1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
|
#########
Changelog
#########
[XX] - YYYY-MM-DD
=================
Added
-----
Changed
-------
Deprecated
----------
Fixed
-----
- Wait for ``network-online.target`` to become active before trying to download the script passed via the ``script=``
boot parameter.
Removed
-------
[70] - 2023-02-27
=================
Added
-----
- Support *file system transposition* to simplify boot medium preparation for UEFI boot via extracting the ISO image
contents to a drive. ``grub.cfg`` does not hardcode the ISO volume label anymore, instead GRUB will search for volume
with a ``/boot/grub/YYYY-mm-dd-HH-MM-SS-00.uuid`` file on it.
- Preload GRUB's NTFS modules for UEFI that allegedly have native NTFS support. GRUB's exFAT and UDF modules are also
preloaded in case someone finds them useful.
Changed
-------
- Identify the ISO volume via a UUID instead of a file system label to avoid collisions of multiple ISOs created in the
same month.
- Honor ``SOURCE_DATE_EPOCH`` in the ``date`` command used by ``profiledef.sh`` of the shipped profiles.
- Do not duplicate ``grub.cfg`` in both ISO 9660 and the EFI system partition / El Torito image. GRUB will search for
the ISO volume and load the ``grub.cfg`` from there.
- Moved GRUB files on ISO 9660 from ``/EFI/BOOT/`` to a boot-platform neutral place ``/boot/grub/``. This does not apply
to the EFI binaries that remain in the default/fallback boot path.
- Move ``grubenv`` to ``/boot/grub/grubenv`` on ISO 9660 so that it is together with the rest of GRUB-specific files.
Additionally write more variables in it. The previous ``/${install_dir}/grubenv`` (``/arch/grubenv`` for releng)
is deprecated and a future archiso release will not create this file anymore.
- Moved syslinux directory from ``/syslinux/`` to ``/boot/syslinux/`` to keep most boot loader files in ``/boot/``.
- Update ``README.transfer`` documentation and convert it to reStructuredText.
- Use ``console`` as grub's ``terminal_output``, as ``gfxterm`` leads to a blank screen on some hardware.
Removed
-------
- Do not place memtest86+ in netboot artifacts.
[69] - 2022-12-24
=================
Added
-----
- Add Memtest86+ to x86_64 UEFI GRUB boot menu.
Changed
-------
- Check if the GPG public key file was successfully placed in the work directory before trying to use it.
- Open the file descriptors for code signing certificates and GPG public key as read only. Nothing from the within the
``pacstrap`` invoked chroot should ever be allowed to write outside of it.
- Error out early if any of the code signing certificate files passed with option ``-c`` do not exist.
- Use LZMA compressed EROFS image for the baseline profile. Now that xz 5.4 is out and erofs-utils is built with LZMA
support, using a higher compression is possible.
- Add ``/etc/machine-id`` with special value ``uninitialized``. The final id is generated at boot time, and systemd's
first-boot mechanim (see ``First Boot Semantics`` in ``machine-id(5)``) applies. No functional change unless that
``ConditionFirstBoot=yes`` is true and passive unit ``first-boot-complete.target`` activates for ordering.
[68] - 2022-10-30
=================
Changed
-------
- Do not explicitly enable ``qemu-guest-agent.service`` as it will be started by a udev rule.
- Remove existing signature (``.sig``) files and do not sign them when signing netboot artifacts. This is mostly
applicable when re-running ``mkarchiso`` after a failure.
- Replace ``archiso_kms`` with ``kms`` in ``mkinitcpio.conf``. The hook is available in mkinitcpio since version 32.
[67] - 2022-09-25
=================
Added
-----
- The ability to generate rootfs signatures using openssl CMS module if ``-c`` is given.
Changed
-------
- Order ``pacman-init.service`` before ``archlinux-keyring-wkd-sync.service`` since
``archlinux-keyring-wkd-sync.service`` needs an initialized pacman keyring.
- Order ``pacman-init.service`` after ``time-sync.target`` since ``pacman-init.service`` may otherwise create local
signatures that are not valid on target systems after installation.
[66] - 2022-08-28
=================
Added
-----
- Add ``efibootimg`` to ``mkarchiso`` to abstract the FAT image path.
- Unset ``LANGUAGE`` since ``LC_ALL=C.UTF-8``, unlike ``LC_ALL=C``, does not override ``LANGUAGE``.
- Copy all files from the ``grub`` directory to ISO9660 and the FAT image, not just only ``grub.cfg``.
- Touching ``/usr/lib/clock-epoch`` to to help ``systemd`` with screwed or broken RTC.
Changed
-------
- Disable GRUB's shim_lock verifier and preload more modules. This allows reusing the GRUB EFI binaries when repacking
the ISO to support Secure Boot with custom signatures.
[65] - 2022-06-30
=================
Added
-----
- Configure the locale for the baseline profile to ``C.UTF-8`` so that a UTF-8 locale is used.
- Add ``uefi-x64.grub.esp`` and ``uefi-x64.grub.eltorito`` boot mode to support x86_64 UEFI boot on x86_64 machines.
- Use ``mkfs.erofs``'s ``ztailpacking`` option in the baseline profile to reduce the image size.
Changed
-------
- Change the releng profile's locale from ``en_US.UTF-8`` to ``C.UTF-8``.
- Set ``LC_ALL`` to ``C.UTF-8`` instead of ``C`` in mkarchiso since it is now available and non-UTF-8 locales should be
avoided.
Removed
-------
- Remove the custom pacman hook that ran ``locale-gen`` on glibc install from the releng profile. The used locale now
ships with the glibc package itself.
- Remove "Copy to RAM" boot entries since the ``archiso`` mkinitcpio hook enables it automatically when there is enough
free RAM.
[64] - 2022-05-30
=================
Added
-----
- Add ``uefi-ia32.grub.esp`` boot mode to support IA32 UEFI boot on x86_64 machines.
- Add GRUB configuration files to profiles.
- Add accessible ``copytoram`` entry.
- Enable beeps in systemd-boot menu.
Changed
-------
- Fix systemd-boot menu entry sorting by using the ``sort-key`` option.
[63] - 2022-04-30
=================
Added
-----
- Add dmidecode to the list of packages in the releng profile.
- Add open-iscsi to the list of packages in the releng profile to allow installing Arch on an iSCSI target.
- Add open-vm-tools and hyperv to the list of packages and enable their services to provide better integration with the
VMware and Hyper-V hypervisors.
Changed
-------
- Mount /etc/pacman.d/gnupg on ramfs instead of tmpfs to ensure its contents never land in swap.
- Configure reflector to return only mirrors that support both IPv4 and IPv6.
[62.1] - 2022-04-05
===================
Removed
-------
- Easter egg
[62] - 2022-03-31
=================
Changed
-------
- Fix the PXE support. PXELINUX was having trouble finding the kernel and initrds. Now, archiso forces syslinux to
interpret all TFTP paths as absolute. That seems to have solved the issue.
- Disable systemd-gpt-auto-generator, which we do not need, in both baseline and releng profiles. It avoids the error
message about it failing during boot.
[61] - 2022-01-31
=================
Added
-----
- Add linux-firmware-marvell to the list of packages in the releng profile (e.g. for Surface Pro 6 WiFi support)
- Add documentation to systemd-networkd configuration files
- Add information about the use of changelog and merge requests to the contributing guidelines
- Make the CI pipelines more efficient by automatically cancelling running pipelines if they are superseded by a newer
commit and by only running build pipelines on code or profile changes
Changed
-------
- Fix an issue where mkarchiso is failing to raise an error when the ``mmd`` and ``mcopy`` commands are not found
- Fix an issue where the architecture detection in mkarchiso fails due to an unset ``arch`` variable in the profile
Removed
-------
[60] - 2021-12-28
=================
Added
-----
- Add `BB8E6F1B81CF0BB301D74D1CBF425A01E68B38EF` in the Releases section of the README, giving maintainer power to
nl6720.
Changed
-------
- Show a more descriptive message when no code signing certificate is used
Removed
-------
- Remove unused archiso_shutdown hook from the releng profile's mkinitcpio config
[59] - 2021-11-30
=================
Added
-----
- Add mailmap file for easier author integration with git
- Add grub and refind to the package list of the releng profile
Changed
-------
- Replace use of date with printf
- Silence command output more efficiently when using --quiet
- Modify curl call to retry up to ten times before giving up on downloading an automated script
Removed
-------
- Remove requirement on setting a Boot mode when building a netboot image
[58] - 2021-08-25
=================
Added
-----
- Add support for ``gpg``'s ``--sender`` option
Changed
-------
- Change the way ``mkarchiso`` uses ext4 images to copying files to it directly instead of mounting (this action now
does not require elevated privileges anymore)
- Add version files when using ``netboot`` buildmode as well
- Update the sshd configuration to be compatible with openssh 8.7p1
- Overhaul the used ``gpg`` options
- Fix use of potentially unbound variables
- Refactor the validation functions to have fewer large functions and less code duplication
Removed
-------
- Remove all files related to ``mkinitcpio`` integration, as they now live in
https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio-archiso
[57] - 2021-07-30
=================
Added
-----
- Add a missing line in the systemd-networkd-wait-online.service in the baseline profile
Changed
-------
- Adapt systemd-networkd configuration to systemd ≥ 249
- Improve documentation in ``mkarchiso`` and systemd-networkd related configuration files
- Fix an issue that may prevent continuing an aborted build of the ``netboot`` or ``iso`` buildmode
Removed
-------
- Remove SPDX license identifier from files that are not eligible for copyright (e.g. configuration files)
[56.1] - 2021-07-11
===================
Added
-----
Changed
-------
- Simplify gitlab CI setup by using ci-scripts (shared amongst several projects)
- Fix an issue with the unsetting of environment variables before using pacstrap/arch-chroot
- Remove termite-terminfo from the releng profile's list of packages (it is not in the official repositories anymore)
- Set LC_ALL instead of LANG
[56] - 2021-07-01
=================
Added
-----
- Add pacman >= 6 compatible configuration
- Add documentation for the `script` boot parameter
Changed
-------
- Clear environment variables before working in chroot
- Update Arch Wiki URLs
- Pass SOURCE_DATE_EPOCH to chroot
- Enable parallel downloads in profile pacman configurations
- Generalize the approach of interacting with ucode images
- Execute the netboot build mode for the baseline profile in CI
[55] - 2021-06-01
=================
Added
-----
- Add integration for pv when using the copytoram boot parameter so that progress on copying the image to RAM is shown
- Add experimental support for EROFS by using it for the rootfs image in the baseline profile
Changed
-------
- Change information on IRC channel, as Arch Linux moved to Libera Chat
- Fix a regression, that would prevent network interfaces to be configured under certain circumstances
[54] - 2021-05-13
=================
Added
-----
- Add the concept of buildmodes to mkarchiso, which allows for building more than the default .iso artifact
(sequentially)
- Add support to mkarchiso and both baseline and releng profiles for building a bootstrap image (a compressed
bootstrapped Arch Linux environment), by using the new buildmode `bootstrap`
- Add support to mkarchiso and both baseline and releng profiles for building artifacts required for netboot with iPXE
(optionally allowing codesigning on the artifacts), by using the new buildmode `netboot`
- Add qemu-guest-agent and virtualbox-guest-utils-nox to the releng profile and enable their services by default to
allow interaction between hypervisor and virtual machine if the installation medium is booted in a virtualized
environment
Changed
-------
- Always use the .sig file extension when signing the rootfs image, as that is how mkinitcpio-archiso expects it
- Fix for CI and run_archiso scripts to be compatible with QEMU >= 6.0
- Increase robustness of CI by granting more time to reach the first prompt
- Change CI to build all available buildmodes of the baseline and releng profiles (baseline's netboot is currently
excluded due to a bug)
- Install all implicitly installed packages explicitly for the releng profile
- Install keyrings more generically when using pacman-init.service
- Consolidate CI scripts so that they may be shared between the archiso, arch-boxes and releng project in the future and
expose their configuration with the help of environment variables
[53] - 2021-05-01
=================
Added
-----
- Add ISO name to grubenv
- Add further metrics to CI, so that number of packages and further image sizes can be tracked
- Add IMAGE_ID and IMAGE_VERSION to /etc/os-release
Changed
-------
- Revert to an invalid GPT for greater hardware compatibility
- Fix CI scripts and initcpio script to comply with stricter shellcheck
- Fix an issue where writing to /etc/machine-id might override a file outside of the build directory
- Change gzip flags, so that compressed files are created reproducibly
- Increase default serial baud rate to 115200
- Remove deprecated documentation and format existing documentation
[52] - 2021-04-01
=================
Added
-----
- Add usbmuxd support
- Add EROFS support (as an experimental alternative to squashfs)
- Add creation of zsync control file for delta downloads
- Add sof-firmware for additional soundcard support
- Add support for recursively setting file permissions on folders using profiledef.sh
- Add support for mobile broadband devices with the help of modemmanager
- Add information on PGP signatures of tags
- Add archinstall support
Changed
-------
- Remove haveged
- Fix various things in relation to gitlab CI
- Change systemd-networkd files to more generically setup networkds for devices
- Fix the behavior of the `script=` kernel commandline parameter to follow redirects
- Change the amount of mirrors checked by reflector to 20 to speed up availability of the mirrorlist
[51] - 2021-02-01
=================
Added
-----
- VNC support for `run_archiso`
- SSH enabled by default in baseline and releng profiles
- Add cloud-init support to baseline and releng profiles
- Add simple port forwarding to `run_archiso` to allow testing of SSH
- Add support for loading cloud-init user data images to `run_archiso`
- Add version information to images generated with `mkarchiso`
- Use pacman hooks for things previously done in `customize_airootfs.sh` (e.g. generating locale, uncommenting mirror
list)
- Add network setup for the baseline profile
- Add scripts for CI to build the baseline and releng profiles automatically
Changed
-------
- Change upstream URL in vendored profiles to archlinux.org
- Reduce the amount of sed calls in mkarchiso
- Fix typos in `mkarchiso`
- mkinitcpio-archiso: Remove resolv.conf before copy to circumvent its use
- Remove `customize_airootfs.sh` from the vendored profiles
- Support overriding more variables in `profiledef.sh` and refactor their use in `mkarchiso`
- Cleanup unused code in `run_archiso`
|