Commit Graph

682 Commits

Author SHA1 Message Date
Brian C. Lane
51a4a93f90 sshd_config: Apply suggested changes
Some of the options have been removed, others are now the default.
MOTD still needs to be printed, the boot environment doesn't include the
pam motd module.

Resolves: rhbz#1872892
2020-10-30 08:32:24 -07:00
Brian C. Lane
83df17ea76 runtime-cleanup: Delete .pyc files
Previously this symlinked them to /dev/null, which didn't really
accomplish anything since they get recreated. So just remove them so
python can decide whether or not to recreate them.
2020-10-07 09:39:49 -07:00
Brian C. Lane
7616a10373 Remove lorax-composer, it has been replaced by osbuild-composer
Remove the code, related files, and tests.
2020-09-30 15:42:46 -07:00
Brian C. Lane
46ba3d541d runtime-cleanup: Remove ncurses package
Remove the ncurses package -- on ppc64le and s390x it was pulled in and
the library check would fail because the library files have been
removed.
2020-09-29 09:53:04 -07:00
Adam Williamson
4ce386fe2d Fix broken single-item tuples in a few places
When we stopped caring about ppc and ppc64, we changed several
instances of three-item tuples:

("ppc", "ppc64", "ppc64le")

into...this:

("ppc64le")

which is not a single item tuple, but just the string "ppc64le"
in some extraneous braces. It so happens that the right thing
still happened in all relevant cases , we think, but it's wrong.
There's no need to be using an iterator at all for a single
item, so just change them all to == "ppc64le" or != "ppc64le" as
appropriate.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-14 14:06:46 -07:00
Adam Williamson
2078c83704 Drop dpaa2 firmware on non-aarch64 arches
AFAICS, the devices that need these firmwares - various boards
built by NXP, https://www.nxp.com - are all aarch64. So we don't
need to carry these firmware files in the installer env for other
arches.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-14 14:06:08 -07:00
Adam Williamson
c1d247e0f5 Drop firmware for Mellanox Spectrum
Mellanox Spectrum devices are switches intended for data centers.
It is I guess feasible that someone might want to install Fedora
on one, but from the product pages and data sheets, I believe
they all have management interfaces that do not require this
firmware to work, and that's what you'd use if you needed a
network connection during OS deployment. The firmware is only
needed for the actual switched interfaces, and we don't need to
make those work during installation.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-14 13:43:04 -07:00
Adam Williamson
86f0e72224 runtime-cleanup: big refresh of stale things
I based this on the output of a recent installer image build:
https://kojipkgs.fedoraproject.org/compose/branched/Fedora-33-20200904.n.0/logs/x86_64/buildinstall-Everything-logs/pylorax.log
I looked at every runtime-cleanup related error there and tried
to make appropriate changes. In many cases this means just
removing a line that isn't needed any more because the package
in question just went away or is no longer pulled into the
installer environment. In other cases packages changed name or
files moved around, and I tried to make appropriate updates. In
a few cases files moved to another package but I wasn't sure
enough it would still be safe to remove them so I just left them
in place. Most of the changes here I'm pretty sure should be
safe, though there *could* be unforeseen fallout from e.g. fixing
the removals from procps to be removals from procps-ng - it's
been years since that package was renamed, so something *could*
have started using those binaries in the meantime. I did at least
check that anaconda itself does not.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-14 09:05:34 -07:00
Adam Williamson
ea375ebe60 runtime-cleanup: strip a bunch of unnecessary firmwares
These are for devices that just aren't going to be needed during
install, like video encode/decode accelerators, TV capture cards,
webcams, and some sound firmwares that should probably be in
alsa-firmware but aren't. This is a fairly conservative cut, I
will split some possibly more controversial cuts into separate
commits for ease of detachment. The linux-firmware WHENCE file is
an invaluable resource in figuring this out.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-08 11:50:15 -07:00
Adam Williamson
07f3e48c28 runtime-install: specify polkit-gnome to avoid lxpolkit and GTK2
blivet-gui-runtime requires PolicyKit-authentication-agent. If
we just let dnf pick what to satisfy that requirement with, it
picks lxpolkit, which requires gtk2. Specifying polkit-gnome
instead should I think give us a smaller footprint, its deps
seem quite small.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-08 11:50:15 -07:00
Adam Williamson
3359b896d1 runtime-install: exclude gnome-firmware and sigrok-firmware
gnome-firmware is a GNOME app for installing firmwares, no use
here at all. sigrok-firmware is for signal analyzers, again, no
need for it here.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-08 11:50:15 -07:00
Adam Williamson
afa7e2af37 runtime-cleanup: Drop video playback acceleration drivers
We're not going to be playing any videos during installation, I
don't think.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-08 11:50:15 -07:00
Adam Williamson
a87f438af1 runtime-install: don't install notification-daemon
libnotify dropped the requirement just a couple of months after
this line was added, but we never took it back out again.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2020-09-08 11:50:15 -07:00
Brian C. Lane
e1785d13b8 config_files: Update aarch64, ppc, and sparc timeouts to 60s
This makes the timeouts the same on all arches.

Fixes #1068
2020-09-01 16:28:49 -07:00
e5f50e81c3 templates: Ensure nano is installed for the runtime environment
The expectation is that all environments where an editor might be
used should ship GNU nano by default and tools should activate it
when an "editor" is requested. This change should ensure that for
the install media runtime environment.

Reference: https://fedoraproject.org/wiki/Changes/UseNanoByDefault

Resolves: rhbz#1874094
2020-09-01 11:39:35 -07:00
Vendula Poncova
c2a3b7dbf3 lorax: Install fcoe-utils
Explicitly install the fcoe-utils package on the boot.iso.
It is a weak dependency of anaconda-install-env-deps.
2020-07-17 09:21:51 -07:00
Vendula Poncova
48b268dc9e lorax: Enable swap on zram
Install the zram-generator-defaults package on the boot.iso.
2020-07-17 09:21:51 -07:00
Dan Horák
0dbfe28745 include generic.ins for s390 boot iso
Include the generic.ins file on the s390 boot iso, so it's directly bootable
on an LPAR. The full iso already had generic.ins included.
2020-06-09 09:58:58 -07:00
Brian C. Lane
3c745aed8d Revert "lorax: Remove vmlinuz from install.img /boot"
This reverts commit 6025da1421.

It ends up that using the install.img with qemu and PXE and fips=1 is a
common use case. Without vmlinuz in the install.img rootfs it has
nothing to run the check against.

Related: rhbz#1782737
2020-06-01 13:49:22 -07:00
Dan Horák
564f78e629 drop 32-bit support from ppc live image grub.cfg
Seems petitboot can't properly parse the live image grub config on ppc, thus
booting fails on bare-metal. Fix the problem by removing the obsolete 32-bit
entries.
2020-05-19 14:10:50 -07:00
Brian C. Lane
6fdb09f9e2 rsyslog: Disable journal ratelimits during install
Every log entry is sacred

Resolves: rhbz#1752754
2020-04-28 13:47:57 -07:00
Brian C. Lane
6025da1421 lorax: Remove vmlinuz from install.img /boot
The kernel in /boot is not needed. Keep the .vmlinuz*hmac file so that
fips mode can check it (this requires dracut-050 or later).

Related: rhbz#1782737
2020-03-26 08:17:51 -07:00
Brian C. Lane
e2e8deb906 lorax: Write package lists in run_transaction
A change in glibc now requires /proc be mounted in order to run mknod
which is needed in order to run rpm from runtime-postinstall.

This drops that code from the template and moves writing the package
list into run_transaction, which already has all of the needed
information to generate the list.

Resolves: rhbz#1812895
2020-03-16 11:51:11 -07:00
Brian C. Lane
a30531d41b Add dig and comm to the boot.iso
The /usr/libexec/chrony-helper script requires them.

Resolves: rhbz#1812127
2020-03-11 08:42:01 -07:00
Brian C. Lane
54548e4076 lorax: Cleanup the removefrom --allbut files
Some of the files no longer exist, some of them have moved. In the case
of dracut the 98systemd directory was renamed to 98dracut-systemd, but
nobody noticed.

This updates the following:
 * rename 98systemd to 98dracut-systemd so scripts are in the
   install.img
 * drop fedora-release removefrom, it now only has os-release
   fedora-repos has the repo files, not anaconda, they are moved by
   runtime-postinstall.tmpl
 * Use initscripts to keep the /etc/init.d, chkconfig only has an empty
   directory.
 * gtk2-engines is no longer installed
 * metacity doesn't include anything in /etc/
 * /usr/share/X11/rgb.txt is no longer installed
 * libgstbadallocators-1.0.so
2020-02-27 08:50:32 -08:00
Brian C. Lane
622e15c85a lorax: Add eject back into the boot.iso
The eject utility moved into util-linux and the package was dropped, but
since the runtime-cleanup template is using `removefrom util-linux
--allbut` it was never added to the boot.iso after the move.

This removes the package request for eject and adds it to the list of
binaries to keep from util-linux.
2020-02-20 10:00:53 -08:00
Akira TAGOH
7d7d158399 Reflect fonts packages from comps
Add lohit-marathi-fonts for Marathi.

Replace kacst-*-fonts with paktype-naskh-basic-fonts for Urdu,
for Arabic, we use dejavu-sans-fonts.

Replace lklug-fonts with google-noto-sans-sinhala-vf-fonts for Sinhala.

Replace lohit-gurmukhi-fonts with google-noto-sans-gurmukhi-fonts for Gurmukhi.
2020-02-10 12:03:54 -08:00
Brian C. Lane
f7688f9c8d lorax-composer: Add cloud-init support to the vhd image
This adds cloud-init support to the vhd image.
Also limits the cloud-init datasource to Azure, and includes
cloud-utils-growpart to expand the filesystem to fit the available
space.

Resolves: rhbz#1754711
2019-11-18 14:00:24 -08:00
Brian C. Lane
c5f6fd6d30 Add dmidecode on supported architectures
Currently supported on i386, x86_64, aarch64

Related: rhbz#1714793
2019-11-14 11:46:46 -08:00
Brian C. Lane
d8bf3427a6 Add live iso support to s390
With this patch lmc and lorax-composer can be used to create a live iso
when running on s390 systems.
2019-10-31 09:47:18 -07:00
Brian C. Lane
6f0473c742 Remove lifted azure support
The python modules that Ansible depends on for Azure support are old,
and incompatible with Fedora. Drop support until the azure playbook is
supported with Fedora packages.
2019-10-16 09:17:54 -07:00
Brian C. Lane
c2620b0c85 lifted: Add support for AWS upload
This uses a new Ansible module, ec2_snapshot_import, which is included
here until it is available from upstream.

It will upload the AMI to s3, convert it to a snapshot, and then
register the snapshot as an AMI. The s3 object is deleted when it has
been successfully uploaded.
2019-10-16 09:17:54 -07:00
Brian C. Lane
45498f2b93 All providers should have 'supported_types'
even if it is empty.
2019-10-16 09:17:53 -07:00
Evan Goode
2692e8138c Automatically upload composed images to the cloud
Currently, Azure, vSphere, and OpenStack are supported. See
https://github.com/weldr/lorax/pull/826 for more details about this new
feature.

I've called the upload library "lifted" as a reference to Seuss'
The Lorax -- in the book, the Lorax lifts himself up by the seat of his
pants through a hole in the smog clouds, and they start calling him the
"Lifted Lorax."

This adds new features to the /compose route under API v1
2019-10-16 09:17:53 -07:00
Brian C. Lane
5efaa876e1 aarch64: Fix live-iso creation on aarch64
Drop unneeded uboot-tools, and remove iso-graft from the aarch64.tmpl

Related: rhbz#1752002
2019-09-25 11:07:20 -07:00
Martin Kolman
6f01aedc8a Keep the zramctl utility from util-linux on boot.iso
Anaconda uses zram to allow installation on low memory systems.
We used to have a custom script called "zram-stats", that can be
used to test and debug zram usage during installation.

The script no longer works & zramctl now provides much better
output than our script ever did. So we decided to decommission
the old Anaconda provided script & use zramctl instead.

So change the cleanup rule in the Lorax boot.iso template
to keep the zramctl utility.

Related: rhbz#1561773
2019-09-20 08:52:50 -07:00
David Lehman
b8c1e706bb Use smarter multipath detection logic.
This new setting for 'find_multipaths' tries to prevent things like
LVM from going ahead and activating LVM on the individual disks/paths
until there is reasonable certainty (via a timeout) that the device
is not a component of a multipath set.

NOTE: 'smart' is supported by device-mapper-multipath v0.7.7 and later.
2019-08-20 16:23:15 -07:00
Brian C. Lane
b9d18216ef lorax-composer: Add liveimg-tar image type
This creates a tar suitable for use with the anaconda kickstart liveimg
command. It adds the kernel, grub2, and grub2-tools packages to the tar
template.
2019-08-05 14:50:32 -07:00
Pat Riehecky
fb1fcce0fd Remove .build-id from install media 2019-07-29 13:25:57 -07:00
Dan Horák
9f9cba35a2 don't skip Xorg packages on s390x to allow local GUI installation under KVM 2019-07-25 08:49:14 -07:00
Pat Riehecky
e11fc2037f Leave lscpu in the image for additional debugging 2019-07-09 11:42:23 -07:00
Jan Stodola
f24877b06e Fix path to generic.prm
Also quote ${extra_boot_args} as in the other templates

Related: rhbz#1712822
2019-05-23 15:28:31 -07:00
Brian C. Lane
708314a1fe Update composer live-iso template 2019-05-23 15:27:02 -07:00
Brian C. Lane
ddb82ef598 Add kernel to ext4-filesystem template
The filesystem was too small because Anaconda always adds the kernel,
but the template uses --nocore so it doesn't take that into account.
Add it to the template so that the filesystem size will be large enough
to hold the extra packages.
2019-05-16 10:26:30 -07:00
Brian C. Lane
e5a8700bdf lorax-composer: Add locale support to blueprints
You can now set the keyboard layout and language. Eg.

[customizations.locale]
languages = ["en_CA.utf8", "en_HK.utf8"]
keyboard = "de (dvorak)"

Existing entries in the kickstart templates are replaced with the new
ones. If there are no entries then it will default to 'keyboard us' and
'lang en_US.UTF-8'

Includes tests, and leaves the existing keyboard and lang entries in the
templates with a note that they can be replaced by the blueprint.
2019-05-02 16:21:36 -07:00
Brian C. Lane
9bdbb29662 lorax-composer: Add timezone support to blueprint
For example:

[customizations.timezone]
timezone = "US/Samoa"
ntpservers = ["0.pool.ntp.org"]

Also includes tests.

This removes the timezone kickstart command from all of the templates
except for google.ks which needs to set it's own ntp servers and timezone.

If timezone isn't included in the blueprint, and it is not already in a
template, it will be set to 'timezone UTC' by default.

If timezone is set in a template it is left as-is, under the assumption
that the image type requires it to boot correctly.
2019-05-02 16:21:36 -07:00
Brian C. Lane
8a89edf7bf Add -iso-level 3 when the install.img is > 4GiB
xorrisofs needs to use iso-level 3 when creating images with large
files. This adds tests to all the relevant templates, just like we used
to do for udf and mkisofs.
2019-04-05 15:06:48 -07:00
David Shea
35e44ffb37 Fix the google cloud boot console settings
Forgot the 'console=' part.
2019-04-03 13:41:29 -04:00
David Shea
44e14176bb Add a compose type for alibaba.
This compose type creates a partitioned disk as a qcow2 file, but with
only one partition instead of using a separate /boot.
2019-04-03 13:05:31 -04:00
David Shea
434fe58c28 Add a new compose type for Hyper-V
This is based on the VHD compose type, with the following differences:

  * Use the vhdx format instead of vhd
  * No WALinuxAgent
  * Install hyperv-daemons

The hyperv-daemons are activated through udev rules, so there is no need
to add them to the services line.
2019-04-03 13:00:37 -04:00