Hi Francesco, Quoting Francesco Poli (wintermute) (2019-11-10 18:44:47) > Hello and thanks for developing/packaging this tool! > > I wonder whether it can be used to create (without superuser privileges!) > a QEMU/KVM image. > I am especially interested in QEMU/KVM images suitable as autopkgtest > testbeds (autopkgtest-virt-qemu), but the feature could perhaps be > useful for building other minimal Debian base QEMU/KVM images as well... > > As you most probably know, autopkgtest-build-qemu uses vmdb2 under the > hood, and vmdb2 [requires] to be run as root. I wonder whether mmdebstrap > can be used in stead of vmdb2, in order to lift the superuser privilege > requirement. > > [requires]: <https://bugs.debian.org/944386> > > Could this feature be implemented? It would really be awesome to have > a tool that allows a regular user to create a QEMU/KVM minimal Debian > image...
it does not need to be implemented because it is already possible.
It works through currently undocumented options that allow for hooks. Well,
actually the documentation already exists but is commented out, so you don't
see it in the man page that is generated from Perl POD. You can read the
documentation by reading the POD at the end of /usr/bin/mmdebstrap. For your
convenience I'll paste you the missing docs at the end of this mail. Part of
the docs is precisely what you were asking for: how to use mmdebstrap to
replace autopkgtest-build-qemu.
Thanks!
cheers, josch
--setup-hook=command
Execute arbitrary commands right after initial setup (directory
creation,
configuration of apt and dpkg, ...) but before any packages are
downloaded
or installed. At that point, the chroot directory does not
contain any
executables and thus cannot be chroot-ed into. The option can be
specified multiple times and the commands are executed in the
order in
which they are given on the command line. If command is an
existing
executable file or if command does not contain any shell
metacharacters,
then command is directly exec-ed with the path to the chroot
directory
passed as the first argument. Otherwise, command is executed
under sh and
the chroot directory can be accessed via $1. All environment
variables
used by mmdebstrap (like "APT_CONFIG", "DEBIAN_FRONTEND",
"LC_ALL" and
"PATH") are preserved.
Example: Setup merged-/usr via symlinks
--setup-hook='for d in bin sbin lib; do ln -s usr/$d
"$1/$d"; mkdir -p "$1/usr/$d"; done'
Example: Setup chroot for installing a sub-essential
busybox-based chroot
with --variant=custom
--include=dpkg,busybox,libc-bin,base-files,base-passwd,debianutils
--setup-hook='mkdir -p "$1/bin"'
--setup-hook='for p in awk cat chmod chown cp diff echo env
grep less ln mkdir mount rm rmdir sed sh sleep sort touch uname; do ln -s
busybox "$1/bin/$p"; done'
--setup-hook='echo root:x:0:0:root:/root:/bin/sh >
"$1/etc/passwd"'
--setup-hook='printf "root:x:0:\nmail:x:8:\nutmp:x:43:\n" >
"$1/etc/group"'
--essential-hook=command
Execute arbitrary commands after the Essential:yes packages have
been
installed but before installing the remaining packages. The hook
is not
executed for the extract and custom variants. The option can be
specified
multiple times and the commands are executed in the order in
which they
are given on the command line. If command is an existing
executable file
or if command does not contain any shell metacharacters, then
command is
directly exec-ed with the path to the chroot directory passed as
the first
argument. Otherwise, command is executed under sh and the chroot
directory
can be accessed via $1. All environment variables used by
mmdebstrap (like
"APT_CONFIG", "DEBIAN_FRONTEND", "LC_ALL" and "PATH") are
preserved.
Example: Enable unattended upgrades
--essential-hook='echo unattended-upgrades
unattended-upgrades/enable_auto_updates boolean true | chroot "$1"
debconf-set-selections'
Example: Select Europe/Berlin as the timezone
--essential-hook='echo tzdata tzdata/Areas select Europe |
chroot "$1" debconf-set-selections'
--essential-hook='echo tzdata tzdata/Zones/Europe select
Berlin | chroot "$1" debconf-set-selections'
--customize-hook=command
Execute arbitrary commands after the chroot is set up and all
packages got
installed but before final cleanup actions are carried out. The
option
can be specified multiple times and the commands are executed in
the order
in which they are given on the command line. If command is an
existing
executable file or if command does not contain any shell
metacharacters,
then command is directly exec-ed with the path to the chroot
directory
passed as the first argument. Otherwise, command is executed
under sh and
the chroot directory can be accessed via $1. All environment
variables
used by mmdebstrap (like "APT_CONFIG", "DEBIAN_FRONTEND",
"LC_ALL" and
"PATH") are preserved.
Example: Preparing a chroot for use with autopkgtest
--customize-hook='chroot "$1" passwd --delete root'
--customize-hook='chroot "$1" useradd --home-dir /home/user
--create-home user'
--customize-hook='chroot "$1" passwd --delete user'
--customize-hook='echo host > "$1/etc/hostname"'
--customize-hook='echo "127.0.0.1 localhost host" >
"$1/etc/hosts"'
--customize-hook=/usr/share/autopkgtest/setup-commands/setup-testbed
Use as replacement for autopkgtest-build-qemu and vmdb2:
$ mmdebstrap --variant=important --include=linux-image-amd64 \
--customize-hook='chroot "$1" passwd --delete root' \
--customize-hook='chroot "$1" useradd --home-dir /home/user
--create-home user' \
--customize-hook='chroot "$1" passwd --delete user' \
--customize-hook='echo host > "$1/etc/hostname"' \
--customize-hook='echo "127.0.0.1 localhost host" >
"$1/etc/hosts"' \
--customize-hook=/usr/share/autopkgtest/setup-commands/setup-testbed \
unstable debian-unstable.tar
$ cat << END > extlinux.conf
> default linux
> timeout 0
>
> label linux
> kernel /vmlinuz
> append initrd=/initrd.img root=/dev/vda1 rw console=ttyS0
END
$ guestfish -N debian-unstable.img=disk:2G -- \
part-disk /dev/sda mbr : \
part-set-bootable /dev/sda 1 true : \
mkfs ext2 /dev/sda1 : mount /dev/sda1 / : \
tar-in debian-unstable.tar / : \
extlinux / : \
copy-in extlinux.conf /
$ qemu-img convert -O qcow2 debian-unstable.img debian-unstable.qcow2
signature.asc
Description: signature
