V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-08-05 22:42:14 +02:00
parent f366d2daf2
commit 16a51c5536
6 changed files with 140 additions and 48 deletions
--- a/.preseed/preseed.yaml
+++ b/.preseed/preseed.yaml
@@ -83,7 +83,7 @@ debootstrap:                   # Provide a mirror for downloading the Debian pac
                               # list of official Debian packages.
  mirror: "https://deb.debian.org/debian"
                               # The following packages MUST be included in the debootstrap.
-  includes: "ca-certificates,locales,openssl,tzdata"
+  includes: "busybox,ca-certificates,locales,openssl,tzdata,zstd"
 distribution: "bookworm"       # MUST be "bookworm".
 debian_suite: "stable"         # MUST be "stable". Not supported yet: "testing", "experimental".
 exit:
@@ -521,6 +521,7 @@ software:
  ### Installed by 4000_debootstrap.sh
  ##############################################################################################################################
  # bash
+  # busybox
  # ca-certificates
  # coreutils
  # e2fsprogs
@@ -535,6 +536,7 @@ software:
  # tzdata
  # util-linux
  # vim-common
+  # zstd
  ##############################################################################################################################
  ### Installed by 4110_update_sources.sh
  ##############################################################################################################################
@@ -547,7 +549,6 @@ software:
  # bind9-dnsutils
  # bsdmainutils
  # btrfs-progs
-  # busybox
  # bzip2
  # dirmngr
  # dmsetup
@@ -581,7 +582,6 @@ software:
  # wget
  # whois
  # zsh
-  # zstd
  ##############################################################################################################################
  ### Installed by 4140_installation_microcode.sh
  ##############################################################################################################################
--- a/func/cdi_4100_base/4120_installation_kernel.sh
+++ b/func/cdi_4100_base/4120_installation_kernel.sh
@@ -31,10 +31,10 @@ installation_kernel() {

  if [[ -n "${VAR_KERNEL}" ]]; then

-    do_in_target_script "${TARGET}" "
-      apt-get install -y --no-install-recommends --no-install-suggests ${VAR_KERNEL} 2>&1 | tee -a ${var_logfile}
-      echo ExitCode: \$? >> ${var_logfile}
-    "
+    do_in_target_script "${TARGET}" '
+      apt-get install -y -o DPkg::Options::="--no-triggers" --no-install-recommends --no-install-suggests '"${VAR_KERNEL}"' initramfs-tools 2>&1 | tee -a '"${var_logfile}"'
+      echo ExitCode: $? >> '"${var_logfile}"'
+    '

    do_log "info" "file_only" "4120() Kernel image: '${VAR_KERNEL}' installed successfully."

--- a/func/cdi_4100_base/4130_installation_toolset.sh
+++ b/func/cdi_4100_base/4130_installation_toolset.sh
@@ -32,7 +32,6 @@ installation_toolset() {
    [host]="bind9-dnsutils"
    [hexdump]="bsdmainutils"
    [btrfs]="btrfs-progs"
-    [busybox]="busybox"
    [bunzip2]="bzip2"
    [base64]="coreutils"
    [cat]="coreutils"
--- a/func/cdi_4200_boot/4220_installation_cryptsetup.sh
+++ b/func/cdi_4200_boot/4220_installation_cryptsetup.sh
@@ -27,10 +27,10 @@ installation_cryptsetup() {

  touch "${TARGET}${var_logfile}" && chmod 0600 "${TARGET}${var_logfile}"

-  do_in_target_script "${TARGET}" "
-    apt-get install -y --no-install-recommends --no-install-suggests cryptsetup cryptsetup-initramfs 2>&1 | tee -a ${var_logfile}
-    echo ExitCode: \$? >> ${var_logfile}
-  "
+  do_in_target_script "${TARGET}" '
+    apt-get install -y -o DPkg::Options::="--no-triggers" --no-install-recommends --no-install-suggests cryptsetup cryptsetup-initramfs 2>&1 | tee -a '"${var_logfile}"'
+    echo ExitCode: $? >> '"${var_logfile}"'
+  '

  return 0
 }
--- a/func/cdi_4200_boot/4230_update_grub.sh
+++ b/func/cdi_4200_boot/4230_update_grub.sh
@@ -61,15 +61,40 @@ update_grub() {
      if [[ "${VAR_RECIPE_FIRMWARE}" == "uefi" ]]; then

        case "${VAR_ARCHITECTURE,,}" in
-          amd64)  do_in_target "${TARGET}" apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-efi-amd64 ;;
-          arm64)  do_in_target "${TARGET}" apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-efi-arm64 ;;
-          i386)   do_in_target "${TARGET}" apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-efi-ia32  ;;
-          *)      do_log "emergency" "file_only" "4230() Unsupported UEFI architecture: ${VAR_ARCHITECTURE}"; return "${ERR_GRUB_ARCHITECTURE}" ;;
+
+          amd64)
+            do_in_target_script "${TARGET}" "
+              apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-efi-amd64 2>&1 | tee -a ${var_logfile}
+              echo ExitCode: \$? >> ${var_logfile}
+            "
+            ;;
+
+          arm64)
+            do_in_target_script "${TARGET}" "
+              apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-efi-arm64 2>&1 | tee -a ${var_logfile}
+              echo ExitCode: \$? >> ${var_logfile}
+            "
+           ;;
+
+          i386)
+            do_in_target_script "${TARGET}" "
+              apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-efi-ia32 2>&1 | tee -a ${var_logfile}
+              echo ExitCode: \$? >> ${var_logfile}
+            "
+            ;;
+
+          *)
+            do_log "emergency" "file_only" "4230() Unsupported UEFI architecture: ${VAR_ARCHITECTURE}"; return "${ERR_GRUB_ARCHITECTURE}"
+            ;;
+
        esac

      else

-        do_in_target "${TARGET}" apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-pc
+        do_in_target_script "${TARGET}" "
+          apt-get install -y --no-install-recommends -t bookworm-backports grub2 grub2-common grub-pc 2>&1 | tee -a ${var_logfile}
+          echo ExitCode: \$? >> ${var_logfile}
+        "

      fi

@@ -213,7 +238,7 @@ install_grub_bios() {
  ### Debug modules.
  var_bios_mod+="cat echo hexdump ls test terminfo"

-  ary_bios_arg+=( --target=i386-pc --boot-directory=/boot "--modules=${var_bios_mod}" )
+  ary_bios_arg+=( --target=i386-pc --boot-directory=/boot "--modules=\"${var_bios_mod}\"" )

  do_in_target "${TARGET}" grub-install "${ary_bios_arg[@]}" "${grub_bootdev}"  || return "${ERR_GRUB_INSTALL}"
  do_log "info" "file_only" "4230() Installed: GRUB on Device: '${grub_bootdev}' [BIOS]."
@@ -239,20 +264,20 @@ install_grub_bios() {
 install_grub_uefi() {
  ### Declare Arrays, HashMaps, and Variables.
  declare -a ary_uefi_arg=()
-  declare    var_uefi_mod=""
+  declare    var_uefi_mod=" "

  ### Cryptographic modules.
-  var_uefi_mod+="cryptodisk gcry_rijndael gcry_sha256 gcry_sha512 gcry_whirlpool gcry_serpent gcry_twofish luks luks2"
+  var_uefi_mod+="cryptodisk gcry_rijndael gcry_sha256 gcry_sha512 gcry_whirlpool gcry_serpent gcry_twofish luks luks2 "
  ### Filesystem modules.
-  var_uefi_mod+="btrfs ext2"
+  var_uefi_mod+="btrfs ext2 "
  ### Partitioning / Device / GPT
-  var_uefi_mod+="mdraid1x part_gpt"
+  var_uefi_mod+="mdraid1x part_gpt "
  ### Device / Terminal modules.
-  var_uefi_mod+="boot linux efi_gop efi_uga gfxterm gfxterm_background gfxterm_menu normal search search_fs_uuid search_label"
+  var_uefi_mod+="boot linux efi_gop efi_uga gfxterm gfxterm_background gfxterm_menu normal search search_fs_uuid search_label "
  ### Debug modules.
  var_uefi_mod+="cat echo hexdump ls test terminfo"

-  ary_uefi_arg+=( --target=x86_64-efi --boot-directory=/boot --efi-directory=/boot/efi --bootloader-id=debian "--modules=${var_uefi_mod}" )
+  ary_uefi_arg+=( --target=x86_64-efi --boot-directory=/boot --efi-directory=/boot/efi --bootloader-id=debian "--modules=\"${var_uefi_mod}\"" )

  [[ "${grub_update_nvram,,}" == "false" ]] && ary_uefi_arg+=( --no-nvram )

--- a/lib/cdi_0110_interactive/0110_check_kernel.sh
+++ b/lib/cdi_0110_interactive/0110_check_kernel.sh
@@ -26,24 +26,37 @@ guard_sourcing
 #######################################
 check_kernel() {
  declare -i counter=1
-  declare    first_string="" line="" name="" options="" var_cpu_vendor=""
+  declare    first_string="" line="" name="" options="" var_cpu_vendor="" var_system_architecture=""
+
+  cat << 'EOF' >| "${VAR_NOTES}"
+Kernel available
+*+bpo*       : Debian Backported Kernel
+*cloud*      : Special lightweight images for KVM
+*unsigned*   : Unsigned Kernel
+*preempt_rt* : Special Kernel for real-time-computing
+Not unsigned marked are MS signed Kernel for Secure Boot
+EOF

  # shellcheck disable=SC2312
  var_cpu_vendor=$(</proc/cpuinfo grep 'vendor_id' | head -n1 | cut -d: -f2 | xargs)
+  var_system_architecture="$(dpkg --print-architecture)"

-  case "${var_cpu_vendor}" in
+  case "${var_system_architecture}" in

-    *AuthenticAMD*)
+    amd64)
      # shellcheck disable=SC2312
      apt-cache search linux-image | grep linux-image | grep amd64 | grep -v "meta-package" | grep -v "dbg" | grep -v "template" >> "${VAR_KERNEL_TMP}"
      ;;

-    *GenuineIntel*)
+    arm64)
      # shellcheck disable=SC2312
      apt-cache search linux-image | grep linux-image | grep arm64 | grep -v "meta-package" | grep -v "dbg" | grep -v "template" >> "${VAR_KERNEL_TMP}"
      ;;

-    *)                do_log "info" "file_only" "4140() Unknown or unsupported CPU vendor: '${var_cpu_vendor}', skipping." ;;
+    *)
+      do_log "info" "file_only" "4140() Unknown Architecture: '${var_system_architecture}' and / or unsupported CPU vendor: '${var_cpu_vendor}', skipping."
+      ;;
+
  esac

  sort --output="${VAR_KERNEL_SRT}" "${VAR_KERNEL_TMP}" || {
@@ -60,27 +73,82 @@ check_kernel() {
      ((counter++))
    done < "${VAR_KERNEL_SRT}"

-  export NCURSES_NO_ALTSCREEN=1
-  # shellcheck disable=SC2034
-  if VAR_KERNEL=$(dialog \
+  tput smcup
+
+  declare var_response="" var_exitcode=""
+
+  while true; do
+
+    var_response=$(dialog \
      --no-collapse \
      --ascii-lines \
      --clear \
-                          --help-button \
+      --help-button --help-label "Info" \
      --backtitle "CISS.debian.installer" \
      --title "Select the Kernel for the CISS.debian.installer" \
-                          --radiolist "Kernel available \n *+bpo*       : Debian Backported Kernel \n *cloud*      : Special lightweight images for KVM \n *unsigned*   : Unsigned Kernel \n *preempt_rt* : Special Kernel for real-time-computing \n Not unsigned marked are MS signed Kernel for Secure Boot \n" 0 0 "${options[@]}" 3>&1 1>&2 2>&3 3>&-); then
+      --radiolist "Kernel available \n *+bpo*       : Debian Backported Kernel \n *cloud*      : Special lightweight images for KVM \n *unsigned*   : Unsigned Kernel \n *preempt_rt* : Special Kernel for real-time-computing \n Not unsigned marked are MS signed Kernel for Secure Boot \n" 0 0 "${options[@]}" 3>&1 1>&2 2>&3 3>&-
+    )

+    var_exitcode="$?"
    clear
+
+    case "${var_exitcode}" in
+
+      0)
+        VAR_KERNEL="${var_response}"
        [[ "${VAR_KERNEL}" != linux-image-* ]] && VAR_KERNEL="linux-image-${VAR_KERNEL}"
        do_log "info" "file_only" "0110() Kernel image selected interactively: '${VAR_KERNEL}'."
+        break
+        ;;

-  else
-
-    clear
+      1)
        VAR_KERNEL=""
+        break
+        ;;

-  fi
+      2)
+        dialog --no-collapse \
+          --ascii-lines \
+          --clear \
+          --backtitle "CISS.debian.installer" \
+          --title "Important Notes" \
+          --scrollbar \
+          --textbox "${VAR_NOTES}" 32 128
+        clear
+        continue
+        ;;
+
+      *)
+        VAR_KERNEL=""
+        break
+        ;;
+
+    esac
+
+  done
+
+  # shellcheck disable=SC2034
+  #if VAR_KERNEL=$(dialog \
+  #                        --no-collapse \
+  #                        --ascii-lines \
+  #                        --clear \
+  #                        --help-button --help-label "Info" \
+  #                        --backtitle "CISS.debian.installer" \
+  #                        --title "Select the Kernel for the CISS.debian.installer" \
+  #                        --radiolist "Kernel available \n *+bpo*       : Debian Backported Kernel \n *cloud*      : Special lightweight images for KVM \n *unsigned*   : Unsigned Kernel \n *preempt_rt* : Special Kernel for real-time-computing \n Not unsigned marked are MS signed Kernel for Secure Boot \n" 0 0 "${options[@]}" 3>&1 1>&2 2>&3 3>&-); then
+  #
+  #  #clear
+  #  [[ "${VAR_KERNEL}" != linux-image-* ]] && VAR_KERNEL="linux-image-${VAR_KERNEL}"
+  #  do_log "info" "file_only" "0110() Kernel image selected interactively: '${VAR_KERNEL}'."
+  #
+  #else
+  #
+  #  #clear
+  #  VAR_KERNEL=""
+  #
+  #fi
+
+  tput rmcup

  return 0
 }