From 55c7b9b6bfbfd9d2e92954d9ce6d7711c3cef2f3 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Thu, 31 Aug 2023 11:33:04 +0100 Subject: [PATCH 01/11] minimal-raw/rhel: Fix the kernel command line None of these options should be hard coded. The serial console on a lot of devices is not ttyS0, (eg it's ttymxc0 on i.MX8) and it breaks console output on connected displays. Some of these options are x86 specific and we want to use the specific names for the network interfaces so drop all those. Signed-off-by: Peter Robinson --- pkg/distro/rhel8/edge.go | 2 +- pkg/distro/rhel9/edge.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/distro/rhel8/edge.go b/pkg/distro/rhel8/edge.go index 4fcd6fda2c..2712ee15b0 100644 --- a/pkg/distro/rhel8/edge.go +++ b/pkg/distro/rhel8/edge.go @@ -149,7 +149,7 @@ func minimalRawImgType(rd distribution) imageType { osPkgsKey: minimalrpmPackageSet, }, rpmOstree: false, - kernelOptions: "ro no_timer_check console=ttyS0,115200n8 biosdevname=0 net.ifnames=0", + kernelOptions: "ro", bootable: true, defaultSize: 2 * common.GibiByte, image: diskImage, diff --git a/pkg/distro/rhel9/edge.go b/pkg/distro/rhel9/edge.go index 9f0795281f..45e42bc4eb 100644 --- a/pkg/distro/rhel9/edge.go +++ b/pkg/distro/rhel9/edge.go @@ -184,7 +184,7 @@ var ( osPkgsKey: minimalrpmPackageSet, }, rpmOstree: false, - kernelOptions: "ro no_timer_check console=ttyS0,115200n8 biosdevname=0 net.ifnames=0", + kernelOptions: "ro", bootable: true, defaultSize: 2 * common.GibiByte, image: diskImage, From 6a630d5933b2910ef40e6e7fa97b498ea58292c5 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Thu, 31 Aug 2023 11:45:38 +0100 Subject: [PATCH 02/11] minimal-raw/rhel: Add WiFi support Add WiFi support and initial-setup to create users. The image should have basic WiFi support as a lot of the devices have WiFi so being able to use it out of the box is important. The majority of the WiFi firmware is currently in linux-firmware but also add the most common Intel cards too. Signed-off-by: Peter Robinson --- pkg/distro/rhel8/package_sets.go | 3 +++ pkg/distro/rhel9/package_sets.go | 3 +++ 2 files changed, 6 insertions(+) diff --git a/pkg/distro/rhel8/package_sets.go b/pkg/distro/rhel8/package_sets.go index d8b7f781ba..608500cd11 100644 --- a/pkg/distro/rhel8/package_sets.go +++ b/pkg/distro/rhel8/package_sets.go @@ -78,6 +78,9 @@ func minimalrpmPackageSet(t *imageType) rpmmd.PackageSet { return rpmmd.PackageSet{ Include: []string{ "@core", + "NetworkManager-wifi", + "iwl7260-firmware", + "iwl3160-firmware", }, } } diff --git a/pkg/distro/rhel9/package_sets.go b/pkg/distro/rhel9/package_sets.go index 3c054dcf85..0a6228b3d7 100644 --- a/pkg/distro/rhel9/package_sets.go +++ b/pkg/distro/rhel9/package_sets.go @@ -250,6 +250,9 @@ func minimalrpmPackageSet(t *imageType) rpmmd.PackageSet { return rpmmd.PackageSet{ Include: []string{ "@core", + "NetworkManager-wifi", + "iwl7260-firmware", + "iwl3160-firmware", }, } } From 0e2c5155769f728a6a0ed3b1457c3cf9a8e431cd Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Fri, 8 Sep 2023 15:30:00 +0100 Subject: [PATCH 03/11] disk: partition: Allow specifying a starting offset It's useful for a number of usecases to be able to specify a starting offset for the first partition on disk. This is needed for some arm images to allow space for firmware, but it's also often needed for virt images so VMs are optimally places on disk. Fix an issue where the starting offset isn't set for partition offsets. Signed-off-by: Peter Robinson --- pkg/disk/partition_table.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/disk/partition_table.go b/pkg/disk/partition_table.go index 48b9211f15..b14aea1431 100644 --- a/pkg/disk/partition_table.go +++ b/pkg/disk/partition_table.go @@ -17,6 +17,7 @@ type PartitionTable struct { SectorSize uint64 // Sector size in bytes ExtraPadding uint64 // Extra space at the end of the partition table (sectors) + StartOffset uint64 // Starting offset of the first partition in the table (Mb) } func NewPartitionTable(basePT *PartitionTable, mountpoints []blueprint.FilesystemCustomization, imageSize uint64, lvmify bool, requiredSizes map[string]uint64, rng *rand.Rand) (*PartitionTable, error) { @@ -77,6 +78,7 @@ func (pt *PartitionTable) Clone() Entity { Partitions: make([]Partition, len(pt.Partitions)), SectorSize: pt.SectorSize, ExtraPadding: pt.ExtraPadding, + StartOffset: pt.StartOffset, } for idx, partition := range pt.Partitions { @@ -364,6 +366,7 @@ func (pt *PartitionTable) relayout(size uint64) uint64 { } start := pt.AlignUp(header) + start += pt.StartOffset size = pt.AlignUp(size) var rootIdx = -1 From b17be086ed99f379889eb796d67546ea121fa37a Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Fri, 8 Sep 2023 17:20:23 +0100 Subject: [PATCH 04/11] minimal-raw/rhel: Add offset to partitions A number of edge devices, in most cases pre-prod that may be on the edge of proper certification, need to write the firmware to the beginning of the storage, while this is far from ideal the default 2048 blocks (1Mb) is generally not enough and it means when the firmware is written out we will zap the EFI ESP partition so let's start this with an offset of 8Mb for these images to ensure we have enough space for those (hopefully rare) use cases. Signed-off-by: Peter Robinson --- pkg/distro/rhel9/edge.go | 98 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 97 insertions(+), 1 deletion(-) diff --git a/pkg/distro/rhel9/edge.go b/pkg/distro/rhel9/edge.go index 45e42bc4eb..1eba80e6c4 100644 --- a/pkg/distro/rhel9/edge.go +++ b/pkg/distro/rhel9/edge.go @@ -191,7 +191,7 @@ var ( buildPipelines: []string{"build"}, payloadPipelines: []string{"os", "image", "xz"}, exports: []string{"xz"}, - basePartitionTables: defaultBasePartitionTables, + basePartitionTables: minimalrawPartitionTables, } // Shared Services @@ -213,6 +213,102 @@ var ( }, } // Partition tables + minimalrawPartitionTables = distro.BasePartitionTableMap{ + platform.ARCH_X86_64.String(): disk.PartitionTable{ + UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0", + Type: "gpt", + StartOffset: 8 * common.MebiByte, + Partitions: []disk.Partition{ + { + Size: 200 * common.MebiByte, + Type: disk.EFISystemPartitionGUID, + UUID: disk.EFISystemPartitionUUID, + Payload: &disk.Filesystem{ + Type: "vfat", + UUID: disk.EFIFilesystemUUID, + Mountpoint: "/boot/efi", + Label: "EFI-SYSTEM", + FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", + FSTabFreq: 0, + FSTabPassNo: 2, + }, + }, + { + Size: 500 * common.MebiByte, + Type: disk.XBootLDRPartitionGUID, + UUID: disk.FilesystemDataUUID, + Payload: &disk.Filesystem{ + Type: "xfs", + Mountpoint: "/boot", + Label: "boot", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + { + Size: 2 * common.GibiByte, + Type: disk.FilesystemDataGUID, + UUID: disk.RootPartitionUUID, + Payload: &disk.Filesystem{ + Type: "xfs", + Label: "root", + Mountpoint: "/", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + }, + }, + platform.ARCH_AARCH64.String(): disk.PartitionTable{ + UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0", + Type: "gpt", + StartOffset: 8 * common.MebiByte, + Partitions: []disk.Partition{ + { + Size: 200 * common.MebiByte, + Type: disk.EFISystemPartitionGUID, + UUID: disk.EFISystemPartitionUUID, + Payload: &disk.Filesystem{ + Type: "vfat", + UUID: disk.EFIFilesystemUUID, + Mountpoint: "/boot/efi", + Label: "EFI-SYSTEM", + FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", + FSTabFreq: 0, + FSTabPassNo: 2, + }, + }, + { + Size: 500 * common.MebiByte, + Type: disk.XBootLDRPartitionGUID, + UUID: disk.FilesystemDataUUID, + Payload: &disk.Filesystem{ + Type: "xfs", + Mountpoint: "/boot", + Label: "boot", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + { + Size: 2 * common.GibiByte, + Type: disk.FilesystemDataGUID, + UUID: disk.RootPartitionUUID, + Payload: &disk.Filesystem{ + Type: "xfs", + Label: "root", + Mountpoint: "/", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + }, + }, + } edgeBasePartitionTables = distro.BasePartitionTableMap{ platform.ARCH_X86_64.String(): disk.PartitionTable{ UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0", From b811fab1291a71045ac68ce88592f8b36b170717 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Fri, 8 Sep 2023 11:41:33 +0100 Subject: [PATCH 05/11] minimal-raw/rhel: Add initial-setup By default there's no user and the root account should be locked so we need to provide a means for images that maybe distributed to enable a user to create accounts to login as we don't want to, by default, unlock the root account and provide default credentials as that's a major security issue. If a user doesn't add an account in a blueprint they end up with an unusable image. We add libxkbcommon as it's required by i-s but isn't pulled in. Signed-off-by: Peter Robinson --- pkg/distro/rhel8/edge.go | 10 ++++++++++ pkg/distro/rhel8/package_sets.go | 2 ++ pkg/distro/rhel9/edge.go | 7 +++++++ pkg/distro/rhel9/package_sets.go | 2 ++ 4 files changed, 21 insertions(+) diff --git a/pkg/distro/rhel8/edge.go b/pkg/distro/rhel8/edge.go index 2712ee15b0..0be5e6d57b 100644 --- a/pkg/distro/rhel8/edge.go +++ b/pkg/distro/rhel8/edge.go @@ -148,6 +148,9 @@ func minimalRawImgType(rd distribution) imageType { packageSets: map[string]packageSetFunc{ osPkgsKey: minimalrpmPackageSet, }, + defaultImageConfig: &distro.ImageConfig{ + EnabledServices: minimalrawServices(rd), + }, rpmOstree: false, kernelOptions: "ro", bootable: true, @@ -401,3 +404,10 @@ func edgeServices(rd distribution) []string { return edgeServices } + +func minimalrawServices(rd distribution) []string { + // Common Services + var minimalrawServices = []string{"NetworkManager.service", "firewalld.service", "sshd.service", "initial-setup.service"} + + return minimalrawServices +} diff --git a/pkg/distro/rhel8/package_sets.go b/pkg/distro/rhel8/package_sets.go index 608500cd11..6b478cac74 100644 --- a/pkg/distro/rhel8/package_sets.go +++ b/pkg/distro/rhel8/package_sets.go @@ -78,6 +78,8 @@ func minimalrpmPackageSet(t *imageType) rpmmd.PackageSet { return rpmmd.PackageSet{ Include: []string{ "@core", + "initial-setup", + "libxkbcommon", "NetworkManager-wifi", "iwl7260-firmware", "iwl3160-firmware", diff --git a/pkg/distro/rhel9/edge.go b/pkg/distro/rhel9/edge.go index 1eba80e6c4..29067a6c6c 100644 --- a/pkg/distro/rhel9/edge.go +++ b/pkg/distro/rhel9/edge.go @@ -183,6 +183,10 @@ var ( packageSets: map[string]packageSetFunc{ osPkgsKey: minimalrpmPackageSet, }, + defaultImageConfig: &distro.ImageConfig{ + EnabledServices: minimalrawServices, + SystemdUnit: systemdUnits, + }, rpmOstree: false, kernelOptions: "ro", bootable: true, @@ -199,6 +203,9 @@ var ( // TODO(runcom): move fdo-client-linuxapp.service to presets? "NetworkManager.service", "firewalld.service", "sshd.service", "fdo-client-linuxapp.service", } + minimalrawServices = []string{ + "NetworkManager.service", "firewalld.service", "sshd.service", "initial-setup.service", + } //dropin to disable grub-boot-success.timer if greenboot present systemdUnits = []*osbuild.SystemdUnitStageOptions{ { diff --git a/pkg/distro/rhel9/package_sets.go b/pkg/distro/rhel9/package_sets.go index 0a6228b3d7..d1228c3015 100644 --- a/pkg/distro/rhel9/package_sets.go +++ b/pkg/distro/rhel9/package_sets.go @@ -250,6 +250,8 @@ func minimalrpmPackageSet(t *imageType) rpmmd.PackageSet { return rpmmd.PackageSet{ Include: []string{ "@core", + "initial-setup", + "libxkbcommon", "NetworkManager-wifi", "iwl7260-firmware", "iwl3160-firmware", From 85de80cd87943991702cc28c201ec43eff7a6b4d Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Fri, 8 Sep 2023 17:11:24 +0100 Subject: [PATCH 06/11] fedora: fix default kernel command line Fix the default Fedora kernel command line. It was advertised as the default but the reality is the options were for cloud, so set a real default as the option and update the cloud options to something special for them. It's not truly correct as at least one of the options is x86 specific but when booted on other architectures those kernels will ignore it (and I honestly think it's ancient cargo culted kernel command line options). Signed-off-by: Peter Robinson --- pkg/distro/fedora/distro.go | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/pkg/distro/fedora/distro.go b/pkg/distro/fedora/distro.go index c0758afe21..d138879a55 100644 --- a/pkg/distro/fedora/distro.go +++ b/pkg/distro/fedora/distro.go @@ -31,8 +31,11 @@ const ( // blueprint package set name blueprintPkgsKey = "blueprint" - //Kernel options for ami, qcow2, openstack, vhd and vmdk types - defaultKernelOptions = "ro no_timer_check console=ttyS0,115200n8 biosdevname=0 net.ifnames=0" + //Default kernel command line + defaultKernelOptions = "ro" + + // Added kernel command line options for ami, qcow2, openstack, vhd and vmdk types + cloudKernelOptions = "ro no_timer_check console=ttyS0,115200n8 biosdevname=0 net.ifnames=0" ) var ( @@ -237,7 +240,7 @@ var ( "cloud-init-local.service", }, }, - kernelOptions: defaultKernelOptions, + kernelOptions: cloudKernelOptions, bootable: true, defaultSize: 5 * common.GibiByte, image: diskImage, @@ -265,7 +268,7 @@ var ( osPkgsKey: vmdkCommonPackageSet, }, defaultImageConfig: vmdkDefaultImageConfig, - kernelOptions: defaultKernelOptions, + kernelOptions: cloudKernelOptions, bootable: true, defaultSize: 2 * common.GibiByte, image: diskImage, @@ -283,7 +286,7 @@ var ( osPkgsKey: vmdkCommonPackageSet, }, defaultImageConfig: vmdkDefaultImageConfig, - kernelOptions: defaultKernelOptions, + kernelOptions: cloudKernelOptions, bootable: true, defaultSize: 2 * common.GibiByte, image: diskImage, From 5aefc86f5e5adad14fb775e147b5940e3c0aad84 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Fri, 1 Sep 2023 12:54:55 +0100 Subject: [PATCH 07/11] fedora: Update WiFi firmware naming A number of bits of WiFi firmware have changed in Fedora, with some moved out of linux-firmware, and some Intel ones being renamed so update to the current naming which is valid for all currently supported releases. Signed-off-by: Peter Robinson --- pkg/distro/fedora/distro.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkg/distro/fedora/distro.go b/pkg/distro/fedora/distro.go index d138879a55..f1b2d4677b 100644 --- a/pkg/distro/fedora/distro.go +++ b/pkg/distro/fedora/distro.go @@ -711,7 +711,9 @@ func newDistro(version int) distro.Distro { FirmwarePackages: []string{ "arm-image-installer", // ?? "bcm283x-firmware", - "iwl7260-firmware", + "brcmfmac-firmware", + "iwlwifi-mvm-firmware", + "realtek-firmware", "uboot-images-armv8", // ?? }, }, @@ -796,8 +798,10 @@ func newDistro(version int) distro.Distro { "grub2-tools", "grub2-tools-extra", "grub2-tools-minimal", + "brcmfmac-firmware", "iwlwifi-dvm-firmware", "iwlwifi-mvm-firmware", + "realtek-firmware", "microcode_ctl", "syslinux", "syslinux-nonlinux", @@ -819,6 +823,10 @@ func newDistro(version int) distro.Distro { "grub2-tools", "grub2-tools-extra", "grub2-tools-minimal", + "brcmfmac-firmware", + "iwlwifi-dvm-firmware", + "iwlwifi-mvm-firmware", + "realtek-firmware", "uboot-images-armv8", }, }, From 40d7c687a81cf44b20c7b557a63985abd49ba2aa Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Fri, 8 Sep 2023 17:21:55 +0100 Subject: [PATCH 08/11] minimal-raw/fedora: Add offset to partitions A number of edge devices, in most cases pre-prod that may be on the edge of proper certification, need to write the firmware to the beginning of the storage, while this is far from ideal the default 2048 blocks (1Mb) is generally not enough and it means when the firmware is written out we will zap the EFI ESP partition so let's start this with an offset of 8Mb for these images to ensure we have enough space for those (hopefully rare) use cases. Also the Fedora image, due to support requirements around devices like the Raspberry Pi 3 require the default partition tables format to be msdos because the initial program loader in silicon doesn't support loading the firmware off a GPT partition table. Signed-off-by: Peter Robinson --- pkg/distro/fedora/distro.go | 2 +- pkg/distro/fedora/partition_tables.go | 95 +++++++++++++++++++++++++++ 2 files changed, 96 insertions(+), 1 deletion(-) diff --git a/pkg/distro/fedora/distro.go b/pkg/distro/fedora/distro.go index f1b2d4677b..a01d722359 100644 --- a/pkg/distro/fedora/distro.go +++ b/pkg/distro/fedora/distro.go @@ -357,7 +357,7 @@ var ( buildPipelines: []string{"build"}, payloadPipelines: []string{"os", "image", "xz"}, exports: []string{"xz"}, - basePartitionTables: defaultBasePartitionTables, + basePartitionTables: minimalrawPartitionTables, } ) diff --git a/pkg/distro/fedora/partition_tables.go b/pkg/distro/fedora/partition_tables.go index 03011234b0..0aa90723ac 100644 --- a/pkg/distro/fedora/partition_tables.go +++ b/pkg/distro/fedora/partition_tables.go @@ -108,6 +108,101 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{ }, } +var minimalrawPartitionTables = distro.BasePartitionTableMap{ + platform.ARCH_X86_64.String(): disk.PartitionTable{ + UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0", + Type: "gpt", + StartOffset: 8 * common.MebiByte, + Partitions: []disk.Partition{ + { + Size: 200 * common.MebiByte, + Type: disk.EFISystemPartitionGUID, + UUID: disk.EFISystemPartitionUUID, + Payload: &disk.Filesystem{ + Type: "vfat", + UUID: disk.EFIFilesystemUUID, + Mountpoint: "/boot/efi", + Label: "EFI-SYSTEM", + FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", + FSTabFreq: 0, + FSTabPassNo: 2, + }, + }, + { + Size: 500 * common.MebiByte, + Type: disk.XBootLDRPartitionGUID, + UUID: disk.FilesystemDataUUID, + Payload: &disk.Filesystem{ + Type: "ext4", + Mountpoint: "/boot", + Label: "boot", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + { + Size: 2 * common.GibiByte, + Type: disk.FilesystemDataGUID, + UUID: disk.RootPartitionUUID, + Payload: &disk.Filesystem{ + Type: "ext4", + Label: "root", + Mountpoint: "/", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + }, + }, + platform.ARCH_AARCH64.String(): disk.PartitionTable{ + UUID: "0xc1748067", + Type: "dos", + StartOffset: 8 * common.MebiByte, + Partitions: []disk.Partition{ + { + Size: 200 * common.MebiByte, + Type: "06", + Bootable: true, + Payload: &disk.Filesystem{ + Type: "vfat", + UUID: disk.EFIFilesystemUUID, + Mountpoint: "/boot/efi", + Label: "EFI-SYSTEM", + FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", + FSTabFreq: 0, + FSTabPassNo: 2, + }, + }, + { + Size: 500 * common.MebiByte, + Type: "83", + Payload: &disk.Filesystem{ + Type: "ext4", + Mountpoint: "/boot", + Label: "boot", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + { + Size: 2 * common.GibiByte, + Type: "83", + Payload: &disk.Filesystem{ + Type: "ext4", + Label: "root", + Mountpoint: "/", + FSTabOptions: "defaults", + FSTabFreq: 0, + FSTabPassNo: 0, + }, + }, + }, + }, +} + var iotBasePartitionTables = distro.BasePartitionTableMap{ platform.ARCH_X86_64.String(): disk.PartitionTable{ UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0", From 17599eb934c145fd4ee17e010161d0db65e6aaf8 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Fri, 8 Sep 2023 16:49:06 +0100 Subject: [PATCH 09/11] minimal-raw/fedora: fixes for the image type Add WiFi support and initial-setup to create users. The image should have basic WiFi support as a lot of the devices have WiFi so being able to use it out of the box is important. The majority of the WiFi firmware is currently in linux-firmware but also add the most common Intel cards too. We need inital-setup to create users, set root password etc as we don't want to be using default user/password as it's a major security risk. We add libxkbcommon as i-s needs it. We need to start default services to ensure the right things run and we end up with things like firewalls and networks. Finally we need to setup the firmware for the RPi. Signed-off-by: Peter Robinson --- pkg/distro/fedora/distro.go | 26 ++++++++++++++++++++++---- pkg/distro/fedora/package_sets.go | 6 ++++++ pkg/platform/aarch64.go | 10 +++++----- 3 files changed, 33 insertions(+), 9 deletions(-) diff --git a/pkg/distro/fedora/distro.go b/pkg/distro/fedora/distro.go index a01d722359..2e3b8c4de2 100644 --- a/pkg/distro/fedora/distro.go +++ b/pkg/distro/fedora/distro.go @@ -64,6 +64,13 @@ var ( "dbus-parsec", } + minimalRawServices = []string{ + "NetworkManager.service", + "firewalld.service", + "initial-setup.service", + "sshd.service", + } + // Image Definitions imageInstallerImgType = imageType{ name: "image-installer", @@ -349,6 +356,9 @@ var ( packageSets: map[string]packageSetFunc{ osPkgsKey: minimalrpmPackageSet, }, + defaultImageConfig: &distro.ImageConfig{ + EnabledServices: minimalRawServices, + }, rpmOstree: false, kernelOptions: defaultKernelOptions, bootable: true, @@ -709,12 +719,12 @@ func newDistro(version int) distro.Distro { &platform.Aarch64{ BasePlatform: platform.BasePlatform{ FirmwarePackages: []string{ - "arm-image-installer", // ?? + "arm-image-installer", "bcm283x-firmware", "brcmfmac-firmware", "iwlwifi-mvm-firmware", "realtek-firmware", - "uboot-images-armv8", // ?? + "uboot-images-armv8", }, }, UEFIVendor: "fedora", @@ -726,7 +736,7 @@ func newDistro(version int) distro.Distro { liveInstallerImgType, ) aarch64.addImageTypes( - &platform.Aarch64_IoT{ + &platform.Aarch64_Fedora{ BasePlatform: platform.BasePlatform{ ImageFormat: platform.FORMAT_RAW, }, @@ -776,10 +786,18 @@ func newDistro(version int) distro.Distro { minimalrawImgType, ) aarch64.addImageTypes( - &platform.Aarch64{ + &platform.Aarch64_Fedora{ UEFIVendor: "fedora", BasePlatform: platform.BasePlatform{ ImageFormat: platform.FORMAT_RAW, + FirmwarePackages: []string{ + "arm-image-installer", + "bcm283x-firmware", + "uboot-images-armv8", + }, + }, + BootFiles: [][2]string{ + {"/usr/share/uboot/rpi_arm64/u-boot.bin", "/boot/efi/rpi-u-boot.bin"}, }, }, minimalrawImgType, diff --git a/pkg/distro/fedora/package_sets.go b/pkg/distro/fedora/package_sets.go index ccac6e8ec3..4ebcfa7adc 100644 --- a/pkg/distro/fedora/package_sets.go +++ b/pkg/distro/fedora/package_sets.go @@ -535,6 +535,12 @@ func minimalrpmPackageSet(t *imageType) rpmmd.PackageSet { return rpmmd.PackageSet{ Include: []string{ "@core", + "initial-setup", + "libxkbcommon", + "NetworkManager-wifi", + "brcmfmac-firmware", + "realtek-firmware", + "iwlwifi-mvm-firmware", }, } } diff --git a/pkg/platform/aarch64.go b/pkg/platform/aarch64.go index 2e8b81cd66..879de6becd 100644 --- a/pkg/platform/aarch64.go +++ b/pkg/platform/aarch64.go @@ -28,21 +28,21 @@ func (p *Aarch64) GetPackages() []string { return packages } -type Aarch64_IoT struct { +type Aarch64_Fedora struct { BasePlatform UEFIVendor string BootFiles [][2]string } -func (p *Aarch64_IoT) GetArch() Arch { +func (p *Aarch64_Fedora) GetArch() Arch { return ARCH_AARCH64 } -func (p *Aarch64_IoT) GetUEFIVendor() string { +func (p *Aarch64_Fedora) GetUEFIVendor() string { return p.UEFIVendor } -func (p *Aarch64_IoT) GetPackages() []string { +func (p *Aarch64_Fedora) GetPackages() []string { packages := p.BasePlatform.FirmwarePackages if p.UEFIVendor != "" { @@ -57,6 +57,6 @@ func (p *Aarch64_IoT) GetPackages() []string { return packages } -func (p *Aarch64_IoT) GetBootFiles() [][2]string { +func (p *Aarch64_Fedora) GetBootFiles() [][2]string { return p.BootFiles } From 5fca8318d97ecbeb5c9f513ff7074822b431d873 Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Fri, 8 Sep 2023 17:16:41 +0200 Subject: [PATCH 10/11] distro: add fsnodes to ImageConfig Support adding fsnodes to the ImageConfig so we can define arbitrary files as part of the base config. This should be avoided and only used as a last resort or short term workaround. --- pkg/distro/fedora/images.go | 3 +++ pkg/distro/image_config.go | 4 ++++ pkg/distro/rhel7/images.go | 3 +++ pkg/distro/rhel8/images.go | 3 +++ pkg/distro/rhel9/images.go | 3 +++ 5 files changed, 16 insertions(+) diff --git a/pkg/distro/fedora/images.go b/pkg/distro/fedora/images.go index e99d42e000..19b64a00a8 100644 --- a/pkg/distro/fedora/images.go +++ b/pkg/distro/fedora/images.go @@ -224,6 +224,9 @@ func osCustomizations( osc.PwQuality = imageConfig.PwQuality osc.WSLConfig = imageConfig.WSLConfig + osc.Files = append(osc.Files, imageConfig.Files...) + osc.Directories = append(osc.Directories, imageConfig.Directories...) + return osc } diff --git a/pkg/distro/image_config.go b/pkg/distro/image_config.go index 51ebb69166..dad0942fca 100644 --- a/pkg/distro/image_config.go +++ b/pkg/distro/image_config.go @@ -4,6 +4,7 @@ import ( "fmt" "reflect" + "github.com/osbuild/images/internal/fsnode" "github.com/osbuild/images/internal/shell" "github.com/osbuild/images/pkg/osbuild" "github.com/osbuild/images/pkg/subscription" @@ -62,6 +63,9 @@ type ImageConfig struct { UdevRules *osbuild.UdevRulesStageOptions GCPGuestAgentConfig *osbuild.GcpGuestAgentConfigOptions WSLConfig *osbuild.WSLConfStageOptions + + Files []*fsnode.File + Directories []*fsnode.Directory } // InheritFrom inherits unset values from the provided parent configuration and diff --git a/pkg/distro/rhel7/images.go b/pkg/distro/rhel7/images.go index e3ca6dc209..bf1987a5af 100644 --- a/pkg/distro/rhel7/images.go +++ b/pkg/distro/rhel7/images.go @@ -213,6 +213,9 @@ func osCustomizations( osc.UdevRules = imageConfig.UdevRules osc.GCPGuestAgentConfig = imageConfig.GCPGuestAgentConfig + osc.Files = append(osc.Files, imageConfig.Files...) + osc.Directories = append(osc.Directories, imageConfig.Directories...) + return osc } diff --git a/pkg/distro/rhel8/images.go b/pkg/distro/rhel8/images.go index 40d309dca8..7a454f6788 100644 --- a/pkg/distro/rhel8/images.go +++ b/pkg/distro/rhel8/images.go @@ -251,6 +251,9 @@ func osCustomizations( osc.GCPGuestAgentConfig = imageConfig.GCPGuestAgentConfig osc.WSLConfig = imageConfig.WSLConfig + osc.Files = append(osc.Files, imageConfig.Files...) + osc.Directories = append(osc.Directories, imageConfig.Directories...) + return osc } diff --git a/pkg/distro/rhel9/images.go b/pkg/distro/rhel9/images.go index 461342f012..e5d56f15c3 100644 --- a/pkg/distro/rhel9/images.go +++ b/pkg/distro/rhel9/images.go @@ -248,6 +248,9 @@ func osCustomizations( osc.GCPGuestAgentConfig = imageConfig.GCPGuestAgentConfig osc.WSLConfig = imageConfig.WSLConfig + osc.Files = append(osc.Files, imageConfig.Files...) + osc.Directories = append(osc.Directories, imageConfig.Directories...) + return osc } From f2400809affacca2fe06346dd56cf5c3fc220a2c Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Fri, 8 Sep 2023 17:53:31 +0200 Subject: [PATCH 11/11] distro: add a kickstart file to /root for minimal-raw images Currently initial-setup requires a kickstart file in the /root directory to work. Adding a temporary file node to the image config for minimal-raw images so that initial-setup runs and a user can be created if necessary. The minimal-raw image has no other mechanism for creating a user if one wasn't specified at build time, so we need to be sure that initial-setup runs. --- pkg/distro/fedora/distro.go | 4 ++++ pkg/distro/fedora/images.go | 11 +++++++++++ pkg/distro/rhel8/edge.go | 4 ++++ pkg/distro/rhel8/images.go | 11 +++++++++++ pkg/distro/rhel9/edge.go | 4 ++++ pkg/distro/rhel9/images.go | 11 +++++++++++ 6 files changed, 45 insertions(+) diff --git a/pkg/distro/fedora/distro.go b/pkg/distro/fedora/distro.go index 2e3b8c4de2..8d237aa2d8 100644 --- a/pkg/distro/fedora/distro.go +++ b/pkg/distro/fedora/distro.go @@ -8,6 +8,7 @@ import ( "github.com/osbuild/images/internal/common" "github.com/osbuild/images/internal/environment" + "github.com/osbuild/images/internal/fsnode" "github.com/osbuild/images/internal/oscap" "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/osbuild" @@ -358,6 +359,9 @@ var ( }, defaultImageConfig: &distro.ImageConfig{ EnabledServices: minimalRawServices, + // NOTE: temporary workaround for a bug in initial-setup that + // requires a kickstart file in the root directory. + Files: []*fsnode.File{initialSetupKickstart()}, }, rpmOstree: false, kernelOptions: defaultKernelOptions, diff --git a/pkg/distro/fedora/images.go b/pkg/distro/fedora/images.go index 19b64a00a8..7f9040633e 100644 --- a/pkg/distro/fedora/images.go +++ b/pkg/distro/fedora/images.go @@ -6,6 +6,7 @@ import ( "github.com/osbuild/images/internal/common" "github.com/osbuild/images/internal/fdo" + "github.com/osbuild/images/internal/fsnode" "github.com/osbuild/images/internal/ignition" "github.com/osbuild/images/internal/oscap" "github.com/osbuild/images/internal/users" @@ -687,3 +688,13 @@ func makeOSTreePayloadCommit(options *ostree.ImageOptions, defaultRef string) (o RHSM: options.RHSM, }, nil } + +// initialSetupKickstart returns the File configuration for a kickstart file +// that's required to enable initial-setup to run on first boot. +func initialSetupKickstart() *fsnode.File { + file, err := fsnode.NewFile("/root/anaconda-ks.cfg", nil, "root", "root", []byte("# Run initial-setup on first boot\n# Created by osbuild\nfirstboot --reconfig\n")) + if err != nil { + panic(err) + } + return file +} diff --git a/pkg/distro/rhel8/edge.go b/pkg/distro/rhel8/edge.go index 0be5e6d57b..f19ffd2fce 100644 --- a/pkg/distro/rhel8/edge.go +++ b/pkg/distro/rhel8/edge.go @@ -4,6 +4,7 @@ import ( "fmt" "github.com/osbuild/images/internal/common" + "github.com/osbuild/images/internal/fsnode" "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/platform" "github.com/osbuild/images/pkg/rpmmd" @@ -150,6 +151,9 @@ func minimalRawImgType(rd distribution) imageType { }, defaultImageConfig: &distro.ImageConfig{ EnabledServices: minimalrawServices(rd), + // NOTE: temporary workaround for a bug in initial-setup that + // requires a kickstart file in the root directory. + Files: []*fsnode.File{initialSetupKickstart()}, }, rpmOstree: false, kernelOptions: "ro", diff --git a/pkg/distro/rhel8/images.go b/pkg/distro/rhel8/images.go index 7a454f6788..cb7ca63bc7 100644 --- a/pkg/distro/rhel8/images.go +++ b/pkg/distro/rhel8/images.go @@ -5,6 +5,7 @@ import ( "math/rand" "github.com/osbuild/images/internal/fdo" + "github.com/osbuild/images/internal/fsnode" "github.com/osbuild/images/internal/ignition" "github.com/osbuild/images/internal/oscap" "github.com/osbuild/images/internal/users" @@ -602,3 +603,13 @@ func makeOSTreePayloadCommit(options *ostree.ImageOptions, defaultRef string) (o RHSM: options.RHSM, }, nil } + +// initialSetupKickstart returns the File configuration for a kickstart file +// that's required to enable initial-setup to run on first boot. +func initialSetupKickstart() *fsnode.File { + file, err := fsnode.NewFile("/root/anaconda-ks.cfg", nil, "root", "root", []byte("# Run initial-setup on first boot\n# Created by osbuild\nfirstboot --reconfig\nlang en_US.UTF-8\n")) + if err != nil { + panic(err) + } + return file +} diff --git a/pkg/distro/rhel9/edge.go b/pkg/distro/rhel9/edge.go index 29067a6c6c..bea68f8bdc 100644 --- a/pkg/distro/rhel9/edge.go +++ b/pkg/distro/rhel9/edge.go @@ -5,6 +5,7 @@ import ( "github.com/osbuild/images/internal/common" "github.com/osbuild/images/internal/environment" + "github.com/osbuild/images/internal/fsnode" "github.com/osbuild/images/pkg/disk" "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/osbuild" @@ -186,6 +187,9 @@ var ( defaultImageConfig: &distro.ImageConfig{ EnabledServices: minimalrawServices, SystemdUnit: systemdUnits, + // NOTE: temporary workaround for a bug in initial-setup that + // requires a kickstart file in the root directory. + Files: []*fsnode.File{initialSetupKickstart()}, }, rpmOstree: false, kernelOptions: "ro", diff --git a/pkg/distro/rhel9/images.go b/pkg/distro/rhel9/images.go index e5d56f15c3..4cbcd85299 100644 --- a/pkg/distro/rhel9/images.go +++ b/pkg/distro/rhel9/images.go @@ -6,6 +6,7 @@ import ( "github.com/osbuild/images/internal/common" "github.com/osbuild/images/internal/fdo" + "github.com/osbuild/images/internal/fsnode" "github.com/osbuild/images/internal/ignition" "github.com/osbuild/images/internal/oscap" "github.com/osbuild/images/internal/users" @@ -650,3 +651,13 @@ func makeOSTreePayloadCommit(options *ostree.ImageOptions, defaultRef string) (o RHSM: options.RHSM, }, nil } + +// initialSetupKickstart returns the File configuration for a kickstart file +// that's required to enable initial-setup to run on first boot. +func initialSetupKickstart() *fsnode.File { + file, err := fsnode.NewFile("/root/anaconda-ks.cfg", nil, "root", "root", []byte("# Run initial-setup on first boot\n# Created by osbuild\nfirstboot --reconfig\nlang en_US.UTF-8\n")) + if err != nil { + panic(err) + } + return file +}