diff --git a/bin/dib-lint b/bin/dib-lint index 964c982f..c30e928c 100755 --- a/bin/dib-lint +++ b/bin/dib-lint @@ -85,10 +85,15 @@ for i in $(find $ELEMENTS_DIR -type f \ error "$i is not executable" fi - # Ensure 4 spaces indent are used - if [[ "$(file -b -k --mime-type $i)" =~ "text/x-python" ]]; then + # run flake8 over python files. note our "dib-python" + # interpreter can confuse the magic matching being done in + # "file" and make it think the file is not python; + # special-case it. + if [[ "$(file -b -k --mime-type $i)" =~ "text/x-python" ]] || \ + [[ $firstline =~ "dib-python" ]]; then flake8 $i || error "$i failed flake8" else + # Ensure 4 spaces indent are used if ! excluded indent ; then indent_regex='^\( \{4\}\)* \{1,3\}[^ ]' if grep -q "$indent_regex" ${i}; then diff --git a/diskimage_builder/elements/architecture-emulation-binaries/extra-data.d/01-copy-binary b/diskimage_builder/elements/architecture-emulation-binaries/extra-data.d/01-copy-binary index 01409906..ee970b01 100755 --- a/diskimage_builder/elements/architecture-emulation-binaries/extra-data.d/01-copy-binary +++ b/diskimage_builder/elements/architecture-emulation-binaries/extra-data.d/01-copy-binary @@ -53,7 +53,7 @@ case "$ARCH" in qemu_binary_file="/usr/bin/qemu-arm-static" copy_binary $qemu_binary_file $ARCH ;; - "arm64") + "arm64" | "aarch64") qemu_binary_file="/usr/bin/qemu-aarch64-static" copy_binary $qemu_binary_file $ARCH ;; diff --git a/diskimage_builder/elements/debian/element-deps b/diskimage_builder/elements/debian/element-deps index 0f508629..1c0ebe24 100644 --- a/diskimage_builder/elements/debian/element-deps +++ b/diskimage_builder/elements/debian/element-deps @@ -1 +1,2 @@ debian-minimal +openssh-server diff --git a/diskimage_builder/elements/debian/package-installs.yaml b/diskimage_builder/elements/debian/package-installs.yaml index 92d0131d..97829bce 100644 --- a/diskimage_builder/elements/debian/package-installs.yaml +++ b/diskimage_builder/elements/debian/package-installs.yaml @@ -1,4 +1,3 @@ -openssh-server: file: less: kbd: diff --git a/diskimage_builder/elements/dynamic-login/element-deps b/diskimage_builder/elements/dynamic-login/element-deps index 74451ffb..34c57c76 100644 --- a/diskimage_builder/elements/dynamic-login/element-deps +++ b/diskimage_builder/elements/dynamic-login/element-deps @@ -1,3 +1,3 @@ dib-init-system install-static -package-installs +openssh-server diff --git a/diskimage_builder/elements/local-config/package-installs.yaml b/diskimage_builder/elements/local-config/package-installs.yaml deleted file mode 100644 index c342a0be..00000000 --- a/diskimage_builder/elements/local-config/package-installs.yaml +++ /dev/null @@ -1 +0,0 @@ -openssh-server: diff --git a/elements/mellanox/element-deps b/diskimage_builder/elements/mellanox/element-deps similarity index 100% rename from elements/mellanox/element-deps rename to diskimage_builder/elements/mellanox/element-deps diff --git a/elements/mellanox/package-installs.yaml b/diskimage_builder/elements/mellanox/package-installs.yaml similarity index 100% rename from elements/mellanox/package-installs.yaml rename to diskimage_builder/elements/mellanox/package-installs.yaml diff --git a/elements/mellanox/pkg-map b/diskimage_builder/elements/mellanox/pkg-map similarity index 100% rename from elements/mellanox/pkg-map rename to diskimage_builder/elements/mellanox/pkg-map diff --git a/diskimage_builder/elements/openssh-server/README.rst b/diskimage_builder/elements/openssh-server/README.rst new file mode 100644 index 00000000..7190deab --- /dev/null +++ b/diskimage_builder/elements/openssh-server/README.rst @@ -0,0 +1,14 @@ +============== +openssh-server +============== +This element ensures that openssh server is installed and enabled during boot. + + +Note +---- +Most cloud images come with the openssh server service installed and enabled +during boot. However, certain cloud images, especially those created by the +\*-minimal elements may not have it installed or enabled. In these cases, +using this element may be helpful to ensure your image will accessible via SSH. +It's usually helpful to combine this element with others such as the +`runtime-ssh-host-keys`. diff --git a/diskimage_builder/elements/openssh-server/element-deps b/diskimage_builder/elements/openssh-server/element-deps new file mode 100644 index 00000000..fe8fa3f8 --- /dev/null +++ b/diskimage_builder/elements/openssh-server/element-deps @@ -0,0 +1,3 @@ +dib-init-system +package-installs +runtime-ssh-host-keys diff --git a/diskimage_builder/elements/dynamic-login/package-installs.yaml b/diskimage_builder/elements/openssh-server/package-installs.yaml similarity index 100% rename from diskimage_builder/elements/dynamic-login/package-installs.yaml rename to diskimage_builder/elements/openssh-server/package-installs.yaml diff --git a/diskimage_builder/elements/openssh-server/pkg-map b/diskimage_builder/elements/openssh-server/pkg-map new file mode 100644 index 00000000..9b039341 --- /dev/null +++ b/diskimage_builder/elements/openssh-server/pkg-map @@ -0,0 +1,10 @@ +{ + "family": { + "suse": { + "openssh-server": "openssh" + }, + "gentoo": { + "openssh-server": "openssh" + } + } +} diff --git a/diskimage_builder/elements/openssh-server/post-install.d/80-enable-sshd-service b/diskimage_builder/elements/openssh-server/post-install.d/80-enable-sshd-service new file mode 100755 index 00000000..50238bbc --- /dev/null +++ b/diskimage_builder/elements/openssh-server/post-install.d/80-enable-sshd-service @@ -0,0 +1,29 @@ +#!/bin/bash + +if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then + set -x +fi +set -eu +set -o pipefail + +case "$DIB_INIT_SYSTEM" in + upstart) + # nothing to do + exit 0 + ;; + systemd) + if [[ $DISTRO_NAME = "ubuntu" || $DISTRO_NAME = "debian" ]]; then + systemctl enable ssh.service + else + systemctl enable sshd.service + fi + ;; + openrc) + # let dib-init-system's postinstall handle enabling init scripts + exit 0 + ;; + *) + echo "Unsupported init system" + exit 1 + ;; +esac diff --git a/elements/opensuse-minimal/README.rst b/diskimage_builder/elements/opensuse-minimal/README.rst similarity index 100% rename from elements/opensuse-minimal/README.rst rename to diskimage_builder/elements/opensuse-minimal/README.rst diff --git a/elements/opensuse-minimal/element-deps b/diskimage_builder/elements/opensuse-minimal/element-deps similarity index 100% rename from elements/opensuse-minimal/element-deps rename to diskimage_builder/elements/opensuse-minimal/element-deps diff --git a/elements/opensuse-minimal/element-provides b/diskimage_builder/elements/opensuse-minimal/element-provides similarity index 100% rename from elements/opensuse-minimal/element-provides rename to diskimage_builder/elements/opensuse-minimal/element-provides diff --git a/elements/opensuse-minimal/environment.d/10-opensuse-distro-name.bash b/diskimage_builder/elements/opensuse-minimal/environment.d/10-opensuse-distro-name.bash similarity index 100% rename from elements/opensuse-minimal/environment.d/10-opensuse-distro-name.bash rename to diskimage_builder/elements/opensuse-minimal/environment.d/10-opensuse-distro-name.bash diff --git a/diskimage_builder/elements/package-installs/bin/package-installs-v2 b/diskimage_builder/elements/package-installs/bin/package-installs-v2 index f1814dd7..b4a4d0d8 100755 --- a/diskimage_builder/elements/package-installs/bin/package-installs-v2 +++ b/diskimage_builder/elements/package-installs/bin/package-installs-v2 @@ -101,3 +101,8 @@ def main(): if __name__ == '__main__': main() + +# Tell emacs to use python-mode +# Local variables: +# mode: python +# End: diff --git a/diskimage_builder/elements/posix/element-deps b/diskimage_builder/elements/posix/element-deps index 7076aba9..dd21b5aa 100644 --- a/diskimage_builder/elements/posix/element-deps +++ b/diskimage_builder/elements/posix/element-deps @@ -1 +1 @@ -package-installs +openssh-server diff --git a/diskimage_builder/elements/rpm-distro/pre-install.d/01-override-yum-arch b/diskimage_builder/elements/rpm-distro/pre-install.d/01-override-yum-arch index c1347ec9..3e11e7d3 100755 --- a/diskimage_builder/elements/rpm-distro/pre-install.d/01-override-yum-arch +++ b/diskimage_builder/elements/rpm-distro/pre-install.d/01-override-yum-arch @@ -18,6 +18,9 @@ elif [[ "$ARCH" = "ppc64" ]]; then elif [[ "$ARCH" = "ppc64el" ]]; then basearch=ppc64el arch=ppc64el +elif [[ "$ARCH" = "aarch64" ]]; then + basearch=aarch64 + arch=aarch64 else echo "********************" echo "Unknown arch '$ARCH'" diff --git a/elements/runtime-ssh-host-keys/static/usr/local/sbin/runtime-ssh-host-keys.sh b/diskimage_builder/elements/runtime-ssh-host-keys/static/usr/local/sbin/runtime-ssh-host-keys.sh similarity index 92% rename from elements/runtime-ssh-host-keys/static/usr/local/sbin/runtime-ssh-host-keys.sh rename to diskimage_builder/elements/runtime-ssh-host-keys/static/usr/local/sbin/runtime-ssh-host-keys.sh index 4fa2374d..60757d3e 100755 --- a/elements/runtime-ssh-host-keys/static/usr/local/sbin/runtime-ssh-host-keys.sh +++ b/diskimage_builder/elements/runtime-ssh-host-keys/static/usr/local/sbin/runtime-ssh-host-keys.sh @@ -12,10 +12,9 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. -# dib-lint: disable=dibdebugtrace +# dib-lint: disable=dibdebugtrace setpipefail set -exu -set -o pipefail # We are running into race conditions with glean, which ssh-keygen -A is # not handling properly. So, create a new script to first check if the @@ -23,7 +22,7 @@ set -o pipefail for key in dsa ecdsa ed25519 rsa; do FILE=/etc/ssh/ssh_host_${key}_key - if ! [ -e $FILE ]; then + if ! [ -f $FILE ]; then /usr/bin/yes n | /usr/bin/ssh-keygen -f $FILE -N '' -t $key fi done diff --git a/elements/sysctl/README.rst b/diskimage_builder/elements/sysctl/README.rst similarity index 100% rename from elements/sysctl/README.rst rename to diskimage_builder/elements/sysctl/README.rst diff --git a/elements/sysctl/bin/sysctl-set-value b/diskimage_builder/elements/sysctl/bin/sysctl-set-value similarity index 100% rename from elements/sysctl/bin/sysctl-set-value rename to diskimage_builder/elements/sysctl/bin/sysctl-set-value diff --git a/elements/sysctl/bin/sysctl-write-value b/diskimage_builder/elements/sysctl/bin/sysctl-write-value similarity index 100% rename from elements/sysctl/bin/sysctl-write-value rename to diskimage_builder/elements/sysctl/bin/sysctl-write-value diff --git a/diskimage_builder/elements/yum-minimal/root.d/08-yum-chroot b/diskimage_builder/elements/yum-minimal/root.d/08-yum-chroot index 10fe1d25..7760897b 100755 --- a/diskimage_builder/elements/yum-minimal/root.d/08-yum-chroot +++ b/diskimage_builder/elements/yum-minimal/root.d/08-yum-chroot @@ -242,7 +242,17 @@ else sudo -E chroot $TARGET_ROOT ${YUM} -y update sudo -E chroot $TARGET_ROOT ${YUM} -y \ --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \ - install passwd findutils sudo util-linux-ng + install systemd passwd findutils sudo util-linux-ng + + # This package is split out from systemd on >F24, dracut is + # missing the dependency and will fail to make an initrd without + # it; see + # https://bugzilla.redhat.com/show_bug.cgi?id=1398505 + if [ $DISTRO_NAME = "fedora" -a $DIB_RELEASE -ge 24 ]; then + sudo -E chroot $TARGET_ROOT ${YUM} -y \ + --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \ + install systemd-udev + fi # Put in a dummy /etc/resolv.conf over the temporary one we used # to bootstrap. systemd has a bug/feature [1] that it will assume diff --git a/elements/zypper-minimal/README.rst b/diskimage_builder/elements/zypper-minimal/README.rst similarity index 100% rename from elements/zypper-minimal/README.rst rename to diskimage_builder/elements/zypper-minimal/README.rst diff --git a/elements/zypper-minimal/element-deps b/diskimage_builder/elements/zypper-minimal/element-deps similarity index 100% rename from elements/zypper-minimal/element-deps rename to diskimage_builder/elements/zypper-minimal/element-deps diff --git a/elements/zypper-minimal/install.d/15-zypper-fstab b/diskimage_builder/elements/zypper-minimal/install.d/15-zypper-fstab similarity index 100% rename from elements/zypper-minimal/install.d/15-zypper-fstab rename to diskimage_builder/elements/zypper-minimal/install.d/15-zypper-fstab diff --git a/elements/zypper-minimal/package-installs.yaml b/diskimage_builder/elements/zypper-minimal/package-installs.yaml similarity index 100% rename from elements/zypper-minimal/package-installs.yaml rename to diskimage_builder/elements/zypper-minimal/package-installs.yaml diff --git a/elements/zypper-minimal/root.d/08-zypper-chroot b/diskimage_builder/elements/zypper-minimal/root.d/08-zypper-chroot similarity index 100% rename from elements/zypper-minimal/root.d/08-zypper-chroot rename to diskimage_builder/elements/zypper-minimal/root.d/08-zypper-chroot diff --git a/elements/zypper/element-deps b/diskimage_builder/elements/zypper/element-deps similarity index 100% rename from elements/zypper/element-deps rename to diskimage_builder/elements/zypper/element-deps diff --git a/diskimage_builder/lib/common-defaults b/diskimage_builder/lib/common-defaults index ebbff5f1..c5dc15f2 100644 --- a/diskimage_builder/lib/common-defaults +++ b/diskimage_builder/lib/common-defaults @@ -26,6 +26,8 @@ else "armv"*) _ARCH="armhf" ;; + "aarch64") + ;; *) echo "WARNING: Unknown architecture: $_ARCH" ;; diff --git a/diskimage_builder/lib/common-functions b/diskimage_builder/lib/common-functions index d4f65f5e..9b0449c4 100644 --- a/diskimage_builder/lib/common-functions +++ b/diskimage_builder/lib/common-functions @@ -143,6 +143,10 @@ function eval_run_d () { } function kill_chroot_processes () { + local xtrace + xtrace=$(set +o | grep xtrace) + set +o xtrace + if [ -z "${1}" ]; then echo "ERROR: no chroot directory specified" exit 1 @@ -157,6 +161,8 @@ function kill_chroot_processes () { sudo kill $pid fi done + + $xtrace } function cleanup_build_dir () { diff --git a/releasenotes/notes/openssh-server-0f6d065748a2fc18.yaml b/releasenotes/notes/openssh-server-0f6d065748a2fc18.yaml new file mode 100644 index 00000000..985475b8 --- /dev/null +++ b/releasenotes/notes/openssh-server-0f6d065748a2fc18.yaml @@ -0,0 +1,4 @@ +--- +features: + - New openssh-server element to ensure that the openssh + server is installed and enabled during boot.