Importing GPG key fails?
:: Importing keys with gpg...
gpg: keyserver receive failed: No name
problem importing keys
Git Clone URL: | https://aur.archlinux.org/archiso-git.git (read-only, click to copy) |
---|---|
Package Base: | archiso-git |
Description: | Tools for creating Arch Linux live and install iso images |
Upstream URL: | https://gitlab.archlinux.org/archlinux/archiso |
Keywords: | releng |
Licenses: | GPL3 |
Conflicts: | archiso |
Provides: | archiso |
Submitter: | Svenstaro |
Maintainer: | dvzrv (nl6720) |
Last Packager: | nl6720 |
Votes: | 120 |
Popularity: | 0.001360 |
First Submitted: | 2009-04-28 03:43 (UTC) |
Last Updated: | 2022-05-28 06:46 (UTC) |
Importing GPG key fails?
:: Importing keys with gpg...
gpg: keyserver receive failed: No name
problem importing keys
All good now. Thank you!
Oops, I forgot to test mkarchiso
without GPG signing.
https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/183 should fix it. If possible, please test!
With commit 3d6651ab I'm getting the following:
./archiso/mkarchiso: line 330: ARCHISO_GNUPG_FD: unbound variable
I was dumb, Bash's associative arrays are not ordered. This will need to be solved differently.
@nl6720 Actually, still having the same issue after changing permissions order to:
file_permissions=(
["/etc/sudoers.d/"]="0:0:440"
["/etc/sudoers.d"]="0:0:750"
)
Both directory and files within ends with 0440 mode!
Sorry for reporting bugs here, can't login to Arch's gitlab.
@amoka, the lines are processed in order. What if you change it to:
file_permissions=(
["/etc/sudoers.d/"]="0:0:440"
["/etc/sudoers.d"]="0:0:750"
)
file_permissions=(
["/etc/sudoers.d"]="0:0:750"
["/etc/sudoers.d/"]="0:0:440"
)
I have set this in my profiledef.sh. I want all files under sudoers.d
to be 0440 mode (and keep the directory 750). So I listed the directory with trailing backslash ("/") as README.profile.rst
says, but it changes the mode for the files and the directory itself to 0440 (not as desired - 750 for directory and 0440 for files within that directory).
Thank you, that worked. I had specified -w /archiso/work
but it looks like that was not enough. Retried with mkarchiso -v -w /archiso/work -o /archiso/out /archiso
which was successful.
The -w
option requires a path, e.g.:
mkarchiso -v -w /tmp/archiso-tmp /path/to/profile/
[mkarchiso] ERROR: Failed to set permissions on 'work/x86_64/airootfs/home/liveuser'. Outside of valid path.
I'm having this issue as well, specifying -w option does not seem to help either. I'm on "ROOT on ZFS" if that plays a role...
Yanni
Try to set the working directory explicitly with the -w
option.
There seems to be an issue with 50.1-1 that did not exist in 49-1. Whenever I build the iso, it throws this error and stops the build process:
.
.
.
[mkarchiso] INFO: Done! Packages installed successfully.
[mkarchiso] INFO: Copying /etc/skel/* to user homes...
[mkarchiso] ERROR: Failed to set permissions on 'work/x86_64/airootfs/home/liveuser'. Outside of valid path.
liveuser exists in passwd and shadow. The process builds fine with 49-1. If I remove the liveuser entries from passwd and shadow, the build completes.
Is this a bug or am I missing anything?
Thank you
Thanks for the quick fix @dvzrv. Just tested, works great!
@amoka: Yes, you are right. I just fixed it though.
Regarding file permissions, it does not seem to respect my options in profiledef.sh:
I have this:
file_permissions=(
["/etc/shadow"]="0:0:400"
["/etc/sudoers.d"]="0:0:750"
["/etc/sudoers.d/01_editor"]="0:0:440"
["/etc/sudoers.d/02_wheel"]="0:0:440"
["/root"]="0:0:750"
["/usr/local/bin/choose-mirror"]="0:0:755"
)
But for example, sudoers.d
directory is 755 instead what set above, same for files are not created with 440 as set above!
@amoka: We have introduced file permissions in profiledef.sh.
Currently, I modify img_name="${iso_name}-${iso_version}-${arch}.iso" line in mkarchiso to achieve that.
Hm, that is currently not supported (but setting the individual parts is).
I started to get this warning with latest git build:
warning: directory permissions differ on /tmp/work/x86_64/airootfs/root/
filesystem: 755 package: 750
@amoka: Thanks for the heads up. I can reproduce that and already found a fix. Will add a merge request asap.
Getting exit code: 1 when running # mkarchiso -v -w /tmp/archiso-tmp /usr/share/archiso/configs/releng/
this started after Nov 14 commits.
Thanks @dvzrv, but I am still getting errors with that... I suspect my gpg setup is broken :/
❯ gpg --auto-key-locate wkd --search-keys dvzrv@archlinux.org
gpg: error searching keyserver: General error
gpg: keyserver search failed: General error
Any suggestions?
Thanks
UPDATE: I cloned the package manually and installed that way without issue. I think there is some kind of an issue happening between yay and gpg but it doesn't appear to be to do with this package. Thanks again for your help!
@bradwood: You can use WKD.
gpg --auto-key-locate wkd --search-keys dvzrv@archlinux.org
:: PGP keys need importing:
-> C7E7849466FE2358343588377258734B41C31549, required by: archiso-git
==> Import? [Y/n]
:: Importing keys with gpg...
gpg: keyserver receive failed: General error
problem importing keys
Can we build lz4
initrd instead of xz
?
I enabled lz4
in archiso/airootfs/etc/mkinitcpio.conf
and commented out xz
and got the following error during build:
install: error writing 'archiso/work/mnt/efiboot/EFI/archiso/archiso.img': No space left on device
Obviously, I have disk space!
@amoka: Thanks for the heads up! Sorry, that's on my plate. I introduced that bug :-/ Should be fixed soon!
Getting this:
/usr/bin/mkarchiso: line 690: override_install_dir: unbound variable
When trying to run mkarchiso -v path/to/profile
or mkarchiso -w path/to/work_dir -o path/to/out_dir path/to/profile
A fix for the can't stat archiso.img
issue is waiting in https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/68 .
The bootmodes are briefly explained in https://gitlab.archlinux.org/archlinux/archiso/-/commit/7c2247f615ecdff8d236ac90c4bec1c3d255a497 . Basically:
bios_syslinux.mbr
writes SYSLINUX MBR boot code to the ISO image's MBR. It's used for BIOS booting when the image is written to disk with dd
.bios.syslinux.eltorito
provides El Torito booting. It's used for BIOS booting from an optical disc.uefi-x64.systemd-boot.esp
writes the FAT image's (efiboot.img
) location in the ISO image's partition table (currently MBR, but I'm thinking about changing this; that's why the option was renamed from the initial uefi-x64.systemd-boot.mbr
; suggestions for a better name are welcome) as an EFI system partition. It's used for UEFI booting when the image is written to disk with dd
.uefi-x64.systemd-boot.eltorito
lists the FAT image (efiboot.img
) in El Torito. It's used for UEFI booting from an optical disc.Note that currently for BIOS booting both bios_syslinux.mbr
and bios.syslinux.eltorito
must be used, and for UEFI: both uefi-x64.systemd-boot.esp
and uefi-x64.systemd-boot.eltorito
.
Could you please explain a bit more about the new bootmodes
options?
I boot my systems in UEFI mode only, so I modified bootmodes
in profiledef.sh
to:
bootmodes=('uefi-x64.systemd-boot.esp' 'uefi-x64.systemd-boot.eltorito')
But the build fails with error related to "can't stat archiso.img"
The package is now updated to v46 (which should work with the version of mkinitcpio-archiso in [extra]).
If you want to test latest changes in mkinitcpio-archiso please follow the instructions as outlined by nl6720.
@nl6720 Thanks. Working fine with customrepo for now!
@amoka, that's a temporary issue. It will be solved when archiso 46 is released and lands in extra.
To use mkinitcpio-archiso-git
instead of mkinitcpio-archiso
:
mkinitcpio-archiso-git
to it. Alternatively use an AUR helper that uses a custom local repo.configs/*/pacman.conf
. There's an example at the end of the file.mkinitcpio-archiso
with mkinitcpio-archiso-git
in configs/*/packages.x86_64
.Failed to build with this:
error: target not found: mkinitcpio-archiso
==> ERROR: Failed to install packages to new root
@nl6720 Wow! Thanks, much appreciated!
I agree, it's a little more work than before with the script, but it works just as fine.
I also created /etc/sudoers.d/
with a custom file for sudo access.
You guys are the best :)
Yes customize_airootfs.sh
is going away. After it's gone, creating additional users is going to be ugly. https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/44/diffs?commit_id=5b1d02414490246035694a4bc30be8e83f342152 should improve things regarding file permissions.
Basically you will need to manually edit /etc/passwd
, /etc/shadow
, /etc/group
and /etc/gshadow
. For example:
configs/releng/airootfs/etc/passwd
:
root:x:0:0:root:/root:/usr/bin/zsh
testuser:x:1000:1000::/home/testuser:/usr/bin/zsh
Create a password with openssl passwd -6
and add it to configs/releng/airootfs/etc/shadow
:
root::14871::::::
testuser:$6$testsalt$tJbUl1kXqW33QAR3uSZ526jhi2VR/8b5Oc.fgGcuj1amRP1gtYnGoqbDwnND9jnHaR.tZ1.Uag0nWYDafTUxX0:14871::::::
Add the user's group and the groups which they'll part of to configs/releng/airootfs/etc/group
:
root:x:0:root
adm:x:4:testuser
wheel:x:10:testuser
testuser:x:1000:
Create configs/releng/airootfs/etc/gshadow
:
root:::root
testuser:!::
Thanks @nl6720 for the awesome work!
Sorry if it's not related, but it looks like the customize_airootfs.sh script is being deprecated (soon): https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/44/diffs?commit_id=e94e1b1f4123a28b0535b9f15b2665ff32c386f9
In this case, what's the best way to add a non-root user (with proper permissions and home directory)?
The archiso upstream has moved to Arch Linux' gitlab instance: https://gitlab.archlinux.org/archlinux/archiso
Below you can find a patch for the current changes (e.g. edk2-shell
is now a required dependency):
diff --git i/PKGBUILD w/PKGBUILD
index 1346115..445ddfe 100644
--- i/PKGBUILD
+++ w/PKGBUILD
@@ -1,30 +1,31 @@
# Maintainer: Sebastian Lau <lauseb644@gmail.com>
+# Contributor: David Runge <dvzrv@archlinux.org>
# Contributor: Sven-Hendrik Haase <sh@lutzhaase.com>
-_pkgname=archiso
-pkgname="${_pkgname}-git"
-pkgver=33.1.g59c2573
+_name=archiso
+pkgname=archiso-git
+pkgver=43.10.gbffda98
pkgrel=1
pkgdesc="Arch Linux livecd/liveusb generation scripts"
arch=('any')
-url="http://archlinux.org"
+url="https://gitlab.archlinux.org/archlinux/archiso"
license=('GPL')
-depends=('libisoburn' 'squashfs-tools' 'btrfs-progs' 'dosfstools' 'lynx' 'arch-install-scripts')
-optdepends=('qemu: quickly test isos')
+depends=('arch-install-scripts' 'btrfs-progs' 'curl' 'dosfstools' 'edk2-shell'
+'libisoburn' 'lynx' 'squashfs-tools')
makedepends=('git')
+optdepends=('qemu: quickly test isos')
provides=('archiso')
conflicts=('archiso')
-source=("git://projects.archlinux.org/${_pkgname}.git")
+source=("git+https://gitlab.archlinux.org/archlinux/${_name}.git#branch=issues/10")
md5sums=('SKIP')
pkgver() {
- cd "${srcdir}/${_pkgname}"
+ cd "${_name}"
git describe --long | sed 's/-/./g;s/v//'
}
package() {
- cd "${srcdir}/${_pkgname}"
-
+ cd "${_name}"
make DESTDIR="${pkgdir}/" install
}
@Zeioth, this seems like something you should report upstream to Gerardo. From what you've posted, it doesn't appear to be a packaging bug.
[mkarchiso] INFO: Configuration settings [mkarchiso] INFO: Command: run [mkarchiso] INFO: Architecture: x86_64 [mkarchiso] INFO: Working directory: work/x86_64 [mkarchiso] INFO: Installation directory: arch [mkarchiso] INFO: Run command: mkinitcpio -c /etc/mkinitcpio-archiso.conf -k /boot/vmlinuz-linux -g /boot/archiso.img
==> WARNING: work/x86_64/airootfs is not a mountpoint. This may have undesirable side effects. mount: /home/zeioth/workspaces/git-forks/livecd/work/x86_64/airootfs/proc: proc already mounted on /proc. ==> ERROR: failed to setup chroot work/x86_64/airootfs
the default packages.x86_64 is not empty. i don't think this was intended as it looks like it's the config for a pre-configured rescue / remote help disc(clonezilla, ddrescue, openssh, ppp, openvpn, etc). i have rebuilt it manually from aur, and checked the(not-installed) file to check if it wasn't just a error on my side.(edit: i mean the packages.x86_64 from the releng profile)
chroot: failed to run command 'mkinitcpio': No such file or directory
Pinned Comments
nl6720 commented on 2020-07-30 17:02 (UTC) (edited on 2020-07-30 17:09 (UTC) by nl6720)
@amoka, that's a temporary issue. It will be solved when archiso 46 is released and lands in extra.
To use
mkinitcpio-archiso-git
instead ofmkinitcpio-archiso
:mkinitcpio-archiso-git
to it. Alternatively use an AUR helper that uses a custom local repo.configs/*/pacman.conf
. There's an example at the end of the file.mkinitcpio-archiso
withmkinitcpio-archiso-git
inconfigs/*/packages.x86_64
.