Howto make your own CentOS (tested) or Fedora (untested) rootfs.
Because my rootfs is totally untrustworthy :), I will rather describe, how to make your own.
For start, you will need one container with any other disto, that supports rpm, up and running. Ubuntu is fine (then apt-get install rpm). If you are running Fedora or CentOS on x86_64, it may not work; while rpm has an --ignorearch switch, the postinstall scripts will fail to run. Running the commands in other arm distro in container doesn’t have this problem.
Also, the default install of CentOS includes NetworkManager. While it is a nice thing, for a container, it is overkill. In the following, it is replaced by systemd-networkd. Packages, that won’t work in the container (kernel, audit), are of course omitted. An importat thing to note is, that SELinux of course doesn’t work in container either, but the libraries are required by other packages.
So, let’s go to create our rootfs.
Pick a directory, where you will create the rootfs. Further, it is called $root.
-
Create the rootfs directory:
mkdir -p $root -
Create /dev nodes:
mkdir $root/dev mknod -m 600 $root/dev/console c 5 1 mknod -m 666 $root/dev/full c 1 7 mknod -m 600 $root/dev/initctl p mknod -m 666 $root/dev/ptmx c 5 2 mknod -m 666 $root/dev/random c 1 8 mknod -m 666 $root/dev/tty c 5 0 mknod -m 666 $root/dev/tty0 c 4 0 mknod -m 666 $root/dev/urandom c 1 9 mknod -m 666 $root/dev/zero c 1 5 chown -R root:root $root/dev -
Grab the following packages from your nearby CentOS mirror. Because I’m lazy, the following packages are stock 7.3, non-updated version. Once the container is up and running, you will update it to current version anyway. For base installation, the following ones are necessary:
basesystem-10.0-7.el7.centos.noarch.rpm
bash-4.2.46-20.el7.armv7hl.rpm
coreutils-8.22-18.el7.armv7hl.rpm
cronie-1.4.11-14.el7.1.armv7hl.rpm
curl-7.29.0-35.el7.armv7hl.rpm
filesystem-3.2-21.el7.armv7hl.rpm
firewalld-0.4.3.2-8.el7.noarch.rpm
glibc-2.17-157.el7.armv7hl.rpm
hostname-3.13-3.el7.armv7hl.rpm
iproute-3.10.0-74.el7.armv7hl.rpm
iptables-1.4.21-17.el7.armv7hl.rpm
iputils-20160308-8.el7.armv7hl.rpm
less-458-9.el7.armv7hl.rpm
libsysfs-2.1.0-16.el7.armv7hl.rpm
man-db-2.6.3-9.el7.armv7hl.rpm
ncurses-5.9-13.20130511.el7.armv7hl.rpm
passwd-0.79-4.el7.armv7hl.rpm
policycoreutils-2.5-8.el7.armv7hl.rpm
procps-ng-3.3.10-10.el7.armv7hl.rpm
rootfiles-8.1-11.el7.noarch.rpm
rpm-4.11.3-21.el7.armv7hl.rpm
rsyslog-7.4.7-16.el7.armv7hl.rpm
selinux-policy-targeted-3.13.1-102.el7.noarch.rpm
setup-2.8.71-7.el7.noarch.rpm
shadow-utils-4.1.5.1-24.el7.armv7hl.rpm
sudo-1.8.6p7-20.el7.armv7hl.rpm
systemd-219-30.el7.armv7hl.rpm
systemd-networkd-219-30.el7.armv7hl.rpm
systemd-resolved-219-30.el7.armv7hl.rpm
tar-1.26-31.el7.armv7hl.rpm
util-linux-2.23.2-33.el7.armv7hl.rpm
vim-minimal-7.4.160-1.el7.armv7hl.rpm
yum-3.4.3-150.el7.centos.noarch.rpmThese will need the following dependencies:
acl-2.2.51-12.el7.armv7hl.rpm
audit-libs-2.6.5-3.el7.armv7hl.rpm
bind-libs-lite-9.9.4-37.el7.armv7hl.rpm
bind-license-9.9.4-37.el7.noarch.rpm
binutils-2.25.1-22.base.el7.armv7hl.rpm
bzip2-libs-1.0.6-13.el7.armv7hl.rpm
ca-certificates-2015.2.6-73.el7.noarch.rpm
centos-userland-release-7-3.1611.el7.centos.0.1.armv7hl.rpm
chkconfig-1.7.2-1.el7.armv7hl.rpm
cpio-2.11-24.el7.armv7hl.rpm
cracklib-2.9.0-11.el7.armv7hl.rpm
cracklib-dicts-2.9.0-11.el7.armv7hl.rpm
cronie-anacron-1.4.11-14.el7.1.armv7hl.rpm
crontabs-1.11-6.20121102git.el7.noarch.rpm
cryptsetup-libs-1.7.2-1.el7.armv7hl.rpm
cyrus-sasl-lib-2.1.26-20.el7.armv7hl.rpm
dbus-1.6.12-17.el7.armv7hl.rpm
dbus-glib-0.100-7.el7.armv7hl.rpm
dbus-libs-1.6.12-17.el7.armv7hl.rpm
dbus-python-1.1.1-9.el7.armv7hl.rpm
device-mapper-1.02.135-1.el7.armv7hl.rpm
device-mapper-libs-1.02.135-1.el7.armv7hl.rpm
diffutils-3.3-4.el7.armv7hl.rpm
dracut-033-463.el7.armv7hl.rpm
ebtables-2.0.10-15.el7.armv7hl.rpm
elfutils-libelf-0.166-2.el7.armv7hl.rpm
elfutils-libs-0.166-2.el7.armv7hl.rpm
expat-2.1.0-8.el7.armv7hl.rpm
file-libs-5.11-33.el7.armv7hl.rpm
findutils-4.5.11-5.el7.armv7hl.rpm
firewalld-filesystem-0.4.3.2-8.el7.noarch.rpm
gawk-4.0.2-4.el7.armv7hl.rpm
gdbm-1.10-8.el7.armv7hl.rpm
GeoIP-1.5.0-11.el7.armv7hl.rpm
glib2-2.46.2-4.el7.armv7hl.rpm
glibc-common-2.17-157.el7.armv7hl.rpm
glib-networking-2.42.0-1.el7.armv7hl.rpm
gmp-6.0.0-12.el7.armv7hl.rpm
gnupg2-2.0.22-4.el7.armv7hl.rpm
gnutls-3.3.24-1.el7.armv7hl.rpm
gobject-introspection-1.42.0-1.el7.armv7hl.rpm
gpgme-1.3.2-5.el7.armv7hl.rpm
grep-2.20-2.el7.armv7hl.rpm
groff-base-1.22.2-8.el7.armv7hl.rpm
gsettings-desktop-schemas-3.14.2-1.el7.armv7hl.rpm
gzip-1.5-8.el7.armv7hl.rpm
hardlink-1.0-19.el7.armv7hl.rpm
info-5.1-4.el7.armv7hl.rpm
ipset-6.19-6.el7.armv7hl.rpm
ipset-libs-6.19-6.el7.armv7hl.rpm
json-c-0.11-4.el7.armv7hl.rpm
keyutils-libs-1.5.8-3.el7.armv7hl.rpm
kmod-20-9.el7.armv7hl.rpm
kmod-libs-20-9.el7.armv7hl.rpm
kpartx-0.4.9-99.el7.armv7hl.rpm
krb5-libs-1.14.1-26.el7.armv7hl.rpm
libacl-2.2.51-12.el7.armv7hl.rpm
libassuan-2.1.0-3.el7.armv7hl.rpm
libattr-2.4.46-12.el7.armv7hl.rpm
libblkid-2.23.2-33.el7.armv7hl.rpm
libcap-2.22-8.el7.armv7hl.rpm
libcap-ng-0.7.5-4.el7.armv7hl.rpm
libcom_err-1.42.9-9.el7.armv7hl.rpm
libcurl-7.29.0-35.el7.armv7hl.rpm
libdb-5.3.21-19.el7.armv7hl.rpm
libdb-utils-5.3.21-19.el7.armv7hl.rpm
libestr-0.1.9-2.el7.armv7hl.rpm
libffi-3.0.13-18.el7.armv7hl.rpm
libgcc-4.8.5-11.el7.armv7hl.rpm
libgcrypt-1.5.3-12.el7.1.armv7hl.rpm
libgpg-error-1.12-3.el7.armv7hl.rpm
libidn-1.28-4.el7.armv7hl.rpm
libmnl-1.0.3-7.el7.armv7hl.rpm
libmodman-2.0.1-8.el7.armv7hl.rpm
libmount-2.23.2-33.el7.armv7hl.rpm
libnetfilter_conntrack-1.0.4-2.el7.armv7hl.rpm
libnfnetlink-1.0.1-4.el7.armv7hl.rpm
libpcap-1.5.3-8.el7.armv7hl.rpm
libpipeline-1.2.3-3.el7.armv7hl.rpm
libproxy-0.4.11-10.el7.armv7hl.rpm
libpwquality-1.2.3-4.el7.armv7hl.rpm
libselinux-2.5-6.el7.armv7hl.rpm
libselinux-python-2.5-6.el7.armv7hl.rpm
libselinux-utils-2.5-6.el7.armv7hl.rpm
libsemanage-2.5-4.el7.armv7hl.rpm
libsepol-2.5-6.el7.armv7hl.rpm
libssh2-1.4.3-10.el7.1.armv7hl.rpm
libstdc+±4.8.5-11.el7.armv7hl.rpm
libtasn1-3.8-3.el7.armv7hl.rpm
libuser-0.60-7.el7.armv7hl.rpm
libutempter-1.1.6-4.el7.armv7hl.rpm
libuuid-2.23.2-33.el7.armv7hl.rpm
libverto-0.2.5-4.el7.armv7hl.rpm
libxml2-2.9.1-6.el7.3.armv7hl.rpm
logrotate-3.8.6-12.el7.armv7hl.rpm
lua-5.1.4-15.el7.armv7hl.rpm
mozjs17-17.0.0-19.el7.armv7hl.rpm
ncurses-base-5.9-13.20130511.el7.noarch.rpm
ncurses-libs-5.9-13.20130511.el7.armv7hl.rpm
nettle-2.7.1-8.el7.armv7hl.rpm
nspr-4.11.0-1.el7.armv7hl.rpm
nss-3.21.0-17.el7.armv7hl.rpm
nss-softokn-3.16.2.3-14.4.el7.armv7hl.rpm
nss-softokn-freebl-3.16.2.3-14.4.el7.armv7hl.rpm
nss-sysinit-3.21.0-17.el7.armv7hl.rpm
nss-tools-3.21.0-17.el7.armv7hl.rpm
nss-util-3.21.0-2.2.el7.armv7hl.rpm
openldap-2.4.40-13.el7.armv7hl.rpm
openssl-libs-1.0.1e-60.el7.armv7hl.rpm
p11-kit-0.20.7-3.el7.armv7hl.rpm
p11-kit-trust-0.20.7-3.el7.armv7hl.rpm
pam-1.1.8-18.el7.armv7hl.rpm
pcre-8.32-15.el7.1.armv7hl.rpm
pinentry-0.8.1-17.el7.armv7hl.rpm
pkgconfig-0.27.1-4.el7.armv7hl.rpm
popt-1.13-16.el7.armv7hl.rpm
pth-2.0.7-23.el7.armv7hl.rpm
pygobject3-base-3.14.0-3.el7.armv7hl.rpm
pygpgme-0.3-9.el7.armv7hl.rpm
pyliblzma-0.5.3-11.el7.armv7hl.rpm
python-2.7.5-48.el7.armv7hl.rpm
python-decorator-3.4.0-3.el7.noarch.rpm
python-firewall-0.4.3.2-8.el7.noarch.rpm
python-iniparse-0.4-9.el7.noarch.rpm
python-libs-2.7.5-48.el7.armv7hl.rpm
python-pycurl-7.19.0-19.el7.armv7hl.rpm
python-slip-0.4.0-2.el7.noarch.rpm
python-slip-dbus-0.4.0-2.el7.noarch.rpm
python-urlgrabber-3.10-8.el7.noarch.rpm
pyxattr-0.5.1-5.el7.armv7hl.rpm
qrencode-libs-3.4.1-3.el7.armv7hl.rpm
readline-6.2-9.el7.armv7hl.rpm
rpm-build-libs-4.11.3-21.el7.armv7hl.rpm
rpm-libs-4.11.3-21.el7.armv7hl.rpm
rpm-python-4.11.3-21.el7.armv7hl.rpm
sed-4.2.2-5.el7.armv7hl.rpm
selinux-policy-3.13.1-102.el7.noarch.rpm
shared-mime-info-1.1-9.el7.armv7hl.rpm
slang-2.2.4-11.el7.armv7hl.rpm
sqlite-3.7.17-8.el7.armv7hl.rpm
systemd-libs-219-30.el7.armv7hl.rpm
systemd-sysv-219-30.el7.armv7hl.rpm
sysvinit-tools-2.88-14.dsf.el7.armv7hl.rpm
tcp_wrappers-libs-7.6-77.el7.armv7hl.rpm
trousers-0.3.13-1.el7.armv7hl.rpm
tzdata-2016g-2.el7.noarch.rpm
ustr-1.0.4-16.el7.armv7hl.rpm
xz-5.2.2-1.el7.armv7hl.rpm
xz-libs-5.2.2-1.el7.armv7hl.rpm
yum-metadata-parser-1.1.4-10.el7.armv7hl.rpm
yum-plugin-fastestmirror-1.1.31-40.el7.noarch.rpm
zlib-1.2.7-17.el7.armv7hl.rpmPlace all the rpms into a directory, which we will further call
$rpmdir. Install them using this commdandrpm --root=$root -ivh $rpmdir/*.rpm -
Now you are almost done, let’s do the final touches. First, disable the arm kernel repo:
edit
$root/etc/yum.repos.d/CentOS-armhfp-kernel.repo, set the lineenabled=1
to
enabled=0
-
configure your network. Using systemd-networkd, create file
$root/etc/systemd/network/50-static.networkwith the following content, that configures static ip, gateway and dns for IPv4 and DHCP for IPv6:[Match]
Name=eth0
[Network]
Address=your_ip/24
Gateway=your_gw_ip
DNS=your_dns_ip
DHCP=ipv6These last steps are done, once your container is up and running, finish from inside:
-
set your machine hostname:
hostnamectl set-hostname $your_hostname -
Enable resolver:
systemctl enable systemd-resolved systemctl start systemd-resolved ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf -
If you think, that the entire CentOS installation is quite big, you might be right. Entire 100 MB is being taken by the locale definition data (
/usr/lib/locale/locale-archive).If you want to make it smaller, the following commands remove all locales except english:
localedef --list-archive | grep -v -i ^en | xargs localedef --delete-from-archivebuild-locale-archiveYou may also set yum config to make it locale preference aware:
Edit
/etc/yum.confand set the configuration:override_install_langs=en_US.utf8
In the same file, you can set additional flags:
tsflags=nodocs
-
Those feeling adventorous, may add the experimental arm-epel repo: create file
/etc/yum.repos.d/epel.repowith following content:[epel]
name=Epel rebuild for armhfp
baseurl=Index of /repodir/epel-pass-1
enabled=1
gpgcheck=0 -
Update everything to the current version:
yum update