SUSE-RU-2016:1392-1: moderate: Recommended update for kiwi
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Wed May 25 09:08:03 MDT 2016
SUSE Recommended Update: Recommended update for kiwi
______________________________________________________________________________
Announcement ID: SUSE-RU-2016:1392-1
Rating: moderate
References: #946648 #956484 #961334 #963276 #964204 #964472
#964474 #965830 #965831 #966293 #968270 #968475
#968601 #971621 #975898
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1
SUSE Linux Enterprise Desktop 12-SP1
______________________________________________________________________________
An update that has 15 recommended fixes can now be
installed.
Description:
This update provides KIWI v7.02.96, which brings several fixes and
enhancements:
- Add part_msdos module for self build EFI image: On ARM we have a few
hooks in kiwi that allow us to adapt the resulting image to target
boards. On some systems, we need to install the firmware to hardware
specified sector offsets on the image target (sd card). Unfortunately
some systems demand firmware at sector 1 which is where the GPT would
usually reside. So we need to use an MBR partition layout. We can
convert the GPT into an MBR using gdisk in our ARM scripts, but at that
point grub2 would have to be able to interpret the MBR as well. So we
need the "msdos_part" module included. (bnc#975898)
- Don't copy initial ram disk content to /run/initramfs: We should avoid
copying the initial ram disk content to a tmpfs filesystem, especially
on low memory systems. (bsc#963276)
- Execute haveged in udevStart: This ensure there is at least a source of
entropy for /dev/random when FIPS mode is enabled. Without it, VMware
virtual machines hang at boot. (bsc#964204)
- Run dracut as background process for vmx images: The dracut process
takes quite some time and blocks the boot process. In cloud frameworks
instance boot time matters and with this patch the dracut process runs
in parallel with the rest of the boot process. (bsc#971621)
- Use shim-install to setup EFI secure boot. (bsc#968475)
- Don't write grub.cfg to EFI directory: Originally the file was written
there as reference, but nothing will ever update that file if the real
grub configuration changes. Thus it doesn't make sense to provide this
information. (bsc#968270)
- Avoid lvcreate to ask for wiping swap signature: When kiwi creates the
logical volume for the swap space and there is already a swap signature
at the place on disk, lvm stops and asks what to do with it. This should
be generally avoided at that stage in the boot process. (bsc#968601)
- Enable pvops builds for EC2: The pvops kernel comes first with SLES12
SP2 and provides Xen HVM and Xen paravirtual operations. The paravirtual
block drivers are new to this kernel and must be addressed in kiwi. In
addition the setup of the root device in the kernel commandline cannot
be a fixed device name anymore since the device node names are different
depending which virtualization mode is used. Therefore the root device
setup for ec2 builds is now based on the rootfs label. (bsc#966293)
- Fix shell syntax in grub2 template. (bsc#961334)
- Support by-label mount entries for btrfs subvolumes. (bsc#964474)
- Don't add kernel file systems to fstab: Systems with systemd which this
kiwi version aims for, don't need proc, sysfs, debugfs and friends to be
part of the fstab. (bsc#964472)
- Allow system to be installed on btrfs snapshot. (bsc#946648)
- Evaluate kiwi_btrfs_root_is_snapshot in boot code: If set it's required
to mount the subvolumes like it is done with lvm volumes. In addition
this patch fixes the update of the fstab file which has to contain an
entry for each subvolume excluding snapshots and the toplevel.
(bsc#946648)
- Add btrfs_root_is_snapshot attribute and its get/set(er) methods.
(bsc#946648)
- Improve validation of targetDevice: If called with --targetdevice the
target must be a device block special and nothing else, no symlink, no
other node type. (bsc#956484)
- Fixed creation of /var/run vs. /run: It should not be kiwi's task to
handle that but it seems we will not be able to fix this in a clean way
on the package level. Thus, KIWI now checks for the desired distro from
the value of the boot attribute and create either /run with a symlink
/var/run or /var/run.
- Fixed spec file requirements: for older systems (SLE11), the pidof
program as used by kiwi is provided with the sysvinit package not with
sysvinit-tools.
- Prevent prefix setup in grub.cfg for Xen: Xen PV guests boot via a first
stage loader pygrub/pvgrub and interpret the grub config file
differently. One inconsistency is that pvgrub searches for the grub
modules at a different place. Setting up the prefix will point pvgrub to
the wrong place and the system fail to boot. (bsc#965831)
- Prevent command variables for Xen domU grub2 setup: Xen PV images which
boot via pvgrub have the problem that pvgrub is not able to correctly
read in the grub.cfg file written by kiwi. This is because kiwi uses a
variable which contains the loader command (e.g $linux) instead of the
loader command directly. grub2 supports this but pvgrub is not able to
interpret this information. This patch prevents the use of the variable
if the target image is Xen, domU and the firmware type is set to bios.
(bsc#965831)
- Refactor suseStripKernel: The way the method downsizes the kernel tree
is wrong in several places and very hard to read. Therefore the code has
been refactored and splitted into task methods which can run
independently from each other. As one result the kernel tree is not
missing any metadata and/or update weak-updates paths anymore.
(bsc#965830)
- Fixed validation of updates/weak-updates modules: suseStripKernel took
the update and weak-update modules only into account if they are
mentioned in the drivers list. But these modules are considered p1 and
should always be included and also checked against its dependencies.
(bsc#965830)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2016-831=1
- SUSE Linux Enterprise Server 12-SP1:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-831=1
- SUSE Linux Enterprise Desktop 12-SP1:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-831=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server for SAP 12-SP1 (noarch):
kiwi-pxeboot-7.02.96-27.1
- SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64):
kiwi-7.02.96-27.1
kiwi-debugsource-7.02.96-27.1
kiwi-desc-netboot-7.02.96-27.1
kiwi-desc-oemboot-7.02.96-27.1
kiwi-desc-vmxboot-7.02.96-27.1
kiwi-templates-7.02.96-27.1
kiwi-tools-7.02.96-27.1
kiwi-tools-debuginfo-7.02.96-27.1
- SUSE Linux Enterprise Server 12-SP1 (x86_64):
kiwi-desc-isoboot-7.02.96-27.1
- SUSE Linux Enterprise Server 12-SP1 (noarch):
kiwi-doc-7.02.96-27.1
- SUSE Linux Enterprise Desktop 12-SP1 (x86_64):
kiwi-debugsource-7.02.96-27.1
kiwi-tools-7.02.96-27.1
kiwi-tools-debuginfo-7.02.96-27.1
References:
https://bugzilla.suse.com/946648
https://bugzilla.suse.com/956484
https://bugzilla.suse.com/961334
https://bugzilla.suse.com/963276
https://bugzilla.suse.com/964204
https://bugzilla.suse.com/964472
https://bugzilla.suse.com/964474
https://bugzilla.suse.com/965830
https://bugzilla.suse.com/965831
https://bugzilla.suse.com/966293
https://bugzilla.suse.com/968270
https://bugzilla.suse.com/968475
https://bugzilla.suse.com/968601
https://bugzilla.suse.com/971621
https://bugzilla.suse.com/975898
More information about the sle-updates
mailing list