Lubuntu/livecd-rootfs
3
0
Fork 0
mirror of https://git.launchpad.net/livecd-rootfs synced 2025-08-14 18:24:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Imported 23.10.52 from mantic-release pocket.

Browse Source 
No reason for CPC update specified.
This commit is contained in:
CloudBuilder 2023-10-03 14:51:09 +00:00
parent f394ee08a7
commit 286484e57b
8 changed files with 53 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
debian/changelog vendored
View File

@ -1,3 +1,20 @@
livecd-rootfs (23.10.52) mantic; urgency=medium
[ Philip Roche ]
* fix: Sort filelists creating when building ubuntu-cpc images (LP: #2033677)
* fix: Create .filelist in ubuntu-cpc project binary hooks that do not use
create_manifest shared function (LP: #2033751)
* fix: Ensure any created .filelist is symlinked with expected prefix
and correct permissions
* fix: disk-image-non-cloud ubuntu-cpc build target now provides
manifest and filelist
[ Steve Langasek ]
* remove ssl-cert "snakeoil" private keys from images, since this makes
them not very private. LP: #2037869.
-- Steve Langasek <steve.langasek@ubuntu.com> Mon, 02 Oct 2023 18:13:03 -0700
livecd-rootfs (23.10.51) mantic; urgency=medium livecd-rootfs (23.10.51) mantic; urgency=medium
[ Dimitri John Ledkov ] [ Dimitri John Ledkov ]

8
live-build/auto/build
View File

@ -616,6 +616,14 @@ if [ -e "binary/$INITFS/filesystem.packages" ]; then
ln "binary/$INITFS/filesystem.packages" "$PREFIX.manifest" ln "binary/$INITFS/filesystem.packages" "$PREFIX.manifest"
chmod 644 "$PREFIX.manifest" chmod 644 "$PREFIX.manifest"
fi fi
# If a .filelist is present, use it as the filelist for the image by
# symlinking with expected name and updating permissions
if [ -e "binary/$INITFS/filesystem.filelist" ]; then
ln "binary/$INITFS/filesystem.filelist" "$PREFIX.filelist"
chmod 644 "$PREFIX.filelist"
fi
if [ -e "binary/$INITFS/filesystem.packages-remove" ]; then if [ -e "binary/$INITFS/filesystem.packages-remove" ]; then
# Not a typo, empty manifest-remove has a single LF in it. :/ # Not a typo, empty manifest-remove has a single LF in it. :/
if [ $(cat binary/$INITFS/filesystem.packages-remove | wc -c) -gt 1 ]; then if [ $(cat binary/$INITFS/filesystem.packages-remove | wc -c) -gt 1 ]; then

12
live-build/auto/config
View File

@ -1300,6 +1300,18 @@ if [ "${IMAGE_HAS_HARDCODED_PASSWORD:-}" = "1" ]; then
fi fi
fi fi
# apply this hook unconditionally to remove files from the chroot that
# are supposed to be install-specific secrets and therefore must never
# be shipped in any image.
# this hook should be extended if we discover any more files that are
# supposed to be private but aren't.
cat > config/hooks/100-too-many-secrets.chroot <<EOF
#!/bin/sh
rm -fv /etc/ssl/private/ssl-cert-snakeoil.key \
/etc/ssl/certs/ssl-cert-snakeoil.pem
EOF
case $PROJECT in case $PROJECT in
ubuntu-cpc|ubuntu-core|ubuntu-base|ubuntu-oci|ubuntu-wsl|ubuntu-mini-iso) ubuntu-cpc|ubuntu-core|ubuntu-base|ubuntu-oci|ubuntu-wsl|ubuntu-mini-iso)
# ubuntu-cpc gets this added in 025-create-groups.chroot, and we do # ubuntu-cpc gets this added in 025-create-groups.chroot, and we do

2
live-build/functions
View File

@ -47,7 +47,7 @@ create_manifest() {
if [ "$PROJECT" = ubuntu-cpc ]; then if [ "$PROJECT" = ubuntu-cpc ]; then
echo "create_manifest creating file listing." echo "create_manifest creating file listing."
local target_filelist=${2%.manifest}.filelist local target_filelist=${2%.manifest}.filelist
(cd "${chroot_root}" && find -xdev) > "${target_filelist}" (cd "${chroot_root}" && find -xdev) | sort > "${target_filelist}"
fi fi
echo "create_manifest finished" echo "create_manifest finished"
} }

5
live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary
View File

@ -75,6 +75,11 @@ make_ext4_partition "${rootfs_dev_mapper}"
mkdir mountpoint mkdir mountpoint
mount "${rootfs_dev_mapper}" mountpoint mount "${rootfs_dev_mapper}" mountpoint
cp -a chroot/* mountpoint/ cp -a chroot/* mountpoint/
# the image has been modified from its disk-image-uefi base so the manifest and filelist should be regenerated
chroot mountpoint dpkg-query -W > binary/boot/filesystem.packages
(cd mountpoint && find -xdev) | sort > binary/boot/filesystem.filelist
umount mountpoint umount mountpoint
rmdir mountpoint rmdir mountpoint

4
live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi-non-cloud.binary
View File

@ -431,6 +431,10 @@ EOF
rm mountpoint/tmp/device.map rm mountpoint/tmp/device.map
umount mountpoint/boot/efi umount mountpoint/boot/efi
mount mount
# create sorted filelist as the very last step before unmounting
(cd mountpoint && find -xdev) | sort > binary/boot/filesystem.filelist
umount_partition mountpoint umount_partition mountpoint
rmdir mountpoint rmdir mountpoint
} }

4
live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary
View File

@ -179,6 +179,10 @@ install_grub() {
rm mountpoint/tmp/device.map rm mountpoint/tmp/device.map
umount -R mountpoint/boot umount -R mountpoint/boot
mount mount
# create sorted filelist as the very last step before unmounting
(cd mountpoint && find -xdev) | sort > binary/boot/filesystem.filelist
umount_partition mountpoint umount_partition mountpoint
rmdir mountpoint rmdir mountpoint
} }

2
live-build/ubuntu-cpc/hooks.d/base/series/disk-image-non-cloud
View File

@ -2,3 +2,5 @@ base/disk-image-uefi-non-cloud.binary
base/disk-image.binary base/disk-image.binary
base/disk1-img-xz.binary base/disk1-img-xz.binary
provides livecd.ubuntu-cpc.disk1.img.xz provides livecd.ubuntu-cpc.disk1.img.xz
provides livecd.ubuntu-cpc.manifest
provides livecd.ubuntu-cpc.filelist