[Merge] ~codyshepherd/livecd-rootfs/+git/livecd-rootfs:buildd-bootable/xenial into livecd-rootfs:ubuntu/xenial
Steve Langasek
steve.langasek at canonical.com
Thu Sep 3 19:28:26 UTC 2020
Diff comments:
> diff --git a/live-build/buildd/hooks/02-disk-image-uefi.binary b/live-build/buildd/hooks/02-disk-image-uefi.binary
> new file mode 100755
> index 0000000..35208c7
> --- /dev/null
> +++ b/live-build/buildd/hooks/02-disk-image-uefi.binary
> @@ -0,0 +1,162 @@
> +#!/bin/bash -eux
> +
> +case $ARCH in
> + amd64)
> + ;;
> + *)
> + echo "We don't create EFI images for $ARCH."
> + exit 0
> + ;;
> +esac
> +
> +IMAGE_STR="# BUILDD_IMG: This file was created/modified by the Buildd Image build process"
> +FS_LABEL="buildd-rootfs"
> +
> +. config/binary
> +
> +. config/functions
> +
> +create_partitions() {
> + disk_image="$1"
> + sgdisk "${disk_image}" --zap-all
> + case $ARCH in
> + arm64)
> + sgdisk "${disk_image}" \
> + --new=15:0:204800 \
> + --typecode=15:ef00 \
> + --new=1:
> + ;;
> + amd64)
> + sgdisk "${disk_image}" \
> + --new=14::+4M \
> + --new=15::+106M \
> + --new=1::
> + sgdisk "${disk_image}" \
> + -t 14:ef02 \
> + -t 15:ef00
> + ;;
> + esac
> + sgdisk "${disk_image}" \
> + --print
> +}
> +
> +create_and_mount_uefi_partition() {
> + uefi_dev="/dev/mapper${loop_device///dev/}p15"
> + mountpoint="$1"
> + mkfs.vfat -F 32 -n UEFI "${uefi_dev}"
> +
> + mkdir -p "${mountpoint}"/boot/efi
> + mount "${uefi_dev}" "$mountpoint"/boot/efi
> +
> + cat << EOF >> "mountpoint/etc/fstab"
> +LABEL=UEFI /boot/efi vfat defaults 0 0
> +EOF
> +}
> +
> +install_grub() {
> + mkdir mountpoint
> + mount_partition "${rootfs_dev_mapper}" mountpoint
> +
> + create_and_mount_uefi_partition mountpoint
> +
> + echo "(hd0) ${loop_device}" > mountpoint/tmp/device.map
> + mkdir -p mountpoint/etc/default/grub.d
> + efi_boot_dir="/boot/efi/EFI/BOOT"
> + chroot mountpoint mkdir -p "${efi_boot_dir}"
> +
> + #if [ "${SUBPROJECT:-}" = minimized ] && [ -n "$partuuid" ]; then
> + if [ -n "$partuuid" ]; then
> + echo "GRUB_FORCE_PARTUUID=$partuuid" >> mountpoint/etc/default/grub.d/40-force-partuuid.cfg
> + fi
> +
> + chroot mountpoint apt-get -y update
> +
> + # The modules below only make sense on non-Secure Boot UEFI systems.
> + # Otherwise, with Secure Boot enabled GRUB will refuse to load them.
> + # Any modules already in debian/build-efi-images do not need to be listed.
> + # Furthermore, other modules such as terminal, video_* and efi_* are all
> + # already available.
> + case $ARCH in
> + arm64)
> + chroot mountpoint apt-get -qqy install --no-install-recommends grub-efi-arm64 grub-efi-arm64-bin
> + grub_modules="serial"
thanks; I guess that makes it a side-port rather than a backport. Reviewed in that context, it looks reasonable, except:
case $ARCH in
- amd64)
+ amd64|arm64)
Is there a reason to diverge and not enable EFI builds on arm64? Are these buildd images expected to be amd64-only?
> + efi_target=arm64-efi
> + ;;
> + amd64)
> + chroot mountpoint apt-get install -qqy grub-pc
> + chroot mountpoint apt-get install -qqy shim-signed
> + grub_modules="multiboot serial usb usb_keyboard"
> + efi_target=x86_64-efi
> + ;;
> + esac
> +
> + cat << EOF >> mountpoint/etc/default/grub.d/50-cloudimg-settings.cfg
> +${IMAGE_STR}
> +# For Cloud Image compatability
> +GRUB_PRELOAD_MODULES="${GRUB_PRELOAD_MODULES:-$grub_modules}"
> +EOF
> +
> + # This call to populate the package manifest is added here to capture
> + # grub-efi packages that otherwise would not make it into the base
> + # manifest. filesystem.packages is moved into place via symlinking to
> + # livecd.ubuntu-cpc.manifest by live-build/auto/build after lb_binary runs
> + create_manifest "mountpoint" "binary/boot/filesystem.packages"
> +
> + chroot mountpoint grub-install "${loop_device}" \
> + --boot-directory=/boot \
> + --efi-directory=/boot/efi \
> + --target=${efi_target} \
> + --removable \
> + --uefi-secure-boot \
> + --no-nvram \
> + --modules="${grub_modules}"
> +
> + if [ -f mountpoint/boot/efi/EFI/BOOT/grub.cfg ]; then
> + sed -i "s| root| root hd0,gpt1|" mountpoint/boot/efi/EFI/BOOT/grub.cfg
> + sed -i "1i${IMAGE_STR}" mountpoint/boot/efi/EFI/BOOT/grub.cfg
> + # For some reason the grub disk is looking for /boot/grub/grub.cfg on
> + # part 15....
> + chroot mountpoint mkdir -p /boot/efi/boot/grub
> + chroot mountpoint cp /boot/efi/EFI/BOOT/grub.cfg /boot/efi/boot/grub
> + fi
> +
> + if [ "$ARCH" = "amd64" ]; then
> + # Install the BIOS/GPT bits. Since GPT boots from the ESP partition,
> + # it means that we just run this simple command and we're done
> + chroot mountpoint grub-install --target=i386-pc "${loop_device}"
> + fi
> +
> + divert_grub mountpoint
> + chroot mountpoint update-grub
> + replace_grub_root_with_label mountpoint
> + undivert_grub mountpoint
> +
> + chroot mountpoint apt-get -y clean
> +
> + rm mountpoint/tmp/device.map
> + umount mountpoint/boot/efi
> + mount
> + umount_partition mountpoint
> + rmdir mountpoint
> +}
> +
> +disk_image=binary/boot/disk-uefi.ext4
> +
> +create_empty_disk_image "${disk_image}"
> +create_partitions "${disk_image}"
> +mount_image "${disk_image}" 1
> +
> +partuuid=$(blkid -s PARTUUID -o value "$rootfs_dev_mapper")
> +
> +# Copy the chroot in to the disk
> +make_ext4_partition "${rootfs_dev_mapper}"
> +mkdir mountpoint
> +mount "${rootfs_dev_mapper}" mountpoint
> +cp -a chroot/* mountpoint/
> +umount mountpoint
> +rmdir mountpoint
> +
> +install_grub
> +
> +clean_loops
> +trap - EXIT
> diff --git a/live-build/buildd/hooks/49-empty-resolv-conf.binary b/live-build/buildd/hooks/49-empty-resolv-conf.binary
> new file mode 100755
> index 0000000..df4a9b9
> --- /dev/null
> +++ b/live-build/buildd/hooks/49-empty-resolv-conf.binary
> @@ -0,0 +1,4 @@
> +#!/bin/sh
> +set -e
> +
> +chroot chroot truncate -s 0 /etc/resolv.conf
You say it didn't crop up in later LTS, but this hook *does* exist in later series, but with different contents:
$ git diff ubuntu/bionic..codyshepherd/buildd-bootable/xenial -- live-build/buildd/hooks/49-empty-resolv-conf.binary
diff --git a/live-build/buildd/hooks/49-empty-resolv-conf.binary b/live-build/buildd/hooks/49-empty-resolv-conf.binary
index a6f97526..df4a9b9a 100755
--- a/live-build/buildd/hooks/49-empty-resolv-conf.binary
+++ b/live-build/buildd/hooks/49-empty-resolv-conf.binary
@@ -1,3 +1,4 @@
-#!/bin/sh -e
-chroot chroot rm /etc/resolv.conf
-chroot chroot touch /etc/resolv.conf
+#!/bin/sh
+set -e
+
+chroot chroot truncate -s 0 /etc/resolv.conf
$
So my question is, why is the implementation different? The two implementations *appear* to be functionally equivalent, so I don't see why we would use a different implementation than what's already in bionic.
> diff --git a/live-build/buildd/hooks/52-linux-virtual-image.binary b/live-build/buildd/hooks/52-linux-virtual-image.binary
> new file mode 100755
> index 0000000..6f5d5c0
> --- /dev/null
> +++ b/live-build/buildd/hooks/52-linux-virtual-image.binary
> @@ -0,0 +1,83 @@
> +#!/bin/bash -eux
> +# vi: ts=4 expandtab
> +#
> +# Generate linux-virtual image
> +#
> +
> +case $ARCH in
> + amd64)
> + ;;
> + *)
> + echo "We don't build bootable Buildd images for $ARCH."
> + exit 0
> + ;;
> +esac
> +
> +echo "Building bootable Buildd image"
> +
> +IMAGE_STR="# BUILDD_IMG: This file was created/modified by the Buildd Image build process"
> +
> +. config/functions
> +
> +mount_d=$(mktemp -d)
> +
> +create_derivative uefi linux-virtual #sets $derivative_img
> +mount_disk_image $derivative_img $mount_d
> +
> +# unmount disk image and remove created folders on exit
> +# even though we unmount manually before we convert to
> +# qcow2, we have this here just in case we error out before
> +# that step
> +cleanup_linux_virtual() {
> + if [ -d "$mount_d" ]; then
> + umount_disk_image "$mount_d"
> + fi
> + rm -rf $mount_d $derivative_img
> +}
> +trap cleanup_linux_virtual EXIT
> +
> +env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \
> + update --assume-yes
> +
> +# Perform a dist-upgrade to pull in -security and other pockets
> +env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \
> + dist-upgrade --assume-yes
> +
> +# Install dependencies
> +env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \
> + install -y --install-recommends bind9 busybox-initramfs cloud-init dbus \
> + ifupdown initramfs-tools locales lsb-release \
> + openssh-server resolvconf sudo snapd udev
Here's the specific delta:
env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \
- install -y lsb-release locales initramfs-tools busybox-initramfs \
- udev dbus netplan.io cloud-init openssh-server sudo snapd
+ install -y --install-recommends bind9 busybox-initramfs cloud-init dbus \
+ ifupdown initramfs-tools locales lsb-release \
+ openssh-server resolvconf sudo snapd udev
+
adding "--install-recommends" doesn't seem very minimal.
bind9 is also not very minimal, and I wouldn't expect to see it in buildd images; why is it added?
The other additions seem reasonable to me.
> +
> +# Enable console output
> +cat >> $mount_d/etc/default/grub.d/50-buildd-settings.cfg << EOF
> +${IMAGE_STR}
> +GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0"
> +EOF
> +
The above is also a delta vs bionic, and doesn't make sense to me as a per-series delta; can you explain?
> +# Install a kernel
> +divert_grub "$mount_d"
> +env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \
> + install --assume-yes linux-image-virtual
> +env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \
> + autoremove --purge --assume-yes
> +
> +chroot "$mount_d" update-grub
> +undivert_grub "$mount_d"
> +
> +# Update initramfs image
> +chroot "$mount_d" \
> + sh -c 'update-initramfs -c -v -k $(ls /boot/vmlinuz*generic | sed 1q | cut -d- -f2-3)'
> +
> +# Cleanup
> +env DEBIAN_FRONTEND=noninteractive chroot "$mount_d" apt-get \
> + clean
> +
> +create_manifest $mount_d "livecd.$PROJECT.disk-linux-virtual.manifest"
> +
> +# unmount disk image to prevent corruption
> +# and remove it so the trap doesn't try to unmount it again
> +umount_disk_image $mount_d
> +rm -rf $mount_d
> +
> +convert_to_qcow2 $derivative_img "livecd.$PROJECT.disk-linux-virtual.img"
--
https://code.launchpad.net/~codyshepherd/livecd-rootfs/+git/livecd-rootfs/+merge/378975
Your team Ubuntu Core Development Team is subscribed to branch livecd-rootfs:ubuntu/xenial.
More information about the Ubuntu-reviews
mailing list