| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Add /etc/systemd/network/20-wwan.network
Related to #110.
|
| |
|
|
| |
The file is limited to Wi-Fi (Type=wlan in networkd configuration).
|
| |
|
|
|
|
|
| |
configs/releng/airootfs/etc/systemd/network/20-{ethernet,wireless}.network
* Match the device type instead of the interface name.
* Replace DHCP section with DHCPv4/DHCPv6. systemd split the sections.
|
| |
|
|
|
|
| |
Remove hardcoded '-comp xz', it prevents using mksquashfs defaults.
Fixes #112.
|
| |
|
|
| |
Allow building ISOs with EROFS airootfs images in CI.
|
| |
|
|
|
|
| |
/usr/lib/modules/
Packages with files in /usr/lib/modules/ depend on the current kernel, thus they should not be updated.
|
| |
|
|
|
| |
- if a folder listed in the associative array ends with a "/",
recursively apply chmod and chown.
|
| | |
|
| |
|
|
|
|
| |
Forks may not have access to secure runners. Restrict build:secure to https://gitlab.archlinux.org/archlinux/archiso/ only.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/106 .
|
| |
|
|
| |
Some mksquashfs runs take a very long time and 1000 seconds might not be enough.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
EROFS, like Squashfs, is a read-only file system. It can be used to store airootfs in an image file.
Its advantage is the support for POSIX ACLs. EROFS downside is that currently it only supports LZ4 compression (LZMA support is not yet fully implemented).
A difference from Squashfs is that, EROFS stores change time (ctime) not modification time (mtime). The reverse is true for Squashfs.
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/59
|
| |
|
|
| |
Remove /run/archiso/bootmnt directory if nothing is mounted there. An empty directory is just confusing.
|
| |
|
|
|
|
|
|
| |
configs/releng/packages.x86_64:
Add usbmuxd to list of packages, so that users have the option to use iOS devices out-of-the-box for data connection
during installation.
Fixes #99
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
haveged was added 8 years ago[1] to increase entropy and presumably to
prevent entropy starvation.
A few things has changed since, most notable:
* the kernel actively tries to add entropy (jitter entropy)[2][3][4][5]
* /dev/random no longer blocks after CRNG initialization[6][7]
[1] d7e790d ("Initialize pacman keyring on bootup")
[2] https://github.com/torvalds/linux/commit/3f2dc2798b81531fd93a3b9b7c39da47ec689e55
[3] https://github.com/torvalds/linux/commit/50ee7529ec4500c88f8664560770a7a1b65db72b
[4] https://lore.kernel.org/lkml/alpine.DEB.2.21.1909290010500.2636@nanos.tec.linutronix.de/T/
[5] https://lwn.net/Articles/800509/
[6] https://github.com/torvalds/linux/commit/30c08efec8884fb106b8e57094baa51bb4c44e32
[7] https://lwn.net/Articles/808575/
Fix #98
|
| |
|
|
|
|
| |
`du --block-size=MiB` (and `du -m`) returns mebibytes not megabytes.
Additionally, shorten the du command. `du --block-size=MiB` is the same as `du -m`.
|
| |
|
|
|
| |
CHANGELOG.rst:
Add file to track changes (at least for v51).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
.gitlab/ci/build-host.sh:
Set shebang to /usr/bin/env bash to be more portable/flexible.
Turn all posix statements ([]) to bash style statements ([[]]), as we are using bash.
Terminate the list of parameters to rm or cp with --.
Replace the implementation of finding a local ISO to use with one that relies on a sorted list of potential images.
Use virtio-net-pci for networking with qemu.
Set the cow_spacesize to 4G for the archiso environment.
Use --needed in the call to pacman to not re-install already up-to-date targets.
Attempt a full system upgrade (but ignore the kernel).
Increase the timeout for when installing packages to the archiso environment using pacman to 120s, as a system upgrade
is being done as well.
Use systemctl poweroff -i to shut down the virtual machine as it is more future proof and robust.
|
| |
|
|
|
|
|
|
|
|
| |
.gitlab-ci.yml:
Add a build stage to the gitlab CI, that facilitates the scripts below .gitlab/ci/, building the baseline and releng
profiles in parallel.
Distinguish the use-case in which builds are done for master, schedules and tags in a secure environment and any other
where builds just have to be fast (for ensuring nothing is broken).
Use MiB as block size for the du call when generating data for the metrics file.
|
| |
|
|
|
| |
Makefile:
Add scripts below .gitlab/ci/ to the lint target of the Makefile.
|
| |
|
|
|
|
|
|
|
|
| |
.gitlab/ci/build-host.sh:
Add script to be run in a container with access to qemu.
It is a slight modification of arch-boxes' build-host.sh script to cater to the specific archiso requirements.
.gitlab/ci/build-inside-vm.sh:
Add script to be run in virtualized environment, established by build-host.sh.
This script builds the actual archiso profiles and creates checksum for the resulting image files.
|
| |
|
|
|
|
| |
This finally removes customize_airootfs.sh from releng.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
|
| |
|
|
|
|
|
|
|
| |
airootfs after they run
This works around https://bugs.archlinux.org/task/49347 .
Leaving the hooks in the airootfs image will result in it being run when pacstrap is run in the live environment. This should not happen as they are intended for the ISO build process only.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/91 .
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
are applied
- Apply overrides before validating the options.
- Parse all paths with realpath. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/84 .
|
| | |
|
| | |
|
| |
|
|
| |
inspired by https://wiki.archlinux.org/index.php/Archiso#Prepare_an_ISO_for_an_installation_via_SSH
|
| | |
|
| |
|
|
|
|
|
|
|
| |
customize_airootfs.sh to a pacman hook
After pacman-mirrorlist is installed, /etc/pacman.d/hooks/uncomment-mirrors.hook will run a sed command which uncomments all Server lines in /etc/pacman.d/mirrorlist.
This brings us another step closer to the complete removal of customize_airootfs.sh.
Related to https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
|
| |
|
|
|
|
|
|
|
|
|
| |
Booting via PXE we want to keep our DNS configuration. So remove
/etc/resolv.conf in new root before copying the current file.
Without this systemd-resolved fallback nameservers are used and we see an
error message when the root ships a symbolic link to systemd-resolved's
stub-resolv.conf:
cp: not writing through dangling symlink '/new_root/etc/resolv.conf'
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To date the iso version was used for iso volume information and iso file name.
In my custom builds I do use it a lot more:
* Inside the root fs: The system knows about its own version. I use this to:
-> report the version to a server (poor man's inventory)
-> let the system update itself
* On the iso fs: The files are served via rsync, running systems transfer
version file first to check for available update.
* A grub environment file on the iso fs: Booting the iso from grub allows
to create cow directory per version:
loopback loop archlinux.iso
load_env -f (loop)/arch/grubenv
linux (loop)/arch/boot/x86_64/vmlinuz-linux ... \
cow_directory=archlinux/${VERSION} ...
So let's just create these files.
|
| | |
|
| | |
|
| |
|
|
| |
Co-authored-by: nl6720 <nl6720@gmail.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Usage: Launch run_archiso.sh -v ..., and then use a VNC viewer
(e.g. from https://wiki.archlinux.org/index.php/List_of_applications/Internet#Remote_desktop)
to connect (typically to `localhost`) on the default VNC port (5900).
This enables using run_archiso in a "headless" session; e.g. when SSH logged in
to the CLI of a VM, without a local display attached. This is handy e.g. when
playing https://en.wikipedia.org/wiki/Inception and running an archlinux*.iso
on any non-Arch (say Fedora workstation), on which one built a new ISO, that you
then "run_archiso", inside which you could build another ISO, which you could
itself start inside the nested VM... ;-)
Jokes apart, this could also be used to run automated CI/CD tests of the built ISO,
which is particularly interesting in combination with the cloud-init support;
see https://wiki.archlinux.org/index.php/Cloud-init.
see https://bugs.archlinux.org/task/69142
|
| | |
|
| |
|
|
| |
See https://lists.archlinux.org/pipermail/arch-devops/2020-December/000474.html .
|
| |
|
|
|
|
| |
file path
Fixes https://bugs.archlinux.org/task/68803 .
|
| |
|
|
|
|
|
|
|
|
|
| |
archiso/mkarchiso:
Make sure to always compare absolute paths in `_make_custom_airootfs()` (as `realpath` is used).
Remove `echo` calls that prevent the setting of actual file ownerships and modes.
configs/releng/profiledef.sh:
Set file mode of /root/.automated_script.sh to 755.
Fixes #82
|
| |
|
|
|
|
| |
This gets rid of the duplicate ldlinux.c32 and the useless isolinux.cfg which only points to syslinux.cfg.
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/46 .
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
profiledef.sh can now contain an associative array called file_permissions which can be used to set custom ownership and mode of custom airootfs files. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and access mode.
For example:
file_permissions=(
["/etc/shadow"]="0:0:400"
)
This means that mkarchiso now copies airootfs files (and directores) without permissions and anything that should be owned by a user other than root and/or if the mode should be something other than 644 for files and 755 for directories must to be listed in ${file_permission[@]} in profiledef.sh.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/61 .
|
| | |
|
