| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
MFC after: 3 days
Sponsored by: Amazon
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 6a13aeac3c1f98db7cf156f24a4d6bc8d3c321f6.
The "bogus dependencies being installed" issue was traced down to pkg
confusion surrounding libclang_rt.asan-i386.so linking to a 32-bit
libgcc_s.so.1, and a more minimal workaround of "install clibs-lib32"
has been applied, so this hack is no longer required.
MFC after: 3 days
Sponsored by: Amazon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FreeBSD-clang package on amd64 contains libclang_rt.asan-i386.so,
which links to the 32-bit version of libgcc_s.so.1. It is not clear
if that file belongs in FreeBSD-clang or if it should be placed into
a different package.
For unknown reasons, pkg *sometimes* recognizes this and decides that
it needs to install a package to supply libgcc_s.so.1:32.
In particular, when we initially install the VM with 'pkg install
[long list of FreeBSD-* packages]', pkg does not recognize that it
wants this; but the *next* time 'pkg install' runs, it decides that
it needs libgcc_s.so.1:32 -- even though that particular library is
not needed by the particular package we're trying to install -- and
goes looking for it... and ends up picking gcc12-devel as a provider.
Later in the EC2 image building process, we run 'pkg autoremove' (which
was added during 15.0 to get rid of the "bogus dependencies" which were
added while installing other packages) and pkg is once again confused:
It decides that gcc12-devel is an automatic port which is not required
by anything else, but upon determining that it should be removed it
then determines that FreeBSD-clang depends upon a port which is being
removed and deletes FreeBSD-clang as well.
It's not clear what is breaking in pkg, but as a temporary workaround
add the FreeBSD-clibs-lib32 package to the "small" and "builder" EC2
image flavours in order to satisfy the libgcc_s.so.1 demand.
This commit should be reverted if libclang_rt.asan-i386.so moves out
of FreeBSD-clang, (i.e. if it becomes possible to install a 32-bit-free
amd64 system) or when the pkg issue is resolved (i.e. pkg consistently
recognizes the shared library dependency and installs clibs-lib32
automatically as a FreeBSD-clang dependency).
MFC after: 3 days
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D55978
|
| |
|
|
|
|
|
|
| |
We're avoiding *unicode*, not avoiding *ascii*.
Reported by: marck
Fixes: 277830b4d3ae ("EC2: Don't use unicode in boot loader")
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
| |
The boot loader menu is disabled by default in EC2, but if it is ever
turned on, the default (unicode) output breaks EC2's web interface to
the serial console.
Set loader_menu_frame="ascii" instead.
MFC after: 3 days
Sponsored by: Amazon
|
| |
|
|
|
|
|
|
|
|
| |
This matches non-pkgbase behavior as installworld/installkernel skip the
debug bits if these knobs are set.
MFC after: 1 week
Sponsored by: Chelsio Communications
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D55572
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We always use NO_ROOT for release artifact builds, so remove the
alternate code paths.
For the first step we set NO_ROOT unconditionally in cases that invoke
submakes, and turn NO_ROOT being unset into an error in lover-level
targets so that we can catch potential out-of-tree build scripts (or
missed in-tree cases) that expect to run not-NO_ROOT builds. The second
step will be to remove those entirely.
Reviewed by: cperciva
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54179
|
| |
|
|
|
|
|
| |
PR: 292595
Reviewed by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54923
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instructions in /etc/pkg/FreeBSD.conf and elsewhere recommend putting
changes in /usr/local/etc/pkg/repos/FreeBSD.conf so bring OCI containers
into line as well.
Reviewed by: dfr, ivy
Differential Revision: https://reviews.freebsd.org/D54090
MFC after: 5 days
Sponsored by: SkunkWerks, GmbH
|
| |
|
|
|
|
|
|
| |
When building VM and Cloud images with a packaged base system, install
the pkg package; this makes it possible for the base system to be
updated without installing pkg from the FreeBSD-ports repository.
Sponsored by: Amazon
|
| |
|
|
|
|
|
|
|
|
| |
The default shell for root has been changed to sh(1) followup changing
in release images sh(1) the shell for the "freebsd" user.
MFC After: 1 week
Reviewed by: manu, emaste (re)
Approved by: manu, emaste (re)
Differential Revision: https://reviews.freebsd.org/D54602
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This is required for MSI support on GCE ARM64 instances which is
prerequisite to gve(4) not panicking at boot, and nvme(4) also has
a real sad time without interrupts. Tested on a variety of c4a VMs.
This is meant to be a temporary hack; long term fix would be to
check for the hypervisor and quirk gve(4) device with
PCI_QUIRK_ENABLE_MSI_VM.
PR: kern/292081
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removes hw.vtnet.mq_disable=1.
This workaround was originally introduced nearly a decade ago to
address stability issues on KVM that have long since been resolved
in both the FreeBSD driver and the GCE hypervisor. Removing this
allows network interrupts to scale across multiple vCPUs.
Tested on n2-highcpu-16 VM with 15.0-RELEASE and confirmed multiple
queue pairs active and interrupts handling across cores.
PR: kern/292081
MFC after: 1 day
|
| |
|
|
|
|
|
|
|
|
| |
The sed command was missing the ${DESTDIR} prefix, meaning it was
attempting to modify the build host's /etc/rc.d/growfs instead of
the target image's script. Tested in an arm64 builder that builds
as non-root.
PR: kern/292081
MFC after: 1 day
|
| |
|
|
|
|
|
|
|
| |
sendmail is already disabled by default everywhere since 14.0
MFC After: 1 week
Approved by: emaste (re)
Reviewed by: emaste (re)
Differential Revision: https://reviews.freebsd.org/D54575
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The packages for 15.0-RELEASE built without the bug fix needed to make
files created via @sample get properly listed in METALOG. Fix the
cloudware which contain @sample-using packages by adding the necessary
files to METALOG manually.
This should be reverted after the next full package build, and live on
only in releng/15.0.
Reviewed by: markj
MFC after: immediately (15.0-RC2)
Differential Revision: https://reviews.freebsd.org/D53797
|
| |
|
|
|
|
|
|
|
|
| |
We ship these in order to comply with GCE Marketplace rules about
providing source code and licenses for all the software we ship as
part of images.
Reviewed by: markj
MFC after: immediately (15.0-RC2)
Differential Revision: https://reviews.freebsd.org/D53796
|
| |
|
|
|
|
|
|
| |
These were forgotten during the METALOGization process earlier.
Reviewed by: markj
MFC after: immediately (for 15.0-RC2)
Differential Revision: https://reviews.freebsd.org/D53795
|
| |
|
|
|
|
|
| |
Paths all need to start with "./" because that's what newfs wants.
Fixes: e0c41af9256b ("vmimage.subr: Enable FreeBSD-base repo if pkgbase")
MFC after: immediately
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When installing "extra" packages (aka those built from the ports tree),
we record everything being installed in METALOG.pkg; the contents of
that file is appended to METALOG before we generate the filesystem.
There are two cases when files recorded in METALOG.pkg will no longer
exist by the time we create the final disk image:
1. If a pkg bug results in false dependencies being installed which
are later removed by "pkg autoremove", and
2. If the pkg we build and install from /usr/ports is older than the
pkg on pkg.freebsd.org, and pkg gets upgraded automatically as part of
installing extra packages.
The ultimate issue in both cases is that there's no mechanism for
removing entries from METALOG when we run 'pkg delete'.
Address this build breakage by checking, line by line, if filesystem
objects mentioned in METALOG.pkg exist before appending them to METALOG.
Fixes: 6a13aeac3c1f ("vmimage.subr: pkg autoremove after pkg install")
MFC after: immediately (needed for 15.0-RC1)
|
| |
|
|
|
|
|
|
| |
Running 'pkg autoremove' without -y results in VM image builds failing
when (bogusly installed) packages are removed.
Fixes: 6a13aeac3c1f ("vmimage.subr: pkg autoremove after pkg install")
MFC after: immediately (needed for 15.0-RC1)
|
| |
|
|
|
|
|
|
|
|
| |
When creating a VM image using pkgbase, create a configuration file in
/usr/local/etc/pkg/repos/FreeBSD.conf which enables the FreeBSD-base
repository. (This repository is defined in /etc/pkg/FreeBSD.conf as
being disabled by default.)
Reported by: Mark Millard
MFC after: immediately (needed for 15.0-RC1)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We were doing this in vm_extra_install_packages but VM images without
any extra packages installed would not get this installed. This
results in a pkgbase system which thinks it doesn't have any packages
installed (even though all the files are right there).
Add a "metalog_add_data ./var/db/pkg/local.sqlite" call to the pkgbase
install code path, and make the call from vm_extra_install_packages
conditional on !PKGBASE.
Reported by: Michael Dexter
MFC after: immediately (needed for 15.0-RC1)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Azure requires the first 1 MB (2,048 sectors) of the OS disk to remain
empty for VM images:
https://learn.microsoft.com/partner-center/marketplace-offers/azure-vm-certification-faq#vm-images-must-have-1-mb-of-free-space
Also append the BOOTPARTSOFFSET suffix for aarch64 images, which only
has an ESP partition for booting.
Co-authored-by: Brad Davis <brd@FreeBSD.org>
Approved by: cperciva
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53628
|
| |
|
|
|
|
|
|
|
|
| |
We want to fetch distfiles, regardless of whether they contain known
vulnerabilities or we're building images for a different version of
FreeBSD.
Reviewed by: ivy
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D53569
|
| |
|
|
|
|
|
|
|
|
|
| |
In order to comply with the require that GCE images must include their
source code, we fetch distfiles for all of the packages installed into
GCE images. This fails for obvious reasons for packages with an origin
of base/*; filter those out to generate the list to fetch.
Reviewed by: ivy
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D53568
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A bug in pkg, which somehow only surfaced as a consequence of pkgbase,
results in pkg install sometimes pulling in false dependencies. This
problem might be limited to cases when the lib32 pkgbase packages are
not installed. In the case of EC2 "small" images, installing the
ebsnvme-id package results in binutils, gcc12-devel, gmp, indexinfo,
liblz4, mpc, mpfr, and zstd packages being installed.
These false dependencies are however not recorded as dependencies --
at some level pkg does understand that they're not needed -- so running
pkg autoremove immediately after pkg install cleans them up.
Note: This does not remove lines from METALOG corresponding to these
packages, and makefs emits an error when it attempts to create the
filesystem but cannot find the files listed in METALOG -- but makefs
does seem to complete normally despite the error messages.
This change should be reverted once the pkg issue has been located and
fixed.
Reviewed by: ivy
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D53543
|
| |
|
|
|
|
|
| |
Reviewed by: markj
MFC after: 3 days
Fixes: f1995d6fc13f ("release: Prepare GCE cloudware images for building as non-root")
Differential Revision: https://reviews.freebsd.org/D53530
|
| |
|
|
|
|
|
|
|
| |
This defaults to plain "pkg", but being able to override it is useful
when testing pkg itself.
Reviewed by: cperciva
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D53307
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We only need to check for unMETALOGed directories and sort the METALOG
file if we're using it, i.e. if we're doing a NO_ROOT build. This
non-NO_ROOT builds by no longer bogusly writing to /METALOG*.
We only need to add databases (spwd.db etc) to METALOG if we're doing
a pkgbase-enabled NO_ROOT build; but we should always do this before
creating the filesystem, not only if we installed extra packages (in
vm_extra_install_packages, where that code was erroneously placed).
This fixes non-cloud VM images, which in 15.0-BETA2 shipped without
password databases.
Reviewed by: ivy
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D53194
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Theoretically METALOG should include everything which needs to go
into disk images; unfortunately there are still a few bugs which
are resulting in directories not being listed -- and if METALOG
has files in unrecorded directories, the directories end up being
created with 000 permissions.
Oddly enough, systems where / has 000 permissions are not very
usable.
As a temporary hack, compare the staging tree against METALOG and
add entries for any unrecorded directories. This will hopefully
be reverted before 15.0-RELEASE.
Reviewed by: bapt, emaste, ivy
Sponsored by: https://www.patreon.com/cperciva
MFC after: 5 minutes
Differential Revision: https://reviews.freebsd.org/D53153
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When creating VM images from pkgbase, the METALOG may not be in order;
in particular, files may be listed before the directories which contain
them. This causes makefs to create directories with 000 permissions.
Interestingly, such VM images boot just fine, since root ignores those
permissions; the first sign of trouble was sshd refusing logins with an
error message which said absolutely nothing about /etc/ having
incorrect permissions or being unable to read files inside it.
Immediately prior to running makefs, sort the METALOG file. While
we're here, uniquify as well; this does not guarantee that we do not
have duplicate paths, but if there are duplicate paths with different
settings something else has gone wrong and we don't really have any
good way of solving the problem anyway.
Reviewed by: ivy
Hint from: imp
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D53046
|
| |
|
|
|
|
|
|
|
| |
The file /usr/local/etc/ssl/cert.pem is not present on "small" and
"builder" AMIs, so we don't need to add it to METALOG.
Fixes: 2b0ffc0ee48c ("EC2: metalog_add missing files from packages")
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The files
/usr/local/etc/dhclient.conf
/usr/local/etc/ssl/cert.pem
are created in EC2 images by installed packages, but are not being
registered in METALOG. The reason for this is not immediately clear,
but may be related to the handling of "sample" files.
Reviewed by: dch
MFC after: 5 minutes
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D53035
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The files /etc/login.conf.db, /etc/passwd, /etc/pwd.db, /etc/spwd.db,
and /var/db/services.db are generated at install time. When VM images
are built using installworld, there is Makefile code which emits the
necessary METALOG lines; but the pkgbase triggers do not do this. This
resulted in VM images which lacked these essential database files.
VM images are currently the only place where this matters, since this
issue is specific to non-root image builds uusing pkgbase. (In some
point in the future we will start building release ISO iamges from
pkgbase, at which point it will be a problem there as well.)
The long-term solution for this is probably to teach the relevant
database-creating tools to emit METALOG lines; but for now, just log
the necessary files from vmimage.subr.
Reviewed by: dch
MFC after: 5 minutes
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D53034
|
| |
|
|
|
|
|
|
|
|
| |
use minimal-jail in no-toolchain
MFC after: 1 hour
Reviewed by: ivy
Sponsored by: SkunkWerks, GmbH
Differential Revision: https://reviews.freebsd.org/D53014
|
| |
|
|
|
|
|
|
|
|
| |
There is no FreeBSD-set-lib32 on riscv64 or powerpc64le.
Reviewed by: ivy, emaste
Fixes: 2d184465e8bb ("release: Rework VM package selection using sets")
MFC after: 6 hours
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D52987
|
| |
|
|
|
|
|
|
|
| |
This also installs the pkg key from the current source tree instead of
using the one currently installed on the host.
Reviewed by: dch
MFC after: 1 day
Differential Revision: https://reviews.freebsd.org/D52615
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Filtering the list of packages broke with the introduction of package
sets, since we excluded FreeBSD-src.* but still included
FreeBSD-set-src, which transitively included the FreeBSD-src and
FreeBSD-src-sys packages. This could be fixed by excluding package
sets, but that would be fragile, potentially breaking upgrades if
new packages are introduced.
Instead, start with an explicit set of package sets:
base, base-dbg
lib32, lib32-dbg
kernels, kernels-dbg
tests
and filter the package sets; the EC2 "small" and "builder" AMIs
filter out everything except "base" and "kernels".
Note that using FreeBSD-set-kernels may pose a problem in the future
if we start shipping packages for multiple differently-configured
kernels. That will be addressed if and when that problem arises.
Reviewed by: ivy
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D52922
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
I excluded lldb from the "small" and "builder" flavours of EC2 AMIs
because on FreeBSD 14.x the lldb binary was 100 MB, as a result of
statically linking in lots of LLVM code; but we now have libprivatellvm
as a shared library and lldb is much smaller so there's no significant
benefit to excluding it.
Reviewed by: ivy
MFC after: 3 days
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D52921
|
| |
|
|
|
|
|
|
| |
Otherwise pkg complains about unexpected ownership of the root
directory.
MFC after: 1 day
Fixes: 86221f965c06 ("vmimage.subr: Fix NO_ROOT build in ..._rmcache")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Don't clean pkg files, they won't be recorded in the manifest anyway.
- Use pw's new metalog mode to create the vagrant user. Note that we do
not need to manually create the home directory, pw will do it, so just
remove that.
- Write metalog entries for the vagrant user's ssh key dir and
authorized keys file
Note, this depends on an updated pw being installed on the host.
Reviewed by: emaste
MFC after: 1 day
Sponsored by: Klara, Inc.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52631
|
| |
|
|
|
|
|
|
| |
Reviewed by: imp
Fixes: 08b497dc6c4d ("vmimage.subr: Support NO_ROOT pkgbase")
Signed-off-by: Siva Mahadevan <me@svmhdvn.name>
Pull-request: https://github.com/freebsd/freebsd-src/pull/1867
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
| |
We need to tell pkg to record files in METALOG; otherwise when we
create the VM image it's almost empty.
MFC after: 6 hours
Sponsored by: https://www.patreon.com/cperciva
|
| |
|
|
|
|
|
|
| |
When doing a NO_ROOT build we can't run pkg inside a chroot, for
multiple reasons including not having /dev mounted.
MFC after: 6 hours
Sponsored by: https://www.patreon.com/cperciva
|
| |
|
|
|
|
|
|
| |
Pass PKG_ABI to virtual machine image builds.
Reviewed by: cperciva
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52874
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was previously deprecated and is slated for removal in 15.0.
Users who still need ftpd(8) can install the ftp/freebsd-ftpd port.
Retain the ftp(d) PAM services since other FTP daemons use them.
Update /etc/inetd.conf to point to /usr/local.
Add ftpd to ObsoleteFiles, but do not list configuration files since
users may want to preserve these to use with the freebsd-ftpd port.
There is still some language in the manual referring to ftpd(8)
which is relevant to the port, which has been retained but updated
to reference the port.
MFC after: 3 days
Relnotes: yes
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D52739
|
| |
|
|
|
|
|
|
|
|
|
| |
VM and cloud images are now built as packaged base systems by default,
matching the default for installation media.
Setting -DNOPKGBASE allows building as non-pkgbase systems.
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51483
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also indirectly addresses the lack of FreeBSD-lldb package on
the riscv64 platform by relying on that package being part of the
FreeBSD-set-devel set iff it exists.
A subsequent commit will adjust the "notoolchain" OCI container image
to also use a package set, which will indirectly affect the contents
of the "toolchain" container (which is an explicit superset of the
"notoolchain" container).
MFC after: 1 day
Co-authored-by: dch
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contains almost everything of use in a container except:
- *lib32
- *dev
- *dbg
- *src
- anything expecting hardware such as device config tools
Differential Revision: https://reviews.freebsd.org/D51471
Reviewed by: dfr, emaste
Approved by: cperciva
MFC after: 1 day
Sponsored by: SkunkWerks, GmbH
|
