Do not attempt to install with a filesystem that is not supported by the
initramfs code in the checked out pmaports branch.
Previously we would have increased the pmaports.cfg version and require
that new version by pmbootstrap, however this will break compatibility
with release branches where we won't roll out this feature (v20.05).
Therefore don't change the version, but add a new
"supported_root_filesystems" key to pmaports.cfg, which defaults to
"ext4".
Related: https://postmarketos.org/pmaports.cfg
Install specific filesystem tools right before they are needed, instead
of installing all filesystem tools that we might need beforehand. This
is in preparation to support f2fs.
Co-Authored-By: Oliver Smith <ollieparanoid@postmarketos.org>
Made changes to limit the line length in following files for #1986,
- pmb/install/_install.py
- pmb/install/blockdevice.py
- pmb/install/losetup.py
- pmb/install/partition.py
Added the above files in E501 flake8 command list.
Substitute f-string for string concatenation.
Split images have /dev/installp1 and /dev/installp2 but no
/dev/install to place the firmware, so it will actually create that file
in devfs where it might run out of space since it's only 1MB big
Leave some visual space before the flashing and ssh daemon information
blocks, so they don't get overlooked by the user:
[12:50:31] *** (4/4) FILL INSTALL BLOCKDEVICE ***
[12:50:31] (native) copy rootfs_qemu-amd64 to /mnt/install/
[12:50:36]
[12:50:36] *** FLASHING INFORMATION ***
[12:50:36] Refer to the installation instructions of your device, or the generic install instructions in the wiki.
[12:50:36] https://wiki.postmarketos.org/wiki/Installation_guide#pmbootstrap_flash
[12:50:36]
[12:50:36] *** SSH DAEMON INFORMATION ***
[12:50:36] SSH daemon is disabled (--no-sshd).
[12:50:36]
[12:50:36] NOTE: chroot is still active (use 'pmbootstrap shutdown' as necessary)
[12:50:36] Done
Change "configured" to "valid" in the error message:
Selected kernel (mainline_modem) is not configured for device bq-paella.
Please run 'pmbootstrap init' to select a valid kernel.
"configured" makes one think of "pmbootstrap init", but the valid
kernels are defined in the APKBUILD. Therefore I think "not valid" fits
better here.
Run setup_login() while creating the installer OS too, in order to
disable passwordless root login.
Note that this may sound like a security flaw, but it isn't.
* setup_login already ran for the target OS, meaning after the
installation is done, one is not be able to login as root without
password
* root login without password was only possible via serial console (or by
attaching a keyboard), not via SSH
* getting root rights via serial in the installer OS is actually desired
for debugging, we add a debug user with sudo set up by default:
https://wiki.postmarketos.org/wiki/On-device_installer#Debug_user
So even though this isn't a problem, disable it to avoid confusion.
When unmounting SD card after `pmbootstrap install --sdcard=...`
it takes a lot of time for kernel to sync filesystem cache
before actual umounting happehs. This looks like pmbootstrap is
stuck, so before doing unmount print a message to inform user of
what's happening, in case `--sdcard` was used.
Add comments to two functions, that if they are changed, the logic also
needs to be updated in ondev-preapre-internal-storage.sh of
postmarketos-ondev.git.
With postmarketos-ondev >= 0.4.0, have a different label for the boot
partition in the installer OS, so the postmarketOS initramfs can find
the proper partition to boot. Even if the boot partition is available
twice (once installed on eMMC, once as part of installer OS on SD card).
pmOS_inst_boot instead of pmOS_install_boot because of character limit.
Adds a list of locales user can choose from on init step.
If locale isn't default, then "lang" package is installed
and LANG is changed to the chosen locale.
Get rid of hardcoded step numbers, even for the currently common steps.
With the upcoming --ondev --no-rootfs, we will need to skip the
hardcoded step 2 (create device rootfs).
Move related code from pmb/install/_install.py:install() to a new
create_device_rootfs() function in the same file, so it can be skipped
with the upcoming --no-rootfs parameter.
Create an empty home dir if /etc/skel does not exist in the target
rootfs. Due to changes in packaging, this can happen now, previously
/etc/skel would always have existed.
Embed the firmware from the right chroot suffix. Previously it would
always use the rootfs_{args.device} chroot, which does not work anymore
with upcoming 'pmbootstrap install --ondev --no-rootfs' as there will
only be the installer_{args.device} chroot.
Change 'cryptsetup luksFormat' arguments to use --use-random instead of
--use-urandom. urandom is not recommended for the generation of long-term
cryptographic keys, as it may generate weak keys in low entropy
situations.
With the default argument values removed, the step logic is more
centralized in the install method which makes the code a bit less
brittle and easier to follow.
This adds a new commandline flag -E / --extra-space for
specifying the amount of additional space to be added to
the image size to work around cases where the automatically
determined size turns out to not actually be enough.
The value is also asked for in the "Additional options"
section of the interactive mode.
Fixes: #1904
format_and_mount_root() => format_luks_root():
* Rename to reflect what it's actually doing
* Move the FDE check from format_luks_root to the only caller
* Make arguments to "cryptsetup luksFormat" more readable
format_and_mount_pm_crypt() => format_and_mount_root():
* Rename to reflect what it's actually doing
* Don't overwrite device if doing FDE; instead provide the proper device
in the caller
The old function names were for historic reasons, early on it was only
possible to create encrypted installations with pmbootstrap.
Put all install_packages related lines into one block and fix up the
comments:
* The list of packages to be installed is not listed at this point (and
it does not make sense there, if we would want to list it, it should
be done in the next block at 'if args.build_pkgs_on_install).
* Remove "including the ones specified by --add", as it doesn't add any
value.
Don't have the set_user() call weirdly between multiple commands
building the install_packages list. Move it up, together with the log
message announcing that the device rootfs is being built.
Update the comment above set_user(): there is no 'build' user anymore,
and at this point we only call it before actually installing the
packages for legacy reasons.
Do not attempt to upgrade packages in the rootfs chroot when running
"pmbootstrap install".
This was responsible for placing every single package in /etc/apk/world
(which should only hold the packages explicitly installed), because the
upgrade function was literally implemented as getting a list of
installed packages and explicitly running pmb.chroot.apk.install on each
of them. The intention was to rebuild these packages if they were outdated,
I guess I didn't realize that this makes /etc/apk/world unusable when I
introduced this three years ago in 51bdc243 ("Properly rebuild/install
packages when something changed").
Remove pmb.chroot.apk.upgrade altogether, because:
1) pmb.install.install builds and upgrades outdated pmaports
2) pmb.install.install is the only user of pmb.chroot.apk.upgrade
3) 'pmbootstrap init' is warning that the chroots do not get upgraded
automatically, so let's not go against that expectation. users who
want an updated rootfs chroot can simply run zap and install again.
Replace it with a call to pmb.helpers.repo.update, because we still need
to update the APKINDEX files before attempting to build/install the
generated list of packages.
The Nokia n900 XkbLayout is a bit peculiar and sometimes
join two keymaps into one, for example:
Option "XkbLayout" "fise"
For the combined finnish/swedish layout. Add the common
joined keymaps, even if not all of these countries are
yet supported.
For details see:
https://gitlab.freedesktop.org/xkeyboard-config/xkeyboard-config/-/blob/master/symbols/nokia_vndr/rx-51
I also include this link in the code so no-one gets confused.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Do not fail in "pmbootstrap setup" if a keymap was selected, but no
/etc/X11/xorg.conf.d path exists in the rootfs chroot. The grep output
is not empty in that case (it would be empty if the directory exists and
there are no matches), so we need to add this extra check:
(rootfs_nokia-n900) % grep -rl XkbLayout /etc/X11/xorg.conf.d/
grep: /etc/X11/xorg.conf.d/: No such file or directory
Let UI meta-packages specify apps in "pmb_recommends" to be explicitly
installed by default, and not implicitly as dependency of the UI
meta-package ("depends"). Therefore make these apps uninstallable,
without removing the meta-package.
Add pmbootstrap install --no-recommends to disable this feature.
Add a question at the end of "pmbootstrap init", to ask if the user
wants to build outdated packages during "pmbootstrap install". Store the
result in the new pmbootstrap.cfg key "build_pkgs_on_install". I've put it at
the end, because it is a rather complicated question compared to the rest.
This is useful to speed up the installation for casual users who can now
avoid compiling packages. But also for the official images where we only
want to ship the official binary packages and not build anything
on-the-fly.
Put a minimum version check for postmarketos-ondev in the pmbootstrap
install code and verify it before starting the installation. This avoids
using incompatible versions, similar to the pmaports.cfg version check
we already have. Set the minimum required version to 0.2.0.