Skip to content

GitLab

Closed
Created by intrigeri@intrigeriMaintainer15 of 15 tasks completed15/15 tasks

Migrate away from vmdebootstrap (and possibly from Vagrant)

Originally created by @intrigeri on #15349 (Redmine)

Problem statement

We use vmdebootstrap to build the VM image used for building Tails ISO images with Vagrant (vagrant/definitions/tails-builder/generate-tails-builder-box.sh)..) vmdebootstrap barely made it in Buster and will not be in Bullseye.

Work in progress

Based on the 15349-vmdb2 branch:

  • generate Vagrant box with vmdb2 that boots
  • integrate into the build system so it's easy to test and work on
  • drop --rootfs-tarball and container image support (apparently that option is still needed)
  • build Tails images using that Vagrant box
  • size: 2 vs. 20GB
  • set -u
  • clean up artifacts on error/exit
  • get APT serials dynamically
  • remove vmdebootstrap leftovers: customize.sh, postinstall.sh
  • compare to our existing scripts, looking for missing or outdated bits
  • make sure we pass mitigations=off to the kernel command-line
  • update doc: git grep vmdebootstrap
  • before merging, try to reproduce the latest Tails release (check out the tag, then apply this whole branch's diff without committing, edit box_name() in vagrant/lib/tails_build_settings.rb so it returns the vagrant box name that you want to try (i.e. one generated with this branch, possibly built with the same APT serials as the release we're trying to reproduce) and then build with the ignorechanges option)
  • Bring back lost comments
  • send heads up to tails-dev@

Sources of inspiration

And wrt. replacing Vagrant altogether, see:

Attachments

Related issues

Edited by intrigeri
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information