Persist LB_BOOTLOADERS in lb_binary_* configuration, since
Init_config_data called from lb_binary_* calls Prepare_config which
then overrides LB_BOOTLOADER_BIOS and LB_BOOTLOADER_EFI if
LB_ARCHITECTURE is amd64 or i386, and these can only be restored to
their proper values by the presence of LB_BOOTLOADERS.
This therefore ensures that the value of the "--bootloaders" parameter
to lb_config is respected by the lb_binary_* steps.
Allow APT_AUTH.CONF(5) config files to be used with archives.
Note that config/archives/*.conf are assumed to be apt.conf files,
so the apt_auth files are required to end with .auth and will be renamed
to .conf when copied into the chroot.
Closes: #991065
That prevents potential errors during future Remove_packages calls without APT indices available. In such cases, APT tries to remove packages with unrecognized names, which results in an error and fails the script execution. An example of this would be installing apt-utils in chroot_archives with --apt-indices option set to false.
Similar to iso images, the timestamp of a file/folder inside the binary
image cannot be newer than SOURCE_DATE_EPOCH.
Also set the timestamp of the hdd image.
This previously undocumented value for '--chroot-filesystem' creates the
uncompressed folder 'live/filesystem.dir'.
This will speed up the generation of live images a lot, because the
squashfs compression is skipped.
Example command line:
lb config -b hdd --chroot-filesystem plain --binary-filesystem ext4
The package might be missing when building with a minimal configuration,
as recommended in the Live Manual, the example 'Base image' scenario:
'lb config --apt-recommends false --debootstrap-options "--variant=minbase"'
Notes:
- No bootloader is configured; images must be booted via direct kernel
- Tested via qemu + opensbi fw_jump.elf + kernel/initrd
- As riscv64 is currently in ports, the following options are required:
--distribution unstable
--mirror-bootstrap http://ftp.ports.debian.org/debian-ports/
--security false
--debootstrap-options --keyring=/usr/share/keyrings/debian-ports-archive-keyring.gpg
- Normally ports require stacking two dists, unstable and unreleased.
debootstrap does not support doing this, but as of this writing, there
is nothing in riscv64 unreleased which is required to bootstrap.
However, this would not have been possible a year ago.
There are two main scenarios:
1) The host with live-build is configured to use a proxy
This proxy will automatically be used by live-build
2) The user of live-build explicitly specifies a proxy
2A) With the environment variable 'http_proxy' (preferred)
2B) With the command line option --apt-http-proxy
Any inconsistency in the setting of a proxy results in an error message of 'lb config'
All internal tools (apt/apt-get/aptitude, wget and debootstrap) use the environment variables 'http_proxy' and 'no_proxy', which are passed along to the chroot where needed.
Test scenario:
- A virtual machine with all out-going traffic blocked, except for the proxy.
MR !173 removed the export of several variables moving/renaming them.
Continue to export both the new name and older compatibility name.
Closes: #992572
This adds support for dm-vertiy on the root filesystem.
Currently only squashfs is supported.
Three new flags are introduced.
* --dm-verity: Enable basic dm-verity support
* --dm-verity-fec NB_ROOTS: Enable forward error correction. Optional
* --dm-verity-sign SCRIPT: Specify signing script for the root hash. Optional
Roland Clobus
Rob Shearman
Nick Brown
Philip Hands
Michał Prochera
Sophie Brun
Ryan Finnie
Luca Boccassi
David Hewitt
Thore Sommer