diff options
author | David P. <megver83@parabola.nu> | 2023-09-04 16:44:42 -0300 |
---|---|---|
committer | David P. <megver83@parabola.nu> | 2023-09-04 16:44:42 -0300 |
commit | 2ee73fde244696c72a9abf834681d62dcd00e8b5 (patch) | |
tree | 46881f5e4f4412620045be600a68075523c5ce2c /CHANGELOG.rst | |
parent | 7e31288d37e0158133a2a812cdd4057374560ef5 (diff) |
sync with archiso v69v69
cd621f5 (tag: v69) Add changelog for 69
ff5c049 Merge remote-tracking branch 'origin/merge-requests/304'
995e0b7 Merge remote-tracking branch 'origin/merge-requests/303'
cca3eee fix typo in README.profile.rst
6e1be91 archiso/mkarchiso: write "uninitialized" to /etc/machine-id
55a1b13 configs/baseline/profiledef.sh: use LZMA compression for the EROFS image
dedfe03 configs/releng/syslinux/archiso_pxe-linux.cfg: replace checksum and verify with cms_verify=y
2da65f6 mkarchiso: check if the code signing files specified with option -c exist
2c34202 mkarchiso: open the ARCHISO_GNUPG_FD, ARCHISO_TLS_FD and ARCHISO_TLSCA_FD file descriptors only for reading
d31f388 mkarchiso: do not try to use an non existent GPG public key file
4ee6fdc mkarchiso: disable shellcheck warning when searching an array
76815b1 Merge remote-tracking branch 'origin/merge-requests/298'
9d391c0 Add Memtest86+ to x86_64 UEFI GRUB boot menu
4772949 configs/releng/airootfs/root/.zlogin: use grep -a to ensure /proc/cmdline is treated as text
Signed-off-by: David P. <megver83@parabola.nu>
Diffstat (limited to 'CHANGELOG.rst')
-rw-r--r-- | CHANGELOG.rst | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 52fe96f..a0065a8 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -14,6 +14,27 @@ Changed Removed ------- +[69] - 2022-12-24 +================= + +Added +----- + +- Add Memtest86+ to x86_64 UEFI GRUB boot menu. + +Changed +------- + +- Check if the GPG public key file was successfully placed in the work directory before trying to use it. +- Open the file descriptors for code signing certificates and GPG public key as read only. Nothing from the within the + ``pacstrap`` invoked chroot should ever be allowed to write outside of it. +- Error out early if any of the code signing certificate files passed with option ``-c`` do not exist. +- Use LZMA compressed EROFS image for the baseline profile. Now that xz 5.4 is out and erofs-utils is built with LZMA + support, using a higher compression is possible. +- Add ``/etc/machine-id`` with special value ``uninitialized``. The final id is generated at boot time, and systemd's + first-boot mechanim (see ``First Boot Semantics`` in ``machine-id(5)``) applies. No functional change unless that + ``ConditionFirstBoot=yes`` is true and passive unit ``first-boot-complete.target`` activates for ordering. + [68] - 2022-10-30 ================= |