Skip to content

Host configuration

Jump to bottom
Konrad Witaszczyk edited this page Apr 17, 2022 · 3 revisions

WARNING: below information might be outdated as the main development focus is on the poudriere-remote.sh script.

Since poudriere-remote.sh requires root access via sudo to a remote host to automatically bootstrap Poudriere and build packages, some users might prefer to create a Poudriere host manually. In such case, you can follow these instructions:

  1. Install FreeBSD with an additional disk for a zpool (let's call it mydisk0).

    We tested a VMDK snapshot image for amd64 14.0-CURRENT.

  2. Create a user (let's call it myuser) and log in the host as the user.

  3. Create a zpool zdata.

    sudo zpool create zdata mydisk0

  4. Create file systems for CHERI and Poudriere.

    sudo zfs create zdata/cheri
sudo zfs create zdata/distfiles
sudo zfs create zdata/poudriere

  5. Set the owner of new directories to your user.

    sudo chown myuser /zdata/cheri /zdata/distfiles /zdata/poudriere

  6. Install cheribuild dependencies.

    sudo pkg install \
    autoconf \
    automake \
    bash \
    cmake \
    git \
    glib \
    gmake \
    gsed \
    libtool \
    ninja \
    pixman \
    pkgconf \
    python3 \
    texinfo

  7. Install Poudriere dependencies.

    sudo pkg install poudriere nginx

  8. Clone cheribuild with the user mode support.

    git clone --branch qemu-cheri-bsd-user https://github.com/CTSRD-CHERI/cheribuild.git /zdata/cheri/cheribuild

  9. Build the CheriABI BSD user mode.

    /zdata/cheri/cheribuild/cheribuild.py --source-root /zdata/cheri bsd-user-qemu

  10. Build a pure-capability CheriBSD.

    • Morello (aarch64c): 
      /zdata/cheri/cheribuild/cheribuild.py --source-root /zdata/cheri --no-skip-sdk --qemu/no-use-smbd --morello-qemu/no-use-smbd sdk-morello-purecap
    • Morello (aarch64): 
      /zdata/cheri/cheribuild/cheribuild.py --source-root /zdata/cheri --no-skip-sdk --qemu/no-use-smbd --morello-qemu/no-use-smbd sdk-aarch64
    • For CHERI-RISC-V (riscv64c): 
      /zdata/cheri/cheribuild/cheribuild.py --source-root /zdata/cheri --no-skip-sdk --qemu/no-use-smbd sdk-riscv64-purecap

  11. Update the built sysroot to be owned by root:wheel.

    sudo chown -R root:wheel /zdata/cheri/output/rootfs-*

  12. Clone the poudriere-infrastructure repository.

    git clone https://github.com/CTSRD-CHERI/poudriere-infrastructure.git /zdata/cheri/poudriere-infrastructure

  13. Create symbolic links for configuration files from the poudriere-infrastructure repository.

    cd /zdata/cheri/poudriere-infrastructure
find etc usr -type f -o -type l | xargs -I % -S 1024 sudo sh -c 'mkdir -p "/$(dirname %)"; ln -s "$(realpath . )/%" "/%"'

    Examine ln(1) errors as some files might already exist. In such case, remove or move them aside, and execute the above command again.

  14. Copy jail files from this repository.

    cd /zdata/cheri/poudriere-infrastructure
find zdata -type f -o -type l | xargs -I % -S 1024 sudo sh -c 'mkdir -p "/$(dirname "%")"; cp -a "%" "/%"'

  15. Move the pure-capability rtld aside to make space for an amd64 rtld.

    • For Morello (aarch64c): 
      mv /zdata/cheri/output/rootfs-morello-purecap/libexec/ld-elf.so.1 /zdata/cheri/output/rootfs-morello-purecap/libexec/ld-aarch64c-elf.so.1
cp /libexec/ld-elf.so.1 /zdata/cheri/output/rootfs-morello-purecap/libexec/ld-elf.so.1
    • For Morello (aarch64): 
      mv /zdata/cheri/output/rootfs-aarch64/libexec/ld-elf.so.1 /zdata/cheri/output/rootfs-aarch64/libexec/ld-aarch64-elf.so.1
cp /libexec/ld-elf.so.1 /zdata/cheri/output/rootfs-aarch64/libexec/ld-elf.so.1
    • For CHERI-RISC-V (riscv64c): 
      mv /zdata/cheri/output/rootfs-riscv64-purecap/libexec/ld-elf.so.1 /zdata/cheri/output/rootfs-riscv64-purecap/libexec/ld-riscv64c-elf.so.1
cp /libexec/ld-elf.so.1 /zdata/cheri/output/rootfs-riscv64-purecap/libexec/ld-elf.so.1

  16. Configure binmiscctl(8).

    sudo service qemu_user_static start

  17. Create a jail.

    • For Morello (aarch64c): 
      sudo poudriere jail -c -j cheribsd-morello-purecap -v 14.0-CURRENT -a arm64.aarch64c -m null -M /zdata/cheri/output/rootfs-morello-purecap
    • For Morello (aarch64): 
      sudo poudriere jail -c -j cheribsd-aarch64 -v 14.0-CURRENT -a arm64.aarch64 -m null -M /zdata/cheri/output/rootfs-aarch64
    • For CHERI-RISC-V (riscv64c): 
      sudo poudriere jail -c -j cheribsd-riscv64-purecap -v 14.0-CURRENT -a riscv.riscv64c -m null -M /zdata/cheri/output/rootfs-riscv64-purecap

  18. Create a ports tree.

    • If you don't want to modify ports: 
      sudo poudriere ports -c -p main -m git -U https://github.com/CTSRD-CHERI/cheribsd-ports.git -B main
    • If you want to modify ports on your host, we recommend to clone a repository: 
      git clone [email protected]:CTSRD-CHERI/cheribsd-ports.git /path/to/cheribsd-ports
      and import it as a ports tree: 
      sudo poudriere ports -c -p main -m null -M /path/to/cheribsd-ports

  19. Start nginx to browse Poudriere reports.

    sudo service nginx start

  20. Start a test package build.

    • For Morello (aarch64c): 
      sudo poudriere bulk -j cheribsd-morello-purecap -p main ports-mgmt/pkg
    • For Morello (aarch64): 
      sudo poudriere bulk -j cheribsd-aarch64 -p main ports-mgmt/pkg
    • For CHERI-RISC-V (riscv64c): 
      sudo poudriere bulk -j cheribsd-riscv64-purecap -p main ports-mgmt/pkg

  21. Open http://<host>/ to observe a build status in your browser.

  22. Your package repository should be accessible with:

    • For Morello (aarch64c): pkg+http://<host>/packages/cheribsd-morello-purecap-main/
    • For Morello (aarch64): pkg+http://<host>/packages/cheribsd-aarch64-main/
    • For CHERI-RISC-V (riscv64c): pkg+http://<host>/packages/cheribsd-riscv64-purecap-main/
Clone this wiki locally