to use default YUM config i.e. /etc/yum.conf With this option you don't have to supply repo kickstart commands.
Also add --cacheonly option to run entirely from YUM cache.
Signed-off-by: Alan Pevec apevec@redhat.com --- imgcreate/creator.py | 27 ++++++++++++++++++++------- imgcreate/yuminst.py | 11 +++++++---- tools/livecd-creator | 8 +++++++- 3 files changed, 34 insertions(+), 12 deletions(-)
diff --git a/imgcreate/creator.py b/imgcreate/creator.py index 519735e..48d5d70 100644 --- a/imgcreate/creator.py +++ b/imgcreate/creator.py @@ -50,7 +50,7 @@ class ImageCreator(object):
"""
- def __init__(self, ks, name): + def __init__(self, ks, name, globalYUM = False, cacheonly = False): """Initialize an ImageCreator instance.
ks -- a pykickstart.KickstartParser instance; this instance will be @@ -73,6 +73,9 @@ class ImageCreator(object): self.__builddir = None self.__bindmounts = []
+ self.__globalYUM = globalYUM + self.__cacheonly = cacheonly + self.__sanity_check()
def __del__(self): @@ -396,7 +399,8 @@ class ImageCreator(object):
kickstart.convert_method_to_repo(self.ks)
- if not kickstart.get_repos(self.ks): + # with -g global YUM config repositories are not taken from ks + if not self.__globalYUM and not kickstart.get_repos(self.ks): raise CreatorError("No repositories specified")
if (kickstart.selinux_enabled(self.ks) and @@ -623,10 +627,17 @@ class ImageCreator(object): the kickstart to be overridden.
""" - yum_conf = self._mktemp(prefix = "yum.conf-")
ayum = LiveCDYum() - ayum.setup(yum_conf, self._instroot) + if self.__globalYUM: + yum_conf = None + else: + yum_conf = self._mktemp(prefix = "yum.conf-") + + if self.__cacheonly: + ayum.setup(yum_conf, self._instroot, cache=1) + else: + ayum.setup(yum_conf, self._instroot)
for repo in kickstart.get_repos(self.ks, repo_urls): (name, baseurl, mirrorlist, inc, exc) = repo @@ -659,7 +670,8 @@ class ImageCreator(object): finally: ayum.closeRpmDB() ayum.close() - os.unlink(yum_conf) + if yum_conf: + os.unlink(yum_conf)
# do some clean up to avoid lvm info leakage. this sucks. for subdir in ("cache", "backup", "archive"): @@ -776,7 +788,8 @@ class LoopImageCreator(ImageCreator):
"""
- def __init__(self, ks, name, fslabel = None): + def __init__(self, ks, name, fslabel = None, + globalYUM = False, cacheonly = False): """Initialize a LoopImageCreator instance.
This method takes the same arguments as ImageCreator.__init__() with @@ -785,7 +798,7 @@ class LoopImageCreator(ImageCreator): fslabel -- A string used as a label for any filesystems created.
""" - ImageCreator.__init__(self, ks, name) + ImageCreator.__init__(self, ks, name, globalYUM, cacheonly)
self.__fslabel = None self.fslabel = fslabel diff --git a/imgcreate/yuminst.py b/imgcreate/yuminst.py index 04c9b40..c13b162 100644 --- a/imgcreate/yuminst.py +++ b/imgcreate/yuminst.py @@ -75,11 +75,14 @@ class LiveCDYum(yum.YumBase): for f in glob.glob(installroot + "/var/lib/rpm/__db*"): os.unlink(f)
- def setup(self, confpath, installroot): - self._writeConf(confpath, installroot) + def setup(self, confpath, installroot, cache=0): self._cleanupRpmdbLocks(installroot) - self.doConfigSetup(fn = confpath, root = installroot) - self.conf.cache = 0 + if confpath: + self._writeConf(confpath, installroot) + self.doConfigSetup(fn = confpath, root = installroot) + else: + self.doConfigSetup(root = installroot) + self.conf.cache = cache self.doTsSetup() self.doRpmDBSetup() self.doRepoSetup() diff --git a/tools/livecd-creator b/tools/livecd-creator index b401190..594686a 100755 --- a/tools/livecd-creator +++ b/tools/livecd-creator @@ -52,6 +52,11 @@ def parse_options(args): sysopt.add_option("", "--cache", type="string", dest="cachedir", default=None, help="Cache directory to use (default: private cache") + sysopt.add_option("--global-config", dest="global_config", + action="store_true", + help="Use global YUM configuration, /etc/yum.conf") + sysopt.add_option("--cacheonly", action="store_true", dest="cacheonly", + help="run entirely from YUM cache, don't update YUM cache") parser.add_option_group(sysopt)
imgcreate.setup_logging(parser) @@ -109,7 +114,8 @@ def main():
ks = imgcreate.read_kickstart(options.kscfg)
- creator = imgcreate.LiveImageCreator(ks, name, fs_label) + creator = imgcreate.LiveImageCreator(ks, name, fs_label, + options.global_config, options.cacheonly) creator.tmpdir = options.tmpdir creator.skip_compression = options.skip_compression creator.skip_minimize = options.skip_minimize
On Wed, 2008-10-29 at 22:49 +0100, Alan Pevec wrote:
to use default YUM config i.e. /etc/yum.conf With this option you don't have to supply repo kickstart commands.
This makes it so that your images aren't reproducible without knowing what was installed on the system which was building the images. This circumvents one of the single biggest things about livecd-tools -- reproducibility
Also add --cacheonly option to run entirely from YUM cache.
This could be okay, although what's the use case? Also, one patch per suggested change please.
Jeremy
Jeremy Katz wrote:
On Wed, 2008-10-29 at 22:49 +0100, Alan Pevec wrote:
to use default YUM config i.e. /etc/yum.conf With this option you don't have to supply repo kickstart commands.
This makes it so that your images aren't reproducible without knowing what was installed on the system which was building the images. This circumvents one of the single biggest things about livecd-tools -- reproducibility
Just knowing repo URLs doesn't help reproducibility - repo content can change. --global-config was added for experiments running livecd-creator in mock/koji/brew Mock adds repos from its config to /etc/yum.conf in the buildroot, and this, combined with exact koji repo ID, gets us real reproducibility.
Also add --cacheonly option to run entirely from YUM cache.
This could be okay, although what's the use case? Also, one patch per suggested change please.
Right, I'll do that. It should work like yum -C, the target use-case is to re-use mock yum_cache, where all packages from kickstart are pulled in by mock as BRs. See work-in-progress spec files, min-builder prepares buildroot and min is RPM wrapper for livecd ISO.
%{!?build_user: %define build_user mockbuild}
%{!?image_name: %define image_name min} Summary: Image building setup for "%{image_name}" image Name: %{image_name}-builder Version: 0.0.3 Release: 1%{?dist}%{?extra_release} License: GPLv2+ Group: Applications/System BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot URL: http://ovirt.org/ Requires: selinux-policy-targeted Requires: sudo
## %packages from %{image_name}.ks # @core # kernel # hwdata # dhclient # openssh-clients # openssh-server # /usr/sbin/lokkit
Requires: kernel Requires: hwdata Requires: dhclient Requires: openssh-clients Requires: openssh-server Requires: /usr/sbin/lokkit
# @core resolved: #Group: Core # Description: Smallest possible installation # Mandatory Packages: Requires: SysVinit Requires: authconfig Requires: basesystem Requires: bash Requires: coreutils Requires: cpio Requires: e2fsprogs Requires: ed Requires: file Requires: filesystem Requires: glibc Requires: hdparm Requires: initscripts Requires: iproute #Requires: iprutils Requires: iputils Requires: kbd Requires: kudzu Requires: libgcc Requires: libhugetlbfs Requires: libtermcap Requires: mkinitrd Requires: passwd Requires: policycoreutils Requires: prelink Requires: procps Requires: readline Requires: redhat-logos Requires: redhat-release Requires: redhat-release-notes Requires: rootfiles Requires: rpm Requires: selinux-policy-targeted Requires: setools Requires: setserial Requires: setup Requires: shadow-utils Requires: sysklogd Requires: termcap Requires: util-linux Requires: vim-minimal # Default Packages: #Requires: Deployment_Guide-en-US ## if arch ia64 ? #Requires: elilo #Requires: gnu-efi #Requires: salinfo ## if arch ppc ? #Requires: ppc64-utils #Requires: yaboot ## if arch s390 ? #Requires: s390utils Requires: grub Requires: sysfsutils Requires: udftools # Optional Packages: # ecryptfs-utils # rsyslog
#
# disable debuginfo, makes no sense for boot image and it is created empty anyway %define debug_package %{nil}
%description Prepare chroot for building the "%{image_name}" image. Adds %{build_user} to sudoers and pulls in all packages listed in image kickstart.
%prep
%build
%post echo "%{build_user} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers # mock has minimal /dev, add loop device nodes for i in $(seq 0 7); do mknod /dev/loop$i b 7 $i done
if test ! -f /selinux/enforce ; then # FROM imgcreate.creator.ImageCreator.__create_selinuxfs() # enforce=0 tells the chroot selinux is not enforcing # policyvers=999 tell the chroot to make the highest version of policy it can mkdir -p /selinux printf 0 > /selinux/enforce printf 999 > /selinux/policyvers printf 1 > /selinux/mls # make /load -> /dev/null so chroot policy loads don't hurt anything mknod --mode=0666 /selinux/load c 1 3 fi
%install %{__rm} -rf %{buildroot} mkdir %{buildroot}
%clean %{__rm} -rf %{buildroot}
%files %defattr(-,root,root,-)
%changelog * Wed Oct 29 2008 Alan Pevec apevec@redhat.com 0.0.3-0 - prepare for livecd-creator --global-config --cacheonly
* Tue Oct 07 2008 Alan Pevec apevec@redhat.com 0.0.2-0 - fake selinuxfs from imgcreate.creator.ImageCreator.__create_selinuxfs()
* Mon Oct 06 2008 Alan Pevec apevec@redhat.com 0.0.1-0 - Initial build.
Summary: Minimal LiveCD boot image RPM for Mock-ing around Name: min Version: 0.0.3 Release: 0%{?dist}%{?extra_release} Source0: %{name}.ks License: GPLv2+ Group: Applications/System BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot URL: http://ovirt.org/ BuildRequires: livecd-tools BuildRequires: min-builder # XXX missing livecd-tools deps BuildRequires: libselinux-python, rhpl # XXX missing rhpl deps BuildRequires: dbus-python
%define app_root %{_datadir}/%{name}
# disable debuginfo, makes no sense for boot image and it is created empty anyway %define debug_package %{nil}
%description The minimal ISO boot image for testing. At the moment, this RPM just packages prebuilt ISO.
%prep %setup -cT cp %{SOURCE0} .
%build ##cd %{name}-%{version} # min-builder %post adds mockbuild to sudoers # and pulls all packages from %{name}.ks into YUM cache sudo runuser - -c "cd $(pwd) && livecd-creator -c %{name}.ks -f %{name} \ --global-config --skip-minimize \ --cache=/var/cache/yum" # --cacheonly fails, missing in mock yum_cache: # REPOID/comps*xml REPOID/headers/*.hdr # but even w/o --cacheonly at least packages/*.rpm from yum_cache are used
%install %{__rm} -rf %{buildroot} mkdir %{buildroot} %{__install} -d -m0755 %{buildroot}%{app_root} %{__install} -p -m0644 %{name}.iso %{buildroot}%{app_root}
%clean %{__rm} -rf %{buildroot}
%files %defattr(-,root,root,-) %{app_root}/%{name}.iso
%changelog * Mon Oct 27 2008 Alan Pevec apevec@redhat.com 0.0.3-0 - use livecd-creator --global-config --cacheonly
* Tue Oct 07 2008 Alan Pevec apevec@redhat.com 0.0.2-0 - enable selinux in image
* Mon Oct 06 2008 Alan Pevec apevec@redhat.com 0.0.1-0 - Initial build.
lang en_US.UTF-8 keyboard us timezone UTC auth --useshadow --enablemd5 selinux --enforcing firewall --disabled part / --size 1024 bootloader --append="console=ttyS0,115200n8 console=tty0" rootpw mintest
%packages @core kernel hwdata dhclient openssh-clients openssh-server
/usr/sbin/lokkit
On Thu, 2008-10-30 at 12:35 +0100, Alan Pevec wrote:
Jeremy Katz wrote:
On Wed, 2008-10-29 at 22:49 +0100, Alan Pevec wrote:
to use default YUM config i.e. /etc/yum.conf With this option you don't have to supply repo kickstart commands.
This makes it so that your images aren't reproducible without knowing what was installed on the system which was building the images. This circumvents one of the single biggest things about livecd-tools -- reproducibility
Just knowing repo URLs doesn't help reproducibility - repo content can change. --global-config was added for experiments running livecd-creator in mock/koji/brew Mock adds repos from its config to /etc/yum.conf in the buildroot, and this, combined with exact koji repo ID, gets us real reproducibility.
It helps quite a bit because you actually know what repos are being used as opposed to random stuff littered on the filesystem. Using the system yum config for livecd-creator is a non-starter.
Also add --cacheonly option to run entirely from YUM cache.
This could be okay, although what's the use case? Also, one patch per suggested change please.
Right, I'll do that. It should work like yum -C, the target use-case is to re-use mock yum_cache, where all packages from kickstart are pulled in by mock as BRs.
Umm... this really feels like going the wrong way to try to build livecds in mock for one thing. And reusing the cache can already work, just use --cachedir. Yes, if there are more things needed they'll get grabbed. But otherwise, it's just going to be a failure mode which I have a hard time seeing as "better"
See work-in-progress spec files,
Umm, sudo for the builder in spec files? No thanks. If you're going to do that, you might as well just not use mock and build as root.
Jeremy
livecd@lists.fedoraproject.org