If 'eatmydata' is found, use it.
On a CI system calling 'sync' influences the other processes that are
running on the shared host. 'debootstrap' calls 'sync' in its second
stage. For live-build, the synchronisation is not required.
The error message:
N: Download is performed unsandboxed as root as file '/root/packages/./InRelease' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
The _apt user cannot access files in /root/packages, instead /packages
will be used.
Add the apt indices for the additional source of packages on the live
medium. It allows for installing packages from that source without
running 'apt-get update' first
Fixes the "Invalid 'Date' entry in Release File
/var/lib/apt/lists/partial/_run_live_medium_dists_bookworm_Release"
message when running 'apt-get update'
dracut uses the `iso-scan/filename` kernel parameter for loopback
booting with tools like Super Grub Disk, whereas live-boot uses the
`findiso` parameter for this purpose. Conditionally set which one is
used depending on the selected initramfs.
Iterate over source package names and call `apt-get source $srcpkg`, instead of
looping over binary package names and calling `apt-get source $binpkg`.
Taking libreoffice as an example, this means calling `apt-get source
libreoffice` once instead of hundreds of times.
Specify --only-source in `apt-get source` to make explicit the fact that the
argument is a source package name. This is necessary to make ambiguous cases
work, such as `libftdi1` which is both a source package name and a binary
package provided by a different source, `libftdi`.
The checksums in source/{live,debian}/sha256sum.txt are identical with and
without this patch.
We need to ensure that anna always auto-loads live-installer when running d-i
to install a live system, regardless of the presence of a udeb_include to copy.
/bin/hostname and /sbin/start-stop-daemon are being moved from / to /usr
in trixie. Hence, these diversions become ineffective. Temporarily add
both diversions to handle both variants.
Closes: #1064408
Add IMAGE_ID=live and BUILD_ID set to a human-readable SOURCE_DATE_EPOCH.
If building sid, also fix the broken VERSION_CODENAME so that it matches
reality.
Work together with Emanuele Rocca during MiniDebCamp Hamburg 2024
* rebuild: New command line option: --architecture
* installer: Enable the GTK installer
* bootloader: Set a default bootloader
* no qemu-binary in chroot
When grub-efi-amd64-signed and grub-common have mismatched
dependencies (e.g. due to binNMUs), allow a shim-only secure boot.
The user has to enroll the hash of the EFI/boot/grub*.efi file and then
secure booting can continue.
Shim-only is supported only for '--uefi-secure-boot=auto'
* source_tar: The order of the files in the tarball are now predictable.
This has been verified with 'disorderfs'
* rebuild.sh: The timestamp of the directory of theme.txt must also be
adjusted.
The test 'if [ x$grub_platform == xefi -a x$lockdown != xy ]' is meant
to be done by GRUB at runtime, so this line should appear verbatim in
the grub.cfg file.
However the variables are expanded at build-time by the script, because
the dollar symbol is not escaped.
Here's the result on a 12.1.0 live image:
$ cat <<debian-live-12.1.0>>/boot/grub/x86_64-efi/grub.cfg
if [ x == xefi -a x != xy ] ; then
insmod part_acorn
insmod part_amiga
insmod part_apple
insmod part_bsd
insmod part_dfly
insmod part_dvh
insmod part_gpt
insmod part_msdos
insmod part_plan
insmod part_sun
insmod part_sunpc
fi
source /boot/grub/grub.cfg
Note that this mistake would have been caught if only the nounset option
had been used (ie. 'set -u').
Fixes commit: 7b36f5b0ad
Setting the value of PARTITIONLIST in a sub-shell is scoped to the
sub-shell, it will not change the value of the variable in the parent
shell.
In other words:
#!/bin/sh
FOOBAR=
(FOOBAR=foo)
echo FOOBAR=$FOOBAR
gives the output:
FOOBAR=
As a consequence, PARTITIONLIST being empty, there are no part_*
modules embedded in the boot<platform>.efi binary. This is clearly a
regression, introduced in 7b36f5b0ad.
Somehow, Debian doesn't seem to be impacted. Kali Linux is impacted, but
only under very special conditions, leading to this bug report:
<https://bugs.kali.org/view.php?id=8441>
This commit fixes it, by setting the PARTITIONLIST variable first, and
then using it where needs be. As a consequence it greatly simplifies the
next part of the code, as we can just use a heredoc to create the grub
config.
The shim EFI file on Ubuntu can be a symlink, as it may be in the alternatives system, so
previously, when calculating the size of the FAT32 partition, we would measure the size of the
symlink instead of the actual file and get "Disk full" errors when trying to copy the files into
the new FAT32 partition.
If we dereference the file on copy, we get the actual file and can calculate the size accurately.
```
lrwxrwxrwx. 1 root root 36 Jul 12 20:04 bootx64.efi -> /etc/alternatives/shimx64.efi.signed
```
* The ISO volume is constructed similar to Debian 11
* The file .disk/info can be overridden
* The file .disk/info does not contain 'Official' per default
* Overrides that are required for live-setup are now explicit in
rebuild.sh
* New .disk/generator contains tracable information to the rebuild.sh
script
* The ISO volume is unique for each desktop environment
Roland Clobus
Aaron Rainbolt
Nick Brown
Emanuele Rocca
Helmut Grohne
Luca Boccassi
Marcel Partap
Patrick Schleizer
Arnaud Rebillout
jfliu
David Hewitt