On systems with SELinux enabled, we have to create the directories on
top of which we mount another partition or virtual file system (e.g.,
/dev) with the correct SELinux context, BEFORE we mount the other
partition. Otherwise, SELinux will get really confused when systemd
tries to recreate the mount tree for a private file system namespace for
a service. And unfortunately, even an autorelabel does not fix it
because it runs when /dev etc. are already mounted.
Without this fix, on Fedora >= 30, the system installed with Calamares
would fail to start the dbus-broker system bus, leading to several
important pieces of functionality not working (e.g., shutdown as
non-root).
On systems without SELinux enabled, chcon (which is part of coreutils)
will just print a warning and do nothing, so this should always be safe.
Instead of relying on a module-specific implementation, use the new
PartitionSize class for storing partition sizes.
Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
Instead of relying on a module-specific implementation, use the new
PartitionSize class for storing partition sizes.
Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
In order to prepare for future refactoring of the PartSize class, move
the bytesToSectors() function to libcalamares in the CalamaresUtils
namespace.
Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
- This small header file contained a few unrelated typedefs.
Move those typedefs to the classes they relate to. This
**does** mean that some consumers need to #include something
else instead.
- Use type names more consistently.
Editorial: why are **pages** responsible for creating the jobs?
- Remove (heavy-handed) top-level include_directories, in favor
of more focused ones; this helps to make sure that the dependencies
ordering is correct.
src/modules/partition/jobs/ClearMountsJob.cpp
(ClearMountsJob::getCryptoDevices): Skip not only `/dev/mapper/control`,
but also `/dev/mapper/live-*`. Fedora live images use
`/dev/mapper/live-*` internally. We must not unmount those devices,
because they are used by the live image and because we need
`/dev/mapper/live-base` in the `unpackfs` module.
src/modules/unpackfs/main.py (UnpackOperation.mount_image): Check
whether entry.source is a regular file or a device and only use
`-o loop` on regular files, not devices.
At least on Fedora >= 29, `-o loop` fails on the read-only device
`/dev/mapper/live-base` (though `-o loop,ro` would be accepted).
- Use a named enum instead of a collection of booleans
- Support old-style configuration but complain about it
- Update AppImage config as well
The new setup allows four different restart modes: never,
always, user-unchecked and user-checked. The user-modes
are interactive and give the user a choice (defaulting to
unchecked-don't-restart and checked-do-restart respectively).
The non-interactive versions vary in how they are
displayed.
- If KPMCore is not found, don't require the KF5 components
that it would depend on.
- If ECM is found, use KDEInstallDirs always, not just when
the partitioning module is used.
- OEMID is a module for configuring phase-0 things for an OEM,
like batch-ID. This is just a stub.
- Currently planned functionality is limited to just batch-ID.
- The only remaining functions in the file are string-related, so
rename to match their purpose.
- Drop this include file from most places, since they don't actually
use the string functionality at all.
- Remaining modules [networkcfg] [openrcdmcryptcfg] [rawfs] with
code that throws on bad configuration. Replace with meaningful
error messages, to better check cases of SyntaxError &c.
- One might argue whether an empty list of partitions to mount is
a bad thing. It suggests that the partition module wasn't used,
and so we're in an OEM situation -- but then everything should
already be mounted anyway. That's why I choose empty -> bail.
- [initcpio] remove superfluous inner function
- [initcpio] catch errors from mkinitcpio itself and report them in a nice
readable format.
- Save translators the effort of doing a dozen messages
with just the name of the module changed. All of these modules
bail out on bad configurations with a meaningful message.
- [initcpiocfg]
- [fstab]
- [initramfscfg]
- [localecfg]
- [luksbootkeyfile]
- [luksopenswaphookcfg]
- [machineid] Warn on bad config. It's conceivable that this is run
with an empty rootMountPoint (i.e. "") to modify the running system,
so only bail on None.
