This reduces the number of steps in the "First Boot" section that are
not related to the first boot.
Reported-by: Jonathan Dumont <JOduMonT>
Signed-off-by: Richard Laager <rlaager@wiktel.com>
Use swapoff to ensure swap partitions are not mounted prior to
'sgdisk --zap-all'
Signed-off-by: Scott G. Ainsworth <scott@ainsworth.us>
Signed-off-by: Richard Laager <rlaager@wiktel.com>
[Applied the change to Debian Buster; removed Ubuntu 16.04 and 18.04.]
Signed-off-by: Scott G. Ainsworth <scott@ainsworth.us>
Signed-off-by: Richard Laager <rlaager@wiktel.com>
[Applied to Ubuntu 20.04 Raspberry Pi & Debian Buster.]
It looks like I messed this up (for Debian, but not Ubuntu) in my
various changes. It is not necessary to do this before the chroot in
the normal install path, as it was done earlier. But it is something
that should be done before the chroot in the rescue path. I've now
made Debian match Ubuntu.
Fixes#141
Reported-by: Colm <colm@tuatha.org>
Signed-off-by: Richard Laager <rlaager@wiktel.com>
There was already a note about ignoring a cryptsetup WARNING, but:
A) cryptsetup also prints an ERROR message, and
B) this also occurs at an earlier step.
Fixes#134
Signed-off-by: Richard Laager <rlaager@wiktel.com>
This was mentioned in #99 and I added it as an alternative option.
However, it seems to break GRUB; see #107. GRUB tries to parse
/proc/mounts and see a line like this:
systemd-1 /boot/efi autofs ...
From there, it gets "systemd-1" as the device name, and breaks.
Closes#107
Signed-off-by: Richard Laager <rlaager@wiktel.com>
We need the bpool to end up in zpool.cache. For some reason, this is
not happening normally on Ubuntu 20.04. I added the same steps to
Debian too, for good measure.
This was discussed in #120.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
If the disk has been used before (with partitions at the same offsets),
previous filesystems (e.g. the ESP) will automount if not disabled.
Co-authored-by: attero <service-github@attero.me>
Signed-off-by: Richard Laager <rlaager@wiktel.com>
Closes#119
"The /root dataset is created with default world-readable permissions
(755). debootstrap would create /root with 700 permissions, but it
does not change the permissions if it already exists."
Reported-by: zxyrepf
Closes#115
I made Debian follow the Ubuntu approach, which comes from the Ubuntu
installer. There was a report (#99) of a problem with the old approach
used on Debian. In that issue, user foo-git linked to a Fedora feature
request which discusses automounting /boot/efi instead. I've offered
that as an alternative.
I am not switching to that outright, as following the Ubuntu installer
(where possible) is a goal of mine.
Suggested-by: foo-git
Closes#99
The fix for #97, 66233a1138, seems to
have created yet another issue (beyond #100):
"the link /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
is dangling (since /run has just been clobbered by an empty tmpfs).
debootstrap seems to populate all manner of stuff in /run."
f1721edda7 (commitcomment-45770519)
I considered just reverting all of this, since the original issue only
occurred when copying in an existing system. Ignoring it was my
decision the first time this came up. But it's come up twice now.
Also, this mode is mentioned in the guide. Most importantly, if we are
not mounting a /tmpfs at /run in the normal case, then we could end up
with cruft in /run in the root filesystem which could potentially break
something or be confusing later if the /run tmpfs ever failed to mount.
So in the interest of correctness, I'd like to try to handle this.
I am now mounting a tmpfs at /mnt/run before the debootstrap step.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
The zpool.cache file is getting cleared by zfs-import-bpool.service. A
work-around is to move the cache file out of the way before the import
and restore it after:
https://github.com/openzfs/zfs/discussions/8549#discussioncomment-231334
The suggestion there is suppressing errors with `|| true`, which can
also be done by prefixing the command with `-`. (I verified that the
systemd in Buster is new enough to support that.) If we are
suppressing errors anyway, I'm not sure there's a benefit to checking
for the file rather than just trying the move and letting it fail. The
latter approach avoids the shell entirely. So I changed it.
Closes#97
Suggested-by: Andrey Prokopenko <9478806+terem42@users.noreply.github.com>
Tested-by: Hevisko <hvjunk@gmail.com>
Signed-off-by: Richard Laager <rlaager@wiktel.com>
It was reported, in #97, that this is required when copying an existing
system installation into the root filesystem. It is probably a good
idea to do this all the time, to avoid the risk of stray junk ending up
in /run during the install process.
Suggested-by: Hevisko <hvjunk@gmail.com>
Signed-off-by: Richard Laager <rlaager@wiktel.com>
The convention here is to add a blank line between commands that
cannot be copied-and-pasted together. apt is such a command, as it
will eat the input from the paste.
In general apt is the preferred way to interact with packages, and I
think in this case there is no need/advantage to use dpkg.
Closes#88
Signed-off-by: Richard Laager <rlaager@wiktel.com>
[Fixed the other two instances too.]
This is how the Ubuntu 20.04 installer configures the ESP to mount at
/boot/efi, so it should be fine to use this convention everywhere.
/dev/md0's /dev/disk/by-uuid entry does not show up immediately, so I
removed the swapon there.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
On Ubuntu, console-setup, keyboard-configuration (a dependency of
console-setup), and locales are installed by default. On Debian, we
need to install them manually. (We were already doing so for locales.)
I merged the various dpkg-reconfigure lines into one to simplify. The
order isn't important.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
Reported-by: Robert <technic-take3>
Fixes#59
Users following the ZFS guide may not realize their system won't
receive important security updates between minor point releases
unless additional configuration is added to sources.list.
Signed-off-by: Mathias Gibbens <mathias@calenhad.com>
This was missed in 784b3b7a27 which
eliminated the canmount=noauto. With that gone, it is not necessary to
manually mount bpool/BOOT/debian.
Reported-by: Danny <suavedandy>
Without buster-backports, everything ZFS is from the buster repository.
Adding this to the Live CD installation instructions allows our initial
pool to be created with newer versions.
Signed-off-by: Spotlight <spotlight@joscomputing.space>
The open-zfs.org host, Dreamhost, returns a page for https://open-zfs.org
(note, httpS://) which causes HTTPS Everywhere with the 'Encrypt All
Eligible Sites' option enabled to redirect http://open-zfs.org to
https://open-zfs.org, and therefore fail to redirect to openzfs.org.
Ideally a redirect would be implemented at Dreamhost for
httpS://open-zfs.org too, but presumably the links in the docs should
really be updated anyway.
This covers more scenarios, including the need to stop md arrays and
wipe MD partitions.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
Requested-by: Larry Wagner <larrywagner0@gmail.com>
buster-backports has ZoL 0.8.4. I am still explicitly specifying
encryption=aes-256-gcm to avoid accidents. This can probably change to
encryption=on at some point.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
This makes the PermitRootLogin changes part of the actual steps rather
than a comment. I've also made its removal an explicit step.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
This makes it consistent with Ubuntu. This really isn't worth the
trouble, especially since it breaks debootstrap.
Signed-off-by: Richard Laager <rlaager@wiktel.com>
