davidlt/fedora-kiwi-descriptions
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: davidlt:rawhide
Branches Tags
davidlt:rawhide
davidlt:f41-riscv64-v3
davidlt:f41-riscv64-v2
davidlt:f41-riscv64-v2-notclean
davidlt:f41-riscv64
davidlt:riscv64-uefi-boards
davidlt:riscv64
davidlt:main
davidlt:f40
...
pull from: davidlt:f40
Branches Tags
davidlt:f41-riscv64-v3
davidlt:f41-riscv64-v2
davidlt:f41-riscv64-v2-notclean
davidlt:f41-riscv64
davidlt:riscv64-uefi-boards
davidlt:riscv64
davidlt:main
davidlt:rawhide
davidlt:f40

15 Commits
rawhide ... f40

Author SHA1 Message Date
František Zatloukal
f4b1d8a7b8 teams/cloud/cloud: add console="serial" to grub2 
Fixes booting the Generic image on systems without any video device.

ref. https://github.com/teemtee/tmt/issues/2771
 2024-04-04 06:55:41 -04:00
Debarshi Ray
693050fc10 teams/cloud/container: Remove dracut from Toolbx 
The dracut package contains tools to create bootable initramfses for the
Linux kernel.  Historically, neither the Container/Dockerfile nor the
Kickstart equivalents of the fedora-toolbox OCI images contained dracut.
The KIWI description of the image was including dracut because it's
listed as a Requires(pre) of the grub2-tools package [1].

Unless someone comes forward and says that they are using Toolbx to hack
on the boot stack, it's better to retain the status quo for the sake of
a smaller image.

Since an RPM's %pre scriptlet is run before a package is installed [2],
it should be safe to remove dracut after the grub2-tools package has
been installed.

[1] https://src.fedoraproject.org/rpms/grub2

[2] https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/

https://pagure.io/fedora-kiwi-descriptions/pull-request/41
 2024-04-02 13:57:15 +00:00
Debarshi Ray
e25c0fc4aa teams/cloud/container: Add cpio and file to Toolbx 
They are currently being pulled in as dependencies of dracut and
grub2-tools respectively.  However, since they are explicitly mentioned
in the list of default RPMs on Fedora Silverblue and Workstation [1],
they should be mentioned here too, especially since packages like dracut
and grub2-tools are related to booting the host operating system and
might not be useful in a container.

[1] https://pagure.io/fedora-comps/

https://pagure.io/fedora-kiwi-descriptions/pull-request/41
 2024-04-02 13:57:15 +00:00
Neal Gompa
542b686983 uki: Take 2 to drop custom logic for discoverable partitions 
Since kiwi v10.0.10, it automatically sets the partition GUIDs to
values from the UAPI group's discoverable partition standard.
 2024-04-02 09:54:55 -04:00
Debarshi Ray
4cd02b94a7 teams/cloud/container: Add langpacks-en to Toolbx 
Fedora Silverblue and Workstation, and so the Kickstart equivalent of
the fedora-toolbox OCI image, contain langpacks-en by default.  It's
absence leads to a significant difference in the list of RPMs, which is
better to avoid so close to the Fedora 40 final release:
  -abattis-cantarell-vf-fonts-0.301-12.fc40.noarch
  -default-fonts-core-sans-4.0-12.fc40.noarch
  -fonts-filesystem-2.0.5-14.fc40.noarch
  -google-noto-fonts-common-20240301-3.fc41.noarch
  -google-noto-sans-mono-vf-fonts-20240301-3.fc41.noarch
  -google-noto-sans-vf-fonts-20240301-3.fc41.noarch
  -google-noto-serif-vf-fonts-20240301-3.fc41.noarch
  -hunspell-1.7.2-7.fc40.x86_64
  -hunspell-en-0.20201207-9.fc40.noarch
  -hunspell-en-GB-0.20201207-9.fc40.noarch
  -hunspell-en-US-0.20201207-9.fc40.noarch
  -hunspell-filesystem-1.7.2-7.fc40.x86_64
  -langpacks-core-en-4.0-12.fc40.noarch
  -langpacks-fonts-en-4.0-12.fc40.noarch
  -liberation-fonts-common-2.1.5-9.fc40.noarch
  -liberation-mono-fonts-2.1.5-9.fc40.noarch
  -liberation-sans-fonts-2.1.5-9.fc40.noarch
  -liberation-serif-fonts-2.1.5-9.fc40.noarch
  -sil-mingzat-fonts-1.100-5.fc40.noarch

The plan is to investigate if Toolbx containers can use some of these
packages from the host.  However, that needs to be co-ordinated with the
toolbox(1) binary, and has to be a done in a way that works across a
wide variety of container and host combinations.

Until then, it's safer to retain the status quo.

https://pagure.io/fedora-kiwi-descriptions/pull-request/38
 2024-04-02 13:11:11 +02:00
Neal Gompa
a46ae1fd92 Revert "uki: Drop custom logic for discoverable partitions" 
This is not yet properly supported in kiwi.

This reverts commit 0e65914aca28f2ec07b4b97153b64d154c7e0a6f.
 2024-03-26 11:02:43 -04:00
Neal Gompa
0e65914aca uki: Drop custom logic for discoverable partitions 
Since kiwi v10.0.1, it automatically sets the partition GUIDs to
values from the UAPI group's discoverable partition standard.
 2024-03-26 09:06:12 -04:00
Gerd Hoffmann
be2513ff60 fix aarch64 uki build 
There is no biosboot partition on aarch64, so the root filesystem
on aarch64 is partition 2.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
 2024-03-26 07:48:54 -04:00
Michal Hlavinka
42018f0d3b remove passwd, it was retired 
passwd was retired, it's function was replaced by shadow-utils,
which is already included
see https://fedoraproject.org/wiki/Changes/LibuserDeprecation
 2024-03-25 19:03:16 -04:00
Neal Gompa
865394be02 config.sh: Add snippet to configure sudo for Vagrant images 
The vagrant user used in Vagrant images needs the ability
to use sudo with no restrictions. This is fine and expected
for Vagrant images, as they are only intended to be used
for development purposes.
 2024-03-25 11:26:31 -04:00
Adam Williamson
1532616541 cloud: set Google root size to 10 GB and EC2 back to 5 GB 
It's the *Google* image that's required to have a 10 GB root
for performance reasons, not the EC2 image, as the comment says,
but the change was inadvertently applied to the EC2 image not
the Google one. This means our Google image is slow and our EC2
images are failing to be published as AMIs.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2024-03-20 09:13:16 -07:00
Jeremy Cline
9ecebea5f2 container: update package list to match f39 more closely 
Gary Buhrmaster noticed gzip was missing from the Fedora 40 container.
An extremely quick and gross diff produced by doing:

podman run -it --rm --entrypoint /usr/bin/rpm fedora:39 -qa \
  | sort | uniq | awk '{ split($0,a,"-[0-9]"); print a[1] }' > f39.txt

shows the following for Fedora Minimal 39 -> 40:

-abattis-cantarell-vf-fonts
+audit-libs
-default-fonts-core-sans
-fonts-filesystem
-google-noto-fonts-common
-google-noto-sans-mono-vf-fonts
-google-noto-sans-vf-fonts
-google-noto-serif-vf-fonts
-gpg-pubkey
+gpg-pubkey-a15b79cc
+json-c
-langpacks-core-en
-langpacks-en
-langpacks-fonts-en
+libcap-ng
+libeconf
-libsigsegv
+libtool-ltdl
+pam-libs
-systemd-libs
-util-linux-core
-zlib
+zlib-ng-compat

For Fedora 39 -> 40:

-authselect
-authselect-libs
-cracklib
-gpg-pubkey
+gpg-pubkey-a15b79cc
-gzip
-libdb
-libpwquality
-libsigsegv
+libtool-ltdl
-pam
-sudo
-systemd-libs
-util-linux-core
-zlib
+zlib-ng-compat

This adds gzip and sudo back to the non-minimal container, as well as
bzip2, xz, and zstd to round out the set of [de]compression tools.
 2024-03-18 18:04:45 -04:00
Kevin Fenzi
5742820d43 Keep kbd-misc for now 
On ppc64le, power-utils is pulled in by being default in Core group.
This in turn pulls in power-utils-core, which pulls in systemd-udev.
When kiwi goes to remove kbd-misc on ppc64le only, it fails because
systemd-udev is a protected package. On other arches since it's not
installed, it works.

So, we are going to just drop this for now and revisit solutions after
Beta is out the door.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-03-13 18:15:53 -07:00
Neal Gompa
40a69d3fd7 teams/cloud/container: Add name labels for the containers 
These were accidentally omitted when they were ported over.
 2024-03-12 22:16:29 -04:00
Neal Gompa
444a25db83 Branch Fedora 40 from Rawhide 2024-03-12 09:02:49 -04:00
6 changed files with 41 additions and 30 deletions
Show Stats Expand all files Collapse all files

7
config.sh
View File

@ -147,6 +147,13 @@ EOKEYS
chmod 600 ~vagrant/.ssh/authorized_keys
chown -R vagrant:vagrant ~vagrant/.ssh/
cat > /etc/sudoers.d/vagrant << EOSUDOER
## Ensure the vagrant user always can use sudo
Defaults:vagrant !requiretty
vagrant ALL=(ALL) NOPASSWD: ALL
EOSUDOER
chmod 600 /etc/sudoers.d/vagrant
cat > /etc/ssh/sshd_config.d/10-vagrant-insecure-rsa-key.conf <<EOF
# For now the vagrant insecure key is an rsa key
# https://github.com/hashicorp/vagrant/issues/11783

4
config.xml
View File

@ -7,12 +7,12 @@
<specification>Fedora Linux</specification>
</description>
<preferences>
<version>Rawhide</version>
<version>40</version>
<packagemanager>dnf</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
<timezone>UTC</timezone>
<release-version>rawhide</release-version>
<release-version>40</release-version>
</preferences>
<include from="this://./repositories/core.xml"/>
<include from="this://./components/boot.xml"/>

2
repositories/core.xml
View File

@ -1 +1 @@
core-rawhide.xml
core-nonrawhide.xml

10
teams/cloud/cloud.xml
View File

@ -57,8 +57,7 @@
rootfs_label="fedora"
>
<bootloader name="grub2" timeout="0"/>
<!-- GCP engineers have told us the disk images have bad performance if they are anything less than 10G -->
<size unit="G">10</size>
<size unit="G">5</size>
<systemdisk>
<volume name="@root=root"/>
<volume name="home" parent="/"/>
@ -78,7 +77,8 @@
rootfs_label="fedora"
>
<bootloader name="grub2" timeout="0"/>
<size unit="G">5</size>
<!-- GCP engineers have told us the disk images have bad performance if they are anything less than 10G -->
<size unit="G">10</size>
<systemdisk>
<volume name="@root=root"/>
<volume name="home" parent="/"/>
@ -97,7 +97,7 @@
bootpartition="true" bootpartsize="1000" bootfilesystem="ext4" efipartsize="100" firmware="uefi"
rootfs_label="fedora"
>
<bootloader name="grub2" timeout="0"/>
<bootloader name="grub2" console="serial" timeout="0"/>
<size unit="G">5</size>
<systemdisk>
<volume name="@root=root"/>
@ -117,7 +117,7 @@
bootpartition="true" bootpartsize="1000" bootfilesystem="ext4" firmware="ofw"
rootfs_label="fedora"
>
<bootloader name="grub2" timeout="0"/>
<bootloader name="grub2" console="serial" timeout="0"/>
<size unit="G">5</size>
<systemdisk>
<volume name="@root=root"/>

35
teams/cloud/container.xml
View File

@ -14,7 +14,7 @@
<type image="oci">
<containerconfig
name="fedora"
tag="rawhide"
tag="40"
maintainer="Fedora Project Contributors &lt;devel@lists.fedoraproject.org&gt;"
>
<subcommand execute="/bin/bash"/>
@ -22,11 +22,13 @@
<label name="org.opencontainers.image.vendor" value="Fedora Project"/>
<label name="org.opencontainers.image.url" value="https://fedoraproject.org/"/>
<label name="org.opencontainers.image.license" value="MIT"/>
<label name="org.opencontainers.image.version" value="rawhide"/>
<label name="org.opencontainers.image.name" value="fedora"/>
<label name="org.opencontainers.image.version" value="40"/>
<!-- Legacy attributes for backward compatibility -->
<label name="vendor" value="Fedora Project"/>
<label name="license" value="MIT"/>
<label name="version" value="rawhide"/>
<label name="name" value="fedora"/>
<label name="version" value="40"/>
</labels>
</containerconfig>
</type>
@ -39,7 +41,7 @@
<type image="oci">
<containerconfig
name="fedora-minimal"
tag="rawhide"
tag="40"
maintainer="Fedora Project Contributors &lt;devel@lists.fedoraproject.org&gt;"
>
<subcommand execute="/bin/bash"/>
@ -47,11 +49,13 @@
<label name="org.opencontainers.image.vendor" value="Fedora Project"/>
<label name="org.opencontainers.image.url" value="https://fedoraproject.org/"/>
<label name="org.opencontainers.image.license" value="MIT"/>
<label name="org.opencontainers.image.version" value="rawhide"/>
<label name="org.opencontainers.image.name" value="fedora-minimal"/>
<label name="org.opencontainers.image.version" value="40"/>
<!-- Legacy attributes for backward compatibility -->
<label name="vendor" value="Fedora Project"/>
<label name="license" value="MIT"/>
<label name="version" value="rawhide"/>
<label name="name" value="fedora-minimal"/>
<label name="version" value="40"/>
</labels>
</containerconfig>
</type>
@ -64,7 +68,7 @@
<type image="oci">
<containerconfig
name="fedora-toolbox"
tag="rawhide"
tag="40"
maintainer="Fedora Project Contributors &lt;devel@lists.fedoraproject.org&gt;"
>
<subcommand execute="/bin/bash"/>
@ -72,12 +76,14 @@
<label name="org.opencontainers.image.vendor" value="Fedora Project"/>
<label name="org.opencontainers.image.url" value="https://fedoraproject.org/"/>
<label name="org.opencontainers.image.license" value="MIT"/>
<label name="org.opencontainers.image.version" value="rawhide"/>
<label name="org.opencontainers.image.name" value="fedora-toolbox"/>
<label name="org.opencontainers.image.version" value="40"/>
<label name="com.github.containers.toolbox" value="true"/>
<!-- Legacy attributes for backward compatibility -->
<label name="vendor" value="Fedora Project"/>
<label name="license" value="MIT"/>
<label name="version" value="rawhide"/>
<label name="name" value="fedora-toolbox"/>
<label name="version" value="40"/>
</labels>
</containerconfig>
</type>
@ -121,6 +127,9 @@
<packages type="bootstrap" profiles="Container-Base-Generic">
<ignore name="glibc-langpack-en"/>
<ignore name="langpacks-en"/>
<package name="bzip2"/>
<package name="gzip"/>
<package name="sudo"/>
<package name="rootfiles"/>
<package name="tar"/> <!-- https://bugzilla.redhat.com/show_bug.cgi?id=1409920 -->
<package name="vim-minimal"/>
@ -128,6 +137,8 @@
<package name="dnf-yum"/> <!-- https://pagure.io/fesco/issue/1312#comment-30991 -->
<package name="glibc-minimal-langpack"/>
<package name="tzdata"/>
<package name="xz"/>
<package name="zstd"/>
</packages>
<packages type="bootstrap" patternType="plusRecommended" profiles="Container-Toolbox">
<ignore name="dosfstools"/>
@ -154,6 +165,7 @@
<package name="bzip2"/>
<package name="coreutils"/>
<package name="coreutils-common"/>
<package name="cpio"/>
<package name="curl"/>
<package name="default-editor"/>
<package name="diffutils"/>
@ -161,6 +173,7 @@
<package name="dnf-yum"/> <!-- https://pagure.io/fesco/issue/1312#comment-30991 -->
<package name="dnf-plugins-core"/>
<package name="fedora-release-toolbx"/>
<package name="file"/>
<package name="findutils"/>
<package name="flatpak-spawn"/>
<package name="fpaste"/>
@ -178,6 +191,7 @@
<package name="kbd-misc"/>
<package name="keyutils"/>
<package name="krb5-libs"/>
<package name="langpacks-en"/>
<package name="less"/>
<package name="libcap"/>
<package name="lsof"/>
@ -192,7 +206,6 @@
<package name="openssl"/>
<package name="p11-kit"/>
<package name="pam"/>
<package name="passwd"/>
<package name="pigz"/>
<package name="procps-ng"/>
<package name="psmisc"/>
@ -224,7 +237,7 @@
<package name="zip"/>
</packages>
<packages type="uninstall" profiles="Container-Toolbox">
<package name="kbd-misc"/>
<package name="dracut"/>
<package name="pinentry"/>
<package name="systemd-resolved"/>
<package name="xkeyboard-config"/>

13
uki-editbootconfig.sh
View File

@ -3,8 +3,8 @@ echo "###" "$0" "$@"
# set arch-specific variables
case "$(uname -m)" in
aarch64) arch="aa64"; ARCH="AA64"; uuid="b921b045-1df0-41c3-af44-4c6f280d3fae";;
x86_64) arch="x64"; ARCH="X64"; uuid="4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709";;
aarch64) arch="aa64"; ARCH="AA64";;
x86_64) arch="x64"; ARCH="X64";;
esac
# figure where shim.efi and BOOT.CSV are located
@ -25,15 +25,6 @@ for uki in lib/modules/*/vmlinuz*.efi; do
| iconv -f utf-8 -t ucs-2le >> "$csv"
done
# kiwi doesn't setup discoverable partitions, so fixup after the fact
# here. The UKI depends on that to find the root filesystem.
# * The image is loop-mounted.
# - partition #1 is biosboot (can this be disabled?).
# - partition #2 is the EFI ESP.
# - partition #3 is the root filesystem (this needs fixup).
echo "# hack: rootfs: $uuid"
sfdisk --part-type /dev/loop0 3 "$uuid"
# bz2240989: shim has a hard dependency on grub. grub has a hard
# dependency on dracut. Ideally we would simply not install
# grub+dracut, but given we can't until the shim bug is fixed disable