Julia Kreger a1c3a1668a Strip some excess from the centos dib image
Strips postfix gcc make from Centos based builds in
an attempt to reduce the overall sie of the ramdisk as C development
utilties are not needed on a ramdisk and better to not have present
on a machine as it complicates attacks to take over and launch to
additional hosts.

Postfix is also present in the ramdisk and is not needed as the
ramdisk has no use for a mail transport agent.

Also removes the GeoIP data files which are not needed by the ramdisk.

Change-Id: I7627e8a3d4924a672af37a468870ba92604e2e66
2020-07-21 19:58:51 +00:00

58 lines
1.7 KiB
Bash
Executable File

#!/bin/bash
# dib-lint: disable=safe_sudo
if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
[ -n "$TARGET_ROOT" ]
USER=${USER:-$(whoami)}
source $_LIB/img-functions
IMAGE_PATH=$(readlink -f $IMAGE_NAME)
cd $TARGET_ROOT
DIB_IPA_COMPRESS_CMD="${DIB_IPA_COMPRESS_CMD:-gzip}"
echo "#disabled" > ./tmp/fstab.new
sudo mv ./tmp/fstab.new ./etc/fstab
sudo ln -s ./sbin/init ./
# Note: The pci.ids, which is used by lshw, locate on Ubuntu
# in /usr/share/misc. Therefore we are removing only the
# ./usr/share/misc/m* (will remove the magic and magic.mgc files).
# on RHEL pci.ids is locate on /usr/share/hwdata/pci.ids.
sudo find . -xdev \
-path './sys/*' -prune -o \
-path './tmp/*' -prune -o \
-path './boot/*' -prune -o \
-path './root/.cache' -prune -o \
-path "*site-packages/babel/locale-data/*" -prune -o \
-path './usr/include/*' -prune -o \
-path './usr/lib/locale/*' -prune -o \
-path './usr/share/doc/*' -prune -o \
-path './usr/share/man/*' -prune -o \
-path './usr/share/GeoIP/*' -prune -o \
-path './usr/share/info/*' -prune -o \
-path './usr/share/licenses/*' -prune -o \
-path './usr/share/locale/*' -prune -o \
-path './usr/share/misc/m*' -prune -o \
-path './usr/src/kernels/*' -prune -o \
-path './var/cache/*' -prune -o \
-path './var/log/*' -prune -o \
-name '*.pyc' -prune -o \
-name '*.pyo' -prune -o \
-print | sudo cpio -o -H newc | ${DIB_IPA_COMPRESS_CMD} > ${IMAGE_PATH}.initramfs
select_boot_kernel_initrd $TARGET_ROOT
sudo cp $BOOTDIR/$KERNEL ${IMAGE_PATH}.kernel
sudo chown $USER: ${IMAGE_PATH}.kernel
# Output image sizes for debugging
sudo ls -lh ${IMAGE_PATH}.*