This patch installs (almost) all chroot packages by queueing the package
names into a single file and then installing that. It depends on my
previous patch to install local packages by using an APT mirror.
This speeds up image build causes even greater speedups once more packages
adopt triggers.
(Packages installed by debconf preseeding are not touched, nor are packages
installed by tasks.)
This patch modifies chroot_sources to build a small APT repo of the
local-packages and use that for local package installation instead of
"dpkg -i". This has a few advantages:
* Removes the true ugliness that is "dpkg -i *.deb && apt-get install -f".
This not only is slow and brittle, it causes scary "dpkg dependency
error" messages to appear in build logs.
* We can (ie. not implemented here) move to installing all the packages
from:
- lh_chroot_packages (ie. ${LH_PACKAGES})
- lh_chroot_local-packages (ie. config/chroot_local-packages/*.deb)
- lh_chroot_local-packageslists
- lh_chroot_packages-lists
- lh_chroot_linux-image
.. in one shot. This would primarily improve speed as we would not keep
invoking ${LH_APT}, and package installations can share triggers and
suchlike -- installing a custom live-initramfs via local packages
currently costs an additional "update-initramfs -u" call.
It would also fix a number of obscure dependency cases, such as the one
documented in #475739, and--if the user is using aptitude--may even
result in better resolution choices.
* Removes some messy and somewhat brittle code in lh_chroot_linux-image
that edgecases a local live-initramfs.
The disadvantages are:
* If local packages are being used and we are building in a chroot, we
must refresh the sources list and rebuild the repo before building the
binary images. (However, before this patch, we had to do this anyway if
the binary mirrors were different from the chroot ones.)
* We must add a little hack to the minimal hook to detect whether we are
using local packages and not remove apt-utils (which creates the
repository in lh_chroot_sources) if that is the case -- we cannot simply
use "Install_package" inside lh_chroot_sources as we are not guaranteed
to have working APT data because the minimal hook deliberately removes
them!
This patch disables the installation of "Recommends:" packages whilst
obtaining build utilities such as 'syslinux'.
It has three benefits:
* Doesn't waste time installing useless packages whilst building.
* Keeps the "binary chroot" clean - packages leak into the the live system
on a rebuild.
* Makes the behaviour of Install_Package more predictable and independent
of the chroot's APT configuration.
This means that /isolinux/isolinux.bin and /boot/grub/stage2_eltorito are
not included in md5sum files anymore as intended. It also prevents a
strange and verbose warning from appearing in build logs.
The loop-aes-utils sets a umask in its update-initramfs configuration,
causing initrds to have "0600" permissions which causes boot failures
when offering the files over netboot or similar.
The justification given by loop-aes is that, as it supports encrypting
against embedded GPG keyrings, the keys would be compromised if the files
were group- or world- readable. However, as live-helper does not support
this feature, it is safe to simply correct the permissions.
mksquashfs has a nasty habit of segfaulting when creating an image where
an image already exists. This can happen, for example, if you are
performing multiple runs of lh_binary and the build breaks for some reason.
This is almost certainly a bug in mksquashfs; I will look into finding a
suitable testcase.
This patch repacks the initrd when using the d-i netboot images in order
to incorporate a preseed.cfg if it exists. Before this patch, preseeding
of d-i netboot images was not possible.
Repacking the initrd has the additional advantage of being able to preseed
the first few questions of the installation process.
The code which determined whether to use the netboot d-i images was the
inverse of the code which determined whether to create a local package
pool: this patch merges the two.
This patch additionally ensures that setting "businesscard" whilst building
an ISO image will install the d-i netboot images; this was causing d-i
failures when it couldn't find its (non-existent) package pool.
We must use "aptitude install <pkgname>" to install dependencies of a
dpkg-installed <pkgname>, or aptitude's resolver will remove it. apt-get
does not have this "feature".
This was causing a problem when using a custom versions of live-initramfs
as they would be removed, causing a boot failure.