Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package agama-installer for openSUSE:Factory
checked in at 2025-07-23 16:35:55
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/agama-installer (Old)
and /work/SRC/openSUSE:Factory/.agama-installer.new.8875 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "agama-installer"
Wed Jul 23 16:35:55 2025 rev:17 rq:1294905 version:17.0.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/agama-installer/agama-installer.changes
2025-07-01 11:36:15.998573997 +0200
+++
/work/SRC/openSUSE:Factory/.agama-installer.new.8875/agama-installer.changes
2025-07-23 16:39:27.370230623 +0200
@@ -1,0 +2,66 @@
+Mon Jul 21 15:07:42 UTC 2025 - Imobach Gonzalez Sosa <igonzalezs...@suse.com>
+
+- Version 17
+
+-------------------------------------------------------------------
+Mon Jul 21 14:12:22 UTC 2025 - Ancor Gonzalez Sosa <an...@suse.com>
+
+- Disabled udev rules that interfere with the activation process of
+ libstorage-ng (bsc#1246133 and bsc#1245159).
+
+-------------------------------------------------------------------
+Thu Jul 17 21:51:19 UTC 2025 - Ancor Gonzalez Sosa <an...@suse.com>
+
+- Masked some systemd services that interfere with the activation
+ process of libstorage-ng (bsc#1246133).
+
+-------------------------------------------------------------------
+Thu Jul 17 08:08:40 UTC 2025 - Ladislav Slezák <lsle...@suse.com>
+
+- Added "inst.dud_insecure" boot option for ignoring SSL
+ certificate problems when downloading DUD from an HTTPS server
+ (related to bsc#1245393)
+- Skip updating kernel module dependencies if the DUD image does
+ not provide any kernel module
+
+-------------------------------------------------------------------
+Tue Jul 15 16:19:21 UTC 2025 - Ladislav Slezák <lsle...@suse.com>
+
+- Fixed downloading DUD files from HTTPS URL
+ (link the SSL certificates and config from the root image)
+ (bsc#1245393)
+
+-------------------------------------------------------------------
+Mon Jul 14 11:25:22 UTC 2025 - Ladislav Slezák <lsle...@suse.com>
+
+- Use "plaindir" repository type for the DUD package repository,
+ we do not need to create any repository index
+ (gh#agama-project/agama#2543)
+- Automatically configure network when a remote DUD is used,
+ the "rd.neednet=1" boot option is not required anymore
+ (by default uses the DHCP configuration, can be changed via the
+ "ip=" boot option)
+
+-------------------------------------------------------------------
+Thu Jul 10 13:09:26 UTC 2025 - Imobach Gonzalez Sosa <igonzalezs...@suse.com>
+
+- Add support to update kernel modules from a Driver Update Disk
+ (jsc#AGM-158, jsc#PED-3670, gh#agama-project/agama#2548).
+
+-------------------------------------------------------------------
+Wed Jul 9 12:07:21 UTC 2025 - Imobach Gonzalez Sosa <igonzalezs...@suse.com>
+
+- Add the tpm2.0-tools package (jsc#PED-13114).
+
+-------------------------------------------------------------------
+Wed Jul 2 13:28:46 UTC 2025 - Eugenio Paolantonio
<eugenio.paolanto...@suse.com>
+
+- live: fix_bootconfig.s390x: strip CDLABEL from the kiwi-generated
+ grub config (bsc#1245453)
+
+-------------------------------------------------------------------
+Tue Jul 1 15:29:36 UTC 2025 - Bernhard Wiedemann <bwiedem...@suse.com>
+
+- Make agama-installer build more reproducible (boo#1245501)
+
+-------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ agama-installer.kiwi ++++++
--- /var/tmp/diff_new_pack.WJxb8s/_old 2025-07-23 16:39:28.118261515 +0200
+++ /var/tmp/diff_new_pack.WJxb8s/_new 2025-07-23 16:39:28.122261680 +0200
@@ -21,7 +21,7 @@
<profile name="Leap_16.0_PXE" description="openSUSE Leap OEM image for
remote installation" import="true" />
</profiles>
<preferences>
- <version>16.0.0</version>
+ <version>17.0.0</version>
<packagemanager>zypper</packagemanager>
<locale>en_US</locale>
<keytable>us</keytable>
@@ -145,7 +145,7 @@
<package name="agama-web-ui"/>
<package name="agama-cli"/>
<package name="agama-cli-bash-completion"/>
- <package name="agama-auto"/>
+ <package name="agama-autoinstall"/>
<package name="rubygem(agama-yast)"/>
<package name="rubygem(byebug)"/>
<package name="psmisc"/>
@@ -157,12 +157,13 @@
<package name="qrencode"/>
<package name="qemu-guest-agent" />
<package name="aaa_base-extras"/>
- <package name="createrepo_c" />
<!-- it can be used by users in AutoYaST pre-scripts -->
<package name="perl-XML-Simple"/>
<archive name="live-root.tar.xz"/>
<!-- IPMI support -->
<package name="ipmitool" />
+ <!-- jsc#PED-13114 -->
+ <package name="tpm2.0-tools" />
</packages>
<!-- packages for local installation (desktop, browser, etc.) -->
++++++ config-cdroot.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fix_bootconfig.s390x new/fix_bootconfig.s390x
--- old/fix_bootconfig.s390x 2025-06-30 18:04:50.000000000 +0200
+++ new/fix_bootconfig.s390x 2025-07-21 17:15:39.000000000 +0200
@@ -62,6 +62,7 @@
#
boot_dir=$dst/boot/s390x
+grub_dir=$dst/boot/grub2
# if files are in a 'loader' subdir, move them out
if [ -d $boot_dir/loader ] ; then
@@ -150,6 +151,12 @@
'IPL 00C'
XXX
+# Strip CDLABEL from the kiwi-generated grub configuration
+# We are specifying the correct one in /etc/cmdline.d (see config.sh)
+# and having it here might be confusing to repackers such as
+# mksusecd (bsc#1245453)
+sed -i -E 's|root=live:CDLABEL=[^ ]+||g' $grub_dir/grub.cfg
+
# Note:
#
# SUSE installer media also have boot/s390x/zpxe.rexx - a rexx script
++++++ config.sh ++++++
--- /var/tmp/diff_new_pack.WJxb8s/_old 2025-07-23 16:39:28.258267297 +0200
+++ /var/tmp/diff_new_pack.WJxb8s/_new 2025-07-23 16:39:28.262267462 +0200
@@ -16,7 +16,7 @@
# kiwi_metainfo_helper service before starting the build
mkdir -p /var/log/build
cat << EOF > /var/log/build/info
-Build date: $(LC_ALL=C date -u "+%F %T %Z")
+Build date: $(LC_ALL=C date -u -d "@${SOURCE_DATE_EPOCH:-$(date +%s)}" "+%F
%T %Z")
Build number: Build%RELEASE%
Image profile: $kiwi_profiles
Image version: $kiwi_iversion
@@ -24,6 +24,11 @@
Source URL: %SOURCEURL%
EOF
+# for reproducible builds:
+echo -n > /var/log/alternatives.log
+sed -i 's/# AutoInstalled generated.*/# AutoInstalled generated in kiwi
reproducible build/' /var/lib/zypp/AutoInstalled # drop timestamp
+rm /var/tmp/rpm-tmp.*
+
# enable the corresponding repository
DISTRO=$(grep "^NAME" /etc/os-release | cut -f2 -d\= | tr -d '"' | tr " " "_")
REPO="/etc/zypp/repos.d/agama-${DISTRO}.repo"
@@ -54,7 +59,7 @@
systemctl enable agama.service
systemctl enable agama-web-server.service
systemctl enable agama-dbus-monitor.service
-systemctl enable agama-auto.service
+systemctl enable agama-autoinstall.service
systemctl enable agama-hostname.service
systemctl enable agama-proxy-setup.service
systemctl enable agama-certificate-issue.path
@@ -91,6 +96,13 @@
systemctl disable YaST2-Firstboot.service
systemctl disable YaST2-Second-Stage.service
+# Prevent premature activation of LVM (bsc#1246133)
+systemctl mask lvm2-monitor.service
+sed -i 's:# event_activation = 1:event_activation = 0:' /etc/lvm/lvm.conf
+
+# Prevent premature assembly of MD RAIDs (bsc#1245159)
+touch /etc/udev/rules.d/64-md-raid-assembly.rules
+
# the "eurlatgr" is the default font for the English locale
echo -e "\nFONT=eurlatgr.psfu" >> /etc/vconsole.conf
++++++ live-root-PXE.tar.xz ++++++
++++++ live-root.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/usr/bin/agama-dud new/usr/bin/agama-dud
--- old/usr/bin/agama-dud 2025-06-30 18:04:50.000000000 +0200
+++ new/usr/bin/agama-dud 1970-01-01 01:00:00.000000000 +0100
@@ -1,27 +0,0 @@
-#!/bin/sh
-
-# Experimental DUD funtionality for Agama
-#
-# Usage: inst.dud=URI [inst.dud=URI]
-#
-# This is a very simple version of the DUD functionality
-# - There can be multiple inst.dud=URI entries, but...
-# - All of them are considered to be RPMs
-# - The script does not check if downloading succeeded
-# - Or for any deps of the package
-# - Of whether installation/upgrade succeeded
-# - Does not restart itself if the script is updated
-
-# check if there is any DUD
-if ! grep -q "\b\(inst\|agama\)\.dud=.\+\b" /run/agama/cmdline.d/agama.conf;
then
- echo "No DUD present"
- exit 0
-fi
-
-for URI in `sed -n
's/\(.*[[:space:]]\|^\)\(inst\|agama\)\.dud=\([^[:space:]]\+\).*/\3/p'
/run/agama/cmdline.d/agama.conf`; do
- echo "Downloading DUD from" $URI
- TMPDUD=`mktemp /tmp/agama-XXXXXXXXXX.rpm`
- agama download $URI $TMPDUD;
- rpm --upgrade --force --verbose --hash --noverify --nodeps --excludedocs
$TMPDUD
- rm $TMPDUD
-done
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/usr/lib/dracut/modules.d/99agama-dud/agama-dud-apply.sh
new/usr/lib/dracut/modules.d/99agama-dud/agama-dud-apply.sh
--- old/usr/lib/dracut/modules.d/99agama-dud/agama-dud-apply.sh 2025-06-30
18:04:50.000000000 +0200
+++ new/usr/lib/dracut/modules.d/99agama-dud/agama-dud-apply.sh 2025-07-21
17:15:39.000000000 +0200
@@ -2,7 +2,11 @@
[ -e /dracut-state.sh ] && . /dracut-state.sh
+# see /usr/lib/dracut/modules.d/99base/dracut-lib.sh
+# or
https://github.com/dracut-ng/dracut-ng/blob/main/modules.d/80base/dracut-lib.sh
. /lib/dracut-lib.sh
+# see /usr/lib/dracut/modules.d/99img-lib/img-lib.sh
+# or
https://github.com/dracut-ng/dracut-ng/blob/main/modules.d/70img-lib/img-lib.sh
. /lib/img-lib.sh
DUD_DIR="$NEWROOT/run/agama/dud"
@@ -12,22 +16,32 @@
shopt -s nullglob
-# Apply all the updates.
+# Applies all the updates
#
-# Read the URL of the updates from $AGAMA_DUD_INFO and process each one.
+# Reads the URL of the updates from $AGAMA_DUD_INFO and process each one.
apply_updates() {
local file
local dud_url
local dud_root
+ local options
index=0
+ # make sure the HTTPS downloads work correctly
+ configure_ssl
+
+ # ignore SSL problems when the "inst.dud_insecure" or "inst.dud_insecure=1"
boot options are present
+ if getargbool 0 inst.dud_insecure; then
+ echo "WARNING: Disabling SSL checks in DUD downloads"
+ options="--insecure"
+ fi
+
while read -r dud_url; do
mkdir -p "$DUD_DIR"
filename=${dud_url##*/}
file="${DUD_DIR}/${filename}"
# FIXME: use an index because two updates, coming from different places,
can have the same name.
echo "Fetching a Driver Update Disk from $dud_url to ${file}"
- if ! $AGAMA_CLI download "$dud_url" "${file}"; then
+ if ! $AGAMA_CLI download $options "$dud_url" "${file}"; then
warn "Failed to fetch the Driver Update Disk"
continue
fi
@@ -49,8 +63,6 @@
((index++))
done <$AGAMA_DUD_INFO
-
- create_repo "$DUD_RPM_REPOSITORY"
}
# Applies an update from an RPM package
@@ -81,6 +93,7 @@
dud_root=$(echo "${dir}/linux/suse/${arch}"-*)
install_update "${dud_root}/inst-sys"
copy_packages "$dud_root" "$DUD_RPM_REPOSITORY"
+ update_kernel_modules "$dud_root"
}
# Extracts an RPM file
@@ -98,7 +111,7 @@
popd || exit 1
}
-# Applies an update to the installation system.
+# Applies an update to the installation system
#
# Updates are applied by copying files instead of installing packages. For that
# reason, it might be needed to do some adjustments "manually", like settings
@@ -114,7 +127,7 @@
set_alternative "$dud_dir" "agama-proxy-setup"
}
-# Sets the alternative links.
+# Sets the alternative links
set_alternative() {
dud_instsys=$1
name=$2
@@ -123,7 +136,7 @@
executables=("$dud_instsys/usr/bin/${name}.ruby"*-*)
executable=${executables[0]}
- if [ ! -z "$executable" ]; then
+ if [ -n "$executable" ]; then
"$NEWROOT/usr/bin/chroot" "$NEWROOT" /usr/sbin/update-alternatives \
--install "/usr/bin/$name" "$name" "${executable##"$dud_instsys"}"
"$priority"
"$NEWROOT/usr/bin/chroot" "$NEWROOT" /usr/sbin/update-alternatives \
@@ -136,7 +149,7 @@
# This function is mainly a PoC.
#
# This is a simplistic version that just copies all the RPMs to the new
repository.
-# In the future, it might need to put each package under a different
respository depending
+# In the future, it might need to put each package under a different
repository depending
# on the distribution (e.g., "/run/agama/dud/repo/tw" for "x86_64-tw").
copy_packages() {
dud_dir=$1
@@ -149,11 +162,110 @@
done
}
-# Creates the repository metadata.
-create_repo() {
- repo_dir=$1
+# Finds the kernel modules to update
+#
+# It searches for the modules in the modules/ directory of the update.
+find_kernel_modules() {
+ local directory=$1
+ local -n modules=$2
+ local module_name
+ local files
+
+ modules=()
+ files=("${directory}"/*.ko*)
+ for module in "${files[@]}"; do
+ module_name=${module#"${directory}/"}
+ module_name=${module_name%.ko*}
+
+ if [[ ! " ${modules[*]} " =~ " ${module_name} " ]]; then
+ modules+=("$module_name")
+ fi
+ done
+
+ echo "Found ${#files[@]} kernel modules"
+}
+
+# Copies a kernel module
+#
+# It searches for a module with the same name. If found, it replaces it.
+# Otherwise, it copies the module to the top-level modules directory.
+copy_kernel_module() {
+ local source_dir=$1
+ local module=$2
+ local target_dir=$3
+ local source_file
+
+ echo "Copying ${module}..."
+
+ # expect a single file with $module.ko* name
+ source_file=("${source_dir}/${module}".ko*)
+
+ old_module=("${target_dir}"/**/*/"${module}".ko*)
+ if [ "${#old_module[@]}" -eq "1" ]; then
+ info " Replacing the module ${old_module[0]}"
+ cp "${source_file[0]}" "${old_module[0]}"
+ elif [ "${#old_module[@]}" -eq "0" ]; then
+ info " Not found the module to replace, so copying to kernel/ directory."
+ cp "${source_file[0]}" "${target_dir}"
+ else
+ info " Skipping the module because several modules with the same name
were found."
+ fi
+}
+
+# Updates kernel modules
+#
+# It copies the kernel modules from the Driver Update Disk to the system under
+# /sysroot. If it finds a `module.order` file, it unloads the modules included
+# in the list and add them to /etc/modules-load.d/99-agama.conf file so they
+# will be loaded by systemd after pivoting.
+update_kernel_modules() {
+ local dud_dir=$1
+ local kernel_modules_dir
+ kernel_modules_dir="${NEWROOT}/lib/modules/$(uname -r)"
+ local dud_modules_dir="${dud_dir}/modules"
+
+ # find and copy kernel modules
+ local dud_modules
+ find_kernel_modules "$dud_modules_dir" dud_modules
+
+ # finish if no kernel module is included in DUD
+ if (( ${#dud_modules[@]} == 0 )); then
+ echo "Skipping kernel modules update"
+ return
+ fi
+
+ for module in "${dud_modules[@]}"; do
+ echo "Processing ${module} module"
+ copy_kernel_module "$dud_modules_dir" "$module"
"${kernel_modules_dir}/kernel"
+ rmmod "${module}" 2>&1
+ done
+
+ # unload modules in the module.order file and make sure they will be loaded
+ if [ -f "${dud_modules_dir}/module.order" ]; then
+ module_order=$(<"${dud_modules_dir}/module.order")
+ # unload the modules in reverse order
+ local idx
+ idx=("${!module_order[@]}")
+ for ((i = ${#idx[@]} - 1; i >= 0; i--)); do
+ rmmod "${module_order[$i]}" 2>&1
+ done
+
+ cp "${dud_modules_dir}/module.order"
"${NEWROOT}/etc/modules-load.d/99-agama.conf"
+ fi
+
+ # update modules dependencies on the live medium
+ info "Updating modules dependencies..."
+ depmod -a -b "$NEWROOT"
+}
+
+# link the SSL certificates and related configuration from the root image so
"agama download"
+# works correctly with the HTTPS resources (expects using correct and
well-known certificates)
+configure_ssl() {
+ # link the SSL certificates
+ ! [ -d /etc/ssl ] && ln -s "$NEWROOT/etc/ssl" /etc
- "$NEWROOT/usr/bin/chroot" "$NEWROOT" createrepo_c "${repo_dir##"$NEWROOT"}"
+ # link crypto configuration (which ciphers are allowed, etc)
+ ! [ -d /etc/crypto-policies ] && ln -s "$NEWROOT/etc/crypto-policies" /etc
}
if [ -f "$AGAMA_DUD_INFO" ]; then
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/usr/lib/dracut/modules.d/99agama-dud/agama-dud-parser.sh
new/usr/lib/dracut/modules.d/99agama-dud/agama-dud-parser.sh
--- old/usr/lib/dracut/modules.d/99agama-dud/agama-dud-parser.sh
2025-06-30 18:04:50.000000000 +0200
+++ new/usr/lib/dracut/modules.d/99agama-dud/agama-dud-parser.sh
2025-07-21 17:15:39.000000000 +0200
@@ -10,6 +10,18 @@
updates=$(getargs inst.dud=)
if [ -n "$updates" ]; then
echo "$updates" >/tmp/agamadud.info
+
+ # automatically configure network when a remote DUD is used,
+ # check for all remote URL scheme supported by the "agama download"
+ # (anything supported by the curl backend
https://everything.curl.dev/protocols/curl.html),
+ # because it can match everywhere in the text it also matches the tftp://
and sftp://
+ if grep -q -s -E -e "https?://" -e "ftps?://" -e "smbs?://" -e "scp://"
/tmp/agamadud.info; then
+ echo "rd.neednet=1" > /etc/cmdline.d/agama-generated.conf
+ # use DHCP if there is no network configuration provided by user
+ if ! getarg "ip="; then
+ echo "ip=dhcp" >> /etc/cmdline.d/agama-generated.conf
+ fi
+ fi
fi
}
