Possibility of accepting a network-based installer of Ubuntu as an official flavor?

Aaron Rainbolt arraybolt3 at ubuntu.com
Fri Feb 24 20:20:25 UTC 2023 

On 2/24/23 11:51, Dan Bungert wrote:
>>> On Fri, 24 Feb 2023 at 04:54, Aaron Rainbolt <arraybolt3 at ubuntu.com> wrote:
>>>> I've seen more than one person annoyed by the fact that the mini.iso
>>>> netinstaller is no more.
>>>> The "flavor" would be able to be held in a
>>>> very small ISO file (preferably CD sized), and it would download and
>>>> install all of the packages that make up the Ubuntu system at runtime.
>>>> This would allow a user to install Ubuntu or any desired flavor thereof
>>>> using a single installation medium, rather than having to flash an ISO
>>>> every time they want to make a drive install a different flavor. The new
>>>> installation would be entirely up-to-date from the get-go, and it would
>>>> enable the use of existing small storage media for those users who don't
>>>> have sufficiently sized optical discs or flash drives.
> Hi Aaron,
>
> As Lukasz mentioned, I've been looking at relevant things, and expect that we
> can have the first version of ubuntu-mini-iso running this cycle.  I missed
> feature freeze, so I'll be filing that exception :).
>
> Lukasz wrote a perfect summary of the work so far, so I'll quote it here:
>>> The ubuntu-mini-iso is a small bootable iso that can be either
>>> downloaded and used on a CD/USB-drive or even via UEFI HTTP that
>>> brings up a dynamic TUI menu of what Ubuntu images you want to
>>> download/install to your target system. It uses simplestreams to
>>> select which images, so it'll be quite customizable regarding the
>>> selection. The difference is that it then downloads the
>>> iso-of-interest into memory and chain-boots into it, allowing the
>>> installation of any image as one would normally do. This has some
>>> limitations of course, since it needs sufficiently enough RAM.
> So I think that will address much of what you were aiming for.
>
> Size: the bootleg builds I'm doing of this are around 140 MiB, I expect the
> official builds to produce a similar answer.  It could potentially be smaller,
> the size today is dominated by use of the existing Ubuntu initrd with a few
> things added on top. (compare to the size of /boot/initrd.img)
>
> Download at runtime: ubuntu-mini-iso achieves this by presenting a menu of ISOs
> that we could download, then with the user selection, reserving some memory,
> downloading that ISO, and then kexecing to it.

This makes good sense to me. The concern I'm noticing here is that 
Secure Boot activates a kernel lockdown mode that prohibits kexec. One 
workaround may be to have the user choose the release of Ubuntu to 
install at a GRUB menu so that a pre-existing kernel and initrd can be 
loaded, but this would bloat the ISO and complicate its use.

Another possible solution might be to use mokutil to disable Secure Boot 
verification in the shim (essentially turning Secure Boot off without 
needing to get the BIOS involved), then rebooting the system. Then 
Secure Boot can be re-enabled with mokutil and then the ISO downloaded 
and kexec'd. When the user finishes installation and reboots, Secure 
Boot will be active again. This might complicate things with third-party 
drivers though.

Perhaps we just live with no Secure Boot support?

> ISOs in the menu: there is a casper hook that downloads simplestream json data
> and hands it to the menu application, a small ncurses app that analyzes the
> json, finds what ISOs to offer, and does so.  The user chooses an entry from
> the menu, that info is handed back to the casper scripts, which download it and
> we chain boot.
>
> That menu could be extended for Flavors support, perhaps conceptually similar
> to how flavors are shown today on https://releases.ubuntu.com/.  The relevant
> code is at: https://github.com/canonical/mini-iso-tools
> It's not necessary to build an ISO to start playing with the menu, if you
> download that, get the dependencies installed, `make run`, and you can see what
> the menu looks like.
>
> If you're interested to help, Aaron, a good starting point would be to add
> entries to https://github.com/canonical/mini-iso-tools/blob/main/json.c#L27 to
> teach the menu how to read the simplestreams for the flavors.
>
> The existing menu can fit on a single screen, so if we start adding flavors I
> think it will need some nested menu support, but that's achievable.
>
> I have done a hacked test run of having this new mini-iso chainboot to lubuntu
> 22.04.2 and it all works fine.
Nice, sounds awesome. Thank you for the info, and I'll see if I can hack 
on this at some point!
> -Dan

-- 
Aaron Rainbolt
Lubuntu Developer
https://github.com/ArrayBolt3
https://launchpad.net/~arraybolt3
@arraybolt3:lubuntu.me on Matrix, arraybolt3 on irc.libera.chat

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x6169B9B4248C0464.asc
Type: application/pgp-keys
Size: 4853 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20230224/9cae1f50/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20230224/9cae1f50/attachment-0001.sig>

More information about the ubuntu-devel mailing list