Created
March 11, 2024 15:31
-
-
Save morgan9e/3085d3dc13cc4def8afaa451f2537896 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo $0 $@ $(pwd) | |
| cd "$(dirname "$0")" | |
| mkdir -p rootfs upper squash | |
| ./busybox tar xzf utils.tar.gz | |
| ./busybox sh -c "utils/squashfuse ./root.sqsh ./squash" | |
| ./busybox sh -c "utils/unionfs -o cow upper=RW:squash=RO rootfs" | |
| ./busybox sh -c "mkdir ./app ./rootfs/app" | |
| ./busybox sh -c "utils/bwrap \ | |
| --bind ./rootfs / \ | |
| --dev-bind /dev /dev \ | |
| --proc /proc \ | |
| --tmpfs /tmp \ | |
| --ro-bind /sys /sys \ | |
| --dir /var/tmp \ | |
| --ro-bind ./app /app \ | |
| --bind /home/$USER/ /home/user/ \ | |
| --ro-bind /sys/block /sys/block \ | |
| --ro-bind /sys/bus /sys/bus \ | |
| --ro-bind /sys/class /sys/class \ | |
| --ro-bind /sys/dev /sys/dev \ | |
| --ro-bind /sys/devices /sys/devices \ | |
| --ro-bind /etc/resolv.conf /etc/resolv.conf \ | |
| --unshare-net \ | |
| --unshare-ipc \ | |
| --unshare-pid \ | |
| --unshare-uts \ | |
| --unshare-cgroup \ | |
| --unshare-all \ | |
| --hostname virt \ | |
| --setenv HOME /home/user \ | |
| --setenv USER user \ | |
| --setenv PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/app \ | |
| --dir /run/user/$(id -u) \ | |
| /bin/bash" | |
| ./busybox sh -c "umount ./rootfs" | |
| ./busybox sh -c "umount ./squash" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -lt 2 ]; then | |
| echo "Usage: $0 <init> <files...>" | |
| exit 1 | |
| fi | |
| out=$(mktemp) | |
| init="$1" | |
| shift | |
| files=("$@") | |
| cat > ${out} <<EOF | |
| #!/bin/bash | |
| PAYLOAD_LINE=__PAYLOAD_LINE__ | |
| TEMP_DIR=\$(mktemp -d) | |
| cleanup() { | |
| rm -rf "\$TEMP_DIR" | |
| } | |
| trap cleanup EXIT | |
| tail -n +\$PAYLOAD_LINE "\$0" | tar x -C "\$TEMP_DIR" | |
| chmod +x "\$TEMP_DIR/${init}" | |
| cd \$TEMP_DIR | |
| EXTRACTED="\$TEMP_DIR" "\$TEMP_DIR/${init}" "\$@" | |
| exit 0 | |
| EOF | |
| echo "## DATA ##" >> ${out} | |
| tar cvf - "$init" "${files[@]}" >> ${out} | |
| payload_line=$(grep -n '^## DATA ##' -oa ${out} | cut -d: -f1) | |
| payload_line=$((payload_line + 1)) | |
| sed -i "s/PAYLOAD_LINE=__PAYLOAD_LINE__/PAYLOAD_LINE=${payload_line}/" ${out} | |
| cat ${out}; | |
| rm ${out} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment