From ff0c13f90c4e4ca922171a08f7344e86cd64fcd0 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Wed, 29 Jul 2020 18:18:33 +0300 Subject: Build initramfs images only once Place custom mkinitcpio.conf in airootfs. Use a custom mkinitcpio preset to specify generated image file path. --- configs/baseline/airootfs/etc/mkinitcpio.conf | 69 ++++++++++++++++++++++ .../airootfs/etc/mkinitcpio.d/linux.preset | 11 ++++ 2 files changed, 80 insertions(+) create mode 100644 configs/baseline/airootfs/etc/mkinitcpio.conf create mode 100644 configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/mkinitcpio.conf b/configs/baseline/airootfs/etc/mkinitcpio.conf new file mode 100644 index 0000000..9741d17 --- /dev/null +++ b/configs/baseline/airootfs/etc/mkinitcpio.conf @@ -0,0 +1,69 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# vim:set ft=sh +# MODULES +# The following modules are loaded before any boot hooks are +# run. Advanced users may wish to specify all system modules +# in this array. For instance: +# MODULES=(piix ide_disk reiserfs) +MODULES=() + +# BINARIES +# This setting includes any additional binaries a given user may +# wish into the CPIO image. This is run last, so it may be used to +# override the actual binaries included by a given hook +# BINARIES are dependency parsed, so you may safely ignore libraries +BINARIES=() + +# FILES +# This setting is similar to BINARIES above, however, files are added +# as-is and are not parsed in any way. This is useful for config files. +FILES=() + +# HOOKS +# This is the most important setting in this file. The HOOKS control the +# modules and scripts added to the image, and what happens at boot time. +# Order is important, and it is recommended that you do not change the +# order in which HOOKS are added. Run 'mkinitcpio -H ' for +# help on a given hook. +# 'base' is _required_ unless you know precisely what you are doing. +# 'udev' is _required_ in order to automatically load modules +# 'filesystems' is _required_ unless you specify your fs modules in MODULES +# Examples: +## This setup specifies all modules in the MODULES setting above. +## No raid, lvm2, or encrypted root is needed. +# HOOKS=(base) +# +## This setup will autodetect all modules for your system and should +## work as a sane default +# HOOKS=(base udev autodetect block filesystems) +# +## This setup will generate a 'full' image which supports most systems. +## No autodetection is done. +# HOOKS=(base udev block filesystems) +# +## This setup assembles a pata mdadm array with an encrypted root FS. +## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. +# HOOKS=(base udev block mdadm encrypt filesystems) +# +## This setup loads an lvm2 volume group on a usb device. +# HOOKS=(base udev block lvm2 filesystems) +# +## NOTE: If you have /usr on a separate partition, you MUST include the +# usr, fsck and shutdown hooks. +HOOKS=(base udev archiso block filesystems) + +# COMPRESSION +# Use this to compress the initramfs image. By default, gzip compression +# is used. Use 'cat' to create an uncompressed image. +#COMPRESSION="gzip" +#COMPRESSION="bzip2" +#COMPRESSION="lzma" +#COMPRESSION="xz" +#COMPRESSION="lzop" +#COMPRESSION="lz4" + +# COMPRESSION_OPTIONS +# Additional options for the compressor +#COMPRESSION_OPTIONS=() diff --git a/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset new file mode 100644 index 0000000..a1949cd --- /dev/null +++ b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset @@ -0,0 +1,11 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# mkinitcpio preset file for the 'linux' package on archiso + +PRESETS=('archiso') + +ALL_kver='/boot/vmlinuz-linux' +ALL_config='/etc/mkinitcpio.conf' + +archiso_image="/boot/archiso.img" -- cgit v1.2.3-70-g09d2 From 136152e672d56fd624a56a32af6f584f66fc50dc Mon Sep 17 00:00:00 2001 From: nl6720 Date: Wed, 2 Sep 2020 23:38:13 +0300 Subject: Do not rename the initramfs image This is a breaking change. archweb, archiso-manager and various documentation must be updated. * https://github.com/archlinux/archweb/blob/master/templates/releng/archlinux.ipxe * https://github.com/pierres/archiso-manager/blob/master/Makefile --- archiso/mkarchiso | 4 ++-- configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset | 2 +- configs/baseline/syslinux/syslinux.cfg | 2 +- configs/releng/airootfs/etc/mkinitcpio.d/linux.preset | 2 +- configs/releng/efiboot/loader/entries/archiso-x86_64-cd.conf | 2 +- configs/releng/efiboot/loader/entries/archiso-x86_64-usb.conf | 2 +- configs/releng/syslinux/archiso_pxe.cfg | 6 +++--- configs/releng/syslinux/archiso_sys.cfg | 2 +- 8 files changed, 11 insertions(+), 11 deletions(-) (limited to 'configs/baseline/airootfs') diff --git a/archiso/mkarchiso b/archiso/mkarchiso index c5169f7..5c124bd 100755 --- a/archiso/mkarchiso +++ b/archiso/mkarchiso @@ -415,7 +415,7 @@ _make_bootmodes() { _make_boot_on_iso() { _msg_info "Preparing kernel and intramfs for the ISO 9660 file system..." install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/${arch}" - install -m 0644 -- "${airootfs_dir}/boot/archiso.img" "${isofs_dir}/${install_dir}/boot/${arch}/" + install -m 0644 -- "${airootfs_dir}/boot/initramfs-linux.img" "${isofs_dir}/${install_dir}/boot/${arch}/" install -m 0644 -- "${airootfs_dir}/boot/vmlinuz-linux" "${isofs_dir}/${install_dir}/boot/${arch}/" if [[ -e "${airootfs_dir}/boot/intel-ucode.img" ]]; then install -m 0644 -- "${airootfs_dir}/boot/intel-ucode.img" "${isofs_dir}/${install_dir}/boot/" @@ -516,7 +516,7 @@ _make_boot_on_fat() { _msg_info "Preparing kernel and intramfs for the FAT file system..." mmd -i "${isofs_dir}/EFI/archiso/efiboot.img" ::/EFI/archiso mcopy -i "${isofs_dir}/EFI/archiso/efiboot.img" \ - "${airootfs_dir}/boot/vmlinuz-linux" "${airootfs_dir}/boot/archiso.img" ::/EFI/archiso/ + "${airootfs_dir}/boot/vmlinuz-linux" "${airootfs_dir}/boot/initramfs-linux.img" ::/EFI/archiso/ if [[ -e "${airootfs_dir}/boot/intel-ucode.img" ]]; then mcopy -i "${isofs_dir}/EFI/archiso/efiboot.img" "${airootfs_dir}/boot/intel-ucode.img" ::/EFI/archiso/ fi diff --git a/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset index a1949cd..d35f137 100644 --- a/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset +++ b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset @@ -8,4 +8,4 @@ PRESETS=('archiso') ALL_kver='/boot/vmlinuz-linux' ALL_config='/etc/mkinitcpio.conf' -archiso_image="/boot/archiso.img" +archiso_image="/boot/initramfs-linux.img" diff --git a/configs/baseline/syslinux/syslinux.cfg b/configs/baseline/syslinux/syslinux.cfg index a3908da..d7396b8 100644 --- a/configs/baseline/syslinux/syslinux.cfg +++ b/configs/baseline/syslinux/syslinux.cfg @@ -11,5 +11,5 @@ TIMEOUT 30 LABEL arch MENU LABEL Arch Linux LINUX boot/%ARCH%/vmlinuz-linux -INITRD boot/%ARCH%/archiso.img +INITRD boot/%ARCH%/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% diff --git a/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset b/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset index a1949cd..d35f137 100644 --- a/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset +++ b/configs/releng/airootfs/etc/mkinitcpio.d/linux.preset @@ -8,4 +8,4 @@ PRESETS=('archiso') ALL_kver='/boot/vmlinuz-linux' ALL_config='/etc/mkinitcpio.conf' -archiso_image="/boot/archiso.img" +archiso_image="/boot/initramfs-linux.img" diff --git a/configs/releng/efiboot/loader/entries/archiso-x86_64-cd.conf b/configs/releng/efiboot/loader/entries/archiso-x86_64-cd.conf index 52d9536..a706064 100644 --- a/configs/releng/efiboot/loader/entries/archiso-x86_64-cd.conf +++ b/configs/releng/efiboot/loader/entries/archiso-x86_64-cd.conf @@ -5,5 +5,5 @@ title Arch Linux install medium (x86_64, UEFI) linux /EFI/archiso/vmlinuz-linux initrd /EFI/archiso/intel-ucode.img initrd /EFI/archiso/amd-ucode.img -initrd /EFI/archiso/archiso.img +initrd /EFI/archiso/initramfs-linux.img options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% diff --git a/configs/releng/efiboot/loader/entries/archiso-x86_64-usb.conf b/configs/releng/efiboot/loader/entries/archiso-x86_64-usb.conf index e1a3908..1a14b11 100644 --- a/configs/releng/efiboot/loader/entries/archiso-x86_64-usb.conf +++ b/configs/releng/efiboot/loader/entries/archiso-x86_64-usb.conf @@ -5,5 +5,5 @@ title Arch Linux install medium (x86_64, UEFI) linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux initrd /%INSTALL_DIR%/boot/intel-ucode.img initrd /%INSTALL_DIR%/boot/amd-ucode.img -initrd /%INSTALL_DIR%/boot/x86_64/archiso.img +initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% diff --git a/configs/releng/syslinux/archiso_pxe.cfg b/configs/releng/syslinux/archiso_pxe.cfg index ed15c7d..e51b55a 100644 --- a/configs/releng/syslinux/archiso_pxe.cfg +++ b/configs/releng/syslinux/archiso_pxe.cfg @@ -10,7 +10,7 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (x86_64, NBD) LINUX boot/x86_64/vmlinuz-linux -INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/archiso.img +INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% archiso_nbd_srv=${pxeserver} checksum verify SYSAPPEND 3 @@ -21,7 +21,7 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (x86_64, NFS) LINUX boot/x86_64/vmlinuz-linux -INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/archiso.img +INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archiso_nfs_srv=${pxeserver}:/run/archiso/bootmnt checksum verify SYSAPPEND 3 @@ -32,7 +32,7 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (x86_64, HTTP) LINUX boot/x86_64/vmlinuz-linux -INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/archiso.img +INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archiso_http_srv=http://${pxeserver}/ checksum verify SYSAPPEND 3 diff --git a/configs/releng/syslinux/archiso_sys.cfg b/configs/releng/syslinux/archiso_sys.cfg index f14d176..6e8d9e3 100644 --- a/configs/releng/syslinux/archiso_sys.cfg +++ b/configs/releng/syslinux/archiso_sys.cfg @@ -13,7 +13,7 @@ It allows you to install Arch Linux or perform system maintenance. ENDTEXT MENU LABEL Arch Linux install medium (x86_64, BIOS) LINUX boot/x86_64/vmlinuz-linux -INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/archiso.img +INITRD boot/intel-ucode.img,boot/amd-ucode.img,boot/x86_64/initramfs-linux.img APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% INCLUDE boot/syslinux/archiso_tail.cfg -- cgit v1.2.3-70-g09d2 From 6820f2cb69f214a1e10c95f42d0c44bce2cc8fc4 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Wed, 28 Oct 2020 09:20:55 +0200 Subject: Add modconf to HOOKS array in mkinitcpio.conf The default mkinitcpio.conf includes modconf in HOOKS. --- configs/baseline/airootfs/etc/mkinitcpio.conf | 3 ++- configs/releng/airootfs/etc/mkinitcpio.conf | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/mkinitcpio.conf b/configs/baseline/airootfs/etc/mkinitcpio.conf index 9741d17..4b7b7fb 100644 --- a/configs/baseline/airootfs/etc/mkinitcpio.conf +++ b/configs/baseline/airootfs/etc/mkinitcpio.conf @@ -52,7 +52,7 @@ FILES=() # ## NOTE: If you have /usr on a separate partition, you MUST include the # usr, fsck and shutdown hooks. -HOOKS=(base udev archiso block filesystems) +HOOKS=(base udev modconf archiso block filesystems) # COMPRESSION # Use this to compress the initramfs image. By default, gzip compression @@ -63,6 +63,7 @@ HOOKS=(base udev archiso block filesystems) #COMPRESSION="xz" #COMPRESSION="lzop" #COMPRESSION="lz4" +#COMPRESSION="zstd" # COMPRESSION_OPTIONS # Additional options for the compressor diff --git a/configs/releng/airootfs/etc/mkinitcpio.conf b/configs/releng/airootfs/etc/mkinitcpio.conf index 3476157..c37b19f 100644 --- a/configs/releng/airootfs/etc/mkinitcpio.conf +++ b/configs/releng/airootfs/etc/mkinitcpio.conf @@ -52,7 +52,7 @@ FILES=() # ## NOTE: If you have /usr on a separate partition, you MUST include the # usr, fsck and shutdown hooks. -HOOKS=(base udev memdisk archiso_shutdown archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs archiso_kms block filesystems keyboard) +HOOKS=(base udev modconf memdisk archiso_shutdown archiso archiso_loop_mnt archiso_pxe_common archiso_pxe_nbd archiso_pxe_http archiso_pxe_nfs archiso_kms block filesystems keyboard) # COMPRESSION # Use this to compress the initramfs image. By default, gzip compression @@ -63,6 +63,7 @@ HOOKS=(base udev memdisk archiso_shutdown archiso archiso_loop_mnt archiso_pxe_c COMPRESSION="xz" #COMPRESSION="lzop" #COMPRESSION="lz4" +#COMPRESSION="zstd" # COMPRESSION_OPTIONS # Additional options for the compressor -- cgit v1.2.3-70-g09d2 From 94dd194c2294e447e0323bf8bc3cac8c381589b4 Mon Sep 17 00:00:00 2001 From: Michael Vorburger Date: Tue, 29 Dec 2020 23:19:44 +0100 Subject: add SSH server to baseline inspired by https://wiki.archlinux.org/index.php/Archiso#Prepare_an_ISO_for_an_installation_via_SSH --- configs/baseline/airootfs/etc/ssh/sshd_config | 116 +++++++++++++++++++++ .../system/multi-user.target.wants/sshd.service | 1 + configs/baseline/packages.x86_64 | 1 + 3 files changed, 118 insertions(+) create mode 100644 configs/baseline/airootfs/etc/ssh/sshd_config create mode 120000 configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/ssh/sshd_config b/configs/baseline/airootfs/etc/ssh/sshd_config new file mode 100644 index 0000000..8ef1758 --- /dev/null +++ b/configs/baseline/airootfs/etc/ssh/sshd_config @@ -0,0 +1,116 @@ +# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no # pam does that +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib/ssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service new file mode 120000 index 0000000..d21ebd9 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/sshd.service \ No newline at end of file diff --git a/configs/baseline/packages.x86_64 b/configs/baseline/packages.x86_64 index fd753b4..efd2417 100644 --- a/configs/baseline/packages.x86_64 +++ b/configs/baseline/packages.x86_64 @@ -4,4 +4,5 @@ base linux mkinitcpio mkinitcpio-archiso +openssh syslinux -- cgit v1.2.3-70-g09d2 From 744b8f13ed04a3c34e15cd4011d97b6dfa5a1a19 Mon Sep 17 00:00:00 2001 From: Michael Vorburger Date: Tue, 29 Dec 2020 23:26:54 +0100 Subject: make baseline have working ethernet networking, like releng --- .../airootfs/etc/systemd/network/20-ethernet.network | 13 +++++++++++++ .../system/multi-user.target.wants/systemd-networkd.service | 1 + .../system/multi-user.target.wants/systemd-resolved.service | 1 + .../systemd-networkd-wait-online.service | 1 + .../system/sockets.target.wants/systemd-networkd.socket | 1 + .../wait-for-only-one-interface.conf | 5 +++++ 6 files changed, 22 insertions(+) create mode 100644 configs/baseline/airootfs/etc/systemd/network/20-ethernet.network create mode 120000 configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service create mode 120000 configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service create mode 120000 configs/baseline/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service create mode 120000 configs/baseline/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket create mode 100644 configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network new file mode 100644 index 0000000..efa309c --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network @@ -0,0 +1,13 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Match] +Name=en* +Name=eth* + +[Network] +DHCP=yes +IPv6PrivacyExtensions=yes + +[DHCP] +RouteMetric=512 diff --git a/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service new file mode 120000 index 0000000..4c158e6 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd.service \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service new file mode 120000 index 0000000..4f6ae34 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-resolved.service \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service b/configs/baseline/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service new file mode 120000 index 0000000..7d6ad92 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd-wait-online.service \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket b/configs/baseline/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket new file mode 120000 index 0000000..51942c8 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd.socket \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf b/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf new file mode 100644 index 0000000..a4d7442 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf @@ -0,0 +1,5 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Service] +ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any -- cgit v1.2.3-70-g09d2 From e7306a309cd83870a54a1e20618091d3b730bc2b Mon Sep 17 00:00:00 2001 From: Michael Vorburger Date: Wed, 30 Dec 2020 03:53:40 +0100 Subject: add cloud-init to baseline --- .../etc/systemd/system/cloud-init.target.wants/cloud-config.service | 1 + .../etc/systemd/system/cloud-init.target.wants/cloud-final.service | 1 + .../etc/systemd/system/cloud-init.target.wants/cloud-init-local.service | 1 + .../etc/systemd/system/cloud-init.target.wants/cloud-init.service | 1 + configs/baseline/packages.x86_64 | 1 + 5 files changed, 5 insertions(+) create mode 120000 configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service create mode 120000 configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service create mode 120000 configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service create mode 120000 configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service new file mode 120000 index 0000000..ebc50f0 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-config.service \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service new file mode 120000 index 0000000..80fa3c8 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-final.service \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service new file mode 120000 index 0000000..dd8e9f1 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-init-local.service \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service new file mode 120000 index 0000000..24c7a26 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-init.service \ No newline at end of file diff --git a/configs/baseline/packages.x86_64 b/configs/baseline/packages.x86_64 index efd2417..251e122 100644 --- a/configs/baseline/packages.x86_64 +++ b/configs/baseline/packages.x86_64 @@ -1,6 +1,7 @@ # # SPDX-License-Identifier: GPL-3.0-or-later base +cloud-init linux mkinitcpio mkinitcpio-archiso -- cgit v1.2.3-70-g09d2 From bd2b861aa39167e4fc658a354071b95fbd050c0f Mon Sep 17 00:00:00 2001 From: nl6720 Date: Tue, 27 Apr 2021 09:24:33 +0300 Subject: configs/*: add VM guest packages and enable their services * virtualbox-guest-utils-nox package and vboxservice.service for VirtualBox. * qemu-guest-agent package and qemu-guest-agent.service for QEMU & libvirt. Implements #118. --- .../etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service | 1 + .../etc/systemd/system/multi-user.target.wants/vboxservice.service | 1 + configs/baseline/packages.x86_64 | 2 ++ .../etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service | 1 + .../etc/systemd/system/multi-user.target.wants/vboxservice.service | 1 + configs/releng/packages.x86_64 | 2 ++ 6 files changed, 8 insertions(+) create mode 120000 configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service create mode 120000 configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service create mode 120000 configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service create mode 120000 configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service new file mode 120000 index 0000000..8e3ff80 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/qemu-guest-agent.service \ No newline at end of file diff --git a/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service new file mode 120000 index 0000000..cb2d560 --- /dev/null +++ b/configs/baseline/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/vboxservice.service \ No newline at end of file diff --git a/configs/baseline/packages.x86_64 b/configs/baseline/packages.x86_64 index 251e122..cadea18 100644 --- a/configs/baseline/packages.x86_64 +++ b/configs/baseline/packages.x86_64 @@ -6,4 +6,6 @@ linux mkinitcpio mkinitcpio-archiso openssh +qemu-guest-agent syslinux +virtualbox-guest-utils-nox diff --git a/configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service b/configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service new file mode 120000 index 0000000..8e3ff80 --- /dev/null +++ b/configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/qemu-guest-agent.service \ No newline at end of file diff --git a/configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service b/configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service new file mode 120000 index 0000000..cb2d560 --- /dev/null +++ b/configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/vboxservice.service \ No newline at end of file diff --git a/configs/releng/packages.x86_64 b/configs/releng/packages.x86_64 index a3d6f79..434ffd2 100644 --- a/configs/releng/packages.x86_64 +++ b/configs/releng/packages.x86_64 @@ -79,6 +79,7 @@ partimage pcsclite ppp pptpclient +qemu-guest-agent reflector reiserfsprogs rp-pppoe @@ -103,6 +104,7 @@ usb_modeswitch usbmuxd usbutils vim +virtualbox-guest-utils-nox vpnc wireless-regdb wireless_tools -- cgit v1.2.3-70-g09d2 From c6a1ccca4fe5c42e2a435e5335c701c112242bd0 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Fri, 9 Jul 2021 17:01:57 +0300 Subject: configs/releng/airootfs/etc/systemd/network/: move RouteMetric= from [DHCPv6] to [IPv6AcceptRA] systemd moved the option. See https://github.com/systemd/systemd/commit/8ebafba9f987c21aa5787c8767f2e390b4ec0bc5 . Implements #123. Document in comments why the route metrics need to be set (because of https://github.com/systemd/systemd/issues/17698 ) and use the same metric values as NetworkManager. https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c Additionally remove RouteMetric from configs/baseline/airootfs/etc/systemd/network/20-ethernet.network. There is only one networkd configuration file in baseline, meaning, there are no other routes. --- .../baseline/airootfs/etc/systemd/network/20-ethernet.network | 3 --- .../releng/airootfs/etc/systemd/network/20-ethernet.network | 11 ++++++++--- configs/releng/airootfs/etc/systemd/network/20-wlan.network | 11 ++++++++--- configs/releng/airootfs/etc/systemd/network/20-wwan.network | 11 ++++++++--- 4 files changed, 24 insertions(+), 12 deletions(-) (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network index efa309c..9157e96 100644 --- a/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network +++ b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network @@ -8,6 +8,3 @@ Name=eth* [Network] DHCP=yes IPv6PrivacyExtensions=yes - -[DHCP] -RouteMetric=512 diff --git a/configs/releng/airootfs/etc/systemd/network/20-ethernet.network b/configs/releng/airootfs/etc/systemd/network/20-ethernet.network index 142c591..88662a4 100644 --- a/configs/releng/airootfs/etc/systemd/network/20-ethernet.network +++ b/configs/releng/airootfs/etc/systemd/network/20-ethernet.network @@ -9,8 +9,13 @@ Name=eth* DHCP=yes IPv6PrivacyExtensions=yes +# systemd-networkd does not set per-interface-type default route metrics +# https://github.com/systemd/systemd/issues/17698 +# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband. +# Use values from NetworkManager. From nm_device_get_route_metric_default in +# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c [DHCPv4] -RouteMetric=512 +RouteMetric=100 -[DHCPv6] -RouteMetric=512 +[IPv6AcceptRA] +RouteMetric=100 diff --git a/configs/releng/airootfs/etc/systemd/network/20-wlan.network b/configs/releng/airootfs/etc/systemd/network/20-wlan.network index c164666..6bbd7ed 100644 --- a/configs/releng/airootfs/etc/systemd/network/20-wlan.network +++ b/configs/releng/airootfs/etc/systemd/network/20-wlan.network @@ -8,8 +8,13 @@ Name=wl* DHCP=yes IPv6PrivacyExtensions=yes +# systemd-networkd does not set per-interface-type default route metrics +# https://github.com/systemd/systemd/issues/17698 +# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband. +# Use values from NetworkManager. From nm_device_get_route_metric_default in +# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c [DHCPv4] -RouteMetric=1024 +RouteMetric=600 -[DHCPv6] -RouteMetric=1024 +[IPv6AcceptRA] +RouteMetric=600 diff --git a/configs/releng/airootfs/etc/systemd/network/20-wwan.network b/configs/releng/airootfs/etc/systemd/network/20-wwan.network index 7fba35b..d57cb0f 100644 --- a/configs/releng/airootfs/etc/systemd/network/20-wwan.network +++ b/configs/releng/airootfs/etc/systemd/network/20-wwan.network @@ -8,8 +8,13 @@ Name=ww* DHCP=yes IPv6PrivacyExtensions=yes +# systemd-networkd does not set per-interface-type default route metrics +# https://github.com/systemd/systemd/issues/17698 +# Explicitly set route metric, so that Ethernet is preferred over Wi-Fi and Wi-Fi is preferred over mobile broadband. +# Use values from NetworkManager. From nm_device_get_route_metric_default in +# https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c [DHCPv4] -RouteMetric=2048 +RouteMetric=700 -[DHCPv6] -RouteMetric=2048 +[IPv6AcceptRA] +RouteMetric=700 -- cgit v1.2.3-70-g09d2 From 8fa110e9d71efef57a4d843e54bdff2fe3085e26 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sun, 11 Jul 2021 17:15:23 +0300 Subject: configs/*/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf: document why the drop-in file exists Related to #142. Add missing `ExecStart=` to baseline's /etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf. --- .../wait-for-only-one-interface.conf | 4 ++++ .../wait-for-only-one-interface.conf | 3 +++ 2 files changed, 7 insertions(+) (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf b/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf index a4d7442..191db81 100644 --- a/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf +++ b/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf @@ -1,5 +1,9 @@ # # SPDX-License-Identifier: GPL-3.0-or-later +# Allow systemd-networkd-wait-online to succeed with one interface, otherwise, if multiple network interfaces exist, +# network-online.target gets needlessly delayed. +# See https://wiki.archlinux.org/title/systemd-networkd#systemd-networkd-wait-online [Service] +ExecStart= ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any diff --git a/configs/releng/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf b/configs/releng/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf index 1b4c091..191db81 100644 --- a/configs/releng/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf +++ b/configs/releng/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf @@ -1,6 +1,9 @@ # # SPDX-License-Identifier: GPL-3.0-or-later +# Allow systemd-networkd-wait-online to succeed with one interface, otherwise, if multiple network interfaces exist, +# network-online.target gets needlessly delayed. +# See https://wiki.archlinux.org/title/systemd-networkd#systemd-networkd-wait-online [Service] ExecStart= ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any -- cgit v1.2.3-70-g09d2 From f4324e2f814733e711ba29b1b0272dc593e014bc Mon Sep 17 00:00:00 2001 From: David Runge Date: Thu, 29 Jul 2021 20:45:08 +0200 Subject: Remove SPDX license identifier from releng configs configs/baseline/*: Remove the SPDX license identifier comment from the configuration files in the profile, as they are not eligible for copyright. --- configs/baseline/airootfs/etc/mkinitcpio.conf | 3 --- configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset | 3 --- configs/baseline/airootfs/etc/systemd/network/20-ethernet.network | 3 --- .../wait-for-only-one-interface.conf | 3 --- configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf | 3 --- .../baseline/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf | 3 --- configs/baseline/efiboot/loader/loader.conf | 3 --- configs/baseline/packages.x86_64 | 2 -- configs/baseline/pacman.conf | 2 -- configs/baseline/syslinux/syslinux-linux.cfg | 3 --- configs/baseline/syslinux/syslinux.cfg | 3 --- 11 files changed, 31 deletions(-) (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/mkinitcpio.conf b/configs/baseline/airootfs/etc/mkinitcpio.conf index 4b7b7fb..34b1a06 100644 --- a/configs/baseline/airootfs/etc/mkinitcpio.conf +++ b/configs/baseline/airootfs/etc/mkinitcpio.conf @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - # vim:set ft=sh # MODULES # The following modules are loaded before any boot hooks are diff --git a/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset index d35f137..9f67184 100644 --- a/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset +++ b/configs/baseline/airootfs/etc/mkinitcpio.d/linux.preset @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - # mkinitcpio preset file for the 'linux' package on archiso PRESETS=('archiso') diff --git a/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network index 9157e96..e8842f2 100644 --- a/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network +++ b/configs/baseline/airootfs/etc/systemd/network/20-ethernet.network @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - [Match] Name=en* Name=eth* diff --git a/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf b/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf index 191db81..c9f9bce 100644 --- a/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf +++ b/configs/baseline/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - # Allow systemd-networkd-wait-online to succeed with one interface, otherwise, if multiple network interfaces exist, # network-online.target gets needlessly delayed. # See https://wiki.archlinux.org/title/systemd-networkd#systemd-networkd-wait-online diff --git a/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf b/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf index 8dd7a16..11624b6 100644 --- a/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf +++ b/configs/baseline/efiboot/loader/entries/01-archiso-x86_64-linux.conf @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - title Arch Linux (x86_64, UEFI) linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img diff --git a/configs/baseline/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf b/configs/baseline/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf index c5e9ab9..d66f5a6 100644 --- a/configs/baseline/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf +++ b/configs/baseline/efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - title Arch Linux (x86_64, UEFI) Copy to RAM linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img diff --git a/configs/baseline/efiboot/loader/loader.conf b/configs/baseline/efiboot/loader/loader.conf index beacd81..17110fa 100644 --- a/configs/baseline/efiboot/loader/loader.conf +++ b/configs/baseline/efiboot/loader/loader.conf @@ -1,5 +1,2 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - timeout 3 default 01-archiso-x86_64-linux.conf diff --git a/configs/baseline/packages.x86_64 b/configs/baseline/packages.x86_64 index 224f7f0..0a64120 100644 --- a/configs/baseline/packages.x86_64 +++ b/configs/baseline/packages.x86_64 @@ -1,5 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later base cloud-init linux diff --git a/configs/baseline/pacman.conf b/configs/baseline/pacman.conf index adb1ea8..5ee6c1e 100644 --- a/configs/baseline/pacman.conf +++ b/configs/baseline/pacman.conf @@ -2,8 +2,6 @@ # /etc/pacman.conf # # See the pacman.conf(5) manpage for option and repository directives -# -# SPDX-License-Identifier: GPL-3.0-or-later # # GENERAL OPTIONS diff --git a/configs/baseline/syslinux/syslinux-linux.cfg b/configs/baseline/syslinux/syslinux-linux.cfg index ced6801..6bfd0c3 100644 --- a/configs/baseline/syslinux/syslinux-linux.cfg +++ b/configs/baseline/syslinux/syslinux-linux.cfg @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - LABEL arch MENU LABEL Arch Linux (x86_64, BIOS) LINUX /%INSTALL_DIR%/boot/%ARCH%/vmlinuz-linux diff --git a/configs/baseline/syslinux/syslinux.cfg b/configs/baseline/syslinux/syslinux.cfg index f35f0c2..561ac7c 100644 --- a/configs/baseline/syslinux/syslinux.cfg +++ b/configs/baseline/syslinux/syslinux.cfg @@ -1,6 +1,3 @@ -# -# SPDX-License-Identifier: GPL-3.0-or-later - SERIAL 0 115200 UI menu.c32 MENU TITLE Arch Linux -- cgit v1.2.3-70-g09d2 From 56dc96ee12ca919d1d42defb37aadc6872ff1f71 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Sat, 21 Aug 2021 19:21:53 +0300 Subject: configs/*/airootfs/etc/ssh/sshd_config: update to openssh 8.7p1-1 Update /etc/ssh/sshd_config to match upstream changes. The only modification remains "PermitRootLogin yes". --- configs/baseline/airootfs/etc/ssh/sshd_config | 10 +++++----- configs/releng/airootfs/etc/ssh/sshd_config | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) (limited to 'configs/baseline/airootfs') diff --git a/configs/baseline/airootfs/etc/ssh/sshd_config b/configs/baseline/airootfs/etc/ssh/sshd_config index 8ef1758..93f7d63 100644 --- a/configs/baseline/airootfs/etc/ssh/sshd_config +++ b/configs/baseline/airootfs/etc/ssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ +# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -58,7 +58,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitEmptyPasswords no # Change to no to disable s/key passwords -ChallengeResponseAuthentication no +#KbdInteractiveAuthentication yes # Kerberos options #KerberosAuthentication no @@ -72,13 +72,13 @@ ChallengeResponseAuthentication no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and +# be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass +# PAM authentication via KbdInteractiveAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. +# and KbdInteractiveAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes diff --git a/configs/releng/airootfs/etc/ssh/sshd_config b/configs/releng/airootfs/etc/ssh/sshd_config index 8ef1758..93f7d63 100644 --- a/configs/releng/airootfs/etc/ssh/sshd_config +++ b/configs/releng/airootfs/etc/ssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ +# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -58,7 +58,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitEmptyPasswords no # Change to no to disable s/key passwords -ChallengeResponseAuthentication no +#KbdInteractiveAuthentication yes # Kerberos options #KerberosAuthentication no @@ -72,13 +72,13 @@ ChallengeResponseAuthentication no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and +# be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass +# PAM authentication via KbdInteractiveAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. +# and KbdInteractiveAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes -- cgit v1.2.3-70-g09d2