This is needed for more reliable updates over tor, and also gives some
more privacy.
FixesQubesOS/qubes-issues#3737
(cherry picked from commit 512af4bf76)
List kernel versions without duplicates, even when there are multiple
files related to the same kernel version.
Duplicated kernel versions here caused regenerating initramfs multiple
times and duplicated entries in xen.cfg.
QubesOS/qubes-issues#3624
(cherry picked from commit 7c67b93468)
Try to update microcode as early as possible if provided.
This option will scan all multiboot modules besides dom0 kernel. In our
case this is perfect - there is only one other module and it is
initramfs which have microcode early cpio prepended.
QubesOS/qubes-issues#3703
(cherry picked from commit f452cca502)
Kernel command line in legacy mode is constructed by grub scripts and
properly handle btrfs subvolumes. For EFI, it is built directly by
anaconda and 'rootflags=subvol=...' argument need to be added manually.
FixesQubesOS/qubes-issues#1871
(cherry picked from commit fbc011f01c)
Save some time - especially those in pykickstart are time consuming. And
we need to fit in 50min available on Travis-CI - currently the build is
very close to that limit (most times on the wrong side of it).
(cherry picked from commit e93f5fe216)
Typical GRUB2 installations would execute the script
located at /usr/libexec/mactel-boot-setup which would
modify the HFS+ ESP files and bless the specified efi.
However, we are not using GRUB at this time which would
cause that script to exit earlier.
These changes will execute the relevant commands
to symlink the efi file in the /System directory as well
the cfg file. Lastly, macOS requires the bootable efi
file to be blessed.
We also attempt to place some user-friendly icons
for Qubes to show to the user.
Lastly, we add a README with some instructions on how
to get into rescue mode from macOS.
(cherry picked from commit 1c57cfd615)
setDefaultPartitioning is called when executing kickstart "autopart"
command - which is the case if one choose to not change disk
partitioning. But in manual partitioning there is also an option to
start with automatic layout and in that case setDefaultPartitioning
isn't called at all. Which results in failed partitioning (missing '/'
and bootable partition).
Similar thing is already fixed in master commit
378cfc44dd.
QubesOS/qubes-issues#2294FixesQubesOS/qubes-issues#3334
We have been doing this filtering already, but some paths have likely
changed and the filter was no longer effective.
So add two new filter strings:
"_intf.storage.ksdata"
"_intf.data"
After adding these two I was no longer able to find the plaintext password
anywhere in the traceback after manually triggering a crash with:
kill -USR1 `cat /var/run/anaconda.pid`
Resolves: rhbz#1519895
(cherry picked from commit fa4d491f88)
Do not fallback to text mode, which cannot property install the system
without kickstart file (missing LUKS passphrase prompt).
FixesQubesOS/qubes-issues#2996
(cherry picked from commit 2d3405de9a)
And unconditionally allow boot encryption and the lvmlv format.
(The user still has to fight the installer to actually set it up.)
FixesQubesOS/qubes-issues#2553
(cherry picked from commit 62cb1ca1e6)
When building not for ISO_LIVEUSB, the sources are not downloaded.
Liveusb build is broken anyway, but the upstream mirror is gone.
(cherry picked from commit 7b424ec65f)
Salt minion cache can be incomplete after initial installation. As it was
reported in #2213, just `qubesctl saltutil.sync_all` isn't enough to
refresh it in some cases - it may still lack of some files
(ext_module_qvm.py in this case). So, clear the cache completely before
initial configuration.
FixesQubesOS/qubes-issues#2213
If depsolve failed with some (or all) addons selected it wasn't cleared
by deselecting all of them because the package and group set were never
cleared.
Add a check to skip this if the addons have not been changed (or never
set, as is the case with kickstart).
(cherry picked from commit 2ad90e9294517770372f82a14792379a49bec6a2 from
anaconda)
FixesQubesOS/qubes-issues#2105
Currently kernel-qubes-vm is pulled in by template rpms. Since dnf
automatically remove "unneeded" packages, it would also remove
kernel-qubes-vm with the last template rpm (which isn't necessary last
template in general). To prevent this, install kernel-qubes-vm
regardless of templates.
FixesQubesOS/qubes-issues#2107
