systemd-resolved got moved out of the systemd package in kinetic and is
required for bootable buildd environement (as opposed to launchpad buildd)
(LP: #2007419)
Prior to dpkg/1.21.0, there was a bug where dpkg -V/--verify
couldn't list all the correct packages correctly but with
that being fix and in archive since Jammy, this works perfectly
but the syntax to report the missing files have changed. It
just prints 'missing' now. With that new format, we can now
fix the regex to simply list the packages.
With this patch, the unminimize script works flawlessly
on a minimized image.
ubuntu-cpc project binary hooks were not all producing .filelist files as they were not using
the create_manifest shared function.
This commit ensures the disk-image-uefi, disk-image-ppc64el and disk-image-uefi-non-cloud hooks create
a filelist during build.
The image filelists created during ubuntu-cpc project image builds were not sorted.
Soring the filelists makes it easier to compare the filelists without needing to sort first.
This package is needed by ubuntu-advantage-tools for cloud images
only. u-a-t ultimately will drop this entirely in their next release.
(cf: https://github.com/canonical/ubuntu-pro-client/issues/2692)
So instead of putting this in the seeds and then having to deal
with the seed changes to Mantic (after its release) and SRU of
ubuntu-meta, I'd rather have changes in livecd-rootfs done. Once
python3-systemd dependency is dropped from u-a-t, we'll drop it
from livecd-rootfs in Mantic+, too.
fuse3 was previously installed through recommends but with minimized images we no longer install recommends packages.
It is only required when preseeding snaps so does not need to be present in all minimized images so does not
need to be in the cloud-minimal seed.
As a result of not installing recommended packages the packages required to run `grub-install`
are no longer installed by default.
To ensure we can successfully run `grub-install` we install both `grub-pc` and `grub2-common`
packages.
As a result of not installing recommended packages we have dangling symlink `/boot/initrd.img.old`
As per the preceding `/boot/initrd.img` cleanup. Cleanup of `/boot/initrd.img.old`
only happens if it is a dangling symlink.
These `rm` commands also have `--verbose` flags now to make it easier when debugging logs
For minimized images we do not want to install any recommended packages.
We can do this by setting APT::Install-Recommends to false in apt config
or by passing --no-install-recommends to apt-get install.
While attempting to run autopkgtest locally, the test stops at the
following command:
ssh-keygen -t ed25519 -C ubuntu_vagrant_insecure_key -b 4096 -f
/tmp/tmp.VuAfnsBv1G/vagrant_insecure_key
This is found in live-build/ubuntu-cpc/hooks.d/base/vagrant.binary
It appears to be waiting for a passphrase, as running that outside of
adt gives a more helpful "Enter passphrase" prompt.
Explicitly set the passphrase to empty with the `-N` argument.
Armhf images install the `generic-lpae` kernel, while other ARCHes use the
standard `generic` kernel when building the "virtual" image flavour.
Code was looking for a kernel binary ending with -generic in armhf
builds, and failed. Add a special condition to handle armhf builds'
kernel ending with `generic-lpae`
References:
[1] https://bugs.launchpad.net/cloud-images/+bug/2029527
During Realtime kernel image build, there was an error during
validating snap seed which derivative images copied 5.19
apparmor feature and can't validate when Realtime kernel (5.15)
installed [0].
To prevent this, bind correct apparmor feature with kernel
version.
[0] https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/2024639
(cherry picked from commit 6b54faa6be)
With the switch to the ubuntu-cloud-minimal seed, we
don't really need to purge anything now. On the contrary,
the purging of packages if not installed, fails with the
exit code of 100.
EDK II is available for the StarFive VisionFive 2 board. As it is larger
than U-Boot we need to increase the size of the loader 2 partition to
accommodate it.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Now that we have the cloud-minimal seed for minimized cloud
image builds, we should drop all the workarounds and hacks
we once needed when we were using the server seed. We can
directly use the new metapackage and get rid of the tasks and
other autoremoves, et al.
Package linux-allwinner has a kernel with the generic flavour as
dependency. Add this translation to our code checking the correct
installation.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
According to the kernel team the Linux Meta package linux-allwinner shall
continue to be supplied. It will depend on generic packages.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Remove kvm-image altogether.
Previously for minimal image replace_kernel function replaced virtual
images with kvm, and called force_boot_without_initramfs. Now simply
call force_boot_without_initramfs for minimal image without replacing
kernel flavour.
This also means minimal images can now be built for arm64 and armhf.
Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com>
Up to now we have used u-boot-menu for preinstalled images for the SiFive
HiFive Unmatched and Unleashed boards and GRUB for all other RISC-V images.
The choice was made because RISC-V GRUB was not available when the SiFive
boards where released.
Let the Unmatched and Unleashed board preinstalled images use GRUB.
Simplify the code.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Canonical Public Cloud's project seems a bad place to build images for
hardware devices however this is how things were done a we now need to
maintain this.
The recent change to mount the ESP on /boot breaks those images, instead
of adding more hacky things in the hook, create a dedicated target for
those images and use a different hook to build UEFI images.
This is required by the new UEFI binary hook as we mount the ESP on
/boot and the ESP filesystem doesn't support symlinks.
We keep symlinks for s390x images which do not use UEFI anyway.
This is driven by online encryption scenarios. In order to efficiently
encrypt the root filesystem without modifying the partition layout, the
kernel should sit in an un-encrypted /boot partition. Instead of
creating a new partition that would change the default partition layout,
we mount the ESP on /boot. We also need to then bind mount /boot on
/boot/efi because that's where Grub expects the ESP to be located.
This now matches the cloud images (7c760864fd)
fixing bootloader updates in the buildd images, but also fixing
compatibility with using devtmpfs for losetup.
kpartx on riscv64 appears to be racy. Rather than trying to debug these
fraught races somewhere between udev and libdevmapper, we can use losetup
which should be simpler and less error-prone.
live-build/auto/config:
- for Ubuntu Server live images and the arm64+tegra full arch, build a
tegra variant with linux-nvidia-tegra as the flavor and
linux-nvidia-tegra as the kernel meta-package
- default to nvidia-$SUBARCH as the kernel flavor for all images using
arm64+tegra as full arch
hooks/03-kernel-metapkg.chroot_early:
- use linux-nvidia-tegra as kernel meta-package for the nvidia-tegra
flavor
missing a && between icicle and visionfive, led to /boot/efi still being
in place, and grub-install running instead of exiting the func.
fixes LP:2015750
Cloud-init cannot write directly to
/etc/NetworkManager/system-connections because subiquity may
need to emit config to /etc/netplan/00-installer.yaml and call
netplan apply for autoinstall.network use-cases.
When cloud-init's config is written directly to
/etc/NetworkManager, neither netplan nor subiquity has knowledge of
this config and this results in namespace collisions in NetworkManager
due to `netplan-` named connections and `cloud-init` connection ids
fighting over which config own a given interface name.
Deleting this config overlay allows subiquity to manage all network
setup when it needs to with netplan directly.
Subiquity already has logic to rename any unwanted netplan
configuration when it intends to write cfg and run netplan apply[1].
This should allow subiquity full control of network config when needed.
[1] https://github.com/canonical/subiquity/blob/
92ac6544cdfedfd332d8cd94dbcfad0aab994575/subiquitycore/
controllers/network.py#L267
LP: #2015605
Steve Langasek
Łukasz 'sil2100' Zemczak
Simon Poirier
Utkarsh Gupta
Philip Roche
Michael Hudson-Doyle
Dan Bungert
Stefan Hammer
Jess Jang
Heinrich Schuchardt
Dimitri John Ledkov
Yao Wei (魏銘廷)
Sebastien Bacher
Gauthier Jolly
Loïc Minier
Dave Jones
John Chittum
Chad Smith