Recommended update for python-kiwi

Announcement ID:	SUSE-RU-2022:0533-1
Rating:	moderate
References:	bsc#1180539 bsc#1184128 bsc#1184823 bsc#1185287 bsc#1185937 bsc#1187460 bsc#1187461 bsc#1187515 bsc#1192975 bsc#1195229
Affected Products:	Development Tools Module 15-SP3 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Real Time 15 SP2 SUSE Linux Enterprise Real Time 15 SP3 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2

An update that has 10 fixes can now be installed.

Description:

This update for python-kiwi fixes the following issues:

This version upgrade includes several fixes:

• Ensure backward compatibility on deprecated methods

This commit ensures backward compatibility for deprecated config bash script utilities. (bsc#1195229)

• Fixed regression in compression detection. (bsc#1192975)

• index.rst: Change title (bsc#1189294#c2)

• suggested in bsc#1189294#c2 for more clarity

• change has been discussed with and approved by main author (Marcus S.)

• Care for different snapper template locations. (bsc#1192940)

• Do not force dracut into a compression setting

• Fixed secure boot fallback setup

  Make sure MokManager gets copied. The name and location of the mok manager is distribution specific in the same way as the shim loader. Thus we need to apply a similar concept for looking it up. (bsc#1187515)

• Allow creation of LUKS system with empty key

  To support cloud platforms better we should allow the creation of an initial(insecure) LUKS encrypted image with an empty passphrase/keyfile. (bsc#1187461, bsc#1187460)

• Delete obsolete 'ddb.adapterType' patching

  When building a vmdk image with pvscsi as adapter type, kiwi implicitly changed the adapter_type from pvscsi to lsilogic because qemu only knows lsilogic. At the end kiwi patched the adapter type in the descriptor of the vmdk header back to pvscsi. That patching seems to be wrong according to information from users and VMware support. This commit deletes the descriptor patching and only leaves the pvscsi setting in the guest configuration(vmx). bsc#1180539)

• Make dracut version check more robust

  The check_dracut_module_versions_compatible_to_kiwi() runtime check calls the package manager from the host and reads the package database from the image root. Doing this requires the package database in the image to be compatible with the package manager on the host. However this cannot be guarenteed and it is more robust to chroot into the image root and call the package manager from there. However, this change also comes with the cost that it's required to have a package manager available in the image root tree. Therefore along with the chroot based call, eventual exceptions from the call are now catched and leads to a debug message in the log file but will not lead the runtime check to fail. I consider the cases without a package database inside of the image to be less critical than the incompatibility issue between the host tooling and the package database in the image. (bsc#1185937)

• Fixed setup of repository architecture

  Unfortunately the architecture reported by uname is not necessarily the same name as used in the repository metadata. Therefore it was not a good idea to set the architecture and manage the name via a mapping table. It also has turned out that repo arch names are distro specific which causes more complexity on an eventual mapping table. In the end this commit changes the way how the repository architecture is setup in a way that we only set the architecture if a name was explicitly specified such that the user keeps full control over it without any mapping magic included (bsc#1185287)

• Do not apply default subcommand for derivate containers

  This commit does not apply the default subcommand for derivate containers. (bsc#1184823)

• Added openssl to the core requires

  openssl is used in kiwi to construct a password hash if the plaintext password feature for user settings is used. (bsc#1184128)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• Development Tools Module 15-SP3
  zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-533=1
• SUSE Linux Enterprise Real Time 15 SP2
  zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-533=1
• SUSE Linux Enterprise Micro 5.0
  zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-533=1
• SUSE Linux Enterprise Micro 5.1
  zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-533=1

Package List:

• Development Tools Module 15-SP3 (aarch64 ppc64le s390x x86_64)
  • kiwi-systemdeps-containers-9.24.16-3.44.1
  • dracut-kiwi-overlay-9.24.16-3.44.1
  • kiwi-man-pages-9.24.16-3.44.1
  • kiwi-systemdeps-core-9.24.16-3.44.1
  • kiwi-tools-9.24.16-3.44.1
  • kiwi-systemdeps-9.24.16-3.44.1
  • kiwi-tools-debuginfo-9.24.16-3.44.1
  • kiwi-systemdeps-filesystems-9.24.16-3.44.1
  • kiwi-systemdeps-bootloaders-9.24.16-3.44.1
  • kiwi-systemdeps-disk-images-9.24.16-3.44.1
  • kiwi-systemdeps-iso-media-9.24.16-3.44.1
  • python-kiwi-debugsource-9.24.16-3.44.1
  • dracut-kiwi-oem-repart-9.24.16-3.44.1
  • dracut-kiwi-live-9.24.16-3.44.1
  • kiwi-systemdeps-image-validation-9.24.16-3.44.1
  • python3-kiwi-9.24.16-3.44.1
  • dracut-kiwi-oem-dump-9.24.16-3.44.1
  • dracut-kiwi-lib-9.24.16-3.44.1
• Development Tools Module 15-SP3 (x86_64)
  • kiwi-pxeboot-9.24.16-3.44.1
• SUSE Linux Enterprise Real Time 15 SP2 (x86_64)
  • dracut-kiwi-overlay-9.24.16-3.44.1
  • kiwi-man-pages-9.24.16-3.44.1
  • kiwi-systemdeps-core-9.24.16-3.44.1
  • kiwi-tools-9.24.16-3.44.1
  • kiwi-tools-debuginfo-9.24.16-3.44.1
  • python-kiwi-debugsource-9.24.16-3.44.1
  • kiwi-systemdeps-filesystems-9.24.16-3.44.1
  • kiwi-systemdeps-bootloaders-9.24.16-3.44.1
  • kiwi-systemdeps-disk-images-9.24.16-3.44.1
  • kiwi-systemdeps-iso-media-9.24.16-3.44.1
  • dracut-kiwi-oem-repart-9.24.16-3.44.1
  • kiwi-pxeboot-9.24.16-3.44.1
  • dracut-kiwi-live-9.24.16-3.44.1
  • kiwi-systemdeps-image-validation-9.24.16-3.44.1
  • python3-kiwi-9.24.16-3.44.1
  • dracut-kiwi-oem-dump-9.24.16-3.44.1
  • dracut-kiwi-lib-9.24.16-3.44.1
• SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64)
  • dracut-kiwi-oem-repart-9.24.16-3.44.1
  • python-kiwi-debugsource-9.24.16-3.44.1
  • dracut-kiwi-lib-9.24.16-3.44.1
• SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
  • dracut-kiwi-oem-repart-9.24.16-3.44.1
  • python-kiwi-debugsource-9.24.16-3.44.1
  • dracut-kiwi-lib-9.24.16-3.44.1

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1180539
• https://bugzilla.suse.com/show_bug.cgi?id=1184128
• https://bugzilla.suse.com/show_bug.cgi?id=1184823
• https://bugzilla.suse.com/show_bug.cgi?id=1185287
• https://bugzilla.suse.com/show_bug.cgi?id=1185937
• https://bugzilla.suse.com/show_bug.cgi?id=1187460
• https://bugzilla.suse.com/show_bug.cgi?id=1187461
• https://bugzilla.suse.com/show_bug.cgi?id=1187515
• https://bugzilla.suse.com/show_bug.cgi?id=1192975
• https://bugzilla.suse.com/show_bug.cgi?id=1195229