Age | Commit message (Collapse) | Author |
|
haveged was added 8 years ago[1] to increase entropy and presumably to
prevent entropy starvation.
A few things has changed since, most notable:
* the kernel actively tries to add entropy (jitter entropy)[2][3][4][5]
* /dev/random no longer blocks after CRNG initialization[6][7]
[1] d7e790d ("Initialize pacman keyring on bootup")
[2] https://github.com/torvalds/linux/commit/3f2dc2798b81531fd93a3b9b7c39da47ec689e55
[3] https://github.com/torvalds/linux/commit/50ee7529ec4500c88f8664560770a7a1b65db72b
[4] https://lore.kernel.org/lkml/alpine.DEB.2.21.1909290010500.2636@nanos.tec.linutronix.de/T/
[5] https://lwn.net/Articles/800509/
[6] https://github.com/torvalds/linux/commit/30c08efec8884fb106b8e57094baa51bb4c44e32
[7] https://lwn.net/Articles/808575/
Fix #98
|
|
This finally removes customize_airootfs.sh from releng.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
|
|
airootfs after they run
This works around https://bugs.archlinux.org/task/49347 .
Leaving the hooks in the airootfs image will result in it being run when pacstrap is run in the live environment. This should not happen as they are intended for the ISO build process only.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/91 .
|
|
|
|
|
|
inspired by https://wiki.archlinux.org/index.php/Archiso#Prepare_an_ISO_for_an_installation_via_SSH
|
|
|
|
customize_airootfs.sh to a pacman hook
After pacman-mirrorlist is installed, /etc/pacman.d/hooks/uncomment-mirrors.hook will run a sed command which uncomments all Server lines in /etc/pacman.d/mirrorlist.
This brings us another step closer to the complete removal of customize_airootfs.sh.
Related to https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
|
|
|
|
|
|
See https://lists.archlinux.org/pipermail/arch-devops/2020-December/000474.html .
|
|
file path
Fixes https://bugs.archlinux.org/task/68803 .
|
|
archiso/mkarchiso:
Make sure to always compare absolute paths in `_make_custom_airootfs()` (as `realpath` is used).
Remove `echo` calls that prevent the setting of actual file ownerships and modes.
configs/releng/profiledef.sh:
Set file mode of /root/.automated_script.sh to 755.
Fixes #82
|
|
This gets rid of the duplicate ldlinux.c32 and the useless isolinux.cfg which only points to syslinux.cfg.
Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/46 .
|
|
profiledef.sh can now contain an associative array called file_permissions which can be used to set custom ownership and mode of custom airootfs files. The array's keys contain the path and the value is a colon separated list of owner UID, owner GID and access mode.
For example:
file_permissions=(
["/etc/shadow"]="0:0:400"
)
This means that mkarchiso now copies airootfs files (and directores) without permissions and anything that should be owned by a user other than root and/or if the mode should be something other than 644 for files and 755 for directories must to be listed in ${file_permission[@]} in profiledef.sh.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/61 .
|
|
Default: 732M
With these options: 675M
|
|
- fatresize is a utility to resize FAT filesystems using libparted.
- gpart is partition table rescue/guessing tool.
- tmux is a terminal multiplexer. Requested in https://bugs.archlinux.org/task/68252 .
|
|
configs/releng/syslinux/archiso_sys.cfg:
Set the syslinux bootloader timeout to 15s.
In !97 it has accidentally been set to 1.5s.
|
|
configs/releng/efiboot/loader/loader.conf,
configs/releng/syslinux/archiso_sys.cfg:
Set the bootloader timeout to 15s, as they have been set to an overly generous 30s in !79.
Fixes #80
|
|
|
|
configs/releng/airootfs/usr/local/bin/livecd-sound:
Replace oldstyle expr with a bash test in `is_numeric()`.
Replace use of `nword()` with call to `wc -w`.
Quote variables in `pick_a_card()`.
Fixes #78
|
|
this fixes #67
|
|
The default mkinitcpio.conf includes modconf in HOOKS.
|
|
- squashfs-tools can be used for system backup. https://wiki.archlinux.org/index.php/Full_system_backup_with_SquashFS
- udftools is needed to format UDF file systems.
|
|
configs/{baseline,releng}/build.sh:
Remove `build.sh` scripts. They were deprecated with v47.
archiso/mkarchiso:
Remove all `build.sh` related functionality (i.e. `command_pkglist()`, `command_iso()`, `command_prepare()`,
`command_install()`, `command_init()`, `command_run()`).
Rename `command_build_profile()` to `_build_profile()` to be more in line with the style of the other function naming.
Change `_show_config()` to only print info about the profile and make no more use of parameters.
Remove all help output related to legacy `build.sh` commands.
Fixes #51
|
|
|
|
Slightly simplifies adding boot loader configuration for more kernels.
Unfortunately the INCLUDE statement doesn't support wildcards, so each new file must be manually included in the main syslinux configuration file (syslinux.cfg for baseline and archiso_sys.cfg for releng).
|
|
This allows to use only one systemd-boot configuration file per kernel.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/44 .
|
|
This is a breaking change. archweb, archiso-manager and various documentation must be updated.
* https://github.com/archlinux/archweb/blob/master/templates/releng/archlinux.ipxe
* https://github.com/pierres/archiso-manager/blob/master/Makefile
|
|
by the package
archiso specific options are placed in a /etc/systemd/system/reflector.service.d/archiso.conf drop-in.
|
|
**archiso/mkarchiso**:
Change all override option parameters (i.e. `-A`, `-C`, `-D`, `-L`, `-P` and `-g`) to not directly override the global
variable they are tied to, but instead using an `override_` prefixed variable.
Add `_set_overrides()` to use `override_` prefixed variables (if set) to override those without a prefix.
Remove `-B` (a profile directory) from the list of parameters. The profile directory is now provided as separate
non-option parameter.
Add a call to `_read_profile()`, `_set_overrides()` and `command_build_profile()` to the fallthrough option of the
switch-case checking `command_name` - a non-option parameter to mkarchiso. This effectively provides the possibility to
set the profile directory using a non-option parameter, while still maintaining compatibility to legacy named arguments
used in the configs' `build.sh` scripts.
Extend the warning in regards to legacy `build.sh` based commands to mkarchiso by providing an EOL with archiso v49.
Change the help output to reflect the changes and further elaborate on the legacy commands used by `build.sh` scripts.
Change help output to be ordered alphabetically.
Add help output for `-r` and `-g` options.
Call `_set_overrides()` for legacy commands that accept one or more of the overriden options (i.e. `command_init`,
`command_install`, `command_prepare` and `command_iso`).
Various style fixes.
**configs/{baseline,releng}/build.sh**:
Change call to mkarchiso to use the profile's directory as a named argument instead of an option-argument.
**README.rst**:
Fix documentation on how to call mkarchiso with a profile directory.
Fix wording and ordering of option arguments for run_archiso documentation.
Fixes #52
|
|
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/42 .
|
|
Replace build.sh scripts with calls to mkarchiso -B "profiledir" build_profile.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/37 .
|
|
Boot mode names are:
- bios_syslinux.mbr: SYSLINUX in MBR
- bios.syslinux.eltorito: SYSLINUX (ISOLINUX) via El Torito
- uefi-x64.systemd-boot.esp: systemd-boot on ESP in MBR
- uefi-x64.systemd-boot.eltorito: systemd-boot on ESP via El Torito
It is not yet possible to create an ISO with only El Torito or only MBR boot modes!
|
|
Nothing is implemented yet!
configs/releng/profiledef.sh:
A test profile.
|
|
exfatprogs uses the kernel's driver unlike exfat-utils which provides a FUSE driver.
|
|
options
An ISO's checksum and GPG validation primarily matters when PXE booting, so it would be appropriate to enable these options for releng.
They should protect against booting a corrupt image.
|
|
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/35 .
|
|
Properly track the file instead of modifying it on-the-fly with customize_airootfs.sh.
See https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
|
|
configs/releng/airootfs/etc/systemd/system/reflector.service:
Use the 70 mirrors synced most recently (--latest) instead of a specific time since last sync (--age).
According to FS#67399 using 1hour as sync age is too short, as it sometimes leads to empty list.
|
|
from host
|
|
Place custom mkinitcpio.conf in airootfs.
Use a custom mkinitcpio preset to specify generated image file path.
|
|
configs/releng/airootfs/etc/fstab:
/etc/fstab shipped by the filesystem package has only comments. There is no reason to replace it with an empty file.
configs/releng/airootfs/etc/systemd/system/default.target:
There is no harm in booting to graphical.target. releng does not enable (or even install) any service that has {Required,Wanted}By=graphical.target.
|
|
LICENSE:
Add GPL-3.0 license.
{{archiso,configs}/*,.editorconfig,.gitlab-ci.yml}:
Add SPDX license identifier.
Makefile:
Add SPDX license identifier.
Install the `run_archiso.sh` script as global executable `run_archiso`.
Use -D and -t flags to install to install files more generically (without a previous call to install the directory).
README.rst:
Add README outlining the project's scope, how to build images from the profiles and how to test.
AUTHORS.rst:
Add list of all direct contributors to the repository.
CONTRIBUTING.rst:
Add basic contribution guidelines, explaining the linter and the license in use.
Closes #7
Closes #3
|
|
configs/*:
Copy all files that do not need a rename generically (not specifying a destination file name).
Do not rename vmlinuz-linux to vmlinuz or vmlinuz.efi (as this serves no purpose and makes the scripts more
complicated).
Do not rename microcode (i.e. {amd,intel}-ucode.img) when copying them and change all boot loader configuration files
that assume a renamed microcode image.
Add note and link to Arch Linux wiki to state why memtest.bin is renamed to memtest.
Copy license files for {amd,intel}-ucode and memtest more generically by placing them into subdirectories with the same
name as the package (to circumenvent overwriting one other).
Closes #33
|
|
Additionally copy the files to all custom user homes, not just root's.
|
|
|
|
Show a deprecation notice if airootfs/root/customize_airootfs.sh is found.
|
|
configs/{baseline,releng}/build.sh:
Copy custom files to airootfs before installing packages.
Instead of calling `mkarchiso init`, list all required packages in packages.x86_64 and install them all at once with `mkarchiso install`. The mkdir command which `mkarchiso init` performs is now done by make_custom_airootfs.
configs/releng/build.sh:
Don't copy configs/releng/pacman.conf to airootfs, it is only meant to provide a unmodified pacman.conf durring pacstrap. In airootfs, an unmodified /etc/pacman.conf will be installed with the pacman package.
|
|
Install linux and mkinitcpio packages.
Remove root user's password.
Fixes https://bugs.archlinux.org/task/64236 .
|