Skip to content

Instantly share code, notes, and snippets.

@revskill10

revskill10/lfs.yml

Created May 22, 2026 18:17
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save revskill10/6b95be1221371b5fcbb74f6de1c5ecff to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save revskill10/6b95be1221371b5fcbb74f6de1c5ecff to your computer and use it in GitHub Desktop.
Download ZIP
LFS from scratch
Raw
lfs.yml
# =============================================================
# LFS Automator Configuration
# =============================================================
general:
lfs_version: "12.2"
# Number of parallel build jobs (make -jN)
jobs: 4
# Root mount point for the LFS build
mount_point: "/mnt/lfs"
# Where to store downloaded sources
sources_dir: "/mnt/lfs/sources"
# Log directory for build logs
log_dir: "/var/log/lfs-automator"
# LFS disk/partition
lfs_disk: "/dev/sdb"
# Keep build directories after install (useful for debugging)
keep_build_dirs: false
# Architecture
arch: "x86_64"
environment:
# Key environment variables set before builds
LFS: "/mnt/lfs"
LC_ALL: "POSIX"
LFS_TGT: "x86_64-lfs-linux-gnu"
PATH: "/tools/bin:/bin:/usr/bin"
MAKEFLAGS: "-j4"
CONFIG_SITE: "/etc/config_site"
# =============================================================
# Partitioning & Filesystem
# =============================================================
partitioning:
# "auto" = create partitions, "manual" = assume already partitioned
mode: "auto"
disk: "/dev/sdb"
# Whether to destroy all data on the disk
wipe_disk: true
partitions:
- name: "boot"
number: 1
start: "1MiB"
end: "512MiB"
type: "ef00" # EFI System Partition (or 83 for BIOS)
filesystem: "vfat"
mount_point: "/boot"
flags: ["boot", "esp"]
- name: "swap"
number: 2
start: "512MiB"
end: "4GiB"
type: "8200" # Linux swap
filesystem: "swap"
mount_point: ""
flags: []
- name: "root"
number: 3
start: "4GiB"
end: "100%"
type: "8300" # Linux filesystem
filesystem: "ext4"
mount_point: "/"
flags: []
# =============================================================
# Phase 5 — Building the LFS Cross-Toolchain (Temporary Tools)
# =============================================================
phase5_cross_toolchain:
packages:
- name: "binutils-pass1"
version: "2.42"
url: "https://sourceware.org/pub/binutils/releases/binutils-2.42.tar.xz"
sha256: "f6e4d41dd5fbdac213ebd0b2dca361a0e0c6ec95"
extract_dir: "binutils-2.42"
build_in_subdir: true
configure_flags:
- "--prefix=/tools"
- "--with-sysroot=$LFS"
- "--target=$LFS_TGT"
- "--disable-nls"
- "--enable-gprofng=no"
- "--disable-werror"
- "--enable-new-dtags"
- "--enable-default-hash-style=gnu"
make_targets: ["", "install"]
post_install: []
- name: "gcc-pass1"
version: "14.2.0"
url: "https://ftp.gnu.org/gnu/gcc/gcc-14.2.0/gcc-14.2.0.tar.xz"
sha256: "a7b397891b0e2a0e67e3f"
extract_dir: "gcc-14.2.0"
build_in_subdir: true
pre_configure:
- "tar -xf ../mpfr-4.2.1.tar.bz2"
- "mv -v mpfr-4.2.1 mpfr"
- "tar -xf ../gmp-6.3.0.tar.xz"
- "mv -v gmp-6.3.0 gmp"
- "tar -xf ../mpc-1.3.1.tar.gz"
- "mv -v mpc-1.3.1 mpc"
configure_flags:
- "--prefix=/tools"
- "--target=$LFS_TGT"
- "--with-sysroot=$LFS"
- "--with-newlib"
- "--without-headers"
- "--disable-shared"
- "--disable-multilib"
- "--disable-threads"
- "--disable-libssp"
- "--disable-libgomp"
- "--disable-libquadmath"
- "--enable-languages=c,c++"
make_targets: ["", "install"]
post_install:
- "ln -sv gcc /tools/bin/cc"
- name: "linux-api-headers"
version: "6.10"
url: "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.10.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "linux-6.10"
build_in_subdir: false
make_targets:
- "headers"
post_install:
- "cp -rv usr/include/* /tools/include/"
- name: "glibc"
version: "2.40"
url: "https://ftp.gnu.org/gnu/glibc/glibc-2.40.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "glibc-2.40"
build_in_subdir: true
pre_configure:
- "sed '/install-lib-all:/s/^/#/' -i Makefile"
configure_flags:
- "--prefix=/tools"
- "--host=$LFS_TGT"
- "--build=$(../scripts/config.guess)"
- "--enable-kernel=4.19"
- "--with-headers=/tools/include"
- "--disable-nscd"
- "--disable-werror"
make_targets: ["", "install"]
post_install:
- 'echo "tools/lib" > /tools/etc/ld.so.conf'
- "ldconfig -C /tools/etc/ld.so.cache"
- name: "libstdcxx"
version: "14.2.0"
url: "https://ftp.gnu.org/gnu/gcc/gcc-14.2.0/gcc-14.2.0.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "gcc-14.2.0"
subdir: "libstdc++-v3"
build_in_subdir: true
configure_flags:
- "--prefix=/tools"
- "--host=$LFS_TGT"
- "--disable-multilib"
- "--disable-nls"
- "--disable-libstdcxx-threads"
- "--disable-libstdcxx-pch"
make_targets: ["", "install"]
- name: "binutils-pass2"
version: "2.42"
url: "https://sourceware.org/pub/binutils/releases/binutils-2.42.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "binutils-2.42"
build_in_subdir: true
configure_flags:
- "--prefix=/tools"
- "--build=$(../config.guess)"
- "--host=$LFS_TGT"
- "--target=$LFS_TGT"
- "--disable-nls"
- "--enable-shared"
- "--enable-gprofng=no"
- "--disable-werror"
- "--enable-new-dtags"
- "--enable-default-hash-style=gnu"
make_targets: ["", "install"]
- name: "gcc-pass2"
version: "14.2.0"
url: "https://ftp.gnu.org/gnu/gcc/gcc-14.2.0/gcc-14.2.0.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "gcc-14.2.0"
build_in_subdir: true
pre_configure:
- "tar -xf ../mpfr-4.2.1.tar.bz2"
- "mv -v mpfr-4.2.1 mpfr"
- "tar -xf ../gmp-6.3.0.tar.xz"
- "mv -v gmp-6.3.0 gmp"
- "tar -xf ../mpc-1.3.1.tar.gz"
- "mv -v mpc-1.3.1 mpc"
configure_flags:
- "--prefix=/tools"
- "--build=$(../config.guess)"
- "--host=$LFS_TGT"
- "--target=$LFS_TGT"
- "--enable-languages=c,c++"
- "--disable-libstdcxx-pch"
- "--with-build-sysroot=$LFS"
make_targets: ["", "install"]
post_install:
- "ln -sv gcc /tools/bin/cc"
# =============================================================
# Phase 6 — Temporary System (chroot builds)
# =============================================================
phase6_temporary_system:
packages:
- name: "m4"
version: "1.4.19"
url: "https://ftp.gnu.org/gnu/m4/m4-1.4.19.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "m4-1.4.19"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "ncurses"
version: "6.5"
url: "https://invisible-island.net/archives/ncurses/ncurses-6.5.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "ncurses-6.5"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(./config.guess)"
- "--mandir=/usr/share/man"
- "--with-manpage-format=normal"
- "--with-shared"
- "--without-debug"
- "--without-ada"
- "--without-normal"
- "--enable-pc-files"
- "--with-pkg-config-libdir=/usr/lib/pkgconfig"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "bash"
version: "5.2.21"
url: "https://ftp.gnu.org/gnu/bash/bash-5.2.21.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "bash-5.2.21"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--build=$(support/config.guess)"
- "--host=$LFS_TGT"
- "--without-bash-malloc"
make_targets: ["", "DESTDIR=$LFS install"]
post_install:
- "ln -sv bash $LFS/bin/sh"
- name: "coreutils"
version: "9.5"
url: "https://ftp.gnu.org/gnu/coreutils/coreutils-9.5.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "coreutils-9.5"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
- "--enable-install-program=hostname"
- "--enable-no-install-program=kill,uptime"
make_targets: ["", "DESTDIR=$LFS install"]
post_install:
- "mv -v $LFS/usr/bin/chroot $LFS/usr/sbin"
- "mkdir -pv $LFS/usr/share/man/man8"
- "mv -v $LFS/usr/share/man/man1/chroot.1 $LFS/usr/share/man/man8/chroot.8"
- name: "findutils"
version: "4.9.0"
url: "https://ftp.gnu.org/gnu/findutils/findutils-4.9.0.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "findutils-4.9.0"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--localstatedir=/var/lib/locate"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "diffutils"
version: "3.10"
url: "https://ftp.gnu.org/gnu/diffutils/diffutils-3.10.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "diffutils-3.10"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(./configure --help; echo $HOSTTYPE-unknown-linux-gnu)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "make"
version: "4.4.1"
url: "https://ftp.gnu.org/gnu/make/make-4.4.1.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "make-4.4.1"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--without-guile"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "grep"
version: "3.11"
url: "https://ftp.gnu.org/gnu/grep/grep-3.11.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "grep-3.11"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "sed"
version: "4.9"
url: "https://ftp.gnu.org/gnu/sed/sed-4.9.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "sed-4.9"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "gettext"
version: "0.22.5"
url: "https://ftp.gnu.org/gnu/gettext/gettext-0.22.5.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "gettext-0.22.5"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--disable-shared"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "gzip"
version: "1.13"
url: "https://ftp.gnu.org/gnu/gzip/gzip-1.13.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "gzip-1.13"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "tar"
version: "1.35"
url: "https://ftp.gnu.org/gnu/tar/tar-1.35.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "tar-1.35"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "xz"
version: "5.6.2"
url: "https://tukaani.org/xz/xz-5.6.2.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "xz-5.6.2"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
- "--disable-static"
- "--docdir=/usr/share/doc/xz-5.6.2"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "file"
version: "5.45"
url: "https://astron.com/pub/file/file-5.45.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "file-5.45"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(./config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "awk"
version: "5.3.0"
url: "https://ftp.gnu.org/gnu/gawk/gawk-5.3.0.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "gawk-5.3.0"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "perl"
version: "5.40.0"
url: "https://www.cpan.org/src/5.0/perl-5.40.0.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "perl-5.40.0"
build_in_subdir: false
configure_command: "sh Configure"
configure_flags:
- "-des"
- "-Dprefix=/usr"
- "-Dvendorprefix=/usr"
- "-Duseshrplib"
- "-Dprivlib=/usr/lib/perl5/5.40/core_perl"
- "-Darchlib=/usr/lib/perl5/5.40/core_perl"
- "-Dsitelib=/usr/lib/perl5/5.40/site_perl"
- "-Dsitearch=/usr/lib/perl5/5.40/site_perl"
- "-Dvendorlib=/usr/lib/perl5/5.40/vendor_perl"
- "-Dvendorarch=/usr/lib/perl5/5.40/vendor_perl"
- "-Dman1dir=/usr/share/man/man1"
- "-Dman3dir=/usr/share/man/man3"
- "-Dman1ext=1"
- "-Dman3ext=3pm"
- "-Dcc=$LFS_TGT-gcc"
- "-Duseshrplib"
make_targets: ["", "DESTDIR=$LFS install"]
- name: "python"
version: "3.12.5"
url: "https://www.python.org/ftp/python/3.12.5/Python-3.12.5.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "Python-3.12.5"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--host=$LFS_TGT"
- "--build=$(build-aux/config.guess)"
- "--enable-shared"
- "--without-ensurepip"
make_targets: ["", "DESTDIR=$LFS install"]
post_install:
- "sed -i 's/install_path.*$/install_path = \"/usr\/lib\/python3.12\"/' $LFS/usr/lib/python3.12/_sysconfigdata__linux_x86_64-linux-gnu.py"
# =============================================================
# Phase 7 — Building the Final System (inside chroot)
# =============================================================
phase7_final_system:
packages:
# --- Core build tools ---
- name: "autoconf"
version: "2.72"
url: "https://ftp.gnu.org/gnu/autoconf/autoconf-2.72.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "autoconf-2.72"
build_in_subdir: false
configure_flags: ["--prefix=/usr"]
- name: "automake"
version: "1.17"
url: "https://ftp.gnu.org/gnu/automake/automake-1.17.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "automake-1.17"
build_in_subdir: false
configure_flags: ["--prefix=/usr", "--docdir=/usr/share/doc/automake-1.17"]
- name: "pkg-config"
version: "0.29.2"
url: "https://pkg-config.freedesktop.org/releases/pkg-config-0.29.2.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "pkg-config-0.29.2"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--with-internal-glib"
- "--disable-host-tool"
- "--docdir=/usr/share/doc/pkg-config-0.29.2"
# --- Libraries ---
- name: "glibc-final"
version: "2.40"
url: "https://ftp.gnu.org/gnu/glibc/glibc-2.40.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "glibc-2.40"
build_in_subdir: true
configure_flags:
- "--prefix=/usr"
- "--disable-nscd"
- "--disable-werror"
- "--enable-kernel=4.19"
- "--enable-stack-protector=strong"
- "--with-headers=/usr/include"
make_targets: ["", "install"]
post_install:
- "cp -v ../nscd/nscd.conf /etc/nscd.conf"
- "mkdir -pv /var/cache/nscd"
- name: "zlib"
version: "1.3.1"
url: "https://zlib.net/zlib-1.3.1.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "zlib-1.3.1"
build_in_subdir: false
configure_flags: ["--prefix=/usr"]
- name: "readline"
version: "8.2"
url: "https://ftp.gnu.org/gnu/readline/readline-8.2.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "readline-8.2"
build_in_subdir: false
configure_flags: ["--prefix=/usr", "--disable-static", "--with-curses"]
- name: "openssl"
version: "3.3.1"
url: "https://www.openssl.org/source/openssl-3.3.1.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "openssl-3.3.1"
build_in_subdir: false
configure_command: "./config"
configure_flags:
- "--prefix=/usr"
- "--openssldir=/etc/ssl"
- "--libdir=lib"
- "shared"
- "zlib"
- name: "expat"
version: "2.6.2"
url: "https://sourceforge.net/projects/expat/files/expat/2.6.2/expat-2.6.2.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "expat-2.6.2"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--disable-static"
- "--without-docbook"
- name: "systemd"
version: "256"
url: "https://github.com/systemd/systemd/archive/refs/tags/v256.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "systemd-256"
build_in_subdir: false
build_command: "ninja"
configure_command: "meson setup"
configure_flags:
- "builddir"
- "--prefix=/usr"
- "--sysconfdir=/etc"
- "--localstatedir=/var"
- "--libdir=/usr/lib"
- "-Drootprefix=/usr"
- "-Drootlibdir=/usr/lib"
- "-Dblkid=true"
- "-Ddefault-dnssec=no"
- "-Dfirstboot=false"
- "-Dinstall-tests=false"
- "-Dldconfig=false"
- "-Dsysusers=false"
- "-Drpmmacrosdir=no"
- "-Dhomed=false"
- "-Duserdb=false"
- "-Dman=false"
- "-Dhtml=false"
- name: "procps-ng"
version: "4.0.4"
url: "https://sourceforge.net/projects/procps-ng/files/Production/procps-ng-4.0.4.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "procps-ng-4.0.4"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--docdir=/usr/share/doc/procps-ng-4.0.4"
- "--disable-static"
- "--disable-kill"
- name: "util-linux"
version: "2.40.1"
url: "https://www.kernel.org/pub/linux/utils/util-linux/v2.40/util-linux-2.40.1.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "util-linux-2.40.1"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--bindir=/usr/bin"
- "--sbindir=/usr/sbin"
- "--libdir=/usr/lib"
- "--sysconfdir=/etc"
- "--disable-chfn-chsh"
- "--disable-login"
- "--disable-nologin"
- "--disable-su"
- "--disable-setpriv"
- "--disable-runuser"
- "--disable-pylibmount"
- "--disable-static"
- "--without-python"
- "--without-systemd"
- "--without-systemdsystemunitdir"
- name: "e2fsprogs"
version: "1.47.1"
url: "https://sourceforge.net/projects/e2fsprogs/files/e2fsprogs/v1.47.1/e2fsprogs-1.47.1.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "e2fsprogs-1.47.1"
build_in_subdir: true
configure_flags:
- "--prefix=/usr"
- "--sysconfdir=/etc"
- "--enable-elf-shlibs"
- "--disable-libblkid"
- "--disable-libuuid"
- "--disable-fsck"
- "--disable-uuidd"
# =============================================================
# Kernel Configuration
# =============================================================
kernel:
version: "6.10.5"
url: "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.10.5.tar.xz"
sha256: "placeholder_sha256"
# "defconfig", "allnoconfig", "tinyconfig", or path to a .config file
config_method: "defconfig"
# Optional: path to a custom .config to copy in
custom_config_path: ""
# Extra config options to set (applied after base config)
config_options:
- "CONFIG_VIRTIO=y"
- "CONFIG_VIRTIO_PCI=y"
- "CONFIG_VIRTIO_BLK=y"
- "CONFIG_VIRTIO_NET=y"
- "CONFIG_EXT4_FS=y"
- "CONFIG_VFAT_FS=y"
- "CONFIG_NLS_CODEPAGE_437=y"
- "CONFIG_NLS_ISO8859_1=y"
- "CONFIG_NLS_UTF8=y"
- "CONFIG_SATA_AHCI=y"
- "CONFIG_IGB=y"
- "CONFIG_E1000=y"
- "CONFIG_E1000E=y"
- "CONFIG_USB_XHCI_HCD=y"
- "CONFIG_USB_STORAGE=y"
make_targets: ["", "modules_install", "install"]
# =============================================================
# Bootloader
# =============================================================
bootloader:
type: "grub" # "grub" or "syslinux" or "systemd-boot"
# For UEFI systems:
efi: true
# Disk where GRUB should be installed
install_disk: "/dev/sdb"
# GRUB configuration
grub:
timeout: 5
default_entry: 0
# Additional GRUB config lines
extra_config: []
systemd_boot:
entry_name: "LFS Linux"
entry_loader: "/vmlinuz-6.10.5-lfs"
entry_initrd: "/initramfs-6.10.5.img"
entry_options: "root=/dev/sdb3 ro quiet"
# =============================================================
# System Configuration
# =============================================================
system:
hostname: "my-lfs"
timezone: "UTC"
locale: "en_US.UTF-8"
extra_locales:
- "en_GB.UTF-8"
keyboard_layout: "us"
# Console font (leave empty for default)
console_font: ""
fstab:
# If true, fstab is auto-generated from partitioning config
auto_generate: true
# Extra entries beyond the auto-generated ones
extra_entries: []
network:
# "systemd-networkd", "networkmanager", or "static"
type: "systemd-networkd"
interface: "eth0"
# For static configuration
ip_address: ""
gateway: ""
dns_servers:
- "8.8.8.8"
- "8.8.4.4"
# For DHCP
use_dhcp: true
# Init system
init: "systemd" # "systemd" or "sysvinit"
users:
- name: "root"
password_hash: "" # Empty = locked; set via post_install_script or use mkpasswd
shell: "/bin/bash"
home: "/root"
groups: ["root"]
- name: "admin"
password_hash: ""
shell: "/bin/bash"
home: "/home/admin"
groups: ["users", "wheel", "audio", "video", "input"]
sudo: true
# Additional system groups
groups:
- "wheel"
- "audio"
- "video"
- "input"
- "plugdev"
- "netdev"
# /etc/hosts content
hosts:
- ip: "127.0.0.1"
hostnames: ["localhost", "my-lfs"]
- ip: "::1"
hostnames: ["localhost"]
# =============================================================
# Post-Install Scripts (run inside chroot)
# =============================================================
post_install:
- description: "Set root password"
commands:
- "echo 'root:root' | chpasswd"
- "passwd -e root"
- description: "Create admin user"
commands:
- "useradd -m -s /bin/bash -G wheel,audio,video,input admin"
- "echo 'admin:admin' | chpasswd"
- description: "Configure sudo for wheel group"
commands:
- "mkdir -p /etc/sudoers.d"
- "echo '%wheel ALL=(ALL) ALL' > /etc/sudoers.d/wheel"
- "chmod 0440 /etc/sudoers.d/wheel"
- description: "Enable essential systemd services"
commands:
- "systemctl enable systemd-networkd"
- "systemctl enable systemd-resolved"
- "systemctl enable sshd"
- "systemctl enable systemd-timesyncd"
- description: "Set machine-id"
commands:
- "dbus-uuidgen > /etc/machine-id"
- "ln -sf /etc/machine-id /var/lib/dbus/machine-id"
- description: "Create initramfs"
commands:
- "dracut --force /boot/initramfs-6.10.5.img 6.10.5-lfs"
- description: "Clean up build artifacts"
commands:
- "rm -rf /sources/*"
- "rm -rf /tools"
- "ldconfig"
# =============================================================
# Optional: Additional packages (built in chroot after base system)
# =============================================================
extra_packages:
- name: "sudo"
version: "1.9.15p5"
url: "https://www.sudo.ws/dist/sudo-1.9.15p5.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "sudo-1.9.15p5"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--libexecdir=/usr/lib"
- "--with-secure-path"
- "--with-all-insults"
- "--with-env-editor"
- "--docdir=/usr/share/doc/sudo-1.9.15p5"
- name: "openssh"
version: "9.8p1"
url: "https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "openssh-9.8p1"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--sysconfdir=/etc/ssh"
- "--with-privsep-path=/var/lib/sshd"
- "--with-default-path=/usr/bin"
- "--with-superuser-path=/usr/sbin:/usr/bin"
- "--with-pid-dir=/run"
- name: "vim"
version: "9.1"
url: "https://github.com/vim/vim/archive/refs/tags/v9.1.0660.tar.gz"
sha256: "placeholder_sha256"
extract_dir: "vim-9.1.0660"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--with-features=huge"
- "--enable-gui=no"
- "--enable-python3interp"
- "--enable-cscope"
- "--enable-multibyte"
- "--enable-fontset"
- name: "curl"
version: "8.9.1"
url: "https://curl.se/download/curl-8.9.1.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "curl-8.9.1"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--with-openssl"
- "--enable-threaded-resolver"
- name: "git"
version: "2.46.0"
url: "https://www.kernel.org/pub/software/scm/git/git-2.46.0.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "git-2.46.0"
build_in_subdir: false
configure_flags:
- "--prefix=/usr"
- "--with-openssl"
- "--with-libpcre2"
- "--with-curl"
- "--with-expat"
- name: "htop"
version: "3.3.0"
url: "https://github.com/htop-dev/htop/releases/download/3.3.0/htop-3.3.0.tar.xz"
sha256: "placeholder_sha256"
extract_dir: "htop-3.3.0"
build_in_subdir: false
configure_flags: ["--prefix=/usr"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment