Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package transactional-update for openSUSE:Factory checked in at 2024-08-27 19:38:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/transactional-update (Old) and /work/SRC/openSUSE:Factory/.transactional-update.new.2698 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "transactional-update" Tue Aug 27 19:38:15 2024 rev:110 rq:1196137 version:4.8.0 Changes: -------- --- /work/SRC/openSUSE:Factory/transactional-update/transactional-update.changes 2024-07-17 15:14:34.728813590 +0200 +++ /work/SRC/openSUSE:Factory/.transactional-update.new.2698/transactional-update.changes 2024-08-27 19:38:17.401825776 +0200 @@ -1,0 +2,14 @@ +Mon Aug 26 22:31:13 UTC 2024 - Ignaz Forster <ifors...@suse.com> + +- Version 4.8.0 + - Add sd-boot (systemd-boot) support for most commands + - Add support for specifying migration arguments + [gh#openSUSE/transactional-update#127] + - Support kdump setup on platforms without kdump high/low + settings (e.g. S/390 or PPC64le [bsc#1229138] + - Preserve current working directory if possible when entering + transactional-update environment [bsc#1227452]; also adds the + current path to the Bash prompt + - Fix plugin system to support special characters in commands + +------------------------------------------------------------------- Old: ---- transactional-update-4.7.0.tar.gz New: ---- transactional-update-4.8.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ transactional-update.spec ++++++ --- /var/tmp/diff_new_pack.pDtGvv/_old 2024-08-27 19:38:17.905847060 +0200 +++ /var/tmp/diff_new_pack.pDtGvv/_new 2024-08-27 19:38:17.909847229 +0200 @@ -26,7 +26,7 @@ %{!?_distconfdir: %global _distconfdir %{_prefix}%{_sysconfdir}} Name: transactional-update -Version: 4.7.0 +Version: 4.8.0 Release: 0 Summary: Transactional Updates with btrfs and snapshots License: GPL-2.0-or-later AND LGPL-2.1-or-later ++++++ transactional-update-4.7.0.tar.gz -> transactional-update-4.8.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/NEWS new/transactional-update-4.8.0/NEWS --- old/transactional-update-4.7.0/NEWS 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/NEWS 2024-08-27 00:19:25.000000000 +0200 @@ -2,6 +2,17 @@ Copyright (C) 2016-2024 Thorsten Kukuk, Ignaz Forster et al. +Version 4.8.0 (2024-08-26) +* Add sd-boot (systemd-boot) support for most commands +* Add support for specifying migration arguments + [gh#openSUSE/transactional-update#127] +* Support kdump setup on platforms without kdump high/low settings (e.g. + S/390 or PPC64le [bsc#1229138] +* Preserve current working directory if possible when entering + transactional-update environment [bsc#1227452]; also adds the current path + to the Bash prompt +* Fix plugin system to support special characters in commands + Version 4.7.0 (2024-07-04) * Add plugin mechanism It's now possible to hook into API functions with custom plugins; see diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/configure.ac new/transactional-update-4.8.0/configure.ac --- old/transactional-update-4.7.0/configure.ac 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/configure.ac 2024-08-27 00:19:25.000000000 +0200 @@ -1,11 +1,11 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT(transactional-update, 4.7.0) +AC_INIT(transactional-update, 4.8.0) # Increase on any interface change and reset revision LIBTOOL_CURRENT=6 # On interface change increase if backwards compatible, reset otherwise LIBTOOL_AGE=2 # Increase on *any* C/C++ library code change, reset at interface change -LIBTOOL_REVISION=0 +LIBTOOL_REVISION=1 AC_CANONICAL_SYSTEM AM_INIT_AUTOMAKE([foreign]) AC_CONFIG_FILES([tukit.pc]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/BlsEntry.cpp new/transactional-update-4.8.0/lib/BlsEntry.cpp --- old/transactional-update-4.7.0/lib/BlsEntry.cpp 1970-01-01 01:00:00.000000000 +0100 +++ new/transactional-update-4.8.0/lib/BlsEntry.cpp 2024-08-27 00:19:25.000000000 +0200 @@ -0,0 +1,32 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +/* SPDX-FileCopyrightText: 2024 SUSE LLC */ + +#include "BlsEntry.hpp" +#include "Util.hpp" +#include <fstream> +#include <string> + +namespace TransactionalUpdate { + +std::pair<std::string, std::string> BlsEntry::parse_bls_entry(std::string path) { + std::ifstream is(path); + std::string str; + std::string kernel; + std::string initrd; + while(getline(is, str)) + { + Util::trim(str); + const auto LINUX_NEEDLE = std::string{"linux "}; + const auto INITRD_NEEDLE = std::string{"initrd "}; + if (str.substr(0, LINUX_NEEDLE.size()) == LINUX_NEEDLE) { + kernel = str.substr(LINUX_NEEDLE.size(), std::string::npos); + Util::trim(kernel); + } else if (str.substr(0, INITRD_NEEDLE.size()) == INITRD_NEEDLE){ + initrd = str.substr(INITRD_NEEDLE.size(), std::string::npos); + Util::trim(initrd); + } + } + return std::pair(kernel, initrd); +} + +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/BlsEntry.hpp new/transactional-update-4.8.0/lib/BlsEntry.hpp --- old/transactional-update-4.7.0/lib/BlsEntry.hpp 1970-01-01 01:00:00.000000000 +0100 +++ new/transactional-update-4.8.0/lib/BlsEntry.hpp 2024-08-27 00:19:25.000000000 +0200 @@ -0,0 +1,23 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +/* SPDX-FileCopyrightText: 2024 SUSE LLC */ + +/* + Helper class + */ + +#ifndef T_U_BLS_ENTRY_H +#define T_U_BLS_ENTRY_H + +#include <string> +#include <utility> + +namespace TransactionalUpdate { + +struct BlsEntry { + /// Parse a valid bls entry and return the pair of its kernel and initrd + static std::pair<std::string, std::string> parse_bls_entry(std::string path); +}; + +} // namespace TransactionalUpdate + +#endif // T_U_UTIL_H diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/Makefile.am new/transactional-update-4.8.0/lib/Makefile.am --- old/transactional-update-4.7.0/lib/Makefile.am 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/lib/Makefile.am 2024-08-27 00:19:25.000000000 +0200 @@ -3,14 +3,15 @@ libtukit_la_SOURCES=Transaction.cpp \ SnapshotManager.cpp Snapshot/Snapper.cpp \ Mount.cpp Overlay.cpp Reboot.cpp Configuration.cpp \ - Util.cpp Supplement.cpp Plugins.cpp Bindings/CBindings.cpp + Util.cpp Supplement.cpp Plugins.cpp Bindings/CBindings.cpp \ + BlsEntry.cpp publicheadersdir=$(includedir)/tukit publicheaders_HEADERS=Transaction.hpp \ SnapshotManager.hpp Reboot.hpp \ Bindings/libtukit.h noinst_HEADERS=Snapshot/Snapper.hpp Snapshot.hpp \ Mount.hpp Overlay.hpp Log.hpp Configuration.hpp \ - Util.hpp Supplement.hpp Exceptions.hpp Plugins.hpp + Util.hpp Supplement.hpp Exceptions.hpp Plugins.hpp BlsEntry.hpp libtukit_la_CPPFLAGS=-DPREFIX=\"$(prefix)\" -DCONFDIR=\"$(sysconfdir)\" $(ECONF_CFLAGS) $(LIBMOUNT_CFLAGS) $(SELINUX_CFLAGS) libtukit_la_LDFLAGS=$(ECONF_LIBS) $(LIBMOUNT_LIBS) $(SELINUX_LIBS) \ -version-info $(LIBTOOL_CURRENT):$(LIBTOOL_REVISION):$(LIBTOOL_AGE) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/Plugins.cpp new/transactional-update-4.8.0/lib/Plugins.cpp --- old/transactional-update-4.7.0/lib/Plugins.cpp 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/lib/Plugins.cpp 2024-08-27 00:19:25.000000000 +0200 @@ -7,6 +7,7 @@ #include "Log.hpp" #include "Plugins.hpp" #include "Util.hpp" +#include <regex> #include <set> #include <unistd.h> @@ -81,8 +82,11 @@ int i = 0; while (argv != nullptr && argv[i]) { - args.append(" "); - args.append(argv[i++]); + std::string param = argv[i++]; + param = std::regex_replace(param, std::regex("'"), "'\"'\"'"); + args.append(" '"); + args.append(param); + args.append("'"); } run(stage, args); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/Reboot.cpp new/transactional-update-4.8.0/lib/Reboot.cpp --- old/transactional-update-4.7.0/lib/Reboot.cpp 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/lib/Reboot.cpp 2024-08-27 00:19:25.000000000 +0200 @@ -6,6 +6,7 @@ */ #include "Reboot.hpp" +#include "BlsEntry.hpp" #include "Configuration.hpp" #include "Exceptions.hpp" #include "Log.hpp" @@ -63,7 +64,24 @@ sm->getDefault(); std::unique_ptr<Snapshot> defaultSnap = sm->open(sm->getDefault()); - command = "kexec --kexec-syscall-auto -l " + std::string(defaultSnap->getRoot() / "boot" / "vmlinuz") + " --initrd=" + std::string(defaultSnap->getRoot() / "boot" / "initrd") + " --reuse-cmdline;"; + auto kernel = std::string(defaultSnap->getRoot() / "boot" / "vmlinuz"); + auto initrd = std::string(defaultSnap->getRoot() / "boot" / "initrd"); + if (!std::filesystem::exists(kernel)) { + // If /boot/vmlinuz is not found, probably the system is using BLS entries + // BLS entries are outside of snapshots + auto efi = std::filesystem::path("/boot/efi"); + auto bls_entry_path = Util::exec("/usr/bin/sdbootutil list-entries --only-default"); + Util::trim(bls_entry_path); + std::tie(kernel, initrd) = + BlsEntry::parse_bls_entry(efi / "loader" / "entries" / bls_entry_path); + // relative_path strips the path of the root ("/"), otherwise the operator/ + // doesn't work and just returns the value of efi + kernel = efi / std::filesystem::path(kernel).relative_path(); + Util::sanitize_quotes(kernel); + initrd = efi / std::filesystem::path(initrd).relative_path(); + Util::sanitize_quotes(initrd); + } + command = "kexec --kexec-syscall-auto -l '" + kernel + "' --initrd='" + initrd + "' --reuse-cmdline;"; command += "systemctl kexec;"; } else { command += "systemctl reboot;"; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/Transaction.cpp new/transactional-update-4.8.0/lib/Transaction.cpp --- old/transactional-update-4.7.0/lib/Transaction.cpp 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/lib/Transaction.cpp 2024-08-27 00:19:25.000000000 +0200 @@ -404,8 +404,11 @@ } if (inChroot) { - if (chdir(bindDir.c_str()) < 0) { - tulog.info("Warning: Couldn't set working directory: ", std::string(strerror(errno))); + auto currentPathRel = std::filesystem::current_path().relative_path(); + if (!std::filesystem::exists(bindDir / currentPathRel) || chdir((bindDir / currentPathRel).c_str()) < 0) { + if (chdir(bindDir.c_str()) < 0) { + tulog.info("Warning: Couldn't set working directory: ", std::string(strerror(errno))); + } } if (chroot(bindDir.c_str()) < 0) { tulog.error("Chrooting to " + bindDir.native() + " failed: " + std::string(strerror(errno))); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/Util.cpp new/transactional-update-4.8.0/lib/Util.cpp --- old/transactional-update-4.7.0/lib/Util.cpp 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/lib/Util.cpp 2024-08-27 00:19:25.000000000 +0200 @@ -65,4 +65,20 @@ rtrim(s); } +void Util::sanitize_quotes(string &s) { + // Skip empty strings + if (!s.length()) { + return; + } + + std::string::iterator it = s.begin(); + do { + if (*it == '\'') { + it = s.insert(it, '\\'); + // Skip over the new added character + it++; + } + } while (++it != s.end()); +} + } // namespace TransactionalUpdate diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/lib/Util.hpp new/transactional-update-4.8.0/lib/Util.hpp --- old/transactional-update-4.7.0/lib/Util.hpp 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/lib/Util.hpp 2024-08-27 00:19:25.000000000 +0200 @@ -20,6 +20,7 @@ static void rtrim(std::string &s); static void stub(std::string option); static void trim(std::string &s); + static void sanitize_quotes(std::string &s); }; struct CString { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/man/transactional-update.8.xml new/transactional-update-4.8.0/man/transactional-update.8.xml --- old/transactional-update-4.7.0/man/transactional-update.8.xml 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/man/transactional-update.8.xml 2024-08-27 00:19:25.000000000 +0200 @@ -434,12 +434,19 @@ <refsect3 id='i_pkg_commands'><title>Interactive Package Commands</title> <variablelist> <varlistentry> - <term><option>migration</option></term> + <term><option>migration</option> <replaceable>arguments</replaceable></term> <listitem> <para> On systems which are registered against the SUSE Customer Center (SCC) or SMT, a migration to a new version of the installed products can be - made with this option. + made with this option. This command calls <command>zypper migration</command> + with the given <replaceable>arguments</replaceable>. + </para> + <para> + These arguments can be any + <citerefentry project='zypper-migration'><refentrytitle>zypper-migration</refentrytitle><manvolnum>8</manvolnum></citerefentry> + argument, with the exception of "--root", as this is handled by + transactional-update dynamically. </para> </listitem> </varlistentry> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/transactional-update-4.7.0/sbin/transactional-update.in new/transactional-update-4.8.0/sbin/transactional-update.in --- old/transactional-update-4.7.0/sbin/transactional-update.in 2024-07-04 17:18:17.000000000 +0200 +++ new/transactional-update-4.8.0/sbin/transactional-update.in 2024-08-27 00:19:25.000000000 +0200 @@ -24,8 +24,8 @@ EXITCODE=0 VERBOSITY=2 ZYPPER_ARG="" +ZYPPER_ARG_EXTRA=() ZYPPER_NONINTERACTIVE="-y --auto-agree-with-product-licenses" -ZYPPER_ARG_PKGS=() REWRITE_BOOTLOADER=0 REWRITE_GRUB_CFG=0 REWRITE_GRUB_CFG_NO_REBOOT=0 @@ -169,7 +169,7 @@ echo "dist-upgrade, dup Call 'zypper dup' (n)" echo "update, up Call 'zypper up' (n)" echo "patch Call 'zypper patch' (n)" - echo "migration Updates systems registered via SCC / SMT (i)" + echo "migration ... Updates systems registered via SCC / SMT (i)" echo "pkg install|in ... Install individual packages (i)" echo "pkg remove|rm ... Remove individual packages (i)" echo "pkg update|up ... Updates individual packages (i)" @@ -266,6 +266,11 @@ fi } +# Check if the system is using a BLS-compatible bootloader +is_bls() { + [ -e "/usr/bin/sdbootutil" ] && /usr/bin/sdbootutil is-installed +} + rebuild_kdump_initrd() { if tukit -q call "$1" systemctl is-enabled --quiet kdump.service; then tukit ${TUKIT_OPTS} call "$1" /sbin/mkdumprd |& tee -a ${LOGFILE} 1>&${origstdout} @@ -848,6 +853,21 @@ ORIG_ARGS=("$@") +parse_zypper_args_extra() { + while [ 1 ]; do + if [ $# -eq 0 ]; then + break; + else + if [ "$1" == "--root" ]; then + log_error "ERROR: You cannot set '--root' in transactional-update." + quit 1 + fi + ZYPPER_ARG_EXTRA+=("$1"); + shift + fi + done +} + parse_args() { while [ 1 ]; do if [ $# -eq 0 ]; then @@ -917,14 +937,8 @@ usage 1 fi - while [ 1 ]; do - if [ $# -eq 0 ]; then - break; - else - ZYPPER_ARG_PKGS+=("$1"); - shift - fi - done + parse_zypper_args_extra "$@" + break ;; migration) DO_MIGRATION=1 @@ -937,6 +951,9 @@ ZYPPER_NONINTERACTIVE="" fi shift + + parse_zypper_args_extra "$@" + break ;; bootloader) REWRITE_BOOTLOADER=1 @@ -1102,6 +1119,7 @@ esac done } + parse_args "${ORIG_ARGS[@]}" # Duplicate stdout before creating custom handlers @@ -1126,9 +1144,9 @@ # Check if we need to install packages fipspattern="$(rpm -q --whatprovides 'pattern()' --provides | grep '^pattern() = fips$')" if [ -z "${fipspattern}" ]; then - ZYPPER_ARG_PKGS+=("pattern() = fips") + ZYPPER_ARG_EXTRA+=("pattern() = fips") fi - if [ ${#ZYPPER_ARG_PKGS[@]} -ne 0 ]; then + if [ ${#ZYPPER_ARG_EXTRA[@]} -ne 0 ]; then ZYPPER_ARG="install" fi REWRITE_INITRD=1 @@ -1149,9 +1167,9 @@ fi # Check if we need to install packages for pkg in selinux-policy-targeted container-selinux; do - rpm -q --quiet ${pkg} || ZYPPER_ARG_PKGS+=("${pkg}") + rpm -q --quiet ${pkg} || ZYPPER_ARG_EXTRA+=("${pkg}") done - if [ ${#ZYPPER_ARG_PKGS[@]} -ne 0 ]; then + if [ ${#ZYPPER_ARG_EXTRA[@]} -ne 0 ]; then ZYPPER_ARG="install" fi REWRITE_INITRD=1 @@ -1170,9 +1188,9 @@ fi # Check if we need to install packages for pkg in kdump; do - rpm -q --quiet ${pkg} || ZYPPER_ARG_PKGS+=("${pkg}") + rpm -q --quiet ${pkg} || ZYPPER_ARG_EXTRA+=("${pkg}") done - if [ ${#ZYPPER_ARG_PKGS[@]} -ne 0 ]; then + if [ ${#ZYPPER_ARG_EXTRA[@]} -ne 0 ]; then ZYPPER_ARG="install" fi REBUILD_KDUMP_INITRD=1 @@ -1432,6 +1450,50 @@ fi fi +# Certain actions should happen outside the transaction when we are +# using systemd-boot or grub2bls +if is_bls; then + if [ ${REWRITE_BOOTLOADER} = 1 ]; then + # NOTE: pbl has partial support of BLS. It will replace the + # shim bootloader, so for now we make a call of sdbootutil + # directly (bsc#1228864) + sdbootutil update |& tee -a ${LOGFILE} 1>&${origstdout} + if [ $? -ne 0 ]; then + log_error "ERROR: sdbootutil update failed!" + EXITCODE=1; + fi + # Drop the command from the execution chain + REWRITE_BOOTLOADER=0 + fi + + if [ ${REWRITE_GRUB_CFG} = 1 ] || [ ${REWRITE_GRUB_CFG_NO_REBOOT} = 1 ]; then + # The first GRUB configuration file in grub2bls is embedded in + # the EFI file, and the second one that contains the menu + # entries is generated dinamically by the new `blscfg` GRUB2 + # command. Also there is no configuration file to generate if + # systemd-boot is used. + REWRITE_GRUB_CFG=0 + REWRITE_GRUB_CFG_NO_REBOOT=0 + fi + + if [ ${REWRITE_INITRD} = 1 ]; then + sdbootutil mkinitrd |& tee -a ${LOGFILE} 1>&${origstdout} + if [ $? -ne 0 ]; then + log_error "ERROR: sdbootutil mkinitrd failed!" + EXITCODE=1; + fi + # Drop the command from the execution chain + REWRITE_INITRD=0 + fi + + if [ ${REBUILD_KDUMP_INITRD} = 1 ]; then + # mkinitrd depends on pbl, so it will fail (bsc#1226676) + log_info "WARNING: mkdumprd fails for this bootloader" + REBUILD_KDUMP_INITRD=0 + SETUP_KDUMP=0 + fi +fi + if [ -n "${ZYPPER_ARG}" -o ${REWRITE_GRUB_CFG} -eq 1 \ -o ${REWRITE_INITRD} -eq 1 -o ${REBUILD_KDUMP_INITRD} -eq 1 \ -o ${RUN_SHELL} -eq 1 -o ${DO_RUN} -eq 1 \ @@ -1471,7 +1533,7 @@ if [ ${DO_MIGRATION} -eq 1 ]; then # transactional-update migration export DISABLE_RESTART_ON_UPDATE=yes - tukit ${TUKIT_OPTS} callext "${SNAPSHOT_ID}" zypper ${ZYPPER_ARG} --root {} ${ZYPPER_NONINTERACTIVE} "${ZYPPER_ARG_PKGS[@]}" |& tee -a ${LOGFILE} 1>&${origstdout} + tukit ${TUKIT_OPTS} callext "${SNAPSHOT_ID}" zypper ${ZYPPER_ARG} --root {} ${ZYPPER_NONINTERACTIVE} "${ZYPPER_ARG_EXTRA[@]}" |& tee -a ${LOGFILE} 1>&${origstdout} RETVAL=${PIPESTATUS[0]} else if [ ${DO_CALLEXT} -eq 1 ]; then @@ -1481,7 +1543,7 @@ fi # Check if there are updates at all. TMPFILE=`mktemp ${TMPDIR}/transactional-update.XXXXXXXXXX` - ${zypper_cmd} --xmlout ${ZYPPER_ARG} -y --auto-agree-with-product-licenses --dry-run "${ZYPPER_ARG_PKGS[@]}" > ${TMPFILE} + ${zypper_cmd} --xmlout ${ZYPPER_ARG} -y --auto-agree-with-product-licenses --dry-run "${ZYPPER_ARG_EXTRA[@]}" > ${TMPFILE} PACKAGE_UPDATES=`grep "install-summary download-size" ${TMPFILE} | sed -e 's|.*install-summary download-size=\"\(.*\)\" space-usage-diff.*|\1|g'` SIZE_OF_UPDATES=`grep "install-summary.*space-usage-diff" ${TMPFILE} | sed -e 's|.*install-summary.*space-usage-diff=\"\([^"]*\)\".*|\1|g'` NUM_OF_UPDATES=`grep "install-summary.*packages-to-change" ${TMPFILE} | sed -e 's|.*install-summary.*packages-to-change=\"\([^"]*\)\".*|\1|g'` @@ -1498,7 +1560,7 @@ fi export DISABLE_RESTART_ON_UPDATE=yes - ${zypper_cmd} ${ZYPPER_ARG} ${ZYPPER_NONINTERACTIVE} "${ZYPPER_ARG_PKGS[@]}" |& tee -a ${LOGFILE} 1>&${origstdout} + ${zypper_cmd} ${ZYPPER_ARG} ${ZYPPER_NONINTERACTIVE} "${ZYPPER_ARG_EXTRA[@]}" |& tee -a ${LOGFILE} 1>&${origstdout} RETVAL=${PIPESTATUS[0]} if [ \( $RETVAL -eq 0 -o $RETVAL -eq 102 -o $RETVAL -eq 103 \) -a -n "${INCLUDES_KERNEL_PACKAGES}" ]; then ${zypper_cmd} -n purge-kernels |& tee -a ${LOGFILE} @@ -1522,7 +1584,7 @@ fi if [ $RETVAL -eq 0 -o $RETVAL -eq 102 -o $RETVAL -eq 103 -o \( $DO_DUP -eq 0 -a $RETVAL -eq 106 \) ]; then - REBUILD_KDUMP_INITRD=1 + is_bls || REBUILD_KDUMP_INITRD=1 # check if products are updated and we need to re-register # at next boot. diff -qr /etc/products.d ${SNAPSHOT_DIR}/etc/products.d > /dev/null @@ -1532,7 +1594,7 @@ # Rebuild grub.cfg if /etc/os-release changes, could change grub # menu output, too. cmp -s /etc/os-release ${SNAPSHOT_DIR}/etc/os-release - if [ $? -ne 0 -a -x /usr/sbin/grub2-mkconfig ]; then + if [ $? -ne 0 -a -x /usr/sbin/grub2-mkconfig -a ! is_bls ]; then REWRITE_GRUB_CFG_NO_REBOOT=1 fi source <(grep VERSION_ID ${SNAPSHOT_DIR}/etc/os-release) @@ -1557,20 +1619,30 @@ ETC_BASE="${SNAPSHOT_DIR}" fi if [ ${SETUP_FIPS} -eq 1 ]; then - # Adjust grub configuration + if is_bls; then + grep -q -w fips /etc/kernel/cmdline || \ + tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e 's|$| fips=1|' "/etc/kernel/cmdline" + else + # Adjust grub configuration - # Check if we don't have selinux already enabled. - grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q -w fips || \ - tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 fips=1"|g' "/etc/default/grub" - REWRITE_GRUB_CFG=1 + # Check if we don't have selinux already enabled. + grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q -w fips || \ + tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 fips=1"|g' "/etc/default/grub" + REWRITE_GRUB_CFG=1 + fi fi if [ ${SETUP_SELINUX} -eq 1 ]; then - # Adjust grub configuration + if is_bls; then + grep -q -w fips /etc/kernel/cmdline || \ + tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e 's|$| security=selinux selinux=1|' "/etc/kernel/cmdline" + else + # Adjust grub configuration - # Check if we don't have selinux already enabled. - grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q -w security=selinux || \ - tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 security=selinux selinux=1"|g' "/etc/default/grub" - REWRITE_GRUB_CFG=1 + # Check if we don't have selinux already enabled. + grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q -w security=selinux || \ + tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 security=selinux selinux=1"|g' "/etc/default/grub" + REWRITE_GRUB_CFG=1 + fi if tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" [ ! -e "/etc/selinux/config" ]; then log_error "ERROR: /etc/selinux/config does not exist!" @@ -1592,8 +1664,18 @@ KDUMP_HIGH="$(echo "$KDUMP_CALIBRATION" | grep ^High: | cut -d ' ' -f 2)" fi - tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e '/^GRUB_CMDLINE_LINUX_DEFAULT=/s/ *crashkernel[^ "]\+//g' -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 crashkernel='${KDUMP_LOW}'M,low crashkernel='${KDUMP_HIGH}'M,high"|g' "/etc/default/grub" - REWRITE_GRUB_CFG=1 + if [[ ${KDUMP_HIGH} -gt 0 ]]; then + KDUMP_PARAM="crashkernel=${KDUMP_LOW}M,low crashkernel=${KDUMP_HIGH}M,high" + else + KDUMP_PARAM="crashkernel=${KDUMP_LOW}M" + fi + + if is_bls; then + tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e 's/ *crashkernel[^ "]\+//g' -e 's|$| '"${KDUMP_PARAM}"'|' /etc/kernel/cmdline + else + tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" sed -i -e '/^GRUB_CMDLINE_LINUX_DEFAULT=/s/ *crashkernel[^ "]\+//g' -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 '"${KDUMP_PARAM}"'"|g' "/etc/default/grub" + REWRITE_GRUB_CFG=1 + fi tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" systemctl enable kdump fi @@ -1653,7 +1735,7 @@ if [ ${RUN_SHELL} -eq 1 ]; then log_to_stdout "Opening chroot in snapshot ${SNAPSHOT_ID}, continue with 'exit'" - export PS1="transactional update # " + export PS1="transactional update \\w# " tukit ${TUKIT_OPTS} call "${SNAPSHOT_ID}" bash 1>&${origstdout} 2>&${origstderr} set_reboot_level "reboot" fi