Fedora 34 and thus RHEL 9 have adopted the unified grub config
scheme[1], where the main config is always placed in the same
location across all platforms, i.e. `boot/grub2`, and a stub
config that redirects to the main config is placed into the ESP.
osbuild has always done that in the case of hybrid boot, but not
for pure EFI systems. The new `uefi.unified` config option can
be used to select that new unified scheme even for the case of
pure EFI systems (aarch64 or non-hybrid boot).
Add a simple test for the grub stage.
[1] https://fedoraproject.org/wiki/Changes/UnifyGrubConfig
This stage takes /usr/lib/passwd and /usr/etc/passwd from an OSTree
checkout, merges them into one file, and store it as /etc/passwd in the
buildroot.
It does the same for /etc/group.
The reason for doing this is that there is an issue with unstable UIDs
and GIDs when creating OSTree commits from scratch. When there is a
package that creates a system user or a system group, it can change the
UID and GID of users and groups that are created later.
This is not a problem in traditional deployments because already created
users and groups never change their UIDs and GIDs, but with OSTree we
recreate the files from scratch and then replace the previous one so it
can actually change.
By copying the files to the build root before doing any other
operations, we can make sure that the UIDs and GIDs of already existing
users and groups won't change.
Co-author: Christian Kellner <christian@kellner.me>
Add a new stage that allows the modification of LVM2 metadata,
most importantly it allows for renaming of the volume group.
It internally uses the new `utils.lvm2` module.
When the partition layout is `dos` or `mbr`, the correct name for
it in the prefix is `msdos`. The function to convert the option
to the label already existed but was not used. Fix it by actually
using said function.
Reported-by: Achilleas Koutsou <achilleas@koutsou.net>
The location property is required, otherwise the stage will fail due to
KeyError at line 261:
location = options["location"]
This commit adds the property to the list of required ones.
Add back a schema constrain, that at least one configuration must be
specified for the configuration file.
This has been forgotten/missed as part of
https://github.com/osbuild/osbuild/pull/739.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
When building the tar archive, the command that is used normally
includes the root node as `./` and also leads to all files having
a "./" prefix. On the other hand, the oci stage as well as the
old ostree.commit assembler, with the tarball option, would
enumerate the contents instead of passing `.`, thus not including
the rood node and also avoiding the `./` prefix.
Add a new option `root-node` that controls whether the rood node
is included or node.
mkdir test
touch test/file
tar -c -C test file | tar tv
-rw-r--r-- root/root 0 2021-07-22 10:39 file
tar -c -C test . | tar tv
drwxr-xr-x root/root 0 2021-07-22 10:39 ./
-rw-r--r-- root/root 0 2021-07-22 10:39 ./file
Create a new `org.osbuild.systemd.unit` stage with the code for
create systemd drop-ins extracted from `org.osbuild.systemd`.
In contrast to the old code the new stage can only handle one
drop-in file. This makes the stage and its schema clearer
and simpler. If more than one config file is needed, the stage can
be repeated multiple times. It is also more flexible since we can
in the future specify additional options at the top level which
will then be per-file, like a top level comment.
The file is called `org.osbuild.systemd.unit` since in the future
it could also support creating unit files (not just drop-ins).
Instead of supporting writing an arbitrary number of configuration
files, just write one. This makes the stage and its schema clearer
and simpler. If more than one config file is needed, the stage can
be repeated multiple times. It is also more flexible since we can
in the future specify additional options at the top level which
will then be per-file, like a top level comment.
Instead of supporting writing an arbitrary number of configuration
files, just write one. This makes the stage and its schema clearer
and simpler. If more than one config file is needed, the stage can
be repeated multiple times. It is also more flexible since we can
in the future specify additional options at the top level which
will then be per-file, like a top level comment.
Instead of supporting writing an arbitrary number of configuration
files, just write one. This makes the stage and its schema clearer
and simpler. If more than one config file is needed, the stage can
be repeated multiple times. It is also more flexible since we can
in the future specify additional options at the top level which
will then be per-file, like a top-level comment.
Instead of supporting writing an arbitrary number of configuration
files, just write one. This makes the stage and its schema clearer
and simpler. If more than one config file is needed, the stage can
be repeated multiple times. It is also more flexible since we can
in the future specify the directory, `/etc` vs `/usr` via a new
top level `directory` key.
The order of entries in a dictionary is not specified by the JSON
standard and hard to control when marshalling dictionaries in Go.
Since the order of mounts is important and the wrong order leads
to wrong mount trees change the `mounts` field to an array. This
breaks existing manifests but after careful deliberation it was
concluded that the original schema with mounts as dictionaries
is not something we want to support. Apologies to everyone.
Adjust the schema of the copy and zipl stage accordingly.
Small changes to the schema so it better aligns with the need of the
stage:
move the efi properties to the top-level
kernel information is under `kernel` object
kernel command line options is an array now
Change `linuxefi` to `linux` which should work on RHEL 8 and is the
only thing that works on arm64.
Small PEP-8 fixes.
Signed-off-by: Antonio Murdaca <runcom@linux.com>
Add experimental support for writing the fstab file to `/etc` in on
OSTree deployment. Experimental here means that options might be
replaced in the near future with a different mechanism and are thus
not considered stable API.
Add a new `org.osbuild.authselect` stage for configuring system identity
and authentication sources using `authselect`. The stage runs
`authselect select` command from the image in a chroot to set the
desired 'profile_id' profile. Optionally, a list of specific profile
features to enable can be passed using the 'features' option.
Add a test case for the new stage.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Add a new option 'x11-keymap' for configuring the X11 keyboard settings.
The value of the option is a dictionary with keys representing settings
which can be configured. Currently, only the 'layouts' setting can be
configured. Its value is a list of strings, representing the specific
layouts, which should be configured for the X11 keyboard.
Update the stage test case with the new option 'x11-keymap'.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
