This curtin rev adds the following:
Dan Bungert (3):
extract: log source information
tests/data: 4k sector disk
storage_config: handle partitions on 4k disk
Nick Rosbrook (1):
apt: disable default deb822 migration
For ZFS, we recently introduced a call to $(umount --recursive /target)
slighly before shutting down or rebooting. Unfortunately, on s390x, we
also had a very late call to chreipl to make the firmware boot from the
installed system.
The call to chreipl reads data from /target/boot, and it fails if the
filesystem is no longer mounted.
Fixed by calling chreipl earlier in the installation, during the
postinst phase rather than after the user clicks "reboot".
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Making an install that used an existing RAID failed because of an
attempt to log the size of the RAID when rendering the curtin config.
This turns out to be because when the client sends the storage objects
back to the server it loses all the "api only" data including the udev
data that is needed to display the size.
In some sense this is a bit silly, we could just drop the log statement
and it would be fine but I think it's probably better to always have the
full storage objects in the server (until we can get away from this
hackish API anyway).
Adding this import means a dependency on probert, which also means
anybody importing subiquity.common.types also has that requirement.
The make-kbd-info script imports types, and that steps was causing
snapcraft build failures due to not finding probert.
When the URL of the security archive is unset, curtin will set it to the
URL of the primary archive.
This is not the behavior we want for Ubuntu installations. On amd64 (and
i386), the URL of the security archive should be set to
http://security.ubuntu.com/ubuntu
On other architectures, it should be set to
http://ports.ubuntu.com/ubuntu-ports
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
Mirror testing should focus on testing the primary mirror, not the
security archive - therefore we disable the -security suite.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
When a network interface is disconnected from the system (e.g.,
physically removed if it's a USB adapter), probert asynchronously calls
the del_link() method.
Upon receiving this notification, Subiquity server wants to send an
update to the Subiquity clients. The update contains information about
the interface that disappeared - which is obtained through a call to
netdev_info.
Unfortunately, for Wi-Fi and Ethernet interfaces, netdev_info
dereferences the NetworkDev.info variable. Interfaces that no longer
exist on the system (and also interfaces that do not yet exist), have
their "info" variable set to None - so an exception is raised when
dereferencing it.
Wi-Fi interface:
File "subiquitycore/models/network.py", line 227, in netdev_info
scan_state=self.info.wlan['scan_state'],
AttributeError: 'NoneType' object has no attribute 'wlan'
Ethernet interface:
File "subiquitycore/models/network.py", line 201, in netdev_info
is_connected = bool(self.info.is_connected)
AttributeError: 'NoneType' object has no attribute 'is_connected'
Fixed by making sure netdev_info does not raise if the dev.info variable
is None. This is a valid use-case.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
When accessing the Help menu, Subiquity looks up the IP addresses
currently configured - so it knows whether to show the "Help on SSH
access" option.
Unfortunately, it also looks for IP addresses on devices that were
"configured" through the network screen but that still do not exist in
the system. When such a device exist (e.g., a bond), the Subiquity
client crashes with the following exception:
Traceback (most recent call last):
File "subiquity/common/api/server.py", line 164, in handler
result = await implementation(**args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "subiquity/server/server.py", line 117, in ssh_info_GET
ips.extend(map(str, dev.actual_global_ip_addresses))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "subiquitycore/models/network.py", line 394, in actual_global_ip_addresses
for _, addr in sorted(self.info.addresses.items())
^^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'addresses'
A similar crash is observed when calling /network/global_addresses after
creating the bond.
Fixed by only checking the IP addresses of devices that have a
probert.network.Link instance (i.e., they exist in the system).
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
When a Wi-Fi interface is present in the machine configuration (e.g.,
mwhudson.json), the GUI seemingly ignores it. This happens because there
is a filter on the server side which only returns Wi-Fi interfaces if
the wlan_support_install_state() function returns
PackageInstallState.DONE.
However, calling the /network endpoint shows that the state is set to
the wrong value:
{"wlan_support_install_state": "NOT_NEEDED"}
This turns out to be inconsistent because:
* we lean on a PackageInstaller instance to tell if wpasupplicant is
installed (this is what the wlan_support_install_state() function
reflects) ; but
* in dry-run mode, we pretend to install wpasupplicant without
actually relying on the PackageInstaller instance.
Fixed by using the PackageInstaller instance to install the
wpasupplicant package - with a special implementation that only pretends
to install it. This is enough to make the PackageInstaller instance
think the package is installed.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
When the server raises an exception in a HTTP request handler context,
more often than not, the exception is sent back to the client in the
body.
Additionally, the message of the exception (if any), is also copied as
is in a x-error-msg HTTP header.
That said, HTTP headers must obey strict rules. The "\r\n" sequence
indicate the end of the current HTTP header. When using aiohttp, the
library rejects any header that has a "\r" or "\n" in its value:
ValueError: Newline or carriage return character detected in HTTP status message or header. This is a potential security issue.
As an example, any curtin.util.ProcessExecutionError exception will
contain "\n" characters when converted into a string.
We now encode the error message as JSON before copying it in the HTTP
header.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>