Commit Graph

942 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
512af4bf76
qubes-release: switch qubes-dom0 repositories to https
This is needed for more reliable updates over tor, and also gives some
more privacy.

Fixes QubesOS/qubes-issues#3737
2018-04-22 00:30:45 +02:00
Marek Marczykowski-Górecki
0cc9f141ed
anaconda 25.20.9-12, qubes-release 4.0-1 2018-03-28 04:36:34 +02:00
Marek Marczykowski-Górecki
9d41b135ed
qubes-release: update release notes 2018-03-28 04:35:21 +02:00
Marek Marczykowski-Górecki
7c67b93468
anaconda: avoid adding duplicated kernel entries
List kernel versions without duplicates, even when there are multiple
files related to the same kernel version.
Duplicated kernel versions here caused regenerating initramfs multiple
times and duplicated entries in xen.cfg.

QubesOS/qubes-issues#3624
2018-03-28 02:46:58 +02:00
Marek Marczykowski-Górecki
f452cca502
Add ucode=scan to default Xen command line
Try to update microcode as early as possible if provided.
This option will scan all multiboot modules besides dom0 kernel. In our
case this is perfect - there is only one other module and it is
initramfs which have microcode early cpio prepended.

QubesOS/qubes-issues#3703
2018-03-21 03:29:28 +01:00
Marek Marczykowski-Górecki
f466747949
anaconda: enable discard option for dom0 filesystems by default
This may have performance impact on some older SSD, but on the other
hand, without this option it's pretty easy to fill the whole LVM thin
pool even if there is plenty free space in dom0.
Note that this doesn't enable it on LUKS layer, this is still disabled
by default.

Fixes QubesOS/qubes-issues#3226
2018-03-21 03:29:21 +01:00
Marek Marczykowski-Górecki
38fdf4bbe3
blivet 2.1.6-5, anaconda 25.20.9-11, lorax-templates-qubes 4.0.2, qubes-anaconda-addon 4.0.6 2018-03-04 02:40:17 +01:00
Marek Marczykowski-Górecki
3cc0b2fb56
qubes-anaconda-addon: require new enough qubes-mgmt-salt-dom0-virtual-machines
The one using pillar for setting combined sys-usb + sys-net.
2018-03-04 02:31:15 +01:00
Marek Marczykowski-Górecki
425a82ed2e
qubes-anaconda-addon: adjust usbvm setup to simplified states
Don't use separte state for combined sys-net+sys-usb. Instead, use
pillar to adjust sys-usb state.

QubesOS/qubes-issues#3516
2018-03-02 20:55:43 +01:00
Marek Marczykowski-Górecki
e83c0b4edc
Merge branch 'travis-full'
* travis-full:
  travis: disable unit tests during full ISO build
  travis: switch to ukfast mirror
  travis: ignore groups from online repositories
  travis: build full ISO, including templates
  Add config with templates repositories included
2018-02-27 13:35:38 +01:00
Marek Marczykowski-Górecki
fbc011f01c
anaconda: use proper subvolume argument when booting from btrfs (EFI)
Kernel command line in legacy mode is constructed by grub scripts and
properly handle btrfs subvolumes. For EFI, it is built directly by
anaconda and 'rootflags=subvol=...' argument need to be added manually.

Fixes QubesOS/qubes-issues#1871
2018-02-27 04:52:24 +01:00
Marek Marczykowski-Górecki
7dbbe7c5c4
Merge remote-tracking branch 'qubesos/pr/20'
* qubesos/pr/20:
  Fix macOS EFI Installation
2018-02-26 01:04:06 +01:00
Marek Marczykowski-Górecki
e93f5fe216
travis: disable unit tests during full ISO build
Save some time - especially those in pykickstart are time consuming. And
we need to fit in 50min available on Travis-CI - currently the build is
very close to that limit (most times on the wrong side of it).
2018-02-24 19:59:43 +01:00
Marek Marczykowski-Górecki
8c28205eba
travis: switch to ukfast mirror 2018-02-24 16:14:30 +01:00
Marek Marczykowski-Górecki
e810ec8bb0
travis: ignore groups from online repositories
Use only those from locally generated one, to guarantee usage up to date
comps.xml
2018-02-24 15:04:11 +01:00
Marek Marczykowski-Górecki
3d54b98be9
travis: build full ISO, including templates
Such ISO could be used for further tests, in contrary to the previous
one which had no templates.
2018-02-24 14:36:10 +01:00
Marek Marczykowski-Górecki
e63d2d179f
Add config with templates repositories included
This allows performing full ISO build without building any component
locally.
2018-02-24 14:34:29 +01:00
Marek Marczykowski-Górecki
735ce70dc9
Apply upstream fix for AttributeError in fsminsize
Fixes QubesOS/qubes-issues#3050
2018-02-24 12:10:23 +01:00
Marek Marczykowski-Górecki
3a93e8a2bb
lorax-templates-qubes: don't fail when no extra kernel is selected
It should be possible to build the ISO with just one kernel from
repository, instead of locally built.
2018-02-24 05:06:25 +01:00
Marek Marczykowski-Górecki
ad42bdc95b
Update kernel parameters for i915.preliminary_hw_support -> i915.alpha_support
This option has been renamed in kernel 4.10.
2018-02-24 03:58:40 +01:00
Eric Duncan
1c57cfd615
Fix macOS EFI Installation
Typical GRUB2 installations would execute the script
located at /usr/libexec/mactel-boot-setup which would
modify the HFS+ ESP files and bless the specified efi.
However, we are not using GRUB at this time which would
cause that script to exit earlier.

These changes will execute the relevant commands
to symlink the efi file in the /System directory as well
the cfg file.  Lastly, macOS requires the bootable efi
file to be blessed.

We also attempt to place some user-friendly icons
for Qubes to show to the user.

Lastly, we add a README with some instructions on how
to get into rescue mode from macOS.
2018-02-20 10:52:57 -05:00
Marek Marczykowski-Górecki
13dcbb4c15
anaconda 25.20.9-10, lorax-templates-qubes 4.0.1-1, qubes-anaconda-addon 4.0.5-1 2018-01-30 06:07:19 +01:00
Marek Marczykowski-Górecki
9b80ceeda6
lorax-templates-qubes: include additional VM kernels on the image
HVM suspend is broken in 4.14.13, on some machines. Lets ease using 4.9
for them.
2018-01-30 06:06:41 +01:00
Marek Marczykowski-Górecki
9b4568310b
qubes-anaconda-addon: fix kernel version sorting
Use proper version comparing instead of string comparing - 4.14 is newer
than 4.9...
2018-01-30 06:06:40 +01:00
Marek Marczykowski-Górecki
ae8b332ca8
lorax-templates-qubes: boot xen.efi directly, bypass grub
Grub cause problems while loading xen.efi on many machines, mostly
because xen.efi support loading dom0 kernel and initramfs only via EFI
services and xen.efi needs to be loaded through them too. But grub in
some cases uses own filesystem handling code instead, leaving xen.efi
without dom0 kernel.

This should improve when xen.efi will get multiboot2 support (Xen 4.10?)
- then grub could load dom0 kernel and initramfs too and pass them to
xen.efi.

For now, bypass grub and launch xen.efi directly. This have unfortunate
effect of not having boot menu, so choose the most universal option:
verbose, with all known workarounds for UEFI applied.

Fixes QubesOS/qubes-issues#3505
2018-01-30 06:06:40 +01:00
Marek Marczykowski-Górecki
3791fd7c5e
anaconda: fix interrupt remapping detection 2018-01-27 12:44:11 +01:00
Marek Marczykowski-Górecki
3c71ef6c1e
qubes-anaconda-addon 4.0.4, anaconda 25.20.9-9 2018-01-20 03:36:09 +01:00
Marek Marczykowski-Górecki
d2c98e2907
Revert "qubes-anaconda-addon: initialize default-fw-netvm"
This reverts commit 3001440fff.

The property is gone.
2018-01-20 03:34:49 +01:00
awokd
ad159228e9
conf, qubes-anaconda-addon: switch templates to fedora-26 and debian-9
(cherry picked from commit a1cda1d705)
2018-01-16 01:55:46 +01:00
Marek Marczykowski-Górecki
3b4a02cc26
anaconda: fix default scheme in custom partitioning
Update to LVM Thin Provisioning there too.

Fixes QubesOS/qubes-issues#3225
2018-01-15 01:20:18 +01:00
Marek Marczykowski-Górecki
a09af2b727
anaconda 25.20.9-8 2017-12-23 03:21:55 +01:00
Martin Kolman
fa4d491f88
Remove in-memory kickstart representation from traceback file (#1519895)
We have been doing this filtering already, but some paths have likely
changed and the filter was no longer effective.

So add two new filter strings:
"_intf.storage.ksdata"
"_intf.data"

After adding these two I was no longer able to find the plaintext password
anywhere in the traceback after manually triggering a crash with:

kill -USR1 `cat /var/run/anaconda.pid`

Resolves: rhbz#1519895
2017-12-23 03:21:11 +01:00
Marek Marczykowski-Górecki
7489992ddd
anaconda: check also for message about AMD interrupt remapping
Fixes QubesOS/qubes-issues#3208
2017-12-07 00:43:02 +01:00
Marek Marczykowski-Górecki
ca85026ffd
anaconda: update message about unusupported hardware
Advise to not continue.

Fixes QubesOS/qubes-issues#3208
2017-12-03 02:23:05 +01:00
Marek Marczykowski-Górecki
7272063fa4
lorax-templates-qubes 4.0.0-1 2017-11-21 13:49:26 +01:00
Marek Marczykowski-Górecki
9da8bf76e6
lorax-templates-qubes: do not remove libgstallocators needed by yelp 2017-11-21 13:08:17 +01:00
Marek Marczykowski-Górecki
d323fdb456
qubes-release 4.0-0.4 2017-11-21 05:15:48 +01:00
Marek Marczykowski-Górecki
95ad8d4029
qubes-release: add R4 unstable key 2017-11-03 22:08:57 +01:00
Marek Marczykowski-Górecki
20fafe74f8
comps: include libvirt-client by default
It greatly ease debugging.
2017-10-30 13:56:23 +01:00
Marek Marczykowski-Górecki
774bd5169f
qubes-anaconda-addon 4.0.3 2017-10-21 01:54:12 +02:00
Marek Marczykowski-Górecki
3001440fff
qubes-anaconda-addon: initialize default-fw-netvm
It should be set to default netvm for proxy VMs: sys-net.

Reported by @adrelanos
Fixes QubesOS/qubes-issues#3190
2017-10-20 02:57:54 +02:00
Marek Marczykowski-Górecki
e725ddfe41
comps: drop non-existing qubes-core-dom0-doc package
It was merged into qubes-core-dom0
2017-10-20 02:55:40 +02:00
Marek Marczykowski-Górecki
e9a09bd61f
anaconda 25.20.9-7, qubes-anaconda-addon 4.0.2, qubes-release 4.0-0.3 2017-10-09 00:04:51 +02:00
Marek Marczykowski-Górecki
a97c7a8422
qubes-release: update release notes 2017-10-08 20:49:29 +02:00
Marek Marczykowski-Górecki
4173bbbfb5
qubes-release: remove old Fedora keys 2017-10-08 20:45:49 +02:00
Marek Marczykowski-Górecki
c9c3d3896b
qubes-anaconda-addon: adjust option for routing updates through tor
Previously the option was described "Route applications traffic and
updates through Tor anonymity network". This isn't fully accurate
description, and also we decided it's better to provide an option for
routing just updates, not everything.
Also, remove 'experimental' tag.

Fixes QubesOS/qubes-issues#2604
2017-10-07 03:57:54 +02:00
Marek Marczykowski-Górecki
c834daa176
anaconda: make sure the latest version is placed as xen.efi
os.listdir returns files in filesystem order, not sorted.

QubesOS/qubes-issues#2990
2017-09-21 22:10:04 +02:00
Freddie Rice
e3a4a46958
xen.efi upgraded during each install 2017-09-20 12:59:09 -04:00
Marek Marczykowski-Górecki
1c18b82b5e
pykickstart 2.32-4, lorax-templates-qubes 3.2.4-1, qubes-release 4.0-0.2 2017-09-15 05:35:53 +02:00
Marek Marczykowski-Górecki
011fdd74b3
qubes-release: Add Qubes 4.0 community templates signing key 2017-09-14 11:44:32 +02:00