diff --git a/.dockerignore b/.dockerignore index a66a176..01ed5e6 100644 --- a/.dockerignore +++ b/.dockerignore @@ -10,3 +10,6 @@ ogclient/ ogclientImg2Sqfs ogclientSqfs2Img **/*.swp + +## the following is used in the jenkins job +opengnsys-repo diff --git a/Dockerfile b/Dockerfile index 1c4e92a..0caba67 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,5 @@ FROM ubuntu:noble -ARG OPENGNSYS_BRANCH=main - RUN apt-get update && apt-get -y install \ debootstrap \ fdisk \ @@ -27,14 +25,14 @@ RUN groupadd opengnsys RUN mkdir -p /opt/opengnsys/client /tmp/opengnsys/oglive_builder /var/lib/tftpboot/ RUN ln -fs /var/lib/tftpboot /opt/opengnsys -## take stuff from the OG repo: a) cloning engine, b) shared stuff and c) gitrelease -RUN git clone -c http.sslVerify=false --branch ${OPENGNSYS_BRANCH} https://ognproject.evlt.uma.es/gitea/opengnsys/opengnsys.git /tmp/ogrepo && \ - mv /tmp/ogrepo/client/engine /tmp/ogrepo/client/shared /tmp/opengnsys/ && \ - git --git-dir /tmp/ogrepo/.git log --date format:r%Y%m%d --format=%ad -1 >/tmp/opengnsys/oglive_builder/gitrelease && \ - rm -rf /tmp/ogrepo/ +ARG OPENGNSYS_HEAD -## if we place the ogagent.deb and the ogbrowser.deb in the cwd, then this 'COPY .' copies them to the image COPY . /tmp/opengnsys/oglive_builder/ -RUN cp /tmp/opengnsys/oglive_builder/schroot.conf /tmp/opengnsys/oglive_builder/mount-defaults /etc/schroot/ && echo '' >/etc/schroot/default/nssdatabases && rm -f /etc/schroot/setup.d/*chrootname + +RUN ls -la /tmp/opengnsys/oglive_builder/ && \ + mv /tmp/opengnsys/oglive_builder/engine /tmp/opengnsys/oglive_builder/shared /tmp/opengnsys/ && \ + cp /tmp/opengnsys/oglive_builder/schroot.conf /tmp/opengnsys/oglive_builder/mount-defaults /etc/schroot/ && \ + echo '' >/etc/schroot/default/nssdatabases && \ + rm -f /etc/schroot/setup.d/*chrootname ENTRYPOINT ["/tmp/opengnsys/oglive_builder/mkoglive.py"] diff --git a/boottools/btog.py b/boottools/btog.py index 87e48d0..524cbfe 100644 --- a/boottools/btog.py +++ b/boottools/btog.py @@ -18,7 +18,7 @@ def GetVar (osarch): if 'i386' == osarch: btvirtualdisksize = '2000' # tamaƱo maximo limitado por schroot 2GB para 32 bits else: - btvirtualdisksize = '3G' + btvirtualdisksize = '5G' return bttargetdir, btrootfsimg, btrootfsmnt, btvirtualdisksize def GetOsInfo (type_client='host'): @@ -106,7 +106,7 @@ def GetOsInfo (type_client='host'): osrelease='5.4.0-42-generic' osarch='amd64' oshttp='http://es.archive.ubuntu.com/ubuntu/' - elif 'noble' == type_client: # ogLive 1.2.0-rc1 basado en Ubuntu 24.04 y Kernel 6.8. + elif 'noble' == type_client: # ogLive 3.1.1 basado en Ubuntu 24.04 y Kernel 6.8. osdistrib='ubuntu' oscodename='noble' osrelease='6.8.0-31-generic' @@ -239,6 +239,9 @@ def copy_og_files (builder, og_shared, og_engine, ogclientmount, osdistrib, osco subprocess.run (f'rsync -aH {og_shared}/lib/fonts {ogclientmount}/usr/local/lib', shell=True) subprocess.run (f'rsync -aH {og_shared}/lib/qtplugins/* {ogclientmount}/usr/local/plugins', shell=True) + # Browser + if os.path.exists (f'{og_shared}/bin/browser'): shutil.copy (f'{og_shared}/bin/browser', f'{ogclientmount}/bin/') + def sysctl (btrootfsmnt): logger.debug ('copiando sysctl.conf') with open (f'{btrootfsmnt}/etc/sysctl.conf', 'w') as fd: @@ -365,17 +368,16 @@ def mkisofs (pxepkg, isolinux_tpl, bttargetdir, nameisoclient): #el ogclienteToISO debe tener una copia del ogvmlinuz como linuxISO #cp -prv /var/lib/tftpboot/ogclientToIso/* /tmp/iso/ogclient - today = datetime.datetime.now(datetime.timezone.utc).strftime ('%Y%m%d') oldpwd = os.getcwd() os.chdir ('/tmp') - logger.debug (f'mkisofs -quiet -V ogClient -o {nameisoclient}-{today}.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -J -no-emul-boot -boot-load-size 4 -boot-info-table /tmp/iso') - utils.run (['mkisofs', '-quiet', '-V', 'ogClient', '-o', f'{nameisoclient}-{today}.iso', '-b', 'isolinux/isolinux.bin', '-c', 'isolinux/boot.cat', '-J', '-no-emul-boot', '-boot-load-size', '4', '-boot-info-table', '/tmp/iso']) + logger.debug (f'mkisofs -quiet -V ogClient -o {nameisoclient}.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -J -no-emul-boot -boot-load-size 4 -boot-info-table /tmp/iso') + utils.run (['mkisofs', '-quiet', '-V', 'ogClient', '-o', f'{nameisoclient}.iso', '-b', 'isolinux/isolinux.bin', '-c', 'isolinux/boot.cat', '-J', '-no-emul-boot', '-boot-load-size', '4', '-boot-info-table', '/tmp/iso']) - utils.write_md5 (f'{nameisoclient}-{today}.iso') + utils.write_md5 (f'{nameisoclient}.iso') os.chdir (oldpwd) - shutil.move (f'/tmp/{nameisoclient}-{today}.iso' , f'/var/lib/tftpboot/ogclient/{nameisoclient}-{today}.iso') - shutil.move (f'/tmp/{nameisoclient}-{today}.iso.sum', f'/var/lib/tftpboot/ogclient/{nameisoclient}-{today}.iso.sum') + shutil.move (f'/tmp/{nameisoclient}.iso' , f'/var/lib/tftpboot/ogclient/{nameisoclient}.iso') + shutil.move (f'/tmp/{nameisoclient}.iso.sum', f'/var/lib/tftpboot/ogclient/{nameisoclient}.iso.sum') #def __unused_boottoolsBootGraphics(): # find /tmp/opengnsys_installer/ -name .svn -type d -exec rm -fr {} \; 2>/dev/null; diff --git a/chroot-tasks.py b/chroot-tasks.py index ab80ae0..dd7d7e2 100755 --- a/chroot-tasks.py +++ b/chroot-tasks.py @@ -32,7 +32,7 @@ def boottoolsSoftwareInstall (osarch, osrelease): pkgs32 = [] if 'i386' != osarch: utils.run (['dpkg', '--add-architecture', 'i386']) - pkgs32 = 'lib32gcc-s1 lib32stdc++6 lib32z1 libc6-i386'.split (' ') ## nserrano: he cambiado lib32gcc1 por lib32gcc-s1 pero como queramos crear un oglive viejo, esto va a petar + pkgs32 = 'lib32gcc-s1 lib32stdc++6 lib32z1 libc6-i386'.split (' ') _oghook_deactivate() @@ -44,6 +44,9 @@ def boottoolsSoftwareInstall (osarch, osrelease): for section in config.options('Packages'): pkgs += re.split (r'[ \n]', config['Packages'].get(section).strip()) + apt.update() + apt.upgrade() + pkgs = [f'linux-image-{osrelease}', f'linux-headers-{osrelease}', f'linux-modules-{osrelease}', f'linux-modules-extra-{osrelease}', 'dkms', 'shim-signed', 'openssl', 'sshfs', 'kexec-tools'] + pkgs32 + pkgs print (f'boottoolsSoftwareInstall: installing packages: {str(pkgs)}', file=sys.stderr) apt.install (pkgs, opts={'DPkg::Options::': '--force-confdef'}) ## --force-confdef is required to avoid an interactive question regarding /etc/ssh/ssh_config @@ -85,7 +88,7 @@ def boottoolsSoftwareCompile(): try: utils.run (['which', 'spartl64.run']) except: utils.run (['wget', '--quiet', 'http://damien.guibouret.free.fr/savepart.zip']) - utils.run (['unzip', '-o', 'savepart.zip', '-d', '/sbin/', 'spartl64.run']) + utils.run (['unzip', '-o', 'savepart.zip', '-d', '/sbin/', 'spartl64.run', 'spartlnx.run']) utils.run (['mkdir', '/usr/share/doc/spartlnx']) utils.run (['unzip', '-j', '-o', 'savepart.zip', '-d', '/usr/share/doc/spartlnx/', 'doc/en/*']) @@ -96,12 +99,28 @@ def boottoolsSoftwareCompile(): os.chdir ('python-libfdisk') utils.run (['python3', 'setup.py', 'install']) os.chdir ('..') - apt.remove (['python3-dev', 'python3-setuptools']) os.environ['LANGUAGE'] = env_language os.environ['LC_ALL'] = env_lc_all os.environ['LANG'] = env_lang +def updateCaCertificates(): + print ('Updating CA trust Store', file=sys.stderr) + utils.run (['update-ca-certificates']) + +def boottoolsPythonModules(): + utils.run (['pip3', 'install', 'pyblkid', '--break-system-packages']) + +def boottoolsRemovePackages(): + apt.remove (['python3-dev', 'python3-setuptools', 'python3-pip']) + +def setup_resolvconf(): + if os.path.islink('/etc/resolc.conf'): + os.unlink ('/etc/resolv.conf') + f = open ('/etc/resolv.conf', 'w') + f.write ('nameserver 8.8.8.8') + f.close() + def boottoolsInitrdGenerate (osrelease): print ('boottoolsInitrdGenerate', file=sys.stderr) for f in glob.glob ('/usr/lib/initramfs-tools/bin/*'): @@ -125,6 +144,7 @@ def boottoolsInitrdGenerate (osrelease): os.chdir ('/tmp') shutil.rmtree ('undone') + if __name__ == '__main__': parser = argparse.ArgumentParser() parser.add_argument ('--osarch', help='OS architecture', action='store', required=True) @@ -137,6 +157,11 @@ if __name__ == '__main__': sys.exit (1) debconf_settings = config['General'].get ('debconf_settings') + updateCaCertificates() + setup_resolvconf() boottoolsSoftwareInstall (args.osarch, args.osrelease) boottoolsSoftwareCompile() + boottoolsPythonModules() + boottoolsRemovePackages() + setup_resolvconf() ## do this again, since someone seems to be overwriting the file boottoolsInitrdGenerate (args.osrelease) diff --git a/includes/etc/apt/sources.list.ubuntu b/includes/etc/apt/sources.list.ubuntu index 1243416..53d6ea4 100644 --- a/includes/etc/apt/sources.list.ubuntu +++ b/includes/etc/apt/sources.list.ubuntu @@ -58,3 +58,6 @@ deb http://free.nchc.org.tw/ubuntu OSCODENAME-security main restricted universe #deb http://ppa.launchpad.net/zfs-native/stable/ubuntu OSCODENAME main #deb-src http://ppa.launchpad.net/zfs-native/stable/ubuntu OSCODENAME main + +deb [trusted=yes] https://ognproject.evlt.uma.es/debian-opengnsys/ OSCODENAME main + diff --git a/includes/etc/initramfs-tools/scripts/VERSION.txt b/includes/etc/initramfs-tools/scripts/VERSION.txt index 31621f3..31e454d 100644 --- a/includes/etc/initramfs-tools/scripts/VERSION.txt +++ b/includes/etc/initramfs-tools/scripts/VERSION.txt @@ -1 +1 @@ -OpenGnsys Client 1.2.0-rc1 +OpenGnsys Client 3.2.0 diff --git a/includes/usr/local/share/ca-certificates/GEANT_OV_RSA_CA_4.crt b/includes/usr/local/share/ca-certificates/GEANT_OV_RSA_CA_4.crt new file mode 100644 index 0000000..b0a95a1 --- /dev/null +++ b/includes/usr/local/share/ca-certificates/GEANT_OV_RSA_CA_4.crt @@ -0,0 +1,39 @@ +-----BEGIN CERTIFICATE----- +MIIG5TCCBM2gAwIBAgIRANpDvROb0li7TdYcrMTz2+AwDQYJKoZIhvcNAQEMBQAw +gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK +ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD +VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw +MDIxODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowRDELMAkGA1UEBhMCTkwxGTAXBgNV +BAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNVBAMTEUdFQU5UIE9WIFJTQSBDQSA0 +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApYhi1aEiPsg9ZKRMAw9Q +r8Mthsr6R20VSfFeh7TgwtLQi6RSRLOh4or4EMG/1th8lijv7xnBMVZkTysFiPmT +PiLOfvz+QwO1NwjvgY+Jrs7fSoVA/TQkXzcxu4Tl3WHi+qJmKLJVu/JOuHud6mOp +LWkIbhODSzOxANJ24IGPx9h4OXDyy6/342eE6UPXCtJ8AzeumTG6Dfv5KVx24lCF +TGUzHUB+j+g0lSKg/Sf1OzgCajJV9enmZ/84ydh48wPp6vbWf1H0O3Rd3LhpMSVn +TqFTLKZSbQeLcx/l9DOKZfBCC9ghWxsgTqW9gQ7v3T3aIfSaVC9rnwVxO0VjmDdP +FNbdoxnh0zYwf45nV1QQgpRwZJ93yWedhp4ch1a6Ajwqs+wv4mZzmBSjovtV0mKw +d+CQbSToalEUP4QeJq4Udz5WNmNMI4OYP6cgrnlJ50aa0DZPlJqrKQPGL69KQQz1 +2WgxvhCuVU70y6ZWAPopBa1ykbsttpLxADZre5cH573lIuLHdjx7NjpYIXRx2+QJ +URnX2qx37eZIxYXz8ggM+wXH6RDbU3V2o5DP67hXPHSAbA+p0orjAocpk2osxHKo +NSE3LCjNx8WVdxnXvuQ28tKdaK69knfm3bB7xpdfsNNTPH9ElcjscWZxpeZ5Iij8 +lyrCG1z0vSWtSBsgSnUyG/sCAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5v1qq +K0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBRvHTVJEGwy+lmgnryK6B+VvnF6DDAO +BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr +BgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUH +AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0 +dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9u +QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6 +Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAl +BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B +AQwFAAOCAgEAUtlC3e0xj/1BMfPhdQhUXeLjb0xp8UE28kzWE5xDzGKbfGgnrT2R +lw5gLIx+/cNVrad//+MrpTppMlxq59AsXYZW3xRasrvkjGfNR3vt/1RAl8iI31lG +hIg6dfIX5N4esLkrQeN8HiyHKH6khm4966IkVVtnxz5CgUPqEYn4eQ+4eeESrWBh +AqXaiv7HRvpsdwLYekAhnrlGpioZ/CJIT2PTTxf+GHM6cuUnNqdUzfvrQgA8kt1/ +ASXx2od/M+c8nlJqrGz29lrJveJOSEMX0c/ts02WhsfMhkYa6XujUZLmvR1Eq08r +48/EZ4l+t5L4wt0DV8VaPbsEBF1EOFpz/YS2H6mSwcFaNJbnYqqJHIvm3PLJHkFm +EoLXRVrQXdCT+3wgBfgU6heCV5CYBz/YkrdWES7tiiT8sVUDqXmVlTsbiRNiyLs2 +bmEWWFUl76jViIJog5fongEqN3jLIGTG/mXrJT1UyymIcobnIGrbwwRVz/mpFQo0 +vBYIi1k2ThVh0Dx88BbF9YiP84dd8Fkn5wbE6FxXYJ287qfRTgmhePecPc73Yrzt +apdRcsKVGkOpaTIJP/l+lAHRLZxk/dUtyN95G++bOSQqnOCpVPabUGl2E/OEyFrp +Ipwgu2L/WJclvd6g+ZA/iWkLSMcpnFb+uX6QBqvD6+RNxul1FaB5iHY= +-----END CERTIFICATE----- diff --git a/mkoglive.cfg b/mkoglive.cfg index ba97641..c5a910d 100644 --- a/mkoglive.cfg +++ b/mkoglive.cfg @@ -68,8 +68,6 @@ isolinux_template = [Packages] -agent = policykit-1 python3 python3-pyqt6 python3-requests python3-six python3-prctl python3-distro libxss1 zenity - basic = dialog man-db fbset gdebi-core bash-static busybox-static locales lshw gawk git python3-openssl python3 php-cli dmidecode rpm sqlite3 os-prober moreutils jq #console-data # ogLive anterior a Ubuntu 20.04 @@ -131,3 +129,6 @@ xwindows = #xorg-dev xorg lxde #+300M #roxterm gparted #+80M #openbox midori #xvesa en compilacion + +oggit = python3 python3-git python3-xattr python3-libarchive-c python3-pylibacl python3-pip opengnsys-libarchive-c python3-termcolor bsdextrautils opengnsys-pyblkid ntfs-3g-system-compression python3-tqdm + diff --git a/mkoglive.py b/mkoglive.py index 79f369a..72d04db 100755 --- a/mkoglive.py +++ b/mkoglive.py @@ -8,6 +8,7 @@ import glob import stat import shutil import argparse +import datetime curdir = os.path.dirname (__file__) sys.path.insert (0, curdir) @@ -144,7 +145,8 @@ def _main (cfgfile, config, type_client): logger.info ('STAGE 4 - generate distribution files') pxepkg = _get_pxepkg() - nameisoclient = '-'.join (['ogLive', oscodename, osrelease, osarch, gitrelease]) + today = datetime.datetime.now(datetime.timezone.utc).strftime ('%Y%m%d') + nameisoclient = '-'.join (['ogLive', oscodename, osrelease, osarch, gitrelease+'_'+today]) _mkinitrd_squashfs_isofs (bttargetdir, osrelease, btrootfsimg, btrootfsmnt, pxepkg, isolinux_tpl, nameisoclient) logger.info ('OpenGnsys installation finished')