Defaults set during package installation do not apply, as booloader
configuration doesn't exist at that stage yet.
Reported by @rustybird
QubesOS/qubes-issues#4252
'qubes' group is used internally, but useradd want to create a new group
named as new user, so 'qubes' user name should also be avoided.
FixesQubesOS/qubes-issues#3777
Xorg loads keyboard layout for new devices (or existing one re-detected)
only from its config, ignoring runtime changes done in the meantime
(setxkbmap etc). Since installation process calls udevadm trigger
somewhere, all input devices are re-discovered and reverted to default
keyboard layout (us). Avoid this by configuring current keyboard layout
also as udev rules, which are loaded by Xorg while discovering device.
FixesQubesOS/qubes-issues#3352
List kernel versions without duplicates, even when there are multiple
files related to the same kernel version.
Duplicated kernel versions here caused regenerating initramfs multiple
times and duplicated entries in xen.cfg.
QubesOS/qubes-issues#3624
Try to update microcode as early as possible if provided.
This option will scan all multiboot modules besides dom0 kernel. In our
case this is perfect - there is only one other module and it is
initramfs which have microcode early cpio prepended.
QubesOS/qubes-issues#3703
This may have performance impact on some older SSD, but on the other
hand, without this option it's pretty easy to fill the whole LVM thin
pool even if there is plenty free space in dom0.
Note that this doesn't enable it on LUKS layer, this is still disabled
by default.
FixesQubesOS/qubes-issues#3226
Kernel command line in legacy mode is constructed by grub scripts and
properly handle btrfs subvolumes. For EFI, it is built directly by
anaconda and 'rootflags=subvol=...' argument need to be added manually.
FixesQubesOS/qubes-issues#1871
Typical GRUB2 installations would execute the script
located at /usr/libexec/mactel-boot-setup which would
modify the HFS+ ESP files and bless the specified efi.
However, we are not using GRUB at this time which would
cause that script to exit earlier.
These changes will execute the relevant commands
to symlink the efi file in the /System directory as well
the cfg file. Lastly, macOS requires the bootable efi
file to be blessed.
We also attempt to place some user-friendly icons
for Qubes to show to the user.
Lastly, we add a README with some instructions on how
to get into rescue mode from macOS.
We have been doing this filtering already, but some paths have likely
changed and the filter was no longer effective.
So add two new filter strings:
"_intf.storage.ksdata"
"_intf.data"
After adding these two I was no longer able to find the plaintext password
anywhere in the traceback after manually triggering a crash with:
kill -USR1 `cat /var/run/anaconda.pid`
Resolves: rhbz#1519895
Many Intel processors (and BIOSes) have invalid IOMMU configuration for
IGFX, which cause multiple problems - from screen glitches, to system
hang.
Since IGFX currently is still in dom0 (isn't isolated from other system
components), disabling IOMMU for it doesn't lower overall security.
When GUI domain will be implemented, we need to re-enable IOMMU here and
hope hardware manufacturers will fix it in the meantime.
FixesQubesOS/qubes-issues#2836
And unconditionally allow boot encryption and the lvmlv format.
(The user still has to fight the installer to actually set it up.)
FixesQubesOS/qubes-issues#2553
If depsolve failed with some (or all) addons selected it wasn't cleared
by deselecting all of them because the package and group set were never
cleared.
Add a check to skip this if the addons have not been changed (or never
set, as is the case with kickstart).
(cherry picked from commit 2ad90e9294517770372f82a14792379a49bec6a2 from
anaconda)
FixesQubesOS/qubes-issues#2105
EFI boot uses only /boot/efi, so /boot may be even on encrypted volume,
LVM, btrfs or anything else. Instead of allowing just LVM, override the
whole check for /boot.
FixesQubesOS/qubes-issues#1721
Since we have own hook there, it properly handles Xen. This means we no
longer need post scripts in kickstart for that.
Conflicts:
anaconda/pyanaconda/packaging/__init__.py
Base installed system, including one template uses about 8GB. So make it
possible to install the system with root partition about that size. This
is probably bad idea, but the limit here is hard - it isn't possible to
force installation on smaller partition.
