Allows to preconfigure common commands so that they can be accessed by just pressing
the up arrow key or searched with ctrl+r.
Move the "setkmap" command (which was previously hardcoded into .bash_history) into
100-defaults.yaml, allowing it to be overridden.
Example config:
sysconfig:
bash_history:
100: "setkmap"
200: "reverse_ssh support.example.com 1234"
The Mapping / dict key is used for lexicographic reverse-ordering of the entries. Reverse-ordering
means the lowest key will show up first when pressing the up arrow key.
VNC does not make much sense if X11 isn't running.
Automatically starting X11 on dovnc was done before SystemRescue 9.00, but
this logic seems to have been lost in the option handling code refactoring.
Configuring the nofirewall option by the sysrescue-initialize script must be done before the ip6?tables service.
Configuring the firewall should be finished before beginning to initialize the network.
But the rest of sysrescue-initialize should still be done in parallel to networking
being set up for a fast boot sequence. Also some services in sysrescue-initialize require
networking being online, for example load_srm with a remote url.
The proper way to accommodate all these needs is to split sysrescue:
sysrescue-initialize-prenet: must be finished before the network-pre.target
sysrescue-initialize-whilenet: started after sysrescue-initialize-prenet, can run in parallel
to networking being set up.
- Implement a new style configuring autorun scripts ("autorun.exec"), more suited to a YAML config file than the old style (#287)
- The old style autorun scripts are still fully supported, they are loaded into keys from "1000-autorun" to "1026-autorunF"
- change the default for ar_nowait to true
- add "shell" option for new autorun exec scripts: let bash interpret the command instead of directly forking it from python
- allow to wait for keypress with a countdown timer, all keys are accepted now (instead of just enter as in the past)
- fix is_elf_binary
- improve output and logging (#253)
- use curl instead of wget for downloading scripts from URLs
- bind-mount /run/archios/bootmnt in case of copytoram to create a stable path for the new-style scripts
- deprecate storing autorun scripts in the root of the boot disk (#252)
- don't check /var/autorun/cdrom for autorun scripts anymore, it was not documented and there are more than enough better alternatives
rclone needs a rclone.conf file before it can be used, it contains
the urls, login data and similar.
Use the sysconfig.rclone.config hierarchy instead of just sysconfig.rclone
to allow adding features later. These could be support for encrypted
rclone config files (these would then go into sysconfig.rclone.crypted_config)
or things like automounting.
Firefox doesn't use the system CA database but has it's own. Use the
policies.json file to let Firefox trust the entries from the
sysconfig.ca-trust of the YAML config too.
When the lua script parses the YAML config, it converts a `1` to `1.0` because in
lua all numbers are floats. So it writes out `1.0`, which is then loaded by the
python scripts later. Make the type conversion for booleans aware of this.
This allows to write something like `ar_disable: 1` in the YAML and have it
acted upon as expected.
The recently implemented type casting code doesn't work intuitively for
booleans: for example it treats a string "0" as False and doesn't show
an error message for it. So the user might be unaware of this.
So add a dedicated conversion function for booleans.
Also add checks for conversions from dicts and lists, forbid to cast them
to strings because that is most probably not what the user wants.
With the new config file merging the user could accidently overwrite the
config values with wrong types, for example a boolean with a dict or list.
This could lead to the script aborting with an exception.
Use explicit type casting and default values to ensure correct operation
in this case. This is the same as recently implemented for autorun.
Implement a dedicated conversion function for booleans to for example
treat a string "0" as False, python by default would interpret it as True.
implement autoterminal: automatically started scripts that take over a virtual terminal for user interaction
See merge request systemrescue/systemrescue-sources!196
As described in #279, systemd does not re-evaluate the dependencies of changed units and
targets when daemon-reload is executed. It just continues it's transaction as it was
configured when starting the transaction.
So a late-loaded SRM can't autostart a service.
To work around this, add an extra call to "systemctl --no-block start multi-user.target"
after the daemon-reload. This will create a new transaction after the current one and
allow new services to be added to multi-user.target in a late-loaded SRM.
This means of course that this workaround only works for multi-user.target, not other
services or targets.
serial consoles have separate systemd services (serial-getty@.service). We need to adapt
the handling and also need some different options for them than for regular gettys.
To allow sysrescue-initialize.py to differentiate between regular consoles and serial ones
they must be configured with the prefix "serial:" in the yaml, for example like this:
autoterminal:
"serial:ttyS0": "/usr/bin/bash"
Before this patch sysrescue-configuration.lua was executed twice each boot:
(1) during initramfs stage (2) in the regular system as sysrescue-configuration.service
While in theory both runs should create the same output, this isn't guaranteed and
differences could appear for example because of network issues. Finding and debugging
these is difficult because the output of sysrescue-configuration.lua created during
initramfs isn't available anymore when the final system is running.
This patch lets sysrescue-configuration.lua just run once during initramfs. The
output JSON file is then written to the new tmpfs mounted dir /run/archiso/config/.
This dir is also made the new default location for sysrescue-effective-config.json.
A symlink from /etc/sysrescue/sysrescue-effective-config.json to the new location
is created for compatibility with previous releases.
Until now sysrescue-configuration.lua always ensured the default values were
in the effective JSON config because there was no way to remove them. Now the
lua script is improved to allow full config merging, including a delete function.
This could lead to the user accidently removing a value. The scripts did not
expect this and accessed non existing keys, leading to an exception.
This is fixed with this commit.
This allows to add additional CAs as trust anchors via the root key
"ca-trust" in the YAML config files.
Why is this helpful and can't be done for example with SRMs?
After the CA files are copied, "update-ca-trust" must be called. This
updates *all* ca trust files. This means your SRM will override all
trust files with the ones used when creating the SRM.
When you then use the SRM with a newer version of SystemRescue, you will
still use the old ca trust files from when the SRM was built.
