From b887130d44f27838e710284e17e4f028b5141409 Mon Sep 17 00:00:00 2001 From: Simon Quigley Date: Tue, 30 Apr 2024 15:37:47 -0500 Subject: [PATCH] Sync with the archive --- debian/changelog | 33 ++++++++-- debian/patches/active-directory.patch | 77 +++++++++++----------- debian/patches/grub-debconf-config.patch | 82 ++++++++++++++++++++++++ debian/patches/series | 3 +- 4 files changed, 154 insertions(+), 41 deletions(-) create mode 100644 debian/patches/grub-debconf-config.patch diff --git a/debian/changelog b/debian/changelog index 1846c77..d9f87e6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,34 @@ -calamares (3.3.4-0ubuntu2~1) noble; urgency=medium +calamares (3.3.5-0ubuntu4) noble; urgency=medium - * Add Active Directory support. - * needs one more bugfix iteration + * Populate grub-{efi,pc}/install_devices debconf config (LP: #2063354). - -- Simon Quigley Thu, 29 Feb 2024 17:28:08 -0600 + -- Simon Quigley Wed, 24 Apr 2024 15:28:29 -0500 + +calamares (3.3.5-0ubuntu3) noble; urgency=medium + + * No-change rebuild for CVE-2024-3094 + + -- Steve Langasek Sun, 31 Mar 2024 08:44:36 +0000 + +calamares (3.3.5-0ubuntu2) noble; urgency=medium + + * No-change rebuild against libqt5core5t64 + + -- Steve Langasek Fri, 15 Mar 2024 04:00:12 +0000 + +calamares (3.3.5-0ubuntu1) noble; urgency=medium + + * New upstream release. + * Fully finish Active Directory prototype, leave the patch commented out for + now. + + -- Simon Quigley Thu, 07 Mar 2024 15:32:51 -0600 + +calamares (3.3.4-0ubuntu2) noble; urgency=medium + + * No-change rebuild for python3.12 t64. + + -- Matthias Klose Sat, 02 Mar 2024 21:08:26 +0100 calamares (3.3.4-0ubuntu1) noble; urgency=medium diff --git a/debian/patches/active-directory.patch b/debian/patches/active-directory.patch index 23496d3..689ec63 100644 --- a/debian/patches/active-directory.patch +++ b/debian/patches/active-directory.patch @@ -54,15 +54,15 @@ + m_activeDirectoryIP = s; +} + -+const QStringList& ++QStringList& +Config::getActiveDirectory() const +{ -+ QStringList activeDirectory; -+ activeDirectory << m_activeDirectoryUsername -+ << m_activeDirectoryPassword -+ << m_activeDirectoryDomain -+ << m_activeDirectoryIP; -+ return activeDirectory; ++ m_activeDirectorySettings.clear(); ++ m_activeDirectorySettings << m_activeDirectoryUsername ++ << m_activeDirectoryPassword ++ << m_activeDirectoryDomain ++ << m_activeDirectoryIP; ++ return m_activeDirectorySettings; +} + QString @@ -99,7 +99,7 @@ + /// Is it both enabled and activated? + bool getActiveDirectoryUsed() const; + /// Config for Active Directory -+ const QStringList& getActiveDirectory() const; ++ QStringList& getActiveDirectory() const; const QList< GroupDescription >& defaultGroups() const { return m_defaultGroups; } /** @brief the names of all the groups for the current user @@ -116,10 +116,11 @@ signals: void userShellChanged( const QString& ); void autoLoginGroupChanged( const QString& ); -@@ -343,6 +355,13 @@ private: +@@ -343,6 +355,14 @@ private: bool m_isReady = false; ///< Used to reduce readyChanged signals ++ mutable QStringList m_activeDirectorySettings; + bool m_activeDirectory = false; + bool m_activeDirectoryUsed = false; + QString m_activeDirectoryUsername; @@ -290,7 +291,7 @@ onReuseUserPasswordChanged( m_config->reuseUserPasswordForRoot() ); --- /dev/null +++ b/src/modules/users/ActiveDirectoryJob.cpp -@@ -0,0 +1,87 @@ +@@ -0,0 +1,91 @@ +/* === This file is part of Calamares - === + * + * SPDX-FileCopyrightText: 2024 Simon Quigley @@ -314,7 +315,7 @@ +#include +#include + -+ActiveDirectoryJob::ActiveDirectoryJob(const QStringList& activeDirectoryInfo) ++ActiveDirectoryJob::ActiveDirectoryJob(QStringList& activeDirectoryInfo) + : Calamares::Job() + , m_activeDirectoryInfo(activeDirectoryInfo) +{ @@ -341,41 +342,45 @@ +Calamares::JobResult +ActiveDirectoryJob::exec() +{ -+ const QStringList& adInfo = m_activeDirectoryInfo; ++ QString username = m_activeDirectoryInfo.value(0); ++ QString password = m_activeDirectoryInfo.value(1); ++ QString domain = m_activeDirectoryInfo.value(2); ++ QString ip = m_activeDirectoryInfo.value(3); + -+ QString username = adInfo.value(0); -+ QString password = adInfo.value(1); -+ QString domain = adInfo.value(2); -+ //QString ip = adInfo.value(3); -+ -+ QStringList args; -+ args << "join" << "--user" << username << "--verbose" << domain; -+ -+ QDir destDir; + Calamares::GlobalStorage* gs = Calamares::JobQueue::instance()->globalStorage(); -+ QString rootMountPoint = gs->value("rootMountPoint").toString(); -+ destDir = QDir(rootMountPoint); ++ QString rootMountPoint = gs ? gs->value("rootMountPoint").toString() : QString(); ++ ++ if (!ip.isEmpty()) { ++ QString hostsFilePath = !rootMountPoint.isEmpty() ? rootMountPoint + "/etc/hosts" : "/etc/hosts"; ++ QFile hostsFile(hostsFilePath); ++ if (hostsFile.open(QIODevice::Append | QIODevice::Text)) { ++ QTextStream out(&hostsFile); ++ out << ip << " " << domain << "\n"; ++ hostsFile.close(); ++ } else { ++ return Calamares::JobResult::error("Failed to open /etc/hosts for writing."); ++ } ++ } + -+ QString command = "chroot " + destDir.path() + " realm " + args.join(" "); ++ QString installPath = !rootMountPoint.isEmpty() ? rootMountPoint : "/"; ++ QStringList args = {"join", domain, "-U", username, "--install=" + installPath, "--verbose"}; + + QProcess process; -+ process.setStandardInputFile("/dev/stdin"); -+ process.start(command, QStringList(), QIODevice::WriteOnly); ++ process.start("realm", args); ++ process.waitForStarted(); + -+ // Write the password to the standard input of the process -+ process.write((password + "\n").toUtf8()); -+ process.write("\n"); // Ensure a newline after the password -+ process.write("\n"); // Ensure an extra newline to confirm the end of the input -+ process.closeWriteChannel(); // Close the write channel to indicate end of input ++ if (!password.isEmpty()) { ++ process.write((password + "\n").toUtf8()); ++ process.closeWriteChannel(); ++ } + -+ // Wait for the process to finish + process.waitForFinished(-1); + -+ auto exitCode = process.exitCode(); -+ if (exitCode == 0) { ++ if (process.exitCode() == 0) { + return Calamares::JobResult::ok(); + } else { -+ return Calamares::JobResult::error("Failed to join realm."); ++ QString errorOutput = process.readAllStandardError(); ++ return Calamares::JobResult::error(QString("Failed to join realm: %1").arg(errorOutput)); + } +} --- /dev/null @@ -399,7 +404,7 @@ +{ + Q_OBJECT +public: -+ ActiveDirectoryJob( const QStringList& activeDirectoryInfo ); ++ ActiveDirectoryJob( QStringList& activeDirectoryInfo ); + QString prettyName() const override; + QString prettyDescription() const override; + QString prettyStatusMessage() const override; diff --git a/debian/patches/grub-debconf-config.patch b/debian/patches/grub-debconf-config.patch new file mode 100644 index 0000000..971ce2c --- /dev/null +++ b/debian/patches/grub-debconf-config.patch @@ -0,0 +1,82 @@ +Description: Populate grub-{efi,pc}/install_devices debconf config +Author: Simon Quigley +Origin: vendor +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/calamares/+bug/2063354 +Last-Update: 2024-04-24 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/src/modules/bootloader/main.py ++++ b/src/modules/bootloader/main.py +@@ -25,6 +25,7 @@ import os + import re + import shutil + import subprocess ++import tempfile + + import libcalamares + +@@ -581,6 +582,46 @@ def get_grub_efi_parameters(): + return None + + ++def get_disk_id(device_name, efi): ++ by_id_path = "/dev/disk/by-id" ++ ++ if efi: ++ partitions = libcalamares.globalstorage.value("partitions") ++ device_name = None ++ ++ for partition in partitions: ++ if "/boot/efi" in partition["mountPoint"]: ++ device_name = partition["device"] ++ break ++ ++ device_path = os.path.realpath(device_name) ++ ++ for entry in os.listdir(by_id_path): ++ full_entry_path = os.path.join(by_id_path, entry) ++ if os.path.realpath(full_entry_path) == device_path: ++ return full_entry_path ++ ++ return None ++ ++ ++def set_grub_debconf_config(device_name, efi=False): ++ dev_id_path = get_disk_id(device_name, efi=efi) ++ ++ if not dev_id_path: ++ return None ++ ++ temp_dir = libcalamares.globalstorage.value("rootMountPoint") + "/tmp/" ++ with tempfile.NamedTemporaryFile(mode="w", delete=False, dir=temp_dir) as tmpfile: ++ debconf_target = "grub-efi" if efi else "grub-pc" ++ ++ tmpfile.write(f"grub-pc {debconf_target}/install_devices multiselect {dev_id_path}\n") ++ tmpfile_path = tmpfile.name ++ ++ debconf_config = "/tmp/" + os.path.basename(tmpfile_path) ++ check_target_env_call(["/usr/bin/debconf-set-selections", debconf_config]) ++ os.remove(tmpfile_path) ++ ++ + def run_grub_mkconfig(partitions, output_file): + """ + Runs grub-mkconfig in the target environment +@@ -631,6 +672,8 @@ def run_grub_install(fw_type, partitions + "--efi-directory=" + efi_directory, + "--bootloader-id=" + efi_bootloader_id, + "--force"]) ++ ++ set_grub_debconf_config(efi_target, efi=True) + else: + assert efi_directory is None + if libcalamares.globalstorage.value("bootLoader") is None: +@@ -652,6 +695,8 @@ def run_grub_install(fw_type, partitions + "--force", + boot_loader["installPath"]]) + ++ set_grub_debconf_config(boot_loader["installPath"]) ++ + + def install_grub(efi_directory, fw_type): + """ diff --git a/debian/patches/series b/debian/patches/series index 67fbccf..c038001 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,5 @@ 0001-replace-pkexec-by-sudo.patch apport-package-hook.patch enable-only-present-with-encryption-partitions.patch -active-directory.patch +#active-directory.patch +grub-debconf-config.patch