFINITIONS +################################## +# +# Set these to point to scripts/programs to be called at various +# points in the debian-cd image-making process. This is the ideal place +# to customise what's on the CDs, for example to add extra files or +# modify existing ones. Each will be called with the arguments in order: +# +# $TDIR (the temporary dir containing the build tree) +# $MIRROR (the location of the mirror) +# $DISKNUM (the image number in the set) +# $CDDIR (the root of the temp disc tree) +# $ARCHES (the set of architectures chosen) +# +# BE CAREFUL about what you do at each point: in the first couple of +# cases, files and directories you're looking to use may not exist yet, +# you may need to worry about adding entries into md5sum.txt yourself +# and (in the last couple of cases) if you add any extra files you may +# end up over-filling the disc. If you *do* need to add files at the end +# of the process, see RESERVED_BLOCKS_HOOK below. It's strongly +# recommended to do this kind of customisation up-front if you can, it's +# much simpler that way! + +# The disc_start hook. This will be called near the beginning of the +# start_new_disc script, just after the directory tree has been created +# but before any files have been added +#export DISC_START_HOOK=/bin/true + +# The disc_pkg hook. This will be called just after the +# start_new_disc script has finished, just before make_disc_trees.pl +# starts to add package files. +#export DISC_PKG_HOOK=/bin/true + +# The reserved_blocks hook; if set, this script should print the +# number of 2K blocks that need to be reserved for data to be added +# *after* a disc tree is filled with packages. +#export RESERVED_BLOCKS_HOOK=/bin/true + +# The disc_finish hook. This will be called once a disc image is full, +# just after the last package rollback but before the last bits of +# cleanup are done on the temp disc tree +#export DISC_FINISH_HOOK=/bin/true + +# The disc_end hook. This will be called *right* at the end of the +# image-making process in make_disc_trees.pl. +#export DISC_END_HOOK=/bin/true diff --git a/build.sh b/build.sh index e62526c..04a22de 100755 --- a/build.sh +++ b/build.sh @@ -6,13 +6,27 @@ set -o pipefail # Bashism KALI_DIST="kali-rolling" KALI_VERSION="" KALI_VARIANT="default" +IMAGE_TYPE="live" TARGET_DIR="$(dirname $0)/images" TARGET_SUBDIR="" SUDO="sudo" VERBOSE="" HOST_ARCH=$(dpkg --print-architecture) +MIRROR=${MIRROR:-/srv/mirror/kali} image_name() { + case "$IMAGE_TYPE" in + live) + live_image_name "$@" + ;; + installer) + installer_image_name "$@" + ;; + esac +} + + +live_image_name() { local arch=$1 case "$arch" in @@ -26,6 +40,10 @@ image_name() { echo $IMAGE_TEMPLATE | sed -e "s/ARCH/$arch/" } +installer_image_name() { + echo "debian-cd/out/kali-$KALI_VERSION-ARCH-1.iso" +} + target_image_name() { local arch=$1 @@ -34,10 +52,20 @@ target_image_name() { if [ "$IMAGE_EXT" = "$IMAGE_NAME" ]; then IMAGE_EXT="img" fi - if [ "$KALI_VARIANT" = "default" ]; then - echo "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VERSION-$KALI_ARCH.$IMAGE_EXT" + if [ "$IMAGE_TYPE" = "live" ]; then + if [ "$KALI_VARIANT" = "default" ]; then + echo "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VERSION-$KALI_ARCH.$IMAGE_EXT" + else + echo "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VERSION-$KALI_VARIANT-$KALI_ARCH.$IMAGE_EXT" + fi else - echo "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VERSION-$KALI_VARIANT-$KALI_ARCH.$IMAGE_EXT" + if [ "$KALI_VARIANT" = "default" ]; then + echo + "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VERSION-installer-$KALI_ARCH.$IMAGE_EXT" + else + echo + "${TARGET_SUBDIR:+$TARGET_SUBDIR/}kali-linux-$KALI_VERSION-installer-$KALI_VARIANT-$KALI_ARCH.$IMAGE_EXT" + fi fi } @@ -58,10 +86,7 @@ default_version() { } failure() { - # Cleanup update-kali-menu that might stay around so that the - # build chroot can be properly unmounted - $SUDO pkill -f update-kali-menu || true - echo "Build of $KALI_DIST/$KALI_VARIANT/$KALI_ARCH live image failed (see build.log for details)" >&2 + echo "Build of $KALI_DIST/$KALI_VARIANT/$KALI_ARCH $IMAGE_TYPE image failed (see build.log for details)" >&2 exit 2 } @@ -77,7 +102,7 @@ run_and_log() { . $(dirname $0)/.getopt.sh # Parsing command line options -temp=$(getopt -o "$BUILD_OPTS_SHORT" -l "$BUILD_OPTS_LONG,get-image-path" -- "$@") +temp=$(getopt -o "$BUILD_OPTS_SHORT" -l "$BUILD_OPTS_LONG,get-image-path,installer" -- "$@") eval set -- "$temp" while true; do case "$1" in @@ -86,6 +111,7 @@ while true; do -a|--arch) KALI_ARCH="$2"; shift 2; ;; -v|--verbose) VERBOSE="1"; shift 1; ;; -s|--salt) shift; ;; + --installer) IMAGE_TYPE="installer"; shift 1 ;; --variant) KALI_VARIANT="$2"; shift 2; ;; --version) KALI_VERSION="$2"; shift 2; ;; --subdir) TARGET_SUBDIR="$2"; shift 2; ;; @@ -118,6 +144,7 @@ fi # Build parameters for lb config KALI_CONFIG_OPTS="--distribution $KALI_DIST -- --variant $KALI_VARIANT" +CODENAME=$KALI_DIST # for debian-cd if [ -n "$OPT_pu" ]; then KALI_CONFIG_OPTS="$KALI_CONFIG_OPTS --proposed-updates" KALI_DIST="$KALI_DIST+pu" @@ -129,21 +156,37 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Either we use a git checkout of live-build # export LIVE_BUILD=/srv/cdimage.kali.org/live/live-build -# Or we ensure we have proper version installed -ver_live_build=$(dpkg-query -f '${Version}' -W live-build) -if dpkg --compare-versions "$ver_live_build" lt 1:20151215kali1; then - echo "ERROR: You need live-build (>= 1:20151215kali1), you have $ver_live_build" >&2 - exit 1 -fi +case "$IMAGE_TYPE" in + live) + # Or we ensure we have proper version installed + ver_live_build=$(dpkg-query -f '${Version}' -W live-build) + if dpkg --compare-versions "$ver_live_build" lt 1:20151215kali1; then + echo "ERROR: You need live-build (>= 1:20151215kali1), you have $ver_live_build" >&2 + exit 1 + fi -# Check we have a good debootstrap -ver_debootstrap=$(dpkg-query -f '${Version}' -W debootstrap) -if dpkg --compare-versions "$ver_debootstrap" lt "1.0.97"; then - if ! echo "$ver_debootstrap" | grep -q kali; then - echo "ERROR: You need debootstrap >= 1.0.97 (or a Kali patched debootstrap). Your current version: $ver_debootstrap" >&2 - exit 1 - fi -fi + # Check we have a good debootstrap + ver_debootstrap=$(dpkg-query -f '${Version}' -W debootstrap) + if dpkg --compare-versions "$ver_debootstrap" lt "1.0.97"; then + if ! echo "$ver_debootstrap" | grep -q kali; then + echo "ERROR: You need debootstrap >= 1.0.97 (or a Kali patched debootstrap). Your current version: $ver_debootstrap" >&2 + exit 1 + fi + fi + ;; + installer) + ver_debian_cd=$(dpkg-query -f '${Version}' -W debian-cd) + if dpkg --compare-versions "$ver_live_build" lt 3.1.27; then + echo "ERROR: You need live-build (>= 3.1.27), you have $ver_live_build" >&2 + exit 1 + fi + + if [ ! -d $MIRROR ]; then + echo "ERROR: You need to have a local Kali mirror and indicate its location in the MIRROR environment variable." >&2 + exit 1 + fi + ;; +esac # We need root rights at some point if [ "$(whoami)" != "root" ]; then @@ -166,14 +209,56 @@ mkdir -p $TARGET_DIR/$TARGET_SUBDIR IMAGE_NAME="$(image_name $KALI_ARCH)" set +e : > build.log -run_and_log $SUDO lb clean --purge -[ $? -eq 0 ] || failure -run_and_log lb config -a $KALI_ARCH $KALI_CONFIG_OPTS "$@" -[ $? -eq 0 ] || failure -run_and_log $SUDO lb build -if [ $? -ne 0 ] || [ ! -e $IMAGE_NAME ]; then - failure -fi + +case "$IMAGE_TYPE" in + live) + run_and_log $SUDO lb clean --purge + [ $? -eq 0 ] || failure + run_and_log lb config -a $KALI_ARCH $KALI_CONFIG_OPTS "$@" + [ $? -eq 0 ] || failure + run_and_log $SUDO lb build + if [ $? -ne 0 ] || [ ! -e $IMAGE_NAME ]; then + failure + fi + ;; + installer) + # Configure debian-cd with the runtime parameters + export CF=$(pwd)/CONF.sh + . $CF + export DEBIAN_CD_CONF_SOURCED=true + export ARCHES=$KALI_ARCH + export DEBVERSION=$KALI_VERSION + export CODENAME # set earlier + if [ "$KALI_VARIANT" = "netinst" ]; then + export DISKTYPE="netinst" + else + export DISKTYPE="DVD" + fi + + # Setup the required paths + mkdir -p debian-cd/tmp/apt debian-cd/out debian-cd/basedir + cp -a /usr/share/debian-cd/* debian-cd/basedir/ + export MIRROR # set by the user + export BASEDIR=$(pwd)/debian-cd/basedir + export TDIR=$(pwd)/debian-cd/tmp + export APTTMP=$TDIR/apt + export OUT=$(pwd)/debian-cd/out + + # Configure the task with the packages we want + mkdir -p $BASEDIR/tasks/$CODENAME + ( + echo "#include "; + grep -v '^#' kali-config/variant-$KALI_VARIANT/package-lists/kali.list.chroot + ) >$BASEDIR/tasks/$CODENAME/kali + export TASK=kali + + run_and_log $BASEDIR/build.sh $KALI_ARCH + if [ $? -ne 0 ] || [ ! -e $IMAGE_NAME ]; then + failure + fi + ;; +esac + set -e mv -f $IMAGE_NAME $TARGET_DIR/$(target_image_name $KALI_ARCH) mv -f build.log $TARGET_DIR/$(target_build_log $KALI_ARCH) diff --git a/kali-config/variant-netinst/package-lists/kali.list.chroot b/kali-config/variant-netinst/package-lists/kali.list.chroot new file mode 100644 index 0000000..affd284 --- /dev/null +++ b/kali-config/variant-netinst/package-lists/kali.list.chroot @@ -0,0 +1,4 @@ +# Empty list because netinst has no embedded packages +# +# This variant is not meant to be used with live-build but only with +# debian-cd and thus ./build.sh --installer --variant netinst