Bug#929913: unblock: simple-cdd/0.6.7

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Bug#929913: unblock: simple-cdd/0.6.7

Vagrant Cascadian-4
Package: release.debian.org
Severity: normal
User: [hidden email]
Usertags: unblock
X-Debbugs-Cc: [hidden email], [hidden email]

Please unblock package simple-cdd

This update fixes several release-critical and important bugs, as well
as documentation updates.

Several issues were reported with expired keys in the archive keyring
breaking builds with simple-cdd, even when the expired key was not
used to verify the repositories being checked. This was fixed by
allowing expired keys to be present in the keyring used by reprepro
(though are not treated as valid for verifying Release files).

A typo was fixed that caused a traceback in gpg verification, and now
reports the failing command.

The --batch argument was added to gpg calls, which are all
non-interactive, which allows it to work in docker environments.

Contact information in the README was no longer valid, and so it was removed.

Fix a number of issues with changes in qemu arguments, and re-add the
missing support to pass arbitrary qemu options.

Update example configuration files, removing obsolete options and
adjusting a syntax change in some options which no longer support
variables.

The ltsp profile was updated to use the defaults for
ltsp-client-builder, with commented examples for using the non-default
values. NFS is no longer used in LTSP by default, so is no longer
configured, and the example to configure DHCP was updated to use
dnsmasq.

The test profile was updated with new and changed preseeding options,
as well as options passed to qemu.

The default profile updated the example to avoid asking to set up
another CD.

The router profile example ethernet interface name was updated to be
consistant with current naming conventions.


diff -Nru simple-cdd-0.6.6/README simple-cdd-0.6.7/README
--- simple-cdd-0.6.6/README 2018-04-22 17:11:33.000000000 -0700
+++ simple-cdd-0.6.7/README 2019-05-27 15:48:46.000000000 -0700
@@ -1,10 +1,5 @@
 here's a quick guide to using simple-cdd...
 
-if you have further questions, ask on the simple-cdd-devel mailing list:
-http://lists.alioth.debian.org/mailman/listinfo/simple-cdd-devel, or in the
-debian-custom channel on irc.debian.org.
-
-
 Quick Start (from http://wiki.debian.org/Simple-CDD/Howto)
 
 To try Simple-CDD, on a Debian system:
diff -Nru simple-cdd-0.6.6/build-simple-cdd simple-cdd-0.6.7/build-simple-cdd
--- simple-cdd-0.6.6/build-simple-cdd 2018-04-22 20:36:26.000000000 -0700
+++ simple-cdd-0.6.7/build-simple-cdd 2019-05-28 15:39:42.000000000 -0700
@@ -532,8 +532,9 @@
         if self.env.get("use_serial_console"):
             qemu_opts.append("-nographic")
 
-        # if [ -n "$mem" ]; then
-        #         qemu_opts="$qemu_opts -m $mem"
+        if self.env.get("qemu_opts"):
+            for opt in self.env.get('qemu_opts').split():
+                qemu_opts.append(opt)
 
         # Hard disk image
         hd_img = os.path.join(self.env.get("simple_cdd_dir"), "qemu-test.hd.img")
diff -Nru simple-cdd-0.6.6/debian/changelog simple-cdd-0.6.7/debian/changelog
--- simple-cdd-0.6.6/debian/changelog 2018-04-22 21:13:56.000000000 -0700
+++ simple-cdd-0.6.7/debian/changelog 2019-05-29 21:29:45.000000000 -0700
@@ -1,3 +1,41 @@
+simple-cdd (0.6.7) unstable; urgency=medium
+
+  [ Vagrant Cascadian ]
+  * Remove invalid contact information from README.
+  * Output command run on gpg verification failure rather than passing an
+    undefined variable. (Closes: #919572, #929651).  Thanks to Vladislav
+    Tsendrovskii and Marc Fargas for the reports.
+  * Do not fail when expired keys are present in the keyring.
+    (Closes: #928703, #929193). Thanks to Sebastien Delafond and Pradeep
+    Nambiar.
+
+  [ Vagrant Cascadian ]
+  * Add back support for qemu_opts (Closes: #929660, #929636).
+  * Update qemu configuration from -std-vga to -vga std.
+  * Update example simple-cdd.conf and simple-cdd.conf.detailed, removing
+    obsolete options and adjusting options requiring variables.
+    (Closes: #909561).
+
+  [ Dirk Mayer ]
+  * added --batch param to gpg calls (Closes: #918102).
+
+  [ Vagrant Cascadian ]
+  * Update ltsp profile:
+    - Use defaults for ltsp-client-builder.
+    - Do not configure NFS, no longer used by default.
+    - Use "ltsp-config dnsmasq" as it is the preferred DHCP server.
+  * Update test profile:
+    - Add preseeding to avoid asking to set up another CD.
+    - Use preseeding to select default boot device.
+    - Update arguments for non-graphical console.
+    - Allow rebooting for initial boot test.
+  * Update default profile:
+    - Update question to avoid asking to set up another CD.
+  * Update router profile:
+    - Update default example ethernet interface.
+
+ -- Vagrant Cascadian <[hidden email]>  Wed, 29 May 2019 21:29:45 -0700
+
 simple-cdd (0.6.6) unstable; urgency=medium
 
   [ Jack Henschel ]
diff -Nru simple-cdd-0.6.6/profiles/default.preseed simple-cdd-0.6.7/profiles/default.preseed
--- simple-cdd-0.6.6/profiles/default.preseed 2017-12-16 15:58:00.000000000 -0800
+++ simple-cdd-0.6.7/profiles/default.preseed 2019-05-29 13:40:42.000000000 -0700
@@ -141,7 +141,7 @@
 #base-config apt-setup/uri_type  select http
 #base-config apt-setup/uri_type  select cdrom
 # only scan the first CD by default
-#base-config apt-setup/cd/another  boolean false
+#d-i apt-setup/cdrom/set-first  boolean false
 # don't ask to use additional mirrors
 #base-config apt-setup/another boolean false
 # Use a network mirror?
diff -Nru simple-cdd-0.6.6/profiles/ltsp.postinst simple-cdd-0.6.7/profiles/ltsp.postinst
--- simple-cdd-0.6.6/profiles/ltsp.postinst 2016-07-21 10:03:54.000000000 -0700
+++ simple-cdd-0.6.7/profiles/ltsp.postinst 2019-05-29 13:35:38.000000000 -0700
@@ -1,8 +1,5 @@
 #!/bin/sh
 
-# configure NFS
-echo '/opt/ltsp *(ro,no_root_squash,async)' >> /etc/exports
-
 # configure DHCP (disabled by default, so as not to interfere with existing
 # networks)
-#echo 'include "/etc/ltsp/dhcpd.conf";' >> /etc/dhcp3/dhcpd.conf
+#ltsp-config dnsmasq
diff -Nru simple-cdd-0.6.6/profiles/ltsp.preseed simple-cdd-0.6.7/profiles/ltsp.preseed
--- simple-cdd-0.6.6/profiles/ltsp.preseed 2016-07-21 10:03:54.000000000 -0700
+++ simple-cdd-0.6.7/profiles/ltsp.preseed 2019-05-29 13:12:08.000000000 -0700
@@ -1,4 +1,7 @@
-ltsp-client-builder     ltsp-client-builder/build-client-opts   string  --mirror file:///media/cdrom --updates-mirror none --security-mirror none --accept-unsigned-packages
+# install from network:
+#ltsp-client-builder     ltsp-client-builder/build-client-opts   string
+# install from local media without network:
+#ltsp-client-builder     ltsp-client-builder/build-client-opts   string  --mirror file:///media/cdrom --security-mirror none --updates-mirror none --accept-unsigned-packages --trust-file-mirror
 ltsp-client-builder     ltsp-client-builder/run boolean true
 #ltsp-client-builder     ltsp-client-builder/configure_network_interface boolean true
 #ltsp-client-builder     ltsp-client-builder/ltsp_update_image boolean true
diff -Nru simple-cdd-0.6.6/profiles/router.preseed simple-cdd-0.6.7/profiles/router.preseed
--- simple-cdd-0.6.6/profiles/router.preseed 2016-07-21 10:03:54.000000000 -0700
+++ simple-cdd-0.6.7/profiles/router.preseed 2019-05-29 13:59:31.000000000 -0700
@@ -1,4 +1,4 @@
-#arno-iptables-firewall  arno-iptables-firewall/config-ext-if    string  eth0
+#arno-iptables-firewall  arno-iptables-firewall/config-ext-if    string  enp1s0
 arno-iptables-firewall  arno-iptables-firewall/dynamic-ip       boolean true
 arno-iptables-firewall  arno-iptables-firewall/config-int-if    string  br0
 arno-iptables-firewall  arno-iptables-firewall/config-int-net   string  192.168.99.0/24
diff -Nru simple-cdd-0.6.6/profiles/test.conf simple-cdd-0.6.7/profiles/test.conf
--- simple-cdd-0.6.6/profiles/test.conf 2016-07-21 10:03:54.000000000 -0700
+++ simple-cdd-0.6.7/profiles/test.conf 2019-05-29 21:01:55.000000000 -0700
@@ -3,8 +3,7 @@
 keyboard=us
 use_qemu="true"
 force_preseed="true"
-auto_profiles="$auto_profiles test"
-KERNEL_PARAMS="$KERNEL_PARAMS DEBIAN_FRONTEND=text fb=false vga=normal"
+KERNEL_PARAMS="DEBIAN_FRONTEND=text fb=false gfxpayload=text nomodeset"
 vga_normal="true"
-qemu_opts="-curses -no-reboot"
+qemu_opts="-curses -m 1024"
 #use_serial_console=true
diff -Nru simple-cdd-0.6.6/profiles/test.preseed simple-cdd-0.6.7/profiles/test.preseed
--- simple-cdd-0.6.6/profiles/test.preseed 2016-07-21 10:03:54.000000000 -0700
+++ simple-cdd-0.6.7/profiles/test.preseed 2019-05-29 14:19:38.000000000 -0700
@@ -14,3 +14,7 @@
 apt-mirror-setup        apt-setup/use_mirror    boolean false
 # set to empty to avoid using security, volatile, etc.
 d-i apt-setup/services-select multiselect
+# Do not scan another CD
+d-i apt-setup/cdrom/set-first  boolean false
+# select default boot device
+d-i grub-installer/choose_bootdev select /dev/sda
diff -Nru simple-cdd-0.6.6/simple-cdd.conf simple-cdd-0.6.7/simple-cdd.conf
--- simple-cdd-0.6.6/simple-cdd.conf 2018-04-22 17:11:33.000000000 -0700
+++ simple-cdd-0.6.7/simple-cdd.conf 2019-05-29 01:46:18.000000000 -0700
@@ -14,10 +14,8 @@
 # mirror_tools="download reprepro"
 
 # Mirror variables
-server="ftp.us.debian.org"
-debian_mirror="http://$server/debian/"
-files_debian_mirror="ftp://$server/debian/"
-rsync_debian_mirror="$server::debian"
+server="deb.debian.org"
+debian_mirror="http://localmirror.example.org/debian/"
 
 # Mirror for security updates
 #   Expects security updates to be in dists/DEBIAN_DIST/updates
@@ -32,5 +30,4 @@
 
 # Generate a simple package repository on the CD with the debs cited
 #   Please insert full paths.
-local_packages=""
-
+local_packages="/path/to/local/packages/ /path/to/local.deb"
diff -Nru simple-cdd-0.6.6/simple-cdd.conf.detailed simple-cdd-0.6.7/simple-cdd.conf.detailed
--- simple-cdd-0.6.6/simple-cdd.conf.detailed 2018-04-22 17:19:34.000000000 -0700
+++ simple-cdd-0.6.7/simple-cdd.conf.detailed 2019-05-29 01:55:15.000000000 -0700
@@ -38,8 +38,8 @@
 
 # Mirror variables
 #server="ftp.us.debian.org"
-#debian_mirror="ftp://$server/debian/"
-#rsync_debian_mirror="$server::debian"
+#debian_mirror="ftp://ftp.us.debian.org/debian/"
+#rsync_debian_mirror="ftp.us.debian.org::debian"
 
 # which components to get from the mirror
 #mirror_components="main"
@@ -53,7 +53,7 @@
 #   Only works with "download reprepro" mirror tools.
 #debian_mirror_extra="http://example.com/debian/"
 
-#mirror_components_extra="$mirror_components non-free"
+#mirror_components_extra="main non-free"
 
 # Extra files to include onto the CD
 #   These will get copied to /simple-cdd dir on the CD
@@ -81,20 +81,17 @@
 
 # Location of debian-cd files
 #debian_cd_dir=/usr/share/debian-cd
-#debian_cd_dir=$simple_cdd_dir/debian-cd
-
-# Temporary directory for simple-cdd
-#simple_cdd_temp="$simple_cdd_dir/tmp/"
+#debian_cd_dir=/path/to/debian-cd
 
 # Set target architecture for build
-#export ARCH=${ARCH:-`dpkg --print-architecture`}
-#export ARCHES=$ARCH
+#export ARCH=amd64
+#export ARCHES="amd64 i386"
 
 # You can use a alternative splash image using a PNG image (640 x 480,
 # 4-bit colormap, non-interlaced), other formats should work but weren't
 # tested. Keep in mind that the alternative splash image will be displayed
 # only at the installer boot prompt.
-# export SPLASHPNG="$simple_cdd_dir/yourimage.png"
+# export SPLASHPNG="/path/to/yourimage.png"
 
 # Don't include the manual or release notes, respectively, to save space.
 #export OMIT_MANUAL=1
@@ -104,10 +101,10 @@
 #export DOJIGDO=0
 
 # Define the CD label
-#export DISKINFO="Simple-cdd Installer: Debian GNU/Linux $DEBVERSION $CODENAME $(date --utc +%Y%m%d)"
+#export DISKINFO="Simple-cdd Installer: Debian GNU/Linux 10 buster 20190529"
 
 # Where debian-cd expects to find itself :)
-#export BASEDIR=$simple_cdd_temp/debian-cd
+#export BASEDIR=/path/to/debian-cd
 # Kernel parameters passed to the CD bootloader works with isolinux on i386.
 #export KERNEL_PARAMS="preseed/file=/cdrom/simple-cdd/default.preseed"
 
@@ -124,47 +121,9 @@
 ## Values used by both the various mirror tools and debian-cd
 #
 # directory of debian mirror
-#export MIRROR=$simple_cdd_dir/mirror/
-
-# location of generated task file
-#export TASK=$simple_cdd_temp/simple-cdd.task
-
-# These are generally debian-cd files which should get included in the task file
-#includes="$BASEDIR/tasks/debian-installer+kernel-$CODENAME $BASEDIR/tasks/debian-installer-$CODENAME $BASEDIR/tasks/base-$CODENAME"
-
-# Location of generated debpartial-mirror configuration file
-#debpartial_conf="$simple_cdd_temp/debpartial-mirror.conf"
-
-# Package filter
-#debpartial_filter="main:*:standard main:*:required main:*:important main/debian-installer:*:*"
-#debpartial_filter_security="main:*:standard main:*:required main:*:important"
-#debpartial_filter_extra="main:*:standard main:*:required main:*:important"
-# Filter for newer (0.2.90+) versions of debpartial-mirror
-#debpartial_filter_new="priority:required|important|standard"
-
-# Components for newer (0.2.90+) versions of debpartial-mirror
-#debpartial_components="main main/debian-installer"
-# Security components for newer (0.2.90+) versions of debpartial-mirror
-#debpartial_components_security="main"
-# Extra components for newer (0.2.90+) versions of debpartial-mirror
-#debpartial_components_extra="main"
+#export MIRROR=/path/to/mirror/
 
 ## debian-cd options
-#
-# Packages to include in initial debootstrap install.
-# Note that this will not work well with multi-arch CDs
-#export BASE_INCLUDE=$simple_cdd_temp/simple-cdd.$CODENAME.base_include
-
-# Packages to exclude from the initial debootstrap install, useful if
-# you want to use a MTA other than exim
-#export BASE_EXCLUDE=$simple_cdd_dir/excludes/base-excludes-sarge
-
-# Location where generated CD image(s) will be put
-#export OUT=$simple_cdd_dir/images/
-
-# debian-cd temporary directories
-#export TDIR="$simple_cdd_temp/cd-build"
-#export APTTMP="$TDIR/apt/"
 
 # Increase the size limit if debian-cd tries to make more CDs than you want,
 # and the generated CDs are smaller than 650MB, or if you want to generate
@@ -189,16 +148,10 @@
 ## qemu options
 #
 # Location of the hard disk image (used with qemu's -hda option)
-#hd_img="$simple_cdd_dir/qemu-test.hd.img"
+#hd_img="/path/to/qemu-test.hd.img"
 
 # size of qemu hard disk image to create (if not already present)
 #hd_size="6G"
 
-# location of the CD image (used with qemu's -cdrom option)
-#cd_img="$OUT/${CDNAME:-debian}-$(echo $DEBVERSION | sed -e 's/[. ]//g')-$(echo $ARCHES | tr ' ' '-')-CD-1.iso"
-
-# memory available within qemu, in MB
-#mem=96
-
 # additional options that get passed to qemu
-#qemu_opts="-std-vga"
+#qemu_opts="-vga std -m 1024"
diff -Nru simple-cdd-0.6.6/simple_cdd/gnupg.py simple-cdd-0.6.7/simple_cdd/gnupg.py
--- simple-cdd-0.6.6/simple_cdd/gnupg.py 2018-04-22 17:11:33.000000000 -0700
+++ simple-cdd-0.6.7/simple_cdd/gnupg.py 2019-05-29 10:19:14.000000000 -0700
@@ -30,7 +30,7 @@
 
 
     def common_gpg_args(self):
-        args = ["gpg", "--no-default-keyring"]
+        args = ["gpg", "--batch", "--no-default-keyring"]
         for k in self.env.get("keyring"):
             args.extend(("--keyring", k))
         return args
@@ -52,7 +52,7 @@
         args.extend(extra_args)
         retval = run_command("verify gpg signature", args)
         if retval != 0:
-            raise Fail("Signature verification failed on %s", pathname)
+            raise Fail("Signature verification failed on %s", args)
 
     def verify_detached_sig(self, pathname, sigpathname):
         return self.verify_gpg_sig("--verify", sigpathname, pathname)
@@ -66,7 +66,7 @@
         """
         env = dict(os.environ)
         env["GNUPGHOME"] = self.env.get("GNUPGHOME")
-        proc = subprocess.Popen(["gpg", "--import", keyring_file], stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env)
+        proc = subprocess.Popen(["gpg", "--batch", "--import", keyring_file], stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env)
         stdout, stderr = proc.communicate()
         retval = proc.wait()
         if retval != 0:
@@ -80,6 +80,7 @@
         keyring file
         """
         keys_raw = subprocess.check_output(["gpg",
+                                            "--batch",
                                             "--no-default-keyring",
                                             "--keyring", keyring_file,
                                             "--list-keys",
@@ -93,4 +94,9 @@
             status = fields[11]
             if 'D' in status: continue
             if 's' not in status and 'S' not in status: continue
-            yield keyid
+            # Append '!' to keyid to allow expired keys in the
+            # keyring, though reprepro still requires
+            # --ignore=expired* arguments in order to treat signatures
+            # from expired keys as valid.
+            # https://bugs.debian.org/928703
+            yield keyid+'!'


unblock simple-cdd/0.6.7


Thanks for all your work towards releasing Debian!

live well,
  vagrant

signature.asc (233 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Bug#929913: unblock: simple-cdd/0.6.7

Niels Thykier
Vagrant Cascadian:

> Package: release.debian.org
> Severity: normal
> User: [hidden email]
> Usertags: unblock
> X-Debbugs-Cc: [hidden email], [hidden email]
>
> Please unblock package simple-cdd
>
> This update fixes several release-critical and important bugs, as well
> as documentation updates.
>
> Several issues were reported with expired keys in the archive keyring
> breaking builds with simple-cdd, even when the expired key was not
> used to verify the repositories being checked. This was fixed by
> allowing expired keys to be present in the keyring used by reprepro
> (though are not treated as valid for verifying Release files).
>
> A typo was fixed that caused a traceback in gpg verification, and now
> reports the failing command.
>
> The --batch argument was added to gpg calls, which are all
> non-interactive, which allows it to work in docker environments.
>
> Contact information in the README was no longer valid, and so it was removed.
>
> Fix a number of issues with changes in qemu arguments, and re-add the
> missing support to pass arbitrary qemu options.
>
> Update example configuration files, removing obsolete options and
> adjusting a syntax change in some options which no longer support
> variables.
>
> The ltsp profile was updated to use the defaults for
> ltsp-client-builder, with commented examples for using the non-default
> values. NFS is no longer used in LTSP by default, so is no longer
> configured, and the example to configure DHCP was updated to use
> dnsmasq.
>
> The test profile was updated with new and changed preseeding options,
> as well as options passed to qemu.
>
> The default profile updated the example to avoid asking to set up
> another CD.
>
> The router profile example ethernet interface name was updated to be
> consistant with current naming conventions.
>
> [...]
>
>
> unblock simple-cdd/0.6.7
>
>
> Thanks for all your work towards releasing Debian!
>
> live well,
>   vagrant
>

Looks good to me, CC'ing KiBi for a d-i ack before completing the unblock.

Thanks,
~Niels

Reply | Threaded
Open this post in threaded view
|

Bug#929913: unblock: simple-cdd/0.6.7

Cyril Brulebois-4
Niels Thykier <[hidden email]> (2019-06-04):
> Vagrant Cascadian:
> > unblock simple-cdd/0.6.7
>
> Looks good to me, CC'ing KiBi for a d-i ack before completing the unblock.

No objections, thanks.


Cheers,
--
Cyril Brulebois ([hidden email])            <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant

signature.asc (849 bytes) Download Attachment