🧹 chore: ! unstable sddm settings

🐛 fix: set to to our theme
🐛 fix: remove default mirror system
2025-09-06 04:35:15 +02:00 · 2025-01-11 23:33:05 +05:30 · 2025-01-11 23:23:14 +05:30 · 2025-01-11 23:18:51 +05:30 · 2025-01-11 23:13:28 +05:30 · 2025-01-11 23:11:04 +05:30
6 changed files with 254 additions and 82 deletions
--- a/archiso/airootfs/etc/sddm.conf.d/default.conf
+++ b/archiso/airootfs/etc/sddm.conf.d/default.conf
@@ -0,0 +1,139 @@
 [Autologin]
 # Whether sddm should automatically log back into sessions when they exit
 Relogin=false
 # Name of session file for autologin session (if empty try last logged in)
 Session=cinnamon
 # Username for autologin session
 User=whoami
 [General]
 # Which display server should be used.
 # Valid values are: x11, x11-user, wayland. Wayland support is experimental
 DisplayServer=x11
 # Comma-separated list of environment variables to be set
 GreeterEnvironment=
 # Halt command
 HaltCommand=/usr/bin/systemctl poweroff
 # Input method module
 InputMethod=
 # Comma-separated list of Linux namespaces for user session to enter
 Namespaces=
 # Initial NumLock state. Can be on, off or none.
 # If property is set to none, numlock won't be changed
 # NOTE: Currently ignored if autologin is enabled.
 Numlock=none
 # Reboot command
 RebootCommand=/usr/bin/systemctl reboot
 [Theme]
 # Current theme name
 Current=
 # Cursor size used in the greeter
 CursorSize=
 # Cursor theme used in the greeter
 CursorTheme=
 # Number of users to use as threshold
 # above which avatars are disabled
 # unless explicitly enabled with EnableAvatars
 DisableAvatarsThreshold=7
 # Enable display of custom user avatars
 EnableAvatars=true
 # Global directory for user avatars
 # The files should be named <username>.face.icon
 FacesDir=/usr/share/sddm/faces
 # Font used in the greeter
 Font=
 # Theme directory path
 ThemeDir=/usr/share/sddm/themes
 [Users]
 # Default $PATH for logged in users
 DefaultPath=/usr/local/sbin:/usr/local/bin:/usr/bin
 # Comma-separated list of shells.
 # Users with these shells as their default won't be listed
 HideShells=
 # Comma-separated list of users that should not be listed
 HideUsers=
 # Maximum user id for displayed users
 MaximumUid=60513
 # Minimum user id for displayed users
 MinimumUid=1000
 # Remember the session of the last successfully logged in user
 RememberLastSession=true
 # Remember the last successfully logged in user
 RememberLastUser=true
 # When logging in as the same user twice, restore the original session, rather than create a new one
 ReuseSession=true
 [Wayland]
 # Path of the Wayland compositor to execute when starting the greeter
 CompositorCommand=weston --shell=kiosk
 # Enable Qt's automatic high-DPI scaling
 EnableHiDPI=true
 # Path to a script to execute when starting the desktop session
 SessionCommand=/usr/share/sddm/scripts/wayland-session
 # Comma-separated list of directories containing available Wayland sessions
 SessionDir=/usr/local/share/wayland-sessions,/usr/share/wayland-sessions
 # Path to the user session log file
 SessionLogFile=.local/share/sddm/wayland-session.log
 [X11]
 # Path to a script to execute when starting the display server
 DisplayCommand=/usr/share/sddm/scripts/Xsetup
 # Path to a script to execute when stopping the display server
 DisplayStopCommand=/usr/share/sddm/scripts/Xstop
 # Enable Qt's automatic high-DPI scaling
 EnableHiDPI=true
 # Arguments passed to the X server invocation
 ServerArguments=-nolisten tcp
 # Path to X server binary
 ServerPath=/usr/bin/X
 # Path to a script to execute when starting the desktop session
 SessionCommand=/usr/share/sddm/scripts/Xsession
 # Comma-separated list of directories containing available X sessions
 SessionDir=/usr/local/share/xsessions,/usr/share/xsessions
 # Path to the user session log file
 SessionLogFile=.local/share/sddm/xorg-session.log
 # Path to Xephyr binary
 XephyrPath=/usr/bin/Xephyr
--- a/archiso/airootfs/etc/sddm.conf.d/kde_settings.conf
+++ b/archiso/airootfs/etc/sddm.conf.d/kde_settings.conf
@@ -8,7 +8,7 @@ HaltCommand=/usr/bin/systemctl poweroff
 RebootCommand=/usr/bin/systemctl reboot
 [Theme]
-Current=Layan
+Current=snigdhaos-sugar-candy
 [Users]
 MaximumUid=60513
--- a/archiso/airootfs/etc/xdg/reflector/reflector.conf
+++ b/archiso/airootfs/etc/xdg/reflector/reflector.conf
@@ -1,8 +0,0 @@
 # Reflector configuration file for the systemd service.
 --save /etc/pacman.d/mirrorlist
 --ipv4
 --ipv6
 --protocol https
 --latest 20
 --sort rate
--- a/archiso/grub/grub.cfg
+++ b/archiso/grub/grub.cfg
@@ -8,15 +8,15 @@ insmod ntfscomp
 insmod exfat
 insmod udf
-# Use graphics-mode output
+# Use graphics-mode output if the font can be loaded
-if loadfont "${prefix}/fonts/unicode.pf2" ; then
+if loadfont "${prefix}/fonts/unicode.pf2"; then
    insmod all_video
    set gfxmode="auto"
    terminal_input console
    terminal_output console
 fi
-# Enable serial console
+# Enable serial console if available
 insmod serial
 insmod usbserial_common
 insmod usbserial_ftdi
@@ -27,16 +27,18 @@ if serial --unit=0 --speed=115200; then
    terminal_output --append serial
 fi
-# Search for the ISO volume
+# Search for the ISO volume if UUID is not already set
 if [ -z "${ARCHISO_UUID}" ]; then
    # Try to extract ARCHISO_HINT if not already set
    if [ -z "${ARCHISO_HINT}" ]; then
        regexp --set=1:ARCHISO_HINT '^\(([^)]+)\)' "${cmdpath}"
    fi
    # Search for the ISO file and get the UUID
    search --no-floppy --set=root --file '%ARCHISO_SEARCH_FILENAME%' --hint "${ARCHISO_HINT}"
    probe --set ARCHISO_UUID --fs-uuid "${root}"
 fi
-# Get a human readable platform identifier
+# Determine platform identifier (UEFI or BIOS)
 if [ "${grub_platform}" == 'efi' ]; then
    archiso_platform='UEFI'
    if [ "${grub_cpu}" == 'x86_64' ]; then
@@ -52,32 +54,35 @@ else
    archiso_platform="${grub_cpu} ${grub_platform}"
 fi
-# Set default menu entry
+# Set default menu entry and timeout
 default=snigdhaos
 timeout=15
 timeout_style=menu
 # Menu entries for different installation modes
-# Menu entries
+# SNIGDHA OS LTS install (open source driver)
 menuentry "SNIGDHA OS LTS install medium (%ARCH%, ${archiso_platform}, open source)" --class arch --class gnu-linux --class gnu --class os --id 'snigdhaos' {
    set gfxpayload=keep
    linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux-lts archisobasedir=%INSTALL_DIR% archisodevice=UUID=${ARCHISO_UUID} cow_spacesize=4G copytoram=n driver=free module_blacklist=nvidia,nvidea_modeset,nvidia_uvm,nvidia_drm,pcspkr nouveau.modeset=1 radeon.modeset=1 i915.modeset=1 nvme_load=yes
    initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux-lts.img
 }
 # SNIGDHA OS LTS install (NVIDIA driver)
 menuentry "SNIGDHA OS LTS install medium (%ARCH%, ${archiso_platform}, NVIDIA)" --hotkey s --class arch --class gnu-linux --class gnu --class os --id 'snigdhaosnv' {
    set gfxpayload=keep
    linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux-lts archisobasedir=%INSTALL_DIR% archisodevice=UUID=${ARCHISO_UUID} cow_spacesize=4G copytoram=n driver=nonfree nvidia nvidia-drm.modeset=1 nouveau.modeset=0 radeon.modeset=1 i915.modeset=1 module_blacklist=pcspkr nvme_load=yes
    initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux-lts.img
 }
 # SNIGDHA OS LTS install (safe graphics, nomodeset)
 menuentry "SNIGDHA OS LTS install medium (%ARCH%, ${archiso_platform}, safe graphics, nomodeset)" --class arch --class gnu-linux --class gnu --class os --id 'snigdhaosnm' {
    set gfxpayload=keep
    linux /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux-lts archisobasedir=%INSTALL_DIR% archisodevice=UUID=${ARCHISO_UUID} cow_spacesize=4G copytoram=n driver=free nomodeset module_blacklist=nvidia,nvidea_modeset,nvidia_uvm,nvidia_drm,pcspkr nouveau.modeset=0 radeon.modeset=0 i915.modeset=0 nvme_load=yes
    initrd /%INSTALL_DIR%/boot/intel-ucode.img /%INSTALL_DIR%/boot/amd-ucode.img /%INSTALL_DIR%/boot/%ARCH%/initramfs-linux-lts.img
 }
 # Run Memtest86+ if available
 if [ "${grub_platform}" == 'efi' -a "${grub_cpu}" == 'x86_64' -a -f '/boot/memtest86+/memtest.efi' ]; then
    menuentry 'Run Memtest86+ (RAM test)' --class memtest86 --class memtest --class gnu --class tool {
        set gfxpayload=800x600,1024x768
@@ -90,6 +95,8 @@ if [ "${grub_platform}" == 'pc' -a -f '/boot/memtest86+/memtest' ]; then
        linux /boot/memtest86+/memtest
    }
 fi
 # UEFI Shell entry if supported
 if [ "${grub_platform}" == 'efi' ]; then
    if [ "${grub_cpu}" == 'x86_64' -a -f '/shellx64.efi' ]; then
        menuentry 'UEFI Shell' --class efi {
@@ -101,11 +108,13 @@ if [ "${grub_platform}" == 'efi' ]; then
        }
    fi
    # UEFI Firmware Settings
    menuentry 'UEFI Firmware Settings' --id 'uefi-firmware' {
        fwsetup
    }
 fi
 # System reboot and shutdown options
 menuentry "System restart" --class reboot --class restart {
    echo "System rebooting..."
    reboot
@@ -114,4 +123,4 @@ menuentry "System restart" --class reboot --class restart {
 menuentry "System shutdown" --class shutdown --class poweroff {
    echo "System shutting down..."
    halt
-}
+}
--- a/archiso/pacman.conf
+++ b/archiso/pacman.conf
@@ -7,103 +7,88 @@
 # GENERAL OPTIONS
 #
 [options]
-# The following paths are commented out with their default values listed.
+# Default paths - uncomment and update if you want to change the paths.
 # If you wish to use different paths, uncomment and update the paths.
 #RootDir     = /
 #DBPath      = /var/lib/pacman/
 #CacheDir    = /var/cache/pacman/pkg/
 #LogFile     = /var/log/pacman.log
 #GPGDir      = /etc/pacman.d/gnupg/
 #HookDir     = /etc/pacman.d/hooks/
 HoldPkg     = pacman glibc
 #XferCommand = /usr/bin/curl -L -C - -f -o %o %u
 #XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
 #CleanMethod = KeepInstalled
 Architecture = auto
 # Package upgrade exclusions
 # Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
 #IgnorePkg   =
 #IgnoreGroup =
 #NoUpgrade   =
 #NoExtract   =
 # Misc options
-#UseSyslog
+CheckSpace            # Ensure there's enough space during installs
 ParallelDownloads = 5  # Allows pacman to download up to 5 packages simultaneously
 DownloadUser = alpm   # Download user for better permissions handling
 ILoveCandy            # Enable pacman’s "candy" feature for a better UI
 # Color and progress bar (uncomment if you prefer)
 #Color
 #NoProgressBar
-CheckSpace
+
-#VerbosePkgLists
+# Package signature verification
-ParallelDownloads = 5
+SigLevel    = Required DatabaseOptional  # Ensure all packages are signed
-DownloadUser = alpm
+LocalFileSigLevel = Optional              # Allow local files with optional signature verification
 #RemoteFileSigLevel = Required           # Uncomment to enforce signature verification for remote files
 # Disable sandbox (if necessary for advanced configurations)
 #DisableSandbox
 ILoveCandy
 # By default, pacman accepts packages signed by keys that its local keyring
 # trusts (see pacman-key and its man page), as well as unsigned packages.
-SigLevel    = Required DatabaseOptional
+# Ensure to run `pacman-key --init` before first using pacman.
 LocalFileSigLevel = Optional
 #RemoteFileSigLevel = Required
 # NOTE: You must run `pacman-key --init` before first using pacman; the local
 # keyring can then be populated with the keys of all official Arch Linux
 # packagers with `pacman-key --populate archlinux`.
 #
 # REPOSITORIES
-#   - can be defined here or included from another file
+#   - Repositories are listed in order. Pacman will use the first available repository.
-#   - pacman will search repositories in the order defined here
+#   - Custom mirrors can be added here or in separate files.
-#   - local/custom mirrors can be added here or in separate files
+#   - Use `Include` to include a list of mirrors.
 #   - repositories listed first will take precedence when packages
 #     have identical names, regardless of version number
 #   - URLs will have $repo replaced by the name of the current repo
 #   - URLs will have $arch replaced by the name of the architecture
 #
 # Repository entries are of the format:
 #       [repo-name]
 #       Server = ServerName
 #       Include = IncludePath
 #
 # The header [repo-name] is crucial - it must be present and
 # uncommented to enable the repo.
 #
 # The testing repositories are disabled by default. To enable, uncomment the
 # repo name header and Include lines. You can add preferred servers immediately
 # after the header, and they will be used before the default mirrors.
 # Official Arch repositories
 [core-testing]
 Include = /etc/pacman.d/mirrorlist
 [core]
 Include = /etc/pacman.d/mirrorlist
 [snigdhaos-core]
 Include = /etc/pacman.d/snigdhaos-mirrorlist
 [extra-testing]
 Include = /etc/pacman.d/mirrorlist
 [extra]
 Include = /etc/pacman.d/mirrorlist
 # Snigdha OS custom repositories
 [snigdhaos-core]
 Include = /etc/pacman.d/snigdhaos-mirrorlist
 [snigdhaos-extra]
 Include = /etc/pacman.d/snigdhaos-mirrorlist
-# If you want to run 32 bit applications on your x86_64 system,
+# Multilib repositories for 32-bit compatibility on x86_64 systems
 # enable the multilib repositories as required here.
 [multilib-testing]
 Include = /etc/pacman.d/mirrorlist
 [multilib]
 Include = /etc/pacman.d/mirrorlist
-# An example of a custom package repository.  See the pacman manpage for
+# Chaotic AUR repository for additional packages
-# tips on creating your own repositories.
+[chaotic-aur]
 Include = /etc/pacman.d/chaotic-mirrorlist
 # Custom repositories (uncomment and configure if needed)
 #[custom]
 #SigLevel = Optional TrustAll
 #Server = file:///home/custompkgs
 [chaotic-aur]
 Include = /etc/pacman.d/chaotic-mirrorlist
--- a/archiso/profiledef.sh
+++ b/archiso/profiledef.sh
@@ -1,29 +1,76 @@
 #!/usr/bin/env bash
 # shellcheck disable=SC2034
 # ISO Information
 iso_name="snigdhaos"
 iso_label="SNIGDHA_OS_$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y%m)"
 iso_publisher="Snigdha OS <https://snigdhaos.org>"
 iso_application="Snigdha OS Live/Rescue DVD"
-iso_version="$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y.%m.%d)"
+
 # Date Formatting for ISO Version and Label
 iso_version=$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y.%m.%d)
 iso_label="SNIGDHA_OS_${iso_version//./}"  # Removing dots from version to create label
 # Install Directory and Boot Modes
 install_dir="snigdhaos"
 buildmodes=('iso')
 bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito'
           'uefi-ia32.systemd-boot.esp' 'uefi-x64.systemd-boot.esp'
           'uefi-ia32.systemd-boot.eltorito' 'uefi-x64.systemd-boot.eltorito')
 arch="x86_64"
 # Boot Modes Supported (BIOS & UEFI)
 bootmodes=(
  'bios.syslinux.mbr' 
  'bios.syslinux.eltorito'
  'uefi-ia32.systemd-boot.esp' 
  'uefi-x64.systemd-boot.esp'
  'uefi-ia32.systemd-boot.eltorito' 
  'uefi-x64.systemd-boot.eltorito'
 )
 # Build Modes
 buildmodes=('iso')
 # Configuration Files
 pacman_conf="pacman.conf"
 airootfs_image_type="squashfs"
-airootfs_image_tool_options=('-comp' 'xz' '-Xbcj' 'x86' '-b' '1M' '-Xdict-size' '1M')
+
-bootstrap_tarball_compression=('zstd' '-c' '-T0' '--auto-threads=logical' '--long' '-19')
+# Options for Compression and Image Creation
-file_permissions=(
+airootfs_image_tool_options=(
-  ["/etc/gshadow"]="0:0:600"
+  '-comp' 'xz' 
-  ["/etc/shadow"]="0:0:400"
+  '-Xbcj' 'x86' 
-  ["/root"]="0:0:700"
+  '-b' '1M' 
-  ["/root/.automated_script.sh"]="0:0:755"
+  '-Xdict-size' '1M'
  ["/etc/polkit-1/rules.d"]="0:0:750"
  ["/etc/sudoers.d"]="0:0:750"
  ["/etc/grub.d/40_custom"]="0:0:755"
  ["/usr/local/bin/snigdhaos-snapper"]="0:0:755"
  ["/etc/NetworkManager/dispatcher.d/09-timezone"]="0:0:755"
 )
 bootstrap_tarball_compression=(
  'zstd' 
  '-c' 
  '-T0' 
  '--auto-threads=logical' 
  '--long' 
  '-19'
 )
 # File Permissions Configuration
 # Define secure permissions for system files and directories
 file_permissions=(
  # System files (shadow, gshadow, etc.) - Sensitive data
  ["/etc/gshadow"]="0:0:600"     # Root-only readable, no writing allowed
  ["/etc/shadow"]="0:0:400"       # Root-only readable, no writing allowed
  # Root's home directory (should be private)
  ["/root"]="0:0:700"             # Full access for root only
  # Automated script (ensure it is executable by root)
  ["/root/.automated_script.sh"]="0:0:755"  # Readable and executable by root
  # Polkit rules and sudoers.d (restrict access to administrators)
  ["/etc/polkit-1/rules.d"]="0:0:750"        # Admin access only
  ["/etc/sudoers.d"]="0:0:750"               # Admin access only
  # Grub and snapper tools (ensuring appropriate user access)
  ["/etc/grub.d/40_custom"]="0:0:755"        # Executable for all users
  ["/usr/local/bin/snigdhaos-snapper"]="0:0:755" # Executable for all users
  # NetworkManager dispatcher script (ensure root access)
  ["/etc/NetworkManager/dispatcher.d/09-timezone"]="0:0:755" # Executable by root
 )
 # Ensure proper configurations for system security and compression
Author	SHA1	Message	Date
eshanized	d80d528549	🧹 chore: ! unstable sddm settings	2025-01-11 23:33:05 +05:30
eshanized	48f8500540	🐛 fix: set to to our theme	2025-01-11 23:23:14 +05:30
eshanized	34b4712758	🐛 fix: remove default mirror system	2025-01-11 23:18:51 +05:30
eshanized	1303d6d27d	🧹 chore: remove default [1yr ago]	2025-01-11 23:13:28 +05:30
eshanized	8f30e08b44	🧹 chore: upgrade and check space option	2025-01-11 23:11:04 +05:30
eshanized	1cc1451943	🧹 chore: simplified && remove redundancy	2025-01-11 23:08:58 +05:30