Debian Installer : Stretch Alpha 8

Debian Installer: Stretch Alpha 8 released

Ce billet n’a pas encore été traduit en français. La version anglaise est disponible ci-dessous.

Release process

It took a few months after Stretch Alpha 7 (published 2016-07-04), but the Stretch Alpha 8 release of the Debian Installer happened a few days ago. Release preparations had to be delayed a bit because a fix was needed in the linux packaging (see bug report #839552) so that mounting FAT partitions worked again, since this is needed for EFI support.

As a release manager, Cyril has to make sure things look good enough for a release. This usually involves freezing udeb-producing packages for a while, so that the main set of packages used to build the Debian Installer doesn’t get any last minute changes that might bring some regressions while stabilization is in progress.

The debian-installer package got uploaded on 2016-10-27 but two major issues popped up:

  • some debian-installer builds got rejected by dak, because they contained an invalid Built-Using field (only on some architectures).
  • the late inclusion of a new debootstrap version triggered a regression, making it impossible to validate InRelease files and therefore impossible to trust repositories.

The first issue was due to the rather recent linux/linux-signed split. The idea behind this move is preparing for Secure Boot support, with linux being used to build linux kernel and modules as usual, and linux-signed holding extra signatures for them, so that they can be verified cryptographically. This exposed an awful and old bug which hadn’t been detected until now. Then an extra commit got added as a work around for the linux/linux-signed specific situation: code comes from the linux source package, so that’s what needs to be listed in Built-Using. Further improvements are planned (see bug report #842719), by checking for a possible Built-Using field in each udeb, so that this workaround can be replaced by some more generic code.

The second issue was due to the reintroduction of InRelease support. There are two ways of validating the contents of a given distribution on a Debian mirror: checking the Release file against its detached signature (Release.gpg), or checking the InRelease file alone, as it contains an inline signature. Since only gpgv is available in a Debian Installer environment, the idea was to split the InRelease file into two files: the Release file and its signature. The tricky part is that the final newline is dropped by GnuPG, so a little tr … | sed … | tr … dance was added to do the same. Unfortunately, while it works fine with usual implementations of those commands, that’s not the case with the busybox implementation used in Debian Installer, leading to a bad signature result during the installation process (see bug report #842591). Thankfully Ansgar Burchardt had a proof of concept ready with a simple state machine in POSIX shell, which Cyril could merge and upload to fix debootstrap-udeb, fixing this showstopper.

Major update: debootstrap and merged-/usr

As mentioned above, debootstrap was updated, but not only for InRelease support. It received a number of fixes and improvements (see the release announce for the details), but the biggest change deserves a longer explanation: debootstrap now defaults to merged-/usr.

Once upon a time, UNIX systems were booted from a floppy disk, and once the boot sequence had finished, one would mount extra resources onto the /usr directory: programs, libraries, home directories, etc. Nowadays, it makes little sense to keep the distinction between boot-time and non-boot-time tools, and it was proposed to get rid of this distinction entirely. One way to achieve this is as simple as setting up symlinks for a number of directories: bin, sbin, lib, and other libXX (one can find lib32, lib64, etc. depending on the architecture), respectively pointing at usr/bin, usr/sbin, usr/lib, etc. This approach means there’s no need to change any single package, it’s just about using a specific directories+symlinks setup at installation time.

The options to enable or disable this feature are --merged-usr and --no-merged-usr respectively. The Debian script (shared across many versions) was updated to default to merged-/usr for stretch and later, which explains why this Debian Installer Stretch Alpha 8 release now defaults to a merged-/usr setup.

Credits: This change was driven by both Marco d’Itri and Ansgar Burchardt, while Julien Cristau worked on most other changes. Thanks!

Some final notes:

  • There’s also a usrmerge package, making it possible to convert an existing system to this new scheme. As noted in its description: use it at your own risk, no going back is implemented there!
  • Some packages might not work properly with this specific setup, which explains why the usrmerge package has a number of Conflicts declared. One particular case is dpkg-shlibdeps (from the dpkg-dev package) which is used to resolve library packages when building Debian packages (see bug report #843073), but patches were published already.

Next release: Stretch Alpha 9

A few things are planned for the next release:

  • Better coordination with linux maintainers: A new upstream major release was getting ready to migrate to testing while Debian Installer was being prepared, and it migrated right after the release was published. As a result, the Stretch Alpha 8 netboot images were broken almost instantly: they can’t find the 4.7 linux module udebs in testing anymore since those got replaced with 4.8 udebs. Of course we could have switched to 4.8 but experience suggests releasing when things look good enough instead of taking new code at the last minute and hoping for the best (especially when considering the large codebase that the Linux kernel is). Anyway, this issue will be avoided by waiting for the upcoming ABI bump announced by Ben Hutchings.
  • Fix for remote installations: Support for screen (a terminal multiplexer) was added, but a further commit unfortunately broke network-console-based installations altogether (see bug report #844549). This will be fixed in the next release.
  • Switching theme from Lines to Soft Waves: The artwork proposal by Juliette Belin was selected for Stretch, and Aurélien Couderc proposed patches for debian-installer and rootskel-gtk. Things are getting polished and the theme switch will be effective in the next release.
  • Last Alpha release: Since the freeze is being entered slowly (we’re using a progressive freeze process again), it makes sense to switch to the Release Candidate versioning at some point. New features are going to be less likely anyway, so RC looks like a reasonable name for further versions.