v2.0.0-beta7

- Docker 24.0.5
- Kernel 5.10.188
- System-docker 17.06.108
- System container images compresses with zstd instead of xz
- Added WSL2 support
- Include Hyper-V, ProxmoxVE and VMware tools to ISO
- Include apparmor tools to console
- Enable apparmor by default
- Remove experimental selinux support
- Include chroot command to initrd

scripts/global.cfg

@@ -1 +1 @@
-APPEND rancher.autologin=tty1 rancher.autologin=ttyS0 rancher.autologin=ttyS1 console=tty1 console=ttyS0 console=ttyS1 printk.devkmsg=on transparent_hugepage=never scsi_mod.use_blk_mq=1 ${APPEND}
+APPEND rancher.autologin=tty1 rancher.autologin=ttyS0 rancher.autologin=ttyS1 console=tty1 console=ttyS0 console=ttyS1 printk.devkmsg=on transparent_hugepage=never scsi_mod.use_blk_mq=1 apparmor=1 security=apparmor ${APPEND}

scripts/layout-initrd

@@ -1,6 +1,7 @@
 #!/bin/bash
 
 function cache_services() {
+    echo "Caching service: $1"
     local SERVICE_YMLFILE=$1
 
     local SERVICE_URL=${OS_SERVICES_REPO}/${REPO_VERSION}
@@ -22,10 +23,11 @@ mkdir -p ${INITRD_DIR}/usr/{etc,lib,bin,share/ros}
 
 ./scripts/template
 
-cp -rf assets/selinux          ${INITRD_DIR}/usr/etc
 cp build/images*.tar           ${INITRD_DIR}/usr/share/ros/
 cp bin/ros                     ${INITRD_DIR}/usr/bin/
 ln -s usr/bin/ros              ${INITRD_DIR}/init
+# cp ${INITRD_DIR}/usr/bin/sh    ${INITRD_DIR}/usr/bin
+ln -s ros                      ${INITRD_DIR}/usr/bin/init
 ln -s bin                      ${INITRD_DIR}/usr/sbin
 ln -s usr/sbin                 ${INITRD_DIR}/sbin
 
@@ -49,44 +51,9 @@ BUILD_ID=
 HERE
 
 # cache os-services yml file
-for file in $(find . -type f -name ".make-*"); do
-    f_file=$(basename ${file})
-    case $f_file in
-        ".make-vmware")
-            cache_services "o/open-vm-tools.yml"
-            ;;
-        ".make-4glte")
-            cache_services "m/modem-manager.yml"
-            ;;
-        ".make-hyperv")
-            cache_services "h/hyperv-vm-tools.yml"
-            ;;
-        ".make-azurebase")
-            cache_services "h/hyperv-vm-tools.yml"
-            cache_services "w/waagent.yml"
-            ;;
-        ".make-proxmoxve")
-            cache_services "q/qemu-guest-agent.yml"
-            ;;
-    esac
-done
-case ${OS_CONSOLE} in
-    "alpine")
-        cache_services "a/alpine.yml"
-        ;;
-    "centos")
-        cache_services "c/centos.yml"
-        ;;
-    "debian")
-        cache_services "d/debian.yml"
-        ;;
-    "fedora")
-        cache_services "f/fedora.yml"
-        ;;
-    "ubuntu")
-        cache_services "u/ubuntu.yml"
-        ;;
-esac
+cache_services "h/hyperv-vm-tools.yml"
+cache_services "o/open-vm-tools.yml"
+cache_services "q/qemu-guest-agent.yml"
 
 pushd ${INITRD_DIR}/usr/etc
 ln -s ../share/ros/os-release .
@@ -97,11 +64,6 @@ touch ${INITRD_DIR}/usr/bin/docker-containerd
 touch ${INITRD_DIR}/usr/bin/docker-containerd-shim
 touch ${INITRD_DIR}/usr/bin/docker
 
-if [ -e ${DOWNLOADS}/policy.29 ]; then
-    mkdir -p ${INITRD_DIR}/usr/etc/selinux/ros/policy/
-    cp ${DOWNLOADS}/policy.29 ${INITRD_DIR}/usr/etc/selinux/ros/policy/
-fi
-
 # make burmilla/os-initrd image
 cat <<HERE > ${INITRD_DIR}/../Dockerfile.initrd
 FROM scratch

scripts/release-amd64

@@ -3,6 +3,11 @@ set -ex
 
 cd $(dirname $0)/..
 
+# touch .make-azurebase
+touch .make-hyperv
+touch .make-proxmoxve
+touch .make-vmware
+
 source ./scripts/version
 ./scripts/release-build
 

scripts/release-azurebase

@@ -1,9 +0,0 @@
-#!/bin/bash
-set -ex
-
-cd $(dirname $0)/..
-
-touch .make-azurebase
-
-source ./scripts/version
-./scripts/release-build

scripts/release-hyperv

@@ -1,14 +0,0 @@
-#!/bin/bash
-set -ex
-
-cd $(dirname $0)/..
-
-touch .make-hyperv
-
-source ./scripts/version
-./scripts/release-build
-
-touch dist/publish.sh
-chmod 755 dist/publish.sh
-
-echo "github-release upload --user burmilla --repo os --tag ${VERSION} --file dist/artifacts/burmillaos.iso --name burmillaos-${VERSION}-hyperv.iso" > dist/publish.sh

scripts/release-proxmoxve

@@ -1,14 +0,0 @@
-#!/bin/bash
-set -ex
-
-cd $(dirname $0)/..
-
-touch .make-proxmoxve
-
-source ./scripts/version
-./scripts/release-build
-
-touch dist/publish.sh
-chmod 755 dist/publish.sh
-
-echo "github-release upload --user burmilla --repo os --tag ${VERSION} --file dist/artifacts/burmillaos.iso --name burmillaos-${VERSION}-proxmoxve.iso" > dist/publish.sh

scripts/release-vmware

@@ -1,14 +0,0 @@
-#!/bin/bash
-set -ex
-
-cd $(dirname $0)/..
-
-touch .make-vmware
-
-source ./scripts/version
-./scripts/release-build
-
-touch dist/publish.sh
-chmod 755 dist/publish.sh
-
-echo "github-release upload --user burmilla --repo os --tag ${VERSION} --file dist/artifacts/burmillaos.iso --name burmillaos-${VERSION}-vmware.iso" >> dist/publish.sh

scripts/schema.json

@@ -133,7 +133,6 @@
         "pid_file": {"type": "string"},
         "registry_mirror": {"type": "string"},
         "restart": {"type": ["boolean", "null"]},
-        "selinux_enabled": {"type": ["boolean", "null"]},
         "storage_driver": {"type": "string"},
         "userland_proxy": {"type": ["boolean", "null"]},
         "userns_enabled": {"type": ["boolean", "null"]},

scripts/tar-images

@@ -44,14 +44,7 @@ echo "tar-image: SYSTEM_IMAGES=$SYSTEM_IMAGES"
 echo "tar-image: INIT_IMAGES=$INIT_IMAGES"
 echo "tar-image: USER_IMAGES=$USER_IMAGES"
 
-if [ "$COMPRESS" == "" ]; then
-    ARCHIVE_CMD="gzip"
-else
-    # system-docker can not load images which compressed by xz with a compression level of 9
-    # decompression consumes more memory if using level 9
-    # the default compression level for xz is 6
-    ARCHIVE_CMD="xz -4 -e"
-fi
+ARCHIVE_CMD="zstd -19 -c"
 
 docker save ${INIT_IMAGES} | ${ARCHIVE_CMD} > ${INIT_IMAGES_DST}
 docker save ${SYSTEM_IMAGES} | ${ARCHIVE_CMD} > ${SYSTEM_IMAGES_DST}