Virtual machines easily get starved for randomness, and Anaconda insists
on sufficient amounts of entropy when the user requests LUKS disk
encryption. As a result, such installations can hang until Anaconda gives
up (after 10 minutes) and makes do with whatever entropy is available.
The virtualization host can feed randomness to the guest, unblocking the
installation. However, the guest can only consume that randomness through
the virtio-rng module. Let's not remove that module.
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Brian C. Lane <bcl@redhat.com>
Resolves: rhbz#1179000
As of fedora kernel kernel-3.17.4-302.fc21 aarch64 can sort out what to
use for the console on its own, so drop the console= from the aarch64
grub2-efi.cfg template.
Older versions of petitboot don't understand the for loop and won't
boot. We also don't shipt 32 bit media anymore so there is no reason
for this to remain.
To make it easier for users to add product and updates images look for
any packages that provide lorax-product-* or lorax-updates-*
Related: rhbz#1155228
This reverts commit bc9b40f18f.
anaconda-21.48.14-1 will revert to the below behavior, so remove the virtual
provide that was added for F21 Alpha/Beta.
You must include a repo in your installation environment that has an id
matching the lower case first part of your product name when split at the '-'
character.
If you don't do that closest mirror will not work.
For Fedora products this means including ONE repo with an id of
'fedora'.
With these templates if a package has installed files in
/usr/share/lorax/product or /usr/share/lorax/updates/ they will be used
to create product.img and/or updates.img which will be included in the
images/ directory of the iso and of the final output tree.
These can be used to customize the installation environment or provide
updates. See README.product for current documentation.
We started including it as an unintended side-effect of commit 9ca487f8.
lvm doesn't like it when there are multiple 'global' sections in lvm.conf,
and we add one right at the end of that block. We expect ours to be the
file's only content.
The help content path has been changed to /usr/share/anaconda/help,
so this Lorax change is no longer needed.
This reverts commit 2bd4637336 and commit 05ebf4ffcd.
We have shim and grub working together on aarch64 now, so we may as well
use them.
(this also makes the case of boot${arch}.efi not mixed-case, which
should guarantee it's in FAT rather than VFAT...)
Related: rhbz#1100048
Signed-off-by: Peter Jones <pjones@redhat.com>
A string passed to runcmd cannot contain a pipe character. So instead
of further find magic, I'm just going to move the directory out of the
way, take care of the deletion, and then move it back.
at-spi is the old accessibility library, deprecated in these gtk3 times
by at-spi2-atk. at-spi-corba has been replaced with atk-bridge.
at-spi2-atk is a dependency of gtk3, so there's no need to explicitly
add it.
This is a virtual provides that should install the product specific yum
repo files in /etc/yum.repos.d/ with the one matching the product name
enabled. Eg. fedora-server.repo with an id of fedora-server and
enabled=1
Anaconda will then use this repository when 'Closest Mirror' is selected
as the installation source.
Signed-off-by: Brian C. Lane <bcl@redhat.com>
The installation from DVD on s390x needs setting the target disks and
network information that are usually set by editing the generic.prm file.
By including the "rd.cmdline=ask" parameter dracut will open a simple
dialog so the user can enter the required information.
Update the templates and configuration files to support grub2 live
image creation.
Related: rhbz#1102318
Related: rhbz#1131199
(cherry picked from commit da8326fd58)
The ppc config files were missing from the live config_files directory
and ppc needs the correct lib directory so lmc has been switched to use
ArchData driven from the installed kernel arch.
Resolves: rhbz#1102318
(cherry picked from commit 59f256e989)
This reverts commit f3f2aa4851.
The addon does not currently work, reverting it until it does and has
been tested so that it doesn't block further Fedora work by breaking the
installer iso.
The settings in /apps/metacity/general are now covered by gsettings in
org.gnome.desktop.wm.preferences. The keybinding settings are already
covered by the overrides for org.gnome.desktop.wm.keybindings.
Spaces cause various bugs like #923374 and #855849 , and it would be
better if we just didn't use them.
Note that there's a corresponding pungi change to go with this.
Signed-off-by: Peter Jones <pjones@redhat.com>
rpm-ostree is a new payload type available in Anaconda, will be used
by Project Atomic (http://projectatomic.io) builds and the new Fedora
Cloud Docker Host.
dnf has previously existed, but as it's only required at installation
time, let's move it here as well.
Per discussion on the anaconda list, we don't want to pull these in as
a dependency of the "anaconda" package as initial-setup -> anaconda
which means they end up on every system.
mkefiboot uses pylorax.imgutils, in order to capture information about
umount problems it needs to be run with --debug. This triggers the fuser
call to show what is holding the mount open.
Update the templates and config file to better support EFI on aarch64
on 64-bit ARM.
Resolves: rhbz#1067671
Signed-off-by: David A. Marlin <dmarlin@redhat.com>
Signed-off-by: Brian C. Lane <bcl@redhat.com>
Right now, logind reserves tty6 for a login shell, which is not what we
want - normally anaconda puts Xorg there, and there's no need for a
login prompt anyway.
This configures logind to activate "anaconda-shell@.service" when a user
switches to an unused tty, and reserves tty2 for that purpose (which is
where users expect a shell anyway).
This will avoid us having login prompts that users don't know what to do
with. It also probably saves us a little bit of RAM.
Some things need grubby. But they don't want to require them. So we make
sure it is available for other packages to use while building the
images.
Note that it is still removed in the cleanup script, and when installing
a system the grubby used will be the one pulled from the install repo.
Currently, yaboot is the ISO boot loader in fedora and the Fedora on
POWER team is making an effort in order to replace it by GRUB2 in the
F20 release cycle. I'm sending a lorax patch so you guys can comment
on it. I'm planning to create a feature page for that too.
This patch only change the lorax template for ppc and should not
affect other archs, like x86.
--
Paulo Flabiano Smorigo
Software Engineer
Linux Technology Center - IBM Systems & Technology Group
The system-wide spice guest agent, spice-vdagentd, normally uses
systemd-logind to determine which of the per-session spice-vdagent
instances it should be communicating with. On the non-live media, the X
session isn't registered with systemd-logind, so instead start
spice-vdagentd with -X to disable the systemd-logind integration and
serve instead to a single spice-vdagent.
Conditionalize shim and grub2-efi and whatnot on being x86_64 for now -
at some point they'll turn into "efi architectures" and maybe even split
for SB vs not SB, but for now, this is fine.
Signed-off-by: Peter Jones <pjones@redhat.com>
The xkeybard-config .mo files are needed to translate the layout
switching options. The xklavier calls in anaconda will automatically
translate the option strings as long as the translations are present.
In fips mode creation of the protocol 1 key causes it to hang. This
removes the explicit HostKey entries and lets sshd decide which keys to
create when it starts.
Add a command that opens the anaconda.log file located in /tmp
with less. The command is added as the most recently used.
Signed-off-by: Martin Kolman <mkolman@gmail.com>
It's pretty pointless to copy data from /run/log/journal to
/var/log/journal, since both of those are in-memory filesystems.
This should somewhat reduce RAM use during installation.
Resolves this error on s390x:
...
running runtime-install.tmpl
installpkg modutils failed: No package(s) available to install
Looking for extra fedup-dracut packages...
...
dracut tries to build hostonly initrd by default without the nohostonly
package/config; this results in a bunch of error messages about missing
files in proc and sys, and then the resulting initrd doesn't work 'cuz
it doesn't have any drivers for anything.
Make kernel args the same in every config.
Put 'quiet' at the end of the line - it's usually the first thing a user removes when debugging.
Fill missing product versions in.
Distinguish between 'install' (installation media) and 'start' (live media).
The list of ARM platforms was represented as a static list to be
installed in .treeinfo for Beaker support, but as ARM moves to use
the multiplatform kernel the platform specific kernel images will
no longer be needed. This process is beginning in F18 (3.7 kernel)
with HighBank being the first to use the baseline kernel. Due to
this change, there will be no 'highbank' platform images, but Beaker
tries to import all platforms listed in .treeinfo. To avoid errors,
we should dynamically create the list of ARM plaforms, including
only those that are actually provided.
Signed-off-by: David A. Marlin <dmarlin@redhat.com>
For ARM systems that require U-Boot wrapped images,
perform mkimage to create one for 'upgrade.img'.
Signed-off-by: David A. Marlin <dmarlin@redhat.com>
Anaconda runtime is already in memory, no need to use tmpfs here. In
fact use of tmpfs here will overwrite any updates content that was put
in place by dracut.
live media isn't exactly the same as the Anaconda install media. Right
now this amounts to needing a root= cmdline argument but in the future
there may be other differences.
This also reverts 5437557846 on the new copies of the templates.
Using root= overrides the anaconda magic code for finding product.img
and updates.img. Anaconda can find the CDROM itself without needing
root=, though, so we can omit it safely for boot.iso.
The 'systemctl' command can be used to enable, disable, or mask systemd
units inside the runtime being modified. Modify runtime-postinstall.tmpl
to use the 'systemctl' command.
We also no longer remove quota*.service or kexec*.service, since
these aren't enabled by default. And systemd-remount-api-vfs.service
should work correctly now, so we can leave it alone as well.
We need the initramfs around to reboot properly. If it's packed up in
/boot we need this service to unpack it. If it's not there, the service
does nothing, so this patch won't hurt anything.
Also add pigz, which speeds up compression nicely (for use in
anaconda-cleanup-initramfs.service).
Now that the runtime contents remain compressed and aren't always stored
in RAM, it generally takes less RAM to keep these around than to run
'localedef' in anaconda.
This switches us back to the old pre-lorax method for setting up the
locale archive - see e.g. anaconda commit ea71816d
The 'removefrom kbd' line wasn't deleting anything because it was
looking in the wrong place. It was also kind of wordy.
This version should keep the needed binaries and remove the stuff we
don't need, as intended.
iproute's binaries moved to /usr/sbin, so they were *all* getting
removed by the '/usr/*' glob. iscsi's NetworkManager dispatcher script
uses 'ip' so this might be needed for proper iscsi support; at the very
least it quiets some error messages from NM. It's also pretty likely
people's kickstart scripts use 'ip' utility, so we'd better make sure
it's still available.
Remove a bunch of useless 'removefrom' lines that did nothing but cause
"no files to remove!" messages in lorax logs.
- ConsoleKit isn't in the anaconda runtime
- update-gtk-immodules isn't in gtk3
- there's nothing in /usr/share/selinux in selinux-policy-targeted
- zenity doesn't have a /usr/share/omf directory
- libpng moved to libpng15.*; actually removing it breaks the GUI
- pcmciautils' binaries are in /sbin, not /usr/sbin. They're only 7kb,
so let's just keep 'em.
This should have *no effect* on the contents of the runtime images.
A lot of the systemd unit files got moved around due to UsrMove, so
these lines weren't removing the services as expected.
Fix the paths and they all work. This eliminates the "FAILED"
message from systemd-remount-api-vfs.service and plymouth-start.service.
Oh - and the ConsoleKit removal got dropped 'cuz ConsoleKit isn't in the
installer images anymore.
This adds support for creating an appliance description file for the
disk image. Mako templates are used to make it easy to support other
appliance targets. The included example works with virt-image.
We use this to set various sysctl settings, like setting kernel.printk=1
so we don't get the screen all crudded up with kernel messages during
text-mode installs.
There's a small amount of additional metadata required for the Mac boot
images to appear as bootable devices in the startup preferencs, so add
support for generating that.
Signed-off-by: Brian C. Lane <bcl@redhat.com>
Since noloader mounts stuff under /run/install, but anaconda (and
people's scripts etc.) look under /mnt/install, make a symlink so
everything works as expected.
Install the anaconda dracut module during 'install', use it when
rebuilding initramfs, and clean it up afterward.
Also install '.buildstamp' into the initramfs (the anconda module wants
it).
In order for grub to be able to read the kernel regardless of whether
the image is written to a CD or a USB stick, it's necessary to autoprobe
for the filesystem using the findiso command. Add it to the grub config.
The installer no longer has access to the initrd's root. We need to
copy any needed files over to /sysroot before switching root. This
copies *.cfg and *.ks files.
It also adds the ability to add dracut hook scripts to the initramfs
from /usr/share/lorax/dracut_hooks/
This re-adds commit af6d4e2c50 which was
lost during the switch to the treebuilder branch.
This doesn't get rid of the gtk2 stuff yet, though. The intention here is
that you can use this lorax to generate an image containing either the old
anaconda or the newui branch, simply by including a different repo in your
tree composition kickstart file.
Also, it appears that some things in the tree still require gtk2 so we may
be stuck with both for the forseeable future.
If yaboot so much as catches a whiff of a backslash in yaboot.conf, it
will reject the entire file. No bootloader config means no booting.
So as long as we're still using yaboot on PPC, we need to use ISO volume
labels it can handle. So: filter the isolabel, replacing any non-ASCII
characters with underscores.
So there's actually two copies of yaboot on a PPC image, and they each
use different config files:
ppc/chrp/yaboot --> /etc/yaboot.conf
ppc/mac/yaboot --> /ppc/ppc{32,64}/yaboot.conf
So we need two copies of yaboot.conf - one in each place - to
boot properly (or all three if we're making hybrid images). Whee!
The comments should now make this more clear for future reference.
We were appending to /etc/shadow when previous versions of lorax
overwrote it, so we ended up with two conflicting entries for "root".
Instead:
- keep existing /etc/shadow and /etc/passwd contents
- add new entries for "install" user
- remove password from existing "root" entry in /etc/shadow
Also, we don't need to create the 'sshd' user, because the
openssh-server %post script does that for us.
Actual content changes:
- {High,Low}Contrast themes moved to gnome-themes-standard, so remove
them from there. Also remove HighContrastInverse theme.
- Removed metacity 'Atlanta' theme - 'Adwaita' is the default metacity
theme these days.
ntfsresize is currently living in the ntfsprogs package, which (for
whatever reason) isn't getting automatically pulled into the runtime
environment anymore.
So: install ntfsprogs in runtime-install, and remove everything but
ntfsresize in runtime-cleanup.
Makefile-style "-cmd" syntax lets us run a command and ignore any
resulting errors. This is a more general version of what copyif/moveif
were trying to accomplish, so we can drop those commands.
symlinking /modules to '/lib/modules' inside the runtime image is fine,
but since we're operating outside the runtime image, the absolute
symlink will point to the host's /lib/modules, which can cause us to
delete kernel modules. Yikes.
Instead:
1) use /lib/modules rather than the symlink, and
2) use a relative symlink, just to be safe.
move arch-specific stuff to arch-specific subdirs and move all the
common stuff to a subdir named 'common'. Also, rename '.profile' and
'.bash_history' so you actually see them when you 'ls' the 'common' dir.
also added some helpful(?) comments to the templates.
Patch by Ales Kozumplik <akozumpl@redhat.com>
The value syslogd provides at this early point when kickstart starts is
"(none)". This makes the receiving syslog unable to parse the incoming
messages.
New images find their root device by looking at the CDLABEL. Since pungi
is building ISO images separately from lorax, if it uses a different ISO
Volume Label we'll end up with unbootable images.
This changes the volume labels to match what pungi uses, so both should
boot OK.
Since pungi doesn't know that images/install.img needs to be moved to
LiveOS/squashfs.img for images to be "live", they aren't bootable.
This is the simple solution to the problem. Thanks to Karsten Hopp
for the original patch.
This lets us easily do whitelisting instead of blacklisting during
runtime cleanup. For example:
removefrom xfsprogs --allbut /sbin/* /usr/sbin/xfs_admin
would remove everything from the xfsprogs package except files in /sbin
and /usr/sbin/xfs_admin.
A few things in runtime-cleanup have been converted to use --allbut. The
only difference in the created runtime image is that we're deleting
/usr/share/kde4 from fedora-logos.
From: Matthew Garrett <mjg@redhat.com>
If we're producing EFI bootable images then we should also support
making them bootable from USB sticks. This adds support for doing so.
- use libdir in GConf2
- delete redundant removals of /usr/share/gnome/*
- remove systemd units for nfs-utils
- remove all of notification-daemon rather than piece-by-piece
- don't try to delete non-existent libldif from openldap
- /usr/sbin/xfs_bmapd is actually /usr/sbin/xfs_bmap
- remove /etc/* from yum rather than etc/*
also make sure we clean a bunch more unneeded services, but don't bother
deleting target files that would just be ignored anyway.
also also, delete everything in /etc/systemd/system/default.target.wants
so that we don't get readahead stuff in anaconda.