Compares a Devuan 3 ("beowulf") installation against a base system prepared with debootstrap.
Install the required release (Devuan "beowulf" in this example) on a guest system
Remove any kernel that was installed from the installation media then immediately obsoleted with a security update
Shut down the guest
Mount the root file system and copy elsewhere in preparation for comparison:
losetup --find --offset 1M /dev/vgb/pd3_vda mount -o ro /dev/loop0 /mnt/ rsync --one-file-system --archive --hard-links --executability --numeric-ids \ --compress --bwlimit=1000 /mnt/ $assayer:/tmp/installed/
Bootstrap a base system
Adjust the bootstrapped system so that it is closer to an instllation to make comparison easier
Compare the bootstrapped system to the installed system
The short version is:
debootstrap beowulf /tmp/bootstrapped http://deb.devuan.org/merged
Since a few extra steps are required to bring the bootstrapped system closer to an installed system, such as installing security updates, a Makefile makes things easier:
suite="beowulf" target="/tmp/bootstrapped" mirror="http://deb.devuan.org/merged" options="--include=apparmor,busybox-static,bzip2,console-setup,dictionaries-common,discover,dmsetup,eject,file,grub-pc,iamerican,ibritish,ispell,kbd,laptop-detect,locales,os-prober,pciutils,sysvinit,task-english,util-linux-locales,wamerican,xz-utils" all: debootstrap $(options) $(suite) $(target) $(mirror) cp /etc/hosts $(target)/etc/ cp sources.list $(target)/etc/apt/ chroot $(target) apt update chroot $(target) apt --yes upgrade chroot $(target) dpkg-reconfigure locales chroot $(target) apt --yes install busybox linux-image-amd64 chroot $(target) apt clean chroot $(target) dpkg --purge libudev1 pigz udev chroot $(target) dpkg-reconfigure console-setup chroot $(target) dpkg-reconfigure tzdata chroot $(target) rm /etc/console-setup/cached_ISO-8859-15* chroot $(target) update-rc.d eudev defaults chroot $(target) update-rc.d keyboard-setup.sh defaults log: less $(target)/debootstrap/debootstrap.log time: # mount chroot $(target) hwclock --systohc # Generates /etc/adjtime mount: if [ ! -e $(target)/dev/mem ]; then mount none -t devtmpfs $(target)/dev; fi if [ ! -e $(target)/sys/kernel ]; then mount none -t sysfs $(target)/sys; fi if [ ! -e $(target)/proc/mounts ]; then mount none -t proc $(target)/proc; fi umount: if [ -e $(target)/dev/mem ]; then umount $(target)/dev; fi if [ -e $(target)/sys/kernel ]; then umount $(target)/sys; fi if [ -e $(target)/proc/mounts ]; then umount $(target)/proc; fi compare: umount cd /tmp/ && diff --recursive --brief bootstrapped/ installed/ | egrep --invert-match --file=$(PWD)/ignore-paths > diffs clean: umount rm -rf $(target)
Broadly, the Makefile:
Applies security updates
Prompts for a locale such as en_NZ.UTF-8, which should match that chosen in the installation for ready comparison
Installs a kernel and the dynamically linked busybox (to match the installation)
Removes a few other files not present in an installation and sets up the console and time zone (which should match the choices made during installation)
The sources.list that the Makefile refers to is:
deb http://deb.devuan.org/merged beowulf main deb http://deb.devuan.org/merged beowulf-updates main deb http://deb.devuan.org/merged beowulf-security main
To bootstrap:
make clean all time
ignore-paths (referred to in the Makefile) is:
^$ ^Only in bootstrapped/dev: ^File bootstrapped/dev/\w+ is a character special file while file installed/dev/\w+ is a character special file ^Only in bootstrapped/proc: ^Only in bootstrapped/run: ^Only in bootstrapped/sys: ^$ ^Files bootstrapped/(boot/)?initrd\.img.* and installed/(boot/)?initrd\.img.* differ ^$ ^Files bootstrapped/etc/init\.d/\.depend\.(boot|start) and installed/etc/init\.d/\.depend\.(boot|start) differ ^Only in installed/etc: mtab$ ^$ ^Only in installed/var/cache/(apparmor|apt): ^Only in installed/.+: installation-report.* ^$ ^Files bootstrapped/var/cache/.+ and installed/var/cache/.+ differ ^Files bootstrapped/usr/lib/python.+/__pycache__/.+ and installed/usr/lib/python.+/__pycache__/.+ differ ^$ ^Files bootstrapped/var/lib/apt/extended_states and installed/var/lib/apt/extended_states differ ^Only in installed/var/lib/apt/lists: ^Files bootstrapped/var/lib/apt/lists/.+ and installed/var/lib/apt/lists/.+ differ ^Only in installed/var/lib/dhcp: dhclient\.\w+\.leases ^Files bootstrapped/var/lib/dpkg/.+ and installed/var/lib/dpkg/.+ differ ^$ ^Only in (installed|bootstrapped)/var/log: ^Files bootstrapped/var/log/.* and installed/var/log/.* differ ^$ ^Files bootstrapped/root/.bash_history and installed/root/.bash_history differ
The purpose of ignore-paths is to ignore some differences between the bootstrapped and installed systems because they are of no interest such as:
initrd, which is automatically generated and unsurprisingly differentcache and logsdpkg state that is routinely re-generatedFinally:
make compare
..which spews errors concerning absolute targets of symlinks but which produces /tmp/diffs.
/tmp/diffs details the differences between the bootstrapped system and an installed system:
Only in installed/boot/grub: fonts Only in installed/boot/grub: grub.cfg Only in installed/boot/grub: grubenv Only in installed/boot/grub: i386-pc Only in installed/boot/grub: locale
grub.cfg is generated by update-grub though others not, perhaps by grub-install?.
Only in installed/etc: adjtime
Generate with hwclock --systohc.
Only in installed/etc/apt: apt.conf
The proxy configuration supplied during installation.
Only in installed/etc/apt/apt.conf.d: 00CDMountPoint Only in installed/etc/apt/apt.conf.d: 00trustcdrom Only in installed/media: cdrom Only in installed/media: cdrom0 Only in installed/var/lib/apt: cdroms.list Only in installed/var/lib/apt: cdroms.list~
Not required unless installing packages from optical media.
Files bootstrapped/etc/apt/apt.conf.d/01autoremove-kernels and installed/etc/apt/apt.conf.d/01autoremove-kernels differ
This seems to depend on the OS running debootstrap rather than the one being installed. Bootstrapping a Devuan 3 system from Devuan 4 this file is full of references to kernel 5.x.
Files bootstrapped/etc/apt/sources.list and installed/etc/apt/sources.list differ
The sources.list in the installation is full of deb-src and references to optical media.
Files bootstrapped/etc/console-setup/cached_setup_font.sh and installed/etc/console-setup/cached_setup_font.sh differ Files bootstrapped/etc/locale.gen and installed/etc/locale.gen differ
Semantically void.
Files bootstrapped/etc/console-setup/cached_setup_keyboard.sh and installed/etc/console-setup/cached_setup_keyboard.sh differ
The file in the installation has lines like kbd_mode '-u' < '/dev/tty1' as opposed to a single line of kbd_mode '-u' in the bootstrapped version. I do not know what this means.
Files bootstrapped/etc/default/console-setup and installed/etc/default/console-setup differ
I elected to "Do not change the boot/kernel font" in the bootstrapped version.
Files bootstrapped/etc/default/grub and installed/etc/default/grub differ
The guest was installed via serial console, so GRUB is configured for the serial console here.
Files bootstrapped/etc/default/locale and installed/etc/default/locale differ
The LANGUAGE variable is set in the installed version and NOT in the bootstrapped version.
Files bootstrapped/etc/fstab and installed/etc/fstab differ Files bootstrapped/etc/hostname and installed/etc/hostname differ Files bootstrapped/etc/hosts and installed/etc/hosts differ Files bootstrapped/etc/network/interfaces and installed/etc/network/interfaces differ Files bootstrapped/etc/resolv.conf and installed/etc/resolv.conf differ
It is well understood that these files are required reading following debootstrap.
Files bootstrapped/etc/group and installed/etc/group differ Files bootstrapped/etc/group- and installed/etc/group- differ Files bootstrapped/etc/gshadow and installed/etc/gshadow differ Files bootstrapped/etc/gshadow- and installed/etc/gshadow- differ Files bootstrapped/etc/passwd and installed/etc/passwd differ Files bootstrapped/etc/passwd- and installed/etc/passwd- differ Files bootstrapped/etc/shadow and installed/etc/shadow differ Files bootstrapped/etc/shadow- and installed/etc/shadow- differ Files bootstrapped/etc/subgid and installed/etc/subgid differ Only in installed/etc: subgid- Files bootstrapped/etc/subuid and installed/etc/subuid differ Only in installed/etc: subuid- Only in installed/home: $username
The bootstrapped edition did not feature a non-root user.
Only in installed/etc/initramfs-tools/conf.d: resume
Consists of RESUME=none in the installed version. Perhaps suspend-to-disk related. Remained absent with no ill effects.
Files bootstrapped/etc/inittab and installed/etc/inittab differ
The installed version starts gettys on ttyS0, bootstrapped on tty[123456].
Only in installed/usr/bin: report-hw Only in installed/usr/share/man/man1: report-hw.1.gz
Part of the installation-report package.
Files bootstrapped/var/lib/initramfs-tools/4.19.0-22-amd64 and installed/var/lib/initramfs-tools/4.19.0-22-amd64 differ
A fingerprint of the generated initrd, expected to differ.
Only in installed/var/lib/urandom: random-seed
Generated by /etc/init.d/urandomat shutdown.
Only in installed/etc: kernel-img.conf
System seems fine without it. Looks like this on an installed system:
# Kernel image management overrides # See kernel-img.conf(5) for details do_symlinks = yes do_bootloader = no do_initrd = yes link_in_boot = no
The installer does quite a bit more than just set up fstab. If the objective is to produce a base system similar to that produced by an installation then it might be better to clone a pristine installation rather than coax a bootstrapped system in to submission.
On the other hand, it can be seen that tending a bootstrapped system can produce very similar results to a fresh installation without the logs or the installation report.