From ca18c993a113bd7f4e4bbc3ebf88e51f23fa6680 Mon Sep 17 00:00:00 2001 From: CloudBuilder Date: Mon, 30 May 2022 01:38:15 +0000 Subject: [PATCH] Imported 2.765 No reason for CPC update specified. --- debian/changelog | 13 +- live-build/auto/config | 23 +++- .../ubuntu-cpc/hooks.d/base/vagrant.binary | 21 +++- .../hooks/03-kernel-metapkg.chroot_early | 3 + .../ubuntu-server/hooks/04-kernel-bits.binary | 3 + .../hooks/05-netboot-tarball.binary | 117 ++++++++++++++++++ 6 files changed, 172 insertions(+), 8 deletions(-) create mode 100755 live-build/ubuntu-server/hooks/05-netboot-tarball.binary diff --git a/debian/changelog b/debian/changelog index d7255507..acde9104 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,15 @@ -livecd-rootfs (2.764+1) kinetic; urgency=medium +livecd-rootfs (2.765) kinetic; urgency=medium - * add kinetic + [ Michael Hudson-Doyle ] + * auto/config: preserve germinate-output directory when removing config to + speed up local iteration. + * auto/config: Emit error message to stderr in _sanitize_passes. + * Produce a tarball of artifacts for netbooting during live-server build. - -- Thomas Bechtold Tue, 26 Apr 2022 15:33:31 +0200 + [ John Chittum ] + * vagrant: use ed25519 insecure key (LP: #1969664) + + -- John Chittum Thu, 26 May 2022 09:28:26 -0500 livecd-rootfs (2.764) jammy; urgency=medium diff --git a/live-build/auto/config b/live-build/auto/config index e223954e..dd9fa173 100755 --- a/live-build/auto/config +++ b/live-build/auto/config @@ -1,7 +1,14 @@ #! /bin/sh set -e -rm -rf config +if [ -e config/germinate-output ]; then + mv -T config/germinate-output germ-tmp + rm -rf config + mkdir config + mv -T germ-tmp config/germinate-output +else + rm -rf config +fi echo "Building on $(hostname --fqdn)" @@ -298,7 +305,7 @@ _sanitize_passes () # if root pass, no parent to find [ -z "$parent" ] && continue if [ $(echo "$passes"|grep -cE "^$parent\$") -ne 1 ]; then - echo "ERROR: '$parent' is required by '$pass' but is missing. Registered passes are:\n$passes" + echo "ERROR: '$parent' is required by '$pass' but is missing. Registered passes are:\n$passes" >&2 exit 1 fi done @@ -867,6 +874,18 @@ case $PROJECT in add_package ubuntu-server-minimal.ubuntu-server.installer.$flavor $kernel_metapkg LIVE_PASSES="${LIVE_PASSES:+$LIVE_PASSES }ubuntu-server-minimal.ubuntu-server.installer.$flavor" done + case $ARCH in + amd64) + add_package ubuntu-server-minimal.ubuntu-server.installer.generic.netboot grub-pc shim-signed pxelinux + ;; + arm64) + add_package ubuntu-server-minimal.ubuntu-server.installer.generic.netboot shim-signed + ;; + *) + add_package ubuntu-server-minimal.ubuntu-server.installer.generic.netboot + ;; + esac + NO_SQUASHFS_PASSES=ubuntu-server-minimal.ubuntu-server.installer.generic.netboot /usr/share/livecd-rootfs/checkout-translations-branch \ https://git.launchpad.net/subiquity po config/catalog-translations diff --git a/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary b/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary index 49746926..efcd3d4b 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary @@ -58,6 +58,18 @@ cleanup_vagrant() { } trap cleanup_vagrant EXIT + +########################## +### Vagrant User Setup +### Create ed25519 ssh key +### the default insecure key is rsa, and that is disabled in Jammy forward +### https://github.com/hashicorp/vagrant/tree/main/keys +########################## + +ssh-keygen -t ed25519 -C "ubuntu_vagrant_insecure_key" -b 4096 -f ${box_d}/vagrant_insecure_key + +pub_key=$(cat ${box_d}/vagrant_insecure_key.pub) + # Create and setup users inside the image. # Vagrant users expect a "vagrant" user with a "vagrant" username. # See https://www.vagrantup.com/docs/boxes/base.html @@ -70,12 +82,12 @@ cat << EOF > ${mount_d}/etc/sudoers.d/vagrant vagrant ALL=(ALL) NOPASSWD:ALL EOF -# Add the insecure vagrant pubkey to the vagrant user, as is expected by the +# Add an insecure vagrant pubkey to the vagrant user, as is expected by the # vagrant ecosystem (https://www.vagrantup.com/docs/boxes/base.html) chroot ${mount_d} chmod 0440 /etc/sudoers.d/vagrant chroot ${mount_d} mkdir -p /home/vagrant/.ssh cat << EOF > ${mount_d}/home/vagrant/.ssh/authorized_keys -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key +${pub_key} EOF chroot ${mount_d} chown -R vagrant:vagrant /home/vagrant/.ssh chroot ${mount_d} chmod 700 /home/vagrant/.ssh @@ -130,7 +142,6 @@ genisoimage \ create_vmdk ${seed_d}/seed.iso ${cdrom_vmdk_f} 10 ### END Create ConfigDrive -########################## ########################## # VAGRANT meta-data @@ -145,6 +156,8 @@ load include_vagrantfile if File.exist?(include_vagrantfile) Vagrant.configure("2") do |config| config.vm.base_mac = "${macaddr}" + # Set to use our vagrant_insecure_key. Path is relative to Vagrantfile + config.ssh.private_key_path = File.join(File.expand_path(File.dirname(__FILE__)), "vagrant_insecure_key") config.vm.provider "virtualbox" do |vb| vb.customize [ "modifyvm", :id, "--uart1", "0x3F8", "4" ] @@ -233,6 +246,8 @@ tar -C ${box_d} \ -cf ${cur_d}/livecd.ubuntu-cpc.vagrant.box \ box.ovf \ Vagrantfile \ + vagrant_insecure_key \ + vagrant_insecure_key.pub \ metadata.json \ ${prefix}.mf \ ${vmdk_f##*/} \ diff --git a/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early b/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early index 864d4c4c..ec02cc3c 100755 --- a/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early +++ b/live-build/ubuntu-server/hooks/03-kernel-metapkg.chroot_early @@ -2,6 +2,9 @@ # vi: ts=4 noexpandtab case $PASS in + ubuntu-server-minimal.ubuntu-server.installer.*.*) + exit 0 + ;; ubuntu-server-minimal.ubuntu-server.installer.*) flavor=${PASS##*.} if [ "$flavor" = "generic" ]; then diff --git a/live-build/ubuntu-server/hooks/04-kernel-bits.binary b/live-build/ubuntu-server/hooks/04-kernel-bits.binary index c0b2e3d7..a5d64a12 100755 --- a/live-build/ubuntu-server/hooks/04-kernel-bits.binary +++ b/live-build/ubuntu-server/hooks/04-kernel-bits.binary @@ -2,6 +2,9 @@ # vi: ts=4 noexpandtab case $PASS in + ubuntu-server-minimal.ubuntu-server.installer.*.*) + exit 0 + ;; ubuntu-server-minimal.ubuntu-server.installer.*) flavor=${PASS##*.} ;; diff --git a/live-build/ubuntu-server/hooks/05-netboot-tarball.binary b/live-build/ubuntu-server/hooks/05-netboot-tarball.binary new file mode 100755 index 00000000..60cd2506 --- /dev/null +++ b/live-build/ubuntu-server/hooks/05-netboot-tarball.binary @@ -0,0 +1,117 @@ +#!/bin/sh + +case $PASS in + ubuntu-server-minimal.ubuntu-server.installer.generic.netboot) + ;; + *) + exit 0 + ;; +esac + +set -eux + +flavor=generic + +KERNEL=${PWD}/livecd.${PROJECT}.kernel-$flavor +INITRD=${PWD}/livecd.${PROJECT}.initrd-$flavor + +mkdir -p tarball/$ARCH + +case $ARCH in + s390x) + cp $INITRD tarball/$ARCH/initrd.ubuntu + cp $KERNEL tarball/$ARCH/kernel.ubuntu + ;; + + *) + cp $INITRD tarball/$ARCH/initrd + cp $KERNEL tarball/$ARCH/kernel + ;; +esac + +case $ARCH in + amd64) + mv chroot/usr/lib/PXELINUX/pxelinux.0 tarball/pxelinux.0 + mv chroot/usr/lib/syslinux/modules/bios/ldlinux.c32 tarball/ldlinux.c32 + mv chroot/usr/lib/shim/shimx64.efi tarball/bootx64.efi + mv chroot/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed tarball/grubx64.efi + + mkdir tarball/x86_64-efi tarball/pxelinux.cfg + cat > tarball/x86_64-efi/grub.cfg.in < tarball/pxelinux.cfg/default.in < tarball/arm64-efi/grub.cfg.in < tarball/s390x/ubuntu.exec < tarball/s390x/ubuntu.ins < tarball/s390x/parmfile.ubuntu.in < tarball/s390x/initrd.off + perl -e "print pack('N', -s 'tarball/s390x/initrd.ubuntu')" > tarball/s390x/initrd.siz + cat > tarball/s390x-kvm.cfg.in < tarball/dpm.cfg.in <