SUSE-RU-2020:3859-1: moderate: Recommended update for python-kiwi

sle-updates at sle-updates at
Thu Dec 17 07:23:52 MST 2020

   SUSE Recommended Update: Recommended update for python-kiwi

Announcement ID:    SUSE-RU-2020:3859-1
Rating:             moderate
References:         #1108508 #1110869 #1110871 #1112357 #1119416 
                    #1123185 #1123186 #1124885 #1126283 #1126318 
                    #1127173 #1128146 #1129566 #1132455 #1136444 
                    #1139915 #1141168 #1142899 #1143033 #1143454 
                    #1150190 #1155815 #1156677 #1156694 #1156908 
                    #1157104 #1157354 #1159235 #1159538 #1163978 
                    #1164310 #1165578 #1165823 #1165960 #1167746 
                    #1168480 #1168973 #1172928 #1173985 #1176129 
                    #1179245 SLE-7200 
Affected Products:
                    SUSE Linux Enterprise Server for SAP 12-SP4

   An update that has 41 recommended fixes and contains one
   feature can now be installed.


   This update for python-kiwi fixes the following issues:

   Update from version 9.17.18 to 9.20.6
   - Increase overall allowed `Flake8` complexity level and delete the extra
     exceptions from code as much as possible.
   - Provide the needed `GRUB_TERMINAL`parameter. (bsc#1179245)
   - Fixed TestContainerImageOCI unit tests
   - Avoid complexity complaints of `Flake8`
   - Do not exclude filesystem folders in OCI images. (bsc#1176129)
   - Provide `kversion` helper tool for reading the kernel version from the
     kernel binary. (bsc#1173985)
   - Fix check for root device in GRUB config. (bsc#1172928)
   - Obsolete `python2-kiwi` and handle the resultant conflicting files.
     (bsc#1168973, bsc#1156677)
   - Search properly for `grub2-mkconfig` when it's called differently in
     other operating systems.
   - Increase spare space on disk rapartitioning and avoid to resize
     indefinitely. (bsc#1165823)
   - When parsing the version of a tool take the longest match and avoid to
     consider the digit in `grub2` as the version.
   - Check for grub mkconfig capabilities.

     The check for the capabilities of the tool were applied to the tool
   installed on the host but the later call of the tool will be done with the
   tool inside the image root

   - Validate use of `GRUB_USE_LINUXEFI`. (bsc#1165960, bsc#1168480)

     On systems that uses `GRUB_USE_LINUXEFI` with grub2 version less than
   2.04 there is no support for dynamic EFI environment checking. In this
   condition we extend the grub setup to add this support.

   - Require `genisoimage` instead of `xorriso`. (jsc#SLE-7200)
   - Fix result map for OEM pxe install. (bsc#1165578)
   - Add SECURE_BOOT parameter for grub2 in efi mode. (bsc#1167746)
   - Fix order in fstab. (bsc#1164310)

     Any mount point directly under / should be just right after the root
   mountpoint and before the custom mountpoints based on user's subvolume

   - Fixed handling of fillup templates. (bsc#1163978)

     Systems using a template tool to generate config files might not be
   effective when they see the intermediate config files we need from the
   host to let certain package managers work correctly. Therefore the cleanup
   code in kiwi takes care to restore from an optionally existing template
   file if no other custom variant is present.

   - Start using tftp system user package. (bsc#1143454)

     Require `tftp` system user package. This user was created and managed by
   multiple packages before, with the risk of having inconsistent criteria on
   its defaults. Now there is a system user package so whatever package that
   requries this user should just require this package and do not create or
   modify the tftp user.

   - Update libyui-ncurses-pkg10 to libyui-ncurses-pkg11

     In Tumbleweed there is no longer the libyui-ncurses-pkg10 its been
   superseded by libyui-ncurses-pkg11. This fixes the
   test-image-qcow-openstack integration test

   - KIWI creates a redundant btrfs swap subvolume. (bsc#1159538)
   - Fix grub2 configuration for shim fallback setup. (bsc#1159235)

     If shim fallback setup is enabled the `grub.cfg` is copied to the EFI

   - Fix installation chapter in the documentation.

     The chapter still outlines multipython support but the support for
   python2 has been removed some time ago.

   - Fixed swap setup if btrfs is used. (bsc#1156908)

     In case of a volume manager the simplified variant of the device name is
   used in the fstab file to reference the swap device. However this is only
   correct for the lvm volume management but not for btrfs. In case of btrfs
   the swap space is not a subvolume but a real partition and thus the
   simplified device spec in fstab puts in the loop mapped device which is

   - Fixed root setup when building in OBS

     When building in an OBS worker no `udevd` is running which prevents
   `grub2-mkconfig` from finding the `by-*` device nodes and it puts the
   local loop device in which is wrong.

   - Fixed setup of default grub config. (bsc#1156908)

     In `/etc/default/grub` `GRUB_CMDLINE_LINUX_DEFAULT` also contained the
   `root=` information. If `grub2-mkconfig` runs with that information it
   places the root device information twice because grub2-mkconfig resolves
   this information itself.

   - Include `grub.cfg` inside the efi partition. (bsc#1157104)
   - Ensures that the `grub.cfg` file is included within the `vfat efi`
     partition. (bsc#1157354)
   - Fix relative path in kiwi repository. (bsc#1157104)
   - Fix zipl bootloader setup for s390 images. (bsc#1156694)
   - Ensure `grub.cfg` is copied in EFI/BOOT folder. (bsc#1155815)

     Fix the live images in efi mode. Grub configuration file is copied to
   the correct location in `<boot_dir>/EFI/BOOT`.

   - Fix the sha256 generated file content. (bsc#1139915)

     Make sure the generated sha256 file in a 'kiwi result bundle' call
   includes the filename with the correct extension. For compressed files it
   was omitting the suffix that included during the compression.

   - Fix rpmdb compat link setup. (bsc#1150190)

     On older versions of zypper the path `/var/lib/rpm` was hardcoded and
   not used from the rpm macro definition. For such systems and to support
   them properly on hosts that have the rpm database already moved a compat
   link was created. However if the host has the rpm database at /var/lib/rpm
   the link doesn't make sense.

   - Avoid default installation of dracut kiwi modules. (bsc#1142899,

     The dracut modules won't be installed by default in the initrd unless
   they are requested by the commandline calling dracut or by a dracut
   configuration file.

   - Add support for custom fstab script extension. (bsc#1129566)

     In addition to fstab append and patch features we also allow an
   fstab.script file that is called chrooted. The change is needed to support
   overlay mounting of filesystems as part of the initrd. If system
   filesystems needs to be changed in a way that they can be used in an
   overlay mount, the standard mount entry has to take the x-initrd.mount
   capability which requires a modification of the fstab which is cumbersome
   to handle as a patch file. This concept is currently used as part of the
   MicroOS project in SUSE and is applied in the integration test build
   maintained for this target.

   - Add crypt dependency to kiwi-lib dracut module. (bsc#1142899)

     This fixes the dependencies of the kiwi-lib dracut module to include
   crypt module required by ``. In addition it also updates
   the check() section to return 255 instead of 0. In check section a return
   code of 0 means install it, 255 install only if required by another
   module, anything else, do not install.

   - `99-kiwi-lib` requires `rmdir`, install it. (bsc#1143033)
   - Do not create a new machine-id file. (bsc#1141168)

     Ensures KIWI is not creating a new machine-id empty file in case it was
   not provided during the system installation.

   - Extend spare partition setup. (bsc#1129566)

     The spare partition could be used to introduce one additional partition
   table entry. The following new type attributes will be added:

     - `spare_part_fs="fsname"`
     - `spare_part_mountpoint="/location"`
     - `spare_part_is_last="true|false"`

     Along with the setup of the partition size the filesystem and its
   mountpoint can be specified. If set the contents
     of the rootfs at the specified spare location will be synced to that
      partition. The `spare_part_is_last` attribute will place the spare
      partition at the end of the disk. Note this attribute is only available
      for the simple vmx disk type.

   - Preserve licenses/other txt files by `baseStripFirmware`. (bsc#1132455)

     LICENSES are usually not large and should be kept alongside of the
   binaries. Also some firmware files sideload additional txt files (like for
   example `brcmfmac43430` needs the `sdio` description txt files). We should
   just always include them because they're not listed as needed files.

   - Update compression flag for `qcow2` format. (bsc#1128146)

     In case of a `qcow2` format we store the result uncompressed. Since the
   format conversion only takes the real bytes into account such that the
   sparseness of the raw disk will not result in the output format and can be
   taken one by one.

   - Support optional `fstab.patch` file. (bsc#1129566)

     In addition to the support for `stab.append`, users can now also provide
   a patch file to change the contents of the fstab file as it got written by
   kiwi. The feature is probably rarely used but needed in the area of SUSE's
   transactional update mechanism.

   - Write `sha256sum --check` compatible `shasum` format. (bsc#1127173)

     Change the output format of the bundler shasum file to be compatible
   with a `sha256sum --check` call.

   - Fixed import of signing keys. (bsc#1112357)
   - Fix for disk detection from root device. (bsc#1126283, bsc#1126318)

     No matter if one ore more devices are used in a multipath map, if the
   root device is managed by multipath kiwi has to use the mapped device for
   all operations, otherwise we run into busy or blocked state inside of the
   initrd operations.

   - Fix location of grub unicode font. (bsc#1124885)

     The change of the location of the font file was not applied if an iso
   target, live or install image is being built.

   - Handle location of the rpm DB on the macro level. (bsc#1112357)

     The location of the rpm database is no longer a standard path one can
   trust. Some distributions put it to `/var/lib`
     others to `/usr/lib`. This introduces the problem of dealing with
      different locations between the bootstrapping (host rpm) phase and the
      image installation (image rpm) phase.

     This implements a solution based on an intermediate rpm database
   configuration. KIWI creates the file inside of the image root
   which is read by any call of rpm in the inner and outer system. During
   bootstrap phase the rpm dbpath from the host system is used and later in
   the install phase the dbpath from the rpm package as it was installed by
   the target image distribution is used. In case of a dbpath difference the
   database is automatically moved to the new location by setting the
   `_dbpath_rebuild` macro to the correct location. At the end the custom
   KIWI macro is deleted. The macro setup happens before the
   import_trusted_keys method which makes any specification for a strict
   dbpath obsolete. Last the implementation deletes the obsolete
   dump_reload_package_database code. rpm is able to automatically do the
   conversion of different db versions In addition that code only worked for
   rather old db versions. The public API has not changed though, but the
   method is marked obsolete and does nothing anymore. A new API method
   `post_process_install_requests_bootstrap` has been introduced to handle
   actions required after bootstrap and before installing of packages from
   inside the new image.

   - Fix Xen guest detection. (bsc#1123185)
   - Fixed location of grub unicode font file. (bsc#1119416)

     grub2 is expecting the unicode font below the fonts directory in the
   `/boot/grub*/` depending on how the distribution installs grub2.

   - Add Codec utils for bytes literals decoding. (bsc#1110871)

     In case of a literal decoding failure it tries to decode the result in
   utf-8. This is handy in python2 environments where python and the host
   might be using different charset configurations. In python3 this issue
   seams to be solved.

   - Adding bugfix trace (bsc#1110869)
   - Fixed rpmdb compat link setup. (bsc#1150190)
   - Align with the correct license
   - `virtual_size` must be an integer in metadata.json

     For libvirt vagrant boxes, `vagrant-libvirt` expects that the parameter
   `virtual_size` from `metadata.json` is an integer and not a string.
   Supplying a string results in a backtrace.

Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server for SAP 12-SP4:

      zypper in -t patch SUSE-SLE-SAP-12-SP4-2020-3859=1

Package List:

   - SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64):



More information about the sle-updates mailing list