diskimage-builder/diskimage_builder/elements/debootstrap
Logan V c7e907794c Ensure machine-id is not included in images
Two bugs are addressed.

1) The sysprep element was broken in that it only truncates
   /etc/machine-id, but not /var/lib/dbus/machine-id. systemd will
   not generate a new machine-id if /var/lib/dbus/machine-id is
   present[1], it will simply copy it to /etc/machine-id.

   We observed machine-ids being packaged in /var/lib/dbus/machine-id
   on several distros: Ubuntu Bionic, Fedora 29, Debian Stretch.

   CentOS 7 and Ubuntu Xenial do not contain packaged machine-id as
   far as I can tell.

   All test builds were performed using -minimal elements.

2) A second bug existed where debian-minimal did not run the sysprep
   element at all, so a stretch image I tested contained a populated
   /etc/machine-id AND a populated /var/lib/dbus/machine-id.

[1] https://www.freedesktop.org/software/systemd/man/machine-id.html#Initialization

Change-Id: Ibb28b6e90d966a845de38a2cd5a1e8babd2604bc
2019-09-20 03:17:50 +00:00
..
cleanup.d Clean out apt index caches at end of image build 2017-04-09 11:57:23 -04:00
environment.d debootstrap: make default network interface names configurable 2019-06-12 13:53:38 +00:00
install.d debootstrap: make default network interface names configurable 2019-06-12 13:53:38 +00:00
root.d debian-minimal buster support 2019-04-04 16:10:08 +11:00
element-deps Ensure machine-id is not included in images 2019-09-20 03:17:50 +00:00
package-installs.yaml Drop support for Ubuntu precise 2017-05-31 14:36:30 +02:00
pkg-map Drop support for Ubuntu precise 2017-05-31 14:36:30 +02:00
README.rst debootstrap: make default network interface names configurable 2019-06-12 13:53:38 +00:00

debootstrap

Base element for creating minimal debian-based images.

This element is incomplete by itself, you'll want to use elements like debian-minimal or ubuntu-minimal to get an actual base image.

There are two ways to configure apt-sources:

  1. Using the standard way of defining the default, backports, updates and security repositories is the default. In this case you can overwrite the two environment variables to adapt the behavior:

    • DIB_DISTRIBUTION_MIRROR: the mirror to use (default: http://deb.debian.org/debian)
    • DIB_DEBIAN_COMPONENTS: (default: main) a comma separated list of components. For Debian this can be e.g. main,contrib,non-free.

    By default only the main component is used. If DIB_DEBIAN_COMPONENTS (comma separated) from the debootstrap element has been set, that list of components will be used instead.

    Backports, updates and security are included unless DIB_RELEASE is unstable.

  2. Complete configuration given in the variable DIB_APT_SOURCES_CONF.

    Each line contains exactly one entry for the sources.list.d directory. The first word must be the logical name (which is used as file name with .list automatically appended), followed by a colon :, followed by the complete repository specification.

    DIB_APT_SOURCES_CONF=\
      "default:deb http://10.0.0.10/ stretch main contrib
       mysecurity:deb http://10.0.0.10/ stretch-security main contrib"

If necessary, a custom apt keyring and debootstrap script can be supplied to the debootstrap command via DIB_APT_KEYRING and DIB_DEBIAN_DEBOOTSTRAP_SCRIPT respectively. Both options require the use of absolute rather than relative paths.

Use of this element will also require the tool 'debootstrap' to be available on your system. It should be available on Ubuntu, Debian, and Fedora. It is also recommended that the 'debian-keyring' package be installed.

The DIB_OFFLINE or more specific DIB_DEBIAN_USE_DEBOOTSTRAP_CACHE variables can be set to prefer the use of a pre-cached root filesystem tarball.

The DIB_DEBOOTSTRAP_EXTRA_ARGS environment variable may be used to pass extra arguments to the debootstrap command used to create the base filesystem image. If --keyring is used in DIB_DEBOOTSTRAP_EXTRA_ARGS, it will override DIB_APT_KEYRING if that is used as well.

For further information about DIB_DEBIAN_DEBOOTSTRAP_SCRIPT , DIB_DEBIAN_USE_DEBOOTSTRAP_CACHE and DIB_DEBOOTSTRAP_EXTRA_ARGS please consult "README.rst" of the debootstrap element.

Networking

By default /etc/network/interfaces.d/eth[0|1] files will be created and enabled with DHCP networking. If you do not wish this to be done, set DIB_APT_MINIMAL_CREATE_INTERFACES to 0. If you need different interface names than eth[0|1] set DIB_NETWORK_INTERFACE_NAMES to a space separated list of network interface names like:

export DIB_NETWORK_INTERFACE_NAMES="ens3 ens4"

Note on ARM systems

Because there is not a one-to-one mapping of ARCH to a kernel package, if you are building an image for ARM on debian, you need to specify which kernel you want in the environment variable DIB_ARM_KERNEL. For instance, if you want the linux-image-mx5 package installed, set DIB_ARM_KERNEL to mx5.