Merge pull request 'refs #2232 increase ulimit for the qt6 browser' (#16) from ulimit-n-4096 into main

Reviewed-on: #16

CHANGELOG.md

@@ -5,6 +5,46 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.9.1] - 2025-06-18
+
+### Fixed
+
+- Increase "open files" ulimit for the qt6 browser
+
+## [3.9.0] - 2025-06-16
+
+### Added
+
+- Take ogrepository SSH key from its git repo
+
+## [3.8.0] - 2025-06-16
+
+### Added
+
+- Installation of package opengnsys-gitlib
+
+## [3.7.0] - 2025-05-28
+
+### Changed
+
+- Leave resolv.conf as a symlink to /run/resolvconf/resolv.conf
+
+## [3.6.0] - 2025-05-21
+
+### Changed
+
+- Configure stunnel and dbus via includes rather than in python code
+
+### Added
+
+- Add script for changing the URL in the running browser
+
+## [3.5.0] - 2025-05-19
+
+### Changed
+
+- Configure dbus
+
 ## [3.4.0] - 2025-05-18
 
 ### Changed

Dockerfile

@@ -30,7 +30,7 @@ ARG OPENGNSYS_HEAD
 COPY . /tmp/opengnsys/oglive_builder/
 
 RUN ls -la /tmp/opengnsys/oglive_builder/ && \
-    mv /tmp/opengnsys/oglive_builder/engine /tmp/opengnsys/oglive_builder/shared /tmp/opengnsys/ && \
+    mv /tmp/opengnsys/oglive_builder/engine /tmp/opengnsys/oglive_builder/shared /tmp/opengnsys/oglive_builder/ogrepo-ssh-key /tmp/opengnsys/ && \
     cp /tmp/opengnsys/oglive_builder/schroot.conf /tmp/opengnsys/oglive_builder/mount-defaults /etc/schroot/ && \
     echo '' >/etc/schroot/default/nssdatabases && \
     rm -f /etc/schroot/setup.d/*chrootname

boottools/btog.py

@@ -205,7 +205,7 @@ def debootstrap (btrootfsimg, btrootfsmnt, osarch, oscodename, oshttp):
     logger.info (f'debootstrap --arch="{osarch}" --components=main,universe "{oscodename}" "{btrootfsmnt}" "{oshttp}" : ok')
     return 0
 
-def copy_og_files (builder, og_shared, ogclientmount, osdistrib, oscodename):
+def copy_og_files (builder, og_shared, ogrepo_ssh_key, ogclientmount, osdistrib, oscodename):
     logger.info ('Iniciando la personalización con datos del repositorio')
 
     sources_list_in  = f'{builder}/includes/etc/apt/sources.list.{osdistrib.lower()}'
@@ -226,6 +226,12 @@ def copy_og_files (builder, og_shared, ogclientmount, osdistrib, oscodename):
     os.makedirs (f'{ogclientmount}/usr/local/lib',                 exist_ok=True)
     os.makedirs (f'{ogclientmount}/usr/local/plugins',             exist_ok=True)
 
+    os.makedirs (f'{ogclientmount}/root/.ssh', exist_ok=True)
+    shutil.copy (f'{ogrepo_ssh_key}/opengnsys',     f'{ogclientmount}/root/.ssh/id_ed25519')
+    shutil.copy (f'{ogrepo_ssh_key}/opengnsys.pub', f'{ogclientmount}/root/.ssh/id_ed25519.pub')
+    os.chmod (f'{ogclientmount}/root/.ssh/id_ed25519',     0o0600)
+    os.chmod (f'{ogclientmount}/root/.ssh/id_ed25519.pub', 0o0600)
+
     subprocess.run (f'rsync -aH {builder}/includes/* {ogclientmount}/'              , shell=True)
     subprocess.run (f'rsync -aH {og_shared}/*        {ogclientmount}/opt/opengnsys/', shell=True)
 

chroot-tasks.py

@@ -87,7 +87,7 @@ def boottoolsSoftwareCompile():
     print ('boottoolsSoftwareCompile: spartlnx', file=sys.stderr)
     try: utils.run (['which', 'spartl64.run'])
     except:
-        utils.run (['wget', '--quiet', 'http://damien.guibouret.free.fr/savepart.zip'])
+        utils.run (['wget', '--tries=5', 'http://damien.guibouret.free.fr/savepart.zip'])
         utils.run (['unzip', '-o', 'savepart.zip', '-d', '/sbin/', 'spartl64.run', 'spartlnx.run'])
         utils.run (['mkdir', '/usr/share/doc/spartlnx'])
         utils.run (['unzip', '-j', '-o', 'savepart.zip', '-d', '/usr/share/doc/spartlnx/', 'doc/en/*'])
@@ -108,25 +108,6 @@ def updateCaCertificates():
     print ('Updating CA trust Store', file=sys.stderr)
     utils.run (['update-ca-certificates'])
 
-def configure_stunnel():
-    print ('configure_stunnel', file=sys.stderr)
-    with open ('/etc/stunnel/menu.conf', 'w') as fd:
-        fd.write ('setuid = stunnel4\n')
-        fd.write ('setgid = stunnel4\n')
-        fd.write ('pid = /var/run/stunnel4/menu.pid\n')
-        fd.write ('foreground = yes\n')
-        fd.write ('debug = info\n')
-        fd.write ('\n')
-        fd.write ('[menu]\n')
-        fd.write ('client = yes\n')
-        fd.write ('accept = 127.0.0.1:81\n')
-        fd.write ('connect = __OGCORE_IP__:__OGCORE_PORT__\n')
-        fd.write ('cert = /opt/opengnsys/etc/ogagent.crt\n')
-        fd.write ('key = /opt/opengnsys/etc/ogagent.key\n')
-        fd.write ('CAfile = /opt/opengnsys/etc/ca.crt\n')
-        fd.write ('requireCert = yes\n')
-        fd.write ('verifyChain = yes\n')
-
 def boottoolsPythonModules():
     utils.run (['pip3', 'install', 'pyblkid', '--break-system-packages'])
 
@@ -134,13 +115,20 @@ def boottoolsRemovePackages():
     print ('boottoolsRemovePackages', file=sys.stderr)
     apt.remove (['python3-dev', 'python3-setuptools', 'python3-pip'])
 
-def setup_resolvconf():
-    if os.path.islink('/etc/resolc.conf'):
-        os.unlink ('/etc/resolv.conf')
+## have working DNS during the build
+def setup_resolvconf1():
+    print ('setup_resolvconf1', file=sys.stderr)
+    os.unlink ('/etc/resolv.conf')
     f = open ('/etc/resolv.conf', 'w')
     f.write ('nameserver 8.8.8.8')
     f.close()
 
+## leave the final configuration for oglive
+def setup_resolvconf2():
+    print ('setup_resolvconf2', file=sys.stderr)
+    os.unlink ('/etc/resolv.conf')
+    os.symlink ('/run/resolvconf/resolv.conf', '/etc/resolv.conf')
+
 def boottoolsInitrdGenerate (osrelease):
     print ('boottoolsInitrdGenerate', file=sys.stderr)
     for f in glob.glob ('/usr/lib/initramfs-tools/bin/*'):
@@ -178,11 +166,10 @@ if __name__ == '__main__':
     debconf_settings = config['General'].get ('debconf_settings')
 
     updateCaCertificates()
-    setup_resolvconf()
+    setup_resolvconf1()
     boottoolsSoftwareInstall (args.osarch, args.osrelease)
     boottoolsSoftwareCompile()
     boottoolsPythonModules()
     boottoolsRemovePackages()
-    configure_stunnel()
-    setup_resolvconf()    ## do this again, since someone seems to be overwriting the file
+    setup_resolvconf2()
     boottoolsInitrdGenerate (args.osrelease)

includes/etc/dbus-1/system.d/ogbrowser.conf

@@ -0,0 +1,8 @@
+<busconfig>
+    <policy user="root">
+        <allow own="es.opengnsys.OGBrowser.browser"/>
+        <allow send_destination="es.opengnsys.OGBrowser.browser"/>
+        <allow send_interface="es.opengnsys.OGBrowser.browser"/>
+        <allow send_type="method_call"/>
+    </policy>
+</busconfig>

includes/etc/initramfs-tools/scripts/VERSION.txt

@@ -1 +1 @@
-OpenGnsys Client 3.4.0
+OpenGnsys Client 3.9.1

includes/etc/initramfs-tools/scripts/ogfunctions

@@ -591,6 +591,7 @@ ogUnionLiveDir()
 	U1STDIR="${OGLIVERAMFS}${TMPDIR}=RW"
 	U2NDDIR="${OGLIVEROOTFS}${TMPDIR}=RO"
 	UNIONDIR=${OGLIVEUNIONFS}${TMPDIR}
+	ulimit -n 4096
 	mkdir -p $UNIONDIR $TMPDIR
 	$UBIN $FUSE_OPT $UNION_OPT ${U1STDIR}:${U2NDDIR} $UNIONDIR
 	mount --bind  $UNIONDIR $TMPDIR

includes/etc/stunnel/menu.conf

@@ -0,0 +1,15 @@
+setuid = stunnel4
+setgid = stunnel4
+pid = /var/run/stunnel4/menu.pid
+foreground = yes
+debug = info
+
+[menu]
+client = yes
+accept = 127.0.0.1:81
+connect = __OGCORE_IP__:__OGCORE_PORT__
+cert = /opt/opengnsys/etc/ogagent.crt
+key = /opt/opengnsys/etc/ogagent.key
+CAfile = /opt/opengnsys/etc/ca.crt
+requireCert = yes
+verifyChain = yes

includes/usr/bin/setURL.py

@@ -0,0 +1,20 @@
+#!/usr/bin/python3
+
+import sys
+import dbus
+
+if 2 != len(sys.argv):
+    sys.exit (1)
+
+dest = 'es.opengnsys.OGBrowser.browser'
+path = '/'
+interface = None
+method = 'setURL'
+signature = 's'
+url = sys.argv[1]
+
+b = dbus.SystemBus()
+try:
+    b.call_blocking (dest, path, interface, method, 's', [url])
+except Exception as e:
+    sys.exit (1)

mkoglive.cfg

@@ -135,4 +135,4 @@ ogagent = stunnel4
 
 ogbrowser = sway libinput-tools hwdata ogbrowser
 
-oggit = python3 python3-git python3-pyxattr python3-libarchive-c python3-pylibacl python3-pip opengnsys-libarchive-c python3-termcolor bsdextrautils opengnsys-pyblkid ntfs-3g-system-compression python3-tqdm
+oggit = python3 python3-git python3-pyxattr python3-libarchive-c python3-pylibacl python3-pip python3-hivex opengnsys-libarchive-c python3-termcolor bsdextrautils opengnsys-pyblkid opengnsys-gitlib ntfs-3g-system-compression python3-tqdm

mkoglive.py

@@ -75,9 +75,10 @@ def _initramfs_version (gitrelease, osrelease, curdir):
 
 def _copy_og_files (btrootfsimg, btrootfsmnt, osdistrib, oscodename):
     _mount_rootfs (btrootfsimg, btrootfsmnt)
-    builder   = '/tmp/opengnsys/oglive_builder'
-    og_shared = '/tmp/opengnsys/shared'
-    btog.copy_og_files (builder, og_shared, btrootfsmnt, osdistrib, oscodename)
+    builder        = '/tmp/opengnsys/oglive_builder'
+    og_shared      = '/tmp/opengnsys/shared'
+    ogrepo_ssh_key = '/tmp/opengnsys/ogrepo-ssh-key'
+    btog.copy_og_files (builder, og_shared, ogrepo_ssh_key, btrootfsmnt, osdistrib, oscodename)
     utils.umount (btrootfsmnt)
 
 def _chroot_tasks (cfgfile, curdir, osrelease, osarch):