AutoYaST - Is there a way to specify the LSM to use in the autoinst.xml control file?
I've created an AutoYaST control file (autoinst.xml) which installs an openSUSE Tumbleweed system for use as a Virtual Machine OS. There are three issues I've not been able to fing a solution/workaround for:
1. There doesn't seem to be a way to specify which Linux Security Module is selected via autoinst.xml. This means that my attempts to remove apparmor related patterns / packages fail and it requires manual intervention. As far as I can tell, the LSM is specified in the control.xml file in the openSUSE installation media's /x86_64/openSUSE-release-*.rpm package and I don't know how I can override it.
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
<?xml version="1.0"?>
<!DOCTYPE profile>
<profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns">
<add-on t="map">
El dom, 06-02-2022 a las 13:07 +0000, Jinesh Choksi escribió:
I've created an AutoYaST control file (autoinst.xml) which installs an openSUSE Tumbleweed system for use as a Virtual Machine OS. There are three issues I've not been able to fing a solution/workaround for:
Hi Jinesh,
1. There doesn't seem to be a way to specify which Linux Security Module is selected via autoinst.xml. This means that my attempts to remove apparmor related patterns / packages fail and it requires manual intervention. As far as I can tell, the LSM is specified in the control.xml file in the openSUSE installation media's /x86_64/openSUSE-release-*.rpm package and I don't know how I can override it.
Good news! This feature was introduced recently :-). It is included in
yast2-security 4.4.10, so it will be available in openSUSE Leap 15.4
and it is already available in the latest Tumbleweed version
(20220204).
The LSM is selected within the <security/> section:
<security>
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
I can confirm this problem. I am having a look into it.
3. The following does not provide the user the ability to manually configure the network settings but they can configure customise the disk partitioning. Am I missing something?
<semi-automatic t="list">
networking partitioning </semi-automatic>
The networking client will not run in these situations: a) you already specified the interfaces configuration in the networking section of the AutoYaST profile. b) you are using NetworkManager. Now that we have basic support for NetworkManager, I would say that we should run the client *always*. In case we want to keep a), we need to improve the detection of such a situation (e.g., if your system is already connected to the network in order to read the AutoYaST profile, we consider the network as already configured -and perhaps we should not-). But maybe I am missing something. Knut/Michal, could you clarify?
regards,
Regards, Imo -- Imobach González Sosa YaST Team at SUSE LLC https://imobachgs.github.io/
El lun, 07-02-2022 a las 12:12 +0000, Imobach Gonzalez Sosa escribió: [..]
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
I can confirm this problem. I am having a look into it.
Finally, this one is a legit bug: https://bugzilla.suse.com/show_bug.cgi?id=1195630 Thanks for noticing! Regards, Imo -- Imobach González Sosa YaST Team at SUSE LLC https://imobachgs.github.io/
On Montag, 7. Februar 2022 13:22:17 CET Imobach Gonzalez Sosa wrote:
El lun, 07-02-2022 a las 12:12 +0000, Imobach Gonzalez Sosa escribió:
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
I can confirm this problem. I am having a look into it.
Finally, this one is a legit bug: https://bugzilla.suse.com/show_bug.cgi?id=1195630
It is non public: You are not authorized to access bug #1195630. To see this bug, you must first log in to an account with the appropriate permissions. Can you please open it? -- Mit freundlichen Gruessen, Andreas Vetter
On 2/7/22 14:12, Andreas Vetter wrote:
On Montag, 7. Februar 2022 13:22:17 CET Imobach Gonzalez Sosa wrote:
El lun, 07-02-2022 a las 12:12 +0000, Imobach Gonzalez Sosa escribió:
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
I can confirm this problem. I am having a look into it.
Finally, this one is a legit bug: https://bugzilla.suse.com/show_bug.cgi?id=1195630
It is non public: You are not authorized to access bug #1195630. To see this bug, you must first log in to an account with the appropriate permissions.
Can you please open it?
I moved it from the product "SLES-15-SP4" to the product "Public SLES-15-SP4". Please verify it's accessible now. Cheers. -- Ancor González Sosa YaST Team at SUSE Software Solutions
On Montag, 7. Februar 2022 15:13:45 CET Ancor Gonzalez Sosa wrote:
On 2/7/22 14:12, Andreas Vetter wrote:
On Montag, 7. Februar 2022 13:22:17 CET Imobach Gonzalez Sosa wrote:
El lun, 07-02-2022 a las 12:12 +0000, Imobach Gonzalez Sosa escribió:
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
I can confirm this problem. I am having a look into it.
Finally, this one is a legit bug: https://bugzilla.suse.com/show_bug.cgi?id=1195630
It is non public: You are not authorized to access bug #1195630. To see this bug, you must first log in to an account with the appropriate permissions.
Can you please open it?
I moved it from the product "SLES-15-SP4" to the product "Public SLES-15-SP4". Please verify it's accessible now.
Cheers.
Thank you, it is open now. -- Mit freundlichen Gruessen, Andreas Vetter
El lun, 07-02-2022 a las 12:22 +0000, Imobach Gonzalez Sosa escribió:
El lun, 07-02-2022 a las 12:12 +0000, Imobach Gonzalez Sosa escribió:
[..]
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
I can confirm this problem. I am having a look into it.
Finally, this one is a legit bug: https://bugzilla.suse.com/show_bug.cgi?id=1195630
Hi all, We have submitted a fix for the problems in points 2) and 3). When autoyast2 4.4.29 enters in Tumbleweed: * The hostname should be set correctly. * You should see the networking configuration module during installation. If you are in a hurry, you can get our packages from the YaST:Head repository[1] and build a Driver Update Disk to be used during installation: mkdud --create your.dud --dist tw --install instsys *.rpm Do not forget to include "autoyast2" and "autoyast2-installation" RPMs. Then, when booting the installation, you need to set the dud= boot option so AutoYaST can find the update. See SDB:Linuxrc[2] for further information. If you are not in a hurry, you could just wait for a few days until the fix is included 🙂 Do not hesitate to ask if you have more questions. Thanks! Regards, Imo [1] https://build.opensuse.org/package/show/YaST:Head/autoyast2 [2] https://en.opensuse.org/SDB:Linuxrc#p_dud -- Imobach González Sosa YaST Team at SUSE LLC https://imobachgs.github.io/
participants (4)
-
Ancor Gonzalez Sosa
-
Andreas Vetter
-
Imobach Gonzalez Sosa
-
Jinesh Choksi