From 73d116b62c228ce58e39f6723e35ebba3e582149 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 7 May 2015 13:21:45 +0200 Subject: Upgrade the preseed script to make it work with Debian Jessie. --- Makefile | 8 ++++---- preseed.cfg | 9 +++++---- preseed.sh | 19 +++++++++---------- src/fripost-postinst-udeb/debian/templates | 2 +- 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/Makefile b/Makefile index 42dee1a..d3fbdee 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ CC += -m$(shell dpkg-architecture -qDEB_HOST_ARCH_BITS $(patsubst %,-a%, ${ARCH} DEB_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH $(patsubst %,-a%, ${ARCH})) # Multiarch: apt-get install gcc-multilib libc6-dev-x32 -VERSION = 7.7.0 +VERSION = 8.0.0 IMAGE_TYPE ?= iso ISOIMG = debian-${VERSION}-${DEB_ARCH}-netinst.iso @@ -15,10 +15,10 @@ CHECKSUMS = MD5 SHA1 SHA256 SHA512 preseed: make dist/${DEB_ARCH}/${PRESEEDED} dist/${DEB_ARCH}/${PRESEEDED}: preseed.cfg $(wildcard ./include/*) dist/${DEB_ARCH}/${ISOIMG} ${UDEBS} - ./preseed.sh $@ dist/${DEB_ARCH}/${ISOIMG} ${UDEBS} + DEB_ARCH=${DEB_ARCH} ./preseed.sh $@ dist/${DEB_ARCH}/${ISOIMG} ${UDEBS} sig: dist/${DEB_ARCH}/${PRESEEDED} - gpg --detach-sign $^ + gpg2 --detach-sign $^ # Get, verify iso-get: dist/${DEB_ARCH}/${ISOIMG} @@ -28,7 +28,7 @@ iso-checksum: $(patsubst %,iso-checksum-%, ${CHECKSUMS}) iso-checksum-%: dist/${DEB_ARCH}/${ISOIMG} dist/${DEB_ARCH}/%SUMS dist/${DEB_ARCH}/%SUMS.sign @echo Checking $* sum @cd dist/${DEB_ARCH}; grep "\s${ISOIMG}$$" $*SUMS | $$(echo $* | sed 's@.*@/usr/bin/\L&sum@') --strict -c - gpg --verify dist/${DEB_ARCH}/$*SUMS.sign dist/${DEB_ARCH}/$*SUMS + gpg2 --verify dist/${DEB_ARCH}/$*SUMS.sign dist/${DEB_ARCH}/$*SUMS # Download .PRECIOUS: dist/${DEB_ARCH}/% diff --git a/preseed.cfg b/preseed.cfg index c08e9e1..cde10d6 100644 --- a/preseed.cfg +++ b/preseed.cfg @@ -49,8 +49,8 @@ d-i fripost/partition-script string /cdrom/include/partition.sh # Install and activate (in enforcing mode) SELinux? Note that activating # SELinux requires a dummy reboot to label all files. So if you have full-disk -# encryption, you'll have to send the password twice to dropbear. (Default: true) -#d-i fripost/activate-selinux boolean true +# encryption, you'll have to send the password twice to dropbear. (Default: false) +#d-i fripost/activate-selinux boolean false # Keep /media and its kids' entries in the fstab? /media (and its related # entries in the fstab) can safely be removed on a headless server. (Default: @@ -87,6 +87,7 @@ d-i passwd/user-password-crypted password $6$QjLeZdW1O$9VymVDc5q6NctEylAqObvmP4S d-i debian-installer/locale string en_US.UTF-8 d-i localechooser/supported-locales multiselect sv_SE.UTF-8 +d-i keyboard-configuration/xkb-keymap select us d-i keymap skip-config locales locales/default_environment_locale string en_US.UTF-8 @@ -113,10 +114,10 @@ d-i base-installer/kernel/image string linux-image-amd64 d-i base-installer/kernel/linux/initramfs-generators string initramfs-tools # A subset of 'standard' is interesting: tasksel --task-packages standard tasksel tasksel/first string -d-i pkgsel/include string git heirloom-mailx python-apt etckeeper \ +d-i pkgsel/include string dbus git heirloom-mailx python-apt etckeeper \ bash bash-completion \ bind9-host curl screen \ - postfix vim-nox emacs23-nox + postfix vim-nox d-i pkgsel/upgrade select safe-upgrade d-i preseed/early_command string anna-install fripost-partman fripost-postinst diff --git a/preseed.sh b/preseed.sh index 86a8c65..c1226d1 100755 --- a/preseed.sh +++ b/preseed.sh @@ -47,14 +47,14 @@ rmdir "$mountdir" cp preseed.cfg "$isoeditdir/" md5sum ./preseed.cfg >> "$isoeditdir/md5sum.txt" -cfg="$isoeditdir/isolinux/*.cfg $isoeditdir/isolinux/*/*.cfg" +cfg="$isoeditdir/isolinux/*.cfg" [ -f $isoeditdir/boot/grub/grub.cfg ] && cfg="$cfg $isoeditdir/boot/grub/grub.cfg" -sed -ri 's@^\s+(append|linux)\s(.*\s)?auto=true\s(.*\s)?priority=critical\b@& file=/cdrom/preseed.cfg@' $cfg +sed -ri 's@^\s+(append|linux)\s(.*\s)?auto=true\s(.*\s)?priority=critical\b@& preseed/file=/cdrom/preseed.cfg@' $cfg # ^ no need to update isolinux' checksum, as it's not in './md5sum.txt'. mkdir "$isoeditdir/include" rsync -aL ./include/ "$isoeditdir/include"/ -find ./include \( \! -name '.*' -a -type f \) -print0 | \ +find -L ./include \( \! -name '.*' -a -type f \) -print0 | \ xargs -r0 md5sum >> "$isoeditdir/md5sum.txt" # non-free firmwares: @@ -63,10 +63,9 @@ find ./include \( \! -name '.*' -a -type f \) -print0 | \ #find ./firmware \( \! -name '.*' -a -type f \) -print0 | \ # xargs -r0 md5sum >> "$isoeditdir/md5sum.txt" -# XXX: that's ugly -dist=$(for x in "$isoeditdir"/dists/*; do [ -h "$x" ] && continue; [ -d "$x" ] && echo ${x##*/} && break; done) -arch=$(for x in "$isoeditdir/dists/$dist/main"/binary-*; do test -d "$x" && echo ${x##*/binary-} && break; done) -packages="dists/$dist/main/debian-installer/binary-$arch/Packages" +dist=$(readlink "$isoeditdir/dists/stable") +packages="dists/$dist/main/debian-installer/binary-$DEB_ARCH/Packages" +gunzip "$isoeditdir/$packages.gz" while [ $# -gt 0 ]; do cd "${1%%_*}-udeb"; shift name="$(sed -n 's/Package:\s\s*//p' ./debian/control)" @@ -87,17 +86,17 @@ while [ $# -gt 0 ]; do cd "$pwd" done -cd "$isoeditdir" -gzip -fk ./"$packages" +gzip "$isoeditdir/$packages" md5sums=$(mktemp) +cd "$isoeditdir" while read sum file; do if [ "$file" = "./${packages}" -o \ "$file" = "./${packages}.gz" -o \ "$file" = "./boot/grub/grub.cfg" ]; then md5sum "$file" else - echo "$sum $file" + echo "$sum $file" fi done < ./md5sum.txt > "$md5sums" mv "$md5sums" "$isoeditdir/md5sum.txt" diff --git a/src/fripost-postinst-udeb/debian/templates b/src/fripost-postinst-udeb/debian/templates index fcba8de..1be33c0 100644 --- a/src/fripost-postinst-udeb/debian/templates +++ b/src/fripost-postinst-udeb/debian/templates @@ -19,7 +19,7 @@ Description: Use the same key for dropbear and OpenSSH? Template: fripost/activate-selinux Type: boolean -Default: true +Default: false Description: Install and activate (in enforcing mode) SELinux? Note that activating SELinux requires a dummy reboot to label all files. So if you have full-disk encryption, you'll have to send the -- cgit v1.2.3