suse-edge/Factory
SHA256
17
0
Fork 18
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

kiwi-builder: bump base image to 10.2.29 #294

Closed
steven.hardy wants to merge 1 commits from steven.hardy/Factory:kiwi_fix2 into main
pull from: steven.hardy/Factory:kiwi_fix2
merge into: suse-edge:main
Conversation 4 Commits 1 Files Changed 1 +3 -3
steven.hardy commented 2025-10-22 09:32:27 +02:00
Owner
Copy Link

Fix issues due to 10.2.12 image being removed

Fix issues due to 10.2.12 image being removed
steven.hardy added 1 commit 2025-10-22 09:32:28 +02:00
kiwi-builder: bump base image to 10.2.29
All checks were successful
Check Release Manifest Local Charts Versions / Check Release Manifest Local Charts Versions (pull_request) Successful in -21s
Details
Build PR in OBS / Build PR in OBS (pull_request_target) Successful in -20s
Details
f6714cdd62
roxenham requested changes 2025-10-22 10:08:22 +02:00
roxenham left a comment
Owner
Copy Link

@steven.hardy take a look at https://src.opensuse.org/suse-edge/Factory/pulls/271/files, you'll see that I had to add the following to get it to work with 10.2.29:

# Create temporary directory that supports seclabel
dir=$(mktemp -d)
mkdir -p /tmp/output/tmp-dir
mount -t tmpfs $dir /tmp/output/tmp-dir

It seems as though there were some changes introduced in the latest Kiwi releases that do some SELinux relabelling in a temporary directory; this temporary directory needs to have seclabel support, hence tmpfs here. You'll also see that we add the --temp-dir /tmp/output/tmp-dir to the kiwi-ng options.

@steven.hardy take a look at https://src.opensuse.org/suse-edge/Factory/pulls/271/files, you'll see that I had to add the following to get it to work with 10.2.29: ``` # Create temporary directory that supports seclabel dir=$(mktemp -d) mkdir -p /tmp/output/tmp-dir mount -t tmpfs $dir /tmp/output/tmp-dir ``` It seems as though there were some changes introduced in the latest Kiwi releases that do some SELinux relabelling in a temporary directory; this temporary directory needs to have `seclabel` support, hence `tmpfs` here. You'll also see that we add the `--temp-dir /tmp/output/tmp-dir` to the `kiwi-ng` options.
roxenham commented 2025-10-22 10:10:28 +02:00
Owner
Copy Link

However, this may only be an SL Micro 6.2 thing, so we should definitely test the existing workflow for 6.1 with this image, and no seclabel changes.

However, this *may* only be an SL Micro 6.2 thing, so we should definitely test the existing workflow for 6.1 with this image, and no `seclabel` changes.
roxenham commented 2025-10-22 10:27:39 +02:00
Owner
Copy Link

Quickly tested this, it fails with 6.1 too, so it's a change in Kiwi that introduced this problem:

(...)
[ DEBUG   ]: 08:20:12 | EXEC: Failed with stderr: rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/.","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/MokManager.efi","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/bootaa64.efi","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.cfg","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.efi","security.selinux") failed: Operation not supported (95)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1338) [sender=3.4.1]
, stdout: (no output on stdout)
[ ERROR   ]: 08:20:12 | KiwiCommandError: rsync: stderr: rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/.","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/MokManager.efi","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/bootaa64.efi","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.cfg","security.selinux") failed: Operation not supported (95)
rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.efi","security.selinux") failed: Operation not supported (95)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1338) [sender=3.4.1]
, stdout: (no output on stdout)
(...)

With the fixes included in #271 it builds just fine on 10.2.29:

(...)
[ INFO    ]: 08:27:32 | Result files:
[ INFO    ]: 08:27:32 | --> disk_image: /tmp/output/SL-Micro.aarch64-6.1.raw
[ INFO    ]: 08:27:32 | --> image_changes: /tmp/output/SL-Micro.aarch64-6.1.changes
[ INFO    ]: 08:27:32 | --> image_packages: /tmp/output/SL-Micro.aarch64-6.1.packages
[ INFO    ]: 08:27:32 | --> image_verified: /tmp/output/SL-Micro.aarch64-6.1.verified
[ INFO    ]: 08:27:32 | --> installation_image: /tmp/output/SL-Micro.aarch64-6.1.install.iso


INFO: Image build successful, generated images are available in the 'output' directory.
Quickly tested this, it fails with 6.1 too, so it's a change in Kiwi that introduced this problem: ``` (...) [ DEBUG ]: 08:20:12 | EXEC: Failed with stderr: rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/.","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/MokManager.efi","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/bootaa64.efi","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.cfg","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.efi","security.selinux") failed: Operation not supported (95) rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1338) [sender=3.4.1] , stdout: (no output on stdout) [ ERROR ]: 08:20:12 | KiwiCommandError: rsync: stderr: rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/.","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/MokManager.efi","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/bootaa64.efi","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.cfg","security.selinux") failed: Operation not supported (95) rsync: [receiver] rsync_xal_set: lsetxattr("/var/tmp/efi_folderq_j9xgho/BOOT/grub.efi","security.selinux") failed: Operation not supported (95) rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1338) [sender=3.4.1] , stdout: (no output on stdout) (...) ``` With the fixes included in #271 it builds just fine on `10.2.29`: ``` (...) [ INFO ]: 08:27:32 | Result files: [ INFO ]: 08:27:32 | --> disk_image: /tmp/output/SL-Micro.aarch64-6.1.raw [ INFO ]: 08:27:32 | --> image_changes: /tmp/output/SL-Micro.aarch64-6.1.changes [ INFO ]: 08:27:32 | --> image_packages: /tmp/output/SL-Micro.aarch64-6.1.packages [ INFO ]: 08:27:32 | --> image_verified: /tmp/output/SL-Micro.aarch64-6.1.verified [ INFO ]: 08:27:32 | --> installation_image: /tmp/output/SL-Micro.aarch64-6.1.install.iso INFO: Image build successful, generated images are available in the 'output' directory. ```
steven.hardy commented 2025-10-22 10:34:17 +02:00
Author
Owner
Copy Link

Lets go with #271 instead, thanks @roxenham!

Lets go with #271 instead, thanks @roxenham!
steven.hardy closed this pull request 2025-10-22 10:34:24 +02:00
All checks were successful
Check Release Manifest Local Charts Versions / Check Release Manifest Local Charts Versions (pull_request) Successful in -21s
Details
Build PR in OBS / Build PR in OBS (pull_request_target) Successful in -20s
Details

Pull request closed

Please reopen this pull request to perform a merge.
Sign in to join this conversation.
Reviewers
No Reviewers
roxenham
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
amorgante antaloala atanasdinov atrendafilov dbekhit dprodanov eminguez fdegirmenci geoagriogiannis ipetrov117 jarndt jtomasek kzhelyazkov mchiappero mkrutov nbelouin roxenham steven.hardy
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: suse-edge/Factory#294
Delete Branch "steven.hardy/Factory:kiwi_fix2"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?