[Bug 1983521] Re: [SRU] Manually blacklist DKMS modules for Ubuntu Studio builds
Simon Quigley
1983521 at bugs.launchpad.net
Thu Aug 4 00:16:33 UTC 2022
** Merge proposal unlinked:
https://code.launchpad.net/~tsimonq2/ubuntu/+source/livecd-rootfs/+git/livecd-rootfs/+merge/427786
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1983521
Title:
[SRU] Manually blacklist DKMS modules for Ubuntu Studio builds
Status in livecd-rootfs package in Ubuntu:
Invalid
Status in livecd-rootfs source package in Jammy:
In Progress
Status in livecd-rootfs source package in Kinetic:
Invalid
Bug description:
[Impact and Rationale]
Ubuntu Studio 22.04 is currently uninstallable on systems with Secure
Boot enabled. This is due to the inclusion of two packages,
v4l2loopback-dkms and v4l2loopback-utils. See Ubuntu bug 1983136 and
https://git.launchpad.net/~ubuntustudio-dev/ubuntu-
seeds/+git/ubuntustudio/commit/?id=dd556f0bc548b17f3126732500a1a3c194c9b3d8
for more detailed information.
In livecd-rootfs, if a package is removed from a seed post-release,
newer ISOs still include that package because it was part of the task
at release-time. For Ubuntu Studio 22.04.1, we need to remove those
packages during the creation of the squashfs so they are not included
by default. This bug does not affect 22.10+.
This is done with an install hook, rather than simply blacklisting the
package from being installed. The change is modeled after this recent
commit by Steve Langasek: https://git.launchpad.net/livecd-
rootfs/commit/?id=941cd3c64aab7b2ada33399d9b08b8a785d3d957
This is being split into a separate bug to fast-track the change. Only
a respin of Ubuntu Studio should be required.
[Test Case]
I have tested these changes locally prior to uploading them, by
running the following commands in the live-build directory:
$ export PROJECT="ubuntustudio-dvd" && export ARCH="amd64" && export SUITE="jammy"
$ env PROJECT=$PROJECT SUBPROJECT=$SUBPROJECT ARCH=$ARCH SUITE=$SUITE lb config
$ sudo env PROJECT=$PROJECT SUBPROJECT=$SUBPROJECT ARCH=$ARCH lb build
$ sudo env PROJECT=$PROJECT SUBPROJECT=$SUBPROJECT ARCH=$ARCH lb binary
$ mkdir -pv ~/ubuntu/iso && sudo mount -t iso9660 -o loop /PATH/TO/STUDIO/JAMMY/DAILY.iso ~/ubuntu/iso
$ mkdir -pv ~/ubuntu/iso_custom && tar cf - ~/ubuntu/iso | (cd ~/ubuntu/iso_custom; tar xfp -)
After the ISO is completely done, you should be able to boot it on a
Secure Boot system once again. Just a basic boot and install smoke
test on that particular hardware type.
[Where problems could occur]
If Bash or apt itself is SRUed, or if the project name for Ubuntu
Studio changes in livecd-rootfs, problems may occur with unexpected
behavior. Otherwise, the package may find another way to sneak itself
onto the ISO in the future.
The code block format can be seen all over that part of the file, so
it's not much of a hack. In fact, this code block is safer, because it
ensures that the hook is marked as executable.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1983521/+subscriptions
More information about the foundations-bugs
mailing list