rclone needs a rclone.conf file before it can be used, it contains
the urls, login data and similar.
Use the sysconfig.rclone.config hierarchy instead of just sysconfig.rclone
to allow adding features later. These could be support for encrypted
rclone config files (these would then go into sysconfig.rclone.crypted_config)
or things like automounting.
Firefox doesn't use the system CA database but has it's own. Use the
policies.json file to let Firefox trust the entries from the
sysconfig.ca-trust of the YAML config too.
When the lua script parses the YAML config, it converts a `1` to `1.0` because in
lua all numbers are floats. So it writes out `1.0`, which is then loaded by the
python scripts later. Make the type conversion for booleans aware of this.
This allows to write something like `ar_disable: 1` in the YAML and have it
acted upon as expected.
The recently implemented type casting code doesn't work intuitively for
booleans: for example it treats a string "0" as False and doesn't show
an error message for it. So the user might be unaware of this.
So add a dedicated conversion function for booleans.
Also add checks for conversions from dicts and lists, forbid to cast them
to strings because that is most probably not what the user wants.
With the new config file merging the user could accidently overwrite the
config values with wrong types, for example a boolean with a dict or list.
This could lead to the script aborting with an exception.
Use explicit type casting and default values to ensure correct operation
in this case. This is the same as recently implemented for autorun.
Implement a dedicated conversion function for booleans to for example
treat a string "0" as False, python by default would interpret it as True.
implement autoterminal: automatically started scripts that take over a virtual terminal for user interaction
See merge request systemrescue/systemrescue-sources!196
As described in #279, systemd does not re-evaluate the dependencies of changed units and
targets when daemon-reload is executed. It just continues it's transaction as it was
configured when starting the transaction.
So a late-loaded SRM can't autostart a service.
To work around this, add an extra call to "systemctl --no-block start multi-user.target"
after the daemon-reload. This will create a new transaction after the current one and
allow new services to be added to multi-user.target in a late-loaded SRM.
This means of course that this workaround only works for multi-user.target, not other
services or targets.
serial consoles have separate systemd services (serial-getty@.service). We need to adapt
the handling and also need some different options for them than for regular gettys.
To allow sysrescue-initialize.py to differentiate between regular consoles and serial ones
they must be configured with the prefix "serial:" in the yaml, for example like this:
autoterminal:
"serial:ttyS0": "/usr/bin/bash"
Before this patch sysrescue-configuration.lua was executed twice each boot:
(1) during initramfs stage (2) in the regular system as sysrescue-configuration.service
While in theory both runs should create the same output, this isn't guaranteed and
differences could appear for example because of network issues. Finding and debugging
these is difficult because the output of sysrescue-configuration.lua created during
initramfs isn't available anymore when the final system is running.
This patch lets sysrescue-configuration.lua just run once during initramfs. The
output JSON file is then written to the new tmpfs mounted dir /run/archiso/config/.
This dir is also made the new default location for sysrescue-effective-config.json.
A symlink from /etc/sysrescue/sysrescue-effective-config.json to the new location
is created for compatibility with previous releases.
Until now sysrescue-configuration.lua always ensured the default values were
in the effective JSON config because there was no way to remove them. Now the
lua script is improved to allow full config merging, including a delete function.
This could lead to the user accidently removing a value. The scripts did not
expect this and accessed non existing keys, leading to an exception.
This is fixed with this commit.
This allows to add additional CAs as trust anchors via the root key
"ca-trust" in the YAML config files.
Why is this helpful and can't be done for example with SRMs?
After the CA files are copied, "update-ca-trust" must be called. This
updates *all* ca trust files. This means your SRM will override all
trust files with the ones used when creating the SRM.
When you then use the SRM with a newer version of SystemRescue, you will
still use the old ca trust files from when the SRM was built.
Use localectl to set kbd and x11 keymaps.
Order sysresccd-initialize.service before getty-pre.target (pasive target,
pulled in manually) to ensure console keymap is proper configured when
getty@.service runs.
Fixes#74
