Compare commits
No commits in common. "devel" and "devel" have entirely different histories.
62
config.sh
62
config.sh
@ -68,20 +68,16 @@ sed -i 's/^multiversion =.*/multiversion =/g' /etc/zypp/zypp.conf
|
||||
#=====================================
|
||||
# Configure snapper
|
||||
#-------------------------------------
|
||||
if [ -x /usr/bin/snapper ]; then
|
||||
echo "creating initial snapper config ..."
|
||||
cp /etc/snapper/config-templates/default /etc/snapper/configs/root \
|
||||
if [ "${kiwi_btrfs_root_is_snapshot-false}" = 'true' ]; then
|
||||
echo "creating initial snapper config ..."
|
||||
cp /etc/snapper/config-templates/default /etc/snapper/configs/root \
|
||||
|| cp /usr/share/snapper/config-templates/default /etc/snapper/configs/root
|
||||
baseUpdateSysConfig /etc/sysconfig/snapper SNAPPER_CONFIGS root
|
||||
baseUpdateSysConfig /etc/sysconfig/snapper SNAPPER_CONFIGS root
|
||||
|
||||
# Adjust parameters
|
||||
sed -i'' 's/^TIMELINE_CREATE=.*$/TIMELINE_CREATE="no"/g' /etc/snapper/configs/root
|
||||
sed -i'' 's/^NUMBER_LIMIT=.*$/NUMBER_LIMIT="2-10"/g' /etc/snapper/configs/root
|
||||
sed -i'' 's/^NUMBER_LIMIT_IMPORTANT=.*$/NUMBER_LIMIT_IMPORTANT="4-10"/g' /etc/snapper/configs/root
|
||||
else
|
||||
# Avoid boo#1237466 from reoccuring
|
||||
echo "snapper not installed?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
#=====================================
|
||||
@ -160,7 +156,7 @@ case "${kiwi_profiles}" in
|
||||
*OpenStack*) ignition_platform='openstack' ;;
|
||||
*VirtualBox*) ignition_platform='virtualbox' ;;
|
||||
*HyperV*) ignition_platform='metal'
|
||||
cmdline+=('rootdelay=300') ;;
|
||||
cmdline+=('rootdelay=300') ;;
|
||||
*Pine64*|*RaspberryPi*|*Rock64*|*Vagrant*) ignition_platform='metal' ;;
|
||||
# Use autodetection on selfinstall. The first boot doesn't use the grub
|
||||
# cmdline anyway, it's started with kexec using kiwi's builtin default.
|
||||
@ -188,14 +184,8 @@ if [[ -e /etc/selinux/config ]]; then
|
||||
test -f /.autorelabel && mv /.autorelabel /etc/selinux/.autorelabel
|
||||
fi
|
||||
|
||||
if rpm -q sdbootutil; then
|
||||
mkdir -p /etc/kernel
|
||||
echo "${cmdline[*]}" > /etc/kernel/cmdline
|
||||
elif [ -e /etc/default/grub ]; then
|
||||
if [ -e /etc/default/grub ]; then
|
||||
sed -i "s#^GRUB_CMDLINE_LINUX_DEFAULT=.*\$#GRUB_CMDLINE_LINUX_DEFAULT=\"${cmdline[*]}\"#" /etc/default/grub
|
||||
else
|
||||
echo "Unknown bootloader"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
#======================================
|
||||
@ -252,32 +242,38 @@ fi
|
||||
# Configure Vagrant specifics
|
||||
#--------------------------------------
|
||||
if [[ "$kiwi_profiles" == *"Vagrant"* ]]; then
|
||||
echo "Add user vagrant"
|
||||
# create vagrant user
|
||||
useradd vagrant
|
||||
# allow password-less sudo
|
||||
echo "vagrant ALL=(ALL)NOPASSWD:ALL" > /etc/sudoers.d/vagrant
|
||||
# add vagrant's insecure key
|
||||
mkdir -p /home/vagrant/.ssh
|
||||
chmod 0700 /home/vagrant/.ssh
|
||||
cat > /home/vagrant/.ssh/authorized_keys << EOF
|
||||
# create vagrant user
|
||||
useradd vagrant
|
||||
# allow password-less sudo
|
||||
echo "vagrant ALL=(ALL)NOPASSWD:ALL" > /etc/sudoers.d/vagrant
|
||||
# add vagrant's insecure key
|
||||
mkdir -p /home/vagrant/.ssh
|
||||
chmod 0700 /home/vagrant/.ssh
|
||||
cat > /home/vagrant/.ssh/authorized_keys << EOF
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
|
||||
EOF
|
||||
chmod 0600 /home/vagrant/.ssh/authorized_keys
|
||||
chown -R vagrant /home/vagrant
|
||||
|
||||
echo "Disable jeos-firstboot.service for Vagrant boxes"
|
||||
systemctl disable jeos-firstboot.service
|
||||
systemctl mask jeos-firstboot.service
|
||||
chmod 0600 /home/vagrant/.ssh/authorized_keys
|
||||
chown -R vagrant /home/vagrant
|
||||
fi
|
||||
|
||||
#======================================
|
||||
# Configure FDE/BLS specifics
|
||||
#--------------------------------------
|
||||
|
||||
# [[ "$kiwi_profiles" == *"kvm-and-xen-"* ]]
|
||||
if rpm -q sdbootutil; then
|
||||
for d in /usr/lib/modules/*; do
|
||||
test -d "$d" || continue
|
||||
depmod -a "${d##*/}"
|
||||
done
|
||||
ENTRY_TOKEN=$(. /usr/lib/os-release; echo $ID)
|
||||
mkdir -p /etc/kernel
|
||||
echo "$ENTRY_TOKEN" > /etc/kernel/entry-token
|
||||
# FIXME: kiwi needs /boot/efi to exist before syncing the disk image
|
||||
mkdir -p /boot/efi
|
||||
|
||||
[ -e /var/lib/YaST2/reconfig_system ] && systemctl enable sdbootutil-enroll.service
|
||||
echo "${cmdline[*]}" > /etc/kernel/cmdline
|
||||
|
||||
rpm -q systemd-boot && loader_type="systemd-boot"
|
||||
rpm -q grub2 && loader_type="grub2-bls"
|
||||
echo "LOADER_TYPE=\"${loader_type}\"" >> /etc/sysconfig/bootloader
|
||||
fi
|
||||
|
||||
47
disk.sh
47
disk.sh
@ -1,36 +1,31 @@
|
||||
#!/bin/bash
|
||||
set -euxo pipefail
|
||||
[ -x /usr/bin/sdbootutil ] || exit 0
|
||||
|
||||
echo "####### BOOTLOADER INSTALL (disk.sh)"
|
||||
|
||||
if [ -x /usr/bin/sdbootutil ]; then
|
||||
arch="$(uname -m)"
|
||||
case "$arch" in
|
||||
aarch64) arch=aa64 ;;
|
||||
x86_64) arch=x64 ;;
|
||||
*) echo "Unknown arch $arch"; exit 1 ;;
|
||||
esac
|
||||
# [[ "$kiwi_profiles" == *"kvm-and-xen-"* ]]
|
||||
if rpm -q sdbootutil; then
|
||||
rootuuid=$(findmnt / -n --output uuid)
|
||||
sed -i -e "s,\$, root=UUID=$rootuuid," /etc/kernel/cmdline
|
||||
arch="$(uname -m)"
|
||||
case "$arch" in
|
||||
aarch64) arch=aa64 ;;
|
||||
x86_64) arch=x64 ;;
|
||||
*) echo "Unknown arch $arch"; exit 1 ;;
|
||||
esac
|
||||
|
||||
echo "install boot loader"
|
||||
loader_type="grub2-bls"
|
||||
rpm -q systemd-boot && loader_type="systemd-boot"
|
||||
if [ -f /etc/sysconfig/bootloader ]; then
|
||||
sed -i "s/^LOADER_TYPE=.*$/LOADER_TYPE=\"$loader_type\"/g" /etc/sysconfig/bootloader
|
||||
else
|
||||
echo "LOADER_TYPE=\"${loader_type}\"" > /etc/sysconfig/bootloader
|
||||
fi
|
||||
echo "install boot loader"
|
||||
sdbootutil -v --no-random-seed --arch "$arch" --esp-path /boot/efi --entry-token=auto --no-variables install
|
||||
echo "add kernels"
|
||||
export hostonly_l=no # for dracut
|
||||
sdbootutil -v --arch "$arch" --esp-path /boot/efi --entry-token=auto add-all-kernels
|
||||
# Set a 5s timeout, the "hold a key down" method doesn't work effectively.
|
||||
echo "timeout 5" >> /boot/efi/loader/loader.conf
|
||||
|
||||
sdbootutil -v --no-random-seed --arch "$arch" --esp-path /boot/efi --entry-token=auto --no-variables install
|
||||
rm -f /boot/mbrid
|
||||
|
||||
echo "add kernels"
|
||||
export hostonly_l=no # for dracut
|
||||
sdbootutil -v --arch "$arch" --esp-path /boot/efi --entry-token=auto add-all-kernels
|
||||
# Set a 5s timeout, the "hold a key down" method doesn't work effectively.
|
||||
echo "timeout 5" >> /boot/efi/loader/loader.conf
|
||||
|
||||
rm -f /boot/mbrid
|
||||
|
||||
find /boot
|
||||
find /boot
|
||||
fi
|
||||
|
||||
echo "####### END BOOTLOADER INSTALL (disk.sh)"
|
||||
echo "####### ENDS BOOTLOADER INSTALLER (disk.sh)"
|
||||
|
||||
@ -1,66 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 6 12:50:13 UTC 2025 - Fabian Vogt <fvogt@suse.com>
|
||||
|
||||
- Switch away from patterns-base-bootloader for grub-bls, not suitable
|
||||
- Switch away from kiwi's support for grub-bls, does not match sdbootutil
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 21 12:38:04 UTC 2025 - Fabian Vogt <fvogt@suse.com>
|
||||
|
||||
- config.sh: Do not rely on $kiwi_btrfs_root_is_snapshot (boo#1237466)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 20 16:07:14 UTC 2025 - Fabian Vogt <fvogt@suse.com>
|
||||
|
||||
- Clean up config.sh and disk.sh
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 12 12:25:21 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Use the enrollment packages from sdbootutil
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Nov 2 10:54:27 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
|
||||
|
||||
- disable and mask the jeos-firstboot.service on Vagrant boxes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 9 09:15:28 UTC 2024 - Stefan Schubert <schubi@suse.com>
|
||||
|
||||
- Added package systemd-repart-dracut to kvm-and-xen-sdboot and
|
||||
kvm-and-xen-grub-bls
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 3 09:42:47 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Move /etc/sysconfig/bootloader creation to disk.sh, as KIWI can
|
||||
replace the one generated in config.sh (bsc#1231271)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 1 16:07:08 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Requires systemd-boot in the sdboot flavor
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 5 13:55:46 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Remove root from /etc/kernel/cmdline during image creation
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 27 11:48:44 UTC 2024 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
||||
|
||||
- Grub package is grub2-arm64-efi, not grub2-arm-efi
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 13 13:53:32 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Use the new grub2-bls subpackage
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 9 08:45:16 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Enable disk-encryption-tool-enroll.service
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 31 13:38:18 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
|
||||
@ -115,7 +115,7 @@
|
||||
btrfs_root_is_readonly_snapshot="true"
|
||||
btrfs_quota_groups="true"
|
||||
>
|
||||
<bootloader name="custom"/>
|
||||
<bootloader name="grub2" bls="true" />
|
||||
<systemdisk>
|
||||
<volume name="home"/>
|
||||
<volume name="root"/>
|
||||
@ -732,23 +732,18 @@
|
||||
<package name="jeos-firstboot"/>
|
||||
<package name="growpart-generator"/>
|
||||
<package name="sdbootutil-snapper"/>
|
||||
<package name="sdbootutil-jeos-firstboot-enroll"/>
|
||||
<package name="disk-encryption-tool"/>
|
||||
<package name="systemd-repart-dracut"/>
|
||||
<package name="dracut-pcr-signature"/>
|
||||
<package name="systemd-experimental"/>
|
||||
<package name="mokutil" arch="aarch64,x86_64"/>
|
||||
<package name="shim" arch="aarch64,x86_64"/>
|
||||
<package name="uefi_mbr" arch="x86_64"/>
|
||||
<package name="shim"/>
|
||||
<package name="efibootmgr"/>
|
||||
</packages>
|
||||
<packages type="image" profiles="kvm-and-xen-sdboot">
|
||||
<package name="systemd-boot"/>
|
||||
<package name="uefi_mbr" arch="x86_64"/>
|
||||
</packages>
|
||||
<packages type="image" profiles="kvm-and-xen-grub-bls">
|
||||
<package name="grub2-arm64-efi-bls" arch="aarch64"/>
|
||||
<package name="grub2-x86_64-efi-bls" arch="x86_64"/>
|
||||
<package name="patterns-base-bootloader"/>
|
||||
<package name="uefi_mbr" arch="x86_64"/>
|
||||
<package name="grub2-x86_64-efi" arch="x86_64"/>
|
||||
<package name="grub2-arm64-efi" arch="aarch64"/>
|
||||
</packages>
|
||||
<packages type="image" profiles="Pine64,RaspberryPi,RaspberryPi2,Rock64">
|
||||
<package name="patterns-microos-hardware"/>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user