| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
ISC stopped maintaining dhclient since early 2022 and advises against its
use in production.
Since the cloud-init package no longer hard-depends on it, it can finally
be removed from the ISO.
|
| |
|
|
|
|
|
|
|
| |
`DownloadUser = alpm` does not appear to be suitable for mkarchiso use
since there is no guarantee that `alpm` user has access to the working
directory.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/232
Fixes: 691c57fc2e6345d0a2fbfffd7b6689b14bb87f7b ("Update pacman.conf for pacman 7")
|
| |
|
|
|
|
|
|
|
|
| |
Adapt enabled services in both baseline and releng profiles to cope with
changes in cloud-init 24.3.
Related-to: https://gitlab.archlinux.org/archlinux/packaging/packages/cloud-init/-/issues/3
Related-to: https://github.com/canonical/cloud-init/pull/5489
Fixes: https://gitlab.archlinux.org/archlinux/archiso/-/issues/236
Signed-off-by: David Runge <dvzrv@archlinux.org>
|
| |
|
|
|
|
|
|
|
|
| |
After adding openbsd-netcat to the list of dependencies for cloud-init,
we have to remove gnu-netcat from the releng profile, as both netcat
implementations conflict with one another.
Related-to: https://gitlab.archlinux.org/archlinux/packaging/packages/cloud-init/-/issues/3
Fixes: https://gitlab.archlinux.org/archlinux/archiso/-/issues/234
Signed-off-by: David Runge <dvzrv@archlinux.org>
|
| |
|
|
|
| |
Add new options from
https://gitlab.archlinux.org/archlinux/packaging/packages/pacman/-/blob/main/pacman.conf
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
"fragments" and "dedupe"
These options are not compatible with multi-threaded compression and
actually increase the image file size.
With this change, the baseline profile's EROFS image file size is
reduced from 488 MiB to 398 MiB.
On my system, the compression time is reduced from about 2m6.274s to
1m59.410s when using erofs-utils built without multi-threaded
compression and to 0m27.883s when using erofs-utils built with
multi-threaded compression.
|
| |
|
|
|
|
|
|
|
|
| |
When a download attempt fails with an HTTP error, the body of the failed
request will be written to the output file with a 0 exit status, causing the
execution of an error message as a script.
This issue is resolved by adding the --fail option to curl.
Co-authored-by: David Runge <dvzrv@archlinux.org>
|
| |
|
|
|
|
| |
The wezterm-terminfo package is replaced by the ncurses package.
Signed-off-by: David Runge <dvzrv@archlinux.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use higher compression for the initramfs.
Now that mkinitcpio moves the compressed kernel modules and firmware
files to the early uncompressed initramfs, we can compress the main
initramfs image slightly more without it increasing the built time too
much. This will increase the memory required for decompression from
9 MiB to 65 MiB (assuming the kernel's decompressor works the same as
the xz tool), but that should not be an issue for any system targeting
Arch.
This reduces the initramfs size by ~250 KiB, which will save ~500 KiB
for the whole ISO.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While using GRUB as the UEFI boot loader has reduced the size of the ISO,
it has brought nothing but pain otherwise:
* We cannot use `gfxterm` since it is not visible on some hardware.
* GRUB has a a strange and nonsensical limitation where the EFI binary
can be built with either support for shim or custom Secure Boot key
support, but not both. This means you cannot repack the ISO to use
shim + MOK since we currently use `--disable-shim-lock` to provide
support for setups with custom keys.
* GRUB's EFI binary needs to be built with `grub-mkstandalone` instead
of there being a ready made EFI binary in the package. This requires
having grub installed on the host system which affects reproducibility.
This increases the size of the ISO since systemd-boot cannot boot files
from other volumes, i.e. the kernel and initramfs is duplicated in the
EFI system partition (the second partition made from `efiboot.img`).
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/227
|
| |
|
|
|
|
|
|
|
|
|
|
| |
`archisosearchuuid=` first searches for a matching UUID. If that fails,
then it mounts and looks for a `/boot/${archisosearchuuid}.uuid` file in
all detected block devices (in whatever order `blkid` lists them).
This implements "file system transposition" without relaying on boot
loader specific features and does not tie us to GRUB anymore.
Related to https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio-archiso/-/merge_requests/48
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/217
|
| |
|
|
|
|
|
|
|
| |
microcode images
This simplifies boot loader configuration, but custom PXE setups will
be forced to update theirs.
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/226
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The zstd tool has now been around for a while, so the availability of
it should not be a concern anymore.
Unlike gzip which was used until now, zstd offers higher compression
while still being faster (and multi-threaded).
The `--auto-threads=logical` option is used just so that there is some
difference between the releng and baseline profiles.
Everyone using the official Arch Linux bootstrap tarball (previously
`archlinux-bootstrap-YYYY.MM.DD-x86_64.tar.gz` or
`archlinux-bootstrap-x86_64.tar.gz`) will need to update their scripts
and etc. to use `archlinux-bootstrap-YYYY.MM.DD-x86_64.tar.zst` or
`archlinux-bootstrap-x86_64.tar.zst` instead.
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/130
|
| |
|
|
|
|
| |
Create a boot entry for Memtest86+.
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/228
|
| |
|
|
|
|
|
| |
* bootstrap will use .tar.zst with `zstd -c -T0 --long -19`,
* releng will retain .tar.gz with `gzip -cn9` for now.
This will later be changed as part of https://gitlab.archlinux.org/archlinux/archiso/-/issues/130.
|
| |
|
|
|
|
|
|
| |
Starting with kernel 6.7, the releng ISO exceeds 900 MiB which is the
maximum size of a CD.
Adjust the description to say "DVD" instead.
Closes https://gitlab.archlinux.org/archlinux/archiso/-/issues/144
|
| |
|
|
|
|
|
|
|
| |
Currently the ldns package is pulled in as a dependency of openssh, but
that dependency may be gone in the future.
See https://gitlab.archlinux.org/archlinux/packaging/packages/openssh/-/issues/2
Explicitly include ldns to ensure the live environment will continue to
have `drill`.
|
| |
|
|
|
|
|
|
|
|
|
| |
By default systemd-networkd-wait-online.service considers a network
connection to be "online" when it has reached the "degraded" state
(see networkctl(1) for the definitions).
Since "degraded" does not ensure there's a routable address, let's
change the connection's requirement to "routable" instead.
This gives a better chance that the network really is online when
network-online.target is reached.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Make sure the ISO can be booted successfully without triggering questions from systemd-firstboot.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/205
Fixes: 6e1be91961967a6485901ac431f6f6b06675b750 ("archiso/mkarchiso: write "uninitialized" to /etc/machine-id")
|
| |
|
|
|
|
|
|
|
| |
See https://www.supergrubdisk.org/wiki/Loopback.cfg for details.
Only `${iso_path}` is guaranteed, so we need to search for the volume,
on which the ISO file resides, ourselves.
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/165
|
| |
|
|
|
|
|
|
|
|
| |
Construct a human readable platform identifier from GRUB's built-in
variables and use it in menu item descriptions.
Only add the menu entries for the additional tools (UEFI shell,
Memtest86+) if the files exist.
Modify baseline's `grub.cfg` to closer match releng.
|
| |
|
|
|
| |
Move the `play` command to the end of the file so it plays after the
menu entries are shown and ready.
|
| |
|
|
|
|
| |
* Do not manually load modules that will get loaded by invoking a command.
* Explicitly load serial modules.
* Move `insmod all_video` after the font is loaded.
|
| |
|
|
|
|
|
| |
bolt can be used to list and authorize Thunderbolt and USB4 devices.
Inspired by https://bbs.archlinux.org/viewtopic.php?id=288731 where a
user needed to install the package in the live environment.
|
| |
|
|
|
| |
As opgpcard uses pcsclite and gnupg is able to use it as well, switch
away from using gnupg's internal ccid driver.
|
| | |
|
| |
|
|
|
|
|
|
| |
The only changes we make to the default are to enable root login via a
password.
While `PasswordAuthentication yes` is the default, let's set it
explicitly to avoid potential issues in the future.
|
| |
|
|
|
|
|
|
| |
openssh 9.4p1-2 changed /etc/ssh/sshd_config to add support for
drop-in files in /etc/ssh/sshd_config.d/.
Using drop-in files avoids needing to keep up with changes to the
default /etc/ssh/sshd_config.
|
| |
|
|
|
| |
The tools are useful for clearing, creating and reading keys and etc.
on the TPM.
|
| |
|
|
|
|
| |
Since systemd 245, IPv6PrivacyExtensions can be set not just per
connection, but also globally for all connection with a configuration
file in /etc/systemd/network.conf.d/.
|
| |
|
|
|
|
|
|
|
| |
tmpfs with noswap option
Since tmpfs has a `noswap` option, use it instead of ramfs. Unlike
ramfs, tmpfs has a limit to its size.
This reverts commit 09b0428128700f37bd465eb54c6e45f69c17617d ("configs/releng/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount: use ramfs").
|
| |
|
|
|
|
| |
unused options
Set only the custom values for HOOKS and COMPRESSION.
|
| |
|
|
| |
This allows to retain a pristine /etc/mkinitcpio.conf in the rootfs.
|
| |
|
|
| |
Additionally fix a few code style issues found with shfmt.
|
| |
|
|
|
|
|
| |
Update pacman.conf to match the one shipped with pacman 6.0.2-7.
The community repository is gone. See
https://archlinux.org/news/git-migration-completed/
|
| | |
|
| |
|
|
|
| |
Add foot-terminfo and wezterm-terminfo packages to allow using their
terminfo entries for installations via SSH.
|
| |
|
|
|
|
|
| |
Relying on the volume UUID instead of its LABEL avoids collisions of
multiple ISOs created in the same month.
Fixes #202
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| | |
By Zig Globulin
* origin/merge-requests/235:
wait for networkd online before curl invocation
See merge request https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/235
|
| | |
| |
| |
| |
| |
| |
| | |
1) wait for network-online.target before invoking curl
as there's no synchronization with network setup for this script
2) don't hide curl errors - it may be easier to debug the issues
3) add log and comments
|
| |/
|
|
|
|
|
|
| |
* Use LZMA extreme compression level,
* enable experimental compressed fragments feature to create a smaller image,
* enable experimental data deduplication.
This decreases the baseline profile's `airootfs.erofs` size by about ~16 MiB.
|
| |
|
|
|
|
|
| |
configs/{baseline,releng}/grub/grub.cfg:
Use `console` as grub's `terminal_output`, as with `gfxterm` only a blank screen is shown on some hardware.
Fixes #212
|
| |
|
|
|
|
|
|
|
| |
Use the shorter and more nicer looking `UUID=` *tags* instead of the
`/dev/disk/by-uuid/` paths.
This requires mkinitcpio-archiso v68.
Related to #202
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
To prevent the file from being accidentally missed when someone copies
the ISO's contents, let's not place it in a directory that starts with a
dot. Since all GRUB related files are in /boot/grub/, put it there too.
Instead of using a more unique UUID for the file name, use
`YYYY-mm-dd-HH-MM-SS-00.uuid` which matches the ISO's modification date
in UTC,i.e. its "UUID". If multiple ISOs would be generated in the exact
same second, the ISO 9660 modification date (i.e. its "UUID") would be
the same, so there would be not way to distinguish between the volumes
anyway. This also makes the file look less suspicious to the casual
glance.
|
| |
|
|
|
|
|
|
| |
embedded grub.cfg
The `grub.cfg` embedded in the GRUB binaries already sets `ARCHISO_HINT`
and `ARCHISO_UUID` in most cases. To avoid performing the same searches
multiple times, use the existing variables.
|
| |
|
|
| |
Ensure the **correct** date is used in `iso_label` and `iso_version`.
|
