For historical reasons, lorax used the 'anaconda' package as a
touchstone to determine the architecture for the build. At some
point, this package became a metapackage that pulls in both the
GUI and headless installers.
In the modular world, it's possible that only the core and TUI bits
may be available for use. The only subpackage of anaconda that is
guaranteed to be on any viable system is anaconda-core, so let's
switch to using that for the touchstone instead of the metapackage.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
(cherry picked from commit 2c3007beb8)
Also sort the expanded list of packages so that any failures will
be consistent instead of depending on the randomness of a set().
And add better logging when things fail.
The core issue is that repodata may have packages that match globs, but
they cannot actually be installed (eg. sigrok-firmware). This can cause
*some* of the globbed packages to be installed before hitting the
failure package.
With this change it will log the expanded list of packages if a glob is
used. It will skip any packages that fail to install when using
--optional with the glob, and continue to install the rest.
Related: rhbz#1440417
(cherry picked from commit 1c6b083260)
This used to be handled by a %post section of the kickstart, but that
won't work with lmc, so do it in the template instead.
(cherry picked from commit c91278a17d)
These were set by livecd-creator, and the %post section was used to
setup the license files on the / of the iso which will not work from
inside anaconda so drop it completely.
(cherry picked from commit 092c593d6b)
Previously lorax had no way to use repos with self-signed certificates.
This adds the --noverifyssl cmdline option which will ignore certificate
errors.
Resolves: rhbz#1430483
(cherry picked from commit cc56a5b5c9)
In order to run rpm inside the newly created image it now needs to
create a couple device nodes to satisfy nss, which is used by rpm.
(cherry picked from commit d95e69aa34)
with readline 7 libreadline.so moved to libdir as a result it is
currently removed in the cleanup phase, however it is needed
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
Signed-off-by: Brian C. Lane <bcl@redhat.com>
(cherry picked from commit f1378dd443)
Follow-up of moving to sshd-keygen.target in anaconda-sshd.service
(#1331753)
* Do not remove /etc/ssh/moduli
* slogin symlink is already removed
* Do not remove sshd-keygen
Related: rhbz#1369439
Keep it same as in RHEL 7.2. They increase the size of the /tmp/syslog file
from ~280K to ~1M, and can be obtained from journal if needed.
Resolves: rhbz#1369439
Rsyslogd used to read messages from /dev/log together with systemd-journald
which resulted in NetworkManager messages not being passed to syslog due to a
race condition during starting NetworkManager and rsyslogd service. So use
imjournal rsyslog plugin that picks messages from journald instead of using the
/dev/log socket. Same as regular RHEL 7 system.
anaconda-26.1 changed how package scriptlet failures are handled. They
are now fatal, and anaconda hangs after logging an Installation failure.
ERR packaging: Installation failed: PayloadInstallError('DNF error:
Non-fatal POSTIN scriptlet failure in rpm package mlocate',)
Catch this (the 'packaging: Installation failed' part) and terminate the
image creation.
There's something racy here; in my Atomic Workstation CI/CD I'm seeing:
```
01:12:43 symlink /lib/systemd/system/rngd.service etc/systemd/system/basic.target.wants/rngd.service
01:12:43 FileNotFoundError: [Errno 2] No such file or directory: '/lib/systemd/system/rngd.service' -> '/var/tmp/lorax.7cgdtz1_/installtree/etc/systemd/system/basic.target.wants/rngd.service'
```
Rather than debug this right now, let's just make sure it exists,
like we do right above for `tmp.mount`.
The latest POWER platform allows a host machine to configure guests
running in a different endian mode. Guests configured in this way may
have their bootloader configuration file corrupted after installation if
the file was not fully written to disk. The host machine would read the
journal and try to finish writing the file in the wrong endian mode.
Issuing an fsfreeze and unfreeze gives more assurance that the
configuration file is properly written before a reboot; this patch adds
fsfreeze to the installer runtime environment.
Related: rhbz#1315468
This controls how big the root filesystem is for the squashfs used in
the boot.iso, the default is 2GiB.
Note that larger rootfs sizes will require more memory and may cause the
build to fail.
I'm working on
https://fedoraproject.org/wiki/Changes/WorkstationOstree and when
using lorax to make an installer ISO with content embedded, I run out
of disk space since the desktop+various apps is large.
Since this ends up being compressed anyways, let's just bump the
currently arbitrary `2` to `10` - the only real cost I can think of is
going to be a few more superblock entries.
With commit fe17f97 changing the default from optional to required there's
a few packages that aren't currently supported on aarch64 that break the
compose. In particular aarch64 currently still doesn't have kexec, with luck
that might change in the F-25 cycle but until it does we need to have an
exception.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
If the query filter doesn't return anything it would just ignore the
install request instead of logging and raising an error when
required=True.
This checks for no packages matching, and if required is True raises an
error after all of the requested packages have been processed, instead
of after the first one to fail.
Previous versions of lorax assumed that installpkg was optional, and
would continue on if the PKGGLOB didn't match anything. But the majority
of the packages are required so this allows the boot.iso to be built
with missing packages that are hard to track down.
It makes more sense to make the PKGGLOB required and to flag the
few exceptions to this with --optional.