diff --git a/debian/changelog b/debian/changelog index 0906c7d6..63e3c70d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,125 @@ +livecd-rootfs (2.890) mantic; urgency=medium + + * Allow choosing installer channels with the CHANNEL variable for + subiquity-based installer ISOs. + + -- Dan Bungert Fri, 16 Jun 2023 09:12:08 -0600 + +livecd-rootfs (2.849) mantic; urgency=medium + + [ Gauthier Jolly ] + * ubuntu-cpc: mount ESP on /boot and bind mount /boot on /boot/efi + + -- Steve Langasek Thu, 15 Jun 2023 12:18:47 -0700 + +livecd-rootfs (2.848) mantic; urgency=medium + + * Migrate default Ubuntu Budgie image builds to their new + ubuntu-budgie-installer, mirroring what has been done for Ubuntu. At the + same time, we add support for building legacy ubiquity-based images as + well. + + -- Łukasz 'sil2100' Zemczak Wed, 07 Jun 2023 13:33:26 +0200 + +livecd-rootfs (2.847) mantic; urgency=medium + + * canary images: add boot-managed-by-snapd preinstalled by default on the + enhanced-secureboot layer. This will make sure that all canary installs + will not allow installing non-snap kernels and bootloader packages (as + this could break their systems). + + -- Łukasz 'sil2100' Zemczak Mon, 05 Jun 2023 16:57:58 +0200 + +livecd-rootfs (2.846) mantic; urgency=medium + + * Make the newly added mtools dependency arch-specific as it's not + installable on i386, causing migration issues. + + -- Łukasz 'sil2100' Zemczak Thu, 01 Jun 2023 11:40:52 +0200 + +livecd-rootfs (2.845) mantic; urgency=medium + + * Add the mtools dependency for ubuntu-image. + + -- Łukasz 'sil2100' Zemczak Wed, 31 May 2023 17:08:44 +0200 + +livecd-rootfs (2.844) mantic; urgency=medium + + * Switch to use ubuntu-image 3.0 for our raspberry pi mantic images. + + -- Łukasz 'sil2100' Zemczak Wed, 31 May 2023 15:15:09 +0200 + +livecd-rootfs (2.843) mantic; urgency=medium + + * Unconditionally enable i386 in the chroot for Ubuntu Desktop; the new + installer doesn't handle enabling this at install time, and late + enablement also misses us some recommends. + * Restore losetup code, the necessary launchpad-buildd changes were being + deployed just as this revert landed. + + -- Steve Langasek Fri, 26 May 2023 13:51:18 -0700 + +livecd-rootfs (2.842) mantic; urgency=medium + + * Revert once again the kpartx->losetup changes as those are causing + constant build failures for RISC-V images. This clearly needs some more + investigation before proceeding. This means that we're back to using + kpartx for loop device setup. + + -- Łukasz 'sil2100' Zemczak Wed, 24 May 2023 11:07:21 +0200 + +livecd-rootfs (2.841) mantic; urgency=medium + + * The base seed for edubuntu is desktop-gnome, not desktop. LP: #2019060. + + -- Steve Langasek Wed, 17 May 2023 23:50:57 -0700 + +livecd-rootfs (2.840) mantic; urgency=medium + + * auto/config: switch ubuntucinnamon and ubuntu-unity builds to use add_task + to get their desktop packages. Previously most (all?) flavour builds got + the snaps from that flavour's "desktop" seed implicitly added, but now an + explicit add_task is needed. + * auto/config: alter check for unexpectedly seeded snaps in + ubuntu-cpc:minimized build. As the build no longer implicitly seeds the + snaps from the server seed, we can just assert no snaps are seeded. This + fixes an autopkgtest regression but also cleaner. + + -- Michael Hudson-Doyle Thu, 18 May 2023 11:33:59 +1200 + +livecd-rootfs (2.839) mantic; urgency=medium + + * Drop use of --removable flag to grub-install from + live-build/buildd/hooks/02-disk-image-uefi.binary, to match the cloud + images (7c760864fdcb278ca37396f06f5e3f297428d63d). This fixes + bootloader updates in the buildd images, but also fixes compatibility + with using devtmpfs for losetup. + + -- Steve Langasek Wed, 17 May 2023 09:27:56 -0700 + +livecd-rootfs (2.838) mantic; urgency=medium + + * auto/config: Set FLAVOUR appropriately for flavours added since the + expand-task branch was created. + * live-build/expand-task: Fix expansion of tasks with non-flavour specific + name (e.g. "minimal") when building a non-Ubuntu flavour. + * auto/config: Do not include the ubuntu-desktop-minimal task in edubuntu. + Cross flavour task references do not work with the approach expand-task + takes, and the ubuntu-desktop-minimal package is part of the + edubuntu-desktop-gnome task already. + * live-build/expand-task: handle seeding of classic snaps correctly. + + -- Michael Hudson-Doyle Wed, 17 May 2023 15:53:50 +1200 + +livecd-rootfs (2.837) mantic; urgency=medium + + * auto/config: Rewrite add_task to use a Python script that cribs the logic + from lp:ubuntu-archive-publishing's generate_extra_overrides.py. This + means we can avoid some dubious hacks around seeding snaps and no longer + depend on the Task headers in the archive. (LP: #2019265) + + -- Michael Hudson-Doyle Mon, 15 May 2023 09:36:29 +1200 + livecd-rootfs (2.836) mantic; urgency=medium * canary: include cryptsetup in the live layer diff --git a/debian/control b/debian/control index c8c78a76..0fb57629 100644 --- a/debian/control +++ b/debian/control @@ -27,6 +27,8 @@ Depends: ${misc:Depends}, lsb-release, lzma, make, + mount, + mtools [!i386], parted, procps, python3, @@ -38,8 +40,7 @@ Depends: ${misc:Depends}, snapd (>= 2.39) [!i386], squashfs-tools (>= 1:3.3-1), sudo, - u-boot-tools [armhf arm64], - ubuntu-image [!i386 !riscv64], + u-boot-tools [arm64 armhf], python3-vmdkstream [amd64 i386], xorriso [!i386], xz-utils, diff --git a/live-build/auto/build b/live-build/auto/build index 2568057e..824d3a30 100755 --- a/live-build/auto/build +++ b/live-build/auto/build @@ -89,9 +89,15 @@ PREFIX="livecd.$PROJECT${SUBARCH:+-$SUBARCH}" if [ "${IMAGEFORMAT:-}" = "ubuntu-image" ]; then # Use ubuntu-image instead of live-build + export SNAPPY_STORE_NO_CDN=1 + snap install --classic ubuntu-image + + # TODO: eventually, this should be handled by a single ubuntu-image + # call without having to do a conditional on ubuntu-core/classic. + # We could already do that, but then we'd still have to do the + # compressing for the core images. if [ "$PROJECT" = "ubuntu-core" ]; then - env SNAPPY_STORE_NO_CDN=1 \ - ubuntu-image snap $UBUNTU_IMAGE_ARGS \ + /snap/bin/ubuntu-image snap $UBUNTU_IMAGE_ARGS \ -O output "$PREFIX".model-assertion # XXX: currently we only have one image generated, but really # we should be supporting more than one for models that @@ -100,20 +106,23 @@ if [ "${IMAGEFORMAT:-}" = "ubuntu-image" ]; then xz -0 -T4 "$PREFIX".img mv output/seed.manifest "$PREFIX".manifest else - # First we need to build the gadget tree - make -C "config/$PREFIX-gadget" \ - ARCH=$ARCH SERIES=$SUITE $GADGET_TARGET - ubuntu-image classic $UBUNTU_IMAGE_ARGS \ - -s $SUITE -p $PROJECT -a $ARCH --subarch $SUBARCH \ - -O output config/$PREFIX-gadget/install - # XXX: currently we only have one image generated, but really - # we should be supporting more than one for models that - # define those. - mv output/*.img "$PREFIX".img - xz -0 -T4 "$PREFIX".img - # Also link the output image to a filename that cdimage expects - ln "$PREFIX".img.xz livecd.ubuntu-cpc.disk1.img.xz - mv output/filesystem.manifest "$PREFIX".manifest + /snap/bin/ubuntu-image classic --verbose $UBUNTU_IMAGE_ARGS \ + -O output "$PREFIX".yaml + # Since the output of the ubuntu-image call can vary based on what + # kind of an image we build, the safest bet is to 'export' all the + # artifacts from the output directory. The image definition file + # should be what defines what is expected, so that we don't have + # to tweak livecd-rootfs everytime a different type of artifact + # is needed. + for artifact in output/*; do + # We want to be dynamic, and want to support even + # two-part extensions. + filename=$(basename $artifact) + noversion=$(echo $filename | sed 's/[0-9][0-9]\.[0-9][0-9]//') + extension=${noversion#*.} + mv $artifact "$PREFIX".$extension + done + [ -f $PREFIX.img ] && xz -0 -T4 "$PREFIX".img fi exit 0 @@ -549,9 +558,14 @@ for OUTPUT in ext2 ext3 ext4 manifest manifest-remove size squashfs; do done # we don't need a manifest-remove for a layered-aware installer -if [ "$PROJECT" = "ubuntu" ] && [ "$SUBPROJECT" != "legacy" ]; then - rm -f livecd.${PROJECT}-manifest-remove - rm -f config/manifest-minimal-remove +if [ "$SUBPROJECT" != "legacy" ]; then + # here we have a list of all new-installer flavors + case $PROJECT in + ubuntu|ubuntu-budgie) + rm -f livecd.${PROJECT}-manifest-remove + rm -f config/manifest-minimal-remove + ;; + esac fi if [ -e config/manifest-minimal-remove ]; then diff --git a/live-build/auto/config b/live-build/auto/config index ff0abd60..eb0d98de 100755 --- a/live-build/auto/config +++ b/live-build/auto/config @@ -36,6 +36,7 @@ mkdir -p config cp -af /usr/share/livecd-rootfs/live-build/functions config/functions cp -af /usr/share/livecd-rootfs/live-build/lb_*_layered config/ cp -af /usr/share/livecd-rootfs/live-build/snap-seed-parse.py config/snap-seed-parse +cp -af /usr/share/livecd-rootfs/live-build/expand-task config/expand-task cp -af /usr/share/livecd-rootfs/live-build/squashfs-exclude-files config/ mkdir -p config/package-lists @@ -106,55 +107,36 @@ add_task () { local pass="$1" shift - local task - local snap_list_file - local snap_list_files - local curseed + local file pkg_file snap_file task _check_immutable_passes_to_layers _register_pass "$pass" - # The removal of direct task installation support from live-build - # poses some problems. If the chroot has multiarch configured - for - # example, if we're building for amd64 - then dumpavail will show - # foreign-architecture packages which will have their own Task - # lines, but which we don't want to install. (Compare - # PackageContainerInterface::FromTask in apt, which restricts task - # expansion to the native architecture.) We therefore restrict our - # search to stanzas with Architecture: $ARCH or all. - # - # However, even this may not be accurate enough. At the moment I - # have no idea what happens if an Architecture: all package has - # different Task fields on different architectures. This is - # probably a lurking timebomb that we need to fix. In the meantime, - # the Architecture restriction at least saves us from abject - # failure. - # - # We want as well to grab the snap list for each PASS. Resolve for all - # given task, and deduplicate them to generate snaps for the PASS. + if [ ! -e config/germinate-output/structure ]; then + echo "add_task too soon" >&2 + exit 1 + fi + + pkg_file="config/package-lists/livecd-rootfs.list.chroot_$pass" + + if [ $PASSES_TO_LAYERS = "true" ]; then + snap_file="config/package-lists/livecd-rootfs.snaplist.chroot_$pass.full" + else + snap_file="config/seeded-snaps" + fi for task; do - # We need a ridiculous number of backslashes to protect - # parentheses from eval. - echo "!chroot chroot apt-cache dumpavail | grep-dctrl -nsPackage \\\\\\( -XFArchitecture $ARCH -o -XFArchitecture all \\\\\\) -a -wFTask $task" >> "config/package-lists/livecd-rootfs.list.chroot_$pass" + ./config/expand-task config/germinate-output $FLAVOUR $task packages >> "$pkg_file" + ./config/expand-task config/germinate-output $FLAVOUR $task snaps >> "$snap_file" + done - curseed=$(seed_from_task ${task}) - if [ -z "${curseed}" ]; then - echo "W: No seed matching task ${task}" - continue - fi - snap_list_file="config/package-lists/seed.${curseed}.snaplist.full" - snap_from_seed "${curseed}" $snap_list_file - if [ -e "$snap_list_file" ]; then - snap_list_files="${snap_list_files} $snap_list_file" + for file in $pkg_file $snap_file; do + if [ -s $file ]; then + sort -u -o $file $file + else + rm -f $file fi done - # The snap list is one line, and could be duplicated between seeds via inheritance. - # Uniquely sort them and store them back in one line. - if [ -n "${snap_list_files}" ]; then - cat ${snap_list_files}|xargs -n1|sort -u > "config/package-lists/livecd-rootfs.snaplist.chroot_${pass}.full" - rm ${snap_list_files} - fi } add_package () @@ -207,8 +189,13 @@ add_snap () _check_immutable_passes_to_layers _register_pass "$pass" + local channel="" + if [ -n "$CHANNEL" ] ; then + channel="=$CHANNEL" + fi + for pkg; do - echo "$pkg" >> "config/package-lists/livecd-rootfs.snaplist.chroot_$pass.full" + echo "$pkg$channel" >> "config/package-lists/livecd-rootfs.snaplist.chroot_$pass.full" done } @@ -340,8 +327,9 @@ _get_live_passes () if [ -z "${IMAGEFORMAT:-}" ]; then case $PROJECT:${SUBPROJECT:-} in ubuntu-cpc:*|ubuntu:desktop-preinstalled|ubuntu-wsl:*) - case $SUBARCH in - raspi|intel-iot) + case $ARCH+${SUBARCH:-} in + *+raspi) + # All raspi images use ubuntu-image. IMAGEFORMAT=ubuntu-image ;; *) @@ -514,41 +502,20 @@ case $IMAGEFORMAT in else # classic images - # Certain models have different names but are built from the same source gadget tree - case $MODEL in - pi-arm64|pi3-arm64) - MODEL=pi - ;; - intel-iot) - MODEL=pc - ;; - esac + IMAGE_PROJECT=$PROJECT + [ "$IMAGE_PROJECT" = "ubuntu-cpc" ] && IMAGE_PROJECT="ubuntu-server" + DEFINITION="$IMAGE_PROJECT-$MODEL.yaml" - GADGET_TARGET="server" - if [ "$SUBPROJECT" = "desktop-preinstalled" ]; then - GADGET_TARGET="desktop" - fi - - UBUNTU_IMAGE_ARGS="$UBUNTU_IMAGE_ARGS${SUBPROJECT:+ --subproject \"$SUBPROJECT\"}" - UBUNTU_IMAGE_ARGS="$UBUNTU_IMAGE_ARGS${PROPOSED:+ --with-proposed}" - UBUNTU_IMAGE_ARGS="$UBUNTU_IMAGE_ARGS${EXTRA_PPAS:+ --extra-ppas \"$EXTRA_PPAS\"}" - - # We need to look in two places for the gadget tree: - # - Launchpad hosted gadgets will be in the snap-gadget repo - # - Github hosted gadgets are mirrored into a github-mirror repo - BRANCH="classic" - git clone git://git.launchpad.net/~canonical-foundations/snap-$MODEL/+git/snap-$MODEL -b $BRANCH config/$PREFIX-gadget || git clone git://git.launchpad.net/~canonical-foundations/snap-$MODEL/+git/github-mirror -b $BRANCH config/$PREFIX-gadget || git clone git://git.launchpad.net/~canonical-foundations/snap-$MODEL/+git/github-mirror-$ARCH -b $BRANCH config/$PREFIX-gadget - - echo "IMAGEFORMAT=$IMAGEFORMAT" >> config/common - echo "SUITE=$SUITE" >> config/common - echo "GADGET_TARGET=$GADGET_TARGET" >> config/common - echo "UBUNTU_IMAGE_ARGS=\"$UBUNTU_IMAGE_ARGS\"" >> config/common - - echo "Configured ubuntu-image for the following gadget model: $MODEL" + git clone git://git.launchpad.net/ubuntu-images -b $SUITE image-definitions + cp image-definitions/$DEFINITION "$PREFIX".yaml + echo "Configured ubuntu-image for the following image-definition:" + cat "$PREFIX".yaml + echo "----------------------------------------------------------" fi # Save the model name used for building, mostly for any model-specific hook execution echo "MODEL=$MODEL" >> config/common + echo "IMAGEFORMAT=$IMAGEFORMAT" >> config/common # Fake finished configuration for lb build mkdir -p .build touch .build/config @@ -567,7 +534,7 @@ case $IMAGEFORMAT in ;; ubuntu-wsl) ;; - ubuntu) + ubuntu|ubuntu-budgie) if [ "$SUBPROJECT" = "legacy" ]; then add_package live casper fi @@ -638,35 +605,38 @@ fi mkdir -p config/germinate-output case $PROJECT in + edubuntu*) + FLAVOUR=edubuntu + ;; kubuntu*) - SEED=kubuntu.$SUITE + FLAVOUR=kubuntu ;; xubuntu*) - SEED=xubuntu.$SUITE + FLAVOUR=xubuntu ;; ubuntu-mate*) - SEED=ubuntu-mate.$SUITE + FLAVOUR=ubuntu-mate ;; ubuntu-unity*) - SEED=ubuntu-unity.$SUITE + FLAVOUR=ubuntu-unity ;; lubuntu*) - SEED=lubuntu.$SUITE + FLAVOUR=lubuntu ;; ubuntu-budgie*) - SEED=ubuntu-budgie.$SUITE + FLAVOUR=ubuntu-budgie ;; ubuntukylin*) - SEED=ubuntukylin.$SUITE + FLAVOUR=ubuntukylin ;; ubuntustudio*) - SEED=ubuntustudio.$SUITE + FLAVOUR=ubuntustudio ;; ubuntucinnamon*) - SEED=ubuntucinnamon.$SUITE + FLAVOUR=ubuntucinnamon ;; *) - SEED=ubuntu.$SUITE + FLAVOUR=ubuntu ;; esac @@ -694,7 +664,7 @@ if ! [ -e config/germinate-output/structure ]; then GERMINATE_ARG="-c $(echo $COMPONENTS | sed -e's/ \+/,/g')" fi (cd config/germinate-output && germinate --no-rdepends --no-installer \ - -S $SEEDMIRROR -m $MIRROR -d $SUITE -s $SEED \ + -S $SEEDMIRROR -m $MIRROR -d $SUITE -s $FLAVOUR.$SUITE \ $GERMINATE_ARG -a $ARCH) fi @@ -760,7 +730,7 @@ case $PROJECT in add_package minimal.standard.live linux-generic casper lvm2 mdadm cryptsetup remove_package minimal.standard.live ubiquity-frontend-gtk # the enhanced-secureboot layer, contains all packages for the enhanced secureboot install - add_package minimal.standard.enhanced-secureboot cryptsetup + add_package minimal.standard.enhanced-secureboot cryptsetup boot-managed-by-snapd # now let's create the neccessary catalog files # TODO: make sure that we handle locale_support: langpack correctly cat <<-EOF > config/minimal.catalog-in.yaml @@ -857,13 +827,12 @@ case $PROJECT in ;; edubuntu) - add_task install minimal standard ubuntu-desktop-minimal edubuntu-desktop-gnome + add_task install minimal standard edubuntu-desktop-gnome LIVE_TASK='edubuntu-live' ;; ubuntucinnamon) - add_task install minimal standard - add_package install ubuntucinnamon-desktop + add_task install minimal standard ubuntucinnamon-desktop # XXX: Adding live packages manually temporarily until we have # the live task for ubuntucinnamon set up properly. add_package live ubiquity-frontend-gtk @@ -915,8 +884,50 @@ case $PROJECT in ;; ubuntu-budgie) - add_task install minimal standard ubuntu-budgie-desktop - LIVE_TASK='ubuntu-budgie-live' + case ${SUBPROJECT:-} in + legacy) + add_task install minimal standard ubuntu-budgie-desktop + LIVE_TASK='ubuntu-budgie-live' + ;; + + *) + # By default Ubuntu Budgie now ships the new installer. + PASSES_TO_LAYERS="true" + KERNEL_FLAVOURS='generic-hwe-22.04' + add_task minimal minimal standard ubuntu-budgie-desktop-minimal ubuntu-budgie-desktop-minimal-default-languages + add_task minimal.standard ubuntu-budgie-desktop ubuntu-budgie-desktop-default-languages + add_task minimal.standard.live ubuntu-budgie-live + add_package minimal cloud-init + remove_package minimal.standard.live ubiquity-frontend-gtk + add_snap minimal.standard.live ubuntu-budgie-installer/classic + + seeded_langs="$(get_seeded_languages budgie-desktop-minimal budgie-desktop)" + echo "$seeded_langs" | tr ' ' ',' > config/seeded-languages + derive_language_layers minimal budgie-desktop-minimal budgie-desktop-minimal-default-languages "$seeded_langs" + derive_language_layers minimal.standard budgie-desktop budgie-desktop-default-languages "$seeded_langs" + cat <<-EOF > config/minimal.catalog-in.yaml + name: "Ubuntu Budgie Desktop (minimized)" + description: >- + A minimal but usable Ubuntu Budgie Desktop. + id: ubuntu-budgie-desktop-minimal + type: fsimage-layered + variant: desktop + locale_support: langpack + EOF + cat <<-EOF > config/minimal.standard.catalog-in.yaml + name: "Ubuntu Budgie Desktop" + description: >- + A full featured Ubuntu Budgie Desktop. + id: ubuntu-budgie-desktop + type: fsimage-layered + variant: desktop + locale_support: langpack + default: yes + EOF + /usr/share/livecd-rootfs/checkout-translations-branch \ + https://git.launchpad.net/subiquity po config/catalog-translations + ;; + esac ;; ubuntu-mate) @@ -925,8 +936,7 @@ case $PROJECT in ;; ubuntu-unity) - add_task install minimal standard - add_package install ubuntu-unity-desktop + add_task install minimal standard ubuntu-unity-desktop # XXX: Adding live packages manually temporarily until we have # the live task for ubuntu-unity set up properly. add_package live metacity ubiquity-frontend-gtk @@ -957,8 +967,6 @@ case $PROJECT in add_task ubuntu-server-minimal server-minimal add_package ubuntu-server-minimal lxd-installer add_task ubuntu-server-minimal.ubuntu-server minimal standard server - # add_task really should do this itself but for now... - snap_from_seed server config/package-lists/livecd-rootfs.snaplist.chroot_ubuntu-server-minimal.ubuntu-server.full add_package ubuntu-server-minimal.ubuntu-server cloud-init add_package ubuntu-server-minimal.ubuntu-server.installer linux-firmware casper openssh-server @@ -1181,33 +1189,23 @@ case $PROJECT:${SUBPROJECT:-} in xubuntu:minimal) ;; edubuntu:*) - BASE_SEED='desktop' + BASE_SEED='desktop-gnome' ;; *) BASE_SEED='desktop' ;; esac -if [ "$PASSES_TO_LAYERS" != "true" ] && [ -n "${BASE_SEED}" ]; then - snap_from_seed "${BASE_SEED}" config/seeded-snaps -fi if [ "$PROJECT:${SUBPROJECT:-}" = ubuntu-cpc:minimized ]; then - # We install a lxc script that installs the snap when invoked. We don't - # want any other snaps to come in without due consideration, so fail the - # build if we see such a snap. - for snap in `cat config/seeded-snaps`; do - case $snap in - lxd | lxd=*) - ;; - *) - echo "Unexpected seeded snap for ubuntu-cpc:minimized build: $snap" - exit 1 - ;; - esac - done + # We install a lxc script that installs the snap when invoked and + # don't want any other snaps. + if [ -s config/seeded-snaps ]; then + echo "Unexpected seeded snaps for ubuntu-cpc:minimized build:" + cat config/seeded-snaps + exit 1 + fi - # Truncate but don't delete to a) prevent any snaps from being seeded, - # while at the same time b) triggering initialization of assertions. + # Create an empty file to trigger initialization of assertions. truncate --size 0 config/seeded-snaps fi @@ -1346,6 +1344,7 @@ echo "LB_BINARY_HOOKS=\"$BINARY_HOOKS\"" >> config/binary echo "BUILDSTAMP=\"$NOW\"" >> config/binary echo "SUBPROJECT=\"${SUBPROJECT:-}\"" >> config/binary echo "LB_DISTRIBUTION=\"$SUITE\"" >> config/binary +echo "CHANNEL=\"${CHANNEL:-}\"" >> config/binary if [ "${IMAGE_HAS_HARDCODED_PASSWORD:-}" = "1" ]; then echo IMAGE_HAS_HARDCODED_PASSWORD=1 >> config/binary diff --git a/live-build/buildd/hooks/02-disk-image-uefi.binary b/live-build/buildd/hooks/02-disk-image-uefi.binary index 280db0ab..44a7ff42 100755 --- a/live-build/buildd/hooks/02-disk-image-uefi.binary +++ b/live-build/buildd/hooks/02-disk-image-uefi.binary @@ -41,7 +41,7 @@ create_partitions() { } create_and_mount_uefi_partition() { - uefi_dev="/dev/mapper${loop_device///dev/}p15" + uefi_dev="${loop_device}p15" mountpoint="$1" mkfs.vfat -F 32 -n UEFI "${uefi_dev}" @@ -102,19 +102,9 @@ install_grub() { --boot-directory=/boot \ --efi-directory=/boot/efi \ --target=${efi_target} \ - --removable \ --uefi-secure-boot \ --no-nvram - if [ -f mountpoint/boot/efi/EFI/BOOT/grub.cfg ]; then - sed -i "s| root| root hd0,gpt1|" mountpoint/boot/efi/EFI/BOOT/grub.cfg - sed -i "1i${IMAGE_STR}" mountpoint/boot/efi/EFI/BOOT/grub.cfg - # For some reason the grub disk is looking for /boot/grub/grub.cfg on - # part 15.... - chroot mountpoint mkdir -p /boot/efi/boot/grub - chroot mountpoint cp /boot/efi/EFI/BOOT/grub.cfg /boot/efi/boot/grub - fi - if [ "$ARCH" = "amd64" ]; then # Install the BIOS/GPT bits. Since GPT boots from the ESP partition, # it means that we just run this simple command and we're done diff --git a/live-build/expand-task b/live-build/expand-task new file mode 100755 index 00000000..1ac44881 --- /dev/null +++ b/live-build/expand-task @@ -0,0 +1,86 @@ +#!/usr/bin/python3 + +import argparse +import glob +import os +import re + +p = argparse.ArgumentParser() +p.add_argument('output_dir') +p.add_argument('flavour') +p.add_argument('task') +p.add_argument('what', choices=['packages', 'snaps']) +args = p.parse_args() + +if args.what == 'snaps': + ext = '.snaps' +else: + ext = '' + + +# begin copy/paste from ubuntu-archive-publishing's generate_extra_overrides. +def parseTaskHeaders(seedtext): + """Parse a seed for Task headers. + + seedtext is a file-like object. Return a dictionary of Task headers, + with keys canonicalised to lower-case. + """ + task_headers = {} + task_header_regex = re.compile( + r"task-(.*?):(.*)", flags=re.IGNORECASE) + for line in seedtext: + match = task_header_regex.match(line) + if match is not None: + key, value = match.groups() + task_headers[key.lower()] = value.strip() + return task_headers + +def getTaskSeeds(task_headers, seedname): + """Return the list of seeds used to generate a task from this seed. + + The list of packages in this task comes from this seed plus any + other seeds listed in a Task-Seeds header. + """ + scan_seeds = set([seedname]) + if "seeds" in task_headers: + scan_seeds.update(task_headers["seeds"].split()) + return sorted(scan_seeds) +# end copy/paste from ubuntu-archive-publishing's generate_extra_overrides. + +# This is not quite the same as the one in generate_extra_overrides, +# because for seeds that do not have flavour specific names, the Task +# override is only generated for the Ubuntu flavour rather than +# redundantly doing it for each flavour. +def getTaskName(task_headers, flavour, seedname): + """Work out the name of the Task to be generated from this seed. + + If there is a Task-Name header, it wins; otherwise, seeds with a + Task-Per-Derivative get put in an appropriate namespace. Other seeds + have a task name that matches the seed name. + """ + if "name" in task_headers: + return task_headers["name"] + elif "per-derivative" in task_headers: + return "%s-%s" % (flavour, seedname) + else: + return seedname + + +for seedtext in glob.glob(f'{args.output_dir}/*.seedtext'): + hs = parseTaskHeaders(open(seedtext)) + if not hs: + continue + seedname = os.path.splitext(os.path.basename(seedtext))[0] + tn = getTaskName(hs, args.flavour, seedname) + if tn != args.task: + continue + for seed in getTaskSeeds(hs, seedname): + for line in open(f'{args.output_dir}/{seed}{ext}'): + if re.match('^[a-z0-9]', line): + name = line.split()[0] + if args.what == 'snaps' and '(classic)' in line: + name += '/classic' + print(name) + break +else: + raise Exception("did not find task %r" % (args.task,)) diff --git a/live-build/functions b/live-build/functions index f2703c43..4f5621d0 100644 --- a/live-build/functions +++ b/live-build/functions @@ -12,16 +12,13 @@ loop_raw= backing_img= clean_loops() { - local kpartx_ret - local kpartx_stdout - - if [ -n "${backing_img}" ]; then + if [ -n "${loop_device}" ]; then # If something just finished writing to the device or a # partition (e.g. the zerofree in umount_partition) udev might # still be processing the device. udevadm settle sync - kpartx -v -d "${backing_img}" + losetup -v -d "${loop_device}" unset backing_img fi @@ -65,10 +62,7 @@ mount_image() { trap clean_loops EXIT backing_img="$1" local rootpart="$2" - kpartx_mapping="$(kpartx -s -v -a ${backing_img})" - # Find the loop device - loop_p1="$(echo -e ${kpartx_mapping} | head -n1 | awk '{print$3}')" - loop_device="/dev/${loop_p1%p[0-9]*}" + loop_device=$(losetup --show -f -P -v ${backing_img}) if [ ! -b ${loop_device} ]; then echo "unable to find loop device for ${backing_img}" @@ -76,7 +70,7 @@ mount_image() { fi # Find the rootfs location - rootfs_dev_mapper="/dev/mapper/${loop_p1%%[0-9]}${rootpart}" + rootfs_dev_mapper="${loop_device}p${rootpart}" if [ ! -b "${rootfs_dev_mapper}" ]; then echo "${rootfs_dev_mapper} is not a block device"; exit 1 @@ -213,9 +207,10 @@ mount_disk_image() { mount_image ${disk_image} 1 mount_partition "${rootfs_dev_mapper}" $mountpoint - local uefi_dev="/dev/mapper${loop_device///dev/}p15" - if [ -b ${uefi_dev} -a -e $mountpoint/boot/efi ]; then - mount "${uefi_dev}" $mountpoint/boot/efi + local uefi_dev="${loop_device}p15" + if [ -b ${uefi_dev} -a -e $mountpoint/boot ]; then + mount "${uefi_dev}" $mountpoint/boot + mount --bind $mountpoint/boot $mountpoint/boot/efi fi # This is needed to allow for certain operations @@ -254,13 +249,18 @@ umount_partition() { umount_disk_image() { mountpoint="$1" - local uefi_dev="/dev/mapper${loop_device///dev/}p15" + local uefi_dev="${loop_device}p15" if [ -e "$mountpoint/boot/efi" -a -b "$uefi_dev" ]; then - # zero fill free space in UEFI partition - cat < /dev/zero > "$mountpoint/boot/efi/bloat_file" 2> /dev/null || true - rm "$mountpoint/boot/efi/bloat_file" - mount --make-private "$mountpoint/boot/efi" - umount --detach-loop "$mountpoint/boot/efi" + # zero fill free space in UEFI partition + cat < /dev/zero > "$mountpoint/boot/efi/bloat_file" 2> /dev/null || true + rm "$mountpoint/boot/efi/bloat_file" + + # unmount bind mount + umount "$mountpoint/boot/efi" + + # unmount ESP + mount --make-private "$mountpoint/boot" + umount --detach-loop "$mountpoint/boot" fi if [ -e $mountpoint/usr/sbin/policy-rc.d ]; then @@ -770,56 +770,6 @@ snap_validate_seed() { fi } -snap_from_seed() { - local base_seed=$1 - local out=$2 - local all_snaps - local seeds_expanded - - seeds_expanded=$(inheritance ${base_seed}) - for seed in ${seeds_expanded}; do - echo "snap: considering ${seed}" - file=config/germinate-output/${seed}.snaps - [ -e "${file}" ] || continue - # extract the first column (snap package name) from germinate's output - # translate the human-readable "foo (classic)" into a - # more machine readable "foo/classic" - seed_snaps=$(sed -rn '1,/-----/d;/-----/,$d; s/(.*) \|.*/\1/; s, \(classic\),/classic,; p' "${file}") - for snap in ${seed_snaps}; do - echo "snap: found ${snap}" - all_snaps="${all_snaps:+${all_snaps} }${snap}" - done - done - if [ -n "${all_snaps}" ]; then - echo "${all_snaps}" > $out - fi -} - -seed_from_task () -{ - # Retrieve the name of the seed from a task name - local task=$1 - local seed - local seedfile - local seedfiles - - seedfile="$(grep -lE "^Task-Key: +${task}\$" config/germinate-output/*seedtext|head -1)" - if [ -n "$seedfile" ]; then - basename $seedfile .seedtext - return - fi - - seedfiles="$(grep -lE "^Task-Per-Derivative: *1\$" config/germinate-output/*seedtext)" - if [ -n "$seedfiles" ]; then - for seed in $(echo $seedfiles | xargs basename -s .seedtext); do - if [ ${PROJECT}-${seed} = $task ]; then - echo ${seed} - return - fi - done - fi -} - list_packages_from_seed () { # Store all packages for a given seed, including its seed dependency # $1: Name of the seed to expand to a package list diff --git a/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary b/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary index dc87a361..b5b7cffc 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary @@ -49,7 +49,7 @@ GRUB_TIMEOUT=0 # Set the default commandline GRUB_CMDLINE_LINUX_DEFAULT="console=hvc0 earlyprintk" EOF - prep_partition="/dev/mapper${loop_device///dev/}p2" + prep_partition="${loop_device}p2" chroot mountpoint grub-install "${prep_partition}" \ --no-nvram \ --boot-directory=/boot \ diff --git a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary index 91e77516..bcc88f2f 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary @@ -25,13 +25,8 @@ case ${PROJECT:-}:${SUBPROJECT:-} in ;; esac -if [ "$ARCH" = "amd64" ]; then - IMAGE_SIZE=3758096384 # bump to 3.5G (3584*1024**2); Since Kinetic amd64 need more then the default 2.2G -fi - -if [ "$ARCH" = "armhf" ]; then - IMAGE_SIZE=3758096384 # bump to 3.5G (3584*1024**2); Since Jammy armhf need more then the default 2.2G -fi +# 4G (4*1024**3) +IMAGE_SIZE=4294967296 # Change image size for preinstalled generic images if [ -n "${SUBARCH:-}" ]; then @@ -55,7 +50,7 @@ create_partitions() { arm64|armhf) if [ "${SUBARCH:-}" = "generic" ]; then sgdisk "${disk_image}" \ - --new=15:0:204800 \ + --new=15:0:+2G \ --typecode=15:ef00 \ --attributes=15:set:2 \ --new=14::+4M \ @@ -63,7 +58,7 @@ create_partitions() { --new=1: else sgdisk "${disk_image}" \ - --new=15:0:204800 \ + --new=15:0:+2G \ --typecode=15:ef00 \ --new=1: fi @@ -77,7 +72,7 @@ create_partitions() { # cloud-image sgdisk "${disk_image}" \ --set-alignment=2 \ - --new=15::+106M \ + --new=15::+2G \ --typecode=15:ef00 \ --new=1:: \ --attributes=1:set:2 @@ -97,7 +92,7 @@ create_partitions() { --change-name=14:loader2 \ --typecode=14:F4FA3898-3478-4941-887D-FCEC4E9E3C05 \ --attributes=14:set:0 \ - --new=15::+106M \ + --new=15::+2G \ --typecode=15:ef00 \ --change-name=15:ESP \ --new=12::+4M \ @@ -112,7 +107,7 @@ create_partitions() { --change-name=13:loader \ --typecode=13:ef02 \ --attributes=13:set:0 \ - --new=15::+106M \ + --new=15::+2G \ --typecode=15:ef00 \ --change-name=15:ESP \ --new=12::+4M \ @@ -123,7 +118,7 @@ create_partitions() { # VisionFive sgdisk "${disk_image}" \ --set-alignment=2 \ - --new=15::+106M \ + --new=15::+2G \ --typecode=15:ef00 \ --change-name=15:ESP \ --new=12::+4M \ @@ -162,7 +157,7 @@ create_partitions() { --change-name=14:loader2 \ --typecode=14:2E54B353-1271-4842-806F-E436D6AF6985 \ --attributes=14:set:0 \ - --new=15::+106M \ + --new=15::+2G \ --typecode=15:ef00 \ --new=12::+4M \ --change-name=12:CIDATA \ @@ -176,7 +171,7 @@ create_partitions() { --new=14::+4M \ --typecode=14:ef02 \ --attributes=14:set:2 \ - --new=15::+106M \ + --new=15::+2G \ --typecode=15:ef00 \ --new=13::+4M \ --change-name=13:CIDATA \ @@ -184,7 +179,7 @@ create_partitions() { else sgdisk "${disk_image}" \ --new=14::+4M \ - --new=15::+106M \ + --new=15::+2G \ --new=1:: sgdisk "${disk_image}" \ -t 14:ef02 \ @@ -197,15 +192,23 @@ create_partitions() { } create_and_mount_uefi_partition() { - uefi_dev="/dev/mapper${loop_device///dev/}p15" + uefi_dev="${loop_device}p15" mountpoint="$1" mkfs.vfat -F 32 -n UEFI "${uefi_dev}" - mkdir -p "${mountpoint}"/boot/efi - mount "${uefi_dev}" "$mountpoint"/boot/efi + mkdir -p "${mountpoint}"/boot/ + mount "${uefi_dev}" "$mountpoint"/boot/ - cat << EOF >> "mountpoint/etc/fstab" -LABEL=UEFI /boot/efi vfat umask=0077 0 1 + mkdir "$mountpoint/boot/efi" + mount --bind "$mountpoint/boot" "$mountpoint/boot/efi" +} + +configure_chroot() { + mountpoint="$1" + + cat << EOF >> "$mountpoint"/etc/fstab +LABEL=UEFI /boot vfat umask=0077 0 1 +/boot /boot/efi vfat umask=0077,bind 0 0 EOF } @@ -213,7 +216,8 @@ install_grub() { mkdir mountpoint mount_partition "${rootfs_dev_mapper}" mountpoint - create_and_mount_uefi_partition mountpoint + mount "${uefi_dev}" mountpoint/boot/ + mount --bind mountpoint/boot mountpoint/boot/efi echo "(hd0) ${loop_device}" > mountpoint/tmp/device.map mkdir -p mountpoint/etc/default/grub.d @@ -234,7 +238,7 @@ install_grub() { # Server preinstalled image # Setup cidata sample data & nocloud fallback # Allows login on first boot with or without metadata - cidata_dev="/dev/mapper${loop_device///dev/}p14" + cidata_dev="${loop_device}p14" setup_cidata "${cidata_dev}" setup_cinocloud mountpoint fi @@ -246,7 +250,7 @@ install_grub() { # Server preinstalled image # Setup cidata sample data & nocloud fallback # Allows login on first boot with or without metadata - cidata_dev="/dev/mapper${loop_device///dev/}p14" + cidata_dev="${loop_device}p14" setup_cidata "${cidata_dev}" setup_cinocloud mountpoint fi @@ -258,7 +262,7 @@ install_grub() { # Server preinstalled image # Setup cidata sample data & nocloud fallback # Allows login on first boot with or without metadata - cidata_dev="/dev/mapper${loop_device///dev/}p13" + cidata_dev="${loop_device}p13" setup_cidata "${cidata_dev}" setup_cinocloud mountpoint fi @@ -285,10 +289,10 @@ install_grub() { efi_target=riscv64-efi # The real U-Boot chroot mountpoint apt-get install -qqy u-boot-microchip - loader="/dev/mapper${loop_device///dev/}p13" + loader="${loop_device}p13" dd if=mountpoint/usr/lib/u-boot/microchip_icicle/u-boot.payload of=$loader # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal board, @@ -330,10 +334,10 @@ install_grub() { chroot mountpoint apt-get install -qqy u-boot-nezha # Since version 2022.10 U-Boot SPL and U-Boot are installed onto the same partition. # Package nezha-boot0 is not needed anymore. - loader1="/dev/mapper${loop_device///dev/}p13" + loader1="${loop_device}p13" dd if=mountpoint/usr/lib/u-boot/${SUBARCH}/u-boot-sunxi-with-spl.bin of=$loader1 # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal SiFive board, @@ -359,7 +363,7 @@ install_grub() { efi_target=riscv64-efi # factory u-boot requires a p3 partition with /boot/uEnv.txt file - uenv_dev="/dev/mapper${loop_device///dev/}p3" + uenv_dev="${loop_device}p3" mkfs.ext4 "${uenv_dev}" uenv_mnt_dir=`mktemp -d uenvXXX` mount "${uenv_dev}" "${uenv_mnt_dir}" @@ -387,7 +391,7 @@ EOF umount "${uenv_mnt_dir}" rmdir "${uenv_mnt_dir}" # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal SiFive board, @@ -406,7 +410,7 @@ EOF chroot mountpoint bash -c 'FK_FORCE=yes apt-get install -qqy grub-efi-riscv64 flash-kernel' efi_target=riscv64-efi # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal board, @@ -431,13 +435,13 @@ EOF fi chroot mountpoint apt-get install -qqy u-boot-sifive # FSBL, which gets U-Boot SPL - loader1="/dev/mapper${loop_device///dev/}p13" + loader1="${loop_device}p13" # The real U-Boot - loader2="/dev/mapper${loop_device///dev/}p14" + loader2="${loop_device}p14" dd if=mountpoint/usr/lib/u-boot/${u_boot_arch}/u-boot-spl.bin of=$loader1 dd if=mountpoint/usr/lib/u-boot/${u_boot_arch}/u-boot.itb of=$loader2 # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal SiFive board, @@ -517,16 +521,26 @@ EOF disk_image=binary/boot/disk-uefi.ext4 +# create the disk create_empty_disk_image "${disk_image}" create_partitions "${disk_image}" mount_image "${disk_image}" 1 -# Copy the chroot in to the disk +# create and mount the rootfs partition make_ext4_partition "${rootfs_dev_mapper}" mkdir mountpoint mount "${rootfs_dev_mapper}" mountpoint -cp -a chroot/* mountpoint/ -umount mountpoint + +# create and mount the ESP +create_and_mount_uefi_partition mountpoint + +# Copy the chroot into the disk +cp -a chroot/* mountpoint + +configure_chroot mountpoint + +# cleanup the mount +umount -R mountpoint rmdir mountpoint install_grub diff --git a/live-build/ubuntu-cpc/hooks.d/chroot/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks.d/chroot/999-cpc-fixes.chroot index 9a25c0a0..50b6a496 100755 --- a/live-build/ubuntu-cpc/hooks.d/chroot/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks.d/chroot/999-cpc-fixes.chroot @@ -124,6 +124,21 @@ fi #### END COMMON ARCH FUNCTIONS +# For everything except s390x, disable kernel and initramfs symlinks +case $arch in + # On s390x the sipl.conf is static right now with just two boot options. + s390x) + exit 0 + ;; +esac + +find "${rootd}/boot" -type l -exec rm {} \; +kernel_img_conf="${rootd}/etc/kernel-img.conf" +if grep -q '^do_symlinks = ' "$kernel_img_conf" 2> /dev/null; then + sed -i 's/^do_symlinks = .*$/do_symlinks = no/g' "$kernel_img_conf" +else + echo "do_symlinks = no" >> "$kernel_img_conf" +fi case $arch in # ARM, ppc, riscv64 and s390x images are special diff --git a/live-build/ubuntu/hooks/020-canary-enhanced-sb.binary b/live-build/ubuntu/hooks/020-canary-enhanced-sb.binary index 3083e3dc..befa36ec 100644 --- a/live-build/ubuntu/hooks/020-canary-enhanced-sb.binary +++ b/live-build/ubuntu/hooks/020-canary-enhanced-sb.binary @@ -107,7 +107,12 @@ Ekm0W8qT4AT0GSk5CY8kx+UvCn6FLxMuv8xjWoX3OLcQx31yO6Uy6c2LN6nSlovDghKP5V1KvlKl WiXM9CPKCZv/Es3uOp/ke0wWL7v0MZhzUJ+QhOtTNg== EOF -env SNAPPY_STORE_NO_CDN=1 snap prepare-image --classic config/classic-model.model chroot +channel="" +if [ -n "$CHANNEL" ]; then + channel="--channel $CHANNEL" +fi +env SNAPPY_STORE_NO_CDN=1 snap prepare-image \ + --classic config/classic-model.model $channel chroot mv chroot/system-seed/systems/* chroot/system-seed/systems/enhanced-secureboot-desktop rsync -a chroot/system-seed/ chroot/var/lib/snapd/seed rm -rf chroot/system-seed/ diff --git a/live-build/ubuntu/hooks/020-canary-live.binary b/live-build/ubuntu/hooks/020-canary-live.binary index f7fe266b..d3582a95 100755 --- a/live-build/ubuntu/hooks/020-canary-live.binary +++ b/live-build/ubuntu/hooks/020-canary-live.binary @@ -63,7 +63,12 @@ oPijs/y+KJ4DbdrmiwwWCxQZcx2T5GG4HB38eIsnmEWTyml02lOL9sWq6qKuk95a3DhF+Q02+zkG c3kEHr8kcSEkJtgwre/RjjlvGYhur1rZ4i0G6gGBLw== EOF -env SNAPPY_STORE_NO_CDN=1 snap prepare-image --classic config/classic-model-installer.model chroot +channel="" +if [ -n "$CHANNEL" ]; then + channel="--channel $CHANNEL" +fi +env SNAPPY_STORE_NO_CDN=1 snap prepare-image \ + --classic config/classic-model-installer.model $channel chroot mv chroot/system-seed/systems/* chroot/system-seed/systems/classic-installer rsync -a chroot/system-seed/ chroot/var/lib/snapd/seed rm -rf chroot/system-seed/ diff --git a/live-build/ubuntu/hooks/020-canary-live.chroot_early b/live-build/ubuntu/hooks/020-canary-live.chroot_early index 5bd741dd..4fb89b37 100755 --- a/live-build/ubuntu/hooks/020-canary-live.chroot_early +++ b/live-build/ubuntu/hooks/020-canary-live.chroot_early @@ -19,3 +19,10 @@ EOF cat < /etc/initramfs-tools/conf.d/default-layer.conf LAYERFS_PATH=${PASS}.squashfs EOF + +if [ "$(dpkg --print-architecture)" = amd64 ]; then + echo "I: Enabling amd64 multiarch support on amd64" + dpkg --add-architecture i386 + + apt-get -y update +fi