snap-tool was added to support a deprecate cohort-key feature of the snap store.
Recent changes in snap assertions have added additional fields which snap-tool
is not retrieving. This resulted in snap install failures on first boot.
This patch removes snap-tool and returns to using the snap cli. This ensures
snap downloads will function without odd incompatibilities.
- drop ds-identify policy, not needed with improved cloud config
- drop disabling network, doesn't work with ip=
- fixup setting up the INSTALLER_ROOT mountpoint
- enable cloud-init
- make cloud-init handle the default/baked in networking configuration
- install and enable openssh-server for the installation only
- provide cloud.cfg that generates random installer user password
- disable subiquity on sclp_line0 line based console
Instead of injecting an empty resolv.conf with an includes.chroot, we'll
inject it in late with a hook. The empty resolv.conf breaks DNS early in
the build, and causes some binary hooks to fail.
Subiquity images mount /usr/lib/modules from a squashfs, which systemd
tries to unmount on shutdown, whilst they are still being in use. As
systemd-udevd kmod built-in's libkmod has modules.* files
memorymapped. This produces an warning on shutdown, flooding the
screen with messages as systemd switches to a more verbose
output. Specify LazyUnmount=yes on that mount, such that unmount call
succeeds without flooding the shutdown log.
When we encounter a failure in 'lb binary' the launchpad builders can
only surface the build output from stdout. If the binary hook failure
implicates the archive we can not determine fault without the apt
proxy log. This patch will dump the proxy log to stdout to aid in
debugging these failures.
As discussed and explained to Jibel and Didier on 17th of June, based
on canary image build logs, it showed clearly that lb controlled
initrd was only built once at the very first layer by
chroot_hacks. However, that is the wrong layer to build the final
initrd at, as at this point casper is not present yet and is not part
of the build.
Thus insure that chroot_hacks only runs at the live layer.
Ideally a subset of chroot_hacks should run on every layer, as each
layer should be squeaky clean, and most of layers without
initrds. However, jibel & didrocks are still implementing requested
patches to unbreak layer images and make each layer smaller. Hence
this minimal portion of the overall required work.
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
Iain Lane
Robert C Jennings
Łukasz 'sil2100' Zemczak
Dimitri John Ledkov
Michael Hudson-Doyle
David Krauser
Adam Conrad
Steve Langasek