Ce billet n’a pas encore été traduit en français. La version anglaise est disponible ci-dessous.
Release process
It took a few months after Stretch Alpha 7 (published
2016-07-04), but
the Stretch
Alpha 8 release of
the Debian
Installer happened a few days ago. Release preparations had to
be delayed a bit because a fix was needed in
the linux
packaging (see bug
report #839552) so
that mounting FAT partitions worked again, since this is needed
for EFI support.
As a release manager, Cyril has to make sure things look good enough for a release. This usually involves freezing udeb-producing packages for a while, so that the main set of packages used to build the Debian Installer doesn’t get any last minute changes that might bring some regressions while stabilization is in progress.
The debian-installer
package got uploaded on
2016-10-27 but two major issues popped up:
- some
debian-installer
builds got rejected by dak, because they contained an invalidBuilt-Using
field (only on some architectures). - the late inclusion of a new
debootstrap
version triggered a regression, making it impossible to validateInRelease
files and therefore impossible to trust repositories.
The first issue was due to the rather
recent linux
/linux-signed
split. The
idea behind this move is preparing
for Secure Boot
support, with linux
being used to build linux kernel
and modules as usual, and linux-signed
holding extra
signatures for them, so that they can be verified cryptographically.
This exposed
an awful
and old bug which hadn’t been detected until
now. Then an
extra commit got added as a work around for the
linux
/linux-signed
specific situation:
code comes from the linux
source package, so that’s
what needs to be listed in Built-Using
.
Further improvements are planned (see bug
report #842719), by
checking for a possible Built-Using
field in each
udeb, so that this workaround can be replaced by some more generic
code.
The second issue was due to the reintroduction
of InRelease
support. There are two ways of
validating the contents of a given distribution on a Debian
mirror: checking the Release
file against its
detached signature (Release.gpg
), or checking
the InRelease
file alone, as it contains an inline
signature.
Since only gpgv
is available in a Debian Installer
environment, the idea was to split the InRelease
file
into two files: the Release
file and its
signature. The tricky part is that the final newline is dropped by
GnuPG, so a little tr … | sed … | tr …
dance was
added to do the same. Unfortunately, while it works fine with
usual implementations of those commands, that’s not the case with
the busybox
implementation used in Debian Installer,
leading to a bad signature
result during the installation
process (see bug
report #842591).
Thankfully Ansgar Burchardt had a proof of concept ready with a
simple state machine in POSIX shell, which Cyril could merge and
upload to fix debootstrap-udeb
, fixing this
showstopper.
Major update: debootstrap and merged-/usr
As mentioned above, debootstrap
was updated, but not
only for InRelease
support. It received a number of
fixes and improvements (see
the release
announce for the details), but the biggest change deserves a
longer explanation: debootstrap now defaults to
merged-
./usr
Once upon a time, UNIX systems were booted from a floppy disk,
and once the boot sequence had finished, one would mount extra
resources onto the /usr
directory: programs,
libraries, home directories, etc. Nowadays, it makes little sense
to keep the distinction between boot-time and non-boot-time tools,
and it was proposed to get rid of this distinction entirely.
One way to achieve this is as simple as setting up symlinks for a
number of
directories: bin
, sbin
, lib
,
and other libXX
(one can
find lib32
, lib64
, etc. depending on the
architecture), respectively pointing at
usr/bin
, usr/sbin
, usr/lib
,
etc. This approach means there’s no need to change any single
package, it’s just about using a specific directories+symlinks
setup at installation time.
The options to enable or disable this feature
are --merged-usr
and --no-merged-usr
respectively. The Debian script (shared across many versions) was
updated to default to merged-/usr
for stretch
and later, which explains why this Debian
Installer Stretch Alpha 8 release now defaults to a
merged-/usr
setup.
Credits: This change was driven by both Marco d’Itri and Ansgar Burchardt, while Julien Cristau worked on most other changes. Thanks!
Some final notes:
- There’s also
a
usrmerge
package, making it possible to convert an existing system to this new scheme. As noted in its description: use it at your own risk, no going back is implemented there! - Some packages might not work properly with this specific
setup, which explains why the
usrmerge
package has a number ofConflicts
declared. One particular case isdpkg-shlibdeps
(from thedpkg-dev
package) which is used to resolve library packages when building Debian packages (see bug report #843073), but patches were published already.
Next release: Stretch Alpha 9
A few things are planned for the next release:
- Better coordination with
linux
maintainers: A new upstream major release was getting ready to migrate totesting
while Debian Installer was being prepared, and it migrated right after the release was published. As a result, the Stretch Alpha 8netboot
images were broken almost instantly: they can’t find the 4.7 linux module udebs intesting
anymore since those got replaced with 4.8 udebs. Of course we could have switched to 4.8 but experience suggests releasing when things look good enough instead of taking new code at the last minute and hoping for the best (especially when considering the large codebase that the Linux kernel is). Anyway, this issue will be avoided by waiting for the upcomingABI bump
announced by Ben Hutchings. - Fix for remote installations: Support for
screen
(a terminal multiplexer) was added, but a further commit unfortunately brokenetwork-console
-based installations altogether (see bug report #844549). This will be fixed in the next release. - Switching theme from Lines to Soft Waves: The artwork proposal
by Juliette Belin was selected for Stretch, and Aurélien Couderc
proposed patches for
debian-installer
androotskel-gtk
. Things are getting polished and the theme switch will be effective in the next release. - Last Alpha release: Since the freeze is being entered slowly
(we’re using a progressive freeze process again), it makes sense
to switch to the
Release Candidate
versioning at some point. New features are going to be less likely anyway, soRC
looks like a reasonable name for further versions.