From 315a453ba6ee271281d5bae73f383061981dffa8 Mon Sep 17 00:00:00 2001 From: Cody Shepherd Date: Wed, 8 Jul 2020 14:03:56 -0700 Subject: [PATCH 01/14] Perform a dist-upgrade prior to installing packages for bootable-buildd image in order to pull in package updates --- live-build/buildd/hooks/52-linux-virtual-image.binary | 3 +++ 1 file changed, 3 insertions(+) diff --git a/live-build/buildd/hooks/52-linux-virtual-image.binary b/live-build/buildd/hooks/52-linux-virtual-image.binary index a0c64d75..d8efab84 100755 --- a/live-build/buildd/hooks/52-linux-virtual-image.binary +++ b/live-build/buildd/hooks/52-linux-virtual-image.binary @@ -39,6 +39,9 @@ trap cleanup_linux_virtual EXIT # Install dependencies env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \ update --assume-yes +# Perform a dist-upgrade to pull in package updates +env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \ + dist-upgrade --assume-yes env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \ install -y lsb-release locales initramfs-tools busybox-initramfs \ udev dbus netplan.io cloud-init openssh-server sudo snapd From 690522e89bcef07c9461481d9daa2c09a3d3353c Mon Sep 17 00:00:00 2001 From: Cody Shepherd Date: Mon, 13 Jul 2020 09:10:05 -0700 Subject: [PATCH 02/14] Remove explicit install of grub-efi-* package as it is not necessary, and potentially overexplicit --- live-build/buildd/hooks/02-disk-image-uefi.binary | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/live-build/buildd/hooks/02-disk-image-uefi.binary b/live-build/buildd/hooks/02-disk-image-uefi.binary index 75d93aa5..18f74bae 100755 --- a/live-build/buildd/hooks/02-disk-image-uefi.binary +++ b/live-build/buildd/hooks/02-disk-image-uefi.binary @@ -84,8 +84,7 @@ install_grub() { efi_target=arm-efi ;; amd64) - chroot mountpoint apt-get install -qqy grub-pc - chroot mountpoint apt-get install -qqy grub-efi-amd64-signed shim-signed + chroot mountpoint apt-get install -qqy grub-pc shim-signed efi_target=x86_64-efi ;; esac From 54508e6583223ea98dbed52b778c7145dea24371 Mon Sep 17 00:00:00 2001 From: Iain Lane Date: Mon, 13 Jul 2020 17:41:02 +0100 Subject: [PATCH 03/14] Hack seeding of linux kernel in ubuntustudio/focal ubuntustudio-default-settings in focal release has a Recommends to this kernel, which makes it impossible to update the kernel later on, since we would install the -updates and release kernel, which isn't allowed and causes FTBFS. Hack out the focal-release kernel and let the rest of the build process pull in the right one. LP: #1884915 --- live-build/auto/config | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/live-build/auto/config b/live-build/auto/config index 7a7fe245..0e9735c5 100755 --- a/live-build/auto/config +++ b/live-build/auto/config @@ -688,6 +688,23 @@ case $PROJECT in ubuntustudio-dvd) add_task install minimal standard ubuntustudio-desktop ubuntustudio-audio ubuntustudio-fonts ubuntustudio-graphics ubuntustudio-video ubuntustudio-publishing ubuntustudio-photography + case $SUITE in + focal) + # ubuntustudio-default-settings in focal + # release has a Recommends to this kernel, + # which makes it impossible to update the + # kernel later on, since we would install the + # -updates and release kernel, which isn't + # allowed and causes the squashfs to fail to + # build. Hack out the focal-release kernel and + # let the rest of the build process pull in the + # right one. (See right below.) + for package in linux-lowlatency linux-image-lowlatency linux-headers-lowlatency linux-image-5.4.0-26-lowlatency linux-headers-5.4.0-26-lowlatency; do + sed -i "s/$/ -a --not -XFPackage ${package}/" \ + "config/package-lists/livecd-rootfs.list.chroot_install" + done + ;; + esac COMPONENTS='main restricted universe multiverse' case $ARCH in amd64|i386) KERNEL_FLAVOURS=lowlatency ;; From 8284a1c6800d5b7739de73aebc9928a0164c0fb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20=27sil2100=27=20Zemczak?= Date: Thu, 23 Jul 2020 14:02:07 +0200 Subject: [PATCH 04/14] Sync changelog --- debian/changelog | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index d0ff1e6a..a104014b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,18 @@ livecd-rootfs (2.664.3) UNRELEASED; urgency=medium + [ Łukasz 'sil2100' Zemczak ] * Enable overrides of UC20 grade dangerous channels - as this is possible. (LP: #1879350) - -- Łukasz 'sil2100' Zemczak Mon, 25 May 2020 16:40:27 +0200 + [ Iain Lane ] + * Hack seeding of linux kernel in ubuntustudio/focal + ubuntustudio-default-settings in focal release has a Recommends to this + kernel, which makes it impossible to update the kernel later on, since we + would install the -updates and release kernel, which isn't allowed and + causes FTBFS. Hack out the focal-release kernel and let the rest of the + build process pull in the right one. (LP: #1884915) + + -- Iain Lane Tue, 21 Jul 2020 16:25:18 +0100 livecd-rootfs (2.664.2) focal; urgency=medium From e39a40e2a51e106abe53d9436285d37a95497a1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20=27sil2100=27=20Zemczak?= Date: Thu, 23 Jul 2020 14:02:40 +0200 Subject: [PATCH 05/14] releasing package livecd-rootfs version 2.664.3 --- debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index a104014b..9d24ae1b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -livecd-rootfs (2.664.3) UNRELEASED; urgency=medium +livecd-rootfs (2.664.3) focal; urgency=medium [ Łukasz 'sil2100' Zemczak ] * Enable overrides of UC20 grade dangerous channels - as this is possible. From 896b5962dbf6c52b8029acf72ebc856a09d82b2a Mon Sep 17 00:00:00 2001 From: Dimitri John Ledkov Date: Wed, 27 May 2020 17:10:24 +0100 Subject: [PATCH 06/14] snap_preseed: support channel specification with snap name snap_name[/classic]=track/risk/branch is now the supported snap name specification, which allows to specify the full default track and optional classic confinemnt. Supporting such specification in the seedtext allows one to specify a better default channel. For example, this will allow lxd to switch from latest/stable/ubuntu-20.04 to 4.0/stable/ubuntu-20.04 as 4.0 is the LTS track matching 20.04 support timeframe. LP: #1882374 (cherry picked from commit 7bae9201d20822d6875bcf5949e1fff839b8774c) (cherry picked from commit 2976a99f292c500f39aace25ad08de21b37d7b31) (cherry picked from commit d542e8e4a08467ef9b6237b9fcbd9166c8c99e8b) --- live-build/functions | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/live-build/functions b/live-build/functions index d86f27d6..2e505949 100644 --- a/live-build/functions +++ b/live-build/functions @@ -626,11 +626,31 @@ snap_prepare() { snap_preseed() { # Preseed a snap in the image (snap_prepare must be called once prior) local CHROOT_ROOT=$1 + # $2 can be in the form of snap_name/classic=track/risk/branch local SNAP=$2 + # strip CHANNEL specification + SNAP=${SNAP%=*} + # strip /classic confinement local SNAP_NAME=${SNAP%/*} - # Per Ubuntu policy, all seeded snaps (with the exception of the core - # snap) must pull from stable/ubuntu-$(release_ver) as their channel. - local CHANNEL=${3:-"stable/ubuntu-$(release_ver)"} + # Seed from the specified channel (e.g. core18 latest/stable) + # Or Channel endcoded in the snap name (e.g. lxd=4.0/stable/ubuntu-20.04) + # Or Ubuntu policy default channel latest/stable/ubuntu-$(release_ver) + local CHANNEL=${3:-} + if [ -z "$CHANNEL" ]; then + case $2 in + *=*) + CHANNEL=${2#*=} + ;; + *) + CHANNEL="stable/ubuntu-$(release_ver)" + ;; + esac + fi + + # At this point: + # SNAP_NAME is just the snap name + # SNAP is either $SNAP_NAME or $SNAP_NAME/classic for classic confined + # CHANNEL is the channel if [ ! -e "$CHROOT_ROOT/var/lib/snapd/seed/assertions/model" ]; then echo "ERROR: Snap model assertion not present, snap_prepare must be called" From e9f4e9715548d80dc5a5fb1283c0092f1df246ed Mon Sep 17 00:00:00 2001 From: Dimitri John Ledkov Date: Thu, 23 Jul 2020 19:12:30 +0100 Subject: [PATCH 07/14] releasing package livecd-rootfs version 2.664.4 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 9d24ae1b..e8ada272 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +livecd-rootfs (2.664.4) focal; urgency=medium + + * snap_preseed: support channel specification with snap name (LP: #1882374) + + -- Dimitri John Ledkov Thu, 23 Jul 2020 19:12:10 +0100 + livecd-rootfs (2.664.3) focal; urgency=medium [ Łukasz 'sil2100' Zemczak ] From 136562b837183ce48ac7bb5400ac9537ee555e5d Mon Sep 17 00:00:00 2001 From: Robert C Jennings Date: Wed, 29 Jul 2020 14:42:26 -0500 Subject: [PATCH 08/14] Handle seeded lxd snap with channel name for ubuntu-cpc:minimized (LP: #1889470) The seed now specifies the lxd snap in focal as 'lxd=4.0/stable/ubuntu-20.04' which doesn't match the expectations of the code with looks for lxd as the only snap in the seed for minimized images. This patch updates the pattern to accept 'lxd' or 'lxd=*'. --- debian/changelog | 7 +++++++ live-build/auto/config | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index e8ada272..066dab56 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +livecd-rootfs (2.664.5) focal; urgency=medium + + * Handle seeded lxd snap with channel name for ubuntu-cpc:minimized + (LP: #1889470) + + -- Robert C Jennings Wed, 29 Jul 2020 14:54:19 -0500 + livecd-rootfs (2.664.4) focal; urgency=medium * snap_preseed: support channel specification with snap name (LP: #1882374) diff --git a/live-build/auto/config b/live-build/auto/config index 0e9735c5..761dd429 100755 --- a/live-build/auto/config +++ b/live-build/auto/config @@ -894,7 +894,7 @@ if [ "$PROJECT:${SUBPROJECT:-}" = ubuntu-cpc:minimized ]; then # build if we see such a snap. for snap in `cat config/seeded-snaps`; do case $snap in - lxd) + lxd | lxd=*) ;; *) echo "Unexpected seeded snap for ubuntu-cpc:minimized build: $snap" From 4e3289d0b8529421ce4249517148289120d81cf1 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Mon, 10 Aug 2020 12:58:37 -0700 Subject: [PATCH 09/14] Add SRU bug link --- debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index fbd27cb7..055f59d2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,7 +6,7 @@ livecd-rootfs (2.664.5) focal; urgency=medium [ Cody Shepherd ] * Add dist-upgrade to bootable-buildd hook to ensure the built image - doesn't contain vulnerable kernels or other packages. + doesn't contain vulnerable kernels or other packages. LP: #1891061. * Don't explicitly install grub-efi-amd64-signed, it's a dependency of shim-signed. From 92dd127d8366cde2821011b0aad4003245d5558d Mon Sep 17 00:00:00 2001 From: "Jinming Wu, Patrick" Date: Mon, 13 Jul 2020 21:37:01 +0800 Subject: [PATCH 10/14] xRDP fixes for Hyper-V build - use of linux-azure, which is the optimized kernel for Hyper-V by Microsoft - xRDP configuration changes due to the config changes in this version compared to 18.04. - 46-allow-update-repo.pkla inclusion to aviod "Authentication required to refresh system repositories" bug in xRDP --- .../hooks/040-hyperv-desktop-images.binary | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary index 72ab45ed..2781dd86 100644 --- a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary +++ b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary @@ -40,7 +40,7 @@ trap cleanup_hyperv EXIT # Perform customisations chroot "${scratch_d}" apt-get update -y -chroot "${scratch_d}" apt-get -y install xrdp linux-tools-virtual linux-cloud-tools-virtual +chroot "${scratch_d}" apt-get -y install xrdp linux-azure linux-tools-virtual linux-cloud-tools-virtual cat > ${scratch_d}/etc/modules-load.d/hyperv.conf << EOF ${IMAGE_STR} @@ -55,8 +55,8 @@ EOF CHANGED_FILE_SUFFIX=.replaced-by-desktop-img-build -# use vsock transport. -sed -i${CHANGED_FILE_SUFFIX} -e 's/use_vsock=false/use_vsock=true/g' "${scratch_d}/etc/xrdp/xrdp.ini" +# use vsock transport +sed -i${CHANGED_FILE_SUFFIX} -e 's/port=3389/port=vsock:\/\/-1:3389/g' "${scratch_d}/etc/xrdp/xrdp.ini" # use rdp security. sed -i${CHANGED_FILE_SUFFIX} -e 's/security_layer=negotiate/security_layer=rdp/g' "${scratch_d}/etc/xrdp/xrdp.ini" # remove encryption validation. @@ -74,6 +74,9 @@ exec /etc/xrdp/startwm.sh EOF chmod a+x "${scratch_d}/etc/xrdp/startubuntu.sh" +# set to use the system Window manager +sed -i${CHANGED_FILE_SUFFIX} -e 's/EnableUserWindowManager=true/EnableUserWindowManager=0/g' "${scratch_d}/etc/xrdp/sesman.ini" + # use the script to setup the ubuntu session sed -i${CHANGED_FILE_SUFFIX} -e 's/startwm/startubuntu/g' "${scratch_d}/etc/xrdp/sesman.ini" @@ -100,6 +103,15 @@ ResultInactive=no ResultActive=yes EOF +cat >/etc/polkit-1/localauthority/50-local.d/46-allow-update-repo.pkla < Date: Wed, 22 Jul 2020 17:16:53 +0800 Subject: [PATCH 11/14] Update linux-tools/linux-cloud-tools to use Azure --- live-build/ubuntu/hooks/040-hyperv-desktop-images.binary | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary index 2781dd86..d8d0c993 100644 --- a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary +++ b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary @@ -40,7 +40,7 @@ trap cleanup_hyperv EXIT # Perform customisations chroot "${scratch_d}" apt-get update -y -chroot "${scratch_d}" apt-get -y install xrdp linux-azure linux-tools-virtual linux-cloud-tools-virtual +chroot "${scratch_d}" apt-get -y install xrdp linux-azure linux-tools-azure linux-cloud-tools-azure cat > ${scratch_d}/etc/modules-load.d/hyperv.conf << EOF ${IMAGE_STR} From 419a21205c0fb32738f4b0a801c813fd6b862325 Mon Sep 17 00:00:00 2001 From: "Jinming Wu, Patrick" Date: Tue, 11 Aug 2020 22:31:11 +0800 Subject: [PATCH 12/14] Fix a mistake on the location of policy file --- live-build/ubuntu/hooks/040-hyperv-desktop-images.binary | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary index d8d0c993..04446025 100644 --- a/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary +++ b/live-build/ubuntu/hooks/040-hyperv-desktop-images.binary @@ -103,7 +103,7 @@ ResultInactive=no ResultActive=yes EOF -cat >/etc/polkit-1/localauthority/50-local.d/46-allow-update-repo.pkla <${scratch_d}/etc/polkit-1/localauthority/50-local.d/46-allow-update-repo.pkla < Date: Wed, 26 Aug 2020 14:05:47 -0700 Subject: [PATCH 13/14] * Fix xrdp support in hyper-v images. * Use the linux-azure kernel in hyper-v images instead of linux-virtual. * LP: #1890980. --- debian/changelog | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/debian/changelog b/debian/changelog index 055f59d2..0d765b94 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +livecd-rootfs (2.664.6) UNRELEASED; urgency=medium + + [ Patrick Wu ] + * Fix xrdp support in hyper-v images. + * Use the linux-azure kernel in hyper-v images instead of linux-virtual. + * LP: #1890980. + + -- Steve Langasek Wed, 26 Aug 2020 14:04:27 -0700 + livecd-rootfs (2.664.5) focal; urgency=medium [ Robert C Jennings ] From ab20f18c2e5f66e4e390bcd1fb32d723c11a5f81 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Wed, 26 Aug 2020 14:06:35 -0700 Subject: [PATCH 14/14] releasing package livecd-rootfs version 2.664.6 --- debian/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 0d765b94..35419e78 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,11 @@ -livecd-rootfs (2.664.6) UNRELEASED; urgency=medium +livecd-rootfs (2.664.6) focal; urgency=medium [ Patrick Wu ] * Fix xrdp support in hyper-v images. * Use the linux-azure kernel in hyper-v images instead of linux-virtual. * LP: #1890980. - -- Steve Langasek Wed, 26 Aug 2020 14:04:27 -0700 + -- Steve Langasek Wed, 26 Aug 2020 14:06:31 -0700 livecd-rootfs (2.664.5) focal; urgency=medium