Recommended update for python-kiwi

Announcement ID: SUSE-RU-2020:3859-1
Rating: moderate
References:
Affected Products:
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4

An update that contains one feature and has 41 fixes can now be installed.

Description:

This update for python-kiwi fixes the following issues:

Update from version 9.17.18 to 9.20.6 - Increase overall allowed Flake8 complexity level and delete the extra exceptions from code as much as possible. - Provide the needed GRUB_TERMINALparameter. (bsc#1179245) - Fixed TestContainerImageOCI unit tests - Avoid complexity complaints of Flake8 - Do not exclude filesystem folders in OCI images. (bsc#1176129) - Provide kversion helper tool for reading the kernel version from the kernel binary. (bsc#1173985) - Fix check for root device in GRUB config. (bsc#1172928)
- Obsolete python2-kiwi and handle the resultant conflicting files. (bsc#1168973, bsc#1156677) - Search properly for grub2-mkconfig when it's called differently in other operating systems. - Increase spare space on disk rapartitioning and avoid to resize indefinitely. (bsc#1165823) - When parsing the version of a tool take the longest match and avoid to consider the digit in grub2 as the version. - Check for grub mkconfig capabilities.

The check for the capabilities of the tool were applied to the tool installed on the host but the later call of the tool will be done with the tool inside the image root

  • Validate use of GRUB_USE_LINUXEFI. (bsc#1165960, bsc#1168480)

On systems that uses GRUB_USE_LINUXEFI with grub2 version less than 2.04 there is no support for dynamic EFI environment checking. In this condition we extend the grub setup to add this support.

  • Require genisoimage instead of xorriso. (jsc#SLE-7200)
  • Fix result map for OEM pxe install. (bsc#1165578)
  • Add SECURE_BOOT parameter for grub2 in efi mode. (bsc#1167746)
  • Fix order in fstab. (bsc#1164310)

Any mount point directly under / should be just right after the root mountpoint and before the custom mountpoints based on user's subvolume configuration.

  • Fixed handling of fillup templates. (bsc#1163978)

Systems using a template tool to generate config files might not be effective when they see the intermediate config files we need from the host to let certain package managers work correctly. Therefore the cleanup code in kiwi takes care to restore from an optionally existing template file if no other custom variant is present.

  • Start using tftp system user package. (bsc#1143454)

Require tftp system user package. This user was created and managed by multiple packages before, with the risk of having inconsistent criteria on its defaults. Now there is a system user package so whatever package that requries this user should just require this package and do not create or modify the tftp user.

  • Update libyui-ncurses-pkg10 to libyui-ncurses-pkg11

In Tumbleweed there is no longer the libyui-ncurses-pkg10 its been superseded by libyui-ncurses-pkg11. This fixes the test-image-qcow-openstack integration test

  • KIWI creates a redundant btrfs swap subvolume. (bsc#1159538)
  • Fix grub2 configuration for shim fallback setup. (bsc#1159235)

If shim fallback setup is enabled the grub.cfg is copied to the EFI partition.

  • Fix installation chapter in the documentation.

The chapter still outlines multipython support but the support for python2 has been removed some time ago.

  • Fixed swap setup if btrfs is used. (bsc#1156908)

In case of a volume manager the simplified variant of the device name is used in the fstab file to reference the swap device. However this is only correct for the lvm volume management but not for btrfs. In case of btrfs the swap space is not a subvolume but a real partition and thus the simplified device spec in fstab puts in the loop mapped device which is wrong.

  • Fixed root setup when building in OBS

When building in an OBS worker no udevd is running which prevents grub2-mkconfig from finding the by-* device nodes and it puts the local loop device in which is wrong.

  • Fixed setup of default grub config. (bsc#1156908)

In /etc/default/grub GRUB_CMDLINE_LINUX_DEFAULT also contained the root= information. If grub2-mkconfig runs with that information it places the root device information twice because grub2-mkconfig resolves this information itself.

  • Include grub.cfg inside the efi partition. (bsc#1157104)
  • Ensures that the grub.cfg file is included within the vfat efi partition. (bsc#1157354)
  • Fix relative path in kiwi repository. (bsc#1157104)
  • Fix zipl bootloader setup for s390 images. (bsc#1156694)
  • Ensure grub.cfg is copied in EFI/BOOT folder. (bsc#1155815)

Fix the live images in efi mode. Grub configuration file is copied to the correct location in <boot_dir>/EFI/BOOT.

  • Fix the sha256 generated file content. (bsc#1139915)

Make sure the generated sha256 file in a 'kiwi result bundle' call includes the filename with the correct extension. For compressed files it was omitting the suffix that included during the compression.

  • Fix rpmdb compat link setup. (bsc#1150190)

On older versions of zypper the path /var/lib/rpm was hardcoded and not used from the rpm macro definition. For such systems and to support them properly on hosts that have the rpm database already moved a compat link was created. However if the host has the rpm database at /var/lib/rpm the link doesn't make sense.

  • Avoid default installation of dracut kiwi modules. (bsc#1142899, bsc#1136444)

The dracut modules won't be installed by default in the initrd unless they are requested by the commandline calling dracut or by a dracut configuration file.

  • Add support for custom fstab script extension. (bsc#1129566)

In addition to fstab append and patch features we also allow an fstab.script file that is called chrooted. The change is needed to support overlay mounting of filesystems as part of the initrd. If system filesystems needs to be changed in a way that they can be used in an overlay mount, the standard mount entry has to take the x-initrd.mount capability which requires a modification of the fstab which is cumbersome to handle as a patch file. This concept is currently used as part of the MicroOS project in SUSE and is applied in the integration test build maintained for this target.

  • Add crypt dependency to kiwi-lib dracut module. (bsc#1142899)

This fixes the dependencies of the kiwi-lib dracut module to include crypt module required by kiwi-luks-lib.sh. In addition it also updates the check() section to return 255 instead of 0. In check section a return code of 0 means install it, 255 install only if required by another module, anything else, do not install.

  • 99-kiwi-lib requires rmdir, install it. (bsc#1143033)
  • Do not create a new machine-id file. (bsc#1141168)

Ensures KIWI is not creating a new machine-id empty file in case it was not provided during the system installation.

  • Extend spare partition setup. (bsc#1129566)

The spare partition could be used to introduce one additional partition table entry. The following new type attributes will be added:

  • spare_part_fs="fsname"
  • spare_part_mountpoint="/location"
  • spare_part_is_last="true|false"

Along with the setup of the partition size the filesystem and its mountpoint can be specified. If set the contents of the rootfs at the specified spare location will be synced to that partition. The spare_part_is_last attribute will place the spare partition at the end of the disk. Note this attribute is only available for the simple vmx disk type.

  • Preserve licenses/other txt files by baseStripFirmware. (bsc#1132455)

LICENSES are usually not large and should be kept alongside of the binaries. Also some firmware files sideload additional txt files (like for example brcmfmac43430 needs the sdio description txt files). We should just always include them because they're not listed as needed files.

  • Update compression flag for qcow2 format. (bsc#1128146)

In case of a qcow2 format we store the result uncompressed. Since the format conversion only takes the real bytes into account such that the sparseness of the raw disk will not result in the output format and can be taken one by one.

  • Support optional fstab.patch file. (bsc#1129566)

In addition to the support for stab.append, users can now also provide a patch file to change the contents of the fstab file as it got written by kiwi. The feature is probably rarely used but needed in the area of SUSE's transactional update mechanism.

  • Write sha256sum --check compatible shasum format. (bsc#1127173)

Change the output format of the bundler shasum file to be compatible with a sha256sum --check call.

  • Fixed import of signing keys. (bsc#1112357)
  • Fix for disk detection from root device. (bsc#1126283, bsc#1126318)

No matter if one ore more devices are used in a multipath map, if the root device is managed by multipath kiwi has to use the mapped device for all operations, otherwise we run into busy or blocked state inside of the initrd operations.

  • Fix location of grub unicode font. (bsc#1124885)

The change of the location of the font file was not applied if an iso target, live or install image is being built.

  • Handle location of the rpm DB on the macro level. (bsc#1112357)

The location of the rpm database is no longer a standard path one can trust. Some distributions put it to /var/lib others to /usr/lib. This introduces the problem of dealing with different locations between the bootstrapping (host rpm) phase and the image installation (image rpm) phase.

This implements a solution based on an intermediate rpm database configuration. KIWI creates the macros.kiwi file inside of the image root which is read by any call of rpm in the inner and outer system. During bootstrap phase the rpm dbpath from the host system is used and later in the install phase the dbpath from the rpm package as it was installed by the target image distribution is used. In case of a dbpath difference the database is automatically moved to the new location by setting the _dbpath_rebuild macro to the correct location. At the end the custom KIWI macro is deleted. The macro setup happens before the import_trusted_keys method which makes any specification for a strict dbpath obsolete. Last the implementation deletes the obsolete dump_reload_package_database code. rpm is able to automatically do the conversion of different db versions In addition that code only worked for rather old db versions. The public API has not changed though, but the method is marked obsolete and does nothing anymore. A new API method post_process_install_requests_bootstrap has been introduced to handle actions required after bootstrap and before installing of packages from inside the new image.

  • Fix Xen guest detection. (bsc#1123185)
  • Fixed location of grub unicode font file. (bsc#1119416)

grub2 is expecting the unicode font below the fonts directory in the /boot/grub*/ depending on how the distribution installs grub2.

  • Add Codec utils for bytes literals decoding. (bsc#1110871)

In case of a literal decoding failure it tries to decode the result in utf-8. This is handy in python2 environments where python and the host might be using different charset configurations. In python3 this issue seams to be solved.

  • Adding bugfix trace (bsc#1110869)
  • Fixed rpmdb compat link setup. (bsc#1150190)
  • Align setup.py with the correct license
  • virtual_size must be an integer in metadata.json

For libvirt vagrant boxes, vagrant-libvirt expects that the parameter virtual_size from metadata.json is an integer and not a string. Supplying a string results in a backtrace.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP4
    zypper in -t patch SUSE-SLE-SAP-12-SP4-2020-3859=1

Package List:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 (x86_64)
    • kiwi-pxeboot-9.20.6-3.25.1

References: