forked from sig_altarch/RockyRpi
Updated kickstart, added tech issues synopsis
- Re-added selinux in kickstart (building on EL9 now) - Changed bootstrap rpi9 package location - Added a document explaining technical hurdles to building the 9 image -Skip G.
This commit is contained in:
parent
1bfa5a621a
commit
eee2febc3d
@ -16,7 +16,7 @@ part / --asprimary --fstype=ext4 --size=2800 --label=RPIROOT
|
|||||||
repo --name="BaseOS" --baseurl=http://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/ --cost=100
|
repo --name="BaseOS" --baseurl=http://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/ --cost=100
|
||||||
repo --name="AppStream" --baseurl=http://download.rockylinux.org/stg/rocky/9/AppStream/aarch64/os/ --cost=200 --install
|
repo --name="AppStream" --baseurl=http://download.rockylinux.org/stg/rocky/9/AppStream/aarch64/os/ --cost=200 --install
|
||||||
repo --name="PowerTools" --baseurl=http://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/ --cost=300 --install
|
repo --name="PowerTools" --baseurl=http://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/ --cost=300 --install
|
||||||
repo --name="rockyrpi" --baseurl=https://bootstrap9.releng.rockylinux.org/RockyRpi_9_Test/rpi_repo/ --cost=50 --install
|
repo --name="rockyrpi" --baseurl=https://bootstrap9.releng.rockylinux.org/RockyRpi/9_package/ --cost=50 --install
|
||||||
#--baseurl=https://download.rockylinux.org/pub/rocky/8/rockyrpi/aarch64/os/ --cost=100 --install
|
#--baseurl=https://download.rockylinux.org/pub/rocky/8/rockyrpi/aarch64/os/ --cost=100 --install
|
||||||
|
|
||||||
|
|
||||||
@ -26,14 +26,13 @@ repo --name="rockyrpi" --baseurl=https://bootstrap9.releng.rockylinux.org/Rocky
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Install proces:
|
# Install process:
|
||||||
install
|
|
||||||
keyboard us --xlayouts=us --vckeymap=us
|
keyboard us --xlayouts=us --vckeymap=us
|
||||||
rootpw --lock
|
rootpw --lock
|
||||||
# FIXME user creation here does not work ?
|
# FIXME user creation here does not work ?
|
||||||
# user --name="rocky" --password="rockylinux" --plaintext --gecos="Rocky default user" --groups=wheel --uid=1000
|
# user --name="rocky" --password="rockylinux" --plaintext --gecos="Rocky default user" --groups=wheel --uid=1000
|
||||||
timezone --isUtc --nontp UTC
|
timezone --isUtc --nontp UTC
|
||||||
selinux --disabled
|
selinux --enforcing
|
||||||
firewall --enabled --port=22:tcp
|
firewall --enabled --port=22:tcp
|
||||||
network --bootproto=dhcp --device=link --activate --onboot=on
|
network --bootproto=dhcp --device=link --activate --onboot=on
|
||||||
services --enabled=sshd,NetworkManager,chronyd
|
services --enabled=sshd,NetworkManager,chronyd
|
||||||
|
84
TECH_ISSUES
Normal file
84
TECH_ISSUES
Normal file
@ -0,0 +1,84 @@
|
|||||||
|
List of technical issues encountered in building the Rocky 9 Raspberry Pi image, and how they were overcome:
|
||||||
|
|
||||||
|
|
||||||
|
###
|
||||||
|
1)
|
||||||
|
SELinux file label issues during image create:
|
||||||
|
|
||||||
|
When SELinux is enforcing in the image, it attempts to label files as the kickstart is running.
|
||||||
|
Unfortunately, if building an EL9 image on an EL8 kernel + host system, there will be incompatibilities with the labels on the SELinux implementations, which causes the errors.
|
||||||
|
|
||||||
|
SOLUTION: Build the image on an EL9 or equivalent Fedora host, or disable SELinux in the kickstart (it can be turned on later in the image, but there is a relabel process to go through)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
###
|
||||||
|
2)
|
||||||
|
RPMDB + libdnf issues:
|
||||||
|
|
||||||
|
When trying to install new packages, you get repeated warnings from DNF saying "warning: Found bdb Packages database while attempting sqlite backend: using bdb backend."
|
||||||
|
It also prevents the import of RPM GPG keys, which effectively means no package installs.
|
||||||
|
|
||||||
|
Similar to this:
|
||||||
|
https://bugzilla.redhat.com/show_bug.cgi?id=1836108
|
||||||
|
|
||||||
|
|
||||||
|
SOLUTION: Build the image on an EL9 host, OR run "rpmdb --rebuilddb" at the end of %post in kickstart, or on the Raspberry Pi itself.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
###
|
||||||
|
3)
|
||||||
|
RPi Broadcom Wifi Issue
|
||||||
|
|
||||||
|
Since Fedora 34(?), the linux-firmware package has all of its artifacts xz-compressed in order to save space.
|
||||||
|
This breaks the Raspberry Pi wifi driver, as the firmware file locations are hard-coded, and will not use the .xz files.
|
||||||
|
|
||||||
|
|
||||||
|
SOLUTION:
|
||||||
|
As a workaround, a script is included in the rocky-rpi-release package which copies the firmware .xz files, extracts them, and puts them back in the proper directory (alongside the original .xz files).
|
||||||
|
The script (fix-wifi-rpi.sh) is run during the kickstart to fix wireless, and can be run by root at any time.
|
||||||
|
The files in question live in /lib/firmware/brcm/.
|
||||||
|
|
||||||
|
A better, non-workaround solution will require more research - likely a rpi-kernel patch.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
###
|
||||||
|
4)
|
||||||
|
DNF/Appliance Creator Unmount issues:
|
||||||
|
|
||||||
|
When finishing image creation, the host machine's DNF can "hang" on to open files, causing the various unmounts at the end of the process to fail, and thus the whole image process.
|
||||||
|
|
||||||
|
The errors vary in their locations, but look like this:
|
||||||
|
|
||||||
|
umount: /var/tmp/imgcreate-e84ozsji/install_root/sys/fs/selinux/load: not mounted.
|
||||||
|
Traceback (most recent call last):
|
||||||
|
File "/usr/bin/livecd-creator", line 265, in
|
||||||
|
sys.exit(main())
|
||||||
|
|
||||||
|
|
||||||
|
Livecd-Tools Bug Report and discussion: https://github.com/livecd-tools/livecd-tools/issues/232
|
||||||
|
Related RH Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2087734
|
||||||
|
LibDNF patch: https://github.com/rpm-software-management/dnf/commit/5ce5ed1ea08ad6e198c1c1642c4d9ea2db6eab86
|
||||||
|
|
||||||
|
|
||||||
|
SOLUTION:
|
||||||
|
|
||||||
|
A simple patch needs to be applied to the HOST system's libdnf base.py (ex: /usr/lib/python3.9/site-packages/dnf/base.py )
|
||||||
|
The patch is here: https://github.com/rpm-software-management/dnf/commit/5ce5ed1ea08ad6e198c1c1642c4d9ea2db6eab86
|
||||||
|
|
||||||
|
Basically: "import gc" (at the top)
|
||||||
|
|
||||||
|
and at the bottom of the reset() method:
|
||||||
|
|
||||||
|
if sack and goal:
|
||||||
|
gc.collect()
|
||||||
|
|
||||||
|
|
||||||
|
This fixes the hanging file handle/unmount issue
|
||||||
|
|
Loading…
Reference in New Issue
Block a user