tawasuyu/brahman
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(arje): reemplaza systemd en máquina real con coexistencia GRUB

Browse Source 
Flujo seguro de adopción: arje se instala como entrada GRUB
alternativa, no toca systemd ni /sbin/init. Booteás arje cuando
querés, volvés a systemd si rompe (rollback instantáneo desde el
menú).

Artefactos nuevos:

- scripts/install-arje-as-init.sh: instala binarios musl-static a
  /usr/sbin/ y /usr/bin/, copia seed a /ente/seed.card.json, agrega
  menuentry "arje" a /etc/grub.d/40_custom usando init=/sbin/ente-zero
  con kernel + initrd nativos. NO cambia GRUB_DEFAULT. Idempotente
  (regenera el bloque ARJE-MENUENTRY si existe).

- scripts/uninstall-arje.sh: revierte binarios + menuentry. Conserva
  /ente/seed.card.json por si la editaste.

- seeds/arje-host.card.json: seed para máquina real con 15 cards:
  tmpfiles + mount-fstab + swap-on + dbus-system + 11 compat shims +
  dhcpcd + sshd + agetty. Validada.

- docs/arje-replace-systemd.md: filosofía vs systemd ("no acapara
  porque no genera, sólo arranca lo declarado"), lista exhaustiva de
  servicios systemd que NO deben migrarse (ModemManager, snapd, cups,
  unattended-upgrades, etc.), tabla diferencial de UX vs systemd
  (systemctl restart → kill PID, systemctl enable → editar seed),
  checklist pre-primer-boot, instrucciones de rollback y cómo hacer
  arje default sólo cuando estés seguro.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
sergio
2026-05-18 20:01:12 +00:00
parent e4b1d41b62
commit ca5dd04176
4 changed files with 693 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
seeds/arje-host.card.json
+249
View File
@@ -0,0 +1,249 @@
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0M0",
"lineage": null,
"label": "arje.seed.host",
"provides": ["Spawn", "Journal"],
"requires": [],
"permissions": {
"networking": "full",
"filesystem": "read-write",
"ipc": { "allow": ["wit-v1", "dbus-v1"] },
"processes": true
},
"soma": {
"namespaces": { "mount": false, "pid": false, "net": false, "uts": false, "ipc": false, "user": false, "cgroup": false },
"rlimits": { "mem_bytes": null, "nproc": null, "nofile": null },
"cgroup": { "path": "ente.slice/zero", "cpu_weight": null, "io_weight": null },
"cpu_affinity": null
},
"payload": "Virtual",
"supervision": "OneShot",
"lifecycle": "daemon",
"priority": "critical",
"flow": { "input": [], "output": [] },
"genesis": [
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0T1",
"label": "tmpfiles-boot",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-tmpfiles-compat", "argv": ["--boot"], "envp": [] } },
"supervision": "OneShot", "lifecycle": "oneshot", "priority": "critical",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0F1",
"label": "mount-fstab",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/boot","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/bin/mount", "argv": ["-a"], "envp": [] } },
"supervision": "OneShot", "lifecycle": "oneshot", "priority": "critical",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0S1",
"label": "swap-on",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/boot","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/sbin/swapon", "argv": ["-a"], "envp": [] } },
"supervision": "OneShot", "lifecycle": "oneshot", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0DB",
"label": "dbus-system",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/bus","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/bin/dbus-daemon", "argv": ["--system", "--nofork"], "envp": [] } },
"supervision": { "Restart": { "initial": 200, "max": 30000 } },
"lifecycle": "daemon", "priority": "critical",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0H1",
"label": "compat-hostnamed",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-hostnamed-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0T2",
"label": "compat-timedated",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-timedated-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0J1",
"label": "compat-journald",
"provides": ["Journal"], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-journald-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0Y1",
"label": "compat-logind",
"provides": ["LegacyLogind"], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-logind-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0R1",
"label": "compat-resolved",
"provides": [], "requires": [],
"permissions": { "networking": "outbound", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-resolved-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0P1",
"label": "compat-polkit",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-only", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-polkit-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0PP",
"label": "policy-provider",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-only", "ipc": { "allow": ["wit-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-policy-provider", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "normal",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0SY",
"label": "compat-systemd1",
"provides": [], "requires": [],
"permissions": { "networking": "loopback", "filesystem": "read-write", "ipc": { "allow": ["dbus-v1"] }, "processes": false },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/compat","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/ente-systemd1-compat", "argv": [], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0NW",
"label": "network-dhcpcd",
"provides": [], "requires": [],
"permissions": { "networking": "full", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/net","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/dhcpcd", "argv": ["-B"], "envp": [] } },
"supervision": { "Restart": { "initial": 500, "max": 60000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0SS",
"label": "sshd",
"provides": [], "requires": [],
"permissions": { "networking": "full", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/ssh","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/usr/sbin/sshd", "argv": ["-D"], "envp": [] } },
"supervision": { "Restart": { "initial": 200, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
},
{
"schema_version": 1,
"id": "01J8YVKZH0M0M0M0M0M0M0M0G1",
"label": "getty-tty1",
"provides": [], "requires": [],
"permissions": { "networking": "none", "filesystem": "read-write", "ipc": { "allow": [] }, "processes": true },
"soma": { "namespaces": {"mount":false,"pid":false,"net":false,"uts":false,"ipc":false,"user":false,"cgroup":false},
"rlimits": {"mem_bytes":null,"nproc":null,"nofile":null},
"cgroup": {"path":"ente.slice/getty","cpu_weight":null,"io_weight":null},
"cpu_affinity": null },
"payload": { "Native": { "exec": "/sbin/agetty", "argv": ["--noclear", "tty1", "linux"], "envp": [] } },
"supervision": { "Restart": { "initial": 100, "max": 30000 } },
"lifecycle": "daemon", "priority": "high",
"flow": { "input": [], "output": [] }, "genesis": []
}
]
}