At some poing over the last week, the bootx64.efi file has grown
past the 800KB threshold, resulting in being unable to copy it to
the EFI/BOOT directory.
# stat -f %z efiboot.znWo7m
819200
# stat -f %z stand-test.PIEugN/EFI/BOOT/bootx64.efi
842752
The comment in the script that creates the ISOs suggests that 800KB
is the maximum allowed for the boot code, however I was able to
boot an ISO with a 1024KB boot partition. Additionally, I verified
against an ISO from OtherOS, where the boot EFI partition is 2.4MB.
Sponsored by: Rubicon Communications, LLC (netgate.com)
This was originally part of the initial commit, but after discussion in
D26399, I split it out into its own commit after the kernel config file.
Sponsored by: Tag1 Consulting, Inc.
Some IPMI implementations on arm64 are reportedly unable to load our
memstick installer images, but support the older ISO format. Start
generating these for arm64.
Unlike installer ISOs for other platforms, these images are UEFI-only.
Reviewed by: emaste
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D26452
Everywhere else we use objects ("scripts", generally) we do sepcify the
optional colon. Be consistent and do the same for directories.
PR: 249273
Submitted by: Martin <martin.jakob gmx com>
MFC after: 1 week
Prior to this commit, EC2 AMIs used a "dual-dhclient" tool which was
launched in place of dhclient and spawned both the base system dhclient
for IPv4 and the ISC dhclient from ports for IPv6.
Now that rtsold supports the "M bit" (managed configuration), we can go
back to having the base system dhclient spawned normally, and provide a
script to rtsold which spawns the ISC dhclient from ports when rtsold
decides that it is appropriate.
Thanks to: bz
MFC after: 1 week
Sponsored by: https://www.patreon.com/cperciva
The FreeBSD base system continues to expand. 4GB is now insufficient;
we passed 3 GB in May 2019; we passed 2 GB in August 2017. Over half
of the disk space used is in /usr/lib/debug/.
Without this change, instances boot but are unusable, since the first
thing which breaks when VM filesystems are too small is the "pkg install"
in the VM building process.
the '-C <directory>' after the subcommand.
Meanwhile, hard-code 'git -C <...> pull' for now.
Reported by: Michael Butler
Sponsored by: Rubicon Communications, LLC (netgate.com)
on the system. Set a null branch/hash in this case, to avoid
undefined GITREV/GITBRANCH variables from falling over in other
areas.
Reported by: many
Sponsored by: Rubicon Communications, LLC (netgate.com)
Makefile.* (cloudware):
- Consistify setting the BUILDDATE for snapshots.
release.conf.sample/release.sh:
- Run 'git clone' in 'quiet' mode.
Makefile.inc1:
- Set BUILDDATE and export the variable.
Sponsored by: Rubicon Communications, LLC (netgate.com)
release.sh:
- Bump the version number.
- Default VCSCMD to '/usr/local/bin/git clone'.
- Rename SVN* variables to GIT* equivalents.
- Remove dead code to inject a trailing '/' between two variables.
- Remove SRC_FORCE_CHECKOUT.
- Exit if the build host does not have devel/git installed.
- Install devel/git in the build chroot(8) for newvers.sh.
release.conf.sample:
- Update sample configuration variables to the git equivalent.
relnotes-search.sh:
- Remove script. It is specifically for use with svn.
Sponsored by: Rubicon Communications, LLC (netgate.com)
- New file. Adds logic to search for the git binary, as well
as determining the branch and revision, used in various
places.
Makefile:
- Remove searching for the svn{,lite} binary.
Makefile.ec2:
- Reduce duplicated code, removing searching for the svn{,lite}
binary, in addition to EC2_SVN{BRANCH,REV}.
- Rename EC2_SVN* with GIT* for consistency.
Makefile.mirrors:
- Remove the SRCBRANCH declaration, replaced with the exported
GITBRANCH variable.
- Update _SNAP_SUFFIX from SVNREVISION to GITREV, and remove
the leading 'r' from it, since it will break git hashes.
- Remove yet another instance of duplicated code to search for
the svn{,version}lite binary.
Sponsored by: Rubicon Communications, LLC (netgate.com)
EFI support is a hard requirement for generating Hyper-V Gen2 VM images.
Reviewed by: gjb
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D25655
This adjusts freebsd-update.conf and portsnap.conf files in EC2 AMIs to
point at the new AWS-hosted mirror network.
Approved by: re (delphij)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D25498
This reverts the i386 part of r342283, "Rework UEFI ESP generation", and
the followup commit in r342690.
r342283 added an ESP to the i386 memstick image, and as a side effect
made the ESP the active partition, not the bootcode-containing UFS
partition. As a result the i386 memstick images would not boot in
either UEFI or legacy mode - UEFI failed because we do not support i386
UEFI booting, and legacy mode failed because the partition with legacy
bootcode was not active.
The bootcode-containing UFS partition is again the only, and active,
partition.
PR: 246494
Reported by: Jorge Maidana
Differential Revision: The FreeBSD Foundation
-development is long and awkward, and is also inconsistent with prior art
from the Linux world, which uses -dev (Debian) or -devel (Red Hat). Follow
the Debian convention, and similarly for debug info packages.
Also remove redundant pkgbase development tag from includes. We already tag
include files with package=runtime,dev; there is no need to separately tag
them as dev.
Discussed with: bapt
Reviewed by: manu
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D24139
The ebsnvme-id utility exposes information about EC2 disks -- for
Elastic Block Store volumes, their volume IDs and "linux device
names", and for Instance Store (aka "Ephemeral") disks, their
serial numbers.
The dev_aws_disk rc.d script and associated devd.conf rule maintains
a tree under /dev/aws/disk:
/dev/aws/disk/ebs/<volume ID>
/dev/aws/disk/linuxname/<linux device name>
/dev/aws/disk/ephemeral/<serial number>
which are symlinks to the corresponding nda or nvd devices.
MFC after: 1 week
Sponsored by: https://www.patreon.com/cperciva
Since Amazon Elastic File System is only available within AWS, it seems
more appropriate to have this added only in EC2 AMIs rather than
"polluting" non-EC2 images with it.
Reviewed by: gjb
MFC after: 7 days
Relnotes: Amazon EFS filesystems can be automounted by enabling autofs
and placing "/efs -efs" into /etc/auto_master.
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D24791
FreeBSD is in the process of switching from nvd(4) to nda(4) as the disk
device front-end to NVMe. Changing the default in the kernel is tricky
since existing systems may have /dev/nvd* hard-coded e.g. in /etc/fstab;
however, there's no reason to not change the default in HEAD for *new*
systems.
At present I have no intention of MFCing this to stable branches, since
someone might reasonably expect scripts they use for launching and
configuring FreeBSD 12.1 instances to work with FreeBSD 12.2 AMIs, for
example.
Reviewed by: gjb, imp
Relnotes: NVMe disks in EC2 instances launched from 13.0 and later
now show up as nda(4) devices.
Differential Revision: https://reviews.freebsd.org/D24583
Also mark it as config file so if a user changes this file pkg will attempt
to merge the new file upon an update.
device.hints is neither related to runtime or loader but it make more sense
to have it in loader in case some user delete /boot/ and wants to recreate it,
now only two packages are required FreeBSD-bootloader and the kernel package.
While here change where we override the package for files installed in /boot,
this allow us to keep other tags (such as config).
Reported by: pizzamig
Reviewed by: bapt pizzamig emaste
Differential Revision: https://reviews.freebsd.org/D24159
autofs was introduced with FreeBSD 10.1 and is the supported method for
automounting filesystems. As of r296194 the amd man page claimed that it
is deprecated. Remove it from base now; the sysutils/am-utils port is
still available if necessary.
Discussed with: cy
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
We don't produce these anymore as of r356797, remove the remnant in
generate-ucl.sh that accounted for them. This isn't strictly necessary, but
future work is needed for the various packages that can be generated on a
lib build.
Namely, we may produce -development packages for private/internal libs that
should be installed but won't have the base FreeBSD-libfoo pkg to depend on
because it's internal (e.g. liby, libpmcstat, libifconfig) but we want the
headers installed. It may be a better move to just shove these into
-runtime-development instead, but if not then we've just simplified the
cases that need to take private/internal libs into account.
I forgot to do this as part of r345858 -- I added it to the
vm_extra_pre_umount in vmimage.subr but forgot that function
was overridden in the EC2 build.
MFC after: 2 weeks
I've discovered I have this local diff that never got committed -- this
should have been a part of r355424.
Reproted by: Klaus Küchemann <maciphone2@googlemail.com>
This cuts out a large chunk of duplicated *.ucl files that just needed
dependencies tacked on, and gives generate-ucl.sh some leeway in case a
future pkg may need more than one dependency.
Run-through to determine which ones could simply be removed done with for i
in *.ucl; do diff -U3 template.ucl ${i}; done | less and inspecting for any
differences beyond just adding deps at the end. The remaining ucl files are
basically all differently-licensed, require scripts, or are marked vital.
I've opted to remove %PKGDEPS% entirely without regard for third-party ucl,
as pkgbase is not yet considered production. However, I do not hold a strong
position on this and there is approximately 0 chance it will return.
clibs should have been added previously in generate-ucl.sh as one that
doesn't have any dependencies, but do so now that we would otherwise be
tacking on the runtime dependency.
Reviewed by: manu, bapt (earlier version)
Differential Revision: https://reviews.freebsd.org/D23415
The original intention for caroot was to be packaged separately, perhaps so
that users can have a more/less conservative upgrade policy for this
separated from the rest of base.
secure/caroot/Makefile doesn't have anything interesting to package, but its
subdirectories might. Move the PACKAGE= to Makefile.inc so both blacklisted
and trusted get packaged consistently into the correct one rather than the
default -utilities. Also tag the directories for package=caroot, as they
could also be empty; blacklisted is empty by default, but trusted is not.
Add a post-install script to do certctl rehash, along with a note should we
eventually come up with a way to detect that files have been added or
removed that requires a rehash.
-caroot gets a dependency on -utilities, as that's where we provide certctl
at the moment. We can perhaps reconsider this and put certctl into this
package in the future, but there are some bits within -utilities that
unconditionally invoke certctl so let's hold off for now.
Reviewed by: manu (earlier version, before -utilities dep added)
Differential Revision: https://reviews.freebsd.org/D23352
These are just direct copies of the template. If they don't exist but are
attempted to be used, generate-ucl.sh will simply fallback to the template
anyways. Let it do so to reduce potential maintenance burden.
Make stock FreeBSD more useful for people wishing to use them. The
QEMU folks suggested this change. It adds a serial console which
allows them to interact with FreeBSD from the earliest moments. This
allows them to configure FreeBSD via the serial port to set it up for
CI use.
Reviewed by: kevans@
Sponsored by: Netflix, Inc
Differential Revision: https://reviews.freebsd.org/D22786
The recent rpi-firmware update renamed "0" to "zero" in the RPi0 DTB
filename
It also included the components needed to boot the RPi4, so install those
now -- interested parties can install sysutils/u-boot-rpi4 and copy
config_rpi4.txt to config.txt on the FAT partition in order to boot the
board. Do note that we currently don't support ethernet/usb/pci.
Reviewed by: manu
MFC after: 3 days
Postings were sent to -arch@ on 2019/09/13 and 2019/10/01, proposing and
confirming a removal of these scripts on 2019/10/31, due to significant work
needed to bring this into the modern world and nobody having done this work
in the past couple of years. No objections or proposed work was raised in
response to these postings. The tinyware may see a resurrection into a
separate repo for archival purposes if any users of it show interest in
doing so.
MFC after: never
Notices appear both in picobsd(8) (near the top for easy notice) and are
also printed to stderr on every invocation of picobsd for visibility.
The tentative date for removal is October 31st, as no volunteers have
stepped forward at all from postings to -arch@ at least.
No objection from: -arch@
MFC after: 3 days
picobsd/tinyware has had this compact HTTPD server for a long time, and some
people do use it. Move it out into usr.sbin well in advance of any action
being taken on picobsd.
This has been gated behind an HTTPD option defaulted to *off*, primarily for
two reasons:
1.) This code likely needs a good audit, as it's been living off in picobsd
land for a long time, and
2.) We don't currently ship an httpd and this may not be a welcome surprise.
Reviewed by: eugen
Differential Revision: https://reviews.freebsd.org/D21724
Since login and login.conf moved to the utilities packages move also
the post-install related commands.
Reported by: mj-mailinglist@gmx.de
Reviewed by: bapt
The default package use to be FreeBSD-runtime but it should only contain
binaries and libs enough to boot to single user and repair the system, it
is also very handy to have a package that can be tranform to a small mfsroot.
So create a new package named FreeBSD-utilities and make it the default one.
Also move a few binaries and lib into this package when it make sense.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21506
It doesn't need to be in runtime and might help people who want to
experiment with other rc system or don't use one (like in small
embedded mfsroot).
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21499
Bootloader file isn't needed for jails so don't include it in FreeBSD-runtime.
Reviewed by: bapt, delphij, gjb
Differential Revision: https://reviews.freebsd.org/D21496
With this last piece in place, make -C /usr/src/release release.iso is
finally able to run in a jail. This was not possible before because
msdosfs cannot be mounted inside a jail.
Submitted by: ryan@ixsystems.com
Reviewed by: emaste@, imp@, gjb@
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D21385
"static" keywords and -Werror,-Wmissing-variable-declarations
This change adds needed "static" so it builds again with WARNS?=6
No functional changes.
MFC after: 1 week
Update login(1), its manual pages, similar utilities, and motd.5 to refer to
the new location.
Suggested by: delphij@ (re: r349256)
Reviewed by: bcr (manpages), delphij
Differential Revision: https://reviews.freebsd.org/D20721
Move the bluetooth related files from FreeBSD-runtime to a new package named
FreeBSD-bluetooth
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and bluetooth isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20959
Move the hostapd related files from FreeBSD-runtime to a new package n
FreeBSD-hostapd
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and hostapd isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20958
Move the wpa related files from FreeBSD-runtime to a new package named
FreeBSD-wpa
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and wpa isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20957
Remove RELEASE_CRUNCH here. It's obsolete and hasn't worked in a while. The
build options need to be revisited, since many older ones are listed, while
newer useful ones are not. But that rototilling I'll leave to others.
directory where the individual distribution sets exist.
The new metadata files include the build date, svn branch, and
revision of the build.
Requested by: Mellanox Technologies (via kib)
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC (Netgate)
SRC_CONF, __MAKE_CONF and SRCCONF, respectively) through
to arm_install_base() and chroot_arm_build_release().
This prevents failures when the target image is intended
to be build with make.conf(5) and src.conf(5) overrides,
which are correctly handled for non-embedded image builds.
Reported and tested by: Daniel Engberg
PR: 238615
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
The fix to override the default python version when building
the sysutils/py-google-compute-engine did not work, and there
are still issues that need to be addressed in the port itself.
See bugzilla 238267 for additional details.
MFC after: 6 days
MFC with: r348438
MFC note: no-op to appease the merge tracker
Sponsored by: The FreeBSD Foundation
size is too small to bootstrap the firstboot_pkgs list.
While here, add the growfs(8) startup script to /etc/rc.conf,
as Vagrant images can be resized by modifying the Vagrantfile.
Reported by: dbaio
PR: 238226
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
The ports/head branch recently switched to python3 as the default,
which breaks the sysutils/py-google-compute-engine startup scripts,
as lang/python installs lang/python3{,.x} where lang/python2{,.x}
are needed.
Set DEFAULT_VERSIONS in release/tools/gce.conf to python=2.7, and
remove the lang/python3 inclusion in VM_EXTRA_PACKAGES.
Additionally, unset DEFAULT_VERSIONS in release/tools/vmimage.subr
to prevent persistence of DEFAULT_VERSIONS=python=2.7 in subsequent
VM/cloud image builds.
Note: at present, this affects only 13-CURRENT and 12-STABLE, as
the stable/11 branch had already switched to using the 2019Q2 branch
at the start of the 11.3-RELEASE cycle, so this does not immediately
affect 11.3-BETA, hence the 1-week merge timeout. This had been
manually tested on 13-CURRENT.
Reported by: ler (privately)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Summary:
loader has grown to the point it's overflowing the existing 307200 bytes
allocated to it in the HFS boot partition on the isos.
Bump the space reservation up to 500k.
Submitted by: Brandon Bergren
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D20301
AMIs have been breaking for the past month due to insufficient disk space.
Due to the small amount of overhead in the disk image, the EC2 AMIs end
up with the same (4GB) minimum disk size.
Reported by: Michal Krawczyk
30GB to 3GB. The raw images can be resized using truncate(1), and
other formats can be resized with tools included with other tools
included with other hypervisors.
Enable the growfs(8) rc(8) at firstboot if the disk was resized
prior to booting the virtual machine for the first time.
Discussed with: several
PR: 232313 (requested in other context)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
If MACHINE_ARCH doesn't match TARGET_ARCH, and we're not in the special
case of building i386 images on an amd64 host, we need to pull in the
qemu-user-static package; this allows us to run some commands inside
the VM disk image chroot, most notably to install packages.
Reviewed by: gjb
MFC after: 2 weeks
Sponsored by: FreeBSD/EC2 patreon (https://www.patreon.com/cperciva)
to full filesystem. This makes the size of the arm64 SoC images
consistent with armv6 and armv7.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation