From ae5352a4c137d650835c594dd96feedaaccfe975 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Wed, 20 Sep 2023 16:49:39 -0400 Subject: [PATCH] create_disk: Add `bootupd-epoch`, hard require new bootupd This hard requires - https://github.com/coreos/bootupd/pull/543 - https://github.com/coreos/ignition/pull/1728 --- src/cosalib/cmdlib.py | 3 -- src/create_disk.sh | 85 +++++++++----------------------------- src/grub.cfg | 94 ------------------------------------------ src/image-default.yaml | 3 ++ 4 files changed, 23 insertions(+), 162 deletions(-) delete mode 100644 src/grub.cfg diff --git a/src/cosalib/cmdlib.py b/src/cosalib/cmdlib.py index 53d711ccc0..5a81b31c04 100644 --- a/src/cosalib/cmdlib.py +++ b/src/cosalib/cmdlib.py @@ -397,9 +397,6 @@ def generate_image_json(srcfile): r = yaml.safe_load(open("/usr/lib/coreos-assembler/image-default.yaml")) for k, v in flatten_image_yaml(srcfile).items(): r[k] = v - # Serialize our default GRUB config - with open("/usr/lib/coreos-assembler/grub.cfg") as f: - r['grub-script'] = f.read() return r diff --git a/src/create_disk.sh b/src/create_disk.sh index 8ffa798821..1fd2500387 100755 --- a/src/create_disk.sh +++ b/src/create_disk.sh @@ -119,7 +119,7 @@ rootfs_args=$(getconfig_def "rootfs-args" "") bootfs=$(getconfig "bootfs") composefs=$(getconfig_def "composefs" "") -grub_script=$(getconfig "grub-script") +bootupd_epoch=$(getconfig "bootupd-epoch") ostree_container=$(getconfig "ostree-container") commit=$(getconfig "ostree-commit") ref=$(getconfig "ostree-ref") @@ -396,51 +396,10 @@ cat > $rootfs/.coreos-aleph-version.json << EOF } EOF -install_uefi() { - # https://github.com/coreos/fedora-coreos-tracker/issues/510 - # See also https://github.com/ostreedev/ostree/pull/1873#issuecomment-524439883 - # Unshare mount ns to work around https://github.com/coreos/bootupd/issues/367 - unshare -m /usr/bin/bootupctl backend install --src-root="${deploy_root}" "${rootfs}" - # We have a "static" grub config file that basically configures grub to look - # in the RAID called "md-boot", if it exists, or the partition labeled "boot". - local target_efi="$rootfs/boot/efi" - local grubefi - grubefi=$(find "${target_efi}/EFI/" -maxdepth 1 -type d | grep -v BOOT) - local vendor_id="${grubefi##*/}" - local vendordir="${target_efi}/EFI/${vendor_id}" - mkdir -p "${vendordir}" - cat > "${vendordir}/grub.cfg" << 'EOF' -if [ -e (md/md-boot) ]; then - # The search command might pick a RAID component rather than the RAID, - # since the /boot RAID currently uses superblock 1.0. See the comment in - # the main grub.cfg. - set prefix=md/md-boot -else - if [ -f ${config_directory}/bootuuid.cfg ]; then - source ${config_directory}/bootuuid.cfg - fi - if [ -n "${BOOT_UUID}" ]; then - search --fs-uuid "${BOOT_UUID}" --set prefix --no-floppy - else - search --label boot --set prefix --no-floppy - fi -fi -set prefix=($prefix)/grub2 -configfile $prefix/grub.cfg -boot -EOF - install_grub_cfg +bootloader_install_nons390x_bootupd_epoch_1() { } -# copy the grub config and any other files we might need -install_grub_cfg() { - # 0700 to match the RPM permissions which I think are mainly in case someone has - # manually set a grub password - mkdir -p $rootfs/boot/grub2 - chmod 0700 $rootfs/boot/grub2 - printf "%s\n" "$grub_script" | \ - sed -E 's@(^# CONSOLE-SETTINGS-START$)@\1'"${platform_grub_cmds:+\\n${platform_grub_cmds}}"'@' \ - > $rootfs/boot/grub2/grub.cfg +install_platforms_json() { # Copy platforms table if it's non-empty for this arch # shellcheck disable=SC2031 if jq -e ".$arch" < "$platforms_json" > /dev/null; then @@ -472,32 +431,28 @@ generate_gpgkeys() { rm -rf "${tmp_home}" } +# Hard require epoch 1, but leave space for future versions +case "${bootupd_epoch}" in + 1) + ;; + *) echo "Unhandled ${bootupd_epoch} 1>&2; exit 1" + ;; +esac + # Other arch-specific bootloader changes # shellcheck disable=SC2031 case "$arch" in -x86_64) - # UEFI - install_uefi +x86_64|aarch64|ppc64le) + # For background on bootupd, see https://github.com/coreos/fedora-coreos-tracker/issues/510 + # This requires bootupd 0.2.11 in the target system, and handles both BIOS and UEFI for x86_64 for example. + bootupd_args=() if [ "${x86_bios_bootloader}" = 1 ]; then - # And BIOS grub in addition. See also - # https://github.com/coreos/fedora-coreos-tracker/issues/32 - # Install BIOS/PReP bootloader using the target system's grub2-install, - # see https://github.com/coreos/coreos-assembler/issues/3156 - chroot_run /sbin/grub2-install \ - --target i386-pc \ - --boot-directory $rootfs/boot \ - --modules mdraid1x \ - "$disk" + bootupd_args+=("--device=$disk") + fi + chroot_run env /usr/bin/bootupctl backend install --with-static-configs --src-root="${deploy_root}" "${bootupd_args[@]}" "${rootfs}" + if test -n "${platform_grub_cmds}"; then + echo "${platform_grub_cmds}" > $rootfs/boot/grub2/platform01.cfg fi - ;; -aarch64) - # Our aarch64 is UEFI only. - install_uefi - ;; -ppc64le) - # to populate PReP Boot, i.e. support pseries - chroot_run /sbin/grub2-install --target=powerpc-ieee1275 --boot-directory $rootfs/boot --no-nvram "${disk}${PREPPN}" - install_grub_cfg ;; s390x) ostree config --repo $rootfs/ostree/repo set sysroot.bootloader zipl diff --git a/src/grub.cfg b/src/grub.cfg deleted file mode 100644 index 199720657d..0000000000 --- a/src/grub.cfg +++ /dev/null @@ -1,94 +0,0 @@ -set pager=1 -# petitboot doesn't support -e and doesn't support an empty path part -if [ -d (md/md-boot)/grub2 ]; then - # fcct currently creates /boot RAID with superblock 1.0, which allows - # component partitions to be read directly as filesystems. This is - # necessary because transposefs doesn't yet rerun grub2-install on BIOS, - # so GRUB still expects /boot to be a partition on the first disk. - # - # There are two consequences: - # 1. On BIOS and UEFI, the search command might pick an individual RAID - # component, but we want it to use the full RAID in case there are bad - # sectors etc. The undocumented --hint option is supposed to support - # this sort of override, but it doesn't seem to work, so we set $boot - # directly. - # 2. On BIOS, the "normal" module has already been loaded from an - # individual RAID component, and $prefix still points there. We want - # future module loads to come from the RAID, so we reset $prefix. - # (On UEFI, the stub grub.cfg has already set $prefix properly.) - set boot=md/md-boot - set prefix=($boot)/grub2 -else - if [ -f ${config_directory}/bootuuid.cfg ]; then - source ${config_directory}/bootuuid.cfg - fi - if [ -n "${BOOT_UUID}" ]; then - search --fs-uuid "${BOOT_UUID}" --set boot --no-floppy - else - search --label boot --set boot --no-floppy - fi -fi -set root=$boot - -if [ -f ${config_directory}/grubenv ]; then - load_env -f ${config_directory}/grubenv -elif [ -s $prefix/grubenv ]; then - load_env -fi - -if [ x"${feature_menuentry_id}" = xy ]; then - menuentry_id_option="--id" -else - menuentry_id_option="" -fi - -function load_video { - if [ x$feature_all_video_module = xy ]; then - insmod all_video - else - insmod efi_gop - insmod efi_uga - insmod ieee1275_fb - insmod vbe - insmod vga - insmod video_bochs - insmod video_cirrus - fi -} - -# Any non-default console settings will be inserted here. -# CONSOLE-SETTINGS-START -# CONSOLE-SETTINGS-END - -if [ x$feature_timeout_style = xy ] ; then - set timeout_style=menu - set timeout=1 -# Fallback normal timeout code in case the timeout_style feature is -# unavailable. -else - set timeout=1 -fi - -# Determine if this is a first boot and set the ${ignition_firstboot} variable -# which is used in the kernel command line. -set ignition_firstboot="" -if [ -f "/ignition.firstboot" ]; then - # Default networking parameters to be used with ignition. - set ignition_network_kcmdline='' - - # Source in the `ignition.firstboot` file which could override the - # above $ignition_network_kcmdline with static networking config. - # This override feature is also by coreos-installer to persist static - # networking config provided during install to the first boot of the machine. - source "/ignition.firstboot" - - set ignition_firstboot="ignition.firstboot ${ignition_network_kcmdline}" -fi - -# Import user defined configuration -# tracker: https://github.com/coreos/fedora-coreos-tracker/issues/805 -if [ -f $prefix/user.cfg ]; then - source $prefix/user.cfg -fi - -blscfg diff --git a/src/image-default.yaml b/src/image-default.yaml index a3e6556729..0dcb448187 100644 --- a/src/image-default.yaml +++ b/src/image-default.yaml @@ -7,6 +7,9 @@ rootfs-args: "" # Set to "true" to enable composefs composefs: false +# - "1": adds a hard requirement of bootupd 0.2.X and updated ignition +bootupd-epoch: "1" + # Additional default kernel arguments injected into disk images extra-kargs: []