From ad78957f0103d23ec4f88ad27beb4a0eebe7c279 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 14:20:50 -0400 Subject: [PATCH 01/13] Remove boot/grub leftovers from our root squashfs, left behind after grub purge. --- debian/changelog | 7 +++++++ live-build/ubuntu-cpc/hooks/032-root-squashfs.binary | 1 + 2 files changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index eedeb482..ef6a347d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +livecd-rootfs (2.477) UNRELEASED; urgency=medium + + * Remove boot/grub leftovers from our root squashfs, left behind after + grub purge. + + -- Steve Langasek Fri, 13 Oct 2017 14:18:45 -0400 + livecd-rootfs (2.476) artful; urgency=medium * snap.subiquity.started.service must be RemainAfterExit=yes to satisfy diff --git a/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary b/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary index bcce0a76..6c2d6ac8 100755 --- a/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary +++ b/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary @@ -31,6 +31,7 @@ chroot binary/boot/squashfs.dir chmod +x /usr/sbin/grub-probe env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^linux-.*' 'linux-base+' env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^grub-.*' env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get autoremove --purge --assume-yes +rm -rf binary/boot/squashfs.dir/boot/grub chroot binary/boot/squashfs.dir mkdir /lib/modules chroot binary/boot/squashfs.dir rm /usr/sbin/grub-probe From 08a5fc58bafb929dcb6977f0bf8a540f5ceb4ca7 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 14:28:17 -0400 Subject: [PATCH 02/13] Remove apt, debconf cruft files from /var/cache in all our livefses. --- debian/changelog | 1 + live-build/auto/build | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/debian/changelog b/debian/changelog index ef6a347d..c2b14c84 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ livecd-rootfs (2.477) UNRELEASED; urgency=medium * Remove boot/grub leftovers from our root squashfs, left behind after grub purge. + * Remove apt, debconf cruft files from /var/cache in all our livefses. -- Steve Langasek Fri, 13 Oct 2017 14:18:45 -0400 diff --git a/live-build/auto/build b/live-build/auto/build index 41c21337..b062ddfb 100755 --- a/live-build/auto/build +++ b/live-build/auto/build @@ -210,6 +210,10 @@ EOF lb chroot "$@" + # remove crufty files that shouldn't be left in an image + rm -f chroot/var/cache/debconf/*-old + Chroot chroot apt clean + if [ -f config/oem-config-preinstalled ]; then # This is cargo-culted almost verbatim (with some syntax changes for From 54427d4440547bed064f468d17377deff4eca3c0 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 14:59:37 -0400 Subject: [PATCH 03/13] When building minimized cloud images, remove various packages that we don't want installed by default. Some are tools that aren't needed for non-interactive use; some are libraries whose reverse-dependencies will have already been removed; and one, open-vm-tools, should only be included in images that are targeted to VMWare (which is not the case for any of the current minimal images), rather than being included directly in the cloud-image seed. --- debian/changelog | 7 +++++++ live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot | 16 ++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/debian/changelog b/debian/changelog index c2b14c84..da65b793 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,13 @@ livecd-rootfs (2.477) UNRELEASED; urgency=medium * Remove boot/grub leftovers from our root squashfs, left behind after grub purge. * Remove apt, debconf cruft files from /var/cache in all our livefses. + * When building minimized cloud images, remove various packages that we + don't want installed by default. Some are tools that aren't needed for + non-interactive use; some are libraries whose reverse-dependencies + will have already been removed; and one, open-vm-tools, should only be + included in images that are targeted to VMWare (which is not the case + for any of the current minimal images), rather than being included + directly in the cloud-image seed. -- Steve Langasek Fri, 13 Oct 2017 14:18:45 -0400 diff --git a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot index 8b22fc8e..9dfbdcaa 100755 --- a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot @@ -136,6 +136,22 @@ if [ -L "${rootd}/boot/initrd.img" ] && [ ! -e "${rootd}/boot/initrd.img" ]; the rm "${rootd}/boot/initrd.img" fi +if [ "${SUBPROJECT:-}" = minimized ]; then + # Remove various packages that we don't want in the minimized images. + # Some of these are tools that don't make sense by default + # non-interactively; some are libraries whose reverse-dependencies + # will have already been removed; open-vm-tools, it's a bug that this + # is in the common cloud seed because this should only be included + # in VMWare guest images, and we know none of the minimized images + # are targeted at VMWare. + _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ + apt-get -y purge iso-codes xauth pastebinit \ + plymouth open-vm-tools git libdumbnet1 libmspack0 libxmlsec1 \ + libxmlsec1-openssl libxslt1.1 + _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ + apt-get -y autoremove --purge +fi + #### END COMMON ARCH FUNCTIONS From add1cca991a1614142c27c360c6c74e69a1d7424 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 17:00:37 -0400 Subject: [PATCH 04/13] Refactor, mark all lib'*' and python'*' packages auto-installed so they can be cleaned up as dependencies instead --- live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot index 9dfbdcaa..aa8da7a2 100755 --- a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot @@ -145,11 +145,11 @@ if [ "${SUBPROJECT:-}" = minimized ]; then # in VMWare guest images, and we know none of the minimized images # are targeted at VMWare. _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ - apt-get -y purge iso-codes xauth pastebinit \ - plymouth open-vm-tools git libdumbnet1 libmspack0 libxmlsec1 \ - libxmlsec1-openssl libxslt1.1 + apt-mark auto '^lib.*' '^python*' 2>/dev/null + # FIXME: iso-codes is a dep of software-properties and shouldn't be _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ - apt-get -y autoremove --purge + apt-get -y autoremove --purge iso-codes xauth pastebinit \ + plymouth open-vm-tools git fi #### END COMMON ARCH FUNCTIONS From dc875735b88ed72058ea8ebc25c3887039c5874b Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 17:25:50 -0400 Subject: [PATCH 05/13] More packages to remove when minimizing --- live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot index aa8da7a2..39940d4a 100755 --- a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot @@ -149,7 +149,8 @@ if [ "${SUBPROJECT:-}" = minimized ]; then # FIXME: iso-codes is a dep of software-properties and shouldn't be _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ apt-get -y autoremove --purge iso-codes xauth pastebinit \ - plymouth open-vm-tools git + plymouth open-vm-tools git shared-mime-info vim console-setup \ + ncurses-term tmux screen fi #### END COMMON ARCH FUNCTIONS From bc361bc33b24a96fd1c62d828c9b69b6cd2b3053 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 17:35:33 -0400 Subject: [PATCH 06/13] call apt clean separately for the squashfs --- live-build/ubuntu-cpc/hooks/032-root-squashfs.binary | 1 + 1 file changed, 1 insertion(+) diff --git a/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary b/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary index 6c2d6ac8..3625547a 100755 --- a/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary +++ b/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary @@ -31,6 +31,7 @@ chroot binary/boot/squashfs.dir chmod +x /usr/sbin/grub-probe env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^linux-.*' 'linux-base+' env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^grub-.*' env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get autoremove --purge --assume-yes +env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt clean rm -rf binary/boot/squashfs.dir/boot/grub chroot binary/boot/squashfs.dir mkdir /lib/modules From dec765f0350cef764673fc7f6cff0432cc28a9a8 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 21:40:02 -0400 Subject: [PATCH 07/13] no actual point in apt clean here, since that just cleans files from the bind mount --- live-build/ubuntu-cpc/hooks/032-root-squashfs.binary | 1 - 1 file changed, 1 deletion(-) diff --git a/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary b/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary index 3625547a..6c2d6ac8 100755 --- a/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary +++ b/live-build/ubuntu-cpc/hooks/032-root-squashfs.binary @@ -31,7 +31,6 @@ chroot binary/boot/squashfs.dir chmod +x /usr/sbin/grub-probe env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^linux-.*' 'linux-base+' env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get --purge remove --assume-yes '^grub-.*' env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt-get autoremove --purge --assume-yes -env DEBIAN_FRONTEND=noninteractive chroot binary/boot/squashfs.dir apt clean rm -rf binary/boot/squashfs.dir/boot/grub chroot binary/boot/squashfs.dir mkdir /lib/modules From 783437f533393c7330dfcd684f4cc66a03a6aa80 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 21:50:26 -0400 Subject: [PATCH 08/13] instead, call apt clean from the chroot --- live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot | 1 + 1 file changed, 1 insertion(+) diff --git a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot index 39940d4a..daa04c08 100755 --- a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot @@ -151,6 +151,7 @@ if [ "${SUBPROJECT:-}" = minimized ]; then apt-get -y autoremove --purge iso-codes xauth pastebinit \ plymouth open-vm-tools git shared-mime-info vim console-setup \ ncurses-term tmux screen + _xchroot "${rootd}" apt clean fi #### END COMMON ARCH FUNCTIONS From d24ca0490b35ba12e0135c8098a9135b959dfc4d Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 22:15:38 -0400 Subject: [PATCH 09/13] Pass --cache false to lb config; otherwise we copy around caches of .debs that are never used properly, and which prevent us from emptying /var/cache/apt in images. --- debian/changelog | 3 +++ live-build/auto/config | 1 + 2 files changed, 4 insertions(+) diff --git a/debian/changelog b/debian/changelog index f7062cd6..c7554cdc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,9 @@ livecd-rootfs (2.477) UNRELEASED; urgency=medium * Remove boot/grub leftovers from our root squashfs, left behind after grub purge. * Remove apt, debconf cruft files from /var/cache in all our livefses. + * Pass --cache false to lb config; otherwise we copy around caches of + .debs that are never used properly, and which prevent us from emptying + /var/cache/apt in images. * When building minimized cloud images, remove various packages that we don't want installed by default. Some are tools that aren't needed for non-interactive use; some are libraries whose reverse-dependencies diff --git a/live-build/auto/config b/live-build/auto/config index bf7435d7..52a03469 100755 --- a/live-build/auto/config +++ b/live-build/auto/config @@ -694,6 +694,7 @@ lb config noauto \ --initsystem none \ --bootloader "$BOOTLOADER" \ --initramfs-compression lzma \ + --cache false \ ${BOOTAPPEND_LIVE:+--bootappend-live "$BOOTAPPEND_LIVE"} \ $OPTS \ "$@" From c0bb8d760fed6f84f8b13706050e331e8c579264 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Fri, 13 Oct 2017 23:52:03 -0400 Subject: [PATCH 10/13] remove vim a little harder --- live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot index daa04c08..fca571ef 100755 --- a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot @@ -145,12 +145,12 @@ if [ "${SUBPROJECT:-}" = minimized ]; then # in VMWare guest images, and we know none of the minimized images # are targeted at VMWare. _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ - apt-mark auto '^lib.*' '^python*' 2>/dev/null + apt-mark auto '^lib.*' '^python*' vim-runtime 2>/dev/null # FIXME: iso-codes is a dep of software-properties and shouldn't be _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ apt-get -y autoremove --purge iso-codes xauth pastebinit \ - plymouth open-vm-tools git shared-mime-info vim console-setup \ - ncurses-term tmux screen + plymouth open-vm-tools git shared-mime-info vim vim-common \ + console-setup ncurses-term tmux screen _xchroot "${rootd}" apt clean fi From c9b427c11bf6cff5ae80447a83ce1c7b6bb5ae1f Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Wed, 18 Oct 2017 17:50:56 -0700 Subject: [PATCH 11/13] Another round of package removals for minimization --- live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot index fca571ef..a598c3a4 100755 --- a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot @@ -150,7 +150,10 @@ if [ "${SUBPROJECT:-}" = minimized ]; then _xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \ apt-get -y autoremove --purge iso-codes xauth pastebinit \ plymouth open-vm-tools git shared-mime-info vim vim-common \ - console-setup ncurses-term tmux screen + console-setup ncurses-term tmux screen policykit-1 \ + xdg-user-dirs less publicsuffix run-one apport-symptoms \ + ubuntu-cloudimage-keyring + _xchroot "${rootd}" apt clean fi From 51890b5b437880e5bdb15993071d985a1490e82c Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Wed, 18 Oct 2017 18:11:53 -0700 Subject: [PATCH 12/13] add 'file' to the axe list for minimized --- live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot index a598c3a4..ef03273d 100755 --- a/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot +++ b/live-build/ubuntu-cpc/hooks/999-cpc-fixes.chroot @@ -152,7 +152,7 @@ if [ "${SUBPROJECT:-}" = minimized ]; then plymouth open-vm-tools git shared-mime-info vim vim-common \ console-setup ncurses-term tmux screen policykit-1 \ xdg-user-dirs less publicsuffix run-one apport-symptoms \ - ubuntu-cloudimage-keyring + ubuntu-cloudimage-keyring file _xchroot "${rootd}" apt clean fi From f91a9f16ee19df5471a33ba4c07ca59f8e125a2c Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Wed, 18 Oct 2017 22:20:44 -0700 Subject: [PATCH 13/13] Also remove old dpkg files from the live images --- debian/changelog | 3 ++- live-build/auto/build | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index c7554cdc..3aa46496 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,7 +3,8 @@ livecd-rootfs (2.477) UNRELEASED; urgency=medium * Purge initramfs-tools from minimized images. * Remove boot/grub leftovers from our root squashfs, left behind after grub purge. - * Remove apt, debconf cruft files from /var/cache in all our livefses. + * Remove apt, debconf, dpkg cruft files from /var/cache and /var/lib in all + our livefses. * Pass --cache false to lb config; otherwise we copy around caches of .debs that are never used properly, and which prevent us from emptying /var/cache/apt in images. diff --git a/live-build/auto/build b/live-build/auto/build index 1a7c3b8a..34c33254 100755 --- a/live-build/auto/build +++ b/live-build/auto/build @@ -226,7 +226,7 @@ EOF fi # remove crufty files that shouldn't be left in an image - rm -f chroot/var/cache/debconf/*-old + rm -f chroot/var/cache/debconf/*-old chroot/var/lib/dpkg/*-old Chroot chroot apt clean if [ -f config/oem-config-preinstalled ]; then