Improve immutability and snapshots, blend-settings; Revamp blend

init-blend

@@ -21,6 +21,8 @@ if [ ! -f '/run/.containerenv' ]; then
     exit 1
 fi
 
+shopt -s extglob
+
 while true; do
     case $1 in
         --uid)
@@ -74,6 +76,11 @@ cat << 'EOF'
  ░          ░  ░   ░  ░         ░    ░    
       ░                            ░      
 
+===================
+      Credits
+===================
+
+* NVIDIA driver support - Luca Di Maio (from Distrobox)
 EOF
 
 echo
@@ -85,7 +92,7 @@ bmount() {
     ! [[ -e "$2" ]] && findmnt "$2" &>/dev/null && umount "$2" # unmount target dir if a mount
 
     [[ -d "$1" ]] && mkdir -p "$2" # create target dir if source is a dir
-    [[ -f "$1" ]] && touch "$2" # create target file if source is a file
+    [[ -f "$1" ]] && mkdir -p "$(dirname "$2")"; touch "$2" # create target file if source is a file
 
     mountflags="rslave"
 
@@ -104,10 +111,12 @@ if command -v apt-get &>/dev/null; then
                                                 diffutils findutils gnupg2 sudo time util-linux libnss-myhostname \
                                                 libvte-2.9[0-9]-common libvte-common lsof ncurses-base passwd \
                                                 pinentry-curses libegl1-mesa libgl1-mesa-glx libvulkan1 mesa-vulkan-drivers &>/dev/null
+
 elif command -v pacman &>/dev/null; then
     pacman --noconfirm -Syyu &>/dev/null
     pacman --noconfirm -Sy bash bc curl wget diffutils findutils gnupg sudo time util-linux vte-common lsof ncurses pinentry \
-                             mesa opengl-driver vulkan-intel vulkan-radeon &>/dev/null
+                             mesa opengl-driver vulkan-intel vulkan-radeon base-devel git &>/dev/null
+
 elif command -v dnf &>/dev/null; then
     dnf install -y --allowerasing bash bc curl wget diffutils findutils dnf-plugins-core gnupg2 less lsof passwd pinentry \
                                     procps-ng vte-profile ncurses util-linux sudo time shadow-utils vulkan mesa-vulkan-drivers \
@@ -173,6 +182,62 @@ bmount "/usr/bin/host-blend" "/usr/bin/blend" ro
 
 if [[ ! -f '/.init_blend.lock' ]]; then
 
+#######################################################################
+
+# NVIDIA driver integration. This is straight from https://github.com/89luca89/distrobox/blob/main/distrobox-init#L816,
+# entirely thanks to an effort by Luca Di Maio, save for a few tweaks for init-blend. Thanks, in case you're reading this!
+
+NVIDIA_FILES="$(find /run/host/usr/ \
+    -path "/run/host/usr/share/doc*" -prune -o \
+    -path "/run/host/usr/src*" -prune -o \
+    -path "/run/host/usr/lib*/modules*" -prune -o \
+    -path "/run/host/usr/share/man*" -prune -o \
+    -path "/run/host/usr/lib*" -prune -o \
+    -type f -iname "*nvidia*" -print 2</dev/null || :)"
+for nvidia_file in ${NVIDIA_FILES}; do
+    dest_file="$(printf "%s" "${nvidia_file}" | sed 's|/run/host||g')"
+    bmount "${nvidia_file}" "${dest_file}" ro
+done
+
+# Then we find all the ".so" libraries, there are searched separately
+# because we need to extract the relative path to mount them in the
+# correct path based on the guest's setup
+NVIDIA_LIBS="$(find /run/host/usr/lib* \
+    -iname "*nvidia*.so*" \
+    -o -iname "libcuda*.so*" \
+    -o -iname "libnvcuvid*.so*" \
+    -o -iname "libnvoptix*.so*" ||
+    :)"
+for nvidia_lib in ${NVIDIA_LIBS}; do
+    dest_file="$(printf "%s" "${nvidia_lib}" |
+        sed 's|/run/host/usr/lib/x86_64-linux-gnu/||g' |
+        sed 's|/run/host/usr/lib64/||g' |
+        sed 's|/run/host/usr/lib/||g')"
+
+    # In the guest we need to adjust the destination path, so if we're on
+    # debian based containers, we need to target /usr/lib/x86_64-linux-gnu/
+    if [ -e "/usr/lib/x86_64-linux-gnu/" ]; then
+        bmount "${nvidia_lib}" "/usr/lib/x86_64-linux-gnu/${dest_file}" ro
+        # /usr/lib64 is common in rpm based distros
+    elif [ -e "/usr/lib64" ]; then
+        bmount "${nvidia_lib}" "/usr/lib64/${dest_file}" ro
+        # fallback to /usr/lib if none of the previous
+    else
+        bmount "${nvidia_lib}" "/usr/lib/${dest_file}" ro
+    fi
+done
+
+# Refresh ldconfig cache, also detect if there are empty files remaining
+# and clean them.
+# This could happen when upgrading drivers and changing versions.
+empty_libs="$(ldconfig 2>&1 | grep -Eo "File.*is empty" | cut -d' ' -f2)"
+if [ -n "${empty_libs}" ]; then
+    # shellcheck disable=SC2086
+    rm -f ${empty_libs}
+fi
+
+#######################################################################
+
 ### Section START (based on https://github.com/89luca89/distrobox/blob/main/distrobox-init#L816)
 
 if [ -d "/usr/lib/rpm/" ]; then
@@ -210,7 +275,7 @@ elif [ -d "/usr/share/libalpm/scripts" ]; then
 
     chmod 755 /usr/share/libalpm/scripts/*blend*.sh
 
-    for p in 00_blend_pre_hook 01_blend_post_hook.sh 02_blend_post_hook; do
+    for p in 00_blend_pre_hook 01_blend_post_hook 02_blend_post_hook; do
         when=PostTransaction
 
         [[ -z "${p##*pre*}" ]] && when=PreTransaction
@@ -242,9 +307,20 @@ if ! grep -q "^${_uname}:" /etc/group; then
 fi
 useradd --uid "$_cuid" --gid "$_cgid" --shell "/bin/bash" --no-create-home --home "$_uhome" "$_uname" &>/dev/null
 
+chown root /etc/sudo.conf
+chown root /usr/bin/sudo
+chmod 4755 /usr/bin/sudo
+
 fi
 
-touch /.init_blend.lock
+if [[ ! -f '/.init_blend.lock' ]] && command -v pacman &>/dev/null; then
+    cd /; git clone https://aur.archlinux.org/yay.git &>/dev/null; cd yay
+    chown -R "$_uname" . &>/log
+    sudo -u "$_uname" makepkg --noconfirm -si &>/dev/null
+    cd /; rm -rf yay
+
+    touch /.init_blend.lock
+fi
 
 echo
 echo "Completed container setup."