When the source changes, the available variations should change as well.
If we keep the old variations in the
FilesystemController._variations_info dictionary, we end up with a crash
later in the install.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
CVE-2023-5182
As autoinstall-user-data contains a password hash hash for a user with
sudo access, create the autoinstall-user-data as 0400 root:root.
The old permissions are 0640 root:adm, and the adm group does not by
default have sudo access, so cracking that hash could lead to privilege
escallation for someone in the adm group.
Thanks to Patric Åhlin and Johan Hortling for identifying and reporting
the issue.
The workflows defined respectively in build.yaml and snap.yaml were
both called "CI". On the Github web interface, it resulted in two menus
called "CI" with no easy way to know which is which.
To make things clearer, we now:
* rename build.yaml -> ci.yaml
* call "Snap" the workflow defined by snap.yaml
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
When handling a POST request to /source, Subiquity sends a 'source
configured' event. This signals other controllers / models that they
need to restart their tasks that depend on the source being used.
However, if the user of the installer goes back all the way to the
source page and submits it again without changing the settings, there
should be no reason to restart the machinery.
If a call to source ends up doing no modification to the model (i.e.,
not changing the source used or the search_drivers setting), we now
avoid emitting the 'source configured' event ; except if the model has
not been configured yet.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
If we ask for reboot before the installation has started (i.e., if
curtin install was not invoked at least once), the following call fails
and prevents the system from rebooting.
$ umount --recursive /target
Make sure we check that /target exists and is mounted before calling
umount.
Another approach would be to check the return value of umount but the
values are not documented.
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
ubuntu-restricted-addons is a multiverse package and is not included in
the pool. Therefore, trying to get it installed when offline leads to an
obvious error.
Instead of making the whole Ubuntu installation fail, we now warn and
skip installation of the package when performing an offline install.
In a perfect world, we should not have offered to install the package in
the first place, but in practice, we can run an offline installation as
the result of failed mirror testing (bad network for instance).
Signed-off-by: Olivier Gayot <olivier.gayot@canonical.com>
In LP: #2009141, we are hitting kernel limits and pyudev buffer limits.
We don't care about specific events, so much as getting one event,
waiting for things to calm down, then reprobing.
Outright disable the event monitor, and re-enable later. If there is a
storm of events, testing has shown that stopping the listener is not
enough.
Robert Krátký