diff --git a/debian/changelog b/debian/changelog index 9f258abf..9ff52b83 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,26 @@ +livecd-rootfs (2.577) disco; urgency=medium + + [ Tobias Koch ] + * Detect which core snaps are required and install them on-the-fly. + * If image has core18 snaps only, automatically preseed snapd. + + [ Michael Hudson-Doyle ] + * Slim down ubuntu-cpc:minimized builds: + - Do not include any snaps in ubuntu-cpc:minimized builds (erroring if any + snap other than lxd is seeded). + - Install the lxd-installer package instead, which installs the lxd snap + when invoked. + - Install lxd snap in unminimize. + + [ Balint Reczey ] + * Pass --sort=name to tar to make tarballs more reproducible and + rsync-friendly + + [ Steve Langasek ] + * Adjust sed command for clarity. + + -- Steve Langasek Fri, 12 Apr 2019 13:34:56 -0700 + livecd-rootfs (2.576) disco; urgency=medium * When the "snap-tool" script encounters a core snap it will switch to diff --git a/live-build/auto/build b/live-build/auto/build index 8f4cf05d..22981da5 100755 --- a/live-build/auto/build +++ b/live-build/auto/build @@ -226,7 +226,17 @@ if dpkg-query --show --showformat='${db:Status-Status}\n' ubuntu-server 2> /dev/ fi EOF fi - cat >> chroot/usr/local/sbin/unminimize <<'EOF' + if [ "$PROJECT" = "ubuntu-cpc" ]; then + cat >> chroot/usr/local/sbin/unminimize <<'EOF' + +echo "Removing lxd installer package..." +apt-get purge -y lxd-installer + +echo "Installing lxd from snap..." +snap install lxd +EOF + fi + cat >> chroot/usr/local/sbin/unminimize <<'EOF' # unminimization succeeded, there is no need to mention it in motd rm -f /etc/update-motd.d/60-unminimize @@ -475,7 +485,7 @@ for ISO in binary.iso binary.hybrid.iso; do done if [ -e "binary/$INITFS/filesystem.dir" ]; then - (cd "binary/$INITFS/filesystem.dir/" && tar -c --xattrs *) | \ + (cd "binary/$INITFS/filesystem.dir/" && tar -c --sort=name --xattrs *) | \ gzip -9 --rsyncable > "$PREFIX.rootfs.tar.gz" chmod 644 "$PREFIX.rootfs.tar.gz" elif [ -e binary-tar.tar.gz ]; then @@ -512,7 +522,7 @@ EOF fi if [ "$PROJECT" = "ubuntu-touch" ] || [ "$PROJECT" = "ubuntu-touch-custom" ]; then - (cd "binary/$INITFS/custom.dir/" && tar -c --xattrs *) | \ + (cd "binary/$INITFS/custom.dir/" && tar -c --sort=name --xattrs *) | \ gzip -9 --rsyncable > "$PREFIX.custom.tar.gz" chmod 644 "$PREFIX.custom.tar.gz" fi @@ -649,7 +659,7 @@ case $PROJECT:${SUBPROJECT:-} in raspi2) # ubuntu-device-flash does not like subdirs here, we need to tar it up if [ -e $TMPDIR/assets/dtbs/overlays ]; then - tar -C $TMPDIR/assets/dtbs -f $TMPDIR/assets/dtbs/overlays.tgz -czv overlays + tar --sort=name -C $TMPDIR/assets/dtbs -f $TMPDIR/assets/dtbs/overlays.tgz -czv overlays rm -rf $TMPDIR/assets/dtbs/overlays fi ;; @@ -698,7 +708,7 @@ EOF manifestname="$devarch.$manifestname" fi # create tarfile - tar -c -z -f $HERE/$PREFIX.$tarname system assets hardware.yaml + tar -c --sort=name -z -f $HERE/$PREFIX.$tarname system assets hardware.yaml # create device specific manifest to track kernel dpkg version cp assets/dpkg.list $HERE/$PREFIX.$manifestname diff --git a/live-build/auto/config b/live-build/auto/config index 89519ae1..46246ebb 100755 --- a/live-build/auto/config +++ b/live-build/auto/config @@ -807,7 +807,7 @@ case $PROJECT in ubuntu-cpc) if [ "${SUBPROJECT:-}" = minimized ]; then add_task install cloud-image - add_package install sudo + add_package install sudo lxd-installer # linux-kvm currently only exists for amd64, so fall back to the # virtual flavour for other architectures if [ "$ARCH" = "amd64" ]; then @@ -896,6 +896,25 @@ esac if [ "$PASSES_TO_LAYERS" != "true" ] && [ -n "${BASE_SEED}" ]; then snap_from_seed "${BASE_SEED}" config/seeded-snaps fi +if [ "$PROJECT:${SUBPROJECT:-}" = ubuntu-cpc:minimized ]; then + # We install a lxc script that installs the snap when invoked. We don't + # want any other snaps to come in without due consideration, so fail the + # build if we see such a snap. + for snap in `cat config/seeded-snaps`; do + case $snap in + lxd) + ;; + *) + echo "Unexpected seeded snap for ubuntu-cpc:minimized build: $snap" + exit 1 + ;; + esac + done + + # Truncate but don't delete to a) prevent any snaps from being seeded, + # while at the same time b) triggering initialization of assertions. + truncate --size 0 config/seeded-snaps +fi # grab a list of packags to remove for a "minimal" installation from the seed # mirror for this project diff --git a/live-build/functions b/live-build/functions index c0dfcdca..fe766d72 100644 --- a/live-build/functions +++ b/live-build/functions @@ -416,6 +416,47 @@ inheritance () { echo "$inherit" } +_snap_post_process() { + # Look for the 'core' snap. If it is not present, assume that the image + # contains only snaps with bases >= core18. In that case snapd is + # preseeded. However, when 'core' is being installed and snapd has not + # been installed by a call to 'snap_preseed' (see below) then it is + # removed again. + local CHROOT_ROOT=$1 + local SNAP_NAME=$2 + + local seed_dir="$CHROOT_ROOT/var/lib/snapd/seed" + local snaps_dir="$seed_dir/snaps" + local seed_yaml="$seed_dir/seed.yaml" + local assertions_dir="$seed_dir/assertions" + local snapd_install_stamp="$seed_dir/.snapd-explicit-install-stamp" + + case $SNAP_NAME in + core[0-9]*) + # If the 'core' snap is not present, assume we are coreXX-only and + # install the snapd snap. + if [ ! -f ${snaps_dir}/core_[0-9]*.snap ]; then + _snap_preseed $CHROOT_ROOT snapd stable + fi + ;; + core) + # If the snapd snap has been seeded, but not marked as explicitly + # installed (see snap_preseed below), then remove it. + if [ -f ${snaps_dir}/snapd_[0-9]*.snap ] && \ + [ ! -f "$snapd_install_stamp" ] + then + # Remove snap, assertions and entry in seed.yaml + rm -f ${snaps_dir}/snapd_[0-9]*.snap + rm -f ${assertions_dir}/snapd_[0-9]*.assert + sed -i -e'/name: snapd/,+2d' $seed_yaml + fi + ;; + *) + # ignore + ;; + esac +} + _snap_preseed() { # Download the snap/assertion and add to the preseed local CHROOT_ROOT=$1 @@ -436,6 +477,26 @@ _snap_preseed() { return fi + case $SNAP_NAME in + snapd) + # snapd is self-contained, ignore base + ;; + *) + # Determine if and what core snap is needed + local core_snap=$(/usr/share/livecd-rootfs/snap-tool info \ + --cohort-key="${COHORT_KEY:-}" \ + --channel="$CHANNEL" "$SNAP_NAME" | \ + grep '^base:' | awk '{print $2}' + ) + + # If $core_snap is not the empty string then SNAP itself is not a core + # snap and we must additionally seed the core snap. + if [ -n "$core_snap" ]; then + _snap_preseed $CHROOT_ROOT $core_snap stable + fi + ;; + esac + sh -c " set -x; cd \"$CHROOT_ROOT/var/lib/snapd/seed\"; @@ -466,6 +527,12 @@ EOF echo -n " file: " >> $seed_yaml (cd $snaps_dir; ls -1 ${SNAP_NAME}_*.snap) >> $seed_yaml + + # If $core_snap is the empty string then SNAP itself *may be* a core snap, + # and we run some post-processing logic. + if [ -z "$core_snap" ]; then + _snap_post_process $CHROOT_ROOT $SNAP_NAME + fi } snap_prepare_assertions() { @@ -544,15 +611,13 @@ snap_prepare() { local CUSTOM_BRAND_MODEL=${2:-generic:generic-classic} snap_prepare_assertions "$CHROOT_ROOT" "$CUSTOM_BRAND_MODEL" - - # Download the core snap - _snap_preseed $CHROOT_ROOT core stable } snap_preseed() { # Preseed a snap in the image (snap_prepare must be called once prior) local CHROOT_ROOT=$1 local SNAP=$2 + local SNAP_NAME=${SNAP%/*} # Per Ubuntu policy, all seeded snaps (with the exception of the core # snap) must pull from stable/ubuntu-$(release_ver) as their channel. local CHANNEL=${3:-"stable/ubuntu-$(release_ver)"} @@ -561,7 +626,15 @@ snap_preseed() { echo "ERROR: Snap model assertion not present, snap_prepare must be called" exit 1 fi + _snap_preseed $CHROOT_ROOT $SNAP $CHANNEL + + # Mark this image as having snapd installed explicitly. + case $SNAP_NAME in + snapd) + touch "$CHROOT_ROOT/var/lib/snapd/seed/.snapd-explicit-install-stamp" + ;; + esac } snap_from_seed() { diff --git a/live-build/ubuntu-cpc/hooks.d/base/root-xz.binary b/live-build/ubuntu-cpc/hooks.d/base/root-xz.binary index 5695f96d..b23cd8d6 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/root-xz.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/root-xz.binary @@ -12,4 +12,4 @@ fi rootfs_dir=rootfs.dir cp $rootfs_dir.manifest livecd.ubuntu-cpc.rootfs.manifest -(cd $rootfs_dir/ && tar -c --xattrs *) | xz > livecd.ubuntu-cpc.rootfs.tar.xz +(cd $rootfs_dir/ && tar -c --sort=name --xattrs *) | xz > livecd.ubuntu-cpc.rootfs.tar.xz diff --git a/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary b/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary index d561d80f..b1b04553 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/vagrant.binary @@ -227,6 +227,7 @@ OVA information: EOM tar -C ${box_d} \ + --sort=name \ -cf ${cur_d}/livecd.ubuntu-cpc.vagrant.box \ box.ovf \ Vagrantfile \ diff --git a/live-build/ubuntu-cpc/hooks.d/base/vmdk-ova-image.binary b/live-build/ubuntu-cpc/hooks.d/base/vmdk-ova-image.binary index f3414f71..f9bcfb18 100755 --- a/live-build/ubuntu-cpc/hooks.d/base/vmdk-ova-image.binary +++ b/live-build/ubuntu-cpc/hooks.d/base/vmdk-ova-image.binary @@ -104,6 +104,7 @@ OVA information: EOM tar -C ${scratch_d} \ + --sort=name \ -cf ${cur_d}/livecd.ubuntu-cpc.ova \ ${prefix}.ovf \ ${prefix}.mf \ diff --git a/live-build/ubuntu-desktop-next/hooks/500-move-kernel-to-device-tar.binary b/live-build/ubuntu-desktop-next/hooks/500-move-kernel-to-device-tar.binary index 33e70ab4..b32447de 100644 --- a/live-build/ubuntu-desktop-next/hooks/500-move-kernel-to-device-tar.binary +++ b/live-build/ubuntu-desktop-next/hooks/500-move-kernel-to-device-tar.binary @@ -62,7 +62,7 @@ fi # and tar it up ( cd $TMPDIR - tar -c -z -f $HERE/device.tar.gz system assets hardware.yaml + tar -c --sort=name -z -f $HERE/device.tar.gz system assets hardware.yaml ) rm -rf $TMPDIR diff --git a/wget-log b/wget-log new file mode 100644 index 00000000..e69de29b diff --git a/wget-log.1 b/wget-log.1 new file mode 100644 index 00000000..e69de29b