github.com/opencontainers/runtime-tools@v0.9.0/contrib/rootfs-builder/README.md (about) 1 # Building `rootfs-*.tar.gz` 2 3 The root filesystem tarball is based on [Gentoo][]'s stage3s (e.g. the 4 [amd64 stage3][stage3-amd64]). We check for a valid [GnuPG 5 signature][gentoo-signatures]), copying a [minimal 6 subset](rootfs-files) to the root filesytem, and adding symlinks for 7 all BusyBox commands. To rebuild the tarball based on a newer stage3, 8 run: 9 10 ``` 11 $ touch get-stage3.sh 12 $ make rootfs-amd64.tar.gz 13 ``` 14 15 ## Platform tarballs 16 17 The extraction requires a local machine capable of executing the 18 extracted BusyBox. Extraction assumes amd64, but if your local 19 machine is a different platform, set `ARCHES`. For example: 20 21 ``` 22 $ make ARCHES='i486 i686 amd64' 23 ``` 24 25 The architecture identifiers can be found by browsing Gentoo's 26 [releases][] for `autobuilds/latest-stage3-{arch}.txt`. Examples 27 include: 28 29 * `amd64` (the default) 30 * `arm64` 31 * `arm7a` 32 * `i486` 33 * `i686` 34 * `ppc64-64ul` 35 36 and many more. 37 38 ## Getting Gentoo's Release Engineering public key 39 40 If `make rootfs-….tar.gz` gives an error like: 41 42 ``` 43 gpg --verify downloads/stage3-amd64-current.tar.bz2.DIGESTS.asc 44 gpg: Signature made Thu 14 Jan 2016 09:00:11 PM EST using RSA key ID 2D182910 45 gpg: Can't check signature: public key not found 46 ``` 47 48 you will need to [add the missing public key to your 49 keystore][gentoo-signatures]. One way to do that is by [asking a 50 keyserver][recv-keys]: 51 52 ``` 53 $ gpg --keyserver pool.sks-keyservers.net --recv-keys 2D182910 54 ``` 55 56 [Gentoo]: https://www.gentoo.org/ 57 [gentoo-signatures]: https://www.gentoo.org/downloads/signatures/ 58 [recv-keys]: https://www.gnupg.org/documentation/manuals/gnupg/Operational-GPG-Commands.html 59 [releases]: http://distfiles.gentoo.org/releases/ 60 [stage3-amd64]: http://distfiles.gentoo.org/releases/amd64/autobuilds/