We can now use a single U-Boot firmware to boot all 64 bit variants
of the Rasperry Pi so we can now simplify this some what.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
A recent change to Anaconda[1] now requires that this be available on
the installed system, due to grub2-tools-extra now being part of the
EFI GRUB2 install.
[1] 1891b0f306
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
See https://bugzilla.redhat.com/show_bug.cgi?id=2175244#c15 .
We really need libxkbcommon for initial-setup to work properly,
since an ordering change in systemd 253. This exclusion causes
it to get dropped. libxkbcommon requires xkeyboard-config; since
systemd only recommends libxkbcommon (rather than hard requiring
it), the solver decides to honor the request to exclude
xkeyboard-config by dropping both it and libxkbcommon.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
There's a few bits of armhfp dregs hanging around so lets
clean them up as they're no longer used.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
fedora-kde-minimization.ks only tried to remove scim* and iok.
iok hasn't existed since F30. scim* packages still exist, but
nothing requires or recommends any of them, and none of them are
listed as default or mandatory in comps, so I don't think this
does anything.
mariadb: we do still ship both mariadb and community-mysql, and
they have overlapping provides. However, the only thing that
requires 'mysql-server' is kf5-akonadi-server-mysql , and that
also recommends 'mariadb-server', which should break the tie
without needing these lines.
system-config-*: none of these exist any more.
desktop-backgrounds-basic: no longer listed in base-x.
gnome-disk-utility: we already drop the entire admin-tools
group above, so there's no need to try and drop one package from
it too.
kdeaccessibility and kdeartwork don't exist any more.
Commented-out lines were dropped, there's no point having
commented-out lines with no explanation why they're there.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
These are not useful on the KDE desktop and come in through a
weak dependency in GTK3.
We don't need or want this, as it's redundant with what KDE Plasma
provides already.
Fixes: https://pagure.io/fedora-kde/SIG/issue/124
mpage is only 60K in size and requires only libc and rtld. Seems
worthless to drop it.
isdn4k-utils doesn't exist any more.
For the sane stuff: nothing sane-related is pulled into most
images any more. cinnamon-desktop, design-suite and
gnome-desktop list some SANE packages, but that clearly means
they *want* to include them, and the kickstarts for those
spins don't include fedora-live-minimization anyway. The
'graphics' group lists xsane-gimp conditional on gimp being
included, but no desktop environment or kickstart includes the
'graphics' group as a default, so it won't be on any live images.
This leaves only hplip in the file. That *is* of significant
size and *would* be pulled into most of the spins which include
this file, so we can't drop it yet at least. There may be an
argument for dropping it from comps with the current state of
IPP Everywhere support, I guess.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Extend cloud base image and customize for Azure:
1. Don't install QEMU guest agent
2. Install WALinuxAgent
3. Configure chrony to use virtual PHC
4. Configure sshd with ClientAliveTimeout 120 to prevent
ssh timeouts
Performed some basic tests by generating an image with:
1. Using QEMU (using direct kernel boot) with
Fedora-Server-netinst-x86_64-36-1.5.iso and a flattened
kickstart with poweroff instead of reboot
2. Converted QCOW2 to VHD using:
qemu-img convert -o subformat=fixed,force_size -O vpc ...
3. Uploading image and created VM, verifying:
- cloud-init configures system
- chrony using PTP configuration
- waagent service installed (but not running until presets
are approved)
- SSH configuration and functional
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
This reverts commit 1841b368ce. It
turns out we need to revert to older lorax that uses syslinux for
now - see https://pagure.io/pungi/issue/1608 - so we need it back
in the live kickstart too.
It only has syslinux in it (it used to also have memtest86+ till
we dropped that), and we're not using syslinux any more.
syslinux was also listed in anaconda-tools so this was really
kinda redundant; we will replace syslinux with the necessary
grub2 packages in comps.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
It's mounting non-removable devices and causing problems for
anaconda. Note, KDE will still show a notification with a
button for mounting the device, and it shows in the file manager
where clicking on it mounts it; the behaviour is about the same
as Fedora 35 (slightly better, as the notification shows on
subsequent plugs of the same stick, which it did not in F35).
Signed-off-by: Adam Williamson <awilliam@redhat.com>
This reverts commit 093733933f.
BuildError: Failed to parse kickstart file '.../fedora-disk-python-classroom.ks' : The following problem occurred on line 12 of the kickstart file:
The part/partition and autopart commands can't be used at the same time.
Just setting `download-updates=false` seems not to be enough any
more, we get update notifications in live images currently. This
should fix that and also disable the Updates pane on GNOME
Software in the live environment, which is a nice improvement.
https://gitlab.gnome.org/GNOME/gnome-software/-/issues/1683#note_1408750
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Appending console=tty0 is problematic for many arm use cases.
lets make sure we remove it so systems can just boot
https://bugzilla.redhat.com/show_bug.cgi?id=2022757
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
If the file was not present, the command would fail and the compose
would not proceed.
This is currently blocking container base image generation for ELN.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
ELN needs to import the current key as well as keys a few releases
back, since it doesn't (currently) re-sign at Fedora branching.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
In 1f3645b72d we added a removal of
util-linux, so this section had both:
%packages --excludedocs --instLangs=en --nocore --excludeWeakdeps
util-linux
...
-util-linux
This changes the first of those two entries to include
util-linux-core instead of util-linux, so these two directives do
not conflict.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
This stuff is now properly part of the cloud-init package,
so we don't need this anymore.
This reverts commit 88452ac290.
Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
It does not work properly on Wayland by default and Plasma
has its own language selector.
Fixes: https://pagure.io/fedora-kde/SIG/issue/143
Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
Todays rawhide failed due to needing another 14MB.
Increase it a bit more than that tho because it may have failed when it
hit the first package it ran out of space on. We should of course figure
out why it's growing too.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
Set up the generic aarch64 Raspberry Pi U-Boot so that we can
boot any new device that we may not have specific support for.
We'll use this method to support the new Zero 2 W.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
- make it leaner by limiting to comp neuro tools only, and removing
extra analysis tools (which users can install when required)
Signed-off-by: Ankur Sinha (Ankur Sinha Gmail) <sanjay.ankur@gmail.com>
During the kickstart of the cloud image, NetworkManager writes an
/etc/resolv.conf that contains `nameserver 192.168.122.1`. This causes
boot delays with cloud-init since it does some early boot DNS
redirection tests before talking to the cloud's metadata service. On
some clouds/architectures, this delay is 15 seconds or more.
Truncate the /etc/resolv.conf so it can be replaced properly by
NetworkManager and cloud-init on the first boot.
Signed-off-by: Major Hayden <major@redhat.com>
This reverts both commits trying to enable initial-setup on first boot
for the KDE Live Spin as this is not working as expected right now.
This reverts commit 8afe142dcb.
This reverts commit 8e6d33c408.
Previous change enabled it for the LiveISO directly instead of the final
system as this was meant for usage in RAW disk images and not in
LiveISOs.
This change should enable it for both, be a NOP for the LiveISO and
effectively enable it on the final system until we find a better
solution in Anaconda itself.
See discussion in https://github.com/rhinstaller/initial-setup/issues/136
Fixes: 8a3b18b fedora-live-kde.ks: Enable initial-setup on firstboot
To make OEM installs, we need to move the user account, timezone and
network setup to first boot setup steps. This enables initial-setup to
do just that. Once this is confirmed as working, we can remove the user
setup spoke from the initial Anaconda installation dialog.
VM images on POWER require a PReP partition to be able to boot.
Since we don't have a way to define this archfully for now,
let's just always create it. Losing 4MB isn't that bad, anyway...
Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
These are tiny packages that just add the desktop files to access
functionality that's already included as part of the rest of LibreOffice.
Fixes: https://pagure.io/fedora-kde/SIG/issue/103
Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
This actually led to the filesystems being bigger.
The most recent Fedora Rawhide images were ~900MB instead of ~300MB.
Clearly, we need this to make it smaller.
This reverts commit d4d8bffb2c.
Signed-off-by: Neal Gompa <ngompa@fedoraproject.org>
Without this, there is no guarantee that BIOS would
be correctly set up if the install environment is UEFI.
Fixes: 611edda149
Signed-off-by: Neal Gompa <ngompa13@gmail.com>
Fedora Cloud is now set up so that it builds the disk with
GPT partitioning and has a specific partitioning layout so
that the resulting images are equipped to boot either with
legacy BIOS or UEFI.
Reference: https://fedoraproject.org/wiki/Changes/FedoraCloudHybridBoot
Signed-off-by: Neal Gompa <ngompa13@gmail.com>
As part of 1abc805 I removed shadow-utils instead of util-linux.
shadow-utils was previously part of https://bugzilla.redhat.com/show_bug.cgi?id=1951111
but got removed after feedback received.
Signed-off-by: Clement Verna <cverna@tutanota.com>
The Plasma Wayland session does not work when kernel mode-setting has
been disabled, so fall back to X11 automatically in this scenario.
Signed-off-by: Neal Gompa <ngompa13@gmail.com>
There is a potential issue with how dtb files are symlinked in /boot
if the kernel-lpae is installed last the symlink is pointed there and
not all dtb files will be available. kernel-lpae should be installed
intentionally
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
We already install glibc-minimal-langpack and langpacks-en_GB
pulls the dejavu-sans-fonts which is almost 6MB.
Signed-off-by: Clement Verna <cverna@tutanota.com>
NetworkManager has changed the defaults for where the config
files are retained and by default we don't ship the traditional
Sys-V network scripts so we can clean-up those bits.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
Primarily changes for UEFI on ARMv7 but also some cleanups/updates
for the arm/aarch64 images.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
This commit restore workstation-release needed for workstation
base installation and attempt to fix post-installation favourite apps on
dash board.
Signed-off-by: Luya Tshimbalanga <luya@fedoraproject.org>
Commit 3dadef5a21 didn't actually work
because it set the value as root. This commit fixes it to set it under
the liveuser instead.
Thanks to adamw for figuring out what's going on!
This update restore the workstation-release to make the installation easier
in addition of minor fixes
Signed-off-by: Luya Tshimbalanga <luya@fedoraproject.org>
Test for $LIVE_ROOT (set by livecd-creator) before running commands
specific to a livecd-creator build.
Do not modify the Lorax template during livemedia-creator builds;
the change belongs in Lorax itself.
Related: https://github.com/weldr/lorax/pull/1107
Resolves: rhbz#1430546
Since Fedora 30, license files are missing from the ISO filesystem
of live images (including official builds). The source path to the
license files changed when they were moved into a subpackage named
fedora-release-common (or generic-release-common).
It's still failing. At this point we're not sure if it's really a
space issue, but we're going to bump it a bit more to see.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
NetworkManager uses it's own built in dhcp client now as does systemd,
basically dhcp-client is irrelevant for most use cases now
so it shouldn't be there by default.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
rng-tools was dropped from standard comps group recently,
so it's no longer installed by default. Lets remove it from here as well
to get arm and server images building again.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
The scripts changing the image were wrongly run in --nochroot
%post section. This commit fixes it by simply moving it from
--nochroot %post to normal chroot %post.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
The Raspberry Pi isn't properly setup for ARMv7 as the arch detect during
build was missed, hence nothing gets copied and the image won't boot.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
The langpacks-en package is pulled in by Anaconda and it seems filtering
it out using langpacks-* is not sufficient. It needs to be filtered
directly.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
This commit removes few packages from Fedora-ELN-Guest kickstart:
- insights-client - this is RHEL only package which does not exist
in Fedora and therefore will not be installed in Fedora ELN.
- rng-tools - this is not available in Fedora-ELN compose yet. We
will enable rngd again once this is added to Fedora ELN.
- dracut-norescue - this is RHEL only package. The Fedora equivalent
of this is to remove dracut-config-rescue. This yes is also used
in other Fedora kickstarts.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
The previous commit was supposed to merge fedora-container-common.ks
into fedora-eln-container-base.ks. I probably copy-pasted wrong
fedora-eln-guest.ks part there instead of the fedora-container-common.ks.
In this commit I'm fixing that.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
The Fedora ELN container is special in a way that the "%{fedora}"
RPM macro is not defined there. This breaks the Fedora ELN container
build, because fedora-container-common.ks expects this macro to exist.
This commit merges fedora-container-common.ks into
fedora-eln-container-base.ks and hardcodes Fedora 34 GPG key there.
The fedora-eln-container-base.ks will be updated once we move to
newer Fedora.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
This is a starting point for a GCP cloud image. The image boots fine
in GCP today. In the future we may want to consider adding the GCP
cloud agents if they get packaged in Fedora.
It seems we will need different set of packages Fedora-ELN base
container image and therefore we need new kickstart file for it.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
This reworks the package list to add comments and remove some things
that didn't need to be explicitly removed.
- remove +systemd-udev -> already included by default
- remove -biosdevname -> not included by default
- remove -iprutils -> not included by default
- remove -uboot-tools -> not included by default
There are no packages added or removed from the built cloud image as
part of this change. Just updating the input package list to be more
meaningful.
We're no longer using legacy network scripts to bring up networking.
We're using NetworkManager and now in F33+ networkmanager will even
default to writing out new configuration as NM keyfiles in
/etc/NetworkManager/system-connections/. We don't need to lay down
a networking config for eth0. Either cloud-init will do that for us
or NetworkManager will default to DHCP anyway.
We also don't need to populate /etc/hosts as that will get done on
boot too with the same content we were writing there already.
As discussed here:
https://fedoraproject.org/wiki/Changes/RemoveDeviceMapperMultipathFromWorkstationLiveCD
And on the anaconda devel list, we do not want device-mapper-multipath
on the livecd / on installs done from the livecd, because rather then
properly supporting hotplug udev add/change events it brings in
the long obsolete systemd-udev-settle.service which causes significant
delays during boot.
Since multipath is very much a data-center / server only feature we
can simply exclude it from the livecd to get rid of the dependency on
systemd-udev-settle.service .
We also need to exclude fcoe-utils since that depends on
device-mapper-multipath. Since FCOE too is a data-center / server
only feature, we can simply exclude fcoe-utils too.
Upstream SSH has been claiming [1] for a few releases now that:
```
It is now possible to perform chosen-prefix attacks against the
SHA-1 algorithm for less than USD$50K. For this reason, we will be
disabling the "ssh-rsa" public key signature algorithm by default in a
near-future release.
```
In Fedora we switched recently [2] to disallow ssh-rsa. I filed a bug
upstream [3] for Vagrant to stop using an rsa key. For now let's workaround
the issue.
[1] https://www.openssh.com/txt/release-8.3
[2] b298a9e107
[3] https://github.com/hashicorp/vagrant/issues/11783
Atomic is a thing of the past and I have no idea what
fedora-cloud-bigdata.ks and fedora-cloud-experimental.ks
were ever used for. Let's get rid of them to reduce confusion.
It is obsolete; notice the reference to the old `spin-kickstarts` repo that no longer exists.
Signed-off-by: Michel Alexandre Salim <michel@michel-slm.name>
The zram package and its zram-swap service are obsoleted as part
of the swaponzram change.
https://fedoraproject.org/wiki/Changes/SwapOnZRAM
Signed-off-by: Chris Murphy <chrismurphy@fedoraproject.org>
All desktop variants of Fedora are changing to use Btrfs
as the default filesystem and partitioning scheme.
Reference: https://fedoraproject.org/wiki/Changes/BtrfsByDefault
Signed-off-by: Neal Gompa <ngompa13@gmail.com>
ISC DHCP implementation is going to be deprecated soon in favor of
NetworkManager and all spins but modular switched to using NM already.
Dropping dhcp-client from the modular build as well and re-enable NM
service
Bug-Url: https://bugzilla.redhat.com/1845933
Signed-off-by: Pavel Zhukov <pzhukov@redhat.com>
The mysterious hangs we've been seeing in Rawhide composes are
actually due to running out of space in the image root.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
This is done so that it's easy spot large packages that are not
necessary and identify packages that have grown in size too much
by diffing the image compose logs.
sed "s/rpm -qa/rpm -qa --qf '%{size}\\\\t%{name}-%{version}-%{release}.%{arch}\\\\n' |sort -rn/" -i *.ks
The image creation currently silently fails on Fedora 33 because the
kernel scriptlet is unable to create the initramfs:
cp: error writing '/var/tmp/dracut.SqTiPj/initramfs/lib/libbrotlicommon.so.1.0.7': No space left on device
dracut-install: ERROR: failed to install '/lib/libbrotlicommon.so.1' for '/var/tmp/dracut.SqTiPj/initramfs/usr/sbin/rngd'
...
I'm not entirely sure how much space is actually needed. Hopefully not
more than 100M though.
We haven't had Evolution or Shotwell installed by default in a long time, so this list is pretty stale. Sync it with upstream, except for Geary (which we don't ship) and Music (we still have Rhythmbox). I'll also omit GNOME Software, since I'm not sure we can expect installing apps to work well in a live session.
The "auth --useshadow --passalgo=sha512" is long default and auth option
itself has moved to authselect and is obsolete so this actually pulls
in extra dependencies. Drop it as the shadaow and sha512 are defaults.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
Use defaults for authselect, auth is deprecated, update rpi boot bits
drop old atomic cmds, no longer shipped.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
a. pre-empt future compose failure due to running out of space
b. existing l-i-t-d persistent root feature depends on the free space on this file system, right now free space is just under 650M and is a bit tight
c. fairly certain free space dropping below 90% is why I'm running into https://bugzilla.redhat.com/show_bug.cgi?id=1715699
As per https://bugzilla.redhat.com/show_bug.cgi?id=1720311 , no
KDE deliverables actually include fedora-release-kde, so they
are not identified as being the KDE variant at all. This change
would result in the KDE live image and ARM disk image including
fedora-release-kde.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
It seems that systemd is required by anaconda which wants
to setup the default target. Since dnf dependencies to systemd
was dropped in [0] we need to install it explicitly.
[0] - faa199f160
Signed-off-by: Clement Verna <cverna@tutanota.com>
This change is breaking python pytz module which
expect to find the zone.tab file in the zoneinfo
directory.
See BZ #1737013
Signed-off-by: Clement Verna <cverna@tutanota.com>
Trying to use dnf in the latest rawhide container compose fails
with a RuntimeError: Statement: no such table: trans_item in
Signed-off-by: Clement Verna <cverna@tutanota.com>
The base image does need to have langpacks-core-en, this has for effect
to remove the dejavu fonts from the base image.
Signed-off-by: Clement Verna <cverna@tutanota.com>
This brings some of the fedora-minimal optimization to the fedora
base image. We remove the timezones info, default fonts and some
logs.
Signed-off-by: Clement Verna <cverna@tutanota.com>
Those are pretty useless in containers. People want small containers and
if something extra is needed, they are going to install it. There is no
point in having python3-unbound or rpm-plugin-systemd-inhibit in there…
Closes: https://pagure.io/releng/issue/8530
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
Compressed RAM as a swap is faster than disk. This makes most machines
more interactive when under low memory pressure, and, combined with no
disk-backed swap, reduces wear and tear on "flash" storage with limited
number of writes.
Remove additional scanning packages brought in by gnome.
Un-blacklist some packages now needed by libvirt.
Signed-off-by: Rich Mattes <richmattes@gmail.com>
This commit remove the cracklib-dicts package which provides
tests passwords to help user choose strong password. The
package is not required by any other packages.
This will save ~9MB from the base image size.
Signed-off-by: Clement Verna <cverna@tutanota.com>
This commit makes sure that we don't install the all the en locale
in the base image. This remove around 60MB of the size of the container
Signed-off-by: Clement Verna <cverna@tutanota.com>
There was race condition between hostname taking effect and lightdm setting up
Xorg service that X client would fail to find a proper xauth entry to connect
the X server.
hostnamectl will also rewrite /etc/hostname.
The livecd-tools/imgcreate issue where it still used chkconfig to enable services
was resolved with release 27.0-1 so the chkconfig requirement can now be dropped.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
We don't ship traditional network scripts in any of the arm
images anymore so this is a no-op.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
Both the kickstart itself and imgcreate expect chkconfig to be
available in the installed system, so we'd better make sure it
is. Up till Fedora 30 Beta it was getting pulled in somehow;
since Fedora-30-20190330.n.3 it seems it is not (probably not
in Rawhide either). In any case, it's clearly correct to list it
explicitly.
See https://bugzilla.redhat.com/show_bug.cgi?id=1695637
Signed-off-by: Adam Williamson <awilliam@redhat.com>
As livesys and livesys-late are still SysV services, they need
systemd-sysv-install to work, which is part of chkconfig. Until
now chkconfig was getting pulled into live images via packages
that require update-alternatives, which was previously part of
chkconfig - but it just got split into its own package, so now
those packages don't pull in chkconfig any more.
This broke the KDE live image and probably several others in
recent Rawhide, livesys and livesys-late don't run so there's
no 'liveuser' and root isn't accessible. Workstation didn't
break because a java package still pulls chkconfig into it.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Now lxqt-l10n package is obsoleted. And we are adding a @lxqt-l10n to compos. So adjusting kickstart files accordingly.
Signed-off-by: Zamir SUN <sztsian@gmail.com>
Recently all Anaconda files required only for the live installation
(the liveinst script, the desktop file and others) have been split into a sub-package
called anaconda-live.
This was done to prevent these files from littering both network
installation images as well as user systems when Anaconda gets pulled
in as a dependency during a package installation transaction.
At the moment anaconda-live is stilled pulled in as a direct dependency
of the anaconda-gui sub package, but once this commit has been merged
into the Fedora kickstart repository, we can drop this temporary
dependency, removing the package from non-live installations.
It was removed from the @core group in fedora-comps d7faeb5,
but we are still using stone-age sysv-style scripts for the
early boot live image setup stuff (livesys and livesys-late),
so we need it installed in live images. Without this, lives are
utterly broken, because livesys fails almost immediately and
does not do any of the expected live customizations.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
For livemedia-creator builds, inject install code into the lorax
template live/x86.tmpl that copies the script livecd-iso-to-disk
into the .iso filesystem at /LiveOS when livecd-tools is present in
the install image. This fixes commit 18d30b3, which failed in this.
From Adam Williamson:
The Python Classroom spin images no longer build in recent Rawhide,
because of a dnf behaviour change that exposes dependency issues as
failures rather than hiding them by silently excluding packages. (This
change will likely get into F29 soon too).
The issue is this. fedora-live-python-classroom.ks includes
fedora-live-minimization.ks , which does this:
-sane-backends
but it also includes fedora-live-workstation.ks, which includes fedora-
workstation-common.ks, which does this:
@gnome-desktop
...and @gnome-desktop includes sane-backends-drivers-scanners and
libsane-hpaio, which both require sane-backends.
Until recently dnf was simply silently excluding sane-backends-drivers-
scanners and libsane-hpaio from the image, to 'resolve' this. Now it
fails on the problem, and we get to make a choice.
You basically have three options:
1. Just drop fedora-live-minimization.ks from fedora-live-python-
classroom.ks . It's pretty old and random at this point. It's basically
trying to drop printing and scanning stuff to save a bit of space. Do
you actually want printing and scanning not to work on your image?
2. Keep fedora-live-minimization.ks but explicitly add back `sane-
backends` to %packages in fedora-live-python-classroom.ks . This would
override the exclusion and fix the dep issue, and include the scanning
bits in the image.
3. Keep fedora-live-minimization.ks and add excludes for sane-backends-
drivers-scanners and libsane-hpaio to fedora-live-python-classroom.ks .
This would lose scanning support, and save a bit of space.
I went with option 1.
Make sure that we do not install grubby on the
container base image.
https://pagure.io/releng/issue/7872
Signed-off-by: Clement Verna <cverna@tutanota.com>
live-minimization is kinda old, and dates from the time we were
trying to fit in CD size. No-one cares much about that any more.
One of these exclusions (sane-backends) was contradictory for
Cinnamon lives and broke the compose since the recent dnf change
to fail compose on dependency issues (because the cinnamon comps
group explicitly includes sane-backends-drivers-scanners, but
this exclusion excludes one of its deps). To resolve that,
@grinnz is fine with just dropping the use of live-minimization
from the cinnamon images entirely, so this does that.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
All these packages used to be explicitly default or mandatory
in comps groups that were on live images, but no longer are.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
foomatic requires colord. Before dnf-3.5.1-2.fc30, this meant
foomatic was being silently excluded from MATE images. Now it
means they fail to compose. Let's drop the exclusion so the
images compose again. If the MATE maintainers want to reduce
size, they will have to explicitly exclude foomatic (and be OK
with doing so, as it probably breaks printing).
Signed-off-by: Adam Williamson <awilliam@redhat.com>
These are aiming to leave some weak dependencies out of minimal
images, it seems. From @core, gnutls recommends trousers which
requires trousers-lib, and iproute recommends iproute-tc.
However, both are *hard* dependencies of things that include
fedora-disk-base.ks. fedora-disk-workstation.ks includes
fedora-disk.base.ks and fedora-workstation-common.ks, so it
installs the Workstation package set, from which gnome-boxes
ultimately requires iproute-tc and NetworkManager-openconnect
ultimately requires trousers-lib.
Prior to the change I recently got merged into DNF, DNF would
silently drop gnome-boxes and NetworkManager-openconnect from
the Workstation disk image because of this. With the change, it
errors out on creation of the image.
To make the image compose again and actually include the right
packages, let's move the exclusions to fedora-minimal-common.ks,
where they make more sense anyway. This does mean the packages
will be pulled into other non-minimal images even if they're
not strictly required there, but that doesn't seem like a big
problem.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Inject install code in lorax template live/x86.tmpl for livemedia-
creator builds.
Also, remove wrong path for dracut;
give glib-compile-schemas the schemas directory;
update maintainers.
These groups were added to the server environment group in comps
but the change was not mirrored here, so the ARM server disk
image is still missing wifi support etc.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
These groups were added to the server environment group in comps
but the change was not mirrored here, so the ARM server disk
image is still missing wifi support etc.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Use the anaconda-install-env-deps metapackage to pull in the
Anaconda dependencies needed in the installation environment.
The anaconda-install-env-deps metapackage lists all install time
dependencies and makes it possible for packages such as
Initial Setup to depend on Anaconda without pulling all
the (mainly storage related) install time dependencies
to the installed system.
The same is applicable for dirinstall which also does
not require the install time dependencies as it is just
installing to a local folder.
This also fixes rhbz#1561047 as anaconda-install-env-deps
package has a Requires on udisks2-iscsi.
It's confusing to have it be underneath Server, when in actuality
we really want at least the people using containers to have it
by default. So let's enable it by default there.
gnome-software session service automatically downloads yum metadata,
which all goes to the RAM-backed filesystem overlay when running the
live image. This is undesired as it can make it difficult to install
Workstation on low memory devices.
To fix this, this commit disables gnome-software xdg autostart service
and the gnome-shell search provider on the live media.
https://bugzilla.redhat.com/show_bug.cgi?id=1560504
in turn makes a ifcfg-en<something> file with this config. We don't
want to use this, we want to always use ifcfg-eth0 so it's the same
on all images. So, we remove ifcfg-en* (They are different on each
arch we make cloud images for, but en* gets them all).
Additionally we were using some old udev tricks to get eth0, but this
is error prone and already incorrect as systemd-udev has moved files
around, so instead we just switch to net.ifnames=0 on the boot line,
which should continue working.
Grabbing coredumps on live systems is not a good idea. Either there is
no persistent storage, or it will be really slow and also small. So
disable abrtd and stop it in the same way as other services.
glibc bumped in size. See [1]
fedora-arm-kde.ks
DEBUG util.py:439: At least 30MB more space needed on the / filesystem.
fedora-arm-python-classroom.ks
DEBUG util.py:439: At least 41MB more space needed on the / filesystem.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1551073
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
This is needed in the astronomy spin when trying to install the
plasma-desktop. This is the error that is seen without it:
```
- package plasma-applet-redshift-control-1.0.18-4.fc28.noarch requires plasma-desktop, but none of the providers can be installed
- nothing provides libibus-1.0.so.5 needed by plasma-desktop-5.12.2-1.fc29.i686
- nothing provides libibus-1.0.so.5()(64bit) needed by plasma-desktop-5.12.2-1.fc29.x86_64
```
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
ksvalidate complains that "bootloader extlinux" is invalid
ksflatten changes the bootloader option to
"bootloader --location=mbr" we get working configuration using
the updated option so setting the default to it. The Jenkins
job on pagure is failing due to invalide syntax
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
koji task 25278678 Fedora-Python-Classroom-armhfp
DEBUG util.py:439: At least 52MB more space needed on the / filesystem.
koji task: 25278682 Spins armhfp KDE
DEBUG util.py:439: At least 104MB more space needed on the / filesystem.
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
All of these images are failing because more disk space is needed
to install the required rpms. This PR bumps the sizes so that they
should succeed. See [1].
Here are the current failures in rawhide:
koji task: 25182851 Workstation armhfp live image
DEBUG util.py:439: At least 93MB more space needed on the / filesystem.
koji task: 25182858 Spins armhfp LXDE
DEBUG util.py:439: At least 926MB more space needed on the / filesystem.
koji task: 25182869 Spins armhfp Mate
DEBUG util.py:439: At least 121MB more space needed on the / filesystem.
koji task: 25182901 Spins armhfp LXQt
DEBUG util.py:439: At least 180MB more space needed on the / filesystem.
koji task: 25182854 Spins armhfp KDE
DEBUG util.py:439: At least 294MB more space needed on the / filesystem.
[1] https://pagure.io/dusty/failed-composes/issue/9#comment-495037
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
When trying to build python classroom for armhfp we end up
in quite a dependency hell. Hunspell was the first issue
(fixed in the previous commit). Then there was all of this:
```
Problem 1: conflicting requests
- nothing provides libedataserver-1.2.so.23()(64bit) needed by gnome-shell-3.27.1-5.fc28.x86_64
Problem 2: conflicting requests
- nothing provides dleyna-renderer needed by gnome-photos-3.27.90-1.fc28.x86_64
Problem 3: conflicting requests
- nothing provides gnome-user-docs needed by gnome-getting-started-docs-3.26.2-2.fc28.noarch
Problem 4: package NetworkManager-openconnect-gnome-1.2.4-9.fc28.x86_64 requires libopenconnect.so.5()(64bit), but none of the providers can be installed
- conflicting requests
- nothing provides libtspi.so.1()(64bit) needed by openconnect-7.08-5.fc28.x86_64
Problem 5: package gnome-initial-setup-3.27.90-2.fc28.x86_64 requires gdm, but none of the providers can be installed
- package gdm-1:3.27.4-4.fc28.i686 requires gnome-shell, but none of the providers can be installed
- package gdm-1:3.27.4-4.fc28.x86_64 requires gnome-shell, but none of the providers can be installed
- conflicting requests
- nothing provides libedataserver-1.2.so.23()(64bit) needed by gnome-shell-3.27.1-5.fc28.x86_64
Problem 6: package gnome-shell-extension-window-list-3.27.1-3.fc28.noarch requires gnome-shell-extension-common = 3.27.1-3.fc28, but none of the providers can be installed
- package gnome-classic-session-3.27.1-3.fc28.noarch requires gnome-shell-extension-window-list = 3.27.1-3.fc28, but none of the providers can be installed
- package gnome-shell-extension-common-3.27.1-3.fc28.noarch requires gnome-shell >= 3.27.1, but none of the providers can be installed
- conflicting requests
- nothing provides libedataserver-1.2.so.23()(64bit) needed by gnome-shell-3.27.1-5.fc28.x86_64
Problem 7: conflicting requests
- package gdm-1:3.27.4-4.fc28.i686 requires gnome-shell, but none of the providers can be installed
- package gdm-1:3.27.4-4.fc28.x86_64 requires gnome-shell, but none of the providers can be installed
- nothing provides libedataserver-1.2.so.23()(64bit) needed by gnome-shell-3.27.1-5.fc28.x86_64
```
Note: I used an x86_64 machine to do the dependency debugging.
So here is what I decided to do:
- remove `-evolution*` (evolution-data-server provides libedataserver-1.2.so.23()(64bit))
- remove `-trousers-lib` (trousers-lib provides libtspi.so.1()(64bit))
- add `-gnome-photos` since a lot of other gnome apps were excluded
- add `-gnome-getting-started-docs` since gnome-user-docs was excluded
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
Needed by a few different things. For example to build the security live
image you run into these problems if you exclude wget:
Problem 1: conflicting requests
- nothing provides /usr/bin/wget needed by openvas-scanner-5.1.1-4.fc27.x86_64
Problem 2: package wireshark-gtk-1:2.4.4-2.fc28.x86_64 requires wireshark-cli = 1:2.4.4-2.fc28, but none of the providers can be installed
- package wireshark-cli-1:2.4.4-2.fc28.i686 requires libsmi.so.2, but none of the providers can be installed
- package wireshark-cli-1:2.4.4-2.fc28.x86_64 requires libsmi.so.2()(64bit), but none of the providers can be installed
- conflicting requests
- nothing provides wget needed by libsmi-0.4.8-21.fc28.i686
- nothing provides wget needed by libsmi-0.4.8-21.fc28.x86_64
Problem 3: package wireshark-1:2.4.4-2.fc28.x86_64 requires wireshark-cli = 1:2.4.4-2.fc28, but none of the providers can be installed
- package wireshark-cli-1:2.4.4-2.fc28.i686 requires libsmi.so.2, but none of the providers can be installed
- package wireshark-cli-1:2.4.4-2.fc28.x86_64 requires libsmi.so.2()(64bit), but none of the providers can be installed
- conflicting requests
- nothing provides wget needed by libsmi-0.4.8-21.fc28.i686
- nothing provides wget needed by libsmi-0.4.8-21.fc28.x86_64
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
Needed by anaconda. See [1].
```
- package anaconda-28.22-1.fc28.x86_64 requires anaconda-core = 28.22-1.fc28, but none of the providers can be installed
- nothing provides realmd needed by anaconda-core-28.22-1.fc28.x86_64.
```
[1] https://pagure.io/dusty/failed-composes/issue/9#comment-495037
Signed-off-by: Dusty Mabe <dusty@dustymabe.com>
This exclusion has never actually worked. Look at a successful
F27 container-minimal build:
https://koji.fedoraproject.org/koji/taskinfo?taskID=25064051
If you check one of the tasks and look at the oz log, it shows
that libusbx is actually installed.
This is because both dnf and microdnf require libdnf, which
requires librepo, which requires gpgme, which requires gnupg2,
which requires libusb.
In Fedora 27, anaconda/dnf handle this by ignoring the attempt
to exclude libusbx and just installing it anyway.
In Rawhide, however, anaconda/dnf behaviour is different. I
don't know when it changed, but now anaconda/dnf honor the
kickstart and exclude libusbx from the install transaction...
which means the image build just fails, because the deps for
dnf/microdnf cannot be satisfied. So we should just ditch the
exclusion, it's bogus. See a failed Rawhide build attempt:
https://koji.fedoraproject.org/koji/taskinfo?taskID=25077542
Signed-off-by: Adam Williamson <awilliam@redhat.com>
In cloud Images we do this becaue it's generally accepted that
in a cloud environment there are higher level firewall constructs
(i.e. security groups).
The arch-specific sub-packages that provide grub2-efi on each
arch are listed in @anaconda-tools comps group anyway (so this
is redundant), and requiring it by name in a kickstart causes
i686 live image composes to fail because it is no longer built
for i686.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
because Xfce spin is release blocking for arm, and firefox currently
does not build on arm so is excluding it until a fix is landed.
See https://bugzilla.redhat.com/show_bug.cgi?id=1523912
This should be reverted as soon as the above bug is fixed.
When building Fedora Server base images (such as when building F27
Modular Server), the --noboot option results in the container image
attempting to mount /boot with XFS like the rest of the system.
This results in the image-creation failing.
Since the partitions don't matter in the end (the files are tarred
up and shipped that way), we'll skip this optimization.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
This bit was cargo culted from the old school Fedora Cloud image, but we have
also been using `net.ifnames=0` on the kernel command line, which ensures that
we get `eth0` as "the" NIC name. (There's a huge amount of history behind
this and I'm not trying to change that behavior here)
The problem is that those udev rules do *other* things that we do want, such as
ensure that `veth` devices get `NM_CONTROLLED=no`. Without that e.g.
NetworkManager might try to do DHCP on those devices, which is at best slow
since they appear and disappear frequently, and at worst risks the host network
configuration.
For more information, see [RH bz#1503347](https://bugzilla.redhat.com/show_bug.cgi?id=1503347)
Signed-off-by: Colin Walters <walters@verbum.org>
We don't include firstboot in AH, we use cloud-init, so nothing
is ever going to parse this. Drop it, since it shows up as a delta
in `ostree admin config-diff`, and further we want to reduce the
amount of stuff in this ks.
Signed-off-by: Colin Walters <walters@verbum.org>
The `setup` package has this same content, let's not duplicate it. The only
difference between them today is trailing whitespace in our version.
Just trying to reduce the amount of stuff we do here to avoid deltas with bare
metal installs, containers, etc.
Signed-off-by: Colin Walters <walters@verbum.org>
Version 25 of livecd-tools has new tools to help in rebuilding LiveOS images. For example,
* editliveos permits overlay merging and image refreshing,
* editliveos allows overlay and home file system resizing and format changes
* livecd-iso-to-disk allows multi image installation on a single USB disk device
* livecd-iso-to-disk allows sourcing and writing to the same disk device.
Having the livecd-iso-to-disk installer onboard the .iso makes installation of a persistent overlay easier. (Persistent overlays are the standard for SoaS image in a pocket deployment.)
The new tools also work with OverlayFS overlays.
While booting Atomic cloudImage, we want to see kernel messages
on both VGA and serial console. It works fine with
tty1(vga console) and ttyS0(serial console) on x86_64 arch.
But, aarch64 and ppc64le doesn't use ttyS0 as serial console.
Instead, they use ttyAMA0(aarch64) and hvc0 (ppc64le).
Also, good point is that if a serial console specified in kernel
boot parameter is not supported on a given hardware platform, it
gets ignored. For example: console=ttyAMA0 and console=hvc0 will
get ignored on x86_64
Fixes: https://pagure.io/atomic-wg/issue/347
Signed-off-by: Sinny Kumari <sinny@redhat.com>
Building Fedora Atomic CloudImage on architectures like
aarch64 and ppc64le needs platform specific partitions as well.
Issue - https://pagure.io/atomic-wg/issue/299#comment-449243
Signed-off-by: Sinny Kumari <sinny@redhat.com>
See https://pagure.io/atomic-wg/issue/281
This causes us to match the productimg setup. At some point hopefully we can use
`autopart` and not duplicate it.
The installs don't quite hit on the default base image size so
increase it for both spins so they will build.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
So make is needed by openssl and compat-openssl10 which is turn is needed
by key things such as qt5-qtbase, mariadb and other core things that are
explictly needed in the KDE spin. I have no idea why the ARM images fail
and the live media does not because all arches have this dep.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
So MATE removes PackageKit and then tried to add PackageKit-command-not-found
which is contradictary and will fail to install so drop the later so things
will at least compose.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
There's a number of dependencies that are being excluded but are needed by core
MATE components so the arm images fail because of this. Also fix the mp3 support
package as that's now in gstreamer1-plugins-ugly-free
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
These files are stored and used from the fedora-lorax-templates [1]
repo. They haven't been used/updated from this location in a long time.
[1] https://pagure.io/fedora-lorax-templates
The comments in release process should not render as headers. This will
make it a code block instead.
Signed-off-by: Lubomír Sedlář <lsedlar@redhat.com>
Taking the first step towards enabling gpg verification for our
users we'll make it so that the media they download will verify
gpg signatures of commits by default.
The next step is to enable gpg verification during install as well
but there is a race condition where the commit that was just created
might not yet be signed. See [1] for more details.
[1] https://pagure.io/pungi/issue/650
a59dfe5 caused us a few problems:
- sed was breaking the symlink on atomic systems
- /boot/grub2/grub.cfg is not the right file on a UEFI system
- etc..
We'll solve this problem a different way by just not installing
plymouth in our systems, which is another way [1] to make sure
rhgb/quiet don't appear on your kernel command line.
[1] ee91db6fa3/pyanaconda/payload/__init__.py (L722-L726)
We are seeing an error on aarch64 cloud image creation because
of the vfat filesystem and the fixfiles command failing:
+ /usr/sbin/fixfiles -R -a restore
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/fonts/unicode.pf2: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/gcdaa64.efi: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/grub.cfg: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/grubaa64.efi: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/grubenv: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/BOOT/BOOTAA64.EFI: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/BOOT/fallback.efi: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/BOOT.CSV: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/MokManager.efi: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/shim-fedora.efi: Operation not supported
/sbin/restorecon: Could not set context for /boot/efi/EFI/fedora/shim.efi: Operation not supported
Ignore the return code of the systemd-tmpfiles command because
at this point we have already removed the /etc/machine-id (8f3beac)
and all tmpfiles lines with %m in them will fail and cause a bad
return code. Example failure:
[/usr/lib/tmpfiles.d/systemd.conf:26] Failed to replace specifiers: /run/log/journal/%m
In 96a6711 we added re-running systemd-tmpfiles to add files to /run
on the root fs of the container. Here we'll limit where systemd-tmpfiles
puts files by passing it --prefix /var and --prefix /var/run/
similar change was done for docker/cloud in f6ecdc3
cmdline makes it so that %post --erroronfail won't actually stop the
installation in a way that imagefactory will detect the problem and
fail the build. See [1] for more details.
[1] https://github.com/rhinstaller/anaconda/issues/931
Update the trac link to point to the pagure issue. Also
we don't actually want to enable legacy network service.
This was also reverted for f25 in 6f3661e.
* removes the extra ens3 ifcfg that seems to be added
by dracut at some point (cloud base did this in their
ks a year ago in c509863)
* adds net.ifnames=0 to the bootloader line, because
that seems to be necessary to actually disable consistent
device naming
* enables the network service
see https://pagure.io/atomic-wg/issue/174
(cherry picked from commit 5d987e82b3)
kdegames was retired, so ditch all references to it. This is
breaking KDE live image compose on Rawhide.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
This is a generic disk image that should be usable on any architecture with
imagefactory or live-media-creator (possibly with package tweaks).
Minor tweaks to the autopart across Minimal/Workstation for Server defaults.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
This is a generic disk image that should be usable on any architecture with
imagefactory or live-media-creator (possibly with package tweaks).
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
This is a generic disk image that should be usable on any architecture with
imagefactory or live-media-creator (possibly with package tweaks). It creates a
minimal-common.ks to share as much as possible with the ARMv7 specific
fedora-arm-minimal.ks
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
Anaconda is writing an /etc/resolv.conf from the install environment.
The system should start out with an empty file, otherwise cloud-init
will try to use this information and may error:
https://bugs.launchpad.net/cloud-init/+bug/1670052
With moving to grub2 we now need to remove the extlinux bits from the
other cloud images. They were missed in the move
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
Filesytem tools, TPM tools, libusb and friends aren't of much use in
a docker container so remove them.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
There's a lot of similarities between base and base-minimal so
introduce a docker-common.ks to ensure as much as possible is shared
between the two ensure as much shared as possible.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
anaconda apparently fails now if the scriptlet fails which happens
on 32 bit arm:
Error
There was an error running the kickstart script at line 28. This is a fatal
error and installation will be aborted. The details of this error are:
+ LANG=en_US
+ echo '%_install_langs en_US'
+ echo 'Import RPM GPG key'
Import RPM GPG key
++ rpm -q --qf '%{version}\n' fedora-release
+ releasever=27
++ uname -i
+ basearch=armv7l
+ rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-27-armv7l
error: /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-27-armv7l: import read failed(2).
Press ENTER to exit: systemd-localed.service: Got notification message from PID 2286 (STOPPING=1)
as all the rpms in f27 are signed by the sole key lets just import that
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
anaconda apparently fails now if the scriptlet fails which happens
on 32 bit arm:
Error
There was an error running the kickstart script at line 28. This is a fatal
error and installation will be aborted. The details of this error are:
+ LANG=en_US
+ echo '%_install_langs en_US'
+ echo 'Import RPM GPG key'
Import RPM GPG key
++ rpm -q --qf '%{version}\n' fedora-release
+ releasever=27
++ uname -i
+ basearch=armv7l
+ rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-27-armv7l
error: /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-27-armv7l: import read failed(2).
Press ENTER to exit: systemd-localed.service: Got notification message from PID 2286 (STOPPING=1)
as all the rpms in f27 are signed by the sole key lets just import that
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
all workstation based spins are failing due to packagekit causing gpg-agent
spawning and keeping /dev/null open inside the compose environemnet.
36389 ? Ss 0:00 gpg-agent --homedir /tmp/tmp.XJ49JiQYpU/var/cache/PackageKit/26/metadata/updates-testing.tmp/gpgdir --use-standard-socket --daemon
36417 ? Ss 0:00 gpg-agent --homedir /tmp/tmp.XJ49JiQYpU/var/cache/PackageKit/26/metadata/updates.tmp/gpgdir --use-standard-socket --daemon
we end up with process like above running. this only hit us as the urls
pointed to stopped giving 404 errors
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
The old means of enabling the graphical service is obsolete so remove it.
It's now detected by explicitly enabling graphical.target so do this by default
for all graphical UXes
We drop the explicit grub2 as aarch64 only has grub2-efi but anaconda will
sort that out and ensure all the right bits are installed during the install
so we should get the right grub2 bootloader options for each arch OOTB.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
Add the EFI partition in so anaconda doesn't lose it. Ulimately doesn't affect
docker image size as boot and friends are discarded as part of the process.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
Add the EFI partition in so anaconda doesn't lose it. Ulimately doesn't affect
docker image size as boot and friends are discarded as part of the process.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
The main reason for cloud to use extlinux is the size of deps being
pulled in by grub2-tools. This will be fixed in F-26 with the ability
to use grub2/grub2-efi without the tools package and it's deps fixing
this issue for good. There will no doubt need to be be some tweaking
required here.
We need grub2 in cloud images for non x86 as well as for the increasing
x86 cloud platforms that require the support of uEFI which extlinux
doesn't support.
Signed-off-by: Peter Robinson <pbrobinson@fedoraproject.org>
cmdline makes it so that %post --erroronfail won't actually stop the
installation in a way that imagefactory will detect the problem and
fail the build. See [1] for more details.
[1] https://github.com/rhinstaller/anaconda/issues/931
The new DNF based appliance build is stricter about additions and exclusions
in the %packages section, so things that expressly conflict will fail the
build.
The DNF-based appliance-tools build of the ARM image complains
that it is short by 54MB, so we're increasing by a bit more than that
to give some wiggle room for the future.
I'm trying to keep things in sync - this mostly ensures the root
password is unlocked, and drops the `services` line that is useless
because that's not how kickstart inheritance works.
for rhbz#1392468 I was told that what we had should never have worked.
A bug in anaconda was fixed causing the need for the user or root
spokes to have to be dealt with. locking the root account should
satisfy everything.
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
This prevents systemd to update it during boot if DHCP supplies a
hostname, which causes sddm to not start. See
https://bugzilla.redhat.com/show_bug.cgi?id=1370222
Signed-off-by: Kamil Páral <kparal@redhat.com>
So is seems that if you remove the machine-id file it won't regenerate the file
but if you touch the file and leave it empty on boot it'll put a new machine-id
in the empty file. So work around this bug ("feature"?) by touching the file
so we don't have other issues in the process.
We're track the outcome of this in RHBZ 1379800
images without any change to the process (except they have a small 30Mb
partition at the begining of the image) but all exisiting documented
processe work for image writing. The RPi is auto configured and a pure
dd to the card, plug and boot.
As referenced on the arm list [1] and as already being done on the docker image we
should remove the unique /etc/machine-id file on compose artifacts to ensure it's
regenerated and unique on each deployed host/device. This unifies the process across
all base ks so it's inherited for each artifact.
[1] https://lists.fedoraproject.org/archives/list/arm@lists.fedoraproject.org/message/Q3YZVF5P2OLLPUJQ2LYZSTKWGGDIU6QO/
Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
it's no longer pulled in by cloud-init (since 2014...). None
of these kickstarts has it in %packages, and it's not in any
of the cloud environment or package groups in comps either. So
it seems like no-one particularly wants rsyslog in the cloud
images.
From compose logs, it looks like trying to enable a non-existent
service in anaconda in Fedora 24 and earlier wasn't a fatal
error (anaconda more or less logged a warning and continued),
but in Fedora 25 and later it does seem to be fatal. It at least
causes one anaconda thread to crash, though the image compose
completes. I think possibly at least the way anaconda's run
in the Cloud compose process, the main thread manages to exit,
but it seems pretty likely the thread crash will result in
problems in the produced image.
Needed on master and f25.
Due to #1369794 , anaconda cannot currently manipulate sysv
services in F25+. So to work around this, take 'network' out of
the services lines in all kickstarts and instead manipulate
it in the %post section, with chkconfig.
Also remove rsyslog from the Atomic image services line because
it doesn't appear to be included in the OStree tree at present
and so attempting to enable the service breaks Atomic image
compose, see e.g.:
https://kojipkgs.fedoraproject.org//work/tasks/9022/15349022/oz-x86_64.log
also correct the name of the ssh service in fedora-arm-base.ks;
it's sshd not ssh.
With e2fsprogs after 1.43 the 64bit and metadata_csum features are
enabled by default. These features are not currently supported in
u-boot and the 64bit feature introduces changes such that it cannot
be read by implementations that do not support it. U-Boot does not
support the functionality and hence now won't mount it just in case
it corrupts the filesystem, which is a reasonable response, this how
ever stops us from booting when we have a ext4 /boot file system
which means basically we end up with a pot plant. Go back to using
ext3 for the time being as the mkfs.ext3 option doesn't enable these
features and we get booting systems!! YAY \o/
We need to have chronyd start after livesys has finished so that
the config for chronyd gets rewritten before it starts. If not it
will overwrite the system clock with a time that will be incorrect
(US eastern stored as local time instead of UTC) for most people.
This fixes bug 1018162.
Now that F24 images are made with livemedia-creator instead of
livecd-creator, the kickstart parser has changed; the new kickstart
parser doesn't understand the $INSTALL_ROOT variable we'd been using in
%post --nochroot scripts. This commit fixes this by replacing
$INSTALL_ROOT usage with hardcoded /mnt/sysimage as docs suggest.
While at this, this commit also fixes a case where resolv.conf would be
incorrectly copied if it is a symlink, thanks to dgilmore for pointing
this out.
After removing grub2 the which package gets removed. Let's add it back
because it is generally useful and because it is needed for many vagrant
utilities to work.
Hopefully eventually Midori will get fixed, so firefox can be dropped
and we'll find a way to get the i686 version not to be 400 MB larger
than the x86_64 version.
With livemedia putting both PAE and non-PAE kernels on i686,
i686 images are a lot bigger than x86_64 images and what i686
used to be. Removing freedroid looks to be enough.
@gnome-desktop addition was reverted in comps in commit
db13483cc5bdb39b8d9f066e7706335fb9ae3048; this reverts it here too.
This reverts commit 6b42371f72.
pinball pulls in fluid-soundfont-lite-patches. I thought I had already
removed everything that did. I am not sure if I missed something or
if pinball changed.
This patch is for the spin-kickstarts repository.
Call out to the `bootentry` script in the kickstart %post so that the
Developer Mode option is added to the GRUB 2 menu.
initail-setup.service now handles running both the gui mode and text
mode running of initial-setup so just enable the one service and no
longer do any special handling rhbz#1296495
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
Per discussion on #1169979, fontconfig upstream think they have
the bugs licked, so this shouldn't be needed any more. We need
to check the nightly lives after this and see if their caches
are now correct.
This effectively reverts the recent change by rdieter, without undoing
the refactoring.
As per the IRC discussion, it looks like caching the metadata is not all
that helpful with Apper or Muon (and I doubt it is actually helpful with
ANY frontend, because updates will necessarily be outdated, and even the
Everything repo usually changes one last time after the last RC, to
officially push packages that the RC took from a side repo), we would
only be increasing our spin size with stale metadata.
Fedora has gotten significantly bigger since we started doing final TCs
and even between final RCs. I am not sure why. But this cut will get
the Games spin safely under 4 GiB.
As livecd-creator is still yum based, we only get yum's yumdb during
live image composes. To work this around, this commit adds a %post
script to fedora-live-base.ks to migrate yum's yumdb over to dnf.
https://bugzilla.redhat.com/show_bug.cgi?id=1274319
Instead of taking the metadata from PackageKit-cached-metadata package
as we were doing previously, copy it over directly during the compose
from https://kojipkgs.fedoraproject.org/mash/
This makes it much less error prone as we always get the very latest
metadata, and makes maintenance much simpler as we don't need to roll
PackageKit-cached-metadata by hand. Users are also going to appreciate
this because it makes post-GA updates smaller as they won't have to
download updates for the PackageKit-cached-metadata subpackage each time
PackageKit gets updated.
We have had -kbd in the kickstart for a long time, but because of BZ#1199868
it wasn't actually getting excluded. Not having it causes
systemd-vconsole-setup.service to fail so we are adding it back for now.
Additionally we need to add back plymouth to cover up the subsequent failure
of systemd-vconsole-setup.service. See BZ#1272684.
Workaround BZ1262040 by removing the --instLangs arg from the
%packages line and rely on our previous hack to manually remove
langs after install. This fixes BZ1261249.
Signed-off-by: Kushal Das <kushaldas@gmail.com>
The ModemManager package is already installed for all live images;
it should be enabled so users can connect to WWAN right after boot
using the NetworkManager applet.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
For some reason the kernel-core is not protected by dnf, so when
we are trying to remove linux-firmware, it was actually removing
kernel-core package. Commenting out the lines for now.
This is pretty cosmetic as live and cloud images don't use passwords
and they install with sha512 fine, but some people may use these
kickstarts as a base for their spins, so we should use best practices.
We were getting grub2 in the base image again. Apparently
for a while Anaconda has supported a cleaner syntax for this, and
since it fixes the bug, let's use it.
https://bugzilla.redhat.com/show_bug.cgi?id=1222132
Best practice is to use unprivileged service daemons inside Docker
containers. But with this hardcoded root password, in the case of
remote code execution, an attacker could trivially escalate their
privileges to root/uid 0. And while that's uid 0 inside a container,
that's a much larger attack surface.
Instead, do the same thing we're doing for the Cloud images: lock the
root password, create a user to make Anaconda happy, then delete the
user in %post.
https://bugzilla.redhat.com/show_bug.cgi?id=1175997
We control the actual size of the virtual disks with options on the
koji command line. This change will allow the Vagrant root
partition to grow to the 40 GB we allocate in the koji image build
while the base cloud image will remain essentially unchanged, as it
is set to 3 GB in the rel-eng koji call.
It gets installed at box launch time anyway. Save users the
annoyance of having to wait. This is in line with the Atomic
Vagrant images as well, which contain rsync in the composed tree.
Comps commit b802fd1c8472bcf5eb2587cd9ba20fb301bbaa6e changed
workstation-product-environment to include the whole of @firefox group,
as opposed to just including the firefox package in the
workstation-product group. This commit syncs the change here too.
I committed this 5 years ago with only a minimum of review, its main
feature was easier SSH key injection, a problem which has been solved
much better by the cloud image which uses `cloud-init`, as well as the
Vagrant boxes which use hardcoded vagrant SSH keys.
it is not included in f22 and will need ot be re reviewed and sumbitted
if interested parties step up and want to actively maintain and test
Signed-off-by: Dennis Gilmore <dennis@ausil.us>
boswars is building again and no longer has a library conflict.
Hower this will put the games spin very close to 4 GiB and some
more tweaking might be needed.
Even though it's silly, the ImageFactory-in-Koji use case calls into
libguestfs to introspect the target system, and libguestfs relies on
/etc/fstab to detect installed operating systems.
rpm-ostree-toolbox always uses this code path now; we spawn an "ostree
trivial-httpd" even for local use. That way the same template can be
used for both remote repositories and local ones.
Now that cloud-init is enabled in the systemd unit, that change
goes in /usr/lib...which we can't easily change. There are
two potentially sane solutions:
- Refactor the kickstarts here
- Some support for systemd presets in kickstart files would
allow us to have a later override here
You can use environment groups in kickstarts with this @^ syntax.
So we don't need to duplicate the environment group here, just
use it. We also don't need to list the productimg package, as
it's in the @workstation-product group which the environment
pulls in.
Things are going to be very close with removing just neverball. So it
looks like we need another removal and it is stellarium.
This is for bug 1168983.
Pungi and lorax pull in the complete repository set and then try
to load all possible fedora-productimg-* packages. We need to
explicitly exclude the ones for the different products.
We were doing gyrations here between the "installmedia" remote and the
intended "fedora-atomic" remote. Thinking about this, it's *far*
simpler if we pretend installmedia is the target remote.
We still need to delete the remote configuration Anaconda added and
re-add it with the real target URL.
Conflicts:
fedora-cloud-atomic.ks
While it makes sense to import the GPG key, it has to be done
as part of the treecompose, because it'll drop out of the rpmdb
on the next upgrade.
For yum, it was run as part of the treecompose, not Anaconda, so
there's already no history.
Add fedora-release-nonproduct to fedora-live-base.ks to ensure it gets
pulled in for all spins. In order to avoid it getting pulled in to
the Workstation product that is also based on fedora-live-base.ks,
explicitly exclude fedora-release-nonproduct in workstation kickstart
file.
https://bugzilla.redhat.com/show_bug.cgi?id=1154235
Drop most package removals / additions from the kickstart file and rely
on the @workstation-product comps group pulling in the correct packages.
We'll need package selection done in comps in order to make Workstation
netinstall work properly.
https://bugzilla.redhat.com/show_bug.cgi?id=1134524
icedtea-web clutters the application view with two launchers for config
dialogs which are not really apps as we define the term.
It used to be excluded previously but accidentally slipped back in with
the live-desktop -> live-workstation kickstart renames; this commit
takes it out again.
https://bugzilla.redhat.com/show_bug.cgi?id=1131248
This should be handled correctly at installation time. If it's not, I
think what we really want is a %post --relabel or something option to
have Anaconda take care of this.
The disabling of java-1.8.0-openjdk seems like an artifact of the
1.7/1.8 duality and no longer applies.
Also allow other wildfly dependencies: jruby, and generic-jms-ra.
Yesterday was not a good day for doing things without double-checking. I
reverted this on the wrong branch. It *should* be here on this one. So, I'm
re-reverting. Awesome.
This reverts commit c90a8409a4.
The gnome-settings-daemon updates plugin is gone and update downloading
is handled by gnome-software instead. Adapt the live image schema
overrides for the changes.
remove vfat kickstarts, we are going to use u-boot in raw space
without needing two sets of images with different partitioning we
can remove the seperate partitioning snippets and put the
partitioning in base.
Do not hardcode the fedora-release package name in the %post scriptlet
(in the place that imports the Fedora RPM GPG key). Instead, use
"--whatprovides system-release", which is strictly equivalent if
fedora-release is used, but also works when the *-release package is
named differently.
This makes live easier for remixes, which have to replace fedora-release
with generic-release or ${remixname}-release. They would otherwise have
to edit fedora-live-base.ks.
Using git version is simpler as it handles oddball cases internally.
Since we have been using mostly lightweight tags I have set it to
search those in addition to annotated tags for the best match. The
output for commits that don't have a tag seems a bit nicer as well.
Also update the comments at the top of fedora-live-kde.ks and
fedora-livecd-kde.ks, it's been ages since "livecd-kde" last fit on an
actual CD, the target size is 1 GiB now.
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
