| Age | Commit message (Collapse) | Author |
|---|
|
Unless passwd is installed, shadow is not enabled. That is, shadow being
enabled is not a boolean. It can be enabled per user and systemd enables
it for its own users, so shadow exists, but may not contain the root
user. Thus the password deletion logic need a bit more fancyness for
covering systems that lack the passwd package.
|
|
The jessie test was broken by apt defaulting to sqv in the sense that
mmdebstrap's gpgvnoexpkeysig requires gpgv, but it no longer is being
installed. The earlier error message was not diagnosing this, but
Johannes Schauer Marin Rodrigues kindly debugged and fixed that on the
mmdebstrap side. Thanks! Now with a proper error message, a missing gpgv
can be easily addressed. apt will still prefer sqv for everything but
jessie.
|
|
That package is fairly recent and does not exist in bookworm. On the
flip side, it more accurately expresses what we want as debvm-run
actually prefers the qemu-ARCH executable name over the kvm name.
|
|
|
|
loong64 does not yet have a qemu package that provides qemu-kvm, but we
really don't need kvm. All we need is the right qemu binary.
|
|
The native test really wants to run kvm (whether it uses kvm or tcg is
another question), but debvm only depends on qemu-kvm | qemu-system-any.
The latter alternative is of little use for the test and makes it fail.
|
|
Enable amd64 for i386 in current releases.
|
|
|
|
It's already a dependency in debian/control, but was missing from the
README.
Reported-by: Vasyl Vavrychuk
Closes: #18
|
|
|
|
While using the --prefix option is great, it's only available in trixie.
Hence, revert back to sed, this time getting the quoting right (by
avoiding backslashes using character sequences) and also apply to all
lines of the file as systemd seems to be adding users to the front.
Reported-by: Vasyl Vavrychuk
Fixes: 984a1155456d ("debvm-create: revert back to passwd for deleting the root password")
Closes: #17
|
|
We should avoid --root as that will chroot and load libraries. The sed
solution somehow didn't work due to a quoting issue. What we can use is
passed --prefix as that avoids loading libraries and explicitly does not
support NIS and LDAP, which we don't need here.
Reported-by: Vasyl Vavrychuk
Thanks: Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
Fixes: e4ecc7f745c5 ("debvm-create: avoid using passwd --delete")
Closes: #17
|
|
passwd will chroot() into the target tree and then load shared
libraries. This tends to work badly for old releases and for foreign
architectures or combinations thereof. As a result, it sometimes fails
with
Cannot determine your user name.
In practice, it removes a single asterisk from the first line of
/etc/shadow (at least for jessie to trixie). This is something, we can
also do via sed.
Reported-by: Sylvain Beucler <beuc@debian.org>
Fixes: d2d8b9965d39 ("debvm-create: avoid failing when we install no passwd")
|
|
The --transport option was added in the middle of the --skip
documentation.
Fixes: d927a5e0cee2 ("debvm-run: add --transport option")
|
|
useraddhook: support autologin for greetd/sway
See merge request helmutg/debvm!46
|
|
|
|
|
|
login has become non-essential and autologin simply respawns
indefinitely when login is not installed. We better install it
explicitly and that works on all releases. If we are only interested in
logging in via ssh (and thus --skip=autologin), no login package is
needed.
|
|
Improve the useradd hook
See merge request helmutg/debvm!41
|
|
USERNAME has uses beyond e.g. in a Windows context, so avoid that. Then
again, this hook may be useful beyond debvm and is installed to
/usr/share/mmdebstrap, so don't use a DEBVM_ prefix either.
Reported-by: Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
|
|
tests/create-and-run.sh: Increase timeout by 300 seconds (for ppc64el)
See merge request helmutg/debvm!42
|
|
debvm-create: Increase default VM size to 2G
See merge request helmutg/debvm!43
|
|
The Ubuntu 24.04 (noble) image is 1.1G in size and an image size of 1 GB
does not fit it.
```
$ du -ht 50M /
77M /boot
56M /usr/lib/x86_64-linux-gnu
106M /usr/lib/modules/6.8.0-31-generic/kernel/drivers
147M /usr/lib/modules/6.8.0-31-generic/kernel
154M /usr/lib/modules/6.8.0-31-generic
154M /usr/lib/modules
78M /usr/lib/firmware/mellanox
72M /usr/lib/firmware/mrvl/prestera
78M /usr/lib/firmware/mrvl
59M /usr/lib/firmware/qcom
481M /usr/lib/firmware
721M /usr/lib
780M /usr
86M /var/lib/dpkg
170M /var/lib/apt/lists
170M /var/lib/apt
257M /var/lib
266M /var
1.1G /
```
Increase the default VM size to 2G.
LP: #2064921
|
|
On Ubuntu ppc64el falls back to tcg which is slow and needs an increased
timout.
LP: #2046544
|
|
|
|
|
|
|
|
|
|
|
|
Lintian: spelling-error-in-changelog
|
|
|
|
|
|
|
|
What was named bus earlier is called transport in qemu and we should
name it the same way when exposing it.
|
|
Depending on the machine type, devices reside on different buses. For
most vms, we use the pci bus, but m68k uses the virtio ("device") bus.
Also if we were to use an x86 microvm, we'd also use virtio. This is
common to all devices and we can abstract it into a $BUS.
|
|
|
|
Reported-by: Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
|
|
With the change from genext2fs to mkfs.ext4, we no longer create an
intermediate tar archive and thus no longer create device nodes if using
unshare. Thus our output is slightly unreproducible. At the same time,
we never need devices, because /dev is mounted as devtmpfs. Hence, we
unconditionally skip them and thus improve reproducibility.
Reported-by: Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
|
|
We were truncating the output file after generating it. Instead, split
the logic and create the file prior to running mmdebstrap to make
permission failures fail early.
|
|
In a CI-environment such as salsa-ci, we tend to run as root and want
--mode=root rather than --mode=unshare.
|
|
Why?
genext2fs is slow. It has O(n^2) behaviour, which becomes annoying with
larger filesystems. It also creates an ext2 image and we have to upgrade
it to ext4 in multiple steps. Even then, the image has an inode size of
128, which is incompatible with 2038 and does not allow storing
sub-second precision time stamps.
How?
We use mkfs.ext4 from e2fsprogs (which is required anyway) instead.
Running this from within a --customize-hook does not work, because the
user namespace used for the hook often has no privileges to write to the
output image. Instead, we now ask mmdebstrap to output to a directory
and create the filesystem separately. We construct a special namespace
that has both access to the tree and to the output image and perform the
mkfs.ext4 there. As a consequence, we no longer support any mode but
unshare and since mkfs.ext4 consumes the size parameter, the size syntax
is reduced a bit.
|
|
|
|
|
|
When kvm works, passing "max" will get us "host" as before. When it does
not, "host" doesn't work at all, but "max" will somewhat.
Suggested-by: Michael Tokarev <mjt@tls.msk.ru>
|
|
Since recent qemu, a non-lpae kernel cannot boot a highmem-enabled
virtual machine. A typical failure is:
pci-host-generic 4010000000.pcie: can't claim ECAM area [mem 0x10000000-0x1fffffff]: address conflict with pcie@10000000 [mem 0x10000000-0x3efeffff]
Since the default kernel image is non-lpae, we disable highmem by
default.
Link: https://lists.nongnu.org/archive/html/qemu-devel/2024-01/msg01444.html
Thanks: Michael Tokarev <mjt@tls.msk.ru>
|
|
Reported-by: Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
|
|
Suggested-by: Paul Gevers <elbrus@debian.org>
|
|
There was a bug that would cause setterm to randomly enable O_ASYNC on
the console due to the use of uninitialized memory. As a consequence,
any keystroke would raise SIGIO and kill the shell. Since setterm is a
convenience feature and killing the shell is bad, disable it for earlier
versions.
Reported-by: Emanuele Rocca <ema@debian.org>
Thanks: Chris Hofstaedtler <zeha@debian.org>
|
|
|
|
When mmdebstrap fails, it kills its child processes by killing its
process group. This is harmless in many cases. For instance, when run
from an interactive shell, the shell creates a process group. When run
with user namespaces as non-root, not being root limits the possible
damage. But when run as root from autopkgtest, mmdebstrap runs in the
initial process group and takes down the entire lxc container. Using
setsid, we can isolate the container from this killpg call.
|
