Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kiwi-templates-Minimal for
openSUSE:Factory checked in at 2024-01-04 15:56:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kiwi-templates-Minimal (Old)
and /work/SRC/openSUSE:Factory/.kiwi-templates-Minimal.new.28375 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kiwi-templates-Minimal"
Thu Jan 4 15:56:57 2024 rev:10 rq:1135438 version:84.87.1
Changes:
--------
---
/work/SRC/openSUSE:Factory/kiwi-templates-Minimal/kiwi-templates-Minimal.changes
2023-12-20 21:00:26.574508426 +0100
+++
/work/SRC/openSUSE:Factory/.kiwi-templates-Minimal.new.28375/kiwi-templates-Minimal.changes
2024-01-04 15:58:12.714303957 +0100
@@ -1,0 +2,5 @@
+Thu Dec 28 08:43:34 UTC 2023 - Ludwig Nussel <lnus...@suse.com>
+
+- Handle new sources in spec file too
+
+-------------------------------------------------------------------
@@ -7,0 +13,5 @@
+
+-------------------------------------------------------------------
+Thu Dec 14 09:52:18 UTC 2023 - Ludwig Nussel <lnus...@suse.com>
+
+- Add systemd-boot flavor with disk encryption
New:
----
disk.sh
editbootinstall_mbr.sh
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ Minimal.kiwi ++++++
--- /var/tmp/diff_new_pack.aWuDX2/_old 2024-01-04 15:58:13.582335666 +0100
+++ /var/tmp/diff_new_pack.aWuDX2/_new 2024-01-04 15:58:13.586335812 +0100
@@ -9,6 +9,7 @@
<specification>openSUSE Tumbleweed Minimal</specification>
</description>
<profiles>
+ <profile name="kvm-and-xen-sdboot" description="Minimal Image for KVM
and Xen with systemd-boot" arch="aarch64,x86_64"/>
<profile name="kvm-and-xen" description="Minimal Image for KVM and
Xen" arch="aarch64,x86_64"/>
<profile name="VMware" description="Minimal Image for VMware"
arch="x86_64"/>
<profile name="MS-HyperV" description="Minimal Image for Hyper-V"
arch="aarch64,x86_64"/>
@@ -49,6 +50,38 @@
</type>
</preferences>
+ <preferences profiles="kvm-and-xen-sdboot">
+ <version>1.0.0</version>
+ <packagemanager>zypper</packagemanager>
+ <rpm-excludedocs>true</rpm-excludedocs>
+ <type
+ image="vmx"
+ filesystem="btrfs"
+ format="qcow2"
+ bootloader="custom"
+ firmware="uefi"
+ efipartsize="500"
+ bootpartition="false"
+ bootkernel="custom"
+ initrd_system="none"
+ editbootinstall="editbootinstall_mbr.sh"
+ devicepersistency="by-uuid"
+ btrfs_quota_groups="true"
+ btrfs_root_is_snapshot="true"
+ bundle_format="%N-VM.%A-%M.%m.%p-%I"
+ >
+ <systemdisk>
+ <volume name="home"/>
+ <volume name="root"/>
+ <volume name="opt"/>
+ <volume name="srv"/>
+ <volume name="usr/local"/>
+ <volume name="var" copy_on_write="false"/>
+ </systemdisk>
+ <size unit="G">24</size>
+ </type>
+ </preferences>
+
<preferences profiles="kvm-and-xen" arch="aarch64">
<version>1.0.0</version>
<packagemanager>zypper</packagemanager>
@@ -270,10 +303,6 @@
<package name="iputils"/>
<package name="issue-generator"/> <!-- bsc#1084879 -->
<package name="vim-small"/>
- <package name="grub2"/>
- <package name="grub2-arm64-efi" arch="aarch64"/>
- <package name="grub2-branding-openSUSE" bootinclude="true"/>
- <package name="grub2-x86_64-efi" arch="x86_64"/>
<package name="haveged"/>
<package name="less" />
<package name="tar"/>
@@ -294,12 +323,18 @@
<package name="dracut-kiwi-oem-repart"/>
</packages>
+ <packages type="image"
profiles="kvm-and-xen,VMware,MS-HyperV,Cloud,RaspberryPi">
+ <package name="grub2"/>
+ <package name="grub2-arm64-efi" arch="aarch64"/>
+ <package name="grub2-branding-openSUSE" bootinclude="true"/>
+ <package name="grub2-x86_64-efi" arch="x86_64"/>
+ </packages>
+
<!-- Not needed in Cloud as it uses XFS and cloud-init -->
- <packages type="image" profiles="kvm-and-xen,VMware,MS-HyperV,RaspberryPi">
+ <packages type="image"
profiles="kvm-and-xen,kvm-and-xen-sdboot,VMware,MS-HyperV,RaspberryPi">
<!-- Only for btrfs -->
<package name="btrfsprogs"/>
<package name="btrfsmaintenance"/>
- <package name="grub2-snapper-plugin"/> <!-- snapper - grub2 -
integration, "small" -->
<package name="snapper-zypp-plugin"/> <!-- this is key snapper/zypp
integration, as requested in the PRD -->
<package name="snapper"/>
@@ -312,7 +347,11 @@
<package name="firewalld"/>
</packages>
- <packages type="image" profiles="kvm-and-xen,VMware,MS-HyperV,Cloud">
+ <packages type="image" profiles="kvm-and-xen,VMware,MS-HyperV,RaspberryPi">
+ <package name="grub2-snapper-plugin"/> <!-- snapper - grub2 -
integration, "small" -->
+ </packages>
+
+ <packages type="image"
profiles="kvm-and-xen,kvm-and-xen-sdboot,VMware,MS-HyperV,Cloud">
<!-- Shim for secure boot everywhere except for RPi -->
<package name="shim" arch="aarch64,x86_64"/>
</packages>
@@ -325,6 +364,22 @@
<packages type="image" profiles="kvm-and-xen,Cloud">
<package name="qemu-guest-agent"/>
</packages>
+
+ <packages type="image" profiles="kvm-and-xen-sdboot">
+ <!-- kernel-default-base lacks dm-crypt -->
+ <package name="kernel-kvmsmall"/>
+
+ <package name="sdbootutil-snapper"/>
+ <package name="sdbootutil-rpm-scriptlets"/>
+ <package name="efibootmgr"/>
+ <package name="uefi_mbr" arch="x86_64"/>
+
+ <package name="systemd-experimental"/> <!-- XXX: pulls in python but
needed for tpm files -->
+
+ <package name="disk-encryption-tool"/>
+ <package name="dracut-pcr-signature"/>
+ </packages>
+
<packages type="image" profiles="VMware">
<package name="cloud-init"/>
<package name="cloud-init-config-suse"/>
@@ -371,7 +426,7 @@
<package name="gzip"/>
</packages>
- <packages type="bootstrap" profiles="kvm-and-xen">
+ <packages type="bootstrap" profiles="kvm-and-xen,kvm-and-xen-sdboot">
<package name="openSUSE-release-appliance-kvm"/>
</packages>
<packages type="bootstrap" profiles="Cloud">
++++++ kiwi-templates-Minimal.spec ++++++
--- /var/tmp/diff_new_pack.aWuDX2/_old 2024-01-04 15:58:13.630337419 +0100
+++ /var/tmp/diff_new_pack.aWuDX2/_new 2024-01-04 15:58:13.634337566 +0100
@@ -27,6 +27,8 @@
Source01: config.sh
Source02: Minimal.kiwi
Source03: editbootinstall_rpi.sh
+Source04: editbootinstall_mbr.sh
+Source05: disk.sh
#
Source99: LICENSE
Requires: python3-kiwi
@@ -52,7 +54,7 @@
%install
dst="%buildroot%dest"
mkdir -p $dst
-for i in %{SOURCE1} %{SOURCE2} %{SOURCE3}; do
+for i in %{SOURCE1} %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE5}; do
install -m 644 $i "$dst"
done
++++++ _multibuild ++++++
--- /var/tmp/diff_new_pack.aWuDX2/_old 2024-01-04 15:58:13.694339758 +0100
+++ /var/tmp/diff_new_pack.aWuDX2/_new 2024-01-04 15:58:13.694339758 +0100
@@ -1,4 +1,5 @@
<multibuild>
+ <flavor>kvm-and-xen-sdboot</flavor>
<flavor>kvm-and-xen</flavor>
<flavor>VMware</flavor>
<flavor>MS-HyperV</flavor>
++++++ config.sh ++++++
--- /var/tmp/diff_new_pack.aWuDX2/_old 2024-01-04 15:58:13.714340488 +0100
+++ /var/tmp/diff_new_pack.aWuDX2/_new 2024-01-04 15:58:13.718340634 +0100
@@ -127,3 +127,21 @@
#--------------------------------------
sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g'
/etc/zypp/zypp.conf
+if rpm -q sdbootutil; then
+ for d in /usr/lib/modules/*; do
+ test -d "$d" || continue
+ depmod -a "${d##*/}"
+ done
+ sdbootpath=/usr/lib/systemd/boot/efi
+ # XXX: need /usr/lib/systemd-boot as hack in forked projects for secure
boot to use the real one
+ if [ -d /usr/lib/systemd-boot ]; then
+ sdbootpath=/usr/lib/systemd-boot
+ fi
+ ENTRY_TOKEN=$(. /usr/lib/os-release; echo $ID)
+ mkdir -p /etc/kernel
+ echo "$ENTRY_TOKEN" > /etc/kernel/entry-token
+ echo "rw quiet systemd.show_status=1 console=ttyS0,115200 console=tty0"
> /etc/kernel/cmdline
+ # FIXME: kiwi needs /boot/efi to exist before syncing the disk image
+ mkdir -p /boot/efi
+fi
+
++++++ disk.sh ++++++
#!/bin/bash
set -euxo pipefail
[ -x /usr/bin/sdbootutil ] || exit 0
echo "#######DISK"
rootuuid=$(findmnt / -n --output uuid)
sed -i -e "s,\$, root=UUID=$rootuuid," /etc/kernel/cmdline
arch="$(uname -m)"
case "$arch" in
aarch64) arch=aa64 ;;
x86_64) arch=x64 ;;
*) echo "Unknown arch $arch"; exit 1 ;;
esac
echo "install boot loader"
sdbootutil -v --arch "$arch" --esp-path /boot/efi --entry-token=auto
--no-variables install
echo "add kernels"
export hostonly_l=no # for dracut
sdbootutil --arch "$arch" --esp-path /boot/efi --entry-token=auto
add-all-kernels
rm -f /boot/mbrid
# Set a 5s timeout, the "hold a key down" method doesn't work effectively.
echo "timeout 5" >> /boot/efi/loader/loader.conf
echo "##### AFTER ####"
mkdir /efi
find /boot
++++++ editbootinstall_mbr.sh ++++++
#!/bin/bash
set -euxo pipefail
[ "$(uname -m)" = 'x86_64' ] || exit 0
diskname="$1"
devname="$2"
loopdev="${devname%*p?}"
dd if=./usr/lib/uefi_mbr/uefi_mbr.bin of="$loopdev" conv=notrunc
