From a9705d556d5b5a4de2d00f57c8c83cef43cc9ec6f83091043ccf15d17ddb13c9 Mon Sep 17 00:00:00 2001 From: Richard Brown Date: Thu, 11 Jul 2024 12:47:24 +0000 Subject: [PATCH] - Add mokutil (needed for Secureboot configuration and checking) OBS-URL: https://build.opensuse.org/package/show/devel:microos:aeon/patterns-tik?expand=0&rev=19 --- .gitattributes | 23 +++ .gitignore | 1 + patterns-tik.changes | 65 +++++++ patterns-tik.rpmlintrc | 8 + patterns-tik.spec | 420 +++++++++++++++++++++++++++++++++++++++++ 5 files changed, 517 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 patterns-tik.changes create mode 100644 patterns-tik.rpmlintrc create mode 100644 patterns-tik.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/patterns-tik.changes b/patterns-tik.changes new file mode 100644 index 0000000..617863b --- /dev/null +++ b/patterns-tik.changes @@ -0,0 +1,65 @@ +------------------------------------------------------------------- +Thu Jul 11 12:47:00 UTC 2024 - Richard Brown + +- Add mokutil (needed for Secureboot configuration and checking) + +------------------------------------------------------------------- +Wed May 22 12:01:57 UTC 2024 - Richard Brown + +- Require coreutils-systemd (boo#1224812) + +------------------------------------------------------------------- +Wed May 22 12:00:14 UTC 2024 - Richard Brown + +- Require gsettings-backend-dconf (boo#1224473, boo#1224472) + +------------------------------------------------------------------- +Tue May 14 08:27:09 UTC 2024 - Richard Brown + +- Correct architecture support + +------------------------------------------------------------------- +Tue May 14 08:23:48 UTC 2024 - Richard Brown + +- Move optional modules into image definition instead of patterns + +------------------------------------------------------------------- +Wed May 8 12:45:19 UTC 2024 - Richard Brown + +- Move to grub, better support for portable media + +------------------------------------------------------------------- +Thu May 2 12:43:57 UTC 2024 - Richard Brown + +- And now we need distro specific config again, use tik-config-Aeon + +------------------------------------------------------------------- +Wed May 1 17:29:48 UTC 2024 - Richard Brown + +- Use tik-config-generic (no distro specific config required for + tik-gui, yet) + +------------------------------------------------------------------- +Wed May 1 11:19:04 UTC 2024 - Richard Brown + +- Support vulkan (boo#1223443) + +------------------------------------------------------------------- +Wed May 1 11:10:38 UTC 2024 - Richard Brown + +- Remove gedit, there's vi + +------------------------------------------------------------------- +Tue Apr 30 14:28:52 UTC 2024 - Richard Brown + +- Add gedit for debugging/config editing + +------------------------------------------------------------------- +Tue Apr 30 14:24:14 UTC 2024 - Richard Brown + +- Remove desktop-data (not used, brings in wrong wallpaper) + +------------------------------------------------------------------- +Fri Apr 26 10:33:25 UTC 2024 - Richard Brown + +- Initial package diff --git a/patterns-tik.rpmlintrc b/patterns-tik.rpmlintrc new file mode 100644 index 0000000..0b319b2 --- /dev/null +++ b/patterns-tik.rpmlintrc @@ -0,0 +1,8 @@ +addFilter("W: no-binary"); +addFilter("W: unexpanded-macro.*pattern-category"); +addFilter("W: explicit-lib-dependency"); +addFilter("W: devel-package-with-non-devel-group"); +addFilter("W: conflicts-with-provides"); +addFilter("W: description-shorter-than-summary"); +addFilter("W: suse-branding-specific-branding-req"); +addFilter("W: useless-provides"); diff --git a/patterns-tik.spec b/patterns-tik.spec new file mode 100644 index 0000000..c414ef3 --- /dev/null +++ b/patterns-tik.spec @@ -0,0 +1,420 @@ +# +# spec file for package patterns-tik +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%bcond_with betatest + +Name: patterns-tik +Version: 1.0 +Release: 0 +Summary: Patterns for openSUSE tik installer, based on Aeon +License: MIT +Group: Metapackages +URL: http://en.opensuse.org/Patterns +Source0: %name.rpmlintrc +ExclusiveArch: x86_64 + +%description +This is an internal package that is used to create the patterns as part +of the installation source setup. Installation of this package does +not make sense. + +%package base +Summary: openSUSE tik +Group: Metapackages +Provides: pattern() = tik_base +Provides: pattern-category() = tik +Provides: pattern-icon() = pattern-kubic +Provides: pattern-order() = 9210 +%if %{with betatest} +# need to require it as recommends are off +Requires: pattern() = update_test +%endif + +# This packagelist is based on aeon_base. Packages removed from Aeon are commented out with #AEON: prefix +### Packages formerly provided by minimal_base +Requires: branding +Requires: build-key +Requires: distribution-release +Requires: filesystem + +### Packages formerly provided by bootloader +Requires: grub2-snapper-plugin +Requires: grub2 +Requires: grub2-branding-openSUSE +Requires: grub2-x86_64-efi +Requires: mokutil + +### Packages formerly provided by base/basesystem +Requires: /usr/bin/hostname +Requires: aaa_base +Requires: bash +Requires: branding-openSUSE +Requires: btrfsprogs +Requires: ca-certificates +Requires: ca-certificates-mozilla +Requires: coreutils +Requires: coreutils-systemd +Requires: glibc +Suggests: busybox-hostname +Requires: NetworkManager +Requires: NetworkManager-bluetooth +Requires: NetworkManager-wifi +Requires: iproute2 +Requires: lastlog2 +Requires: libnss_usrfiles2 +Requires: openSUSE-build-key +Requires: pam +Requires: pam-config +Requires: procps +Requires: rpm +Requires: shadow +Requires: systemd +Requires: util-linux +Requires: group(nobody) +Requires: user(nobody) +#### +Requires: btrfsmaintenance +Requires: busybox +Requires: chrony +# curl indirectly needed by ignition via dracut's url-lib +Requires: curl +# probably needed for fsck.fat on efi partitions +Requires: /usr/bin/gzip +Requires: Aeon-release +Requires: dosfstools +Requires: glibc-locale-base +Suggests: busybox-gzip +Requires: health-checker +Requires: health-checker-plugins-MicroOS +Requires: iputils +%ifnarch %{arm} +Requires: kdump +%endif +Requires: less +Requires: microos-tools +Requires: snapper +Requires: vim-small +Requires: wtmpdb +# people are addicted to sudo +Requires: sudo +Requires: systemd-presets-branding-Aeon +Requires: terminfo-base +Requires: timezone +Conflicts: gettext-runtime-mini +Conflicts: krb5-mini +Obsoletes: suse-build-key < 12.1 +Requires: yast2-logs +# exfat is an important filesystem too boo#1222955 +Requires: exfatprogs + +### Packages formerly provided by base_zypper +Requires: transactional-update +Requires: transactional-update-zypp-config +Requires: zypper +# zypper ps is useless in transactional mode. It also checks for +# /run/reboot-needed though which is created by transactional-update +Requires: zypper-needs-restarting + +### Packages formerly provided by defaults +Requires: audit +Requires: systemd-coredump + +### Packages formerly provided by hardware +Requires: ethtool +%ifnarch s390x +Requires: irqbalance +%endif +Requires: fcoe-utils +Requires: hwinfo + +### Packages formerly provided by selinux +#AEON:Requires: container-selinux +#AEON:Requires: policycoreutils +#AEON:Requires: selinux-policy-targeted +#AEON:Requires: selinux-tools +#AEON:Requires: policycoreutils-python-utils + +### Packages formerly provided by x11 +Requires: xf86-input-libinput +Requires: xorg-x11-fonts-core +Requires: xorg-x11-server + +### Packages formerly provided by desktop-common +# PipeWire is the default sound server +#AEON:Requires: gstreamer-plugin-pipewire +#AEON:Requires: pipewire-alsa +#AEON:Requires: pipewire-pulseaudio +# Support UCM Profiles boo#1218510 +#AEON:Requires: alsa-ucm-conf +# Allow users to print (and add some common printer drivers) +#AEON:Requires: OpenPrintingPPDs +#AEON:Requires: bluez-cups +#AEON:Requires: cups +#AEON:Requires: cups-filters +#AEON:Requires: cups-pk-helper +#AEON:Requires: epson-inkjet-printer-escpr +#AEON:Requires: ghostscript +#AEON:Requires: hplip-hpijs +#AEON:Requires: system-config-printer-common +#AEON:Requires: system-config-printer-dbus-service +#AEON:Requires: udev-configure-printer +# Support scanners boo#1214614 +#AEON:Requires: sane-backends +# Add thunderbolt device management (boo#1208150) +Requires: bolt +# Common tools +Requires: bash-completion +Requires: bluez-firmware +Requires: glibc-locale +Requires: hicolor-icon-theme-branding-openSUSE +Requires: polkit-default-privs +Requires: systemd-icon-branding-openSUSE +Requires: udisks2 +Requires: unzip +Requires: upower +Requires: wget +Requires: xdg-utils +# Support ntfs drives +Requires: ntfs-3g +Requires: ntfsprogs +# More "comfortable" base package versions +Requires: gzip +Requires: hostname +%if 0%{is_opensuse} +Requires: avahi +%endif +# Desktop notifications about transactional update succeeding/failing +# for the masses +Requires: transactional-update-notifier +# Needed by both GNOME and KDE for theming of GTK-based flatpak apps properly +Requires: xdg-desktop-portal-gtk +# Needed to ensure MicroOS Desktop systems are be able to handle varied hardware out +# of the box, and not only during the system installation. +Requires: kernel-firmware-all +#AEON:Requires: sof-firmware + +### Packages formerly provided by desktop-gnome +Requires: gsettings-backend-dconf +Requires: distribution-logos-openSUSE-Aeon +Requires: gdm-branding-Aeon +# gnome-initial-setup requirements +#AEON:Requires: gnome-initial-setup +Requires: gjs +Requires: desktop-file-utils +Requires: gnome-menus-branding-openSUSE +Requires: system-group-wheel +# +# Now the real packages +# +# #332596 +Requires: gnome-keyring-pam +# implied by gnome-keyring-pam +#Requires: gnome-keyring +Requires: gnome-disk-utility +# boo#1215343 +#AEON:Requires: gnome-backgrounds +# implied by gdm +#Requires: gnome-shell +#Requires: gnome-settings-daemon +# implied by gnome-shell +#Requires: gnome-control-center +# +# Default sessions: +# - We also explicitly put the packages required by those sessions, in case +# gnome-session-*-session is not installable, to make sure the livecd is +# somehow a bit usable +# +Requires: gnome-session-default-session +# ensure we have wayland session available (and used by default) +Requires: gnome-session-wayland +# boo#1090117 +Requires: flatpak +Requires: gnome-branding-Aeon +#AEON:Requires: gnome-color-manager +#Requires: gnome-packagekit +Requires: gnome-software +Requires: gnome-system-monitor +Requires: gnome-terminal +#AEON:Requires: gnome-tweak-tool +#AEON:Requires: gnome-user-docs +# bnc#879466 +Requires: gpgme +# for online accounts and calendar integration +Requires: gnome-bluetooth +# for display color profile support boo#1210492 +#AEON:Requires: gnome-control-center-color +# for desktop remote access +#AEON:Requires: gnome-remote-desktop +# for shell remote access +#AEON:Requires: openssh +# needed to ensure bluetooth is enabled at startup (glgo#GNOME/gnome-bluetooth#110) +Requires: bluez-auto-enable-devices +#AEON:Requires: gnome-control-center-goa +#AEON:Requires: gnome-online-accounts +#AEON:Requires: gnome-shell-calendar +# For seeing thumbnails in Nautilus +#AEON:Requires: gdk-pixbuf-thumbnailer +#AEON:Requires: gsf-office-thumbnailer +#AEON:Requires: rsvg-thumbnailer +# So that GNOME shell extensions can be installed +#AEON:Requires: chrome-gnome-shell +# So users can be configured and have pretty face thumbnails +Requires: gnome-control-center-users +#AEON:Requires: gnome-control-center-user-faces +# we need something for xdg-su +#AEON:Requires: gnome-shell-search-provider-nautilus +Requires: libgnomesu +Requires: nautilus +Requires: nautilus-extension-terminal +# Some extensions add context menus to nautilus using python scripts (example GSConnect) +# For this to work we need nautilus-python bindings +#AEON:Requires: python3-nautilus +#AEON:Requires: nautilus-share +# For encrypting and decrypting files to work in Nautilus +Requires: nautilus-extension-seahorse +Requires: seahorse-daemon +# So Trash and mounting USB sticks work in Nautilus +Requires: gvfs-backends +Requires: gvfs-backend-afc +Requires: gvfs-backend-goa +Requires: gvfs-fuse +# We need the icons to work +Requires: adwaita-icon-theme +# We need this for accessability and the lack of it causes big performance issues (boo#1204564) +Requires: at-spi2-core +# Some fonts +Requires: adobe-sourcecodepro-fonts +#AEON:Requires: adobe-sourcesanspro-fonts +#AEON:Requires: adobe-sourceserifpro-fonts +#AEON:Requires: dejavu-fonts +#AEON:Requires: ghostscript-fonts-other +#AEON:Requires: ghostscript-fonts-std +#AEON:Requires: google-carlito-fonts +#AEON:Requires: google-droid-fonts +#AEON:Requires: google-opensans-fonts +#AEON:Requires: google-roboto-fonts +#AEON:Requires: noto-coloremoji-fonts +#AEON:Requires: noto-emoji-fonts +#AEON:Requires: noto-sans-fonts +# So that GNOME keyring works +Requires: gcr-ssh-askpass +Requires: gcr3-ssh-askpass +# So that GNOME prompt for ssh password works +Requires: openssh-askpass-gnome +# So that GNOME pinentry works +Requires: pinentry-gnome3 +#AEON:Requires: gvfs-backend-samba +#AEON:Requires: samba +# So that GNOME builtin screen recorder works +Requires: gstreamer-plugins-bad +Requires: gstreamer-plugins-good +# #509829 +Requires: xdg-user-dirs-gtk +Requires: yelp +# Polkit integration with GNOME +Requires: polkit-gnome +# https://build.opensuse.org/request/show/921373 +Requires: xdg-desktop-portal-gnome +# ensure laptop power support is there +Requires: power-profiles-daemon + +# add steam-devices +Requires: steam-devices + +# +# Low-level parts that we need +# +%if 0%{is_opensuse} +# bnc#430161 +Requires: NetworkManager-openconnect-gnome +Requires: NetworkManager-openvpn-gnome +Requires: canberra-gtk-play +# +# Branding +# +# #591535 +Requires: gtk2-branding-openSUSE +Requires: gtk3-branding-openSUSE +Requires: gtk4-branding-openSUSE +%endif +### Packages formerly provided by kiwi file +Requires: kernel-default +### systemd-zram stuff +Requires: systemd-zram-service +### Virtualisation support +Requires: spice-vdagent +Requires: qemu-guest-agent +### Container / Distrobox boo#1222909 +Requires: distrobox +Requires: podman + +# bug#1211835 - TPM2.0 support +Requires: tpm2.0-abrmd +Requires: tpm2-0-tss +Requires: tpm2.0-tools + +# Secureboot support +Requires: mokutil + +### x86_64_v3 support is mandatory on Aeon +#AEON:Requires: x86_64_v3-branding-Aeon + +### Aeons partitions are defined to use systemd-repart +# systemd-experimental is temproarily required for repart +Requires: systemd-experimental +Requires: systemd-repart-branding-tik + +### Firstboot Configuration +#AEON:Requires: ignition-dracut +#AEON:Requires: combustion + +### Support screen rotation boo#1222711 +Requires: iio-sensor-proxy + +### Support Vulkan boo#1223443 +Requires: libvulkan_radeon +Requires: libvulkan_intel + +### This is tik, install tik +Requires: tik +Requires: tik-config-Aeon + +%description base +This is the openSUSE tik base system. It contains a minimised immutable desktop system focused on deploying disk images. + +%prep +# empty on purpose + +%build +# empty on purpose + +%install +mkdir -p %{buildroot}%{_docdir}/patterns-tik/ +PATTERNS=' + base +' +for i in $PATTERNS; do + echo "This file marks the pattern $i to be installed." \ + > %{buildroot}%{_docdir}/patterns-tik/${i}.txt +done + +%files base +%dir %{_docdir}/patterns-tik +%{_docdir}/patterns-tik/base.txt + +%changelog