Friday, 24 February 2023

Re: Possibility of accepting a network-based installer of Ubuntu as an official flavor?

-----BEGIN PGP PUBLIC KEY BLOCK-----

xsFNBGK1EIMBEADHOgoAZc5nrinifrFwsBlKwatjLZnrAat305eKPCrVfDLAcGmu
84e4x/fuQXqOsJl6YmgSp42YWDQReHQd2NC2xlxNLJc/sEIqA4S4DkRbCz21KjNm
6msu6LLozBoQiz3xOBlpQEDeez05bRR68KPumeAN8epY/wE2ma87F42Dj6vuz7KH
xk5I9GLk1PPkN3pqnNqfxMdVOL+pGuXyr4bPLyFLnEuRS6T832JxJEKvNqu0mwmY
5Ft+vMk2dim4EQXhw+Nzp69lbj0+EWp6mr/5EOLMVTtNCtsfopEc/vR7t2T5dPS+
r/Lwh+TdIcGjvMcwyCJiRtoIAQXoc/xZHJXLXeEmSWYxxNlQaAs12u3Xq997X9Hj
nlzH+KJtxxlt1ynlOeLrBhDp0MhELLeFZxqj4bcjC9Wr/5+6PdnaS/rZMxl9j01E
KzpVbZ9R0419GuSKyG2HDoCZbeG4+tx3UNTLXW7Lbykqp9nS3iiPGvRmAXZa2dGF
Xf99OPKh1io995NPV8zaPYzfKUCGAhMz0zvqGhL0ZhR7y6fdeD2k3hWt5B4EWSKj
aPPGGuHdekp2gHwmf8HVXNd1srLKhe3pEVWXrSAPl2VNYzsueKekDQoRKOgZLjkT
lMoyBiMFo1UUFZejT2t8fkGNxtApKQyXfOU+X4I9U9bJPYxn1SGnDbkGUwARAQAB
zSVBYXJvbiBSYWluYm9sdCA8YXJyYXlib2x0M0BnbWFpbC5jb20+wsGOBBMBCgA4
FiEEGyUkJnEyd/G1XNyOYWm5tCSMBGQFAmK1EIMCGwMFCwkIBwIGFQoJCAsCBBYC
AwECHgECF4AACgkQYWm5tCSMBGQIIQ/+NlR1RftNCbjT8GFfcYhd+uPNqf34Qs8c
9mhTRM1H4X7xgULSbA7MXNfjJkTmyDvmDP+kgG6ae5lPta6BbCn04Gl8548bFCUS
lSXi+xsAR10K9RDj305wsfebudG4Nx+EmGB3aCZKTHBBbftQXeaffH5T8aeM/jfB
90yhy/FaPBeY7DoJBCFXy06XiOc4J5Z7ayFoXSNF/km+2wyG6ikO6y+WnSwUcx96
sa7PzoJip9cQ4vExaOBxU9r+d6vij4nam+NcHKRWSFL9NOAdKmtqqUpePhr5YdAQ
lj7ehi1DkRpdEHgCNkR/eXRw2nIwmxBz9eQ+O/wvWz1g2nnl3UFbW3re5Tl+7CO+
kc6jUGRh5uJnAom5fdLm+5BBNlQa8sYsmXdfcvw2XOrI0QNfGF4GDouOILz+IKUK
b7bPq9OjjHexaqX1IYl5p4J7EngNt3erAhc1PzYEjoaDDTICi5HNQbiu/rlD+2tx
zvi1Ac+U9o/pngHoUt+gwbhFJ31HOifMXKZpQIMtM4N9PzGLxDM92r5PtBbXCDCs
UPPDFFAJTtCG0DYfy6WgUk7ID3Tyuk7ZrtXEyyRxFjzbwoQ1qYkRcT6T2HzdLRK2
ESI+rPZHh0iniJLfSoURJrw4k4qR9Bfe4nqSzL5z6gqWHE28VuWHK2eCSUp9kaWe
IwmvSy0KJHDNJkFhcm9uIFJhaW5ib2x0IDxhcnJheWJvbHQzQHVidW50dS5jb20+
wsGOBBMBCgA4FiEEGyUkJnEyd/G1XNyOYWm5tCSMBGQFAmOWP3sCGwMFCwkIBwIG
FQoJCAsCBBYCAwECHgECF4AACgkQYWm5tCSMBGRjGxAAwZq20jpfy+3mys5mDLyx
K+ULt4csip+6t1/Oa3f8M5kS6GMMiY5xQ/xVL0IpimGPBrv9bfbGnFRgVwsGWdwh
yl43YqwzM4jTO/r0dGiSj+rsL99oW/0SA0H4xa5/RtdzpOmyJia0OplQ79KtgBY0
t8DhnSLhRxXo/Ngsb9mG6+5ZGwJgS11o/YBqjCycC1D1INFBwOP6OjOZqY1D9Orz
p/aHVEdxLuiL8aSPIrgq5E843fueOONaMUAG0YtNZaEFvrBe8W6TCgCShYAkA58B
0R/1L9D03ESHIfaHoMAw7psBDhgSp7FXIV2LJTlJIVUEg4gpJRjU5t6aDDJiN3v0
ofymPHTDxzAOw/Ln3WSRj/2VLnqVjUXmvkLB3+VCPxS4eVRYGZaxYUtu360xghom
N774gFui5NGp09Hnz8bImVL7RaS1XH5pIQCAjTZJBHq/0HJewL8eYEKIwMf4nQB0
ZjOihDUuWiQdyK/M0y/YHTz01gkp595pMOq6ChvweahdjXI5bW0Tygyaqkxq40OD
AgcAbtcdfOGr148Fd7fy0j7mEgRpob6IMyhfpHr09C05fn1p7H5ufmpKp3JaFhDW
U78mEt1V28qs7BS6zL+ElnQ0F0wEDazVqf4bPprdjKIVV2pj/IS6nLo0lzsyzTv6
OqY/xB2oZRelnuyKnY+DcQPNJkFhcm9uIFJhaW5ib2x0IDxhcnJheWJvbHQzQGx1
YnVudHUubWU+wsGOBBMBCgA4FiEEGyUkJnEyd/G1XNyOYWm5tCSMBGQFAmOWP64C
GwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQYWm5tCSMBGTZAxAAkEgaRPgr
byRUAjXTOJ+mYJjO7Q/jqX9p8z5d6vdNOrdXRKjF6LV0ELh3ZRb1HRkPhXpbf4kR
tkeNGRa51V2k8VoMZ1O/vPx64mFsTiGW7r7HeAlE1puY6Js/GUepWxYPjUopqetM
cv6RN2RN+Fy0YSfhfERckuIAeQytsoVCDZ5UO0DGHIkOUgBvTxfMck2SYcRM9ShQ
jBLRUIp5spkRMdiCrIa4/W2Qi1uF/eNDsNA9zASfwS191WRVjINQPkjAoGU7xXdD
rGG1mmra/+CbdPAb/uDAeptTD6mqKQBXfi1DxzSZEEk9jcmWgoEB5hXwMiS1Is3U
GHUKGb6b9ALuuk/faAFhQnp9ySG1+IRA1F5vMTqnR/o2byxMBeCwwBrRjqVbsuUS
8etUyc2hOWl3MGizkvnRUzsDTdDa0V79ULgq3PXDFGLY4M05Kw3XIqxRzFNFNYOQ
eQgo5ffgCFJjM39JMbskAW8Rf9M48A0+uDjnKI5Lmx3b24PEv/JXC0ZINE80bjVD
NHsZsttZ8Detq/RbP6PTteiR47MzpwfcTVPbQTzLEU6R32u0Pxwy7IwfZCYv5cj3
Zvyw/DIQ8nAIlQKSxe4hUnaY03wN+a3PEYAoLbUhonHbmIYyLGNnbWRHLWpa/HCN
Y1KE/BNbAi/kcvarIuUABNfmhcAoyFqqUfzOwU0EYrUQgwEQANRh1tauLl2Ex85n
M7G8nlioGlgReuJ1qq+3OnDPAFTBbncsRcgnyj0suldPI7Cw6kDF0chr4iZvoDIm
wGa/fENkiJV53cRrK7Tu6hIvSvqSSbU7QHS9x9CjuSjmFxs9cmkIqVMbX+IQA3hJ
wVYRsvwX5+rv4j92Cquhl6Zl63iTUvaIjyFkR7cqz+EufU0xi45iTi/IvBFli68h
EA6ioJLdBBa1N47b99S2TwDhwYBn6s1J23qWJlldWixPI0TFrcIkaMgdfIOZa6qr
7P2/8E8HxYqDyq2Z9OLrQNnL4KNmi8RKV3NKjZ1PSQXV+bARof+ulGxdV00UqyWn
BUogwbZOmZ87gACEooy8fTCAEWDOSwb5+IdxrwWlXQz+W7ubi+EzsCVMNebvgobP
6p9SIC0G2LfsU0sYuQ2F1TgsM6i1U0llRmTI9hZy4rfL6fS8doX11faEI99BfsMo
mEFXhbRoZYnqQKr7YwxVUpaRTFZtr1GdALjHtNZmmGKR3Pok+7nYNomarpSVDOdy
2CT5+DR9KLEeQTWqPt/UcxD+IMFEK4QPhNL82cEt8BbwglXn1mtoyHMEbEtJg838
lBuTxS6eJtvzdWzsyDAsP8Vmm+Y90S6RsH+a/WSsbqN8nwO3BTbrkT2egYWw6L0T
n6+DmpqtuiUJzZrrHyyEtVPq18OpABEBAAHCwXYEGAEKACAWIQQbJSQmcTJ38bVc
3I5habm0JIwEZAUCYrUQgwIbDAAKCRBhabm0JIwEZGz0D/4jik8GNNeBuAyIJHg2
4Zrf+V5n/O1Ezl3QC6J0tn3QlljnogcWZUDIp9k3J3Xsn6MeAia8RQAYVJufbq1H
UqdlOESdqrX5XSDJ0Y3EpxNkKcrXNMS/lG+knoXDI3wa1MRYnYTeCLNJzWhid8iS
q/iYnJIMHO9F0uPSqFRn5Idc6jrJj9Cpoqmfxddz8n0Jhdfi6mb3lrJY4Q+zDCtS
Ibljq3YIW6YZKTksaXMqU1iJLIlL0KT8ca042bvxKwC2aP9rUrqpHLvMMvfQ2twd
GCv/AhkgrjxhQLL9yr1biNqHLosDo9XzvHP6jOgl8jCa8GCBmLlYhxlupd+vlfE+
CMlJaOhcxdk4EbvU6nnY8C42gD0LLcoO2WRVIS3vekhA2x9r0XPUsb0uC8dxKQy6
Lv8UsY75WW9E4Ip08CFlY6ARmMcLOhzM+Kld2QCVp4NUZlj38VOpSiDxN53dC7DR
QU78H41ZpRov8XZUQmT/RXIe3wPd7TsgbabCljJRK8423T40QoChoLzU7WlxDFUY
ca5KakZJMGQLJDUr2fZGbxQHBxShd7SLhDal3KXW3LAHuR/jP7qcZK1vD1z/t8P0
zBoRuSsk0ZT17P27apwDhK0Jhz/LUF79bnFj3u6wSGt0YvDL74wdl5WkxjgE5zBo
mNwmYeajA7NuoUCxxAIjVwT38w==
=O7LZ
-----END PGP PUBLIC KEY BLOCK-----
On 2/24/23 11:51, Dan Bungert wrote:
>>> On Fri, 24 Feb 2023 at 04:54, Aaron Rainbolt <arraybolt3@ubuntu.com> wrote:
>>>> I've seen more than one person annoyed by the fact that the mini.iso
>>>> netinstaller is no more.
>>>> The "flavor" would be able to be held in a
>>>> very small ISO file (preferably CD sized), and it would download and
>>>> install all of the packages that make up the Ubuntu system at runtime.
>>>> This would allow a user to install Ubuntu or any desired flavor thereof
>>>> using a single installation medium, rather than having to flash an ISO
>>>> every time they want to make a drive install a different flavor. The new
>>>> installation would be entirely up-to-date from the get-go, and it would
>>>> enable the use of existing small storage media for those users who don't
>>>> have sufficiently sized optical discs or flash drives.
> Hi Aaron,
>
> As Lukasz mentioned, I've been looking at relevant things, and expect that we
> can have the first version of ubuntu-mini-iso running this cycle. I missed
> feature freeze, so I'll be filing that exception :).
>
> Lukasz wrote a perfect summary of the work so far, so I'll quote it here:
>>> The ubuntu-mini-iso is a small bootable iso that can be either
>>> downloaded and used on a CD/USB-drive or even via UEFI HTTP that
>>> brings up a dynamic TUI menu of what Ubuntu images you want to
>>> download/install to your target system. It uses simplestreams to
>>> select which images, so it'll be quite customizable regarding the
>>> selection. The difference is that it then downloads the
>>> iso-of-interest into memory and chain-boots into it, allowing the
>>> installation of any image as one would normally do. This has some
>>> limitations of course, since it needs sufficiently enough RAM.
> So I think that will address much of what you were aiming for.
>
> Size: the bootleg builds I'm doing of this are around 140 MiB, I expect the
> official builds to produce a similar answer. It could potentially be smaller,
> the size today is dominated by use of the existing Ubuntu initrd with a few
> things added on top. (compare to the size of /boot/initrd.img)
>
> Download at runtime: ubuntu-mini-iso achieves this by presenting a menu of ISOs
> that we could download, then with the user selection, reserving some memory,
> downloading that ISO, and then kexecing to it.

This makes good sense to me. The concern I'm noticing here is that
Secure Boot activates a kernel lockdown mode that prohibits kexec. One
workaround may be to have the user choose the release of Ubuntu to
install at a GRUB menu so that a pre-existing kernel and initrd can be
loaded, but this would bloat the ISO and complicate its use.

Another possible solution might be to use mokutil to disable Secure Boot
verification in the shim (essentially turning Secure Boot off without
needing to get the BIOS involved), then rebooting the system. Then
Secure Boot can be re-enabled with mokutil and then the ISO downloaded
and kexec'd. When the user finishes installation and reboots, Secure
Boot will be active again. This might complicate things with third-party
drivers though.

Perhaps we just live with no Secure Boot support?

> ISOs in the menu: there is a casper hook that downloads simplestream json data
> and hands it to the menu application, a small ncurses app that analyzes the
> json, finds what ISOs to offer, and does so. The user chooses an entry from
> the menu, that info is handed back to the casper scripts, which download it and
> we chain boot.
>
> That menu could be extended for Flavors support, perhaps conceptually similar
> to how flavors are shown today on https://releases.ubuntu.com/. The relevant
> code is at: https://github.com/canonical/mini-iso-tools
> It's not necessary to build an ISO to start playing with the menu, if you
> download that, get the dependencies installed, `make run`, and you can see what
> the menu looks like.
>
> If you're interested to help, Aaron, a good starting point would be to add
> entries to https://github.com/canonical/mini-iso-tools/blob/main/json.c#L27 to
> teach the menu how to read the simplestreams for the flavors.
>
> The existing menu can fit on a single screen, so if we start adding flavors I
> think it will need some nested menu support, but that's achievable.
>
> I have done a hacked test run of having this new mini-iso chainboot to lubuntu
> 22.04.2 and it all works fine.
Nice, sounds awesome. Thank you for the info, and I'll see if I can hack
on this at some point!
> -Dan

--
Aaron Rainbolt
Lubuntu Developer
https://github.com/ArrayBolt3
https://launchpad.net/~arraybolt3
@arraybolt3:lubuntu.me on Matrix, arraybolt3 on irc.libera.chat