From c30d41f0f6db251fd23f1fa76e90e85aa24c82c2 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Mon, 15 Jan 2024 12:32:43 +0100 Subject: [PATCH 01/16] SW: add zstd to GRML_SMALL Nowadays zstd is used as default compression utility for initramfs by Debian, so let's make sure to have it available. We already ship zstd since 2019 with GRML_FULL (see commit 2dc56cc10f), now let's make sure to also have it available on grml-small. Thanks: Marc Haber Closes: https://github.com/grml/grml/issues/204 --- etc/grml/fai/config/package_config/GRML_SMALL | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/grml/fai/config/package_config/GRML_SMALL b/etc/grml/fai/config/package_config/GRML_SMALL index 9e24304..cb5d489 100644 --- a/etc/grml/fai/config/package_config/GRML_SMALL +++ b/etc/grml/fai/config/package_config/GRML_SMALL @@ -107,6 +107,7 @@ wipe xfsprogs zip zsh +zstd # special terminal output toilet -- 2.1.4 From cf2e534ec01161e4bdea9372acb49e9a7711a968 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Mon, 15 Jan 2024 12:35:46 +0100 Subject: [PATCH 02/16] Release new version 0.47.3 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 9f7baa5..1dadae4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +grml-live (0.47.3) unstable; urgency=medium + + * Software related changes: + - [c30d41f] add zstd to GRML_SMALL. Thanks to Marc Haber + + -- Michael Prokop Mon, 15 Jan 2024 12:35:35 +0100 + grml-live (0.47.2) unstable; urgency=medium [ Michael Prokop ] -- 2.1.4 From bdf9b40e0bc144aa2d5642cdff3069cfd54bc323 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Mon, 22 Jan 2024 09:47:45 +0100 Subject: [PATCH 03/16] grml-cheatcodes.txt: drop URL for no-longer existing live-initramfs.en.7.txt live-initramfs-grml is live-boot-grml nowadays, though it doesn't provide a human readable manpage/documentation. --- templates/GRML/grml-cheatcodes.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/GRML/grml-cheatcodes.txt b/templates/GRML/grml-cheatcodes.txt index 030a4a0..d289049 100644 --- a/templates/GRML/grml-cheatcodes.txt +++ b/templates/GRML/grml-cheatcodes.txt @@ -25,7 +25,6 @@ dos Boot FreeDOS hdt Boot Hardware Detection Tool (from syslinux project) Further documentation regarding the boot process can be found at: -* http://git.grml.org/?p=live-initramfs-grml.git;a=blob_plain;f=manpages/live-initramfs.en.7.txt;hb=HEAD * https://manpages.debian.org/live-boot-doc/live-boot.7.en.html * https://manpages.debian.org/initramfs-tools-core/initramfs-tools.7.en.html * https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html -- 2.1.4 From 06e703a8274539b32d2fb44e9135ab03a04aba5c Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 2 Feb 2024 12:55:43 +0100 Subject: [PATCH 04/16] Fix usage of FAI's shell.log vs. scripts.log We check for scripts.log, but still use shell.log, d'oh :) --- grml-live | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grml-live b/grml-live index cc1dbfb..72fe591 100755 --- a/grml-live +++ b/grml-live @@ -819,7 +819,7 @@ else # FAI versions >=6.0 always writes to scripts.log if [ -r "$CHECKLOG/scripts.log" ] ; then - grep 'FAILED with exit code' $CHECKLOG/shell.log >> $LOGFILE && ERROR=6 + grep 'FAILED with exit code' $CHECKLOG/scripts.log >> $LOGFILE && ERROR=6 fi if [ -r "$CHECKLOG/fai.log" ] ; then -- 2.1.4 From e0a2d0b964d18478211885f80da19acc7a13b6ae Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 2 Feb 2024 13:24:44 +0100 Subject: [PATCH 05/16] SW: add xxd to GRML_SMALL + GRML_FULL xxd is no longer a dependency of vim-common, quotings vim's Debian package changelog (also see https://metadata.ftp-master.debian.org/changelogs/main/v/vim/unstable_changelog): | vim (2:9.0.0135-1) unstable; urgency=medium | | [...] | * Remove "Depends: xxd" from vim-common (Closes: #1007887) Since we always shipped xxd with grml-small and grml-full, let's make sure we continue to provide it. --- etc/grml/fai/config/package_config/GRML_FULL | 1 + etc/grml/fai/config/package_config/GRML_SMALL | 1 + 2 files changed, 2 insertions(+) diff --git a/etc/grml/fai/config/package_config/GRML_FULL b/etc/grml/fai/config/package_config/GRML_FULL index 4abeea0..8bd4757 100644 --- a/etc/grml/fai/config/package_config/GRML_FULL +++ b/etc/grml/fai/config/package_config/GRML_FULL @@ -87,6 +87,7 @@ hexedit nano vim vim-gtk3 +xxd zile # filesystem support diff --git a/etc/grml/fai/config/package_config/GRML_SMALL b/etc/grml/fai/config/package_config/GRML_SMALL index cb5d489..2941cfb 100644 --- a/etc/grml/fai/config/package_config/GRML_SMALL +++ b/etc/grml/fai/config/package_config/GRML_SMALL @@ -105,6 +105,7 @@ wget whois wipe xfsprogs +xxd zip zsh zstd -- 2.1.4 From dca230e87751be15e71de88ede05c07d0fb6065a Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 2 Feb 2024 13:34:43 +0100 Subject: [PATCH 06/16] SW: add memtest86+ to GRML_FULL (amd64/i386 only) Otherwise we're missing the memtest boot options in isolinux/syslinux and GRUB. --- etc/grml/fai/config/package_config/GRML_FULL | 2 ++ 1 file changed, 2 insertions(+) diff --git a/etc/grml/fai/config/package_config/GRML_FULL b/etc/grml/fai/config/package_config/GRML_FULL index 8bd4757..03728e8 100644 --- a/etc/grml/fai/config/package_config/GRML_FULL +++ b/etc/grml/fai/config/package_config/GRML_FULL @@ -359,6 +359,7 @@ cciss-vol-status # x86 hardware support cmospwd cpuid +memtest86+ # broken userland debugging ltrace # disk partitioning/boot @@ -382,6 +383,7 @@ cciss-vol-status # x86 hardware support cmospwd cpuid +memtest86+ # broken userland debugging ltrace # disk partitioning/boot -- 2.1.4 From aad9204ee9f60a79ae8e33185310e782a481f068 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 2 Feb 2024 16:05:13 +0100 Subject: [PATCH 07/16] Release new version 0.47.4 --- debian/changelog | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/debian/changelog b/debian/changelog index 1dadae4..8170bd6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +grml-live (0.47.4) unstable; urgency=medium + + * [bdf9b40] grml-cheatcodes.txt: drop URL for no-longer existing live- + initramfs.en.7.txt + * [06e703a] Fix usage of FAI's shell.log vs. scripts.log + * Software related changes: + - [e0a2d0b] add xxd to GRML_SMALL + GRML_FULL + - [dca230e] add memtest86+ to GRML_FULL (amd64/i386 only) + + -- Michael Prokop Fri, 02 Feb 2024 16:04:31 +0100 + grml-live (0.47.3) unstable; urgency=medium * Software related changes: -- 2.1.4 From 922087b19d66e3251d765c57d0d438e5b79458a4 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 2 Feb 2024 16:36:35 +0100 Subject: [PATCH 08/16] SW: drop dmraid from GRML_FULL + GRML_SMALL dmraid is obsolete and isn't available with Debian trixie (current testing) and newer anymore. See https://bugs.debian.org/1056944, https://bugs.debian.org/864423 and https://bugs.debian.org/1034188 for details. --- etc/grml/fai/config/package_config/GRML_FULL | 1 - etc/grml/fai/config/package_config/GRML_SMALL | 1 - 2 files changed, 2 deletions(-) diff --git a/etc/grml/fai/config/package_config/GRML_FULL b/etc/grml/fai/config/package_config/GRML_FULL index 03728e8..2d83c2f 100644 --- a/etc/grml/fai/config/package_config/GRML_FULL +++ b/etc/grml/fai/config/package_config/GRML_FULL @@ -49,7 +49,6 @@ pppoeconf array-info cryptsetup disktype -dmraid dmsetup f3 fai-setup-storage diff --git a/etc/grml/fai/config/package_config/GRML_SMALL b/etc/grml/fai/config/package_config/GRML_SMALL index 2941cfb..34c1647 100644 --- a/etc/grml/fai/config/package_config/GRML_SMALL +++ b/etc/grml/fai/config/package_config/GRML_SMALL @@ -18,7 +18,6 @@ cu dctrl-tools diffutils disktype -dmraid dmsetup dos2unix dosfstools -- 2.1.4 From ee314fb4499a231c988f42315dfd877652671454 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 2 Feb 2024 16:48:27 +0100 Subject: [PATCH 09/16] templates: drop deprecated nodmraid boot option and update grml-cheatcodes.txt See git rev 922087b19d and grml-autoconfig v0.22.0, we dropped dmraid support. --- templates/GRML/grml-cheatcodes.txt | 6 +++--- templates/boot/grub/%SHORT_NAME%_options.cfg | 2 +- templates/boot/isolinux/grml.cfg | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/templates/GRML/grml-cheatcodes.txt b/templates/GRML/grml-cheatcodes.txt index d289049..3dd33bf 100644 --- a/templates/GRML/grml-cheatcodes.txt +++ b/templates/GRML/grml-cheatcodes.txt @@ -209,9 +209,9 @@ Hardware related settings: grml swap Activate present/detected swap partitions grml noswraid Disable scanning for software raid arrays (creates /etc/mdadm/mdadm.conf) grml swraid Enable automatic assembling of software raid arrays -grml nodmraid Do not enable present dmraid devices. -grml dmraid=on Automatically enable any present dmraid devices. -grml dmraid=off Actively try to stop any present dmraid devices. +grml nodmraid Do not enable present dmraid devices (deprecated as of releases in 2024) +grml dmraid=on Automatically enable any present dmraid devices (deprecated as of releases in 2024) +grml dmraid=off Actively try to stop any present dmraid devices (deprecated as of releases in 2024) grml nolvm Disable scanning for Logical Volumes (LVM) grml lvm Automatically activate Logival Volumes (LVM) during boot grml read-only Make sure all harddisk devices (/dev/hd* /dev/sd*) are forced to read-only mode diff --git a/templates/boot/grub/%SHORT_NAME%_options.cfg b/templates/boot/grub/%SHORT_NAME%_options.cfg index 3e9a1a3..0168459 100644 --- a/templates/boot/grub/%SHORT_NAME%_options.cfg +++ b/templates/boot/grub/%SHORT_NAME%_options.cfg @@ -34,7 +34,7 @@ menuentry "Load whole medium to RAM" { menuentry "Forensic Mode" { set gfxpayload=keep echo 'Loading kernel...' - linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} read-only nofstab noraid nodmraid nolvm noautoconfig noswap raid=noautodetect + linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} read-only nofstab noraid nolvm noautoconfig noswap raid=noautodetect echo 'Loading initrd...' initrd /boot/%SHORT_NAME%/initrd.img } diff --git a/templates/boot/isolinux/grml.cfg b/templates/boot/isolinux/grml.cfg index 3dc1347..b940f01 100644 --- a/templates/boot/isolinux/grml.cfg +++ b/templates/boot/isolinux/grml.cfg @@ -62,7 +62,7 @@ label grmlmedium2ram label forensic menu label F^orensic Mode kernel /boot/%SHORT_NAME%/vmlinuz - append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off nomce net.ifnames=0 vga=791 nofstab noraid nodmraid nolvm noautoconfig noswap raid=noautodetect read-only + append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off nomce net.ifnames=0 vga=791 nofstab noraid nolvm noautoconfig noswap raid=noautodetect read-only text help Boot Grml in forensic mode. This -- 2.1.4 From 2ba0597d649d18c5dc2dbcadeab01681b403fb48 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 2 Feb 2024 16:53:35 +0100 Subject: [PATCH 10/16] Release new version 0.47.5 --- debian/changelog | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/debian/changelog b/debian/changelog index 8170bd6..d5abd18 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +grml-live (0.47.5) unstable; urgency=medium + + * Software related changes: + - [922087b] drop dmraid from GRML_FULL + GRML_SMALL + * [ee314fb] templates: drop deprecated nodmraid boot option and update + grml-cheatcodes.txt + + -- Michael Prokop Fri, 02 Feb 2024 16:52:57 +0100 + grml-live (0.47.4) unstable; urgency=medium * [bdf9b40] grml-cheatcodes.txt: drop URL for no-longer existing live- -- 2.1.4 From 642ff89a093a38bb9e5b061dfabfaa08974e7f47 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Wed, 21 Feb 2024 19:48:48 +0100 Subject: [PATCH 11/16] docs: update instructions for basefile creation to include capabilities When creating the basefile via tar without `--xattrs --xattrs-include='*.*'`, the resulting basefile doesn't provide capabilities as used and needed for example by ping(8), also see https://bugs.debian.org/881829 While at it, also exclude /var/lib/apt/lists/ files, to further reduce the resulting basefile. Closes: https://github.com/grml/grml-live/issues/143 --- docs/grml-live.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/grml-live.txt b/docs/grml-live.txt index dab3f38..da845af 100644 --- a/docs/grml-live.txt +++ b/docs/grml-live.txt @@ -713,9 +713,9 @@ How do I create a base tar.gz (I386.tar.gz or AMD64.tar.gz or ARM64.tar.gz) First of all create the chroot using debootstrap (requires root): BASECHROOT='/tmp/basefile' # path where the chroot gets generated - SUITE='bookworm' # using the current stable release should always work - debootstrap --exclude=info,tasksel,tasksel-data,isc-dhcp-client,isc-dhcp-common "$SUITE" "$BASECHROOT" http://deb.debian.org/debian - tar -C "$BASECHROOT" --exclude='var/cache/apt/archives/*.deb' -zcf "${SUITE}".tar.gz ./ + SUITE='bookworm' # using the current stable release should always work + debootstrap --exclude=info,tasksel,tasksel-data,isc-dhcp-client,isc-dhcp-common "${SUITE}" "${BASECHROOT}" http://deb.debian.org/debian + tar -C "$BASECHROOT" --exclude='var/cache/apt/archives/*.deb' --exclude 'var/lib/apt/lists/*_*' --xattrs --xattrs-include='*.*' --acls -zcf "${SUITE}".tar.gz ./ [TIP] By default debootstrap builds a chroot matching the architecture of the running -- 2.1.4 From a036acba056fc2f10c70d5941493239a809094dc Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Sat, 24 Feb 2024 10:56:10 +0100 Subject: [PATCH 12/16] Release new version 0.47.6 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index d5abd18..e087f41 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +grml-live (0.47.6) unstable; urgency=medium + + * [642ff89] docs: update instructions for basefile creation to include + capabilities + + -- Michael Prokop Sat, 24 Feb 2024 10:56:00 +0100 + grml-live (0.47.5) unstable; urgency=medium * Software related changes: -- 2.1.4 From ccd246d4b1d9a05031df95bd3e720c512c89e5d8 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Thu, 7 Mar 2024 13:25:02 +0100 Subject: [PATCH 13/16] etc/fstab/GRMLBASE: use reserved IP following RFC5737 Usage of IP addresses like 1.2.3.4 is not recommended, as they might point to actually used and non-reserved IPs. Quoting from RFC 5737 AKA "IPv4 Address Blocks Reserved for Documentation" (see https://datatracker.ietf.org/doc/html/rfc5737): | The blocks 192.0.2.0/24 (TEST-NET-1), 198.51.100.0/24 (TEST-NET-2), and | 203.0.113.0/24 (TEST-NET-3) are provided for use in documentation. So use 192.0.2.42 instead. --- etc/grml/fai/config/files/etc/fstab/GRMLBASE | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/grml/fai/config/files/etc/fstab/GRMLBASE b/etc/grml/fai/config/files/etc/fstab/GRMLBASE index 9a5698a..ffd52b7 100644 --- a/etc/grml/fai/config/files/etc/fstab/GRMLBASE +++ b/etc/grml/fai/config/files/etc/fstab/GRMLBASE @@ -16,11 +16,11 @@ devpts /dev/pts devpts noauto,mode=0622 0 /dev/dvd /media/dvd auto user,noauto,exec,ro 0 0 # some other examples: # /dev/hda1 /Grml ext3 dev,suid,user,noauto 0 2 -# //1.2.3.4/pub /smb/pub smbfs defaults,user,noauto,uid=grml,gid=grml 0 0 +# //192.0.2.42/pub /smb/pub smbfs defaults,user,noauto,uid=grml,gid=grml 0 0 # linux:/pub /beer nfs defaults 0 0 # tmpfs /tmp tmpfs size=300M 0 0 # none /proc/bus/usb usbfs defaults,nodev,noexec,nosuid,noauto,devgid=1001,devmode=664 0 0 -# 192.168.1.101:/backups /media/nfs nfs defaults,user,wsize=8192,rsize=8192 0 0 +# 192.0.2.42:/backups /media/nfs nfs defaults,user,wsize=8192,rsize=8192 0 0 # # Warning! Please do *not* change any lines below because they are auto-generated. # If you want to disable rebuildfstab set CONFIG_FSTAB='no' in /etc/grml/autoconfig. -- 2.1.4 From 1f76dc84f7438d60ea3cd831be5260eea7a307f6 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Wed, 13 Mar 2024 12:44:14 +0100 Subject: [PATCH 14/16] docs: update usage instructions for setting up Grml repository By default `apt-get update` fails on recent Debian releases (also see apt-secure(8), if the chain of trust hasn't been established yet: | # apt-get update | Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB] | Get:2 http://deb.debian.org/debian bookworm-updates InRelease [55.4 kB] | Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB] | Get:4 http://deb.grml.org grml-stable InRelease [8382 B] | Get:5 http://deb.grml.org grml-testing InRelease [15.1 kB] | Get:6 http://deb.debian.org/debian bookworm/main amd64 Packages [8786 kB] | Err:4 http://deb.grml.org grml-stable InRelease | The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 21E0CA38EA2EA4AB | Get:7 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [12.7 kB] | Get:8 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages [145 kB] | Err:5 http://deb.grml.org grml-testing InRelease | The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 21E0CA38EA2EA4AB | Reading package lists... Done | W: GPG error: http://deb.grml.org grml-stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 21E0CA38EA2EA4AB | E: The repository 'http://deb.grml.org grml-stable InRelease' is not signed. | N: Updating from such a repository can't be done securely, and is therefore disabled by default. | N: See apt-secure(8) manpage for repository creation and user configuration details. | W: GPG error: http://deb.grml.org grml-testing InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 21E0CA38EA2EA4AB | E: The repository 'http://deb.grml.org grml-testing InRelease' is not signed. | N: Updating from such a repository can't be done securely, and is therefore disabled by default. | N: See apt-secure(8) manpage for repository creation and user configuration details. | Reading package lists... Done | Building dependency tree... Done | Reading state information... Done | E: Unable to locate package grml-debian-keyring Whereas with `Acquire::AllowInsecureRepositories=true` we manage to retrieve the repository information for later usage: | root@dc4d0fb0205e:/# apt-get -o Acquire::AllowInsecureRepositories=true update | Hit:1 http://deb.debian.org/debian bookworm InRelease | Get:2 http://deb.grml.org grml-stable InRelease [8382 B] | Hit:3 http://deb.debian.org/debian bookworm-updates InRelease | Hit:4 http://deb.debian.org/debian-security bookworm-security InRelease | Get:5 http://deb.grml.org grml-testing InRelease [15.1 kB] | Ign:2 http://deb.grml.org grml-stable InRelease | Get:6 http://deb.grml.org grml-stable/main amd64 Packages [9529 B] | Ign:5 http://deb.grml.org grml-testing InRelease | Get:7 http://deb.grml.org grml-testing/main amd64 Packages [9529 B] | Fetched 42.5 kB in 1s (62.6 kB/s) | Reading package lists... Done | W: GPG error: http://deb.grml.org grml-stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 21E0CA38EA2EA4AB | W: The repository 'http://deb.grml.org grml-stable InRelease' is not signed. | N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. | N: See apt-secure(8) manpage for repository creation and user configuration details. | W: GPG error: http://deb.grml.org grml-testing InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 21E0CA38EA2EA4AB | W: The repository 'http://deb.grml.org grml-testing InRelease' is not signed. | N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. | N: See apt-secure(8) manpage for repository creation and user configuration details. Thanks: anarcat for reporting --- docs/grml-live.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/grml-live.txt b/docs/grml-live.txt index da845af..ee3856f 100644 --- a/docs/grml-live.txt +++ b/docs/grml-live.txt @@ -536,7 +536,7 @@ Instructions EOF # get keyring for apt: - apt-get update + apt-get -o Acquire::AllowInsecureRepositories=true update apt-get --allow-unauthenticated install grml-debian-keyring # optionally(!) install basefile so we don't have to build basic -- 2.1.4 From a24d308daeb4262320e664d7c99e4d313f74e917 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Thu, 25 Apr 2024 13:35:52 +0200 Subject: [PATCH 15/16] SW: drop deborphan from GRMLBASE, no longer present since Debian/trixie Having this package in our GRMLBASE means that all builds in current Debian/testing (AKA trixie) and unstable/sid are failing, so drop it. See https://github.com/grml/grml-live/issues/144 --- etc/grml/fai/config/package_config/GRMLBASE | 1 - 1 file changed, 1 deletion(-) diff --git a/etc/grml/fai/config/package_config/GRMLBASE b/etc/grml/fai/config/package_config/GRMLBASE index 115df2d..40fbb0d 100644 --- a/etc/grml/fai/config/package_config/GRMLBASE +++ b/etc/grml/fai/config/package_config/GRMLBASE @@ -6,7 +6,6 @@ console-data console-setup cryptsetup-initramfs dbus -deborphan dmidecode efibootmgr eject -- 2.1.4 From 0551e9e16da7afdc7feeb0485dc930aee04a7954 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Thu, 25 Apr 2024 13:48:57 +0200 Subject: [PATCH 16/16] DEBORPHAN: rework to not skip all its execution if deborphan is missing; update docs for DEBORPHAN deborphan is missing since Debian/trixie, though `apt-get -y --purge autoremove` as well as `dpkg --purge` of packages in rc state are still useful. Avoid renaming of DEBORPHAN class, as that might break existing setups. Instead clarify usage and purpose of DEBORPHAN in docs. Closes: https://github.com/grml/grml-live/issues/144 --- docs/grml-live.txt | 9 ++++++++- .../fai/config/scripts/DEBORPHAN/98-clean-chroot | 21 ++++++++++----------- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/docs/grml-live.txt b/docs/grml-live.txt index da845af..2cedb6d 100644 --- a/docs/grml-live.txt +++ b/docs/grml-live.txt @@ -330,7 +330,14 @@ ${GRML_FAI_CONFIG}/config/package_config whereas some further classes are define example in ${GRML_FAI_CONFIG}/config/scripts/ so specific feature sets can be selected. The following classes are predefined: -* DEBORPHAN: get rid of all packages listed in output of deborphan +* DEBORPHAN: get rid of "autoremove" and "removed-but-not-yet-purged" packages; +also all packages listed in output of deborphan (only if deborphan is actually +present, note that grml-live no longer installs deborphan by default as it's not +present since Debian/trixie!). This class is called as such for historic +reasons, and while deborphan itself is no longer relevant nowadays, the name of +the class was kept as such for backwards compatibility reasons. This class is +thought to be used *before* any further `GRML*` classes, like +`DEBORPHAN,GRMLBASE,GRML_FULL,RELEASE,...` to get proper Grml releases. * FRESHCLAM: execute freshclam (if it's present) to update clamav definitions (increases resulting ISO size ~70MB). By default it's skipped to avoid bigger diff --git a/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot b/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot index 42ed9c2..dce15d4 100755 --- a/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot +++ b/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot @@ -9,21 +9,10 @@ set -u set -e -if ! [ -x $target/usr/bin/deborphan ] ; then - echo "Warning: deborphan not installed" - exit 0 -fi - # remove all packages not necessary anymore: echo "Executing apt-get -y --purge autoremove" $ROOTCMD apt-get -y --purge autoremove -# remove packages until deborphan does not find anymore: -while [ "$($ROOTCMD deborphan)" != "" ] ; do - echo "Executing deborphan" - $ROOTCMD apt-get -y --purge remove $($ROOTCMD deborphan) -done - # make sure we don't have any removed but not-yet-purged packages left, # otherwise GRMLBASE/03-get-sources might try to download unavailable # packages and will fail doing so @@ -34,5 +23,15 @@ if [ -n "$PURGE_PACKAGES" ] ; then $ROOTCMD dpkg --purge $PURGE_PACKAGES fi +# note: deborphan is no longer available as of Debian/trixie, +# see https://github.com/grml/grml-live/issues/144 +if [ -x "$target"/usr/bin/deborphan ] ; then + # remove packages until deborphan does not find anymore: + while [ "$($ROOTCMD deborphan)" != "" ] ; do + echo "Executing deborphan" + $ROOTCMD apt-get -y --purge remove $($ROOTCMD deborphan) + done +fi + ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2 -- 2.1.4