Due to how `disk-image` file is structured, it builds BIOS and UEFI
images at the same time. However, certain images (e.g., GCE images)
require only UEFI image to be built, BIOS image is being simply
discarded. This results in longer build times.
Splitting out `disk-image-uefi` would allow images to use it instead of
`disk-image` and thus avoid building unused BIOS images.
`disk-image` now depends on `disk-image-uefi` for backward
compatibility.
(cherry picked from commit b40ce74fd6)
This fixes GCE shielded VM instances integrity monitoring failures on
focal and later. Our images are built with an empty /boot/grub/grubenv
file, however after the first boot `initrdless_boot_fallback_triggered`
is set to 0. This change in `grubenv` results in integrity monitoring
`lateBootReportEvent` error.
It seems that the only thing that's checking for this `grubenv` variable
is `grub-common.service`, and it is looking specifically for a `1`
value:
if grub-editenv /boot/grub/grubenv list | grep -q
initrdless_boot_fallback_triggered=1; then echo "grub:
GRUB_FORCE_PARTUUID set, initrdless boot paniced, fallback triggered.";
fi
Unsetting this variable instead of setting it to 0 would prevent issues
with integrity monitoring.
LP: 1960537 illustrates an issue where the calls to e2fsck in the
umount_partition call are failing due to an open file handle. At this
time, we are unable to find a root cause, and it's causing many builds
to fail for CPC. Adding a sleep 30 as a workaround as the file handle
releases within that timeframe. This does not address root cause.
Current impish builds fail with:
```
cp: error writing 'mountpoint/var/lib/snapd/snaps/snapd_14067.snap': No space left on device
cp: cannot create directory 'mountpoint/var/lib/snapd/ssl': No space left on device
```
This is a cherrypick backport from ubuntu/master
A urllib.error.URLError.reason variable can either be a string or
another Exception[0]. In case it's another exception, the current code
fails because the exception is passed into send_error() which tries
call html.escape() on the Exception. That fails because the Exception
is not a string. Converting the Exception to a string fixes this.
This fixes:
AttributeError: 'TimeoutError' object has no attribute 'replace'
[0]
https://docs.python.org/3/library/urllib.error.html#urllib.error.URLError.reason
(cherry picked from commit af888e24ff)
LP: 1944004 described an issue where a libc transition caused snapd
seccomp profiles to reference a path that no longer existed, leading to
permission denied errors. The committed fix for snapd then raised an
issue where running `snapd debug seeding` would present a
preseed-system-key and seed-restart-system-key due to a mismatch
between the running kernel capabilities and the profiles being loaded by
snapd. By mounting a cgroup2 type to /sys/fs/cgroup, the capabilities
match for snapd as mounted in the chroot. This is done similarly to
live-build/functions:138-140 where apparmour and seccomp actions are
mounted after updating the buildd.
Currently the uri that is passed into urllib.parse.urlparse() is not
prefixed with "http(s)://" which leads urlparse() to return a wrong
scheme/netloc/path. Currently it looks like:
ParseResult(scheme='', netloc='',
path='de.archive.ubuntu.com/ubuntu/dists/impish-backports/InRelease'
, params='', query='', fragment='')
That's wrong. The path should look like
'ubuntu/dists/impish-backports/InRelease'.
Prefixing the 'host' header with 'http://' in case it's not there does
fix the problem.
This fixes:
Traceback (most recent call last):
File "/usr/lib/python3.9/socketserver.py", line 683, in process_request_thread
self.finish_request(request, client_address)
File "/usr/lib/python3.9/socketserver.py", line 360, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python3.9/socketserver.py", line 747, in __init__
self.handle()
File "/usr/lib/python3.9/http/server.py", line 427, in handle
self.handle_one_request()
File "/usr/lib/python3.9/http/server.py", line 415, in handle_one_request
method()
File "/home/tom/devel/livecd-rootfs/./magic-proxy", line 787, in do_GET
File "/home/tom/devel/livecd-rootfs/./magic-proxy", line 838, in __get_request
File "/home/tom/devel/livecd-rootfs/./magic-proxy", line 84, in get_uri
TypeError: can only concatenate str (not "NoneType") to str
Debian changelog.Debian.* files are already keept for minimized
builds. But those changelogs are from non-native .deb packages (see
man dh_installchangelogs). Native .deb packages name their changelog
just changelog.* . So keep them in a minimized build, too.
LP: #1943114