For some messages, RAUC uses GLib's structured logging API, which doesn't add
the SYSLOG_IDENTIFIER implicitly, like the convenience messages do. Backport a
patch submitted upstream which add this field to all messages, making all RAUC
logging available when rauc identifier is queried.
This backports patch from GLib v2.85.0 which adds SYSLOG_IDENTIFIER to messages
logged through GLib's convenience logging messages. This immediately makes some
RAUC messages previously not present in Host logs (which rely on the identifier
field being present) to be available in the host logs. For the remaining
messages, the identifier needs to be added directly in RAUC.
This change adds termios2 compatibility to the ioctl interface of generic_raw_uart making it compatible to glibc 2.42+ environments which prefer termios2 rather than the old/obsolete termios ioctls. This is a similar change to what was introduced to eq3_char_loop in #4471. However, this change in generic_raw_uart is required so that /dev/raw-uart will be termios2 compatible for applications within the OpenCCU Add-on directly opening it in case a non-dualcopro RF module like HmIP-RFUSB-TK is using it directly. (This refs https://github.com/OpenCCU/OpenCCU/issues/3498)
This PR updates the eq3_char_loop package to contain the latest
eq3_char_loop v1.3 sources with termios2 compatibility which is required
for glibc 2.42+ environments (latest OpenCCU) so that the HMIPServer
within OpenCCU is able to startup correctly.
* Enable CONFIG_I2C_ACPI in kernel configuration for generic-x86-64
Needed to support i2c-based touchscreens on x86 boards
* Enable I2C HID support in kernel configuration for generic aarch64
Needed to support i2c touchscreens on arm64 devices
For users having non-English, and especially non-qwerty layouts, using the host
shell can be very awkward. There was no option to change the keymaps as they
haven't been installed in the OS, and the persistence couldn't have been
achieved because of read-only /etc.
With upstream patch merged in #4224, we have an option to put
/etc/vconsole.conf to a writable location and use the same approach as in the
timezone PR. This is needed because even if we only bind-mounted the file from
the overlay directory, the Systemd services which start early will still refer
to the inode on the read-only FS. Also, gzip is required as current version of
kbd in Buildroot (v2.6.4) always compresses the keymaps using gzip. We can get
rid of this after we bump to kbd v2.9.0 [1] or newer. The overall bloat in
local build of the OS is slightly over 1 MiB, so it is acceptable.
With these changes, the `localectl set-keymap` command can be used to use any
available keymap from the installed `kbd` package (refer to `localectl
list-keymaps` for complete lists) and persist it between reboots.
[1] https://github.com/legionus/kbd/releases/tag/v2.9.0Fixes#1775
Since home-assistant/version#305 the AppArmor profiles were split to
per-channel files. This was never reflected in hassio package build though.
Currently this doesn't cause any trouble and the profile is replaced later by
the Supervisor but make sure we're always using the correct one from the
beginning.
Extract some of the parts of the "image import" to the script creating the data
partition to separate concerns. The Docker data directory is now passed as a
daemon option, instead of only mounting the data partition's folder to the
default directory, to be closer to the deployment setup. Also trap the exit and
error signals to remove the build container and unmount the data partition, as
failed or cancelled build have been leaking the containers/mounts when building
interactively (attached to the build container shell).
Importing docker-archive format leads to some layers missing in the content
storage which results in some image metadata missing. This appears to be the
same regression as moby/moby#49473. Importing OCI archives when bootstrapping
the data partition seems to work this bug around.
Fixes#4385
Atm some targets don't have comments support enabled for iptables. There's no reason to limit that to just arm64-rockhip target, so this change addresses that.
* Remove configs and board files of deprecated architectures
* Remove support for ODROID-XU4 boot files
* Remove ASUS Tinker support from rpi-rf-mod
* Remove RPi armv7 config fragment
A bug introduced in Docker v28.2+ can cause slow container restart in some
cases because of usage of IPv4 mapped IPv6 addresses in iptables command.
Backport a simple patch from upstream to fix it before we bump to a newer
Docker version.
Fixes#4363
The deprecated-key-path option is no longer handled, but it doesn't cause
problems because the key is explicitly ignored. It was completely removed in
Docker 19.03.0 [1].
As such, the option and the pre-start script to fix the corrupted key.json can
be removed now, as it has no effect, only printing confusing message when
Docker service fails to start.
[1] 98fc09128b
Prefer the containerd snapshotter by using it by default for new installs and
when no Docker data is present (e.g. after datadisk wipe). The snapshotter is
enabled by a dockerd flag which is set when a flag file is present in the data
partition. This flag file can be used also to opt-in for this snapshotter on
legacy installs (high level API through OS Agent and Supervisor TBD), to
migrate to the containerd snapshotter this file can be simply created manually.
Testing shown no major problems when migrating, the old overlay2 folder can be
(and should be - to avoid situations where the data disk might run out of
space) deleted before the docker.service is started in the docker-prepare
script.
Note that there's no offline migration path, OS needs to be connected to the
internet to re-download the images when migrating. This could be theoretically
possible through docker image save/load functions but guarding for enough of
space and other edge cases would be probably too complex to justify it.
Refs #4252
Refs #4253 - easier opt-in method is still needed
Closes#4254 - migration is handled seamlessly by Docker
Use the version used in the docker-engine package to ensure it stays in sync.
Although we haven't seen any issues related to the fact it was sometimes
mismatching, reduce the burden of needing it to be synced manually.
This might be required for some modern Intel processors (Meteor Lake and newer)
which fail to boot Linux kernel without x2APIC controller when some features
(e.g. VT-d or x2APIC itself) are enabled in the BIOS.
Enable it also for OVA, as it can be emulated in virtual machines, even when
the host CPU does not support it.
Fixes#4337, fixes#4144, fixes#4345
The CPUfreq governor "powersave" sets the CPU statically to the lowest
frequency within the borders of scaling_min_freq and scaling_max_freq.
This can be useful if a particular power budget should not ever be
crossed. Can be set using `cpufreq.default_governor=powersave`. Note
that this obviously affects performance.
* Improve UX of HA CLI wrapper and emergency console
For many users, the emergency console gives feeling that the system is
completely broken. However, there are various cases when the system just takes
just a bit longer to start up and the emergency message is shown, while it
finishes a proper startup shortly after. This change tries to improve the UX in
several ways:
* The limit before a forced emergency console startup is changed to 3 minutes
* Waiting can be interrupted with Ctrl+C (reset counter is cleared then)
* Some hints what to check have been added before starting the shell
* Also, because if the HA CLI failed for 5 times in a row in quick succession,
the CLI startup was then not retried anymore and user may have been left with
a black screen, the restart limits timeouts have been adjusted only to back
off and never mark the unit as failed
Closes#4273
* Use /bin/sh and printf to silence linter errors
