|
|
|
|
Changelog for dracut-kiwi-overlay-9.25.19-150600.1.1.CS.x86_64.rpm :
* Tue Nov 28 2023 Marcus Schäfer - Bump version: 9.25.18 → 9.25.19 * Thu Nov 23 2023 Alexandre Esse - Fix typo in workflow overview doc section * Wed Nov 22 2023 Marcus Schäfer - Add missing documentation for oem-unattended-id * Wed Nov 22 2023 Marcus Schäfer - Allow install disk overwrite from cmdline Add rd.kiwi.oem.installdevice=DEVICE. Configures the disk device that should be used in an OEM installation. This overwrites any other oem device setting, e.g device filter or maxdisk and just continues the installation on the given device. However, the device must exist and must be a block special. This Fixes jira#PED-7180 * Tue Nov 21 2023 Marcus Schäfer - Update mailmap * Fri Nov 10 2023 Kali - Replace the regex-based loader entry fix with string parsing (#2388) A user building RHEL images ran into issues with the initrd. It turns out that RHEL uses some patches that mean the initrd/linux files in RHEL are not installed to /boot, which trips up the original regex. The new fix doesn\'t rely on matching the path in boot, instead just finding the initrd/linux files and rewriting them in place. This change also adds the pre-and-post fix loader entries to the debug logs. Reference: https://bugzilla.suse.com/1208701 Fixes suse bsc#1208701 * Fri Nov 10 2023 Marcus Schäfer - Fix mbrid setup for read-only systems On filesystems without a UUID (e.g squashfs) the fallback boot id setup should apply if neither UUID nor MBR ID is present. This is a followup fix for Issue #2391 * Thu Nov 09 2023 Marcus Schäfer - Fixed test-image-disk-legacy test description The configured embedded ESP image size is too big, max 30MB are possible as El Torito boot load size * Thu Nov 09 2023 Marcus Schäfer - Don\'t make toml a requirement * Wed Nov 08 2023 Marcus Schäfer - Fixed grub mbrid file search To identify the root device for ISO images (live and install media) that boots via grub2, kiwi uses a grub2 --file search. The searched file was named /boot/mbrid, however this is not a unique name and could be found on other devices of the system as well. To connect the search to the correct media this commit changes the search to an ID based method which is unique to the image build process. This Fixes #2389 * Wed Nov 08 2023 Marcus Schäfer - Don\'t use kernel-install kernel-install does a lot more then making the kernel available to the ESP. It calls dracut, it creates loader entries and all that is unexpected and also breaks the boot because the way dracut is called in the image build case where host != target leads to broken results. This commit refactors the systemd-boot support in kiwi to prevent the use of kernel-install * Wed Nov 08 2023 Marcus Schäfer - Add check_efi_fat_image_has_correct_size Add runtime check for to check that the efifatimagesize does not exceed the max El Torito load size * Tue Nov 07 2023 Marcus Schäfer - Add support for ISO boot via systemd-boot Create proper EFI FAT image via bootctl to be used as alt loader in xorriso. This allows to boot the ISO via EFI e.g kvm -bios /usr/share/qemu/ovmf-x86_64.bin -cdrom file.iso Please note, hybrid boot is done via grub\'s hybrid MBR and as systemd-boot does not provide one, hybrid boot is out of scope yet. This Fixes #2281 * Sun Nov 05 2023 Marcus Schäfer - Bump version: 9.25.17 → 9.25.18 * Wed Nov 01 2023 Marcus Schäfer - Add partx to module-setup of kiwi-lib too * Fri Oct 27 2023 Marcus Schäfer - Change partprobe fallback to partx Informing the kernel about a new partition geometry can be done in a busy state and is also effective for new devices and new mounts based on the new geometry. busy state mounts of course will not see it until swap of the busy state but a complete refuse of operation like it happens with blockdev is imho not required. Just as partprobe, partx is less restrictive on the busy state. That\'s why this commit changes the partprobe fallback to use partx instead of blockdev * Thu Oct 26 2023 Marcus Schäfer - Create live persistent storage without busy state With the former logic the live ISO was already mounted when an eventual persistent storage partition was created. This leads to an issue on re-reading the partition table, not for all but several tools. This commit changes the order of tasks such that the setup of the persistent write storage is performed prior mounting the live ISO. In addition to this change an alternative method using blockdev to re-read the partition was added in case partprobe is not present. This also allows to get rid of the parted dependency which provides partprobe * Tue Oct 17 2023 Marcus Schäfer - Bump version: 9.25.16 → 9.25.17 * Mon Oct 16 2023 Marcus Schäfer - Fixed argument processing of config.bootoptions Instead of adding an extra space to make the subsequent reading to work, use an awk script that does it without nasty workarounds * Mon Oct 16 2023 Marcus Schäfer - Allow test-image-disk-ramdisk to be build locally * Mon Oct 16 2023 Marcus Schäfer - Bump version: 9.25.15 → 9.25.16 * Mon Oct 16 2023 Marcus Schäfer - Fixed doc search field The search in the documentation is broken with the rtd schema and latest sphinx. Stick with sphinx 5.0.0 for the moment which fixes the issue * Mon Oct 16 2023 Marcus Schäfer - Bump version: 9.25.14 → 9.25.15 * Mon Oct 16 2023 Marcus Schäfer - Make codacy happy * Mon Oct 16 2023 Marcus Schäfer - Support release version in signkey URLs Using one of the $releasever/${releasever} variable placeholders in an URL as part of a element did not replace the placeholder with the value of the element. This commit fixes this and also makes sure that the result list for downloading signing keys is unique. This Fixes #2381 * Sun Oct 08 2023 Marcus Schäfer - Bump version: 9.25.13 → 9.25.14 * Sun Oct 08 2023 Marcus Schäfer - Update pypi release to trusted workflow * Fri Sep 22 2023 Marcus Schäfer - Added unit test for testing grub prefix Cover the condition if an extra boot partition is used * Wed Sep 13 2023 Marcus Schäfer - Support TOML markup Allow to use TOML markup for the kiwi image description This Fixes #2372 * Wed Sep 13 2023 Marcus Schäfer - Fix documentation for btrfs_set_default_volume The behavior documentation regarding the fstab entry when using the btrfs_set_default_volume attribute was wrong. This commit fixes the docs to match the code. Related to Issue #2366 * Wed Sep 13 2023 Radoslav Kolev - Fix typo in \'image results\' doc section * Wed Sep 13 2023 Marcus Schäfer - Fixed root entry in fstab for btrfs layout A root (/) entry in fstab for btrfs is only required if no default volume is configured. This commit adapts the code path which adds an fstab entry for (/) to be effective only if btrfs_set_default_volume is set to false. Additionally, the documentation around btrfs_set_default_volume was clarified to describe the behavior the switch triggers. This Fixes #2366 * Wed Sep 13 2023 David Cassany Viladomat - Remove community repository from Arch images Community repository is no longer needed for the test image. OBS does not pull any package from this repository and in Arch linux there is not the concept of empty repositories, so the build fails in an OBS context if this repository is included within the build stack. Signed-off-by: David Cassany * Thu Sep 07 2023 Leif Liddy - use / prefix when boot partition is used * Fri Sep 01 2023 Leif Liddy - use os.path.join to create path os.path.join to create the path for the early_boot.write functions this will prevent paths from containing double slashes // * Thu Aug 31 2023 Neal Gompa - PKGBUILD: Drop unused Python dependencies We haven\'t used some of these dependencies in years... * Sat Aug 26 2023 Leif Liddy - add info on none console type * Fri Aug 25 2023 Leif Liddy - allow value of GRUB_TERMINAL to be empty allow value of GRUB_TERMINAL to be empty. When setting grub_console=\"none\" this now leads to an empty setting of GRUB_TERMINAL in the /etc/default/grub system configuration file. This Fixes #2261 * Thu Aug 24 2023 Marcus Schäfer - Bump version: 9.25.12 → 9.25.13 * Tue Aug 22 2023 Marcus Schäfer - Fixed mounting of subvolumes for data sync The subvolumes must be mounted below the root of the filesystem tree such that the sync mechanism correctly shuffles the data to the correct volumes. This Fixes #2356 * Tue Aug 22 2023 Joerg Vehlow - Make verity metadata always readonly If a partition is verity protected, it can never be writable, since verity is by-definition read-only. * Tue Aug 15 2023 Evan Goode - Require DNF 5 in Fedora >= 41, not Fedora > 38 The switch to DNF 5 has been postponed to (likely) Fedora 41. * Tue Aug 15 2023 Marcus Schäfer - Add kiwi_live_volid variable to profile As part of the profile environment only the kiwi_install_volid variable existed with the default value \'INSTALL\'. This information is correct when building an oem image with installiso set to true. The resulting .install.iso image has the configured volid or the mentioned default \'INSTALL\'. However, when building a live ISO image the default volid value is set to \'CDROM\' but the profile environment contains kiwi_install_volid which is misleading and in case no volid is provided in the configuration file, the default value would also be a wrong information. This commit cleans up the mess and provides kiwi_install_volid for install ISO media and kiwi_live_volid for Live ISO media with their respective default values * Tue Aug 15 2023 Tom Schraitle - Add some hints about KIWI extensions and dependencies for SLE (#2348) SUSE Linux Enterprise Server (SLES) has KIWI as a package. However, some KIWI plugins and their dependencies can be unavailable. This commit introduces a new section which deals with this aspect. Fixes bsc#1209302 * Fri Aug 11 2023 Marcus Schäfer - Package lockdev no longer exists on TW Update TW based integration tests and delete the install of the lockdev package * Thu Aug 10 2023 Tom Schraitle - Update GitHub Actions \"actions/ *\" part Update to the latest versions: * actions/checkoutAATTv3 * action/setup-pythonAATTv4 * action/cacheAATTv3 * Wed Aug 09 2023 Marcus Schäfer - Bump version: 9.25.11 → 9.25.12 * Wed Aug 09 2023 Marcus Schäfer - Fix double grub entries in hybrid ISO images As consequence of using the \"source\" grub command instead of the \"configfile\" command to load the grub config we now see double loading of the same file on ISO media. The reason here is that kiwi ISO media is always hybrid which means it embeds an MBR into the ISO for which the \"source\" command now can read the same file through two different device paths. This does not happen with the \"configfile\" grub command. Thus this patch uses \"configfile\" if we produce an ISO image and \"source\" for all other image types. The commit also fixes the custom grub template used for ISO images in a way that we only set the \"serial\" command if there is a serial configuration provided along with the image description. * Thu Aug 03 2023 Marcus Schäfer - Update x86/tumbleweed/test-image-systemd-boot systemd package has been splitted and provides systemd-boot in an extra package now * Thu Aug 03 2023 Marcus Schäfer - Limit scope of grub _fix method Only apply _fix_grub_to_support_dynamic_efi_and_bios_boot for the x86_64 or ix86 architectures. This Fixes #2343 * Tue Aug 01 2023 Marcus Schäfer - Bump version: 9.25.10 → 9.25.11 * Tue Aug 01 2023 Leif Liddy - remove trailing whitespace * Tue Aug 01 2023 Dan Čermák - rpm spec: add missing requires of typing_extensions for python < 3.8 * Tue Aug 01 2023 Dan Čermák - rpm spec: bump copyright year * Tue Aug 01 2023 Marcus Schäfer - Fixed linter errors Latest changes regarding type hints introduced linter errors. Also adapt the workflow run which is expected to detect them * Tue Aug 01 2023 Leif Liddy - add GRUB_TIMEOUT_STYLE menu option revert trailing space removal * Mon Jul 31 2023 Marcus Schäfer - Bump version: 9.25.9 → 9.25.10 * Mon Jul 31 2023 Marcus Schäfer - Fixed python interpreter for Release target * Mon Jul 31 2023 Marcus Schäfer - Bump version: 9.25.8 → 9.25.9 * Mon Jul 31 2023 Marcus Schäfer - Fixed workflow interpreter name Specifying py 3.10 has to be quoted * Mon Jul 31 2023 Marcus Schäfer - Bump version: 9.25.7 → 9.25.8 * Mon Jul 31 2023 Marcus Schäfer - Fixed doc publishing The github action to do this was still based on py3.6 but the latest changes on tox.ini requires a newer version of tox which doesn\'t exist for py3.6. Thus run the workflow on a newer python version * Mon Jul 31 2023 Marcus Schäfer - Bump version: 9.25.6 → 9.25.7 * Mon Jul 31 2023 Marcus Schäfer - Fix linter check, whitespace after : * Mon Jul 31 2023 Marcus Schäfer - Bump version: 9.25.5 → 9.25.6 * Mon Jul 31 2023 Marcus Schäfer - Pass rootflags if no default volume is set In case of btrfs and if btrfs_set_default_volume is explicitly switched off, we create the correct rootflags= kernel cmdline entry to tell the system about the root volume for booting * Thu Jul 27 2023 slowpeek - Use \'source\' instead of \'configfile\' in generated grub.cfg Details are outlined in issue #2320 * Thu Jul 27 2023 Marcus Schäfer - Make sure btrfs root volume is used when needed With the possibility to switch off setting the default volume an issue at other parts in the kiwi code which mounted the btrfs based system were uncovered. Without any default volume set it\'s required to transport the root volume if different from / and pass the respective subvol= option to the mount. This commit fixes it at the places where kiwi trusted btrfs to have a correct default volume set * Thu Jul 27 2023 Marcus Schäfer - update Fedora integration test The setting of a default volume is unwanted here * Thu Jul 27 2023 Marcus Schäfer - add btrfs_set_default_volume attribute By default kiwi runs btrfs set-default on the volume that is considered the default volume according to the btrfs settings and defaults. btrfs_set_default_volume=\"false\" allows to deactivate this action. Along with the change also the misleading name of the btrfs_create_toplevel_subvolume has been changed to root_is_subvolume * Tue Jul 25 2023 Marcus Schäfer - Fixed check for extended attributes Only if libc reports errno 95 Operation not supported the method should return that extended attributes are not supported. Also add a debug information about the result of the call to get further information in the log file * Tue Jul 25 2023 Marcus Schäfer - Fixed call of tox for xdist Passing arguments to modules called by tox has changed its syntax * Tue Jul 25 2023 Marcus Schäfer - Take subvol mount option for root into account If the rootfs is btrfs based make sure the fstab entry for it takes the name of the root subvolume into account * Tue Jul 25 2023 Marcus Schäfer - Fix fallback secure boot setup Don\'t copy the same file. This case happens when rebuilding an image using --allow-existing-root when the fallback setup has done its job already in the first run * Mon Jul 24 2023 Dan Čermák - Fix type hints of IsoToolXorrIso.init_iso_creation_parameters * Mon Jul 24 2023 Dan Čermák - xorriso: handle case when isohdpfx.bin not found * Mon Jul 24 2023 Dan Čermák - Fix type hints for the Pacman package manager * Mon Jul 24 2023 Dan Čermák - Type hint the Path module * Mon Jul 24 2023 Dan Čermák - Add better type hints to ContainerImageOCI and ContainerImageAppx * Mon Jul 24 2023 Dan Čermák - Add ContainerImageBase abstract base class for OCI & Appx * Mon Jul 24 2023 Dan Čermák - Add type hints to the Compress module * Mon Jul 24 2023 Dan Čermák - Import modules in OCI.new() explicitly Also, add a type hint to the return type of OCI.new() so that this can now be verified with mypy * Mon Jul 24 2023 Marcus Schäfer - Update contributing chapter Fix and update the information how to contribute. Due to the latest changes in tox.ini some requirements regarding the tox and python versions came up. This commit updates the docs in this regard * Mon Jul 24 2023 Marcus Schäfer - Added py3.11 tox target * Mon Jul 24 2023 Marcus Schäfer - Fixed writing correct keyfile path to etc/crypttab The keyfile path was not correctly set in etc/crypttab which caused systemd not being able to read the keyfile, consequently asking for a passphrase. This commit fixes the writing of the crypttab and also fixes a python name clash with the \"os\" namespace. * Mon Jul 24 2023 Marcus Schäfer - Cleanup condition for SECURE_BOOT=yes|no The statement serves the purpose for an if/else construction to become a better read. In addition delete the probably left-over print statement from the test * Mon Jul 24 2023 Marcus Schäfer - Delete pyxattr from setup.py Followup on Issue #2330. Forgot to delete pyxattr requirement from setup.py * Mon Jul 24 2023 Marcus Schäfer - Add volid to profile for all ISO based image types Add provided volume id (or the default value) to the profile environment file for all ISO based image types. So far this was only done for installation ISO media but not for simple live ISO images. * Mon Jul 24 2023 Marcus Schäfer - Fixed mail address in spec file * Thu Jul 20 2023 Marcus Schäfer - Delete (py)xattr module requirement The required functionality is provided by the core os library * Thu Jul 20 2023 Paul Gardiner - Fix failure when booting KIS via NBD In the NBD booting case, the function initGlobalDevices in kiwi-overlay-root.sh runs the command ndb-client to connect the remote NBD share to the device /dev/nbd0. The script parse-kiwi-overlay.sh, on the other hand, incorrectly parses overlay:nbd=ip:export to /dev/ip/export, leading to the system waiting for /dev/ip/export to appear. This commit corrects the problem. With this change NDB booting of KIS images now succeeds, although only if the ndb package is added to the appliance description. * Wed Jul 19 2023 Marcus Schäfer - Use bootpartition for Fedora integration test When using btrfs with the proposed layout for testing the delivered grub bios module for the Fedora system used to build the integration test (FC37) is not capable to find the grub config file. A manual call for configfile in the grub shell fixes this with the existing kiwi created grub early-boot script. However, it is expected that the delivered grub image works and kiwi only creates its own one if no distro delivered grub image was found. To make the integration test functional for both BIOS and EFI the simple solution is to use an extra not btrfs based boot partition. This still allows to test the desired btrfs layout in terms of volumes and sub-volumes and does not break on any of the boot methods. * Wed Jul 19 2023 Marcus Schäfer - Fixed apply_attributes_on_volume Make the function call more robust in terms of path separation * Wed Jul 19 2023 Dan Čermák - Use tox isolated_build instead of hardcoding the envdir * Tue Jul 18 2023 Marcus Schäfer - Add parent attribute to volume setup For the btrfs volume management, allow to put a volume into a specific parent volume. If not specified the volume is below the default volume This Fixes #2316 * Tue Jul 18 2023 Jesus Bermudez Velazquez - Add SECURE_BOOT no when the firmware is efi This Fixes bsc#1211102 * Sun Jul 16 2023 Marcus Schäfer - Use btrfs for fedora/test-image-live-disk test Change the Virtual profile to build a btrfs based image for testing respective btrfs layouts * Sun Jul 16 2023 Marcus Schäfer - Add btrfs_create_toplevel_subvolume attribute Allow to explicitly select if a toplevel subvolume should be created or not. To avoid a behavior change, kiwi will create a toplevel based btrfs structure if this attribute is not specified. However, a deprecation message to inform about future behavior change will be printed. This is related to Issue #2316 * Wed Jul 12 2023 Marcus Schäfer - Evaluate the AATTroot volume name also for btrfs In a volume setup the special volume declaration was only evaluated for the LVM volume manager. In case of btrfs a hardcoded root volume name \'AATT\' was used. This commit allows to specify a custom name for the root volume for btrfs as well and also allows to specify that there should be no such root volume. Example: Name the root volume \'AATT\'. If not specified this stays as the default to stay compatible Indicate no root volume is wanted. All subvolumes resides below root (/) Name the root volume \'foo\' This is related to Issue #2316 and a first patch to address the requested changes * Mon Jul 10 2023 Marcus Schäfer - Bump version: 9.25.4 → 9.25.5 * Mon Jul 10 2023 Marcus Schäfer - Fixed regression in bootloader config attr access use_disk_password is not an attribute that exists in all BootLoaderConfig instances. Thus it\'s a mistake to access the attribute in the disk builder * Mon Jul 10 2023 Marcus Schäfer - Bump version: 9.25.3 → 9.25.4 * Mon Jul 10 2023 Marcus Schäfer - Load isoschematron module on demand Due to a license issue the isoschematron code might not be available in the lxml package from the distributor. This commit uses isoschematron on demand. If present on the system it gets loaded and used, if not a warning that the schematron validation will be skipped is provided. This Fixes #2314 * Sat Jul 08 2023 slowpeek - Improve loopback.cfg example submenu+source should be preferred over menuentry+configfile: - submenu creates a new context, menuentry does not. As a result, changes made to vars inside menuentry\'s braces pollute the current scope. In this particular case what is notably wrong is root=loop happens in the current scope. If we activate the \"Boot from openSUSE ISO\" menu entry and then press Esc to return back to explore other menu entries, $root would still be set to \'loop\'. Instead of manually saving and restoring $root value it is better to wrap the whole thing in a new context with submenu - configfile is not just \'source in a new context\', it has as least one side effect. For details look for grub_err_printed_errors usage in [1] and [2] in grub sources [1] grub-core/normal/menu.c [2] grub-core/normal/menu_entry.c * Fri Jul 07 2023 Marcus Schäfer - Bump version: 9.25.2 → 9.25.3 * Wed Jul 05 2023 Olaf Kirch - Add improvements for fully encrypted disk images This commit adds more flexibility when using LUKS encrypted images. In addition support for key derivation on user provided passwords has been added. The following new attributes were added to the schema: type.luks_randomize allow to enable/disable the data randomizing if luks encryption is used type.luks_pbkdf When LUKS unlocks a key slot using a user provided password, it uses a so-called key derivation function to derive a symmetric encryption key from the password. Not all boot loaders support all KDF algorithms, hence this attribute can be used to select a specific algorithm bootloader.use_disk_password When /boot is encrypted, make the boot loader store the password in its configuration file (in cleartext). This is useful for full disk encryption images Signed-off-by: Olaf Kirch * Wed Jul 05 2023 Olaf Kirch - Change location of LUKS keyfile to /root/.root.keyfile In some configuration (eg on a transactional system), the root file system is read-only, which means we will not be able to remove the stale .root.keyfile after firstboot. This patch changes the location of the keyfile and places it in /root/.root.keyfile instead, because root\'s home directory is much more likely to be read/write. Also fixed the associated unit test (thanks to schaefi). Signed-off-by: Olaf Kirch * Tue Jul 04 2023 Marcus Schäfer - Add alternative re-reading of the partition table To inform the kernel about disk geometry changes, kiwi uses partprobe as a primary tool. However it is provided by parted and not necessarily available due to the package requirements on the dracut module. A second attempt via blockdev which is expected to exist is therefore made by this commit * Tue Jul 04 2023 Marcus Schäfer - Refactor the luks_device class data transport Also add missing unit tests * Mon Jul 03 2023 Marcus Schäfer - test_get_build_type_bootloader_use_disk_password Add missing unit test for use_disk_password attribute * Fri Jun 16 2023 Marcus Schäfer - Bump version: 9.25.1 → 9.25.2 * Fri Jun 16 2023 Marcus Schäfer - Fix repository setup for microdnf An instance of the Repository class for microdnf has to use RepositoryDnf4 * Fri Jun 16 2023 Marcus Schäfer - Bump version: 9.25.0 → 9.25.1 * Wed Jun 14 2023 Marcus Schäfer - Fixed image install of dnf package manager If the package manager is set to \'dnf4\', this name is taken also as package name to install this package manager into the image. Problem is \'dnf4\' is not a valid package name. The correct name for \'dnf4\' is \'dnf\'. This commit fixes the name bug introduced with the changes for Issue #2262 * Wed Jun 14 2023 Marcus Schäfer - Bump version: 9.24.61 → 9.25.0 * Wed Jun 14 2023 Marcus Schäfer - Add more details about used grub image(s) * Sat Jun 10 2023 glaubway - make alias unique in any cases * Thu Jun 01 2023 Steffen Winterfeldt - The actual padding is 0. And switch to sha256. * Mon May 29 2023 Marcus Schäfer - Change package manager dnf to dnf4 With dnf5 there is a successor for dnf but there will also be a transition period where there will be both, the former dnf and the new dnf5 available. For a clear distinction between the two we got the recommendation from the RedHat team to support both in different namespaces. This commit now implements a backward compatible change for kiwi which includes the following modifications: * XSL stylesheet for automatic schema transformation from dnf to dnf4 * Code copy of dnf API interface from PackageManagerDnf -> PackageManagerDnf4 RepositoryDnf -> RepositoryDnf4 * Deprecation of former Dnf API interface The code change here will force developers to adapt their code if they used RepositoryDnf / PackageManagerDnf classes in their python code. After this change developers will be dropped into a raise condition which exits kiwi at the time of the call. Related to Issue #2300 and Issue #2262 * Thu May 25 2023 Hans-Peter Jansen - Documentation: clearify dnf based collection selectors With 89b5a6f5269, the selection of collections was changed to allow group IDs only for dnf based package installers. * Thu May 25 2023 Marcus Schäfer - Update rawhide integration tests Use dnf5 for rawhide. It\'s hard to differentiate between old and new dnf version on Fedora Rawhide. Thus let\'s make the move to dnf5. Since microdnf is also wrapped into dnf5 the integration test for microdnf got renamed to dnf5 * Wed May 24 2023 Marcus Schäfer - Add support for dnf5 package manager dnf5 is the next generation of the dnf package manager. dnf5 is not a drop in replacement to dnf which is the reason why this commit adds a new interface class for package and repository management under a new name: dnf5. Beginning with Fedora >= 39 dnf5 will be the standard. Thus the requirements on the packaging level were adapted too. This Fixes #2300 This Fixes #2262 * Wed May 24 2023 Isaac True - dracut: modules.d: 90kiwi-overlay: add support for device mapper targets Allow specifying a device mapper target for the root of the overlayfs. This adds support for features like adding a dm-verity or dm-crypt backend to the overlayfs. A device mapper target can be specified using the following syntax on the kernel command line: root=overlay:MAPPER=verityRoot This translates to using the path `/dev/mapper/verityRoot` as the base of the overlayfs. Signed-off-by: Isaac True * Wed May 24 2023 Marcus Schäfer - Bump version: 9.24.60 → 9.24.61 * Tue May 23 2023 Isaac True - dracut: modules.d: 99kiwi-lib: add bash shebangs and dependency The scripts in the kiwi-lib module use bash-specific syntax like `function`, which causes the script to fail if another shell (like dash or busybox) is used to interpret the scripts. Specifically set the shebang to use bash as the shell interpreter and add bash as a dependency to the dracut module to fix this. This resolves the following errors which are printed at boot when busybox tries to interpret the scripts: /bin/dracut-pre-mount: 3: /lib/kiwi-filesystem-lib.sh: function: not found /bin/dracut-pre-mount: 15: /lib/kiwi-filesystem-lib.sh: Syntax error: \"}\" unexpected Signed-off-by: Isaac True * Mon May 22 2023 Jiri Srain - Do not depend on dnf for SUSE ALP * Tue May 16 2023 Marcus Schäfer - Added appx-util as WSL requires for Fedora/RHEL Make sure the kiwi-systemdeps-containers-wsl meta package pulls in the required tools for Fedora/RHEL when building WSL containers. This is a followup to #2286 * Tue May 16 2023 Marcus Schäfer - Add cpio to core systemdeps requires list * Thu May 11 2023 Jan Löser - Find correct `shimx64.efi` binary for EL derivatives Sort globbing result by length and look for `shim[a-z] *.efi` pattern first before falling back to `shim.efi`. This allows us to match correct shim binary for SecureBoot enabled systems. The following example shows the content of recent shim package from AlmaLinux 9: $ ls -1 ~/Downloads/shim-almalinux-x64/boot/efi/EFI/almalinux BOOTX64.CSV mmx64.efi shim.efi shimx64-almalinux.efi shimx64.efi Sorted globbing result is: shimx64.efi shimx64-almalinux.efi First match wins (here `shimx64.efi`) which is the correct binary to be used as it is signed by M$. Was tested with shim packages for CentOS (x64, ia32, aarch64), Fedora 36 (x64), AlmaLinux 9 (x64, aarch64). * Sat May 06 2023 Marcus Schäfer - Bump version: 9.24.59 → 9.24.60 * Thu May 04 2023 Marcus Schäfer - Allow to create plain cpio archives Allow to create plain cpio archives to serve the idea of the mkosi initrd concept * Fri Apr 28 2023 Fabian Vogt - Fix restoration of grub2-install (bsc#1210948) It checked for grub2-install.orig in the host, not the buildroot. This meant that it left /usr/sbin/grub2-install as a noop. * Fri Apr 28 2023 David Cassany - Use cross arch macros to interpret uint64_t This commit adds inttypes.h to make use of PRIu64 style macros in order to properly translate uint64_t across different architectures. More specific this allows the code to compile for ix86. Signed-off-by: David Cassany * Tue Apr 25 2023 Jan Löser - Look for specific `shimx64.efi` binary first In CentOS, `/boot/efi/EFI/ */shim *.efi` extends to `/boot/efi/EFI/centos/shimx64-centos.efi` which is not signed by M$ but CentOS itself. This in turn does not boot on SecureBoot enabled systems. * Mon Apr 24 2023 Marcus Schäfer - Delete score card Too flaky, broken most of the time and I\'m not sure how much value it adds to the project overall * Mon Apr 24 2023 Marcus Schäfer - Fix score card action * Mon Apr 24 2023 Marcus Schäfer - Update TW build tests plymouth-plugin-script must be explicitly added now * Mon Apr 24 2023 Marcus Schäfer - Revert \"Add zstd and xzio to grub image\" This reverts commit af8c702db0a60ed4abeba8686d4e8475c410c58d. The grub modules does not exist in all grub installations. A different implementation is required * Mon Apr 24 2023 Marcus Schäfer - Update TW integration tests change theme from bgrt to breeze. TW has deleted bgrt * Mon Apr 24 2023 Marcus Schäfer - Fixed writing URIs including ASCII encoding * Fri Apr 21 2023 Marcus Schäfer - Split container systemdeps in OCI and WSL * Thu Apr 20 2023 Marcus Schäfer - Update kiwi-systemdeps-containers requires list Do not strictly require fb-util-for-appx. In order to create WSL containers fb-util-for-appx is a requirement but usually users create OCI containers and WSL containers are still a niche case. Thus it\'s ok to reduce the requirement into a recommends. This Fixes #2284 * Thu Apr 20 2023 Marcus Schäfer - Encode remote URLs Special characters in a URL e.g the AATT sign needs to be encoded as part of a remote URL. * Tue Apr 18 2023 Marcus Schäfer - Fix workflow run * Tue Apr 18 2023 Marcus Schäfer - Fixed Fedora prebuild EFI binary lookup When creating CentOS/Fedora live media, kiwi does not install the right signed grub2 EFI binary. This was caused by kiwi not being aware of the gcdx64.efi(x86_64), gcdaa64.efi(aarch64) binaries for CD/ISO boot. This Fixes #2270 * Thu Apr 13 2023 Marcus Schäfer - Bump version: 9.24.58 → 9.24.59 * Thu Apr 13 2023 Marcus Schäfer - Add zstd and xzio to grub image If kiwi builds its own grub image, make sure the compression algorithms zstd and xz are supported * Wed Apr 12 2023 David Cassany - Adding a comment to explain the s390 specific path Signed-off-by: David Cassany * Wed Apr 12 2023 David Cassany - Use parted only in s390 arch This commit ensures parted is only called in dracut-kiwi-lib for s390 arch. It also fixes the spec to only require parted for s390 builds. In addition parted requirement has been removed from dracut-kiwi-live package since parted is not used in any other dracut module beyond kiwi-lib. Signed-off-by: David Cassany * Tue Apr 04 2023 Jan Löser - Add potential shim binary for Ubuntu Looks like `shim *.efi` is gone in latest `shim-signed` package. The package now contains `shimx64.efi.signed.latest` and `shimx64.efi.signed.previous` binaries, let\'s take latest. shim-signed_1.40.9+15.7-0ubuntu1_amd64/usr/lib/shim/: total 4688 drwxr-xr-x. 3 root root 209 Jan 31 12:57 . drwxr-xr-x. 3 root root 18 Jan 31 12:57 .. - rw-r--r--. 1 root root 108 Jan 31 12:57 BOOTX64.CSV - rwxr-xr-x. 1 root root 1622 Jan 31 12:57 is-not-revoked drwxr-xr-x. 2 root root 25 Jan 31 12:57 mok - rw-r--r--. 1 root root 950891 Jan 31 12:57 shimx64.efi - rw-r--r--. 1 root root 962400 Jan 31 12:57 shimx64.efi.dualsigned - rw-r--r--. 1 root root 960472 Jan 31 12:57 shimx64.efi.signed.latest - rw-r--r--. 1 root root 955656 Jan 31 12:57 shimx64.efi.signed.previous - rw-r--r--. 1 root root 88296 Jan 27 20:09 fbx64.efi - rw-r--r--. 1 root root 860824 Jan 27 20:09 mmx64.efi shim-signed_1.40.7+15.4-0ubuntu9_amd64/usr/lib/shim/: total 3728 drwxr-xr-x. 3 root root 145 Aug 13 2021 . drwxr-xr-x. 3 root root 18 Aug 13 2021 .. - rw-r--r--. 1 root root 108 Aug 13 2021 BOOTX64.CSV - rw-r--r--. 1 root root 85672 Aug 13 2021 fbx64.efi - rw-r--r--. 1 root root 856232 Aug 13 2021 mmx64.efi drwxr-xr-x. 2 root root 25 Aug 13 2021 mok - rw-r--r--. 1 root root 947143 Aug 13 2021 shimx64.efi - rw-r--r--. 1 root root 957576 Aug 13 2021 shimx64.efi.dualsigned - rw-r--r--. 1 root root 955656 Aug 13 2021 shimx64.efi.signed * Mon Apr 03 2023 David Cassany - Expand DASD partition table with parted Signed-off-by: David Cassany * Thu Mar 30 2023 Marcus Schäfer - Fixed evaluation of custom start sector In case an alternative partition table start sector is configured, the check to effectively apply it should be based on the partition table type not on the firmware name * Thu Mar 30 2023 David Cassany - Add parted dependency for s390 Signed-off-by: David Cassany * Tue Mar 28 2023 Marcus Schäfer - Bump version: 9.24.57 → 9.24.58 * Mon Mar 27 2023 Marcus Schäfer - Build leap btrfs test without root as snapshot So far no btrfs integration test without root as snapshot existed * Sat Mar 25 2023 Marcus Schäfer - Support EFI boot from squashfs grub supports reading from squashfs. If no extra bootloader installation is required this allows to boot from a squashfs rootfs without extra boot partition. The prebuilt grub images usually does not contain the squash4 module which is the reason why kiwi creates the EFI module itself if the system is fully immutable. Please note; the grub configuration must be provided manually as part of the image description in this case because grub-mkconfig at the time it has to be called has no write permissions anymore. * Fri Mar 24 2023 Fabian Vogt - Fix /.snapshots mounting in the btrfs volume manager The /AATT/.snapshots subvolume was not mounted as /.snapshots in the root filesystem snapshot. This is now necessary for snapper to work. While at it, create 1/snapshot as plain subvolume, it does not make sense to snapshot AATT itself. * Thu Mar 16 2023 Marcus Schäfer - Add support for config-host-overlay.sh script * Thu Mar 16 2023 Marcus Schäfer - Fixed build of dracut-kiwi-verity The spec file was missing the package definition to actually create the dracut-kiwi-verity package. In addition the fixed setting to the C standard 17 caused build errors for me on distributions that uses C standard 11/12. * Wed Mar 15 2023 Marcus Schäfer - Add selinux integration test for Leap SUSE systems supports both, apparmor and selinux, whereas apparmor is the default. As selinux requires to create security labels during build time of an image, this integration test checks if the labeling works for SUSE based OS\'es. This Fixes #2244 * Tue Mar 14 2023 Marcus Schäfer - Allow custom template evaluation for install ISO So far only Live ISO images allowed for custom template usage * Tue Mar 14 2023 Marcus Schäfer - Fix Arch Linux Live ISO integration test Switch to grub for booting the ISO, for some reason isolinux refused to work and there is no priority to dig into the issue. This Fixes #2233 * Tue Mar 14 2023 Marcus Schäfer - Fix Arch Linux EFI install ISO integration test kiwi has code in bootloader/template/grub2.py which uses linuxefi/initrdefi commands according to the configured grub_platform. These commands does not exist on Arch and therefore the integration test provides its own ISO template. This Fixes #2232 * Tue Mar 14 2023 Marcus Schäfer - Add dracut-kiwi-verity dracut module package When building an image with an embedded verity hash via the embed_verity_metadata=\"true\" type attribute it is required to setup the device map at boot time accordingly. The dracut module in this commit provides the needed tooling as a POSIX C implementation which is able to read the kiwi embedded verityhash from the offset of the partition. Kudos goes to Isaac True Co-authored-by: Isaac True Signed-off-by: Isaac True * Mon Mar 13 2023 Joachim Gleissner - (Re-)add support for \'anymarkup\' < 0.5.0 Fall back to module \'anymarkup\' if \'anymarkup_core\' is not available. * Sat Mar 11 2023 Marcus Schäfer - Support UNIXNODE device names for overlayroot When no other persistent naming schema can be used to identify the device there should be the option to specify the kernel unix device node name * Fri Mar 10 2023 Joachim Gleissner - Use module anymarkup-core instead of anymarkup Use \'anymarkup-core\' directly instead of wrapper \'anymarkup\'. * Thu Mar 09 2023 Marcus Schäfer - Fix permissions of live ISO system files Make sure initrd and squashfs.img takes permissions o644 This Fixes #2246 * Wed Mar 08 2023 Marcus Schäfer - Update TW test-image-rpi-overlay build test It used rd.root.overlay.readonly but it meant rd.root.overlay.temporary * Wed Mar 08 2023 Marcus Schäfer - Fixed rd.root.overlay.readonly handling Fix the option implementation to actually do what it is supposed to do, boot the system in fll read-only mode. In addition a new parameter named rd.root.overlay.temporary has been introduced which allows to boot up in read-write mode but the write area is a tmpfs. Thus persistency only during runtime. Updated the documentation accordingly * Tue Mar 07 2023 Marcus Schäfer - Fixed tumbleweed build tests opie no longer in TW * Tue Mar 07 2023 Marcus Schäfer - Fixed tumbleweed/test-image-azure opie no longer in TW * Tue Mar 07 2023 Marcus Schäfer - Support PARTLABEL device names for overlayroot When using GPT a partlabel exists that can also be used as a device reference * Tue Mar 07 2023 Marcus Schäfer - Fixed kernel parameters for overlayroot setup The device selection for the read-only and read-write devices in an overlayroot setup was implicitly done in the kiwi-overlay dracut module by reading the root= information. This is a concept which barely works and should be refactored in a way that the root= information always points to the root device and that an eventually existing write location is explicitly provided via the existing rd.root.overlay.write parameter which is allowed to be overwritten for providing an alternative write location. Making this information consistent and explicit on the kernel commandline simplifies the dracut code to consume this information correctly. This Fixes #2251 * Sun Mar 05 2023 Marcus Schäfer - Fixed conditional options evaluation The former condition caused the end result list to be empty * Sat Feb 11 2023 Marcus Schäfer - Add support for creating delta containers Add new attribute delta_root=\"true|false\" which in combination with derived_from=\"OCI-base-image\" allows to create a delta root tree only containing the differences between the OCI-base-image and the actions taken by the kiwi prepare step. Based on the delta root tree the subsequent image creation process starts. Such an incomplete root tree is only useful under certain circumstances which is also the reason why the feature is only available to the oci and docker image types. * Fri Feb 10 2023 Marcus Schäfer - Bump version: 9.24.56 → 9.24.57 * Sat Jan 28 2023 Marcus Schäfer - Allow squashfscompression for plain squashfs The schematron rule to limit the squashfscompression attribute to certain image types did not allow it for a plain squashfs filesystem build. This commit fixes that limitation. This Fixes #2241 * Wed Jan 18 2023 David Cassany - Use rsync defaults to sync the initrd root-tree This commits makes use of rsync default options to sync the root-tree of the boot image for custom initrds. Fixes bsc#1207128 where it was noted hardlinks were not preserved inside the initrd. Signed-off-by: David Cassany * Tue Jan 17 2023 Marcus Schäfer - Fixed wrong test assertions Former versions of pytest did ignore invalid assertions. Now they are reported as an error and show the mistakes of the past * Tue Jan 17 2023 Marcus Schäfer - Added 90-brd.conf for test-image-disk-ramdisk By default the brd ramdisk module is no longer added to the initrd. For ramdisk deployments this is required though. This Fixes #2230 * Sun Jan 15 2023 Marcus Schäfer - Delete CentOS v7 build tests CentOS v7 is EOL for kiwi image build tests * Thu Jan 05 2023 Marcus Schäfer - Allow to specify fixed size for the root partition So far the last partition (typically root) in the partition table takes all the rest space of the partition table in the image file. At deployment/boot time users had several options to let that partition grow to a custom size. However, during build time of the image it was not possible to specify a specific fixed size for the root partition as we don\'t wanted to produce gaps of unpartitioned space in the image file. It has turned out that there is hardware available which requires a partition to be an exact multiple of some blocksize. As kiwi supports size constraints for all other partitions but not for root this commit now allows for it. The oem-systemsize element is now also taken into account at build time of the image if the oem-resize which would do that at deployment/boot time is switched off like the following example shows: ```xml 2048 false ``` This Fixes #2203 * Wed Jan 04 2023 Marcus Schäfer - Delete ppc:fedora from testing report * Wed Jan 04 2023 Marcus Schäfer - Remove Fedora PPC build test from index The integration test unfortunately never got tested anywhere is outdated and I have no PPC hardware here to run any tests. Let\'s add a real test if there is demand for it * Wed Jan 04 2023 Marcus Schäfer - Added kiwi-settings for Fedora arm build tests * Mon Jan 02 2023 Marcus Schäfer - Pass along tmpdir to skopeo When using the --temp-dir parameter, it was not passed to the skopeo calls when building a container image with kiwi. * Thu Dec 22 2022 Marcus Schäfer - Allow fat16/fat32 as filesystem in partitions The partitions element allows to specify the filesystem for the individual partition. In the schema fat16 and fat32 were missing * Thu Dec 22 2022 Robert Schweikert - Support new bootloadersettings section Allow to specify an optional element inside of the section. The information is used to specify custom arguments for the tools called in a bootloader setup procedure, e.g shim-install, grub-install or grub-mkconfig. kiwi does not judge on the given parameters and if the provided data is effectively used depends on the individual bootloader implementation. In this commit the data will be effectively handled if bootloader=\"grub2\" is configured. More precisely the custom additions to support SUSE\'s TPM model with grub2 can be configured as follows: This Fixes #2224 * Tue Dec 20 2022 Marcus Schäfer - Stick with tox v3.28.0 for unit testing tox >= 3.0.15 together with virtualenv >= 20.17.1 raises strange incompatibilities and prevents the unit test run because tox calls virtualenv in a wrong way leading to strange error messages like: - -- usage: virtualenv ... virtualenv: error: argument dest: destination \'{check,devel,packagedoc,doc,doc_gh_pages,doc_suse,doc_man,scripts,}: /home/runner/work/kiwi/kiwi/.tox/3\ /home/runner/work/kiwi/kiwi/.tox/3.8\' must not contain the path separator (:) as this would break the activation scripts - -- All this doesn\'t make sense to me at all and worked without any issues before. * Tue Dec 20 2022 Marcus Schäfer - Bump version: 9.24.55 → 9.24.56 * Tue Dec 20 2022 Marcus Schäfer - Fix gh-pages publish * Sun Dec 18 2022 Marcus Schäfer - Fixed systemd boot integration test for rawhide systemd-boot was splitted in preparation for secure boot. The unsigned version of the EFI binary is used in the test so far * Sun Dec 18 2022 Marcus Schäfer - Added device mapper setting for s390 on TW Use kpartx as partx fails * Sun Dec 18 2022 Marcus Schäfer - Added device mapper setting for s390 Use kpartx as partx fails * Sun Dec 18 2022 Marcus Schäfer - Bump version: 9.24.54 → 9.24.55 * Wed Dec 14 2022 Marcus Schäfer - Allow to pass credentials as file reference * Tue Dec 13 2022 Marcus Schäfer - Fixed handling of container archive compression In kiwi we support handling of the container archive compression via a runtime configuration setting of the following form, eg in /etc/kiwi.yml ```yaml container: [#] Specify compression for container images [#] Possible values are true, false, xz or none. - compress: true ``` However, this setting was only taken into account in the kiwi bundler. Meaning if the user calls \'kiwi result bundle ...\' after the container image has been created the result bundler will take the compression setting into account. From my perspective this behavior is misleading and also prevents users from creating compressed container archives without a subsequent result bundler call. Therefore this commit moves the place to handle the compression setting into the container classes. The bundler code for containers will no longer operate on it and just takes what it gets, which can be either compressed or not. The default setting was \"No compression\" and this was not changed. This Fixes #2217 * Tue Dec 13 2022 Marcus Schäfer - Add type hints for OCI and APPX classes * Sun Dec 11 2022 Marcus Schäfer - Bump version: 9.24.53 → 9.24.54 * Sun Dec 11 2022 Marcus Schäfer - Fix publish to pypi bind gh-action module to v1 release * Sun Dec 11 2022 Marcus Schäfer - Bump version: 9.24.52 → 9.24.53 * Sat Dec 10 2022 Marcus Schäfer - Use ubuntu-20.04 as github hosted runner It seems on ubuntu-latest no python 3.6 is available anymore * Sat Dec 10 2022 Marcus Schäfer - Allow external commands in tox targets * Fri Dec 09 2022 Marcus Schäfer - Fix unit test run for BLS spec base class Do not really call blkid as used in get_boot_cmdline * Fri Dec 09 2022 Marcus Schäfer - Fixed typo in documentation Capitalize at the start of a sentence. This Fixes #2216 * Fri Dec 02 2022 Marcus Schäfer - Fix unit tests to run in parallel Setting sys.argv and global variables impacts tests such that they cannot run in parallel. The little footprint of excluding the --config global args test from the coverage is beneficial to allow parallel test runs * Fri Dec 02 2022 Marcus Schäfer - Don\'t show secret parts of an URI Using URIs of the form uri://user:passAATTlocation should not be logged or printed including its credential data * Fri Dec 02 2022 Marcus Schäfer - Don\'t use split on potential None value * Thu Dec 01 2022 Marcus Schäfer - Allow to select partition mapper tool The recent change from kpartx to partx caused some appliance builds to break depending on their configuration. I spotted issues when building disks with veritysetup or integritysetup root devices. There are also issues with grub-install on other architectures e.g s390. It seems partx cannot be used as a drop in replacement and so I suggest to make this a runtime configuration option with partx as the new default but also allow for the old method * Thu Dec 01 2022 Marcus Schäfer - Bump version: 9.24.51 → 9.24.52 * Wed Nov 30 2022 Marcus Schäfer - Fix status indicator in helper/build_status.sh colored output only worked for toplevel results * Wed Nov 30 2022 Neal Gompa - Eliminate redundant partx calls for cleaning up loop devices partx can clean up all partition loops associated with a loop device when deleting the main loop device. Apparently, sometimes it goes and does this even when only deleting the partition loop, so to avoid this problem, we will just eliminate the redundant call. Fixes: 8f2b8fda82a37d7a7ebbf8a6557870cc63b0ae91 * Wed Nov 30 2022 Marcus Schäfer - Support repo URI\'s with credentials on cmdline Specifying a repository as part of the image description allows for credentials via the username and password attributes. Howver, repositories can also be specified on the commandline via the --set-repo / --add-repo options. The options on the commandline did not allow to specify credentials so far. This commit adds the commandline options --set-repo-credentials and --add-repo-credentials to support them * Wed Nov 30 2022 Marcus Schäfer - Update test-image-vagrant virtualbox-guest-x11 seems to be deleted from TW * Wed Nov 30 2022 Marcus Schäfer - Fixed test-image-custom-partitions The test was done prior kiwi added the partitions element and demonstrates how to influence the partition table via scripts. These scripts uses kpartx and the device mapper. Due to the recent change from kpartx to partx the scripts must be adapted * Tue Nov 29 2022 Marcus Schäfer - Bump version: 9.24.50 → 9.24.51 * Tue Nov 29 2022 Marcus Schäfer - Added code style batch to landing page * Tue Nov 29 2022 Marcus Schäfer - Delete obsolete gitlab pipeline status flag Delete obsolete gitlab pipeline status from the project landing page. We do no longer use gitlab since they added that quota thing for their CI system * Tue Nov 29 2022 Marcus Schäfer - Bump version: 9.24.49 → 9.24.50 * Tue Nov 29 2022 Neal Gompa - Swap from DM kpartx to util-linux partx for creating loop devices The device-mapper (DM) based loop devices that kiwi has historically generated creates issues when trying to run kiwi in confined build environments. The DM tools prefer to have a tighter coupling between userspace and kernel interfaces, and we cannot necessarily guarantee that in the variety of build environments that kiwi can be run in. In particular, Koji uses either nspawn containers or chroots through Mock to run kiwi and that is where this fails. However, we do not need to use DM for this purpose when util-linux provides a perfectly serviceable alternative. This commit changes kiwi\'s loop device setup to use partx(8) from util-linux instead. As long as the appliance image being created doesn\'t use a disk scheme that requires DM, it becomes entirely possible to produce an image without needing DM at runtime at all. * Tue Nov 29 2022 Marcus Schäfer - Added systemd_boot integration test for Rawhide * Mon Nov 21 2022 Marcus Schäfer - Increase btrfs size of orthos integration test | |