Kernel command line in legacy mode is constructed by grub scripts and
properly handle btrfs subvolumes. For EFI, it is built directly by
anaconda and 'rootflags=subvol=...' argument need to be added manually.
FixesQubesOS/qubes-issues#1871
Typical GRUB2 installations would execute the script
located at /usr/libexec/mactel-boot-setup which would
modify the HFS+ ESP files and bless the specified efi.
However, we are not using GRUB at this time which would
cause that script to exit earlier.
These changes will execute the relevant commands
to symlink the efi file in the /System directory as well
the cfg file. Lastly, macOS requires the bootable efi
file to be blessed.
We also attempt to place some user-friendly icons
for Qubes to show to the user.
Lastly, we add a README with some instructions on how
to get into rescue mode from macOS.
We have been doing this filtering already, but some paths have likely
changed and the filter was no longer effective.
So add two new filter strings:
"_intf.storage.ksdata"
"_intf.data"
After adding these two I was no longer able to find the plaintext password
anywhere in the traceback after manually triggering a crash with:
kill -USR1 `cat /var/run/anaconda.pid`
Resolves: rhbz#1519895
Many Intel processors (and BIOSes) have invalid IOMMU configuration for
IGFX, which cause multiple problems - from screen glitches, to system
hang.
Since IGFX currently is still in dom0 (isn't isolated from other system
components), disabling IOMMU for it doesn't lower overall security.
When GUI domain will be implemented, we need to re-enable IOMMU here and
hope hardware manufacturers will fix it in the meantime.
FixesQubesOS/qubes-issues#2836
And unconditionally allow boot encryption and the lvmlv format.
(The user still has to fight the installer to actually set it up.)
FixesQubesOS/qubes-issues#2553
If depsolve failed with some (or all) addons selected it wasn't cleared
by deselecting all of them because the package and group set were never
cleared.
Add a check to skip this if the addons have not been changed (or never
set, as is the case with kickstart).
(cherry picked from commit 2ad90e9294517770372f82a14792379a49bec6a2 from
anaconda)
FixesQubesOS/qubes-issues#2105
EFI boot uses only /boot/efi, so /boot may be even on encrypted volume,
LVM, btrfs or anything else. Instead of allowing just LVM, override the
whole check for /boot.
FixesQubesOS/qubes-issues#1721
Since we have own hook there, it properly handles Xen. This means we no
longer need post scripts in kickstart for that.
Conflicts:
anaconda/pyanaconda/packaging/__init__.py
Base installed system, including one template uses about 8GB. So make it
possible to install the system with root partition about that size. This
is probably bad idea, but the limit here is hard - it isn't possible to
force installation on smaller partition.
Since all the required files are on ESP (and are loaded by xen.efi), we
don't need /boot accessible at all from there. This will in practice
allow to not have separate /boot at all.
FixesQubesOS/qubes-issues#1721
Linux kernel have some memory overhead depending on maxmem. Dom0 isn't
meant to use that much memory (most should be assigned to AppVMs), so on
big systems this will be pure waste.
QubesOS/qubes-issues#1136FixesQubesOS/qubes-issues#1313