diff --git a/debian/changelog b/debian/changelog index ef831f37..83b02ec8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,208 @@ +livecd-rootfs (2.843) mantic; urgency=medium + + * Unconditionally enable i386 in the chroot for Ubuntu Desktop; the new + installer doesn't handle enabling this at install time, and late + enablement also misses us some recommends. + * Restore losetup code, the necessary launchpad-buildd changes were being + deployed just as this revert landed. + + -- Steve Langasek Fri, 26 May 2023 13:51:18 -0700 + +livecd-rootfs (2.842) mantic; urgency=medium + + * Revert once again the kpartx->losetup changes as those are causing + constant build failures for RISC-V images. This clearly needs some more + investigation before proceeding. This means that we're back to using + kpartx for loop device setup. + + -- Łukasz 'sil2100' Zemczak Wed, 24 May 2023 11:07:21 +0200 + +livecd-rootfs (2.841) mantic; urgency=medium + + * The base seed for edubuntu is desktop-gnome, not desktop. LP: #2019060. + + -- Steve Langasek Wed, 17 May 2023 23:50:57 -0700 + +livecd-rootfs (2.840) mantic; urgency=medium + + * auto/config: switch ubuntucinnamon and ubuntu-unity builds to use add_task + to get their desktop packages. Previously most (all?) flavour builds got + the snaps from that flavour's "desktop" seed implicitly added, but now an + explicit add_task is needed. + * auto/config: alter check for unexpectedly seeded snaps in + ubuntu-cpc:minimized build. As the build no longer implicitly seeds the + snaps from the server seed, we can just assert no snaps are seeded. This + fixes an autopkgtest regression but also cleaner. + + -- Michael Hudson-Doyle Thu, 18 May 2023 11:33:59 +1200 + +livecd-rootfs (2.839) mantic; urgency=medium + + * Drop use of --removable flag to grub-install from + live-build/buildd/hooks/02-disk-image-uefi.binary, to match the cloud + images (7c760864fdcb278ca37396f06f5e3f297428d63d). This fixes + bootloader updates in the buildd images, but also fixes compatibility + with using devtmpfs for losetup. + + -- Steve Langasek Wed, 17 May 2023 09:27:56 -0700 + +livecd-rootfs (2.838) mantic; urgency=medium + + * auto/config: Set FLAVOUR appropriately for flavours added since the + expand-task branch was created. + * live-build/expand-task: Fix expansion of tasks with non-flavour specific + name (e.g. "minimal") when building a non-Ubuntu flavour. + * auto/config: Do not include the ubuntu-desktop-minimal task in edubuntu. + Cross flavour task references do not work with the approach expand-task + takes, and the ubuntu-desktop-minimal package is part of the + edubuntu-desktop-gnome task already. + * live-build/expand-task: handle seeding of classic snaps correctly. + + -- Michael Hudson-Doyle Wed, 17 May 2023 15:53:50 +1200 + +livecd-rootfs (2.837) mantic; urgency=medium + + * auto/config: Rewrite add_task to use a Python script that cribs the logic + from lp:ubuntu-archive-publishing's generate_extra_overrides.py. This + means we can avoid some dubious hacks around seeding snaps and no longer + depend on the Task headers in the archive. (LP: #2019265) + + -- Michael Hudson-Doyle Mon, 15 May 2023 09:36:29 +1200 + +livecd-rootfs (2.836) mantic; urgency=medium + + * canary: include cryptsetup in the live layer + + -- Dan Bungert Thu, 11 May 2023 19:16:18 -0600 + +livecd-rootfs (2.835) mantic; urgency=medium + + * canary: fix the lookup location for 'enhanced-secureboot-desktop' + + -- Dan Bungert Wed, 10 May 2023 16:01:02 -0600 + +livecd-rootfs (2.834) mantic; urgency=medium + + * Use the correct seed base for edubuntu. LP: #2019060. + + -- Steve Langasek Tue, 09 May 2023 19:06:50 -0700 + +livecd-rootfs (2.833) mantic; urgency=medium + + [ Łukasz 'sil2100' Zemczak ] + * Add ubuntucinnamon, ubuntu-unity and edubuntu to the workaround for the + invalid apt cache issue we encountered during all of our previous + releases. + * Switch to use the desktop model for the installer for the canary images. + + [ Steve Langasek ] + * Try to use udevadm settle after losetup to resolve race in riscv64 image + builds. + + -- Steve Langasek Mon, 08 May 2023 15:47:08 -0700 + +livecd-rootfs (2.832) lunar; urgency=medium + + * Clean up some remaining references to /dev/mapper. + + -- Steve Langasek Mon, 17 Apr 2023 18:50:18 -0700 + +livecd-rootfs (2.831) lunar; urgency=medium + + * Use the correct path for the loop device. + + -- Steve Langasek Mon, 17 Apr 2023 16:11:52 -0700 + +livecd-rootfs (2.830) lunar; urgency=medium + + * Call losetup -d properly. + + -- Steve Langasek Mon, 17 Apr 2023 12:22:19 -0700 + +livecd-rootfs (2.829) lunar; urgency=medium + + [ Loïc Minier ] + * Initial support for NVIDIA Tegra. LP: #2015644. + + [ Steve Langasek ] + * Use losetup instead of kpartx to try to resolve race conditions in + riscv64 image builds. + + -- Steve Langasek Mon, 17 Apr 2023 08:22:21 -0700 + +livecd-rootfs (2.828) lunar; urgency=medium + + * 099-ubuntu-image-customization.chroot: Remove redundant creation of oem + user and oem-config-prepare (LP: #2016285) + + -- Dave Jones Fri, 14 Apr 2023 09:48:31 +0100 + +livecd-rootfs (2.827) lunar; urgency=medium + + * Fix netboot tarball generation code to properly handle the recent change + of shim to use alternatives (and the path becoming a symlink). + + -- Łukasz 'sil2100' Zemczak Thu, 13 Apr 2023 19:28:46 +0200 + +livecd-rootfs (2.826) lunar; urgency=medium + + * Now that we moved the seeding for canary into further layers, a resed of + the preseeding is not required. + + -- Łukasz 'sil2100' Zemczak Thu, 13 Apr 2023 14:46:43 +0200 + +livecd-rootfs (2.825) lunar; urgency=medium + + * For canary images, actually consider moving the seed listed snaps from + both minimal and standard layers to the classic layer. + + -- Łukasz 'sil2100' Zemczak Thu, 13 Apr 2023 11:46:37 +0200 + +livecd-rootfs (2.824) lunar; urgency=medium + + * Fix build failures of desktop raspi images due to canary hooks + interfering. + + -- Łukasz 'sil2100' Zemczak Thu, 13 Apr 2023 09:43:58 +0200 + +livecd-rootfs (2.823) lunar; urgency=medium + + * Update infinite_scream URL to mastodon + * Make PROPOSED=1 builds work with NotAutomatic (lunar and later). + LP: #2016022. + + -- Steve Langasek Wed, 12 Apr 2023 10:40:56 -0700 + +livecd-rootfs (2.822) lunar; urgency=medium + + [ jchittum ] + * riscv64: fix conditional check in install-grub to correctly check if + platform supports grub-efi-64, or exit func. (LP: #2015750) + + -- Steve Langasek Mon, 10 Apr 2023 08:37:30 -0700 + +livecd-rootfs (2.821) lunar; urgency=medium + + [ Chad Smith ] + * desktop livecd: allow cloud-init to write netplan config instead of + directly to /etc/NetworkManager because ubuntu-desktop-installer + will write netplan config in ephemeral boot stage when + autoinstall.network is provided. This allows ubuntu-desktop-installer + to control all netplan config written and apply to the ephemeral boot + as generated from /etc/netplan/*. (LP: #2015605) + + [ Dan Bungert ] + * d/control: fix uninstallability of livecd-rootfs due to rsync not being on + i386. + + -- Dan Bungert Fri, 07 Apr 2023 17:24:28 -0600 + +livecd-rootfs (2.820) lunar; urgency=medium + + * Initial implementation of canary image builds for 23.04. + + -- Łukasz 'sil2100' Zemczak Wed, 05 Apr 2023 20:50:35 +0200 + livecd-rootfs (2.819) lunar; urgency=medium [ Heinrich Schuchardt ] diff --git a/debian/control b/debian/control index c4987af0..b36bcc48 100644 --- a/debian/control +++ b/debian/control @@ -26,6 +26,8 @@ Depends: ${misc:Depends}, live-build (>= 3.0~a57-1ubuntu31~), lsb-release, lzma, + make, + mount, parted, procps, python3, @@ -33,6 +35,7 @@ Depends: ${misc:Depends}, python3-launchpadlib [!i386], python3-yaml, qemu-utils [!i386], + rsync [!i386], snapd (>= 2.39) [!i386], squashfs-tools (>= 1:3.3-1), sudo, diff --git a/live-build/auto/build b/live-build/auto/build index ee0f60e2..9008abc7 100755 --- a/live-build/auto/build +++ b/live-build/auto/build @@ -351,7 +351,7 @@ EOF fi if [ -d chroot/etc/apt/preferences.d.save ]; then - # https://twitter.com/infinite_scream + # https://mastodon.social/@scream@botsin.space mv chroot/etc/apt/preferences.d.save/* chroot/etc/apt/preferences.d/ rmdir chroot/etc/apt/preferences.d.save fi @@ -502,7 +502,7 @@ EOF # affected by this, we manually clear out the archive-related Packages # files in the cache. case $PROJECT in - ubuntu|xubuntu|kubuntu|ubuntu-budgie|ubuntukylin|ubuntu-mate) + ubuntu|xubuntu|kubuntu|ubuntu-budgie|ubuntukylin|ubuntu-mate|ubuntucinnamon|ubuntu-unity|edubuntu) rm -f chroot/var/lib/apt/lists/*ubuntu.com*_Packages ;; esac diff --git a/live-build/auto/config b/live-build/auto/config index 62305f90..01646dfa 100755 --- a/live-build/auto/config +++ b/live-build/auto/config @@ -36,6 +36,7 @@ mkdir -p config cp -af /usr/share/livecd-rootfs/live-build/functions config/functions cp -af /usr/share/livecd-rootfs/live-build/lb_*_layered config/ cp -af /usr/share/livecd-rootfs/live-build/snap-seed-parse.py config/snap-seed-parse +cp -af /usr/share/livecd-rootfs/live-build/expand-task config/expand-task cp -af /usr/share/livecd-rootfs/live-build/squashfs-exclude-files config/ mkdir -p config/package-lists @@ -95,59 +96,47 @@ _register_pass () { PASSES="$PASSES $1" } +add_pass () +{ + local pass="$1" + _check_immutable_passes_to_layers + _register_pass "$pass" +} + add_task () { local pass="$1" shift - local task - local snap_list_file - local snap_list_files - local curseed + local file pkg_file snap_file task _check_immutable_passes_to_layers _register_pass "$pass" - # The removal of direct task installation support from live-build - # poses some problems. If the chroot has multiarch configured - for - # example, if we're building for amd64 - then dumpavail will show - # foreign-architecture packages which will have their own Task - # lines, but which we don't want to install. (Compare - # PackageContainerInterface::FromTask in apt, which restricts task - # expansion to the native architecture.) We therefore restrict our - # search to stanzas with Architecture: $ARCH or all. - # - # However, even this may not be accurate enough. At the moment I - # have no idea what happens if an Architecture: all package has - # different Task fields on different architectures. This is - # probably a lurking timebomb that we need to fix. In the meantime, - # the Architecture restriction at least saves us from abject - # failure. - # - # We want as well to grab the snap list for each PASS. Resolve for all - # given task, and deduplicate them to generate snaps for the PASS. + if [ ! -e config/germinate-output/structure ]; then + echo "add_task too soon" >&2 + exit 1 + fi + + pkg_file="config/package-lists/livecd-rootfs.list.chroot_$pass" + + if [ $PASSES_TO_LAYERS = "true" ]; then + snap_file="config/package-lists/livecd-rootfs.snaplist.chroot_$pass.full" + else + snap_file="config/seeded-snaps" + fi for task; do - # We need a ridiculous number of backslashes to protect - # parentheses from eval. - echo "!chroot chroot apt-cache dumpavail | grep-dctrl -nsPackage \\\\\\( -XFArchitecture $ARCH -o -XFArchitecture all \\\\\\) -a -wFTask $task" >> "config/package-lists/livecd-rootfs.list.chroot_$pass" - - curseed=$(seed_from_task ${task}) - if [ -z "${curseed}" ]; then - echo "W: No seed matching task ${task}" - continue - fi - snap_list_file="config/package-lists/seed.${curseed}.snaplist.full" - snap_from_seed "${curseed}" $snap_list_file - if [ -e "$snap_list_file" ]; then - snap_list_files="${snap_list_files} $snap_list_file" + ./config/expand-task config/germinate-output $FLAVOUR $task packages >> "$pkg_file" + ./config/expand-task config/germinate-output $FLAVOUR $task snaps >> "$snap_file" + done + + for file in $pkg_file $snap_file; do + if [ -s $file ]; then + sort -u -o $file $file + else + rm -f $file fi done - # The snap list is one line, and could be duplicated between seeds via inheritance. - # Uniquely sort them and store them back in one line. - if [ -n "${snap_list_files}" ]; then - cat ${snap_list_files}|xargs -n1|sort -u > "config/package-lists/livecd-rootfs.snaplist.chroot_${pass}.full" - rm ${snap_list_files} - fi } add_package () @@ -611,35 +600,38 @@ fi mkdir -p config/germinate-output case $PROJECT in + edubuntu*) + FLAVOUR=edubuntu + ;; kubuntu*) - SEED=kubuntu.$SUITE + FLAVOUR=kubuntu ;; xubuntu*) - SEED=xubuntu.$SUITE + FLAVOUR=xubuntu ;; ubuntu-mate*) - SEED=ubuntu-mate.$SUITE + FLAVOUR=ubuntu-mate ;; ubuntu-unity*) - SEED=ubuntu-unity.$SUITE + FLAVOUR=ubuntu-unity ;; lubuntu*) - SEED=lubuntu.$SUITE + FLAVOUR=lubuntu ;; ubuntu-budgie*) - SEED=ubuntu-budgie.$SUITE + FLAVOUR=ubuntu-budgie ;; ubuntukylin*) - SEED=ubuntukylin.$SUITE + FLAVOUR=ubuntukylin ;; ubuntustudio*) - SEED=ubuntustudio.$SUITE + FLAVOUR=ubuntustudio ;; ubuntucinnamon*) - SEED=ubuntucinnamon.$SUITE + FLAVOUR=ubuntucinnamon ;; *) - SEED=ubuntu.$SUITE + FLAVOUR=ubuntu ;; esac @@ -667,7 +659,7 @@ if ! [ -e config/germinate-output/structure ]; then GERMINATE_ARG="-c $(echo $COMPONENTS | sed -e's/ \+/,/g')" fi (cd config/germinate-output && germinate --no-rdepends --no-installer \ - -S $SEEDMIRROR -m $MIRROR -d $SUITE -s $SEED \ + -S $SEEDMIRROR -m $MIRROR -d $SUITE -s $FLAVOUR.$SUITE \ $GERMINATE_ARG -a $ARCH) fi @@ -711,6 +703,66 @@ case $PROJECT in ;; esac ;; + canary) + PASSES_TO_LAYERS="true" + # the minimal layer, for minimal installs + add_task minimal minimal standard ubuntu-desktop-minimal ubuntu-desktop-minimal-default-languages + add_package minimal cloud-init + # the standard layer, contains all base common packages for later layers (we're splitting out the snaps) + add_task minimal.standard ubuntu-desktop ubuntu-desktop-default-languages + # the classic layer, basically only contains snaps from the standard and minimal tasks + add_pass minimal.standard.classic + if [ -e "config/package-lists/livecd-rootfs.snaplist.chroot_minimal.full" ]; then + cat config/package-lists/livecd-rootfs.snaplist.chroot_minimal.full >>config/package-lists/livecd-rootfs.snaplist.chroot_minimal.standard.classic.full + rm config/package-lists/livecd-rootfs.snaplist.chroot_minimal.full + fi + if [ -e "config/package-lists/livecd-rootfs.snaplist.chroot_minimal.standard.full" ]; then + cat config/package-lists/livecd-rootfs.snaplist.chroot_minimal.standard.full >>config/package-lists/livecd-rootfs.snaplist.chroot_minimal.standard.classic.full + rm config/package-lists/livecd-rootfs.snaplist.chroot_minimal.standard.full + fi + # the live layer, contains all packages for the live session installer + # TODO: we should probably add the kernel per KERNEL_FLAVOURS + add_package minimal.standard.live linux-generic casper lvm2 mdadm cryptsetup + remove_package minimal.standard.live ubiquity-frontend-gtk + # the enhanced-secureboot layer, contains all packages for the enhanced secureboot install + add_package minimal.standard.enhanced-secureboot cryptsetup + # now let's create the neccessary catalog files + # TODO: make sure that we handle locale_support: langpack correctly + cat <<-EOF > config/minimal.catalog-in.yaml + name: "Ubuntu Desktop (minimized)" + description: >- + A minimal but usable Ubuntu Desktop. + id: ubuntu-desktop-minimal + type: fsimage-layered + variant: desktop + locale_support: none + EOF + cat <<-EOF > config/minimal.standard.catalog-in.yaml + name: "Ubuntu Desktop" + description: >- + A full featured Ubuntu Desktop. + id: ubuntu-desktop + type: fsimage-layered + variant: desktop + locale_support: none + default: yes + EOF + cat <<-EOF > config/minimal.standard.classic.catalog-in.yaml + id: ubuntu-desktop + variations: + classic: + path: minimal.standard.squashfs + EOF + cat <<-EOF > config/minimal.standard.enhanced-secureboot.catalog-in.yaml + id: ubuntu-desktop + variations: + enhanced-secureboot: + path: minimal.standard.enhanced-secureboot.squashfs + snapd_system_label: enhanced-secureboot-desktop + EOF + /usr/share/livecd-rootfs/checkout-translations-branch \ + https://git.launchpad.net/subiquity po config/catalog-translations + ;; *) touch config/universe-enabled PASSES_TO_LAYERS="true" @@ -770,13 +822,12 @@ case $PROJECT in ;; edubuntu) - add_task install minimal standard ubuntu-desktop-minimal edubuntu-desktop-gnome + add_task install minimal standard edubuntu-desktop-gnome LIVE_TASK='edubuntu-live' ;; ubuntucinnamon) - add_task install minimal standard - add_package install ubuntucinnamon-desktop + add_task install minimal standard ubuntucinnamon-desktop # XXX: Adding live packages manually temporarily until we have # the live task for ubuntucinnamon set up properly. add_package live ubiquity-frontend-gtk @@ -838,8 +889,7 @@ case $PROJECT in ;; ubuntu-unity) - add_task install minimal standard - add_package install ubuntu-unity-desktop + add_task install minimal standard ubuntu-unity-desktop # XXX: Adding live packages manually temporarily until we have # the live task for ubuntu-unity set up properly. add_package live metacity ubiquity-frontend-gtk @@ -870,8 +920,6 @@ case $PROJECT in add_task ubuntu-server-minimal server-minimal add_package ubuntu-server-minimal lxd-installer add_task ubuntu-server-minimal.ubuntu-server minimal standard server - # add_task really should do this itself but for now... - snap_from_seed server config/package-lists/livecd-rootfs.snaplist.chroot_ubuntu-server-minimal.ubuntu-server.full add_package ubuntu-server-minimal.ubuntu-server cloud-init add_package ubuntu-server-minimal.ubuntu-server.installer linux-firmware casper openssh-server @@ -888,6 +936,9 @@ case $PROJECT in intel-iot) variants='intel' ;; + tegra) + variants='tegra' + ;; *) # variants='ga hwe' variants='ga' @@ -904,6 +955,9 @@ case $PROJECT in elif [ "$variant" = "intel" ]; then kernel_metapkg=linux-intel-iotg flavor=intel-iotg + elif [ "$variant" = "tegra" ]; then + kernel_metapkg=linux-nvidia-tegra + flavor=nvidia-tegra else echo "bogus variant: $variant" exit 1 @@ -1087,31 +1141,24 @@ case $PROJECT:${SUBPROJECT:-} in ;; xubuntu:minimal) ;; + edubuntu:*) + BASE_SEED='desktop-gnome' + ;; *) BASE_SEED='desktop' ;; esac -if [ "$PASSES_TO_LAYERS" != "true" ] && [ -n "${BASE_SEED}" ]; then - snap_from_seed "${BASE_SEED}" config/seeded-snaps -fi if [ "$PROJECT:${SUBPROJECT:-}" = ubuntu-cpc:minimized ]; then - # We install a lxc script that installs the snap when invoked. We don't - # want any other snaps to come in without due consideration, so fail the - # build if we see such a snap. - for snap in `cat config/seeded-snaps`; do - case $snap in - lxd | lxd=*) - ;; - *) - echo "Unexpected seeded snap for ubuntu-cpc:minimized build: $snap" - exit 1 - ;; - esac - done + # We install a lxc script that installs the snap when invoked and + # don't want any other snaps. + if [ -s config/seeded-snaps ]; then + echo "Unexpected seeded snaps for ubuntu-cpc:minimized build:" + cat config/seeded-snaps + exit 1 + fi - # Truncate but don't delete to a) prevent any snaps from being seeded, - # while at the same time b) triggering initialization of assertions. + # Create an empty file to trigger initialization of assertions. truncate --size 0 config/seeded-snaps fi @@ -1156,6 +1203,11 @@ case "$ARCH${SUBARCH:++$SUBARCH}" in add_package install linux-firmware-raspi pi-bluetooth u-boot-rpi u-boot-tools BINARY_REMOVE_LINUX=false ;; + arm64+tegra) + # Common configuration for all NVIDIA Tegra image variants (server, + # desktop etc.) + KERNEL_FLAVOURS="nvidia-$SUBARCH" + ;; riscv*+*) if [ "${SUBARCH:-}" = "licheerv" ]; then # The wifi driver of the licheerv is an out-of-tree driver packaged @@ -1169,7 +1221,7 @@ case "$ARCH${SUBARCH:++$SUBARCH}" in esac case $PROJECT:${SUBPROJECT:-} in - ubuntu-server:*|ubuntu-base:*|ubuntu-oci:*) + ubuntu-server:*|ubuntu-base:*|ubuntu-oci:*|ubuntu:canary) OPTS="${OPTS:+$OPTS }--linux-packages=none --initramfs=none" KERNEL_FLAVOURS=none BINARY_REMOVE_LINUX=false @@ -1395,6 +1447,14 @@ deb $LB_PARENT_MIRROR_BINARY_VOLATILE $SUITE-proposed $LB_PARENT_ARCHIVE_AREAS EOF cp -a config/archives/proposed.list.chroot \ config/archives/proposed.list.binary + + mkdir -p config/chroot_apt/ + cat > config/chroot_apt/proposed.pref < "$mountpoint/boot/efi/bloat_file" 2> /dev/null || true @@ -770,56 +764,6 @@ snap_validate_seed() { fi } -snap_from_seed() { - local base_seed=$1 - local out=$2 - local all_snaps - local seeds_expanded - - seeds_expanded=$(inheritance ${base_seed}) - for seed in ${seeds_expanded}; do - echo "snap: considering ${seed}" - file=config/germinate-output/${seed}.snaps - [ -e "${file}" ] || continue - # extract the first column (snap package name) from germinate's output - # translate the human-readable "foo (classic)" into a - # more machine readable "foo/classic" - seed_snaps=$(sed -rn '1,/-----/d;/-----/,$d; s/(.*) \|.*/\1/; s, \(classic\),/classic,; p' "${file}") - for snap in ${seed_snaps}; do - echo "snap: found ${snap}" - all_snaps="${all_snaps:+${all_snaps} }${snap}" - done - done - if [ -n "${all_snaps}" ]; then - echo "${all_snaps}" > $out - fi -} - -seed_from_task () -{ - # Retrieve the name of the seed from a task name - local task=$1 - local seed - local seedfile - local seedfiles - - seedfile="$(grep -lE "^Task-Key: +${task}\$" config/germinate-output/*seedtext|head -1)" - if [ -n "$seedfile" ]; then - basename $seedfile .seedtext - return - fi - - seedfiles="$(grep -lE "^Task-Per-Derivative: *1\$" config/germinate-output/*seedtext)" - if [ -n "$seedfiles" ]; then - for seed in $(echo $seedfiles | xargs basename -s .seedtext); do - if [ ${PROJECT}-${seed} = $task ]; then - echo ${seed} - return - fi - done - fi -} - list_packages_from_seed () { # Store all packages for a given seed, including its seed dependency # $1: Name of the seed to expand to a package list @@ -1008,17 +952,18 @@ network: version: 2 renderer: NetworkManager EOF - - # inform cloud-init of the same (LP: #1982855) - mkdir -p chroot/etc/cloud/cloud.cfg.d - cat < chroot/etc/cloud/cloud.cfg.d/99-installer-use-networkmanager.cfg -${AUTOMATION_HEADER} -# Let NetworkManager manage all devices on this system -system_info: - network: - renderers: ['network-manager'] - activators: ['network-manager'] -EOF + # Do not limit cloud-init renderers to network-manager as suggested + # in LP: #1982855 because subiquity needs to render full networking + # in ephemeral boot time when autoinstall.network is provided. + # Neither subiquity nor netplan is aware of /etc/NetworkManager config + # artifacts emmitted by cloud-init. It's best if cloud-init reports + # network config directly to /etc/netplan with the configured netplan + # backend: NetworkManager per 01-network-manager-all.yaml above. + + # cloud-init's default renderer discovery will prefer netplan. + # Any time subiquity needs to write and apply network config + # it disables all previous network config in /etc/netplan so + # any previous 50-cloud-init.yaml will be rendered inert. # Position cloud-init.service After=NetworkManager.service. # (LP: #2008952). diff --git a/live-build/lb_binary_layered b/live-build/lb_binary_layered index f31d5e22..146978d3 100755 --- a/live-build/lb_binary_layered +++ b/live-build/lb_binary_layered @@ -116,7 +116,9 @@ build_layered_squashfs () { create_manifest "chroot" "${squashfs_f_manifest}.full" # Delta manifest - diff -NU0 ${PWD}/livecd.${PROJECT_FULL}.$(get_parent_pass $pass).manifest.full ${squashfs_f_manifest}.full|grep -v ^@ > $squashfs_f_manifest + diff -NU0 ${PWD}/livecd.${PROJECT_FULL}.$(get_parent_pass $pass).manifest.full ${squashfs_f_manifest}.full|grep -v ^@ > $squashfs_f_manifest || true + echo "Delta manifest:" + cat $squashfs_f_manifest squashfs_f_size="${base}.size" du -B 1 -s "overlay.${pass}/" | cut -f1 > "${squashfs_f_size}" diff --git a/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary b/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary index dc87a361..b5b7cffc 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/disk-image-ppc64el.binary @@ -49,7 +49,7 @@ GRUB_TIMEOUT=0 # Set the default commandline GRUB_CMDLINE_LINUX_DEFAULT="console=hvc0 earlyprintk" EOF - prep_partition="/dev/mapper${loop_device///dev/}p2" + prep_partition="${loop_device}p2" chroot mountpoint grub-install "${prep_partition}" \ --no-nvram \ --boot-directory=/boot \ diff --git a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary index c77305a2..042db427 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/disk-image-uefi.binary @@ -9,7 +9,11 @@ case $ARCH in ;; esac -case ${PROJECT:-} in +case ${PROJECT:-}:${SUBPROJECT:-} in + *:canary) + echo "We don't create EFI images for canary." + exit 0 + ;; ubuntu) IMAGE_STR="# DESKTOP_IMG: This file was created/modified by the Desktop Image build process" FS_LABEL="desktop-rootfs" @@ -193,7 +197,7 @@ create_partitions() { } create_and_mount_uefi_partition() { - uefi_dev="/dev/mapper${loop_device///dev/}p15" + uefi_dev="${loop_device}p15" mountpoint="$1" mkfs.vfat -F 32 -n UEFI "${uefi_dev}" @@ -230,7 +234,7 @@ install_grub() { # Server preinstalled image # Setup cidata sample data & nocloud fallback # Allows login on first boot with or without metadata - cidata_dev="/dev/mapper${loop_device///dev/}p14" + cidata_dev="${loop_device}p14" setup_cidata "${cidata_dev}" setup_cinocloud mountpoint fi @@ -242,7 +246,7 @@ install_grub() { # Server preinstalled image # Setup cidata sample data & nocloud fallback # Allows login on first boot with or without metadata - cidata_dev="/dev/mapper${loop_device///dev/}p14" + cidata_dev="${loop_device}p14" setup_cidata "${cidata_dev}" setup_cinocloud mountpoint fi @@ -254,7 +258,7 @@ install_grub() { # Server preinstalled image # Setup cidata sample data & nocloud fallback # Allows login on first boot with or without metadata - cidata_dev="/dev/mapper${loop_device///dev/}p13" + cidata_dev="${loop_device}p13" setup_cidata "${cidata_dev}" setup_cinocloud mountpoint fi @@ -281,10 +285,10 @@ install_grub() { efi_target=riscv64-efi # The real U-Boot chroot mountpoint apt-get install -qqy u-boot-microchip - loader="/dev/mapper${loop_device///dev/}p13" + loader="${loop_device}p13" dd if=mountpoint/usr/lib/u-boot/microchip_icicle/u-boot.payload of=$loader # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal board, @@ -326,10 +330,10 @@ install_grub() { chroot mountpoint apt-get install -qqy u-boot-nezha # Since version 2022.10 U-Boot SPL and U-Boot are installed onto the same partition. # Package nezha-boot0 is not needed anymore. - loader1="/dev/mapper${loop_device///dev/}p13" + loader1="${loop_device}p13" dd if=mountpoint/usr/lib/u-boot/${SUBARCH}/u-boot-sunxi-with-spl.bin of=$loader1 # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal SiFive board, @@ -355,7 +359,7 @@ install_grub() { efi_target=riscv64-efi # factory u-boot requires a p3 partition with /boot/uEnv.txt file - uenv_dev="/dev/mapper${loop_device///dev/}p3" + uenv_dev="${loop_device}p3" mkfs.ext4 "${uenv_dev}" uenv_mnt_dir=`mktemp -d uenvXXX` mount "${uenv_dev}" "${uenv_mnt_dir}" @@ -383,7 +387,7 @@ EOF umount "${uenv_mnt_dir}" rmdir "${uenv_mnt_dir}" # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal SiFive board, @@ -402,7 +406,7 @@ EOF chroot mountpoint bash -c 'FK_FORCE=yes apt-get install -qqy grub-efi-riscv64 flash-kernel' efi_target=riscv64-efi # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal board, @@ -427,13 +431,13 @@ EOF fi chroot mountpoint apt-get install -qqy u-boot-sifive # FSBL, which gets U-Boot SPL - loader1="/dev/mapper${loop_device///dev/}p13" + loader1="${loop_device}p13" # The real U-Boot - loader2="/dev/mapper${loop_device///dev/}p14" + loader2="${loop_device}p14" dd if=mountpoint/usr/lib/u-boot/${u_boot_arch}/u-boot-spl.bin of=$loader1 dd if=mountpoint/usr/lib/u-boot/${u_boot_arch}/u-boot.itb of=$loader2 # Provide end-user modifyable CIDATA - cidata_dev="/dev/mapper${loop_device///dev/}p12" + cidata_dev="${loop_device}p12" setup_cidata "${cidata_dev}" # Provide stock nocloud datasource # Allow interactive login on baremetal SiFive board, @@ -451,7 +455,7 @@ EOF if [ "${SUBARCH:-}" != "nezha" ] && \ [ "${SUBARCH:-}" != "licheerv" ] && \ - [ "${SUBARCH:-}" != "icicle" ] \ + [ "${SUBARCH:-}" != "icicle" ] && \ [ "${SUBARCH:-}" != "visionfive" ] && \ [ "${SUBARCH:-}" != "visionfive2" ]; then ## TODO remove below once we have grub-efi-riscv64 for the platforms diff --git a/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early b/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early index a6a19f86..ed02f8b6 100755 --- a/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early +++ b/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early @@ -13,6 +13,8 @@ case $PASS in kernel_metapkg=linux-generic-hwe-$(lsb_release -sr) elif [ "$flavor" = "intel-iotg" ]; then kernel_metapkg=linux-intel-iotg + elif [ "$flavor" = "nvidia-tegra" ]; then + kernel_metapkg=linux-nvidia-tegra else echo "bogus flavor: $flavor" exit 1 diff --git a/live-build/ubuntu-server/hooks/05-netboot-tarball.binary b/live-build/ubuntu-server/hooks/05-netboot-tarball.binary index 658af15f..eef58f64 100755 --- a/live-build/ubuntu-server/hooks/05-netboot-tarball.binary +++ b/live-build/ubuntu-server/hooks/05-netboot-tarball.binary @@ -33,7 +33,12 @@ case $ARCH in amd64) mv chroot/usr/lib/PXELINUX/pxelinux.0 tarball/amd64/pxelinux.0 mv chroot/usr/lib/syslinux/modules/bios/ldlinux.c32 tarball/amd64/ldlinux.c32 - mv chroot/usr/lib/shim/shimx64.efi.signed tarball/amd64/bootx64.efi + # For shim we're now using alternatives + if [ -e chroot/usr/lib/shim/shimx64.efi.signed.latest ]; then + mv chroot/usr/lib/shim/shimx64.efi.signed.latest tarball/amd64/bootx64.efi + else + mv chroot/usr/lib/shim/shimx64.efi.signed tarball/amd64/bootx64.efi + fi mv chroot/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed tarball/amd64/grubx64.efi mkdir tarball/amd64/grub tarball/amd64/pxelinux.cfg @@ -54,7 +59,12 @@ EOF ;; arm64) - mv chroot/usr/lib/shim/shimaa64.efi.signed tarball/arm64/bootaa64.efi + # For shim we're now using alternatives + if [ -e chroot/usr/lib/shim/shimaa64.efi.signed.latest ]; then + mv chroot/usr/lib/shim/shimaa64.efi.signed.latest tarball/arm64/bootaa64.efi + else + mv chroot/usr/lib/shim/shimaa64.efi.signed tarball/arm64/bootaa64.efi + fi mv chroot/usr/lib/grub/arm64-efi-signed/grubnetaa64.efi.signed tarball/arm64/grubaa64.efi mkdir tarball/arm64/grub diff --git a/live-build/ubuntu/hooks/020-canary-enhanced-sb.binary b/live-build/ubuntu/hooks/020-canary-enhanced-sb.binary new file mode 100644 index 00000000..3083e3dc --- /dev/null +++ b/live-build/ubuntu/hooks/020-canary-enhanced-sb.binary @@ -0,0 +1,113 @@ +#! /bin/sh + +set -eux + +case ${PASS:-} in + minimal.standard.enhanced-secureboot) + ;; + *) + exit 0 + ;; +esac + +case ${SUBPROJECT:-} in + canary) + ;; + *) + echo "We don't run canary hooks for this project." + exit 0 + ;; +esac + +# env SNAPPY_STORE_NO_CDN=1 snap known --remote model series=16 brand-id=canonical model=ubuntu-classic-2304-amd64 > config/classic-model.model +cat < config/classic-model.model +type: model +authority-id: canonical +series: 16 +brand-id: canonical +model: ubuntu-classic-2304-amd64 +architecture: amd64 +base: core22 +classic: true +distribution: ubuntu +grade: signed +snaps: + - + default-channel: classic-23.04/stable + id: UqFziVZDHLSyO3TqSWgNBoAdHbLI4dAH + name: pc + type: gadget + - + default-channel: 24-hwe/stable + id: pYVQrBcKmBa0mZ4CCN7ExT6jH8rY1hza + name: pc-kernel + type: kernel + - + default-channel: latest/stable + id: amcUKQILKXHHTlmSa7NMdnXSx02dNeeT + name: core22 + type: base + - + default-channel: latest/stable + id: PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4 + name: snapd + type: snapd + - + default-channel: latest/stable + id: DLqre5XGLbDqg9jPtiAhRRjDuPVa5X1q + name: core20 + type: base + - + default-channel: latest/stable + id: EISPgh06mRh1vordZY9OZ34QHdd7OrdR + name: bare + type: base + - + default-channel: latest/stable + id: 3wdHCAVyZEmYsCMFDE9qt92UV8rC8Wdk + name: firefox + type: app + - + default-channel: latest/stable + id: rw36mkAjdIKl13dzfwyxP87cejpyIcct + name: gnome-3-38-2004 + type: app + - + default-channel: latest/stable + id: lATO8HzwVvrAPrlZRAWpfyrJKlAJrZS3 + name: gnome-42-2204 + type: app + - + default-channel: latest/stable + id: jZLfBRzf1cYlYysIjD2bwSzNtngY0qit + name: gtk-common-themes + type: app + - + default-channel: latest/stable + id: gjf3IPXoRiipCu9K0kVu52f0H56fIksg + name: snap-store + type: app + - + default-channel: latest/stable + id: IrwRHakqtzhFRHJOOPxKVPU0Kk7Erhcu + name: snapd-desktop-integration + type: app +timestamp: 2023-03-19T12:00:00.0Z +sign-key-sha3-384: 9tydnLa6MTJ-jaQTFUXEwHl1yRx7ZS4K5cyFDhYDcPzhS7uyEkDxdUjg9g08BtNn + +AcLBXAQAAQoABgUCZC4CDgAKCRDgT5vottzAEiFvEACU9KsUFmAcShhpIz+NRGVP6d1Z+bW1FcUf +Cxl2UParnXR7Kv12htnw5u837MZjI3gG8kti2L2SxRcg/fy3iJLkTRBEaR/q6rY4O0fkasJUKxHh +z6xx2jaNhsUqnplU5gba9xmmaI5AQp4yf1ktF71HAeM4OzUFrCkjXNTbf7xfkKENxuAOfsPetu5c +6Xc8UtQymtYnjsyvtaLNoXl9vVN59nqk/sxWkwJRtYrFX+Fjt1R/ft4Fo1U7x/OeUX1qpFHSEgnR +NPxzJQ0uzaCamXY1qu1iq6R925eah22auOQM2m/CTzOMdI3IuRAqnLsrk9HpGXz2gWKLS/UEfAlr +OMOoV64DHnQ6k8pwjiYt4K9zNxNKK1MB9hnUBOWYb69pgqoQ2djo6codlxknANN4g3zsUH8KDHb8 +9wNEu7WuYS8JIDpdrNGB5XKo+N5+WswfqX0Oh1mtPMw+DqIA8GkxJFC452Afv7+VDQUZs5wIe7OX +oQ5Q/u5X7WyKpqTdRi0J4/Eq61HidYOOW26Vc8MNArn1u0eabZBtHrxMOHCxu0hmsLHaXQSBljdr +Ekm0W8qT4AT0GSk5CY8kx+UvCn6FLxMuv8xjWoX3OLcQx31yO6Uy6c2LN6nSlovDghKP5V1KvlKl +WiXM9CPKCZv/Es3uOp/ke0wWL7v0MZhzUJ+QhOtTNg== +EOF + +env SNAPPY_STORE_NO_CDN=1 snap prepare-image --classic config/classic-model.model chroot +mv chroot/system-seed/systems/* chroot/system-seed/systems/enhanced-secureboot-desktop +rsync -a chroot/system-seed/ chroot/var/lib/snapd/seed +rm -rf chroot/system-seed/ diff --git a/live-build/ubuntu/hooks/020-canary-live.binary b/live-build/ubuntu/hooks/020-canary-live.binary new file mode 100755 index 00000000..f7fe266b --- /dev/null +++ b/live-build/ubuntu/hooks/020-canary-live.binary @@ -0,0 +1,96 @@ +#! /bin/sh + +set -eux + +case ${PASS:-} in + minimal.standard.live) + ;; + *) + exit 0 + ;; +esac + +case ${SUBPROJECT:-} in + canary) + ;; + *) + echo "We don't run canary hooks for this project." + exit 0 + ;; +esac + +# env SNAPPY_STORE_NO_CDN=1 snap known --remote model series=16 brand-id=canonical model=ubuntu-installer-classic-2304-amd64 > config/classic-model-installer.model +cat < config/classic-model-installer.model +type: model +authority-id: canonical +series: 16 +brand-id: canonical +model: ubuntu-installer-classic-2304-amd64 +architecture: amd64 +base: core22 +classic: true +distribution: ubuntu +grade: signed +snaps: + - + default-channel: latest/stable + id: amcUKQILKXHHTlmSa7NMdnXSx02dNeeT + name: core22 + type: base + - + default-channel: latest/stable + id: PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4 + name: snapd + type: snapd + - + classic: true + default-channel: latest/stable/canary-23.04 + id: rQm0TtMOYOtEslvEXgxQDhgy1JNn38Wz + name: ubuntu-desktop-installer + type: app +timestamp: 2023-03-19T12:00:00.0Z +sign-key-sha3-384: 9tydnLa6MTJ-jaQTFUXEwHl1yRx7ZS4K5cyFDhYDcPzhS7uyEkDxdUjg9g08BtNn + +AcLBXAQAAQoABgUCZCT4iAAKCRDgT5vottzAEtZbD/sGNgbOV4nv6XXPaY1mR8qGoZ+rTYzk0KuE +Ql6fbVIpkAYdTZhiR6JW+YvEQleL4pRAZIGgdyHIhlQpkjcjWgouzwJCBwL7eGhKMxguUefrxGYc +l+1/lx9JsE3N+FEWk/Q1LprbekoDLQwrNm9d0XC2zcrX10O9v3O1Nl7eCor/tQ10lj6D/uzKKuQD +6J3NQm2rY6HUGwcvEXErm/A64vKr6OS/Vd2BLLi2tWptMxvux4xAADuyeJQwWBUvnv/oVm+KnEad +KlzBVLHJPH1CDCgJy79d21J4kq7+17uipNC9uCJI3Ljd+0+pdiboEt2vvURYnaLyEiMtfzQzoYEH +5WuXcTheLkt0d57ZwU/8G65qcMPXEyRd2A7lYWbsoslKaZ2ITpMCG6PEBT0riwsXoR4JuPma6CB+ +76tZDekCVg1Kie20lRkdt80c3mDMMBZ/F1Rry6O4VuiOxVW4ji4p3mkC/lDKdAERGkCXozQKwRQZ +TwpcnIbyyvMPddxP37sJImXKVVuPvD5paTNxnPirgm0jYyID2u5UILozEXT109k4ijrl9TbZutjQ +oPijs/y+KJ4DbdrmiwwWCxQZcx2T5GG4HB38eIsnmEWTyml02lOL9sWq6qKuk95a3DhF+Q02+zkG +c3kEHr8kcSEkJtgwre/RjjlvGYhur1rZ4i0G6gGBLw== +EOF + +env SNAPPY_STORE_NO_CDN=1 snap prepare-image --classic config/classic-model-installer.model chroot +mv chroot/system-seed/systems/* chroot/system-seed/systems/classic-installer +rsync -a chroot/system-seed/ chroot/var/lib/snapd/seed +rm -rf chroot/system-seed/ + +cat < chroot/var/lib/snapd/modeenv +mode=run +recovery_system=classic-installer +EOF + +# Temporary while we still use the subiquity TUI for the live system +cat > chroot/usr/lib/systemd/user/subiquity-tui.service << EOF +[Unit] +Description=subiquity tui +PartOf=graphical-session.target +After=graphical-session.target + +# Never run in GDM +Conflicts=gnome-session@gnome-login.target + +[Service] +Type=simple +ExecStart=/usr/bin/gnome-terminal --wait -- sudo sh -c 'echo waiting for snapd; snap wait system seed.loaded; sleep 5; snap run subiquity' +Restart=no +EOF +mkdir chroot/etc/systemd/user/graphical-session.target.wants/ +ln -vs /usr/lib/systemd/user/subiquity-tui.service chroot/etc/systemd/user/graphical-session.target.wants/ + +mv chroot/boot/initrd.img-* ${PWD}/livecd.${PROJECT}.initrd-generic +mv chroot/boot/vmlinu?-* ${PWD}/livecd.${PROJECT}.kernel-generic +chmod a+r ${PWD}/livecd.${PROJECT}.initrd-generic ${PWD}/livecd.${PROJECT}.kernel-generic diff --git a/live-build/ubuntu/hooks/020-canary-live.chroot_early b/live-build/ubuntu/hooks/020-canary-live.chroot_early new file mode 100755 index 00000000..4fb89b37 --- /dev/null +++ b/live-build/ubuntu/hooks/020-canary-live.chroot_early @@ -0,0 +1,28 @@ +#! /bin/sh + +set -eu + +case ${PASS:-} in + minimal.standard.live) + ;; + *) + exit 0 + ;; +esac + +# TODO: Make sure this is only executed for canary builds + +cat < /etc/initramfs-tools/conf.d/casperize.conf +export CASPER_GENERATE_UUID=1 +EOF + +cat < /etc/initramfs-tools/conf.d/default-layer.conf +LAYERFS_PATH=${PASS}.squashfs +EOF + +if [ "$(dpkg --print-architecture)" = amd64 ]; then + echo "I: Enabling amd64 multiarch support on amd64" + dpkg --add-architecture i386 + + apt-get -y update +fi diff --git a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary index 9ed8f4c4..b27114ab 100644 --- a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary +++ b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary @@ -3,7 +3,7 @@ echo "Creating Hyper-V image with Desktop..." case ${SUBPROJECT:-} in - minimized) + minimized|canary) echo "We don't create minimized images for $0." exit 0 ;; diff --git a/live-build/ubuntu/hooks/099-ubuntu-image-customization.chroot b/live-build/ubuntu/hooks/099-ubuntu-image-customization.chroot index 91449b61..82005f42 100644 --- a/live-build/ubuntu/hooks/099-ubuntu-image-customization.chroot +++ b/live-build/ubuntu/hooks/099-ubuntu-image-customization.chroot @@ -18,11 +18,6 @@ if [ "$IMAGEFORMAT" == "none" ]; then touch "/var/lib/oem-config/run" fi - /usr/sbin/useradd -d /home/oem -G adm,sudo -m -N -u 29999 oem - - /usr/sbin/oem-config-prepare --quiet - touch "/var/lib/oem-config/run" - # Update the fstab to include the "discard" option awk \ -v root_fs_label="writable" \ diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/cloud/cloud.cfg b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/cloud/cloud.cfg new file mode 100644 index 00000000..e9571afd --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/cloud/cloud.cfg @@ -0,0 +1,117 @@ +# The top level settings are used as module +# and system configuration. + +# A set of users which may be applied and/or used by various modules +# when a 'default' entry is found it will reference the 'default_user' +# from the distro configuration specified below +users: + - default + +# If this is set, 'root' will not be able to ssh in and they +# will get a message to login instead as the default $user +disable_root: true + +# This will cause the set+update hostname module to not operate (if true) +preserve_hostname: true + +ssh_pwauth: yes +chpasswd: + expire: false + +# This is the initial network config. +# It can be overwritten by cloud-init or subiquity. +network: + version: 2 + ethernets: + zz-all-en: + match: + name: "en*" + dhcp4: true + zz-all-eth: + match: + name: "eth*" + dhcp4: true + +# We used to have a custom final_message here. Just use the default instead. + +# Example datasource config +# datasource: +# Ec2: +# metadata_urls: [ 'blah.com' ] +# timeout: 5 # (defaults to 50 seconds) +# max_wait: 10 # (defaults to 120 seconds) + +# The modules that run in the 'init' stage +cloud_init_modules: + - bootcmd + - write-files + - ca-certs + - rsyslog + - users-groups + - ssh + +# The modules that run in the 'config' stage +cloud_config_modules: +# Emit the cloud config ready event +# this can be used by upstart jobs for 'start on cloud-config'. + - ssh-import-id + - set-passwords + - timezone + - disable-ec2-metadata + - runcmd + +# The modules that run in the 'final' stage +cloud_final_modules: + - scripts-per-once + - scripts-user + - ssh-authkey-fingerprints + - keys-to-console + - phone-home + - final-message + +# System and/or distro specific settings +# (not accessible to handlers/transforms) +system_info: + # This will affect which distro class gets used + distro: ubuntu + # Default user name + that default users groups (if added/used) + default_user: + name: installer + lock_passwd: false + gecos: Ubuntu + groups: [adm, audio, cdrom, dialout, dip, floppy, lxd, netdev, plugdev, sudo, video] + sudo: ["ALL=(ALL) NOPASSWD:ALL"] + shell: /usr/bin/subiquity-shell + # Automatically discover the best ntp_client + ntp_client: auto + # Other config here will be given to the distro class and/or path classes + paths: + cloud_dir: /var/lib/cloud/ + templates_dir: /etc/cloud/templates/ + upstart_dir: /etc/init/ + package_mirrors: + - arches: [i386, amd64] + failsafe: + primary: http://archive.ubuntu.com/ubuntu + security: http://security.ubuntu.com/ubuntu + search: + primary: + - http://%(ec2_region)s.ec2.archive.ubuntu.com/ubuntu/ + - http://%(availability_zone)s.clouds.archive.ubuntu.com/ubuntu/ + - http://%(region)s.clouds.archive.ubuntu.com/ubuntu/ + security: [] + - arches: [arm64, armel, armhf] + failsafe: + primary: http://ports.ubuntu.com/ubuntu-ports + security: http://ports.ubuntu.com/ubuntu-ports + search: + primary: + - http://%(ec2_region)s.ec2.ports.ubuntu.com/ubuntu-ports/ + - http://%(availability_zone)s.clouds.ports.ubuntu.com/ubuntu-ports/ + - http://%(region)s.clouds.ports.ubuntu.com/ubuntu-ports/ + security: [] + - arches: [default] + failsafe: + primary: http://ports.ubuntu.com/ubuntu-ports + security: http://ports.ubuntu.com/ubuntu-ports + ssh_svcname: ssh diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/cloud/cloud.cfg.d/06_quiet.cfg b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/cloud/cloud.cfg.d/06_quiet.cfg new file mode 100644 index 00000000..a614e723 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/cloud/cloud.cfg.d/06_quiet.cfg @@ -0,0 +1,4 @@ +output: {all: '>> /var/log/cloud-init-output.log'} +no_ssh_fingerprints: true +ssh: + emit_keys_to_console: false diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/journald.conf.d/no-rate-limit.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/journald.conf.d/no-rate-limit.conf new file mode 100644 index 00000000..fbaab956 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/journald.conf.d/no-rate-limit.conf @@ -0,0 +1,2 @@ +[Journal] +RateLimitIntervalSec=0 diff --git "a/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/dev-disk-by\\x2duuid-00c629d6\\x2d06ab\\x2d4dfd\\x2db21e\\x2dc3186f34105d.device.d/override.conf" "b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/dev-disk-by\\x2duuid-00c629d6\\x2d06ab\\x2d4dfd\\x2db21e\\x2dc3186f34105d.device.d/override.conf" new file mode 100644 index 00000000..90ac2590 --- /dev/null +++ "b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/dev-disk-by\\x2duuid-00c629d6\\x2d06ab\\x2d4dfd\\x2db21e\\x2dc3186f34105d.device.d/override.conf" @@ -0,0 +1,3 @@ +[Unit] +JobRunningTimeoutSec=0s +Wants=subiquity_config.mount diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/systemd-journald.service.d/no-compact.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/systemd-journald.service.d/no-compact.conf new file mode 100644 index 00000000..a0701e52 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/systemd-journald.service.d/no-compact.conf @@ -0,0 +1,4 @@ +# systemd in 23.04+ uses a newer "compact" format by default which is not +# understood by the systemd libraries from jammy used in the subiquity snap. +[Service] +Environment="SYSTEMD_JOURNAL_COMPACT=0" diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/systemd-journald.service.d/no-hardening.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/systemd-journald.service.d/no-hardening.conf new file mode 100644 index 00000000..c4262d26 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/etc/systemd/system/systemd-journald.service.d/no-hardening.conf @@ -0,0 +1,4 @@ +# systemd in 22.04+ uses "hash table hardening" by default which is not +# understood by the systemd libraries from focal used in the subiquity snap. +[Service] +Environment="SYSTEMD_JOURNAL_KEYED_HASH=0" diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/bin/subiquity-shell b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/bin/subiquity-shell new file mode 100755 index 00000000..d739d86f --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/bin/subiquity-shell @@ -0,0 +1,3 @@ +#!/bin/sh +exec sudo snap run subiquity + diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/getty@.service.d/autologin.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/getty@.service.d/autologin.conf new file mode 100644 index 00000000..a166aab4 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/getty@.service.d/autologin.conf @@ -0,0 +1,3 @@ +[Service] +ExecStart= +ExecStart=-/sbin/agetty --noclear -n --autologin ubuntu-server %I $TERM diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/getty@tty1.service b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/getty@tty1.service new file mode 120000 index 00000000..dc1dc0cd --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/getty@tty1.service @@ -0,0 +1 @@ +/dev/null \ No newline at end of file diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/local-fs.target.wants/media-filesystem.mount b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/local-fs.target.wants/media-filesystem.mount new file mode 120000 index 00000000..0a663081 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/local-fs.target.wants/media-filesystem.mount @@ -0,0 +1 @@ +../media-filesystem.mount \ No newline at end of file diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/serial-getty@.service.d/subiquity-serial.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/serial-getty@.service.d/subiquity-serial.conf new file mode 100644 index 00000000..eebf38b4 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/serial-getty@.service.d/subiquity-serial.conf @@ -0,0 +1,9 @@ +[Unit] +Description=Subiquity, the installer for Ubuntu Server %I +After=snapd.seeded.service +StartLimitInterval=0 + +[Service] +Environment=SNAP_REEXEC=0 +ExecStart= +ExecStart=/usr/bin/snap run subiquity.subiquity-service %I diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/serial-getty@sclp_line0.service.d/subiquity-serial.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/serial-getty@sclp_line0.service.d/subiquity-serial.conf new file mode 100644 index 00000000..56900a35 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/serial-getty@sclp_line0.service.d/subiquity-serial.conf @@ -0,0 +1,4 @@ +[Service] +StandardOutput=tty +ExecStart= +ExecStart=/usr/bin/snap run subiquity --ssh diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/snap.subiquity.subiquity-service.service.d/subiquity.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/snap.subiquity.subiquity-service.service.d/subiquity.conf new file mode 100644 index 00000000..c1af5666 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/snap.subiquity.subiquity-service.service.d/subiquity.conf @@ -0,0 +1,14 @@ +[Unit] +IgnoreOnIsolate=yes +After=systemd-user-sessions.service plymouth-quit-wait.service snap.seeded.service + +[Service] +Environment=SNAP_REEXEC=0 +UtmpIdentifier=tty1 +TTYPath=/dev/tty1 +TTYReset=yes +TTYVHangup=yes +TTYVTDisallocate=yes +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/snapd.service.d/no-reexec.conf b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/snapd.service.d/no-reexec.conf new file mode 100644 index 00000000..14a6b477 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/snapd.service.d/no-reexec.conf @@ -0,0 +1,2 @@ +[Service] +Environment=SNAP_REEXEC=0 diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/subiquity_config.mount b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/subiquity_config.mount new file mode 100644 index 00000000..af33494b --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/system/subiquity_config.mount @@ -0,0 +1,4 @@ +[Mount] +What=/dev/disk/by-uuid/00c629d6-06ab-4dfd-b21e-c3186f34105d +Where=/subiquity_config +Type=ext4 diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/systemd-networkd-wait-online b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/systemd-networkd-wait-online new file mode 120000 index 00000000..63b10de4 --- /dev/null +++ b/live-build/ubuntu/includes.chroot.minimal.standard.live/usr/lib/systemd/systemd-networkd-wait-online @@ -0,0 +1 @@ +/bin/true \ No newline at end of file diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/var/lib/cloud/seed/nocloud/meta-data b/live-build/ubuntu/includes.chroot.minimal.standard.live/var/lib/cloud/seed/nocloud/meta-data new file mode 100644 index 00000000..e69de29b diff --git a/live-build/ubuntu/includes.chroot.minimal.standard.live/var/lib/cloud/seed/nocloud/user-data b/live-build/ubuntu/includes.chroot.minimal.standard.live/var/lib/cloud/seed/nocloud/user-data new file mode 100644 index 00000000..e69de29b diff --git a/update-source-catalog b/update-source-catalog index 6616d609..0869dd39 100755 --- a/update-source-catalog +++ b/update-source-catalog @@ -28,45 +28,54 @@ with open(opts.template) as fp: template = yaml.safe_load(fp) -template['size'] = int(opts.size) -template['path'] = opts.squashfs - -en_name = template['name'] -en_description = template['description'] - -template['name'] = {'en': en_name} -template['description'] = {'en': en_description} - -for mo in glob.glob(os.path.join(opts.translations, '*.mo')): - with open(mo, 'rb') as fp: - t = gettext.GNUTranslations(fp=fp) - t_name = t.gettext(en_name) - if t_name != en_name: - lang = os.path.splitext(os.path.basename(mo))[0] - template['name'][lang] = t_name - t_description = t.gettext(en_description) - if t_description != en_description: - lang = os.path.splitext(os.path.basedescription(mo))[0] - template['description'][lang] = t_description - if opts.langs is not None: - template['preinstalled_langs'] = opts.langs.split(',') - -output.append(template) +id = template['id'] +for entry in output: + # First, look if this source catalogue template id is already present. + # If so, use the template to extend the existing entry with additional + # variations. + if entry['id'] == id: + if 'variations' not in template: + print("Non unique id in source catalog but no variations!") + sys.exit(1) + for k, variation in template['variations'].items(): + variation['size'] = int(opts.size) + entry.setdefault('variations', {}).update(template['variations']) + break +else: + # No entry with this id found, so add a new one. + template['size'] = int(opts.size) + template['path'] = opts.squashfs + + en_name = template['name'] + en_description = template['description'] + + template['name'] = {'en': en_name} + template['description'] = {'en': en_description} + + for mo in glob.glob(os.path.join(opts.translations, '*.mo')): + with open(mo, 'rb') as fp: + t = gettext.GNUTranslations(fp=fp) + t_name = t.gettext(en_name) + if t_name != en_name: + lang = os.path.splitext(os.path.basename(mo))[0] + template['name'][lang] = t_name + t_description = t.gettext(en_description) + if t_description != en_description: + lang = os.path.splitext(os.path.basedescription(mo))[0] + template['description'][lang] = t_description + if opts.langs is not None: + template['preinstalled_langs'] = opts.langs.split(',') + + output.append(template) default_count = 0 -ids = set() for entry in output: if entry.get('default', False): default_count += 1 - ids.add(entry['id']) - if default_count > 1: print("Too many defaults in source catalog!") sys.exit(1) -if len(ids) != len(output): - print("Non unique ids in %s!" % output) - with open(opts.output, 'w') as fp: yaml.dump(output, fp)