febootstrap - Bootstrap a basic Fedora system (like Debian debootstrap)
febootstrap [--options] REPO TARGET [MIRROR]
febootstrap fedora-10 /tmp/f10
febootstrap rawhide /tmp/rawhide
febootstrap rawhide /tmp/rawhide http://mymirror/rawhide/x86_64/os
febootstrap --groupinstall="Mail Server" fedora-10 /tmp/mailserver
febootstrap creates a Fedora root filesystem, based on the Fedora
version specified by REPO under the directory specified by TARGET.
Optionally MIRROR can point to a local mirror (otherwise the public
Fedora mirrors are used). REPO names are "fedora-VERSION" (eg.
"fedora-10") or "rawhide".
febootstrap does not need to be run as root. If for some reason you do
run it as root, then it works slightly differently and may have side
effects such as stopping or starting system daemons.
For more advanced needs, take a look at mock(1), "livecd-creator" and
The normal output is a root directory located at TARGET and a fakeroot
logfile at "TARGET/fakeroot.log".
Specify the package or group to install. To list multiple packages
or groups, you must give multiple "-i" or "-g" options. Group
names can contain spaces, so use quotes where necessary.
These are passed directly to "yum install" or "yum groupinstall"
commands, and thus any dependencies are also resolved by yum. You
can also use shell globs and filenames here, as with ordinary yum.
If no packages or groups are given, then we install the "Core"
group which is a small working Fedora installation (but by no means
minimal). Use "yum groupinfo Core" to list the packages currently
in the "Core" group.
Normally febootstrap will clean up the yum repository
("/var/cache/yum" inside the image). This contains the downloaded
RPMs and metadata. However if you give the "--no-clean" option,
then the yum repository is left. This is useful if you want to run
further yum commands inside the filesystem by hand.
URL to the proxy server that yum should use.
Pull in updates from an additional updates repository. The
possible sources are:
-u "http://..." (a URL)
Get updates from the specific URL.
-u "updates-released-fN" (an updates repository name)
Get updates from the public mirrors of the named repository
(eg. "updates-released-f10"). See REPOSITORIES below.
-u "none" (default)
Don’t add an updates repository. This is the default.
You can list available repositories by visiting this URL:
(If necessary replace "i386" with your architecture, but it seems
unlikely that this list will change based on architecture).
RUNNING EXTRA COMMANDS IN THE ROOT FILESYSTEM
If you want to run further commands inside the root filesystem, for
example additional "yum" installs, then use "febootstrap-run". See the
febootstrap-run(8) manual page for more details.
You have to be careful about modifying files in the root filesystem
directly (without using "febootstrap-run"). It’s easy to confuse
fakeroot and end up with the wrong permissions on files (see FAKEROOT
"febootstrap-run" runs the command inside the root filesystem, which
means it won’t normally have access to files outside the root. You can
use "FAKECHROOT_EXCLUDE_PATH" environment variable (see fakechroot(1))
or copy files into the root first.
When febootstrap is run as non-root (the normal case) we use fakeroot
so that yum thinks it is running as root. Fakeroot keeps track of
"real" file permissions in a log file which is saved into the target
directory as "TARGET/fakeroot.log".
This logfile is indexed by inode number, which makes certain operations
safe and other operations unsafe. Files should be replaced only by
echo updated-content > old-file
(since that preserves the original inode).
Deleting files and then creating new ones (even with a different name)
is usually unsafe, because the new files might reuse inodes claimed by
the old files, and so appear with peculiar permissions (eg. unreadable,
or as a symbolic link).
Deleting files is also usually unsafe, although the reasons are more
subtle. If you just use "rm" then the inode number is not deleted from
"fakeroot.log" which means it can be reused by another file later on.
In most cases it’s usually safest to use "febootstrap-run".
You can use the fakeroot logfile in a number of ways:
· Use febootstrap-run(8) to run a command with the faked file
· Use febootstrap-install(8) to install a file with permissions in
the root filesystem.
· Generate an initramfs (compressed cpio) file containing the correct
permissions using the tool "febootstrap-to-initramfs".
· Generate a supermin appliance using the tool
· Apply the permissions to the target directory using the forthcoming
tool "febootstrap-fix-root" (requires root).
RUNNING FEBOOTSTRAP AS ROOT
There is some rudimentary support for running "febootstrap" as root.
However it is not well-tested and generally not recommended.
COMPARISON TO DEBOOTSTRAP
febootstrap cannot do cross-architecture installs ("debootstrap
--foreign"). The reason is that %pre and %post scripts cannot run. It
may be possible to defer running of scriptlets (which is basically how
debootstrap works), and patches to do this are welcomed.
febootstrap cannot do 32-on-64 bit installs. The reason is that
fakeroot and fakechroot do not load the correct preload library. This
is really a bug in fakeroot/fakechroot, which we think would be easy to
fix. (debootstrap deals with this case the same as for "--foreign"
installs - see previous point).
OTHER RESTRICTIONS AND BUGS
The following programs are not run during %post scriptlets (because
they are all statically linked, and fakechroot cannot run statically
"/sbin/ldconfig" (from many packages)
"/usr/sbin/glibc_post_upgrade" (from "glibc")
"/usr/sbin/build-locale-archive" (from "glibc-common")
"/usr/sbin/libgcc_post_upgrade" (from "libgcc")
If you wish, you can run them the first time you boot into the new
febootstrap recreates the repository anew each time, and this causes
yum to download all the RPMs every time. This is very wasteful, and we
should provide a way to cache the repository.
febootstrap-run(8), febootstrap-install(8), febootstrap-to-supermin(8),
fakeroot(1), fakechroot(1), yum(8), rpm(8).
<http://thincrust.net/>, debootstrap(8), "ubuntu-vm-builder".
Richard W.M. Jones <rjones @ redhat . com>
(C) Copyright 2009 Red Hat Inc.,
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
675 Mass Ave, Cambridge, MA 02139, USA.