From f45b16d7b994208f488829818575d397cf1e6492 Mon Sep 17 00:00:00 2001 From: Helmut Grohne Date: Thu, 12 Jun 2025 22:11:41 +0200 Subject: debefivm-create: clean up unreproducible files These files are normally deleted by mmdebstrap. However, debefivm-create invokes mkfs.ext4 itself and thereby implicitly skips all cleanup actions normally done by mmdebstrap. This happens to include the truncation of /etc/machine-id and that results in non-reproducibility as well as reused images sharing a machine-id even though they should never do that. Reported-by: Stefano Rivera Closes: #1107719 --- bin/debefivm-create | 2 ++ 1 file changed, 2 insertions(+) (limited to 'bin') diff --git a/bin/debefivm-create b/bin/debefivm-create index 1c03be5..f6368df 100755 --- a/bin/debefivm-create +++ b/bin/debefivm-create @@ -415,6 +415,8 @@ set -- "$@" \ "--customize-hook=download vmlinuz '$WORKDIR/kernel'" \ "--customize-hook=download initrd.img '$WORKDIR/initrd'" \ "--customize-hook=download '/usr/lib/systemd/boot/efi/linux$EFIARCH.efi.stub' '$WORKDIR/stub'" \ + '--customize-hook=rm -f "$1/etc/apt/apt.conf.d/00mmdebstrap" "$1/etc/apt/apt.conf.d/99debconf" "$1/var/cache/ldconfig/aux-cache" "$1/var/lib/dbus/machine-id" "$1/var/log/alternatives.log" "$1/var/log/apt/eipp.log.xz" "$1/var/log/apt/history.log" "$1/var/log/apt/term.log" "$1/var/log/dpkg.log"' \ + '--customize-hook=truncate -s 0 "$1/etc/machine-id"' \ '--customize-hook=mount --bind "$1" "$1/mnt"' \ '--customize-hook=mount -t tmpfs tmpfs "$1/mnt/dev" -o mode=0755' \ '--customize-hook=rm -f "$1/usr/sbin/policy-rc.d"' \ -- cgit v1.2.3 From a7d8ecc4387619f88ff803a0bee79e4a44490ec9 Mon Sep 17 00:00:00 2001 From: Helmut Grohne Date: Thu, 12 Jun 2025 22:19:43 +0200 Subject: debefivm-run: fix parsing of --efi-vars option The option would previously cause an error message scrolling by and proceed as if the option wasn't given. --- bin/debefivm-run | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'bin') diff --git a/bin/debefivm-run b/bin/debefivm-run index c93d7d2..50e87de 100755 --- a/bin/debefivm-run +++ b/bin/debefivm-run @@ -165,14 +165,22 @@ while getopts :a:gi:s:-: OPTCHAR; do graphical|help) "opt_$OPTARG" ;; - architecture|efi-vars|image|netopt|skip|sshport|transport) + architecture|image|netopt|skip|sshport|transport) test "$OPTIND" -gt "$#" && usage_error "missing argument for --$OPTARG" "opt_$OPTARG" "$(nth_arg "$OPTIND" "$@")" OPTIND=$((OPTIND+1)) ;; - architecture=*|efi-vars=*|image=*|netopt=*|skip=*|sshport=*|transport=*) + efi-vars) + test "$OPTIND" -gt "$#" && usage_error "missing argument for --$OPTARG" + opt_efi_vars "$(nth_arg "$OPTIND" "$@")" + OPTIND=$((OPTIND+1)) + ;; + architecture=*|image=*|netopt=*|skip=*|sshport=*|transport=*) "opt_${OPTARG%%=*}" "${OPTARG#*=}" ;; + efi-vars=*) + opt_efi_vars "${OPTARG#*=}" + ;; *) usage_error "unrecognized option --$OPTARG" ;; -- cgit v1.2.3