archiso_http_srv is used in initramfs and we don't have a database
of trusted CAs there. So ignore all CA checks to allow downloading
from https at all.
Without this patch, airootfs.sfs is downloaded to /run/archiso/httpspace
and then copied to /run/archiso/bootmnt. copytoram is automatically
activated, which copies it to /run/archiso/copytoram and removes
/run/archiso/bootmnt. The original /run/archiso/httpspace was kept,
wasting ram.
This patch gets rid of /run/archiso/httpspace and directly downloads
to /run/archiso/bootmnt. This is then copied to copytoram and bootmnt
removed, so we don't keep two copies in ram anymore.
The dns library used by lua requires /etc/hosts to exist, otherwise all
requests for name resolution are denied. This meant that using the
sysrescuecfg boot option with a http URL and hostname did not work
while using an IP worked.
This patch adds an empty /etc/hosts file to the initramfs image to fix this.
glibc recently changed how dns name resolution is implemented. It now
needs additional .so files that are loaded dynamically. Include these
files in the initramfs image.
Before this patch sysrescue-configuration.lua was executed twice each boot:
(1) during initramfs stage (2) in the regular system as sysrescue-configuration.service
While in theory both runs should create the same output, this isn't guaranteed and
differences could appear for example because of network issues. Finding and debugging
these is difficult because the output of sysrescue-configuration.lua created during
initramfs isn't available anymore when the final system is running.
This patch lets sysrescue-configuration.lua just run once during initramfs. The
output JSON file is then written to the new tmpfs mounted dir /run/archiso/config/.
This dir is also made the new default location for sysrescue-effective-config.json.
A symlink from /etc/sysrescue/sysrescue-effective-config.json to the new location
is created for compatibility with previous releases.
Load *.srm files from archisobasedir, create loopback devices for
each one, mount and use them as additional overlayfs lowerdirs.
Compared to SystemRescueCd 5, it has differences:
- loadsrm must be added to kernel cmdline, othewise srm files
will not be loaded (opt-in)
- it does not check srm checksums (.md5)
- it does not allow specify explicit file names
(loadsrm=foo.srm,bar.srm)
Closesfdupoux/sysresccd-src#122
