From 125ac748b059a9d3851a048760be1ff593a09cfc Mon Sep 17 00:00:00 2001 From: CloudBuilder Date: Wed, 27 Sep 2023 13:51:09 +0000 Subject: [PATCH] Imported 23.10.47 from mantic-release pocket. No reason for CPC update specified. --- debian/changelog | 17 +++++++++++++++++ live-build/functions | 3 ++- .../hooks.d/base/disk-image-uefi.binary | 16 ++++++++++++---- 3 files changed, 31 insertions(+), 5 deletions(-) diff --git a/debian/changelog b/debian/changelog index f8730b7f..605e729f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,20 @@ +livecd-rootfs (23.10.47) mantic; urgency=medium + + [ Phil Roche ] + * fix: Ensure that grub/shim package installs do not install recommends for + minimized ubuntu-cpc image builds (LP: #2037075) + + -- Steve Langasek Tue, 26 Sep 2023 15:04:09 -0700 + +livecd-rootfs (23.10.46) UNRELEASED; urgency=medium + + [ Simon Poirier ] + * Fix use of variable declared in conditional branch and used in parent + scope in snap_validate_seed. This would affect binary for images without + kernel and using "set -u". (LP: #2037338) + + -- Michael Hudson-Doyle Tue, 26 Sep 2023 15:11:07 +1300 + livecd-rootfs (23.10.45) mantic; urgency=medium * budgie: Configure universe & multiverse sources (LP: #2036966) diff --git a/live-build/functions b/live-build/functions index 19953744..c8b55773 100644 --- a/live-build/functions +++ b/live-build/functions @@ -767,9 +767,10 @@ snap_preseed() { snap_validate_seed() { local CHROOT_ROOT=$1 + local kern_major_min=undefined if [ -e ${CHROOT_ROOT}/boot/vmlinuz ]; then - local kern_major_min=$(readlink --canonicalize --no-newline ${CHROOT_ROOT}/boot/vmlinuz | grep --extended-regexp --only-matching --max-count 1 '[0-9]+\.[0-9]+') + kern_major_min=$(readlink --canonicalize --no-newline ${CHROOT_ROOT}/boot/vmlinuz | grep --extended-regexp --only-matching --max-count 1 '[0-9]+\.[0-9]+') if [ -d /usr/share/livecd-rootfs/live-build/apparmor/${kern_major_min} ]; then # if an Ubuntu version has different kernel apparmor features between LTS and HWE kernels # a snap pre-seeding issue can occur, where the incorrect apparmor features are reported diff --git a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary index 3685e464..6d73d004 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary @@ -106,25 +106,33 @@ install_grub() { chroot mountpoint apt-get -y update + package_install_recommends_option="" + # minimized cloud image policy, introduced in version 23.10.16, is to not install recommends for any package + # installs during build. This is to keep the image as small as possible. This also extends to + # the grub related packages. + if [ "${SUBPROJECT:-}" = minimized ]; then + package_install_recommends_option="--no-install-recommends" + fi + # UEFI GRUB modules are meant to be used equally by Secure Boot and # non-Secure Boot systems. If you need an extra module not already # provided or run into "Secure Boot policy forbids loading X" problems, # please file a bug against grub2 to include the affected module. case $ARCH in arm64) - chroot mountpoint apt-get -qqy install --no-install-recommends shim-signed grub-efi-arm64-signed + chroot mountpoint apt-get -qqy install ${package_install_recommends_option} shim-signed grub-efi-arm64-signed efi_target=arm64-efi ;; armhf) - chroot mountpoint apt-get -qqy install --no-install-recommends grub-efi-arm grub-efi-arm-bin + chroot mountpoint apt-get -qqy install ${package_install_recommends_option} grub-efi-arm grub-efi-arm-bin efi_target=arm-efi ;; amd64) - chroot mountpoint apt-get install -qqy grub-pc shim-signed + chroot mountpoint apt-get install -qqy ${package_install_recommends_option} grub-pc shim-signed efi_target=x86_64-efi ;; riscv64) - chroot mountpoint apt-get install -qqy u-boot-menu grub-efi-riscv64 + chroot mountpoint apt-get install -qqy ${package_install_recommends_option} u-boot-menu grub-efi-riscv64 efi_target=riscv64-efi chroot mountpoint u-boot-update