2021-03-26 18:03:50 +01:00
|
|
|
#!/usr/bin/env bash
|
|
|
|
|
2021-06-22 10:51:01 +02:00
|
|
|
## Dependencies: bash fuse2 (or fuse3) tar coreutils
|
2021-03-26 18:03:50 +01:00
|
|
|
|
|
|
|
# Prevent launching as root
|
2021-05-28 11:42:43 +02:00
|
|
|
if [ $EUID = 0 ] && [ -z "$ALLOW_ROOT" ]; then
|
|
|
|
echo "Do not run this script as root!"
|
|
|
|
echo
|
|
|
|
echo "If you really need to run it as root and you know what you are doing,"
|
|
|
|
echo "set ALLOW_ROOT environment variable."
|
2021-03-27 11:01:24 +01:00
|
|
|
|
2021-05-28 11:42:43 +02:00
|
|
|
exit 1
|
2021-03-26 18:03:50 +01:00
|
|
|
fi
|
|
|
|
|
2021-06-29 22:20:23 +02:00
|
|
|
script_version="1.14"
|
2021-05-25 15:31:21 +02:00
|
|
|
|
2021-03-26 18:03:50 +01:00
|
|
|
# Full path to the script
|
2021-03-28 13:35:24 +02:00
|
|
|
script_literal="${BASH_SOURCE[0]}"
|
|
|
|
script_name="$(basename "${script_literal}")"
|
|
|
|
script="$(readlink -f "${script_literal}")"
|
2021-03-26 18:03:50 +01:00
|
|
|
|
2021-04-02 20:24:21 +02:00
|
|
|
# MD5 of the last 1 MB of the script
|
|
|
|
script_md5="$(tail -c 1000000 "${script}" | md5sum | head -c 7)"
|
|
|
|
|
|
|
|
script_id="${RANDOM}"
|
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
# Working directory where the utils will be extracted
|
|
|
|
# And where the squashfs image will be mounted
|
2021-06-08 16:13:49 +02:00
|
|
|
# The default path is /tmp/scriptname_username_scriptmd5
|
|
|
|
# And if /tmp is mounted with noexec, the default path
|
|
|
|
# is ~/.local/share/Conty/scriptname_username_scriptmd5
|
|
|
|
conty_dir_name="$(basename "${script}")"_"${USER}"_"${script_md5}"
|
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
if [ -z "${BASE_DIR}" ]; then
|
2021-06-08 16:13:49 +02:00
|
|
|
export working_dir=/tmp/"${conty_dir_name}"
|
2021-05-19 10:39:01 +02:00
|
|
|
else
|
2021-06-08 16:13:49 +02:00
|
|
|
export working_dir="${BASE_DIR}"/"${conty_dir_name}"
|
2021-05-19 10:39:01 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
mount_point="${working_dir}"/mnt
|
2021-03-26 18:03:50 +01:00
|
|
|
|
|
|
|
# It's important to set correct sizes below, otherwise there will be
|
|
|
|
# a problem with mounting the squashfs image due to an incorrectly calculated offset.
|
|
|
|
|
|
|
|
# The size of this script
|
2021-06-29 22:20:23 +02:00
|
|
|
scriptsize=20449
|
2021-03-26 18:03:50 +01:00
|
|
|
|
|
|
|
# The size of the utils.tar archive
|
|
|
|
# utils.tar contains bwrap and squashfuse binaries
|
2021-06-10 16:58:12 +02:00
|
|
|
utilssize=4679680
|
2021-03-26 18:03:50 +01:00
|
|
|
|
|
|
|
# Offset where the squashfs image is stored
|
|
|
|
offset=$((scriptsize+utilssize))
|
|
|
|
|
2021-05-20 11:35:14 +02:00
|
|
|
if [ "$1" = "--help" ] || [ "$1" = "-h" ] || ([ -z "$1" ] && [ ! -L "${script_literal}" ]); then
|
2021-03-28 13:35:24 +02:00
|
|
|
echo "Usage: ./conty.sh command command_arguments"
|
|
|
|
echo
|
2021-03-26 18:03:50 +01:00
|
|
|
echo "Arguments:"
|
|
|
|
echo
|
2021-05-25 15:31:21 +02:00
|
|
|
echo -e "-v \tShow version of this script"
|
2021-04-12 11:23:29 +02:00
|
|
|
echo -e "-e \tExtract the squashfs image"
|
|
|
|
echo -e "-o \tShow the squashfs image offset"
|
2021-05-04 17:11:51 +02:00
|
|
|
echo -e "-u \tUpdate all packages inside the container"
|
|
|
|
echo -e "\tThis will update all packages inside the container and will rebuild"
|
|
|
|
echo -e "\tthe squashfs image. This may take quite a lot of time, depending"
|
2021-05-25 15:31:21 +02:00
|
|
|
echo -e "\ton your hardware and internet speed. Additional disk space"
|
2021-05-20 11:35:14 +02:00
|
|
|
echo -e "\t(about 6x the size of the current file) is needed during"
|
2021-05-04 17:11:51 +02:00
|
|
|
echo -e "\tthe update process."
|
|
|
|
echo -e "-U \tThe same as -u but will also update the init script (conty-start.sh)"
|
|
|
|
echo -e "\tand the integrated utils directly from the GitHub repo."
|
2021-03-26 18:03:50 +01:00
|
|
|
echo
|
|
|
|
echo "Environment variables:"
|
|
|
|
echo
|
|
|
|
echo -e "DISABLE_NET \tDisables network access"
|
|
|
|
echo -e "SANDBOX \tEnables filesystem sandbox"
|
2021-03-27 11:32:34 +01:00
|
|
|
echo -e "BIND \t\tBinds directories and files (separated by space) from host"
|
|
|
|
echo -e "\t\tsystem to the container. All specified items must exist."
|
|
|
|
echo -e "\t\tFor example, BIND=\"/home/username/.config /etc/pacman.conf\""
|
2021-03-28 14:10:36 +02:00
|
|
|
echo -e "HOME_DIR \tSets HOME directory to a custom location."
|
|
|
|
echo -e "\t\tFor example, HOME_DIR=\"/home/username/custom_home\""
|
2021-03-28 14:37:46 +02:00
|
|
|
echo -e "USE_SYS_UTILS \tMakes the script to use squashfuse and bwrap"
|
|
|
|
echo -e "\t\tinstalled on the system instead of the builtin ones."
|
|
|
|
echo -e "\t\tIf you want to enable this variable, please make sure"
|
2021-03-28 14:39:37 +02:00
|
|
|
echo -e "\t\tthat bubblewrap and squashfuse are installed on your system"
|
2021-03-28 14:37:46 +02:00
|
|
|
echo -e "\t\tand that squashfuse supports the compression algo the image"
|
|
|
|
echo -e "\t\twas built with."
|
2021-03-30 10:08:20 +02:00
|
|
|
echo -e "NVIDIA_FIX \tAutomatically download and bind the required Nvidia"
|
|
|
|
echo -e "\t\tlibraries if the kernel module version in the system differs"
|
|
|
|
echo -e "\t\tfrom the Nvidia libraries version inside the container."
|
|
|
|
echo -e "\t\tThis should fix the graphics acceleration problems on Nvidia."
|
2021-04-01 12:42:02 +02:00
|
|
|
echo -e "SUDO_MOUNT \tMakes the script to mount the squashfs image by using"
|
|
|
|
echo -e "\t\tthe regular mount command instead of squashfuse. In this"
|
|
|
|
echo -e "\t\tcase root rights will be requested (via sudo) when mounting"
|
|
|
|
echo -e "\t\tand unmounting."
|
2021-04-01 13:00:03 +02:00
|
|
|
echo -e "BASE_DIR \tSets custom directory where Conty will extract"
|
|
|
|
echo -e "\t\tits builtin utilities and mount the squashfs image."
|
|
|
|
echo -e "\t\tThe default location is /tmp."
|
2021-06-29 22:20:23 +02:00
|
|
|
echo -e "QUIET_MODE \tDisables all non-error Conty messages."
|
|
|
|
echo -e "\t\tDoesn't affect the output of applications."
|
2021-03-26 18:03:50 +01:00
|
|
|
echo
|
2021-05-22 11:33:44 +02:00
|
|
|
echo "Additional notes:"
|
|
|
|
echo
|
2021-03-28 14:10:36 +02:00
|
|
|
echo "If you enable SANDBOX but don't set BIND or HOME_DIR, then"
|
2021-05-04 17:11:51 +02:00
|
|
|
echo "no directories will be available at all and a fake temporary HOME"
|
|
|
|
echo "directory will be used."
|
2021-03-28 13:35:24 +02:00
|
|
|
echo
|
2021-05-04 17:11:51 +02:00
|
|
|
echo "If the script is a symlink to itself but with a different name,"
|
2021-03-28 14:10:36 +02:00
|
|
|
echo "then the symlinked script will automatically run a program according"
|
|
|
|
echo "to its name. For instance, if the script is a symlink with the name \"wine\","
|
2021-05-20 11:35:14 +02:00
|
|
|
echo "then it will automatically run wine during launch."
|
2021-05-22 11:33:44 +02:00
|
|
|
echo
|
|
|
|
echo "Besides updating all packages, you can also remove and install packages using"
|
|
|
|
echo "the same -u (or -U) argument. To install packages add them as additional"
|
|
|
|
echo "arguments, and to remove packages add a minus sign (-) before their names."
|
|
|
|
echo "To install: ./conty.sh -u pkgname1 pkgname2 pkgname3"
|
|
|
|
echo "To remove: ./conty.sh -u -pkgname1 -pkgname2 -pkgname3"
|
|
|
|
echo "In this case Conty will update all packages and will additionally"
|
|
|
|
echo "install and/or remove specified packages."
|
2021-05-25 15:31:21 +02:00
|
|
|
exit
|
|
|
|
elif [ "$1" = "-v" ]; then
|
|
|
|
echo "${script_version}"
|
2021-05-27 17:01:19 +02:00
|
|
|
|
2021-03-26 18:03:50 +01:00
|
|
|
exit
|
|
|
|
elif [ "$1" = "-e" ]; then
|
|
|
|
if command -v unsquashfs 1>/dev/null; then
|
2021-04-12 11:23:29 +02:00
|
|
|
unsquashfs -o $offset -user-xattrs -d "$(basename "${script}")"_files "${script}"
|
2021-03-26 18:03:50 +01:00
|
|
|
else
|
|
|
|
echo "To extract the image install squashfs-tools."
|
|
|
|
fi
|
2021-03-27 11:01:24 +01:00
|
|
|
|
2021-03-26 18:03:50 +01:00
|
|
|
exit
|
|
|
|
elif [ "$1" = "-o" ]; then
|
|
|
|
echo $offset
|
2021-03-27 11:01:24 +01:00
|
|
|
|
2021-05-04 17:11:51 +02:00
|
|
|
exit
|
2021-06-08 18:45:57 +02:00
|
|
|
fi
|
|
|
|
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg () {
|
|
|
|
if [ "${QUIET_MODE}" != 1 ]; then
|
|
|
|
echo "$@"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2021-06-08 18:45:57 +02:00
|
|
|
exec_test () {
|
|
|
|
mkdir -p "${working_dir}"
|
|
|
|
|
|
|
|
exec_test_file="${working_dir}"/exec_test
|
|
|
|
|
|
|
|
rm -f "${exec_test_file}"
|
|
|
|
touch "${exec_test_file}"
|
|
|
|
chmod +x "${exec_test_file}"
|
|
|
|
|
2021-06-22 10:51:01 +02:00
|
|
|
[ -x "${exec_test_file}" ]
|
2021-06-08 18:45:57 +02:00
|
|
|
}
|
|
|
|
|
2021-06-09 20:46:31 +02:00
|
|
|
launch_wrapper () {
|
|
|
|
if [ "$1" = "mount" ]; then
|
|
|
|
${use_sudo} "$@"
|
|
|
|
elif [ "${USE_SYS_UTILS}" = 1 ]; then
|
|
|
|
"$@"
|
|
|
|
else
|
|
|
|
"${working_dir}"/utils/ld-linux-x86-64.so.2 --library-path "${working_dir}"/utils "$@"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2021-06-08 18:45:57 +02:00
|
|
|
# Check if FUSE2 is installed when SUDO_MOUNT is not enabled
|
2021-06-09 20:46:31 +02:00
|
|
|
if [ "${SUDO_MOUNT}" != 1 ]; then
|
|
|
|
if ! command -v fusermount3 1>/dev/null && ! command -v fusermount 1>/dev/null; then
|
|
|
|
echo "Please install fuse2 or fuse3 and run the script again!"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if command -v fusermount3 1>/dev/null; then
|
|
|
|
fuse_version=3
|
|
|
|
fi
|
2021-06-08 18:45:57 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Extract utils.tar
|
|
|
|
mkdir -p "${working_dir}"
|
|
|
|
|
|
|
|
if [ "${USE_SYS_UTILS}" != 1 ]; then
|
|
|
|
# Check if filesystem of the working_dir is mounted without noexec
|
|
|
|
if ! exec_test; then
|
|
|
|
if [ -z "${BASE_DIR}" ]; then
|
|
|
|
export working_dir="${HOME}"/.local/share/Conty/"${conty_dir_name}"
|
|
|
|
mount_point="${working_dir}"/mnt
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! exec_test; then
|
|
|
|
echo "Seems like /tmp is mounted with noexec or you don't have write access!"
|
|
|
|
echo "Please remount it without noexec or set BASE_DIR to a different location."
|
|
|
|
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2021-06-09 20:46:31 +02:00
|
|
|
mount_tool="${working_dir}"/utils/squashfuse${fuse_version}
|
2021-06-08 18:45:57 +02:00
|
|
|
bwrap="${working_dir}"/utils/bwrap
|
|
|
|
|
|
|
|
if [ ! -f "${mount_tool}" ] || [ ! -f "${bwrap}" ]; then
|
|
|
|
tail -c +$((scriptsize+1)) "${script}" | head -c $utilssize > "${working_dir}"/utils.tar
|
|
|
|
tar -C "${working_dir}" -xf "${working_dir}"/utils.tar
|
|
|
|
rm -f "${working_dir}"/utils.tar
|
|
|
|
|
|
|
|
if [ ! -f "${mount_tool}" ] || [ ! -f "${bwrap}" ]; then
|
|
|
|
clear
|
|
|
|
echo "The utilities were not extracted!"
|
|
|
|
echo "Perhaps something is wrong with the integrated utils.tar."
|
|
|
|
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
chmod +x "${mount_tool}"
|
|
|
|
chmod +x "${bwrap}"
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
if ! command -v bwrap 1>/dev/null; then
|
|
|
|
echo "USE_SYS_UTILS is enabled, but bwrap is not installed!"
|
|
|
|
echo "Please install it and run the script again."
|
|
|
|
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! command -v squashfuse 1>/dev/null && [ "${SUDO_MOUNT}" != 1 ]; then
|
|
|
|
echo "USE_SYS_UTILS is enabled, but squshfuse is not installed!"
|
|
|
|
echo "Please install it and run the script again."
|
|
|
|
echo "Or enable SUDO_MOUNT to mount the image using the regular"
|
|
|
|
echo "mount command instead of squashfuse."
|
|
|
|
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Using system-wide squashfuse and bwrap"
|
2021-06-08 18:45:57 +02:00
|
|
|
|
|
|
|
mount_tool=squashfuse
|
|
|
|
bwrap=bwrap
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ "${SUDO_MOUNT}" = 1 ]; then
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Using regular mount command (sudo mount) instead of squashfuse"
|
2021-06-08 18:45:57 +02:00
|
|
|
|
|
|
|
mount_tool=mount
|
|
|
|
use_sudo=sudo
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ "$1" = "-u" ] || [ "$1" = "-U" ]; then
|
2021-05-04 17:11:51 +02:00
|
|
|
OLD_PWD="${PWD}"
|
|
|
|
|
2021-05-06 12:41:22 +02:00
|
|
|
# Check if current directory is writable
|
|
|
|
# And if it's not, use ~/.local/share/Conty as a working directory
|
|
|
|
if ! touch test_rw 2>/dev/null; then
|
|
|
|
update_temp_dir="${HOME}"/.local/share/Conty/conty_update_temp
|
|
|
|
else
|
|
|
|
update_temp_dir="${OLD_PWD}"/conty_update_temp
|
|
|
|
fi
|
|
|
|
rm -f test_rw
|
2021-05-19 10:07:49 +02:00
|
|
|
|
2021-05-06 12:41:22 +02:00
|
|
|
# Remove conty_update_temp directory if it already exists
|
|
|
|
chmod -R 700 "${update_temp_dir}" 2>/dev/null
|
|
|
|
rm -rf "${update_temp_dir}"
|
|
|
|
|
|
|
|
mkdir -p "${update_temp_dir}"
|
|
|
|
cd "${update_temp_dir}" || exit 1
|
2021-05-04 17:11:51 +02:00
|
|
|
|
|
|
|
# Since Conty is used here to update itself, it's necessary to disable
|
2021-06-08 18:45:57 +02:00
|
|
|
# some environment variables for this to work properly
|
|
|
|
unset NVIDIA_FIX
|
2021-05-04 17:11:51 +02:00
|
|
|
unset DISABLE_NET
|
2021-06-01 19:24:10 +02:00
|
|
|
unset HOME_DIR
|
2021-06-08 18:45:57 +02:00
|
|
|
unset BIND
|
|
|
|
|
|
|
|
# Enable SANDBOX
|
|
|
|
export SANDBOX=1
|
2021-05-04 17:11:51 +02:00
|
|
|
|
|
|
|
# Extract the squashfs image
|
|
|
|
clear
|
|
|
|
echo "Extracting the squashfs image"
|
2021-06-08 18:45:57 +02:00
|
|
|
bash "${script}" --bind "${update_temp_dir}" "${update_temp_dir}" \
|
|
|
|
--bind "${script}" /tmp/conty.sh \
|
|
|
|
unsquashfs -o $offset -user-xattrs -d sqfs /tmp/conty.sh
|
2021-05-04 17:11:51 +02:00
|
|
|
|
|
|
|
# Download or extract the utils.tar and the init script depending
|
|
|
|
# on what command line argument is used (-u or -U)
|
|
|
|
clear
|
|
|
|
if [ "$1" = "-U" ] && command -v wget 1>/dev/null; then
|
|
|
|
echo "Downloading the init script and the utils"
|
|
|
|
wget -q --show-progress "https://github.com/Kron4ek/Conty/raw/master/conty-start.sh"
|
|
|
|
wget -q --show-progress "https://github.com/Kron4ek/Conty/raw/master/utils.tar"
|
2021-05-06 21:26:31 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
if [ ! -s conty-start.sh ] || [ ! -s utils.tar ]; then
|
2021-05-04 17:11:51 +02:00
|
|
|
echo "Extracting the init script and the integrated utils"
|
|
|
|
tail -c +$((scriptsize+1)) "${script}" | head -c $utilssize > utils.tar
|
|
|
|
head -c $scriptsize "${script}" > conty-start.sh
|
|
|
|
fi
|
|
|
|
|
2021-05-07 17:17:57 +02:00
|
|
|
# Check if there are additional arguments passed
|
|
|
|
shift
|
|
|
|
if [ -n "$1" ]; then
|
2021-05-22 11:33:44 +02:00
|
|
|
packagelist="$@"
|
|
|
|
|
|
|
|
# Check which packages to install and which ones to remove
|
|
|
|
for i in ${packagelist}; do
|
|
|
|
if [ "$(echo "${i}" | head -c 1)" = "-" ]; then
|
|
|
|
export pkgsremove="${pkgsremove} $(echo "${i}" | tail -c +2)"
|
|
|
|
else
|
|
|
|
export pkgsinstall="${pkgsinstall} ${i}"
|
|
|
|
fi
|
|
|
|
done
|
2021-05-07 17:17:57 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Generate a script to perform inside Conty
|
|
|
|
# It updates Arch mirrorlist
|
|
|
|
# Updates keyrings
|
|
|
|
# Updates all installed packages
|
|
|
|
# Installs additional packages (if requested)
|
2021-05-22 11:33:44 +02:00
|
|
|
# Removes packages (if requested)
|
2021-05-07 17:17:57 +02:00
|
|
|
# Clears package cache
|
2021-05-22 11:33:44 +02:00
|
|
|
# Updates SSL CA certificates
|
2021-05-27 16:29:08 +02:00
|
|
|
# Generates locales
|
2021-05-07 17:17:57 +02:00
|
|
|
cat <<EOF > container-update.sh
|
2021-05-27 16:29:08 +02:00
|
|
|
reflector --protocol https --score 3 --sort rate --save /etc/pacman.d/mirrorlist
|
|
|
|
fakeroot -- pacman -Syy 2>/dev/null
|
|
|
|
fakeroot -- pacman --noconfirm -S archlinux-keyring 2>/dev/null
|
|
|
|
fakeroot -- pacman --noconfirm -S chaotic-keyring 2>/dev/null
|
2021-05-07 17:17:57 +02:00
|
|
|
rm -rf /etc/pacman.d/gnupg
|
|
|
|
fakeroot -- pacman-key --init
|
2021-06-23 10:23:43 +02:00
|
|
|
echo "keyserver hkps://keyserver.ubuntu.com" >> /etc/pacman.d/gnupg/gpg.conf
|
2021-05-07 17:17:57 +02:00
|
|
|
fakeroot -- pacman-key --populate archlinux
|
|
|
|
fakeroot -- pacman-key --populate chaotic
|
2021-05-27 16:29:08 +02:00
|
|
|
fakeroot -- pacman --noconfirm --overwrite "*" -Su 2>/dev/null
|
|
|
|
fakeroot -- pacman --noconfirm -Runs ${pkgsremove} 2>/dev/null
|
2021-05-27 17:01:19 +02:00
|
|
|
fakeroot -- pacman --noconfirm -S ${pkgsinstall} 2>/dev/null
|
2021-05-07 17:17:57 +02:00
|
|
|
rm -f /var/cache/pacman/pkg/*
|
|
|
|
update-ca-trust
|
2021-05-27 16:29:08 +02:00
|
|
|
locale-gen
|
2021-05-07 17:17:57 +02:00
|
|
|
EOF
|
2021-05-04 17:11:51 +02:00
|
|
|
|
2021-06-01 19:24:10 +02:00
|
|
|
rm -f sqfs/etc/resolv.conf
|
|
|
|
cp /etc/resolv.conf sqfs/etc/resolv.conf
|
|
|
|
mkdir -p sqfs/run/shm
|
2021-05-06 21:26:31 +02:00
|
|
|
|
2021-05-07 17:17:57 +02:00
|
|
|
# Execute the previously generated script
|
2021-05-04 17:11:51 +02:00
|
|
|
clear
|
2021-05-07 17:17:57 +02:00
|
|
|
echo "Updating and installing packages"
|
2021-06-01 19:24:10 +02:00
|
|
|
bash "${script}" --bind sqfs / --ro-bind /sys /sys --dev-bind /dev /dev \
|
|
|
|
--proc /proc --bind "${update_temp_dir}" "${update_temp_dir}" \
|
|
|
|
bash container-update.sh
|
2021-05-04 17:11:51 +02:00
|
|
|
|
|
|
|
# Create a squashfs image
|
|
|
|
clear
|
|
|
|
echo "Creating a squashfs image"
|
2021-06-08 18:45:57 +02:00
|
|
|
bash "${script}" --bind "${update_temp_dir}" "${update_temp_dir}" \
|
|
|
|
mksquashfs sqfs image -b 256K -comp zstd -Xcompression-level 14
|
2021-05-04 17:11:51 +02:00
|
|
|
|
|
|
|
# Combine into a single executable
|
|
|
|
clear
|
|
|
|
echo "Combining everything into a single executable"
|
2021-05-06 12:41:22 +02:00
|
|
|
cat conty-start.sh utils.tar image > conty_updated.sh
|
|
|
|
chmod +x conty_updated.sh
|
2021-05-04 17:11:51 +02:00
|
|
|
|
2021-06-08 18:45:57 +02:00
|
|
|
mv -f "${script}" "${script}".old."${script_md5}" 2>/dev/null
|
|
|
|
mv -f conty_updated.sh "${script}" 2>/dev/null || move_failed=1
|
|
|
|
|
|
|
|
if [ "${move_failed}" = 1 ]; then
|
|
|
|
mv -f conty_updated.sh "${OLD_PWD}" 2>/dev/null || \
|
|
|
|
mv -f conty_updated.sh "${HOME}" 2>/dev/null
|
|
|
|
fi
|
2021-05-04 17:11:51 +02:00
|
|
|
|
2021-05-06 12:41:22 +02:00
|
|
|
chmod -R 700 sqfs 2>/dev/null
|
|
|
|
rm -rf "${update_temp_dir}"
|
2021-05-04 17:11:51 +02:00
|
|
|
|
|
|
|
clear
|
|
|
|
echo "Conty has been updated!"
|
|
|
|
|
2021-06-08 18:45:57 +02:00
|
|
|
if [ "${move_failed}" = 1 ]; then
|
|
|
|
echo
|
|
|
|
echo "Replacing ${script} with the new one failed!"
|
|
|
|
echo
|
|
|
|
echo "You can find conty_updated.sh in the current working"
|
|
|
|
echo "directory or in your HOME."
|
2021-03-28 14:37:46 +02:00
|
|
|
fi
|
2021-03-29 15:33:43 +02:00
|
|
|
|
2021-06-08 18:45:57 +02:00
|
|
|
exit
|
2021-03-28 14:37:46 +02:00
|
|
|
fi
|
2021-03-26 18:03:50 +01:00
|
|
|
|
|
|
|
run_bwrap () {
|
2021-05-20 11:51:11 +02:00
|
|
|
if [ "$DISABLE_NET" = 1 ]; then
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Network is disabled"
|
2021-03-27 11:01:24 +01:00
|
|
|
|
2021-03-26 18:03:50 +01:00
|
|
|
net="--unshare-net"
|
|
|
|
fi
|
2021-03-27 11:01:24 +01:00
|
|
|
|
2021-05-20 11:51:11 +02:00
|
|
|
if [ "$SANDBOX" = 1 ]; then
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Filesystem sandbox is enabled"
|
2021-03-31 13:59:09 +02:00
|
|
|
|
|
|
|
dirs="--tmpfs /home --dir ${HOME} --tmpfs /opt --tmpfs /mnt \
|
|
|
|
--tmpfs /media --tmpfs /var --tmpfs /run --symlink /run /var/run \
|
2021-05-20 11:06:53 +02:00
|
|
|
--bind-try /run/user /run/user --bind-try /run/dbus /run/dbus \
|
|
|
|
--tmpfs /tmp --ro-bind-try /tmp/.X11-unix /tmp/.X11-unix"
|
2021-03-29 15:33:43 +02:00
|
|
|
|
2021-03-28 14:10:36 +02:00
|
|
|
# unshare="--unshare-user-try --unshare-pid --unshare-uts --unshare-cgroup-try \
|
2021-03-28 14:37:46 +02:00
|
|
|
# --hostname Conty"
|
2021-03-26 18:03:50 +01:00
|
|
|
else
|
2021-03-31 13:59:09 +02:00
|
|
|
dirs="--bind-try /home /home --bind-try /mnt /mnt --bind-try /opt /opt \
|
2021-05-28 11:33:48 +02:00
|
|
|
--bind-try /media /media --bind-try /run /run --bind-try /var /var \
|
|
|
|
--bind-try ${HOME} ${HOME}"
|
2021-03-26 18:03:50 +01:00
|
|
|
fi
|
2021-03-27 11:01:24 +01:00
|
|
|
|
2021-05-20 11:23:23 +02:00
|
|
|
if [ -n "${HOME_DIR}" ]; then
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Set home directory to ${HOME_DIR}"
|
2021-05-20 11:23:23 +02:00
|
|
|
dirs="${dirs} --bind ${HOME_DIR} ${HOME}"
|
|
|
|
fi
|
|
|
|
|
2021-03-27 11:32:34 +01:00
|
|
|
if [ -n "$BIND" ]; then
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Bound items: ${BIND}"
|
2021-03-27 11:32:34 +01:00
|
|
|
|
|
|
|
for i in ${BIND}; do
|
|
|
|
bind="${bind} --bind ${i} ${i}"
|
|
|
|
done
|
|
|
|
|
|
|
|
dirs="${dirs} ${bind}"
|
|
|
|
fi
|
|
|
|
|
2021-05-28 11:22:29 +02:00
|
|
|
# Set XAUTHORITY variable if it's missing (which is unlikely)
|
|
|
|
if [ -z "${XAUTHORITY}" ]; then
|
|
|
|
XAUTHORITY="${HOME}"/.Xauthority
|
|
|
|
fi
|
|
|
|
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg
|
2021-03-26 18:03:50 +01:00
|
|
|
|
2021-06-09 20:46:31 +02:00
|
|
|
launch_wrapper "${bwrap}" --ro-bind "${mount_point}" / \
|
2021-03-26 18:03:50 +01:00
|
|
|
--dev-bind /dev /dev \
|
|
|
|
--ro-bind /sys /sys \
|
2021-03-31 13:59:09 +02:00
|
|
|
--bind-try /tmp /tmp \
|
|
|
|
--proc /proc \
|
2021-03-26 18:03:50 +01:00
|
|
|
--ro-bind-try /etc/resolv.conf /etc/resolv.conf \
|
|
|
|
--ro-bind-try /etc/hosts /etc/hosts \
|
|
|
|
--ro-bind-try /etc/nsswitch.conf /etc/nsswitch.conf \
|
2021-03-29 15:33:43 +02:00
|
|
|
--ro-bind-try /etc/passwd /etc/passwd \
|
|
|
|
--ro-bind-try /etc/group /etc/group \
|
2021-04-06 21:16:29 +02:00
|
|
|
--ro-bind-try /etc/machine-id /etc/machine-id \
|
|
|
|
--ro-bind-try /etc/asound.conf /etc/asound.conf \
|
2021-05-28 11:42:43 +02:00
|
|
|
--ro-bind-try /etc/localtime /etc/localtime \
|
2021-03-31 13:59:09 +02:00
|
|
|
${dirs} \
|
|
|
|
${net} \
|
|
|
|
${nvidia_driver_bind} \
|
2021-05-28 11:22:29 +02:00
|
|
|
--ro-bind-try "${XAUTHORITY}" "${XAUTHORITY}" \
|
2021-04-01 13:13:39 +02:00
|
|
|
--setenv PATH "${CUSTOM_PATH}" \
|
2021-03-26 18:03:50 +01:00
|
|
|
"$@"
|
|
|
|
}
|
|
|
|
|
2021-03-30 10:08:20 +02:00
|
|
|
# Function that checks if the Nvidia kernel module loaded in the
|
|
|
|
# system matches the version of the Nvidia libraries inside the container
|
|
|
|
# and downloads corresponding Nvidia libs from the official site if they
|
|
|
|
# are not the same. Also binds the downloaded libraries to the container.
|
|
|
|
#
|
|
|
|
# This is absolutely necessary for Nvidia GPUs, otherwise graphics
|
|
|
|
# acceleration will not work.
|
|
|
|
|
|
|
|
bind_nvidia_driver () {
|
|
|
|
# Path to store downloaded Nvidia drivers
|
|
|
|
nvidia_drivers_dir="${HOME}"/.local/share/Conty/nvidia-drivers
|
|
|
|
|
|
|
|
# Check if the Nvidia module is loaded
|
|
|
|
# If it's loaded, then likely Nvidia GPU is being used
|
2021-03-31 13:59:09 +02:00
|
|
|
if lsmod | grep nvidia 1>/dev/null || nvidia-smi 1>/dev/null; then
|
2021-03-30 10:08:20 +02:00
|
|
|
if nvidia-smi 1>/dev/null; then
|
|
|
|
nvidia_version="$(nvidia-smi --query-gpu=driver_version --format=csv,noheader)"
|
|
|
|
elif modinfo nvidia &>/dev/null; then
|
|
|
|
nvidia_version="$(modinfo -F version nvidia 2>/dev/null)"
|
|
|
|
else
|
|
|
|
if [ -d /usr/lib/x86_64-linux-gnu ]; then
|
|
|
|
nvidia_version="$(basename /usr/lib/x86_64-linux-gnu/libGLX_nvidia.so.*.* | tail -c +18)"
|
|
|
|
else
|
|
|
|
nvidia_version="$(basename /usr/lib/libGLX_nvidia.so.*.* | tail -c +18)"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Check if the kernel module version is different from the
|
|
|
|
# libraries version inside the container
|
|
|
|
if [ -n "${nvidia_version}" ]; then
|
2021-05-19 10:39:01 +02:00
|
|
|
nvidia_version_inside="$(basename "${mount_point}"/usr/lib/libGLX_nvidia.so.*.* | tail -c +18)"
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-03-30 10:08:20 +02:00
|
|
|
if [ "$(cat "${nvidia_drivers_dir}"/current_version.txt 2>/dev/null)" != "${nvidia_version}" ] \
|
|
|
|
&& [ "${nvidia_version}" != "${nvidia_version_inside}" ]; then
|
|
|
|
echo "Nvidia driver version mismatch detected, trying to fix"
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-05-19 10:07:49 +02:00
|
|
|
OLD_PWD="${PWD}"
|
|
|
|
|
2021-03-30 10:08:20 +02:00
|
|
|
mkdir -p "${nvidia_drivers_dir}"
|
|
|
|
cd "${nvidia_drivers_dir}"
|
|
|
|
|
|
|
|
rm -rf nvidia-driver
|
|
|
|
rm -f nvidia.run
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-03-30 10:08:20 +02:00
|
|
|
echo "Downloading Nvidia ${nvidia_version}, please wait"
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-03-30 10:08:20 +02:00
|
|
|
# Try to download from the default Nvidia url
|
|
|
|
driver_url="https://us.download.nvidia.com/XFree86/Linux-x86_64/${nvidia_version}/NVIDIA-Linux-x86_64-${nvidia_version}.run"
|
|
|
|
wget -q --show-progress "${driver_url}" -O nvidia.run
|
|
|
|
|
|
|
|
# If the previous download failed, get url from flathub
|
|
|
|
if [ ! -s nvidia.run ]; then
|
|
|
|
rm -f nvidia.run
|
|
|
|
driver_url="https:$(wget -q "https://raw.githubusercontent.com/flathub/org.freedesktop.Platform.GL.nvidia/master/data/nvidia-${nvidia_version}-i386.data" \
|
|
|
|
-O - | cut -d ':' -f 6)"
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-03-30 10:08:20 +02:00
|
|
|
wget -q --show-progress "${driver_url}" -O nvidia.run
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -s nvidia.run ]; then
|
|
|
|
chmod +x nvidia.run
|
|
|
|
echo "Unpacking nvidia.run..."
|
|
|
|
./nvidia.run -x &>/dev/null
|
|
|
|
rm nvidia.run
|
|
|
|
mv NVIDIA-Linux-x86_64-${nvidia_version} nvidia-driver
|
|
|
|
echo ${nvidia_version} > current_version.txt
|
|
|
|
fi
|
|
|
|
|
2021-05-19 10:07:49 +02:00
|
|
|
cd "${OLD_PWD}"
|
2021-03-30 10:08:20 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Bind the downloaded Nvidia libs to the container
|
|
|
|
if [ -d "${nvidia_drivers_dir}"/nvidia-driver ]; then
|
|
|
|
nvidia_libs_list="libcuda.so libEGL_nvidia.so libGLESv1_CM_nvidia.so \
|
|
|
|
libGLESv2_nvidia.so libGLX_nvidia.so libnvcuvid.so libnvidia-cbl.so \
|
|
|
|
libnvidia-cfg.so libnvidia-eglcore.so libnvidia-encode.so libnvidia-fbc.so \
|
|
|
|
libnvidia-glcore.so libnvidia-glsi.so libnvidia-glvkspirv.so libnvidia-ifr.so \
|
|
|
|
libnvidia-ml.so libnvidia-ngx.so libnvidia-opticalflow.so libnvidia-ptxjitcompiler.so \
|
|
|
|
libnvidia-rtcore.so libnvidia-tls.so libnvoptix.so"
|
|
|
|
|
|
|
|
for lib in ${nvidia_libs_list}; do
|
2021-05-19 10:39:01 +02:00
|
|
|
if [ -f "${mount_point}"/usr/lib/${lib}.${nvidia_version_inside} ]; then
|
2021-03-30 10:08:20 +02:00
|
|
|
nvidia_driver_bind="${nvidia_driver_bind} \
|
|
|
|
--ro-bind-try ${nvidia_drivers_dir}/nvidia-driver/${lib}.${nvidia_version} \
|
|
|
|
/usr/lib/${lib}.${nvidia_version_inside}"
|
|
|
|
fi
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
if [ -f "${mount_point}"/usr/lib32/${lib}.${nvidia_version_inside} ]; then
|
2021-03-30 10:08:20 +02:00
|
|
|
nvidia_driver_bind="${nvidia_driver_bind} \
|
|
|
|
--ro-bind-try ${nvidia_drivers_dir}/nvidia-driver/32/${lib}.${nvidia_version} \
|
|
|
|
/usr/lib32/${lib}.${nvidia_version_inside}"
|
|
|
|
fi
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
if [ -f "${mount_point}"/usr/lib/nvidia/xorg/libglxserver_nvidia.so.${nvidia_version_inside} ]; then
|
2021-03-30 10:08:20 +02:00
|
|
|
nvidia_driver_bind="${nvidia_driver_bind} \
|
|
|
|
--ro-bind-try ${nvidia_drivers_dir}/nvidia-driver/libglxserver_nvidia.so.${nvidia_version} \
|
|
|
|
/usr/lib/nvidia/xorg/libglxserver_nvidia.so.${nvidia_version_inside}"
|
|
|
|
fi
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
if [ -f "${mount_point}"/usr/lib/vdpau/libvdpau_nvidia.so.${nvidia_version_inside} ]; then
|
2021-03-30 10:08:20 +02:00
|
|
|
nvidia_driver_bind="${nvidia_driver_bind} \
|
|
|
|
--ro-bind-try ${nvidia_drivers_dir}/nvidia-driver/libvdpau_nvidia.so.${nvidia_version} \
|
|
|
|
/usr/lib/vdpau/libvdpau_nvidia.so.${nvidia_version_inside}"
|
|
|
|
fi
|
2021-03-31 13:59:09 +02:00
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
if [ -f "${mount_point}"/usr/lib32/vdpau/libvdpau_nvidia.so.${nvidia_version_inside} ]; then
|
2021-03-30 10:08:20 +02:00
|
|
|
nvidia_driver_bind="${nvidia_driver_bind} \
|
|
|
|
--ro-bind-try ${nvidia_drivers_dir}/nvidia-driver/32/libvdpau_nvidia.so.${nvidia_version} \
|
|
|
|
/usr/lib32/vdpau/libvdpau_nvidia.so.${nvidia_version_inside}"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2021-03-29 21:41:06 +02:00
|
|
|
trap_exit () {
|
2021-04-02 20:24:21 +02:00
|
|
|
rm -f "${working_dir}"/running_"${script_id}"
|
|
|
|
|
|
|
|
if [ ! "$(ls "${working_dir}"/running_* 2>/dev/null)" ]; then
|
2021-06-09 20:46:31 +02:00
|
|
|
fusermount${fuse_version} -uz "${mount_point}" 2>/dev/null || \
|
2021-05-19 10:39:01 +02:00
|
|
|
${use_sudo} umount --lazy "${mount_point}" 2>/dev/null
|
2021-04-02 20:24:21 +02:00
|
|
|
|
|
|
|
rm -rf "${working_dir}"
|
|
|
|
fi
|
|
|
|
|
2021-03-29 21:41:06 +02:00
|
|
|
exit
|
|
|
|
}
|
|
|
|
|
|
|
|
trap 'trap_exit' EXIT
|
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
# Mount the squashfs image
|
|
|
|
mkdir -p "${mount_point}"
|
2021-03-26 18:03:50 +01:00
|
|
|
|
2021-05-19 10:39:01 +02:00
|
|
|
if [ "$(ls "${mount_point}" 2>/dev/null)" ] || \
|
2021-06-09 20:46:31 +02:00
|
|
|
launch_wrapper "${mount_tool}" -o offset="${offset}",ro "${script}" "${mount_point}" ; then
|
2021-05-20 11:35:14 +02:00
|
|
|
|
2021-04-02 20:24:21 +02:00
|
|
|
echo 1 > "${working_dir}"/running_"${script_id}"
|
|
|
|
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Running Conty"
|
2021-03-28 13:35:24 +02:00
|
|
|
|
2021-05-20 11:51:11 +02:00
|
|
|
if [ "${NVIDIA_FIX}" = 1 ]; then
|
2021-03-30 10:08:20 +02:00
|
|
|
bind_nvidia_driver
|
|
|
|
fi
|
|
|
|
|
2021-05-20 11:35:14 +02:00
|
|
|
if [ -L "${script_literal}" ] && [ -f "${mount_point}"/usr/bin/"${script_name}" ]; then
|
2021-04-01 13:13:39 +02:00
|
|
|
export CUSTOM_PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/lib/jvm/default/bin"
|
|
|
|
|
2021-06-29 22:20:23 +02:00
|
|
|
show_msg "Autostarting ${script_name}"
|
2021-05-20 11:35:14 +02:00
|
|
|
run_bwrap "${script_name}" "$@"
|
2021-03-28 13:35:24 +02:00
|
|
|
else
|
2021-04-01 13:13:39 +02:00
|
|
|
export CUSTOM_PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/lib/jvm/default/bin:/usr/local/bin:/usr/local/sbin:${PATH}"
|
|
|
|
|
2021-05-20 11:35:14 +02:00
|
|
|
run_bwrap "$@"
|
2021-03-28 13:35:24 +02:00
|
|
|
fi
|
2021-03-26 18:03:50 +01:00
|
|
|
else
|
|
|
|
echo "Mounting the squashfs image failed!"
|
2021-03-27 11:01:24 +01:00
|
|
|
|
2021-03-26 18:03:50 +01:00
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
exit
|