Commit Graph

443 Commits

Author SHA1 Message Date
Michael Shigorin
fe56fda2f3 x11-autologin: added a few notes
Looks like nodm doesn't reset the PATH set within
/etc/rc.d/init.d/functions which results in sbin
path components hitting user's PATH; livecd-install
which uses consolehelper was what broke first for me.

And this link should illustrate some of the problems
tackled by this kind of scripts...
2014-03-18 20:43:15 +04:00
Michael Shigorin
922a2759b0 server: set default syslinux timeout to 60 sec
Servers can POST much longer so having to play hide and seek
with a boot menu isn't going to be exactly entertaining;
let's bump the delay to something comparable at least.

Thanks hiddenman@ for mentioning the obvious-but-unnoticed.
2014-03-18 18:46:21 +04:00
Michael Shigorin
53f05f46a8 live: put rpcbind to local-only mode by default
We don't really want to disable NFS portmapper completely
but having some extra root code listening to the world is
really unneccessary unless explicitly required.

Applying "control rpcbind local", thanks ldv@ for advice.
2014-03-17 21:22:45 +04:00
Michael Shigorin
5d829265db live, net: shift and rework network and resolver setup
50-setup-network was a hasty hack (surprise!) that used to do
what net and net-eth features have been created to do since;
just drop the duplicated crufty code.

Unconditional resolver setup isn't done now: those with static
setup are better off doing it explicitly, and those with DHCP
should be fine already.

NB: /etc/hosts *is* fine within setup package *but* hasher will
    overwrite it with a copy of host's one; let's reset contents
    to initial at least until hasher gets fixed and the fix is
    rather deployed in the wild.
2014-03-17 21:22:29 +04:00
Michael Shigorin
75bf4afcaa live: use/services instead of homemade script hook
03-services was a hasty hack that has been long done properly
elsewhere, namely in a specialized feature; finally got around
to deduplicate it out.
2014-03-17 21:22:29 +04:00
Michael Shigorin
7fafe134c6 net-eth: drop duplicate config line
There was an extra DISABLED=no line written to interface configurarion
that's been superceded by the subsequently added parametrized one;
just drop it.

Thanks glebfm@ for spotting the garbage.
2014-03-17 21:22:29 +04:00
Michael Shigorin
49b6291a40 kernel, stage1: don't provide r8168.ko by default
It conflicts with r8169.ko inobviously.

The whole mess looks like this:
- r8169.ko doesn't work for all of Realtek 8111/8168/8169 mutations
- r8168.ko works with some of the chips r8169.ko doesn't
- r8168.ko also works with many chips r8169.ko works with
- r8169.ko is provided by kernel-image package (thus default)
- r8168.ko is provided by kernel-modules-r8168 package (optional)
- kernel-modules-r8168 package requires r8168-blacklist package
- r8168-blacklist package is a one-liner that blacklists r8169.ko
- STAGE1_KMODULES wouldn't include r8168 (std-def) or rtl8168 (led-ws)
- sub.in/stage1/modules would mention r8168.ko (m-p-d: r8169.ko)

So a LiveCD built with use/kernel/net might work with RTL8111/8110
just fine when booted live but fail to automatically load the module
when installed onto hard drive; manual modprobe r8169 would work though.
NB: some of the chips (those available to me) would work just fine
both ways -- this has contributed to fixing this *that* late.

Bottom line:

  do not install backup/kludge drivers overriding main ones by default!

Thanks sem@ for providing the crucial hint.
2014-03-17 21:22:29 +04:00
Gleb Fotengauer-Malinovskiy
febe4fc81b repo: armh doesn't have noarch
This is about (a)synchronous package builder in fact.
2014-03-17 21:22:28 +04:00
Michael Shigorin
f2892ad3e4 deflogin: GLOBAL_ROOTPW is always set
use/deflogin will result in ROOTPW being exported no matter
is it set or not; xport() can't check before exporting as it
relies on lazy evaluation when the actual ROOTPW value can be
set or modified after exporting GLOBAL_ROOTPW for mkimage.

So let's not even pretent we can differ unset ROOTPW from
empty ROOTPW: both result in empty GLOBAL_ROOTPW as of today.

Fixing this would require moving the exports into a separate
makefile being included after all the configuration and checking
each variable for being defined before exporting the corresponding
GLOBAL_ prefixed one.

Yes this might be a security fix in some cases.
2014-03-10 22:29:37 +04:00
Michael Shigorin
c104131057 branding: added slideshow knobs
Added use/branding/slideshow/once as one of the uses
albeit the interface is universal; see this page for
more info: http://altlinux.org/branding/slideshow [ru]
2014-03-10 22:29:35 +04:00
Michael Shigorin
039af304d0 net: fix a thinko (it's connmand)
The service and initscript have "connmand" name
while the package is called "connman" indeed.

Shame on me; this became apparent
while building regular-e18-sysv.
2014-03-10 22:28:27 +04:00
Michael Shigorin
5360992190 deflogin: minor tweaks
Defining a one-time variable is useless in this case,
and README should state the undefined ROOTPW status
explicitly (since it's now as advertized, heh).
2014-03-10 22:28:27 +04:00
Michael Shigorin
3f547e2504 documentation: use paths relative to toplevel dir
This change is done to reduce ambiguity in some cases;
the previous intention has been to ease navigation when
staying in a particular directory, now it's been changed
in favour of convenient toplevel `git grep' in fact.

Both variants have their pros and cons, I just find myself
leaning to this one by now hence the commit.  Feel free to
provide constructive criticism :)

Some path-related bitrot has also been fixed while at that.
2014-03-05 21:36:30 +04:00
Michael Shigorin
b0d6476f41 rescue: disable rpcbind
It's required for NFS mounts but having a rescue image listening
to any non-localhost ports is too bad an idea, IMNSHO.

So let's fix this while spotted.
2014-03-05 13:15:08 +04:00
Michael Shigorin
0da7ae547c server: generalize server-ovz configuration bits
OpenVZ related part is now a reusable use/server/ovz target,
and service related groups which have been largely taken from
rider@'s server-light project are now use/server/groups/base.
2014-02-26 15:37:05 +04:00
Michael Shigorin
6b81b8de20 live: tweak usergroups list
"cdrom" is rather obsolete (currently unused), and "xgrp"
is useful (and actually required to use bumblebee package).
2014-02-10 02:26:05 +04:00
Michael Shigorin
54fbf30611 x11: optimus support
The use/x11/nvidia/optimus target will pull the bits required
to operate NVIDIA Optimus GPU scheme which relies on integrated
GPU to actually drive the screen; much thanks to barssc@ for
good walkthrough: http://altlinux.org/optimus

NB: this *will* break if nouveau gets in, YHBW.
2014-02-10 02:26:05 +04:00
Michael Shigorin
d50b3fe247 server: disable dbus, lvmetad
"messagebus" service is autostarted since dbus gets in being required
by wpa_supplicant <- alterator-net-wifi <- alterator-net-eth; it is
really not needed in the minimalistic server, let's just turn it off.

"lvm2-lvmetad" service requires setup to be actually useful (#29474).
2014-02-09 03:01:46 +04:00
Michael Shigorin
f5fd77640a services: pass service status to installer
This is long overdue: services feature influences live
and rescue but doesn't do anything to the installed system
as that's behind the installation barrier; some piggybacking
required to do that has been merged into installer back in
2012 apparently (thanks to boyarsh@ for both doing that and
bringing my attention to this fact; it's 65-setup-services.sh
as of today).

So the only thing missing has been the bridge to prepare
those files -- still some more tweakery is required given the
two-stage process arranged so that reusable configuration could
include some sane defaults but the release manager is ultimately
able to override anything without extra kludges; thank legion@
for his wonderful libshell either.

NB: install2 script is a partial clone of rootfs one since
processing the variables is identical; still rootfs script
has to change service state directly while install2 one
has to deposit the information for installer to handle.
2014-02-09 02:38:16 +04:00
Michael Shigorin
0fb4b58771 live: use lateboot for textinstall
use/live/textinstall target is a base for those images whose
target audience tends to be somewhat more experienced; these
might prefer to just boot off the image instead of having to
perform any extra action like pressing down arrow and enter.

This is also to help msp@'s homeros-*.iso boot immediately.
2014-02-03 23:32:16 +04:00
Michael Shigorin
5f68010ae8 syslinux: add 40lateboot.cfg (_after_ ??live*.cfg)
Actually a copy of 10localboot.cfg with a different name
and sorting order so as to address #26608: there's no possibility
to make a LiveCD image that would boot itself by default if localboot
has been configured in.

It's only a partial solution as it doesn't override 10localboot
in case it's there already but a step in that direction...
2014-02-03 23:29:32 +04:00
Michael Shigorin
2cec43fddc net-eth: update README
A hint regarding livecd-net-eth is due -- as well as
review and cleanup of live, net, net-eth features
involved in configuring that ethernet for a LiveCD.
2014-02-03 23:20:25 +04:00
Michael Shigorin
9d7538838c live, net-eth: add DHCP_TIMEOUT when appropriate
It's hardwired at 1/10 of the default /etc/net value
since 3 seconds are enough for properly functioning
DHCP servers in properly maintained networks (those
improper ones tend to have problems with 30 seconds
anyways), and waiting for too long makes users feel
bad for a reason.

Thanks msp@ for bringing attention to this.
2014-02-03 23:20:25 +04:00
Michael Shigorin
4639e7960d install2: add installer-common-stage3
This package has replaced installer-feature-setup-network-stage3
without declaring that; it appears that installer-distro-altlinux-*
don't require it even if most of the others do.

This is to ensure it's included, at least at the moment.
2014-02-03 22:53:43 +04:00
Michael Shigorin
a0d0be1a71 syslinux: fixed live_rw configuration
The initial revision was brilliantly buggy: it is *so* apparent
that cdrom will never be actually used for rw slice that this
has evaded my attention rather completely.
2014-01-28 21:25:36 +04:00
Michael Shigorin
9d495f26cb stage2: preload ahci before udev/propagator
This change tries to force loading the storage driver
for cases when SecureBoot is "helping" the chainloader
to fail, see #29705 for details collected so far.

Of course ahci.ko only does AHCI but that's every storage
controller I've seen on UEFI/SecureBoot systems so far.
2014-01-27 23:56:07 +04:00
Michael Shigorin
26cef0ad92 server: add osec support
Let's put osec tools into installable packages at least
(aiming to shift these into default install probably);
these are worthwile addition to sysadmin's toolbox.

Thanks dobr@ for bringing this up.
2014-01-20 14:59:24 +04:00
Michael Shigorin
711ae1ee9e rescue: experimental test to check for libX11
This has been spotted and solved manually several times already,
and that's just boring so let's add the ability to state that
X11-based software is not accepted into a particular rescue image.

Not that I would hate X but things like that belong to a carefully
crafted image which includes either X server or reasonable means
to ensure that GUI software can actually be used.

NB: this is a somewhat new entity: test/rescue/no-x11 knob
for an image-script intended to make it blow up the build
when libX11 is found within the chroot that makes up
the rescue image's filesystem.

The interface is not documented intentionally: it will take
some time to find out whether it sticks or is bad enough.
Please do remind/ask if interested in using that.
2014-01-20 14:57:42 +04:00
Michael Shigorin
1186a5e7f7 luks: move alterator-luks from pkglist to feature
Rescue images definitely don't need alterator pulled in.
2014-01-16 15:30:22 +04:00
Michael Shigorin
978984daf1 install2: put filesystem utils into installed system too
It's a tad pointless to be able to create a filesystem
but not to be able to fsck it at boot.
2014-01-13 21:29:54 +04:00
Evgeny Sinelnikov
d385a7864c stage1: add CIFS installation method 2014-01-11 22:51:19 +04:00
Michael Shigorin
9b8da4087b rescue, server, regular: added pciutils
At least lspci was sorely missing in non-rescue images
(as well as in mini rescue part of server image);
thanks Dank Bagryantsev for pointing this out:
http://lists.altlinux.org/pipermail/community/2013-December/681223.html
2013-12-30 20:34:14 +02:00
Michael Shigorin
6d95f8c370 branding, plymouth: rescue is stage2 too
I don't think we're gonna like plymouth over rescue image
anytime soon, especially when it hides the moment when shell
pops up somewhere under it without startup-rescue caring to
remove the splash.

So let's put that $(INSTALL2_BRANDING) into proper stage2
flavours only and avoid choking on missing plymouth as well.
2013-12-25 02:36:48 +02:00
Michael Shigorin
f044f58775 install2, sound, vmguest: support led-ws modules
led@ has different kernel-modules-* package set,
some of those "standard" names are provided but
vbox* is not the case.

As our macros and helpers will grok this just fine,
let's add both variants so what's present gets in.
2013-12-25 02:21:00 +02:00
Michael Shigorin
38152b0f59 rescue: added euro variant (a crisis one)
In these tough times there are no extra resources to waste
for wars or some extra rescue; so it is imperative to provide
some lean and mean help, you know.

IOW a common base has been split out and a more tight rescue
image configuration has been added on top of that so as to
try and fit altlinux-p7-sysv-tde.iso for i586 into CD-R.
2013-12-25 00:01:34 +02:00
Michael Shigorin
596a6bfe3d efi: whoops, non-x86_64 got broken
I've noted that this bit of code should be fixed up
before pushing but managed to overlook that in the end :(

mkimage version bump is due to the somewhat changed layout
of EFI packages and binaries within those (linked message in Russian):
http://lists.altlinux.org/pipermail/devel-distro/2013-December/001283.html
2013-12-24 11:54:01 +02:00
Michael Shigorin
129e40395a efi: add pesign to the rescue
It's at least as worthy as sbsigntools are.
2013-12-19 03:11:11 +04:00
Michael Shigorin
83b17d2982 efi: add use/efi/memtest86
It's implemented just like EFI_SHELL and will definitely
change someday but so far it's like this...
2013-12-19 03:11:11 +04:00
Michael Shigorin
90429a8508 efi: drop -signed subpackages
We chose to provide methods to sign packages but to avoid
signing these by default (with some arbitrary test keys)
the signatures are being added *after* the build by means
of rpmrebuild-pesign; all of this is made significantly
more complicated if there are separate -signed subpackages.

So these are being dropped in the packages; account for that.
2013-12-17 15:48:59 +02:00
Michael Shigorin
e4bb17279d branding: support refind branding
Everything is handled within mki-copy-efiboot currently
but it needs an image to process; extracting one from
bootloader branding seems less hassle than forcing it
into every flavour of branding.
2013-12-13 21:26:45 +04:00
Michael Shigorin
365c914a29 rescue: added rescue+fs pkglist
The changes in commits gb3e3234 and ga860b17 were actually useless
as rescue+fs list wasn't included into RESCUE_LISTS... and I need
pv(1) for convenient local disk cloning with time estimate.
2013-12-10 18:23:56 +04:00
Michael Shigorin
32d4aed7f2 x11: added use/x11/e18
The implementation is identical to e17 one.
2013-12-09 22:48:03 +04:00
Michael Shigorin
7e91e1b6d2 net: brief remark regarding livecd-save-nfs
A bit longer version is: add the script which cares to protect
the interfaces which has been brought up during NFS root bootup
already from being tampered with by NetworkManager so as to avoid
losing network with networked rootfs.
2013-11-29 22:21:10 +04:00
Michael Shigorin
3c40bb0d46 metadata: fix THE_PACKAGES processing
Actually the issue was worse in general: *_PACKAGES
weren't quoted when put into .base thus resulting
in a potentially broken echo command (silent one).

The macro scheme used was overgeneralized; stuffing
quoting differentiation into it was doable but ugly
(unless one is able to pass an unquoted quote sign
as a function's parameter in some elegant manner),
let's just make it straightforward.
2013-11-25 09:30:36 +04:00
Michael Shigorin
f6f7caec30 install2: support vbox guest
It's still inconvenient to discover mouse pointer
captured inside a box, let's overthrow the hardware
node and free it.
2013-11-25 00:38:01 +04:00
Michael Shigorin
815b4ebbe0 speech: should use/sound too
It's sort of pointless otherwise.
2013-11-25 00:17:32 +04:00
Michael Shigorin
7a75cb1320 speech: use emacspeak pkglist
...which has just been imported from m-p-d and looked like
badly missing (yasr wasn't starting).
2013-11-25 00:17:02 +04:00
Michael Shigorin
b1c18d43da branding: added bootloader to components
branding-*-bootloader was handled for stage1 by syslinux feature
but somehow got missed regarding the installed system; let's fix.
2013-11-24 21:29:04 +04:00
Michael Shigorin
00c58c3725 bootloader: add a guardian
BASE_BOOTLOADER must have been set to any of the supported
bootloader names somewhere during configuration; it is not
impossible to avoid this elsewhere so let's put a guardian
script which will stop the build which is known to result
in a broken image.
2013-11-24 21:29:04 +04:00
Michael Shigorin
657c0bf6ef 00example, bootloader, install2: drop sub/main
sub/main subprofile should not be requested directly
as documented in its README but rather via use/repo/main;
let's fix this discrepancy and check that no regressions
come hurling down.
2013-11-24 21:29:04 +04:00