Makefile | 2 config/livecd-fedora-minimal.ks | 10 --- imgcreate/creator.py | 15 +---- imgcreate/fs.py | 2 imgcreate/kickstart.py | 118 +++++++++++++++++++++++----------------- imgcreate/yuminst.py | 1 tools/livecd-creator | 11 +++ 7 files changed, 88 insertions(+), 71 deletions(-)

New commits: commit bf6f92d47a8dab0487b29f7a87afd0f6b5437704 Merge: 36b6165 d13d6b3 Author: Brian C. Lane bcl@redhat.com Date: Wed Jan 23 15:05:05 2013 -0800

Merge branch 'f18-branch' into master-test

commit d13d6b3e7b44e95a9e9e3ec7168ead427383e994 Author: Brian C. Lane bcl@redhat.com Date: Wed Jan 23 15:01:12 2013 -0800

Simplify kickstart example (#903378)

This example isn't meant to be a complete running system, see the spin-kickstarts packages for that.

diff --git a/config/livecd-fedora-minimal.ks b/config/livecd-fedora-minimal.ks index 147f4ea..91abe9e 100644 --- a/config/livecd-fedora-minimal.ks +++ b/config/livecd-fedora-minimal.ks @@ -10,14 +10,6 @@ repo --name=development --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist

%packages -@core -anaconda-runtime -bash -kernel -passwd -policycoreutils -chkconfig -authconfig -rootfiles +@standard

%end

commit 7d0753cecdaa9ca3e55325eac3a2b825944377ca Author: Brian C. Lane bcl@redhat.com Date: Wed Jan 16 12:18:34 2013 -0800

default to symlink for /etc/localtime (#885246)

If it doesn't exist use a symlink.

diff --git a/imgcreate/kickstart.py b/imgcreate/kickstart.py index 809b694..fe0c711 100644 --- a/imgcreate/kickstart.py +++ b/imgcreate/kickstart.py @@ -150,17 +150,20 @@ class TimezoneConfig(KickstartConfig): utc = str(kstimezone.isUtc)

# /etc/localtime is a symlink with glibc > 2.15-41 - if os.path.islink(self.path("/etc/localtime")): - os.unlink(self.path("/etc/localtime")) - os.symlink("/usr/share/zoneinfo/%s" %(tz,), - self.path("/etc/localtime")) - else: + # but if it exists as a file keep it as a file and fall back + # to a symlink. + localtime = self.path("/etc/localtime") + if os.path.isfile(localtime) and \ + not os.path.islink(localtime): try: shutil.copy2(self.path("/usr/share/zoneinfo/%s" %(tz,)), - self.path("/etc/localtime")) + localtime) except (OSError, shutil.Error) as e: logging.error("Error copying timezone: %s" %(e.strerror,)) - + else: + if os.path.exists(localtime): + os.unlink(localtime) + os.symlink("/usr/share/zoneinfo/%s" %(tz,), localtime)

class AuthConfig(KickstartConfig): """A class to apply a kickstart authconfig configuration to a system."""

commit ba5710bf1cba4c60ae938eefff1f3d84aef05713 Author: Brian C. Lane bcl@redhat.com Date: Fri Dec 14 16:33:01 2012 -0800

Version 18.14

diff --git a/Makefile b/Makefile index 394a8fc..ab3768b 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@

-VERSION = 18.13 +VERSION = 18.14

INSTALL = /usr/bin/install -c INSTALL_PROGRAM = ${INSTALL}

commit 7adb3b214f5a01e6c7ad8233eda09a90b1304227 Author: Brian C. Lane bcl@redhat.com Date: Fri Dec 14 12:01:00 2012 -0800

add --verifyudev to dmsetup (#885385)

diff --git a/imgcreate/fs.py b/imgcreate/fs.py index d4558d3..bd327c1 100644 --- a/imgcreate/fs.py +++ b/imgcreate/fs.py @@ -559,7 +559,7 @@ class DeviceMapperSnapshot(object): self.imgloop.device, self.cowloop.device)

- args = ["/sbin/dmsetup", "create", self.__name, + args = ["/sbin/dmsetup", "create", self.__name, "-vv", "--verifyudev", "--uuid", "LIVECD-%s" % self.__name, "--table", table] if call(args) != 0: self.cowloop.cleanup()

commit 4d61763eaad82409b400b9b8aac2b9e896e82ca4 Author: Brian C. Lane bcl@redhat.com Date: Tue Dec 4 15:07:17 2012 -0800

Version 18.13

diff --git a/Makefile b/Makefile index bb1f5c6..394a8fc 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@

-VERSION = 18.12 +VERSION = 18.13

INSTALL = /usr/bin/install -c INSTALL_PROGRAM = ${INSTALL}

commit 93cfdfd84be5170532ca2cc103b1ea76c86aba62 Author: Brian C. Lane bcl@redhat.com Date: Tue Dec 4 15:03:08 2012 -0800

silence the selinux umount error

diff --git a/imgcreate/creator.py b/imgcreate/creator.py index 0e5ed6b..64cd188 100644 --- a/imgcreate/creator.py +++ b/imgcreate/creator.py @@ -474,8 +474,10 @@ class ImageCreator(object): return

# if the system was running selinux clean up our lies - arglist = ["/bin/umount", self._instroot + self.__selinux_mountpoint + "/load"] - subprocess.call(arglist, close_fds = True) + path = self._instroot + self.__selinux_mountpoint + "/load" + if os.path.exists(path): + arglist = ["/bin/umount", path] + subprocess.call(arglist, close_fds = True)

def mount(self, base_on = None, cachedir = None): """Setup the target filesystem in preparation for an install.

commit 6c8585f724ee1fa624ff3fd1e51791303a400934 Author: Brian C. Lane bcl@redhat.com Date: Tue Dec 4 13:33:50 2012 -0800

use systemd instead of inittab for startx

diff --git a/imgcreate/kickstart.py b/imgcreate/kickstart.py index e3d4697..809b694 100644 --- a/imgcreate/kickstart.py +++ b/imgcreate/kickstart.py @@ -236,19 +236,23 @@ class ServicesConfig(KickstartConfig):

class XConfig(KickstartConfig): """A class to apply a kickstart X configuration to a system.""" + RUNLEVELS = {3: 'multi-user.target', 5: 'graphical.target'} + def apply(self, ksxconfig): - if ksxconfig.startX: - f = open(self.path("/etc/inittab"), "rw+") - buf = f.read() - buf = buf.replace("id:3:initdefault", "id:5:initdefault") - f.seek(0) - f.write(buf) - f.close() if ksxconfig.defaultdesktop: f = open(self.path("/etc/sysconfig/desktop"), "w") f.write("DESKTOP="+ksxconfig.defaultdesktop+"\n") f.close()

+ if ksxconfig.startX: + if not os.path.isdir(self.path('/etc/systemd/system')): + logging.warning("there is no /etc/systemd/system directory, cannot update default.target!") + return + default_target = self.path('/etc/systemd/system/default.target') + if os.path.islink(default_target): + os.unlink(default_target) + os.symlink(self.path('/lib/systemd/system/graphical.target'), default_target) + class RPMMacroConfig(KickstartConfig): """A class to apply the specified rpm macros to the filesystem""" def apply(self, ks):

commit efc4fa2e962ac20c0a19ae5aa09e8e8c4ef1f791 Author: Brian C. Lane bcl@redhat.com Date: Tue Dec 4 12:34:58 2012 -0800

set selinux permissive mode when building

diff --git a/tools/livecd-creator b/tools/livecd-creator index 44d07a1..a39e43f 100755 --- a/tools/livecd-creator +++ b/tools/livecd-creator @@ -23,6 +23,7 @@ import sys import time import optparse import logging +import selinux

import imgcreate from imgcreate.fs import makedirs @@ -143,6 +144,12 @@ def main(): print >> sys.stderr, "You must run %s as root" % sys.argv[0] return 1

+ # Set selinux to Permissive if it is enforcing + selinux_enforcing = False + if selinux.is_selinux_enabled() and selinux.security_getenforce(): + selinux_enforcing = True + selinux.security_setenforce(0) + if options.fslabel: fslabel = options.fslabel name = fslabel @@ -196,6 +203,8 @@ def main(): else: # Cannot happen, we validate this when parsing options. logging.error(u"'%s' is not a valid image type" % options.image_type) + if selinux_enforcing: + selinux.security_setenforce(1) return 1

creator.compress_type = options.compress_type @@ -219,6 +228,8 @@ def main(): return 1 finally: creator.cleanup() + if selinux_enforcing: + selinux.security_setenforce(1)

return 0

commit 925d47614b1b49360dfc1be0af0c7ed5330d9d12 Author: Brian C. Lane bcl@redhat.com Date: Tue Dec 4 10:53:28 2012 -0800

fix kickstart logging entry

diff --git a/imgcreate/kickstart.py b/imgcreate/kickstart.py index 7ee4102..e3d4697 100644 --- a/imgcreate/kickstart.py +++ b/imgcreate/kickstart.py @@ -159,7 +159,7 @@ class TimezoneConfig(KickstartConfig): shutil.copy2(self.path("/usr/share/zoneinfo/%s" %(tz,)), self.path("/etc/localtime")) except (OSError, shutil.Error) as e: - log.error("Error copying timezone: %s" %(e.strerror,)) + logging.error("Error copying timezone: %s" %(e.strerror,))

class AuthConfig(KickstartConfig):

commit 2f58f519a2693d4eecac9adb968061c503c18ab1 Author: Brian C. Lane bcl@redhat.com Date: Tue Dec 4 10:52:19 2012 -0800

write hostname to /etc/hostname (#870805)

diff --git a/imgcreate/kickstart.py b/imgcreate/kickstart.py index 7adb37a..7ee4102 100644 --- a/imgcreate/kickstart.py +++ b/imgcreate/kickstart.py @@ -328,11 +328,6 @@ class NetworkConfig(KickstartConfig): else: f.write("NETWORKING_IPV6=no\n")

- if hostname: - f.write("HOSTNAME=%s\n" % hostname) - else: - f.write("HOSTNAME=localhost.localdomain\n") - if gateway: f.write("GATEWAY=%s\n" % gateway)

@@ -354,6 +349,16 @@ class NetworkConfig(KickstartConfig): f.write("::1\t\tlocalhost6.localdomain6 localhost6\n") f.close()

+ def write_hostname(self, hostname): + if not hostname: + return + + path = self.path("/etc/hostname") + f = file(path, "w+") + os.chmod(path, 0644) + f.write("%s\n" % (hostname,)) + f.close() + def write_resolv(self, nodns, nameservers): if nodns or not nameservers: return @@ -407,6 +412,7 @@ class NetworkConfig(KickstartConfig):

self.write_sysconfig(useipv6, hostname, gateway) self.write_hosts(hostname) + self.write_hostname(hostname) self.write_resolv(nodns, nameservers)

class SelinuxConfig(KickstartConfig):

commit 84b14777b7d9025a802e03008fcec670d4164f1f Author: Brian C. Lane bcl@redhat.com Date: Tue Oct 9 13:19:05 2012 -0700

add nocontexts for selinux (#858373)

We relabel everything after the install, so tell rpm not to use selinux.

diff --git a/imgcreate/yuminst.py b/imgcreate/yuminst.py index 97e5ecf..f753e8f 100644 --- a/imgcreate/yuminst.py +++ b/imgcreate/yuminst.py @@ -79,6 +79,7 @@ class LiveCDYum(yum.YumBase): conf += "reposdir=\n" conf += "failovermethod=priority\n" conf += "keepcache=1\n" + conf += "tsflags=nocontexts\n"

f = file(confpath, "w+") f.write(conf)

commit d72c04d6c3228de5e83eef94d8fca68398f0dab5 Author: Brian C. Lane bcl@redhat.com Date: Tue Oct 30 16:39:46 2012 -0700

remove lokkit usage

Write to /etc/selinux/config instead of using lokkit. Setup firewall with firewalld's firewall-offline-cmd

diff --git a/imgcreate/creator.py b/imgcreate/creator.py index 891d6ef..0e5ed6b 100644 --- a/imgcreate/creator.py +++ b/imgcreate/creator.py @@ -607,13 +607,6 @@ class ImageCreator(object): self._get_excluded_packages()): ayum.deselectPackage(pkg)

- # if the system is running selinux and the kickstart wants it disabled - # we need /usr/sbin/lokkit - def __can_handle_selinux(self, ayum): - file = "/usr/sbin/lokkit" - if not kickstart.selinux_enabled(self.ks) and selinux.is_selinux_enabled() and not ayum.installHasFile(file): - raise CreatorError("Unable to disable SELinux because the installed package set did not include the file %s" % (file)) - def install(self, repo_urls = {}): """Install packages into the install root.

@@ -657,8 +650,6 @@ class ImageCreator(object): self.__select_groups(ayum) self.__deselect_packages(ayum)

- self.__can_handle_selinux(ayum) - ayum.runInstall() except yum.Errors.RepoError, e: raise CreatorError("Unable to download from repo : %s" % (e,)) diff --git a/imgcreate/kickstart.py b/imgcreate/kickstart.py index 1d8f5cf..7adb37a 100644 --- a/imgcreate/kickstart.py +++ b/imgcreate/kickstart.py @@ -175,23 +175,25 @@ class AuthConfig(KickstartConfig): class FirewallConfig(KickstartConfig): """A class to apply a kickstart firewall configuration to a system.""" def apply(self, ksfirewall): - if not os.path.exists(self.path("/usr/sbin/lokkit")): - return - args = ["/usr/sbin/lokkit", "-f", "--quiet", "--nostart"] - if ksfirewall.enabled: - args.append("--enabled") - - for port in ksfirewall.ports: - args.append("--port=%s" %(port,)) - for svc in ksfirewall.services: - args.append("--service=%s" %(svc,)) - for dev in ksfirewall.trusts: - args.append("--trust=%s" %(dev,)) + args = ["/usr/bin/firewall-offline-cmd"] + # enabled is None if neither --enable or --disable is passed + # default to enabled if nothing has been set. + if ksfirewall.enabled == False: + args += ["--disabled"] else: - args.append("--disabled") + args += ["--enabled"] + + for dev in ksfirewall.trusts: + args += [ "--trust=%s" % (dev,) ] + + for port in ksfirewall.ports: + args += [ "--port=%s" % (port,) ] + + for service in ksfirewall.services: + args += [ "--service=%s" % (service,) ]

self.call(args) - + class RootPasswordConfig(KickstartConfig): """A class to apply a kickstart root password configuration to a system.""" def unset(self): @@ -426,17 +428,27 @@ class SelinuxConfig(KickstartConfig): self.call(["/sbin/setfiles", "-p", "-e", "/proc", "-e", "/sys", "-e", "/dev", selinux.selinux_file_context_path(), "/"])

def apply(self, ksselinux): - if os.path.exists(self.path("/usr/sbin/lokkit")): - args = ["/usr/sbin/lokkit", "--quiet", "--nostart"] + selinux_config = "/etc/selinux/config" + if not os.path.exists(self.instroot+selinux_config): + return

- if ksselinux.selinux == ksconstants.SELINUX_ENFORCING: - args.append("--selinux=enforcing") - if ksselinux.selinux == ksconstants.SELINUX_PERMISSIVE: - args.append("--selinux=permissive") - if ksselinux.selinux == ksconstants.SELINUX_DISABLED: - args.append("--selinux=disabled") + if ksselinux.selinux == ksconstants.SELINUX_ENFORCING: + cmd = "SELINUX=enforcing\n" + elif ksselinux.selinux == ksconstants.SELINUX_PERMISSIVE: + cmd = "SELINUX=permissive\n" + elif ksselinux.selinux == ksconstants.SELINUX_DISABLED: + cmd = "SELINUX=disabled\n" + else: + return

- self.call(args) + # Replace the SELINUX line in the config + lines = open(self.instroot+selinux_config).readlines() + with open(self.instroot+selinux_config, "w") as f: + for line in lines: + if line.startswith("SELINUX="): + f.write(cmd) + else: + f.write(line)

self.relabel(ksselinux)

commit 9260623205f51ab5d27a39734b55a20c80025b57 Author: Brian C. Lane bcl@redhat.com Date: Mon Oct 29 17:32:01 2012 -0700

use locale.conf not sysconfig/i18n (#870805)

diff --git a/imgcreate/kickstart.py b/imgcreate/kickstart.py index c82dde3..1d8f5cf 100644 --- a/imgcreate/kickstart.py +++ b/imgcreate/kickstart.py @@ -131,7 +131,7 @@ class LanguageConfig(KickstartConfig): def apply(self, kslang): lang = kslang.lang or "en_US.UTF-8"

- f = open(self.path("/etc/sysconfig/i18n"), "w+") + f = open(self.path("/etc/locale.conf"), "w+") f.write("LANG="" + lang + ""\n") f.close()

commit fa6a0a2ab7f7bc2c5a16622ac33ae446bf2b3d52 Author: Brian C. Lane bcl@redhat.com Date: Mon Oct 29 17:26:40 2012 -0700

don't write clock (#870805)

diff --git a/imgcreate/kickstart.py b/imgcreate/kickstart.py index b66367c..c82dde3 100644 --- a/imgcreate/kickstart.py +++ b/imgcreate/kickstart.py @@ -149,11 +149,6 @@ class TimezoneConfig(KickstartConfig): tz = kstimezone.timezone or "America/New_York" utc = str(kstimezone.isUtc)

- f = open(self.path("/etc/sysconfig/clock"), "w+") - f.write("ZONE="" + tz + ""\n") - f.write("UTC=" + utc + "\n") - f.close() - # /etc/localtime is a symlink with glibc > 2.15-41 if os.path.islink(self.path("/etc/localtime")): os.unlink(self.path("/etc/localtime"))

commit 31bc3dff2ad2644e4cb24030b02fdf8e03841efc Author: Brian C. Lane bcl@redhat.com Date: Thu Oct 18 14:10:55 2012 -0700

add remainder of virtio modules to initrd (#864012)

diff --git a/imgcreate/live.py b/imgcreate/live.py index 189b869..47b9dcd 100755 --- a/imgcreate/live.py +++ b/imgcreate/live.py @@ -82,7 +82,8 @@ class LiveImageCreatorBase(LoopImageCreator):

self.__modules = ["=ata", "sym53c8xx", "aic7xxx", "=usb", "=firewire", "=mmc", "=pcmcia", "mptsas", "udf", "virtio_blk", - "virtio_pci"] + "virtio_pci", "virtio_scsi", "virtio_net", "virtio_mmio", + "virtio_balloon", "virtio-rng"] self.__modules.extend(kickstart.get_modules(self.ks))

self._isofstype = "iso9660"

commit 2c50a2f1d852688d8c769d4880143d48b024e33b Author: Brian C. Lane bcl@redhat.com Date: Tue Oct 2 11:25:20 2012 -0700

Version 18.12

diff --git a/Makefile b/Makefile index 04acde9..bb1f5c6 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@

-VERSION = 18.11 +VERSION = 18.12

INSTALL = /usr/bin/install -c INSTALL_PROGRAM = ${INSTALL}

commit 77e8d47a39370de9c8149a51b687c65d283687ba Author: Brian C. Lane bcl@redhat.com Date: Tue Oct 2 10:29:19 2012 -0700

Remove grub 0.97 splash

diff --git a/imgcreate/live.py b/imgcreate/live.py index c5f757c..189b869 100755 --- a/imgcreate/live.py +++ b/imgcreate/live.py @@ -717,14 +717,12 @@ menu end shim.efi gcdx64.efi fonts/unicode.pf2 - grub/splash.xpm.gz """ fail = False missing = [] files = [("/boot/efi/EFI/*/shim.efi", "/EFI/BOOT/BOOT%s.efi" % (self.efiarch,)), ("/boot/efi/EFI/*/gcdx64.efi", "/EFI/BOOT/grubx64.efi"), ("/boot/efi/EFI/*/fonts/unicode.pf2", "/EFI/BOOT/fonts/"), - ("/boot/grub/splash.xpm.gz", "/EFI/BOOT"), ] makedirs(isodir+"/EFI/BOOT/fonts/") for src, dest in files:

commit 864071c175b0f36af71d17414be34f8c16e0b608 Author: Brian C. Lane bcl@redhat.com Date: Thu Sep 13 14:02:26 2012 -0700

Version 18.11

diff --git a/Makefile b/Makefile index c3f33a3..04acde9 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@

-VERSION = 18.10 +VERSION = 18.11

INSTALL = /usr/bin/install -c INSTALL_PROGRAM = ${INSTALL}

commit 5de9176a1bf9ae7e21c0f7e6293e3b3293d98fff Author: Brian C. Lane bcl@redhat.com Date: Thu Sep 13 07:32:22 2012 -0700

not copying UEFI files shouldn't be fatal (#856893)

This reverts the change that made copying EFI files fatal and instead logs a warning that UEFI won't be supported on the image. (cherry picked from commit 80b3559390d84cb43b68d280b6dbf617b684f64a)

diff --git a/imgcreate/live.py b/imgcreate/live.py index 528d885..c5f757c 100755 --- a/imgcreate/live.py +++ b/imgcreate/live.py @@ -804,7 +804,8 @@ search --no-floppy --set=root -l '%(isolabel)s' """Set up the configuration for an EFI bootloader""" if self.__copy_efi_files(isodir): shutil.rmtree(isodir + "/EFI") - raise CreatorError("Failed to copy EFI files") + logging.warn("Failed to copy EFI files, no EFI Support will be included.") + return

cfg = self.__get_basic_efi_config(isolabel = self.fslabel, timeout = self._timeout)

commit 7f920f2bd695bc30729c1b9fc9ac0c60a5a49281 Author: Brian C. Lane bcl@redhat.com Date: Thu Sep 13 07:25:17 2012 -0700

don't require shim and grub2-efi (#856893)

32 bit builds don't support UEFI so let comps or the kickstart handle including shim and grub2-efi instead of making them hard-coded. (cherry picked from commit 61e85caa54f32bd695f70e29068ae26b99451471)

diff --git a/imgcreate/live.py b/imgcreate/live.py index 73e3466..528d885 100755 --- a/imgcreate/live.py +++ b/imgcreate/live.py @@ -400,7 +400,7 @@ class x86LiveImageCreator(LiveImageCreatorBase): return options

def _get_required_packages(self): - return ["syslinux", "grub2-efi", "shim"] \ + return ["syslinux"] \ + LiveImageCreatorBase._get_required_packages(self)

def _get_isolinux_stanzas(self, isodir):

commit e5635e13282d3a930df158869cfbdd3e2095c098 Author: Brian C. Lane bcl@redhat.com Date: Thu Sep 6 16:38:20 2012 -0700

Version 18.10

diff --git a/Makefile b/Makefile index c319f77..c3f33a3 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@

-VERSION = 18.9 +VERSION = 18.10

INSTALL = /usr/bin/install -c INSTALL_PROGRAM = ${INSTALL}

commit acd44429ed4911721e6029e6fd646c1ef395fb91 Author: Brian C. Lane bcl@redhat.com Date: Thu Sep 6 15:27:31 2012 -0700

use cp -r instead of -a

diff --git a/tools/livecd-iso-to-disk.sh b/tools/livecd-iso-to-disk.sh index c681e37..1a87869 100755 --- a/tools/livecd-iso-to-disk.sh +++ b/tools/livecd-iso-to-disk.sh @@ -1089,7 +1089,7 @@ BOOTCONFIG=$TGTMNT/$SYSLINUXPATH/isolinux.cfg BOOTCONFIG_EFI= if [ -n "$efi" ]; then echo "Setting up $EFI_BOOT" - cp -a $SRCMNT$EFI_BOOT/* $TGTMNT$EFI_BOOT + cp -r $SRCMNT$EFI_BOOT/* $TGTMNT$EFI_BOOT

# The GRUB EFI config file can be one of: # boot?*.conf

commit bfaa85aa63e580540ac1bc84b25ea3e826f9776c Author: Brian C. Lane bcl@redhat.com Date: Thu Sep 6 12:24:57 2012 -0700

Version 18.9

diff --git a/Makefile b/Makefile index 16b370b..c319f77 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@

-VERSION = 18.8 +VERSION = 18.9

INSTALL = /usr/bin/install -c INSTALL_PROGRAM = ${INSTALL}