Also Use Signed-By: /etc/apt/keyrings/preinstalled-pool.gpg and
make sure we only update from that .sources file as we did before.
This code may all be dead, who can say.
FIXME: We should figure out how to do an armored export of that key
and then embed it in the signed-by field instead of using a keyring
file.
By invoking LXD, lxd-installer will install LXD from the right
place, thereby make it simpler for us to not hardcode the
channel and manually snap install it.
Add mapping to use laptop-23.10 kernel. Ensure that
enhanced-secureboot is only setup on amd64 arch.
LP: #2037099
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
In the past, we'd directly snap install lxd which defaults to
the latest/stable channel. However, whilst working on enhancing
unminimize, it was observed that we install this snap from
the stable/ubuntu-<version> channel instead.
This was also noted as a failure when running the CTF tests:
`lxd installed from latest/stable, not stable/ubuntu-23.10`
With the introduction of the 6.5 kernel for mantic on 13th September ago we are seeing image build failures
on the armhf builds. The build failure was `No kernel output for generic-lpae!`.
Introduced in the 6.4 kernel and therefore now also in 6.5 there is no generic-lpae flavor anymore. it's just generic now.
As such this commit updates the expected flavour for armhf to generic.
In a minimized image, the linux headers are stripped, so when
unminimizing it, we should restore those stripped headers
by installing the linux-virtual package.
The unminimize script previously just restored the system documentation
and translations, man pages, and installed ubuntu-minimal and ubuntu-standard
packages to provide the familiar Ubuntu minimal system. But such an image
never became an equivalent of base image.
Upon investigation and looking at how the base image is constructed -
https://git.launchpad.net/livecd-rootfs/tree/live-build/auto/config#n1108 -
we use the following things:
- minimal task
- standard task
- cloud-image task (which involves ubuntu-server)
- ubuntu-minimal package
- server task if arch != amd64
OTOH, in the unminimize script, we use the following:
(https://git.launchpad.net/livecd-rootfs/tree/live-build/auto/build#n286)
- ubuntu-minimal package
- ubuntu-standard package
So upon running some tests, it was found that if we install ubuntu-server
(with --fix-policy flag), we get the resulting image equivalent to that
of a base image.
cf: https://warthogs.atlassian.net/browse/CPC-3033
Prior to dpkg/1.21.0, there was a bug where dpkg -V/--verify
couldn't list all the correct packages correctly but with
that being fix and in archive since Jammy, this works perfectly
but the syntax to report the missing files have changed. It
just prints 'missing' now. With that new format, we can now
fix the regex to simply list the packages.
With this patch, the unminimize script works flawlessly
on a minimized image.
Armhf images install the `generic-lpae` kernel, while other ARCHes use the
standard `generic` kernel when building the "virtual" image flavour.
Code was looking for a kernel binary ending with -generic in armhf
builds, and failed. Add a special condition to handle armhf builds'
kernel ending with `generic-lpae`
References:
[1] https://bugs.launchpad.net/cloud-images/+bug/2029527
With the switch to the ubuntu-cloud-minimal seed, we
don't really need to purge anything now. On the contrary,
the purging of packages if not installed, fails with the
exit code of 100.
Package linux-allwinner has a kernel with the generic flavour as
dependency. Add this translation to our code checking the correct
installation.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Debian changelog.Debian.* files are already keept for minimized
builds. But those changelogs are from non-native .deb packages (see
man dh_installchangelogs). Native .deb packages name their changelog
just changelog.* . So keep them in a minimized build, too.
LP: #1943114
Initialize passwords from sources.list.
Use urllib everywhere.
This way authentication is added to all the required requests.
And incoming headers, are passed to the outgoing requests.
And all the response headers, are passed to the original client.
And all the TCP & HTTP errors are passed back to the client.
Thus should avoiding hanging requests upon failure.
Also rewrite the URI when requesting things.
This allows to use private-ppa.buildd outside of launchpad.
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>