grml-live.git
4 days agoGRMLBASE/98-clean-chroot: avoid warning messages with resolvconf <1.80 master
Michael Prokop [Fri, 29 May 2020 12:57:56 +0000 (14:57 +0200)]
GRMLBASE/98-clean-chroot: avoid warning messages with resolvconf <1.80

In commit acf12d4123bd68f we got rid of /etc/resolvconf/run, and while
resolvconf >=1.80 no longer uses /etc/resolvconf/run, older
versions of resolvconf still use it in their libc update hook script. :-/

So while it really works e.g. on Debian/buster (as documented in
commit acf12d4123bd68f) with resolvconf v1.79, there's an ugly:

| /etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /etc/resolvconf/run/resolv.conf" for resolvconf versions

message when invoking "dhclient". Try to avoid this.

Related to https://github.com/grml/grml/issues/142

5 days agoSW: add wireguard to GRML_FULL
Michael Prokop [Thu, 28 May 2020 15:50:50 +0000 (17:50 +0200)]
SW: add wireguard to GRML_FULL

Since we no longer ship ipsec-tools + racoon, it might be nice to include wireguard instead.

Current state in Debian:

wireguard  | 1.0.20200513-1~bpo10+1 | buster-backports       | source, all
wireguard  | 1.0.20200513-1~bpo10+1 | buster-backports-debug | source
wireguard  | 1.0.20200513-1         | testing                | source, all
wireguard  | 1.0.20200513-1         | unstable               | source, all
wireguard  | 1.0.20200513-1         | unstable-debug         | source

5 days agoRelease new version 0.35.2 v0.35.2
Michael Prokop [Thu, 28 May 2020 15:34:49 +0000 (17:34 +0200)]
Release new version 0.35.2

5 days agoetc/network/interfaces/GRMLBASE: support /etc/network/interfaces.d/* in /e/n/i
Michael Prokop [Thu, 28 May 2020 12:30:00 +0000 (14:30 +0200)]
etc/network/interfaces/GRMLBASE: support /etc/network/interfaces.d/* in /e/n/i

For example cloud-init writes its network configuration file to
/etc/network/interfaces.d/50-cloud-init, so the file needs
to be sourced.

Related to https://github.com/grml/grml/issues/124

7 days agoSW: add avahi-utils to GRML_FULL
Michael Prokop [Tue, 26 May 2020 15:27:10 +0000 (17:27 +0200)]
SW: add avahi-utils to GRML_FULL

Useful to have e.g. avahi-browse available, adds only a few
KB of additional disk space on grml-full, while on grml-small
it would pull in 8,500 kB of additional disk space.

13 days agoRelease new version 0.35.1 v0.35.1
Michael Prokop [Wed, 20 May 2020 15:14:57 +0000 (17:14 +0200)]
Release new version 0.35.1

13 days agoDEBORPHAN/10-whitelist: rework fix for broken keep file handling of deborphan
Michael Prokop [Wed, 20 May 2020 14:10:29 +0000 (16:10 +0200)]
DEBORPHAN/10-whitelist: rework fix for broken keep file handling of deborphan

An empty file doesn't help either, so we need at least a file
with a newline. Given that we're already touching the file
based on its hard-coded filename, let's just append the package
in question and avoid invoking deborphan at all. Especially
as deborphan returns with failure when a package is already
listed:

| deborphan: dnsutils: duplicate entry.

We need to handle this anyway, if grml-live is re-executed on
an existing system (which isn't unusual).

13 days agoDEBORPHAN/10-whitelist: provide workaround for Debian bug #929273
Michael Prokop [Wed, 20 May 2020 13:25:25 +0000 (15:25 +0200)]
DEBORPHAN/10-whitelist: provide workaround for Debian bug #929273

If deborphan's keep file doesn't exist yet, it fails with:

| fseek on /var/lib/deborphan/keep: Invalid argument

While at it, no longer ignore failing deborphan execution
but error out on failure.

13 days agoDEBORPHAN/10-whitelist: highlight when dnsutils gets added to whitelist
Michael Prokop [Wed, 20 May 2020 12:59:32 +0000 (14:59 +0200)]
DEBORPHAN/10-whitelist: highlight when dnsutils gets added to whitelist

Otherwise it's hard to see whether anything was executed at all

13 days agoSW: add fdisk to GRMLBASE
Michael Prokop [Wed, 20 May 2020 12:55:20 +0000 (14:55 +0200)]
SW: add fdisk to GRMLBASE

See Debian #960815 + #947134, it's no longer "Important: yes" and
util-linux >=2.35.1-2 no longer depends on it. To ensure we have
it on all Grml(-based) ISOs, let's add it to GRMLBASE.

13 days agodocs: update ISO sizes and disk requirements, we no longer provide support for file-rc
Michael Prokop [Wed, 20 May 2020 12:40:52 +0000 (14:40 +0200)]
docs: update ISO sizes and disk requirements, we no longer provide support for file-rc

file-rc support is still present, but we won't provide any support
for it and it will be dropped rather soonish, so announce it
accordingly.

13 days agoMove scripts/GRMLBASE/40-deborphan towards DEBORPHAN class as file 10-whitelist
Michael Prokop [Wed, 20 May 2020 12:29:31 +0000 (14:29 +0200)]
Move scripts/GRMLBASE/40-deborphan towards DEBORPHAN class as file 10-whitelist

If the DEBORPHAN class is used before the GRMLBASE class when invoking
grml-live, then any whitelisting executed via
scripts/GRMLBASE/40-deborphan will happen too late, which is not obvious
and surprising. Instead let's move scripts/GRMLBASE/40-deborphan towards
the DEBORPHAN class and name it as "10-whitelist".

13 days agodeborphan: drop deprecated packages
Michael Prokop [Wed, 20 May 2020 11:45:47 +0000 (13:45 +0200)]
deborphan: drop deprecated packages

We don't ship shadowfs + bsdtar since ~2011, libewf1 and
libstdc++2.10-glibc2.2 no longer exist in any supported release,
so let's do some housekeeping.

13 days agodeborphan: add workaround for transitional package dnsutils
Michael Prokop [Wed, 20 May 2020 10:13:09 +0000 (12:13 +0200)]
deborphan: add workaround for transitional package dnsutils

dnsutils became a transitional package with version 1:9.16.2-3 (as
present in current testing (bullseye) and unstable):

| % rmadison dnsutils
| dnsutils   | 1:9.9.5.dfsg-9+deb8u15       | oldoldstable      | amd64, armel, armhf, i386
| dnsutils   | 1:9.10.3.dfsg.P4-12.3+deb9u5 | oldstable         | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
| dnsutils   | 1:9.10.3.dfsg.P4-12.3+deb9u6 | oldstable-new     | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
| dnsutils   | 1:9.11.5.P4+dfsg-5~bpo9+1    | stretch-backports | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
| dnsutils   | 1:9.11.5.P4+dfsg-5.1         | stable            | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
| dnsutils   | 1:9.11.5.P4+dfsg-5.1+deb10u1 | stable-new        | amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
| dnsutils   | 1:9.16.2-3                   | testing           | all
| dnsutils   | 1:9.16.2-3                   | unstable          | all

It depends on bind9-dnsutils, which is available only in current testing
(bullseye) and unstable:

| % rmadison bind9-dnsutils
| bind9-dnsutils | 1:9.16.2-3    | testing    | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
| bind9-dnsutils | 1:9.16.2-3    | unstable   | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x

If we switch our GRML_FULL package list from dnsutils to
bind9-dnsutils, then we would only support testing (bullseye) and
unstable but not any older release. To avoid this, mark dnsutils
as "keep" in deborphan, so it does not end up in the not_installable
list (and mark failing tests in Jenkins/CI).

3 weeks agoRelease new version 0.35.0 v0.35.0
Michael Prokop [Tue, 12 May 2020 14:37:03 +0000 (16:37 +0200)]
Release new version 0.35.0

3 weeks agoExecute 'wrap-and-sort -a -t -s' on debian/
Michael Prokop [Tue, 12 May 2020 14:30:16 +0000 (16:30 +0200)]
Execute 'wrap-and-sort -a -t -s' on debian/

This is much better for (code) reviews

3 weeks agoBump Debian compat version to 12, using debhelper-compat approach
Michael Prokop [Tue, 12 May 2020 14:30:02 +0000 (16:30 +0200)]
Bump Debian compat version to 12, using debhelper-compat approach

3 weeks agoBump Standards-Version to 4.5.0
Michael Prokop [Tue, 12 May 2020 14:29:46 +0000 (16:29 +0200)]
Bump Standards-Version to 4.5.0

3 weeks agoInitial cloud-init support
Michael Prokop [Fri, 3 Apr 2020 14:06:40 +0000 (16:06 +0200)]
Initial cloud-init support

2 months agosudoers: set Defaults secure_path to have sane default settings
Michael Prokop [Thu, 2 Apr 2020 09:56:18 +0000 (11:56 +0200)]
sudoers: set Defaults secure_path to have sane default settings

If the user (non-root) doesn't have /sbin:/usr/sbin inside $PATH (as
present when invoking `mksh -l`, which causes /etc/profile to be
sourced and setting $PATH), then executing sudo might fail with:

| $ sudo apt-get install rdesktop
| [...]
| dpkg: warning: 'ldconfig' not found in PATH or not executable
| dpkg: warning: 'start-stop-daemon' not found in PATH or not executable
| dpkg: error: 2 expected programs not found in PATH or not executable
| Note: root's PATH should usually contain /usr/local/sbin, /usr/sbin and /sbin

Ensure to have a working $PATH setting when invoking sudo
by explicitly setting secure_path.

Closes: https://github.com/grml/grml/issues/144

2 months agoSW: add cloud-init to GRML_FULL
Michael Prokop [Wed, 1 Apr 2020 14:49:51 +0000 (16:49 +0200)]
SW: add cloud-init to GRML_FULL

cloud-init is useful in cloud environments, also Proxmox provides support
for it.

This adds 11.5 MB of additional disk space. We consider adding it to
GRML_SMALL as well (adding 14MB there). But for the time being verify its
usefulness before adding it to grml-small as well.

Thanks Joel Wirāmu Pauling for suggesting this.

See https://github.com/grml/grml/issues/124

2 months agoSW: drop hfsprogs from GRML_FULL
Michael Prokop [Wed, 1 Apr 2020 15:59:54 +0000 (17:59 +0200)]
SW: drop hfsprogs from GRML_FULL

Was removed from Debian/testing due to DFSG incompatible license, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666707

2 months agoGRMLBASE/80-initramfs: no longer set CRYPTSETUP=y
Michael Prokop [Wed, 1 Apr 2020 14:44:22 +0000 (16:44 +0200)]
GRMLBASE/80-initramfs: no longer set CRYPTSETUP=y

Quoting from cryptsetup's Debian packaging git:

| commit 06f8c00c908ffd1fa95c4afc78e9cac462d01d91
| Author: Guilhem Moulin <guilhem@debian.org>
| Date:   Sat Jul 20 19:18:21 2019 -0300
|
|     initramfs: Remove compatibility warnings regarding CRYPTSETUP=[y|n].
|
|     The warning was added in 2:2.0.3-1 for the ‘cryptsetup’ package split
|     into ‘cryptsetup-run’ and ‘cryptsetup-initramfs’.  With the recent
|     Buster release we can now move on: cryptsetup is always copied to the
|     initramfs when the ‘cryptsetup-initramfs’ package is installed.

Given that we have the cryptsetup-initramfs package in GRMLBASE,
we no longer need to use this.

Closes: https://github.com/grml/grml/issues/82

2 months agoinitramfs xz-compress: use default xz compression level
Michael Prokop [Wed, 1 Apr 2020 14:29:59 +0000 (16:29 +0200)]
initramfs xz-compress: use default xz compression level

Quoting from the bug report:

| How many threads are used also depends on the compression level. At -6,
| I've seen it use 3-4 threads, which speeds up initramfs compression a lot.
| With -8, it always only uses one thread (although maybe it also depends on
| the amount of data being compressed; I don't know).

The default compression preset level is -6, so there's no need to specify
it.

This also matches the behavior of initramfs-tools >=0.119:

| commit cf9691da3847a6bfadb4a5c9e0f6213bd7d10fdc
| Author: Ben Hutchings <ben@decadent.org.uk>
| Date:   Thu Oct 16 15:34:54 2014 +0200
|
|     mkinitramfs: Use default xz compression level rather than -8
|
|     xz -8 wants 370 MB VM for compression, but Debian tries to support
|     systems with less physical memory than that.
|
|     The benchmark results given in commit bedf1e3c0882 ('Use -8 for
|     compression with xz.') show only a 1% increase in size when changing
|     to -6, but VM usage will be reduced by 75%.
|
|     Closes: #697335
|     Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
|
| diff --git mkinitramfs mkinitramfs
| index 07190ed..25932c1 100755
| --- mkinitramfs
| +++ mkinitramfs
| @@ -146,7 +146,7 @@ if dpkg --compare-versions "${version}" lt "2.6.38" 2>/dev/null; then
|  fi
|
|  [ "${compress}" = lzop ] && compress="lzop -9"
| -[ "${compress}" = xz ] && compress="xz -8 --check=crc32"
| +[ "${compress}" = xz ] && compress="xz --check=crc32"
|
|  if [ -d "${outfile}" ]; then
|         echo "${outfile} is a directory" >&2

Let's keep the xz wrapper though, to force its usage independent of the
initramfs-tools version being used and have it available, if we decide to
add further custom options in the future.

Thanks: Dr. András Korn
Closes: https://github.com/grml/grml-live/issues/48

2 months agoscripts/GRMLBASE/50-lvm: unconditionally clear 69-lvm-metad.rules file
Michael Prokop [Wed, 1 Apr 2020 14:24:30 +0000 (16:24 +0200)]
scripts/GRMLBASE/50-lvm: unconditionally clear 69-lvm-metad.rules file

If /lib/udev/rules.d/69-lvm-metad.rules was removed by a prior run of the unpatched script,
the patched script will fail to create the placeholder file.

Thanks: Dr. András Korn
Closes: https://github.com/grml/grml-live/issues/47

4 months agoDEBIAN_STABLE: use buster-backports instead of stretch-backports
Michael Prokop [Tue, 28 Jan 2020 12:38:01 +0000 (13:38 +0100)]
DEBIAN_STABLE: use buster-backports instead of stretch-backports

Debian/buster is the current stable release, there's no point in
enabling stretch-backports there.

FTR: we could set it to 'stable-backports' instead, though then
apt/apt-get/... will complain about it:

| W: Conflicting distribution: http://ftp.debian.org/debian stable-backports InRelease (expected stable-backports but got buster-backports)

4 months agoGRMLBASE/98-clean-chroot: fix resolvconf symlink handling + get rid of resolvconf...
Michael Prokop [Tue, 28 Jan 2020 10:21:44 +0000 (11:21 +0100)]
GRMLBASE/98-clean-chroot: fix resolvconf symlink handling + get rid of resolvconf workarounds

resolvconf no longer supports usage of /etc/resolvconf/run as such,
instead things are supposed to live in /run nowadays.  Quoting from
resolvconf's debian/changelog:

| resolvconf (1.80) unstable; urgency=medium
|
| [...]
|
|   [ Steve Langasek ]
|   * Eliminate all references to /etc/resolvconf/run.  This should all be done
|     directly in /run, there is no reason to support making any of this
|     configurable with a symlink since we already have a versioned dependency
|     on the version of initscripts that introduces the /run transition.

So /etc/resolv.conf being a symlink pointing to
/etc/resolvconf/run/resolv.conf no longer works, instead it needs to
point to /run/resolvconf/resolv.conf.

Given that our resolvconf code dates back to 2007 (see commit 1d1565d0e49),
while at it get rid of the workarounds, which don't seem to be needed
anymore.

Tested this change with builds against Debian/stretch (resolvconf 1.79),
Debian/buster (resolvconf 1.79) and Debian/bullseye (resolvconf 1.82).

Closes: https://github.com/grml/grml/issues/142

4 months agoSW: add radvd
Michael Prokop [Tue, 28 Jan 2020 09:55:35 +0000 (10:55 +0100)]
SW: add radvd

Closes: https://github.com/grml/grml-live/issues/83

5 months agoGRMLBASE/98-clean-chroot: get rid of /wget-log* files
Michael Prokop [Tue, 10 Dec 2019 15:05:58 +0000 (16:05 +0100)]
GRMLBASE/98-clean-chroot: get rid of /wget-log* files

The update-pciids run under timeout(1) within
/etc/grml/fai/config/scripts/GRMLBASE/91-update-pciids
might fail and leave /wget-log* files behind, like:

| root@gf-internal ~ # cat /srv/grml-live/grml64-forensic_2020.01-1/grml_chroot/wget-log
| http://pciids.sourceforge.net/v2.2/pci.ids.bz2:
| 2019-12-10 15:02:31 ERROR 503: Service Temporarily Unavailable.
| root@gf-internal ~ # cat /srv/grml-live/grml64-forensic_2020.01-1/grml_chroot/wget-log.1
| http://pciids.sourceforge.net/v2.2/pci.ids.bz2:
| 2019-12-10 15:07:44 ERROR 503: Service Temporarily Unavailable.

This does *not* happen when being manually invoked,
so it seems to be something related to the environment
of FAI. Couldn't spot the underlying issue yet though
and we clearly don't want to ship any such files
inside the root directory of the rootfs.

5 months agoRelease new version 0.34.4 v0.34.4
Michael Prokop [Tue, 3 Dec 2019 15:35:30 +0000 (16:35 +0100)]
Release new version 0.34.4

6 months agoMerge remote-tracking branch 'origin/github/pr/80'
Michael Prokop [Mon, 25 Nov 2019 07:07:00 +0000 (08:07 +0100)]
Merge remote-tracking branch 'origin/github/pr/80'

6 months agoSW: cryptsetup-initramfs (fix persistence-encryption)
Felix Neumärker [Fri, 22 Nov 2019 17:07:53 +0000 (18:07 +0100)]
SW: cryptsetup-initramfs (fix persistence-encryption)

6 months agoSW: add ncdu to GRML_SMALL
Michael Prokop [Sat, 23 Nov 2019 11:18:45 +0000 (12:18 +0100)]
SW: add ncdu to GRML_SMALL

Related to commit 45480fb1c3e60118a13992d4dff50629644b545c

6 months agoSW: add tree to GRML_SMALL
Michael Prokop [Sat, 23 Nov 2019 11:17:57 +0000 (12:17 +0100)]
SW: add tree to GRML_SMALL

Related to commit 4622dafaf1d50eda4f3b9382b4d9b3fe4b7e363d

6 months agoMerge remote-tracking branch 'origin/github/pr/81'
Michael Prokop [Sat, 23 Nov 2019 11:16:53 +0000 (12:16 +0100)]
Merge remote-tracking branch 'origin/github/pr/81'

6 months agoSW: add ncdu to GRML_FULL
Felix Neumärker [Fri, 22 Nov 2019 17:34:00 +0000 (18:34 +0100)]
SW: add ncdu to GRML_FULL

Useful helper for identifying and removing large files. Packages size is ~80K.

6 months agoSW: add tree to GRML_FULL
Felix Neumärker [Fri, 22 Nov 2019 17:29:05 +0000 (18:29 +0100)]
SW: add tree to GRML_FULL

Useful helper for file exploring. Package size is ~88K.

6 months agoSW: add zstd to GRML_FULL
Michael Prokop [Wed, 20 Nov 2019 10:22:06 +0000 (11:22 +0100)]
SW: add zstd to GRML_FULL

6 months agoSW: replace fuse with fuse3
Michael Prokop [Tue, 19 Nov 2019 14:55:05 +0000 (15:55 +0100)]
SW: replace fuse with fuse3

sshfs depends on fuse3 and can be installed just fine with it:

| # apt install sshfs fuse3
| [...]
| The following NEW packages will be installed:
|   fuse3 krb5-locales libedit2 libfuse3-3 libglib2.0-0 libglib2.0-data libgssapi-krb5-2 libicu63 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libssl1.1 libx11-6 libx11-data libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxmuu1
|   openssh-client shared-mime-info sshfs xauth xdg-user-dirs
| 0 upgraded, 26 newly installed, 0 to remove and 27 not upgraded.
| Need to get 17.1 MB of archives.
| After this operation, 67.6 MB of additional disk space will be used.
| [..]

While when depending on fuse installation of sshfs fails due to:

| # apt install sshfs fuse
| [...]
| The following packages have unmet dependencies:
|  sshfs : Depends: fuse3 but it is not going to be installed
| E: Unable to correct problems, you have held broken packages.
| # apt install sshfs fuse fuse3
| [...]
| The following packages have unmet dependencies:
|  fuse3 : Breaks: fuse
| E: Unable to correct problems, you have held broken packages.

This is known as
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943896 +
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943875
and is also mentioned/related to
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927291 +
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939767

If we should ever explicitely need the fuse (v2) package we
can re-evaluate the situation then, but for the time being
switch to fuse3 since it's available as of Debian/buster
and breaking our grml{32,64}-full daily builds.

7 months agoSW: add iperf3 to GRML_SMALL and GRML_FULL
Michael Prokop [Thu, 31 Oct 2019 15:21:05 +0000 (16:21 +0100)]
SW: add iperf3 to GRML_SMALL and GRML_FULL

It requires only 330 kB of disk space and it's certainly
a useful addition.

Thanks: Marc Haber for the suggestion
Closes: https://github.com/grml/grml/issues/131

7 months agoSW: use Debian kernel packages instead of our custom Grml ones
Michael Prokop [Thu, 31 Oct 2019 15:17:48 +0000 (16:17 +0100)]
SW: use Debian kernel packages instead of our custom Grml ones

Maintaining and keeping our linux-image-i386-grml +
linux-image-amd64-grml packages requires manpower we currently
don't really have. Instead let's see whether switching to the
kernel packages provided by Debian fits our needs. (This might
not be the case if we need different configuration options,
defaults, extra patches or the release cycle doesn't fit for
us, but it's worth a try, so let's find out.)

See https://github.com/grml/grml/issues/139

7 months agoSW: add borgbackup to GRML_FULL
Michael Prokop [Thu, 31 Oct 2019 15:05:43 +0000 (16:05 +0100)]
SW: add borgbackup to GRML_FULL

Closes: https://github.com/grml/grml/issues/99

7 months agoSW: add qemu-guest-agent to GRML_SMALL
Michael Prokop [Thu, 31 Oct 2019 15:01:54 +0000 (16:01 +0100)]
SW: add qemu-guest-agent to GRML_SMALL

Related to commit 14fe0c777, qemu-guest-agent is nice to gather
network information when running e.g. as VM inside a Proxmox environment.
It's pulling in 4,675 kB on grml64-small Debian/testing as of today,
which is acceptable, given that we want to provide qemu-guest-agent
integration as release goal for our upcoming Grml release.

7 months agoSW: add kpartx to GRML_SMALL + GRML_FULL
Michael Prokop [Wed, 23 Oct 2019 09:01:40 +0000 (11:01 +0200)]
SW: add kpartx to GRML_SMALL + GRML_FULL

It requires less than 100 kB of additional disk space, and while
we have kpartx on grml-full thanks to a dependency by multipath-tools,
we didn't have it on grml-small yet. Add explicit depends to both
Grml flavours.

Closes: https://github.com/grml/grml-live/issues/75

7 months agoRelease new version 0.34.3 v0.34.3
Michael Prokop [Tue, 22 Oct 2019 13:53:32 +0000 (15:53 +0200)]
Release new version 0.34.3

7 months agoSW: replace vim-gtk with vim-gtk3
Michael Prokop [Tue, 22 Oct 2019 11:48:59 +0000 (13:48 +0200)]
SW: replace vim-gtk with vim-gtk3

vim-gtk is a transitional/dummy package as of bullseye (current
Debian/testing), while vim-gtk3 is available since at least
stretch (current Debian/oldstable).

7 months agoGRMLBASE/90-update-alternatives: support vim >=2:8.1.2136-1
Michael Prokop [Tue, 22 Oct 2019 09:02:19 +0000 (11:02 +0200)]
GRMLBASE/90-update-alternatives: support vim >=2:8.1.2136-1

vim 2:8.1.2136-1 moved /usr/bin/vim.* into /usr/libexec/vim/,
so we need to check for its base path.

Also vim-gtk became a transitional package for vim-gtk3 and
the binary is called vim.gtk3, add according additional check.

Fixes:

| Setting vim.gtk as editor using update-alternatives.
| update-alternatives: error: alternative /usr/bin/vim.gtk for editor not registered; not setting
| GRMLBASE/90-update-alternatives FAILED with exit code 2.

8 months agoRelease new version 0.34.2 v0.34.2
Michael Prokop [Thu, 26 Sep 2019 14:07:51 +0000 (16:07 +0200)]
Release new version 0.34.2

8 months agoRebuild /var/lib/dpkg/available to install not-yet-installed packages in update runs
Michael Prokop [Tue, 10 Sep 2019 09:05:05 +0000 (11:05 +0200)]
Rebuild /var/lib/dpkg/available to install not-yet-installed packages in update runs

When executing grml-live in update mode (grml-live [...] -u) using an
existing grml_chroot, then script GRMLBASE/98-clean-chroot has emptied
/var/lib/dpkg/available in a previous run already.

Executing `apt-get update` does NOT re-generate the file. This leads to
FAI's install_packages with its mkpackagelist() and clean_pkg_list()
failing to install requested packages, but reporting all packages with:

| WARNING: These unknown packages are removed from the installation list: [...]

This is unexpected, as an update run shouldn't just update existing
packages, but also try to install any additionally requested packages
from the software selection (as a package might not have been installed
due to missing dependencies, that have been taken care of in the
meanwhile).

So if we'd detect an existing /var/lib/dpkg/available that is empty,
then we would have to rebuild it using /usr/lib/dpkg/methods/apt/update.
Since /usr/lib/dpkg/methods/apt/update essentially also executes
'apt-get update' underneath, there's no need to run 'apt-get update'
only with empty /var/lib/dpkg/available, instead let's always rely on
/usr/lib/dpkg/methods/apt/update.

8 months agoSW: drop racoon from GRML_FULL
Michael Prokop [Tue, 3 Sep 2019 12:03:53 +0000 (14:03 +0200)]
SW: drop racoon from GRML_FULL

Quoting from https://packages.qa.debian.org/i/ipsec-tools/news/20190727T182520Z.html:

| ROM; dead upstream, alternatives available

Also see Debian bug #932144

9 months agoREADME: set TEMPLATE_DIRECTORY instead of using -t cmdline option
Michael Prokop [Wed, 21 Aug 2019 13:25:50 +0000 (15:25 +0200)]
README: set TEMPLATE_DIRECTORY instead of using -t cmdline option

Use same approach in docs and README, to make
it more consistent.

Prompted by Jay Lawrence (@jayjlawrence),
see commit 09137840c2 and
https://github.com/grml/grml-live/pull/76

9 months agoMerge remote-tracking branch 'origin/github/pr/76'
Michael Prokop [Wed, 21 Aug 2019 13:25:04 +0000 (15:25 +0200)]
Merge remote-tracking branch 'origin/github/pr/76'

10 months agoSW: add efibootmgr to GRMLBASE
Michael Prokop [Fri, 26 Jul 2019 11:02:32 +0000 (13:02 +0200)]
SW: add efibootmgr to GRMLBASE

The grub-efi-amd64-bin package in Debian/stretch used to have efibootmgr in
its Depends:

| Package: grub-efi-amd64-bin
| Source: grub2
| Version: 2.02~beta3-5+deb9u1
| [...]
| Depends: grub-common (= 2.02~beta3-5+deb9u1), efibootmgr

... while the grub-efi-amd64-bin package in Debian buster and newer has
efibootmgr in its Recommends:

| Package: grub-efi-amd64-bin
| Source: grub2
| Version: 2.02+dfsg1-20
| [...]
| Depends: grub-common (= 2.02+dfsg1-20)
| Recommends: grub-efi-amd64-signed, efibootmgr

Therefore we're no longer pulling in efibootmgr via grub-efi-amd64-bin, while
it's certainly important to have it available, so add it to GRMLBASE.

Development sponsored by Sipwise GmbH, recorded as
TT#63652 in customers' ticket system.

10 months agoRelease new version 0.34.1 v0.34.1
Michael Prokop [Thu, 11 Jul 2019 15:33:01 +0000 (17:33 +0200)]
Release new version 0.34.1

10 months agoSources list setup for security: switch from testing/updates to testing-security
Michael Prokop [Thu, 11 Jul 2019 15:00:11 +0000 (17:00 +0200)]
Sources list setup for security: switch from testing/updates to testing-security

Supposed to fix:

| E: Failed to fetch http://security.debian.org/dists/testing/updates/main/source/Sources  404  Not Found [IP: 2a04:4e42:9::204 80]

Nowadays only http://security-cdn.debian.org/dists/testing-security/ exists.
Quoting from https://lists.debian.org/debian-security/2019/06/msg00015.html:

| I would like to switch to *-security instead of */updates starting with
| bullseye.  There will likely be some complications, but they should be
| solvable by the time we will publish packages in bullseye-security.

10 months agoSW: drop lilo from GRML_SMALL and GRML_FULL
Michael Prokop [Thu, 11 Jul 2019 14:58:10 +0000 (16:58 +0200)]
SW: drop lilo from GRML_SMALL and GRML_FULL

I don't think that's relevant for anyone nowadays, otherwise
let's find out :)

12 months agoProvide workaround for FAI bug, leaving /run/udev behind (see #928981)
Michael Prokop [Tue, 14 May 2019 14:46:30 +0000 (16:46 +0200)]
Provide workaround for FAI bug, leaving /run/udev behind (see #928981)

Closes: https://github.com/grml/grml-live/issues/77

12 months agoNeed to set templates directory as well when running from git
Jay Lawrence [Wed, 8 May 2019 12:08:29 +0000 (08:08 -0400)]
Need to set templates directory as well when running from git

14 months agoRelease new version 0.34.0 v0.34.0
Michael Prokop [Thu, 21 Mar 2019 11:28:29 +0000 (12:28 +0100)]
Release new version 0.34.0

14 months agoBump Standards-Version to 4.3.0
Michael Prokop [Thu, 21 Mar 2019 11:27:53 +0000 (12:27 +0100)]
Bump Standards-Version to 4.3.0

14 months agoSwitch default mount point from /lib/live/mount/medium to /run/live/medium
Michael Prokop [Thu, 21 Mar 2019 09:08:25 +0000 (10:08 +0100)]
Switch default mount point from /lib/live/mount/medium to /run/live/medium

In commit 0d878d3a679 of live-boot(-grml)
("Simplify mount point handling by using /run/live instead of /lib/live/mount")
the mountpath of /lib/live/mount/medium was moved towards /run/live/medium.

Commit c6a17c7b41b of live-boot(-grml) provides a backward compatibility
rbind mount, but occasionally there seems to be a regression somewhere
during boot (see https://github.com/grml/live-boot-grml/issues/10), and
the rbind mount will be deprecated and removed before the bullseye
(Debian 11) release.

Layout changes over time:

* /cdrom for old linuxrc approach
* /live/image for initramfs layout until December 2012
* /lib/live/mount/medium for initramfs layout since December 2012
* /run/live/medium for initramfs layout since December 2018

Drop support for everything but /run/live/medium and
/lib/live/mount/medium, while at it.

15 months agoSW: add qemu-system-gui to GRML_FULL
Michael Prokop [Thu, 28 Feb 2019 15:26:42 +0000 (16:26 +0100)]
SW: add qemu-system-gui to GRML_FULL

Having the gtk interface available is certainly useful, and
requires only ~2MB of additional disk space.

Thanks: Iru Cai for the suggestion
Closes: grml/grml-live#71

15 months agoSW: add dnsutils to GRML_FULL
Michael Prokop [Fri, 8 Feb 2019 15:48:02 +0000 (16:48 +0100)]
SW: add dnsutils to GRML_FULL

It adds only ~1MB of additional disk space to GRML_FULL, since we have
all the relevant dependencies (except for libirs161) onboard already.

We ship ldnsutils (note the leading *l* in the package name) on
GRML_SMALL, since there we don't have libbind* & CO.

17 months agoRelease new version 0.33.6 v0.33.6
Michael Prokop [Sun, 30 Dec 2018 09:18:53 +0000 (10:18 +0100)]
Release new version 0.33.6

17 months agoSW: add aptitude to GRML_FULL
Michael Prokop [Sun, 30 Dec 2018 09:16:31 +0000 (10:16 +0100)]
SW: add aptitude to GRML_FULL

It's relevant for
/etc/grml/fai/config/scripts/GRMLBASE/95-package-information to identify
all packages from section non-free and creating the nonfree-licenses.txt
report.

Closes: grml/grml#112

17 months agoRelease new version 0.33.5 v0.33.5
Michael Prokop [Sat, 29 Dec 2018 16:17:08 +0000 (17:17 +0100)]
Release new version 0.33.5

17 months agogrml-cheatcodes + isolinux splashes: drop xkeyboard + lang=*-iso boot options
Michael Prokop [Sat, 29 Dec 2018 16:13:55 +0000 (17:13 +0100)]
grml-cheatcodes + isolinux splashes: drop xkeyboard + lang=*-iso boot options

The xkeyboard boot option is no longer supported as such (see
relevant changes in grml-live commit 3a054970e and grml-autoconfig
commit fc67c1849a4), so longer announce it.

The lang=*-iso is supposed to disappear and no longer supported as
such, so don't announce it either.

17 months agoRelease new version 0.33.4 v0.33.4
Michael Prokop [Sat, 29 Dec 2018 15:22:33 +0000 (16:22 +0100)]
Release new version 0.33.4

17 months agoSet up Unicode/UTF8 and console fonts via console-setup
Michael Prokop [Sat, 29 Dec 2018 14:17:25 +0000 (15:17 +0100)]
Set up Unicode/UTF8 and console fonts via console-setup

Our old approach with running loadkeys, setting console font and
invoking unicode_start via grml-autoconfig is incomplete for nowadays'
environments.

We tried to fix that by changing the order in which we set up the fonts,
runnning loadkeys and finally invoking unicode_start via grml-autoconfig
(see: grml/grml-autoconfig@c820a66). But this changed only the behavior
on tty1, the other consoles still had problems when trying to display
unicode characters (see e.g. `systemctl status` output).

The proper solution is to configure /etc/default/console-setup as needed
(doing this with this change) and rely on console-setup afterwards to do the right
thing (implemented within grml-autoconfig).

With this change we ship a default /etc/default/console-setup via
GRMLBASE, which can be customized as needed by users of grml-live
through separate FAI class files.

Explicitely added console-setup to GRMLBASE since we rely on it
nowadays.

Thanks: Michael Schierl (@schierlm) + @qlplq for feedback and Darshaka Pathirana for debugging this and providing a preliminary PR
Closes: grml/grml-autoconfig#9, grml/grml#50
Relates to: grml/grml#101

17 months agoRelease new version 0.33.3 v0.33.3
Michael Prokop [Wed, 19 Dec 2018 09:41:01 +0000 (10:41 +0100)]
Release new version 0.33.3

17 months agoMerge remote-tracking branch 'origin/github/pr/69'
Michael Prokop [Wed, 19 Dec 2018 09:37:31 +0000 (10:37 +0100)]
Merge remote-tracking branch 'origin/github/pr/69'

17 months agoREADME.md: Use HTTPS URLs
Paul Menzel [Mon, 28 May 2018 10:23:08 +0000 (12:23 +0200)]
README.md: Use HTTPS URLs

17 months agoEnsure to properly remove deprecated serial-getty@ttyS0.service.d override file
Michael Prokop [Mon, 17 Dec 2018 08:34:25 +0000 (09:34 +0100)]
Ensure to properly remove deprecated serial-getty@ttyS0.service.d override file

This was forgotten to take care in git commit efd2447

17 months agoDrop 'bootchart' from grml-cheatcodes.txt and isolinux labels
Michael Prokop [Fri, 14 Dec 2018 15:57:07 +0000 (16:57 +0100)]
Drop 'bootchart' from grml-cheatcodes.txt and isolinux labels

We don't ship the bootchart2 package in any of our ISOs,
so drop it accordingly from docs + isolinux configurations.

See https://github.com/grml/grml/issues/9

Thanks: Darshaka Pathirana for spotting

17 months agoRelease new version 0.33.2 v0.33.2
Michael Prokop [Fri, 14 Dec 2018 13:41:23 +0000 (14:41 +0100)]
Release new version 0.33.2

17 months agoMerge remote-tracking branch 'origin/github/pr/68'
Michael Prokop [Fri, 14 Dec 2018 13:00:01 +0000 (14:00 +0100)]
Merge remote-tracking branch 'origin/github/pr/68'

17 months agoEnable serial-getty with root autologin on every given device
Darshaka Pathirana [Fri, 14 Dec 2018 12:34:29 +0000 (13:34 +0100)]
Enable serial-getty with root autologin on every given device

With the kernel command line paramter / bootoption
`console=device,options`[1](https://www.kernel.org/doc/html/latest/admin-guide/serial-console.html)
it is possible to use a serial port as console.

So far we only enabled root autologin for the serial port ttyS0, but it
should be enabled on every given device as we do not have any password
set for any user, which meant that no login was possible at all (on a
serial port other than ttyS0).

The serial port ttyS1 can be tested with QEMU/KVM like this::

  kvm -m 512 -serial pty -serial pty -cdrom grml.iso

This adds two serial ports (ttyS0 and ttyS1) to the VM and redirect its
output to /dev/pts/*. On the Grml boot prompt then add "console=ttyS1"
to redirect the output to second serial console.

Thanks: @MichaelEischer for the bug report
Closes: grml/grml#104

17 months agoRelease new version 0.33.1 v0.33.1
Michael Prokop [Fri, 14 Dec 2018 11:21:13 +0000 (12:21 +0100)]
Release new version 0.33.1

17 months agoDisable Secure Boot support by default
Michael Prokop [Fri, 14 Dec 2018 10:30:21 +0000 (11:30 +0100)]
Disable Secure Boot support by default

We're seeing failing boots on some Dell servers and it seems
to be related to some EFI firmware situation. Until this is
resolved and we find a long-term strategy WRT Secure Boot
let's disable Secure Boot support in our ISOS by default.

Closes: https://github.com/grml/grml-live/issues/64

17 months agogrml-cheatcodes.txt: don't mention "gmt" boot option, "utc" should be used
Michael Prokop [Fri, 14 Dec 2018 09:34:28 +0000 (10:34 +0100)]
grml-cheatcodes.txt: don't mention "gmt" boot option, "utc" should be used

The "utc|gmt" might confuse users and the "gmt" is something which
shouldn't be even announced as such, people should use "utc".

17 months agoMerge remote-tracking branch 'origin/github/pr/67'
Michael Prokop [Fri, 14 Dec 2018 09:32:56 +0000 (10:32 +0100)]
Merge remote-tracking branch 'origin/github/pr/67'

17 months agoUpdate cheatcodes to clarify hardware clock and timezone defaults
Darshaka Pathirana [Thu, 13 Dec 2018 14:55:17 +0000 (15:55 +0100)]
Update cheatcodes to clarify hardware clock and timezone defaults

While debugging grml/grml#61, it was unclear for me what the expected
behavior should be. Grml defaults to LOCAL (in /etc/adjtime) which
means that Hardware Clock is expected to be set in local time (which is
usually the case on Windows only systems).

The time zone defaults to UTC.

17 months agoRelease new version 0.33.0 v0.33.0
Michael Prokop [Thu, 13 Dec 2018 11:37:37 +0000 (12:37 +0100)]
Release new version 0.33.0

17 months agoSW: drop deprecated cpufrequtils (+ drop scripts/GRMLBASE/36-cpufrequtils)
Michael Prokop [Thu, 13 Dec 2018 11:08:01 +0000 (12:08 +0100)]
SW: drop deprecated cpufrequtils (+ drop scripts/GRMLBASE/36-cpufrequtils)

The cpufreq drivers are autoloaded and the powersave/ondemand driver
is mature enough. The linux-cpupower tools provide the binaries
as replacement for what cpufrequtils provided so far and we ship
them (with GRML_FULL) already.

Also see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877016

Thanks: Michael Biebl for the pointer
Closes: https://github.com/grml/grml/issues/51

17 months agoRework debian/, following current best practices
Michael Prokop [Thu, 13 Dec 2018 11:34:33 +0000 (12:34 +0100)]
Rework debian/, following current best practices

* Switch to minimal debhelper approach, Build-Depend on debhelper >= 10
* Switch from Priority 'extra' to 'optional' (deprecated as of Debian Policy v4.0.1)
* Drop unused GPL-2 section from debian/copyright
* Update copyright year information in debian/copyright
* Refresh lintian overrides
* Add postinst/postrm maintainer scripts for dpkg-maintscript-helper support

17 months agoDrop symlink etc/grml/fai/config/config
Michael Prokop [Thu, 13 Dec 2018 10:47:57 +0000 (11:47 +0100)]
Drop symlink etc/grml/fai/config/config

This was annoying since its beginning and AFAICT it's
not strictly needed anymore.

18 months agoSupport BOOT_FILE variable for usage within secureboot templates
Michael Prokop [Fri, 23 Nov 2018 07:26:00 +0000 (08:26 +0100)]
Support BOOT_FILE variable for usage within secureboot templates

This is related to:

| commit 642e1b389347bcb8d6e44b483c327e45225427f4
| Author: Michael Prokop <mika@grml.org>
| Date:   Thu Nov 22 23:54:10 2018 +0100
|
|     Ensure GRUB finds the running ISO

By using the same approach for setting $root within GRUB
also for the Secure Boot GRUB configuration we ensure to
apply the same safety measures to Secure Boot mode.

18 months agoGRUB: drop `insmod vbe`
Michael Prokop [Thu, 22 Nov 2018 23:12:27 +0000 (00:12 +0100)]
GRUB: drop `insmod vbe`

When booting in EFI mode this error message is visible for a
very short period of time:

| error: file `/boot/grub/x86_64-efi/vbe.mod' not found

This is annoying, especially because it's hard to read and identify.

It's for sure not relevant within Secure Boot mode, as it's forbidden
there. Let's also disable it by default for Non-Secure-Boot-mode,
if it's relevant for anyone or on specific systems we'll find out.

18 months agoEnsure GRUB finds the running ISO
Michael Prokop [Thu, 22 Nov 2018 22:54:10 +0000 (23:54 +0100)]
Ensure GRUB finds the running ISO

Instead of relying on the presence of the /conf/bootid.txt file, which
might be present on several Grml ISOs, let's generate a unique filename
which GRUB then can search for.

JFTR: The redirection within the layers (scripts/GRMLBASE/45-grub-images
vs main grml-live script) is necessary, because the GRUB image is
generated from within the rootfs (grml_chroot), but the rootfs is
compressed within a squashfs file, while we can only access files
available directly inside the ISO (corresponding to the files inside
grml_cd, and not the files inside grml_chroot which
scripts/GRMLBASE/45-grub-images has access to).

18 months agoRelease new version 0.32.3 v0.32.3
Michael Prokop [Thu, 15 Nov 2018 09:14:56 +0000 (10:14 +0100)]
Release new version 0.32.3

18 months agoSwitch Homepage + Vcs-Browser headers from http to https
Michael Prokop [Thu, 15 Nov 2018 09:14:37 +0000 (10:14 +0100)]
Switch Homepage + Vcs-Browser headers from http to https

18 months agoBump Standards-Version to 4.2.1
Michael Prokop [Thu, 15 Nov 2018 09:14:29 +0000 (10:14 +0100)]
Bump Standards-Version to 4.2.1

18 months agoMerge remote-tracking branch 'origin/github/pr/66'
Michael Prokop [Wed, 14 Nov 2018 20:05:33 +0000 (21:05 +0100)]
Merge remote-tracking branch 'origin/github/pr/66'

18 months agoRemove genisoimage from dependencies
Darshaka Pathirana [Wed, 14 Nov 2018 17:08:57 +0000 (18:08 +0100)]
Remove genisoimage from dependencies

When running grml-live with genisoimage (9:1.1.11-3+b2) on Debian/stretch the
following error is shown:

  # ./grml-live -s sid -a amd64 -c GRMLBASE,GRML_SMALL,AMD64 -t $(pwd)/templates/ -o /dev/shm/grml-live
  [...]
    [*] Finished execution of stage 'squashfs'
    [*] Forcing rebuild of ISO because files on ISO have been modified.
    [*] Using genisoimage to build ISO.
  genisoimage: -i option no longer supported.
  stat: cannot stat '/dev/shm/grml-live/grml_isos/grml_0.0.1.iso': No such file or directory
    [!] Error: there was a critical error executing stage 'iso build

Closes: grml/grml-live#65

18 months agoMerge remote-tracking branch 'origin/github/pr/58'
Michael Prokop [Wed, 14 Nov 2018 15:05:13 +0000 (16:05 +0100)]
Merge remote-tracking branch 'origin/github/pr/58'

18 months agoUpdate broken links
Darshaka Pathirana [Wed, 25 Jul 2018 06:57:26 +0000 (08:57 +0200)]
Update broken links

And while doing so change links to manpage to publicly available manpage
links, because the links to the manpage source is barely readable.

Thanks: David Prévot <taffit@debian.org> for the report
Closes: grml/grml-live#57

19 months agoRelease new version 0.32.2 v0.32.2
Michael Prokop [Wed, 17 Oct 2018 15:24:03 +0000 (17:24 +0200)]
Release new version 0.32.2

19 months agoEFI/BOOT: bring back files from Ubuntu 18.04
Michael Prokop [Wed, 17 Oct 2018 14:46:50 +0000 (16:46 +0200)]
EFI/BOOT: bring back files from Ubuntu 18.04

Bring back the state of EFI/BOOT files as of commit
bc4f02658ffa63a71ef1bc4f37ae3707ff580382 plus the config change with
commit c35a30b42bac4de7089f936d6917b246ade6d5c5, as this was the last
GRUB version that's known to be working with *unsigned* kernel files.

Otherwise SecureBoot fails to boot with:

| Loading kernel...
| error: /boot/grml/vmlinuz has invalid signature.
| Loading initrd...
| error: you need to load the kernel first.

when using grub2-signed (corresponding to Ubuntu's GRUB 2.02+dfsg1-5ubuntu7) with files e.g. from
http://de.archive.ubuntu.com/ubuntu/pool/main/s/shim-signed/shim-signed_1.38+15+1533136590.3beb971-0ubuntu1_amd64.deb +
http://de.archive.ubuntu.com/ubuntu/pool/main/g/grub2-signed/grub-efi-amd64-signed_1.109+2.02+dfsg1-5ubuntu7_amd64.deb

This might be related to the change introduced in:

| grub2-signed (1.93.4) bionic; urgency=medium
|
|   * Rebuild against grub2 2.02-2ubuntu8.3 and check kernel is signed on
|     amd64 EFI before installing grub (LP: #1786491).
|
|  -- Julian Andres Klode <juliank@ubuntu.com>  Mon, 13 Aug 2018 12:51:32 +0200

JFTR, as of 2018-10-17 we have in Ubuntu:

| % rmadison -u ubuntu grub-efi-amd64-signed
|  grub-efi-amd64-signed | 1.9~ubuntu12.04.10+1.99-21ubuntu3.19 | precise-security | amd64
|  grub-efi-amd64-signed | 1.9~ubuntu12.04.10+1.99-21ubuntu3.19 | precise-updates  | amd64
|  grub-efi-amd64-signed | 1.34+2.02~beta2-9                    | trusty           | amd64
|  grub-efi-amd64-signed | 1.34.7+2.02~beta2-9ubuntu1.6         | trusty-security  | amd64
|  grub-efi-amd64-signed | 1.34.17+2.02~beta2-9ubuntu1.15       | trusty-updates   | amd64
|  grub-efi-amd64-signed | 1.66+2.02~beta2-36ubuntu3            | xenial           | amd64
|  grub-efi-amd64-signed | 1.66.18+2.02~beta2-36ubuntu3.18      | xenial-updates   | amd64
|  grub-efi-amd64-signed | 1.93+2.02-2ubuntu8                   | bionic           | amd64
|  grub-efi-amd64-signed | 1.93.7+2.02-2ubuntu8.6               | bionic-updates   | amd64
|  grub-efi-amd64-signed | 1.93.8+2.02-2ubuntu8.7               | bionic-proposed  | amd64
|  grub-efi-amd64-signed | 1.109+2.02+dfsg1-5ubuntu7            | cosmic           | amd64

Note that EFI boot with ovmf 0~20161202.7bbe0b3e-1 with kvm/qemu on
Debian/stretch fails, resulting in a grub shell prompt of GRUB
2.02-2ubuntu8 (without any menu), e.g. when invoked via:

| % qemu-system-x86_64 -bios /usr/share/qemu/OVMF.fd -vga qxl -hda grml.iso -m 512

Both the ovmf versions from kraxel as well from current Debian/testing
AKA buster work though:

| % wget https://www.kraxel.org/repos/jenkins/edk2/edk2.git-ovmf-x64-0-20180807.281.gc526dcd40f.noarch.rpm
| % rpm2cpio edk2.git-ovmf-x64-0-20180807.281.gc526dcd40f.noarch.rpm | cpio -idmv
| % qemu-system-x86_64 -bios ./usr/share/edk2.git/ovmf-x64/OVMF-pure-efi.fd -vga qxl -hda grml.iso -m 512

+

| % wget http://ftp.de.debian.org/debian/pool/main/e/edk2/ovmf_0~20180812.cb5f4f45-1_all.deb
| % dpkg -x ovmf_0\~20180812.cb5f4f45-1_all.deb ovmf
| % qemu-system-x86_64 -bios ovmf/usr/share/ovmf/OVMF.fd -vga qxl -hda grml.iso -m 512

Closes: https://github.com/grml/grml/issues/105

and possibly also related to https://github.com/grml/grml-live/issues/59

19 months agoEFI/BOOT/README: document file usage
Michael Prokop [Wed, 17 Oct 2018 13:48:54 +0000 (15:48 +0200)]
EFI/BOOT/README: document file usage

21 months agoMerge remote-tracking branch 'origin/github/pr/60'
Michael Prokop [Wed, 29 Aug 2018 12:15:49 +0000 (14:15 +0200)]
Merge remote-tracking branch 'origin/github/pr/60'