Page MenuHomeVyOS Platform

Images no longer work when built without "recommended" packages
Closed, ResolvedPublicBUG

Description

By default, live-build installs packages from the Recommends: field of required packages. It installs quite a lot of packages we do not need and bloats the image. Not doing it would allow us to make images a lot smaller, quite possibly around 300M.

However, while trying to do it, I discovered that we have missing dependencies that would break the image if someone ever removes them from Recommends: of some package. An image built with --apt-recommends false fails to mount the config and work correctly. This may not be the only one issue, either.

We need to identify the missing dependencies and include them in the Depends: fields of our packages properly. Right now, disabling that option makes the images work again, but regardless of the bloat reduction work, we have a disaster waiting to happen. If someone at Debian changes some Recommends: fields, our build will stop working without warning.

I've saved package lists from the working and broken images. Here's a visual diff for easier inspection: https://www.diffchecker.com/OJHson3E

Let's find out which oned are actually required.

Details

Difficulty level
Hard (possibly days)
Version
1.2.0
Why the issue appeared?
Issues in third-party code
Is it a breaking change?
Behavior change

Event Timeline

pasik added a subscriber: pasik.May 15 2018, 9:54 PM
dmbaturin triaged this task as Wishlist priority.May 22 2018, 10:59 AM
dmbaturin moved this task from Need Triage to Wishlist on the VyOS 1.2 Crux board.May 24 2018, 5:22 PM
c-po added a subscriber: c-po.Dec 20 2019, 3:01 PM

On current Debian Buster tose are the lsit of installed packages. I have not found the reasion why building with --apt-recommends false makes the ISO unbootable

jestabro added a subscriber: jestabro.EditedDec 20 2019, 4:31 PM

My guess would be missing live-tools in the recommends=false case; live-tools replaces update-initramfs with its version. I'm building to check ...

c-po added a comment.EditedDec 20 2019, 7:49 PM

Also tried that:

diff --git i/data/live-build-config/package-lists/vyos-base.list.chroot w/data/live-build-conf
ig/package-lists/vyos-base.list.chroot
index 225af33..41db14f 100644
--- i/data/live-build-config/package-lists/vyos-base.list.chroot
+++ w/data/live-build-config/package-lists/vyos-base.list.chroot
@@ -2,3 +2,4 @@ debconf
 gpgv
 gnupg
 vyos-world
+live-tools
diff --git i/scripts/live-build-config w/scripts/live-build-config
index 61e71c0..1b31e4f 100755
--- i/scripts/live-build-config
+++ w/scripts/live-build-config
@@ -57,6 +57,7 @@ lb config noauto \
         --firmware-binary false \
         --updates true \
         --security true \
+        --apt-recommends false \
         --apt-options "--yes -oAPT::Default-Release="current" -oAPT::Get::allow-downgrades=true" \

         --apt-indices false
         "${@}"

It results in:

[    0.004963] do_IRQ: 1.55 No irq handler for vector
[    0.004963] do_IRQ: 2.55 No irq handler for vector
[    0.004963] do_IRQ: 3.55 No irq handler for vector
mount: /root/dev: /dev is not a block device.
run-init: /sbin/init: No such file or directory
Target filesystem doesn't have requested /sbin/init.
run-init: /sbin/init: No such file or directory
run-init: /etc/init: Permission denied
run-init: /bin/init: No such file or directory
/bin/sh: noautologin: No such file or directory
[   18.731202] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00007f00
[   18.731202]
[   18.740370] CPU: 0 PID: 1 Comm: sh Not tainted 4.19.89-amd64-vyos #1
[   18.746727] Hardware name: PC Engines apu4/apu4, BIOS v4.0.24 02/04/2019
[   18.753443] Call Trace:
[   18.755913]  0xffffffff96fc66b6
[   18.759067]  0xffffffff96a65d89
[   18.762214]  0xffffffff96a6a366
[   18.765378]  0xffffffff96a69f45
[   18.768530]  0xffffffff96a69fbf
[   18.771674]  0xffffffff96a03349
[   18.774822]  0xffffffff97000088
[   18.777971] RIP: 0033:0x00007f90794c09d6
[   18.781914] Code: Bad RIP value.
[   18.785154] RSP: 002b:00007ffea382d958 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   18.792730] RAX: ffffffffffffffda RBX: 00007f90795b1760 RCX: 00007f90794c09d6
[   18.799880] RDX: 000000000000007f RSI: 000000000000003c RDI: 000000000000007f
[   18.807029] RBP: 000000000000007f R08: 00000000000000e7 R09: ffffffffffffff80
[   18.814161] R10: 00007ffea382d80a R11: 0000000000000246 R12: 00007f90795b1760
[   18.821294] R13: 0000000000000001 R14: 00007f90795ba428 R15: 0000000000000000
[   18.828491] Kernel Offset: 0x15a00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   18.839279] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00007f00
[   18.839279]  ]---
[   18.849644] ------------[ cut here ]------------
[   18.854272] sched: Unexpected reschedule of offline CPU#1!
[   18.859775] WARNING: CPU: 0 PID: 1 at arch/x86/kernel/smp.c:128 0xffffffff96a3fc7f
[   18.867352] Modules linked in: usb_storage ohci_hcd uhci_hcd squashfs zstd_decompress xxhash loop overlay ext4 crc16 mbcache jbd2 raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor xor async_tx raid6_pq libcrc32c crc32c_generic raid1 raid0 multipath linear md_mod nls_ascii sd_mod mmc_block ahci libahci sdhci_pci crc32c_intel cqhci xhci_pci libata sdhci i2c_piix4 scsi_mod ehci_pci mmc_core xhci_hcd ehci_hcd
[   18.904559] CPU: 0 PID: 1 Comm: sh Not tainted 4.19.89-amd64-vyos #1
[   18.910917] Hardware name: PC Engines apu4/apu4, BIOS v4.0.24 02/04/2019
[   18.917624] RIP: 0010:0xffffffff96a3fc7f
[   18.921560] Code: 05 c6 80 c5 00 73 15 48 8b 05 3d 27 af 00 be fd 00 00 00 48 8b 40 30 e9 8f 33 7c 00 89 fe 48 c7 c7 00 04 4b 97 e8 a6 5f 02 00 <0f> 0b c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 8b 05 22 44 01
[   18.940321] RSP: 0018:ffff8d531aa03ee8 EFLAGS: 00010082
[   18.945549] RAX: 0000000000000000 RBX: ffff8d531a083700 RCX: ffffffff9762a618
[   18.952692] RDX: 0000000000000001 RSI: 0000000000000096 RDI: 0000000000000046
[   18.959832] RBP: 0000000000000000 R08: 0000000000000228 R09: 0720072007200720
[   18.966973] R10: 0720072007200720 R11: 0720072007200720 R12: ffffb79700017d68
[   18.974116] R13: ffff8d531aa1ca80 R14: ffff8d531aa1cfc0 R15: ffff8d531aa1cac0
[   18.981257] FS:  00007f90793f7740(0000) GS:ffff8d531aa00000(0000) knlGS:0000000000000000
[   18.989352] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   18.995104] CR2: 00007f90794c09ac CR3: 000000006600a000 CR4: 00000000000406f0
[   19.002237] Call Trace:
[   19.004700]  <IRQ>
[   19.006724]  0xffffffff96acf70a
[   19.009874]  0xffffffff96adf422
[   19.013028]  ? 0xffffffff96adf3f0
[   19.016353]  0xffffffff96ad0170
[   19.019502]  0xffffffff96ad076b
[   19.022655]  0xffffffff97001d64
[   19.025800]  0xffffffff9700180f
[   19.028947]  </IRQ>
[   19.031051] RIP: 0010:0xffffffff96a65e94
[   19.034980] Code: eb a6 83 3d 4d d4 fe 00 00 74 05 e8 26 1b 02 00 48 c7 c6 00 33 a5 97 48 c7 c7 f8 7a 4b 97 e8 0c 1d 05 00 fb 66 0f 1f 44 00 00 <31> db e8 f5 33 0a 00 4c 39 eb 7c 1d 41 83 f4 01 48 8b 05 f5 d3 fe
[   19.053743] RSP: 0018:ffffb79700017e10 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   19.061321] RAX: 0000000000000056 RBX: ffff8d531a083700 RCX: ffffffff9762a618
[   19.068459] RDX: 0000000000000000 RSI: 0000000000000096 RDI: 0000000000000046
[   19.075600] RBP: ffffb79700017e80 R08: 0000000000000226 R09: 0720072007200720
[   19.082744] R10: 0720072007200720 R11: 0720072007200720 R12: 0000000000000000
[   19.089884] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff97625fa0
[   19.097029]  0xffffffff96a6a366
[   19.100179]  0xffffffff96a69f45
[   19.103324]  0xffffffff96a69fbf
[   19.106470]  0xffffffff96a03349
[   19.109616]  0xffffffff97000088
[   19.112761] RIP: 0033:0x00007f90794c09d6
[   19.116691] Code: Bad RIP value.
[   19.119929] RSP: 002b:00007ffea382d958 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   19.127507] RAX: ffffffffffffffda RBX: 00007f90795b1760 RCX: 00007f90794c09d6
[   19.134646] RDX: 000000000000007f RSI: 000000000000003c RDI: 000000000000007f
[   19.141788] RBP: 000000000000007f R08: 00000000000000e7 R09: ffffffffffffff80
[   19.148931] R10: 00007ffea382d80a R11: 0000000000000246 R12: 00007f90795b1760
[   19.156071] R13: 0000000000000001 R14: 00007f90795ba428 R15: 0000000000000000
[   19.163223] ---[ end trace f5a47c9f25cfef5e ]---
c-po added a comment.Dec 20 2019, 9:08 PM

According to https://live-team.pages.debian.net/live-manual/html/live-manual/customizing-package-installation.en.html#474 some more packages are required.

Even the following change won't boot (yet)

diff --git i/data/live-build-config/package-lists/vyos-base.list.chroot w/data/live-build-conf
ig/package-lists/vyos-base.list.chroot
index 225af33..2cf9641 100644
--- i/data/live-build-config/package-lists/vyos-base.list.chroot
+++ w/data/live-build-config/package-lists/vyos-base.list.chroot
@@ -2,3 +2,15 @@ debconf
 gpgv
 gnupg
 vyos-world
+live-config
+user-setup
+live-tools
+keyboard-configuration
+locales
+sudo
+cpio
+file
+apt-utils
+bzip2
+wget
+xz-utils
diff --git i/scripts/live-build-config w/scripts/live-build-config
index 61e71c0..1b31e4f 100755
--- i/scripts/live-build-config
+++ w/scripts/live-build-config
@@ -57,6 +57,7 @@ lb config noauto \
         --firmware-binary false \
         --updates true \
         --security true \
+        --apt-recommends false \
         --apt-options "--yes -oAPT::Default-Release="current" -oAPT::Get::allow-downgrades=true" \

         --apt-indices false
         "${@}"

@jestabro maybe you have an additional idea.

jestabro added a comment.EditedDec 23 2019, 8:56 PM

This appears to be a moving target in at least one sense:
The package lists I now see differ from what is listed in the files above; one notable difference is a missing 'systemd-sysv':

diff --ignore-space-change -y norec-vyos-build/build/live-image-amd64.packages vanilla-vyos-build/build/live-image-amd64.packages|grep systemd-sysv
                                                              > systemd-sysv    241-7~deb10u2

Adding that to

data/live-build-config/package-lists/vyos-utils.list.chroot

allows the live image to boot. However, it boots with a 'Configuration error'. An earlier test with the above, and other likely needed packages, booted fine and allowed an install. So, need to narrow down the minimum set of packages needed.

c-po added a comment.EditedFeb 2 2020, 8:34 AM

Followup, some screenshots on the mentioned problem:

loading the configuration manually results in:

Or enabling SSH

c-po added a comment.Feb 2 2020, 8:41 AM

dbus package is missing, too - another offender

c-po changed the task status from Open to In progress.Feb 2 2020, 9:33 AM
c-po claimed this task.
c-po changed Why the issue appeared? from Will be filled on close to Issues in third-party code.
c-po set Is it a breaking change? to Behavior change.
c-po moved this task from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
c-po added a comment.Feb 2 2020, 9:59 AM

Boots now as expectd after adding the remaining dependencies to the VyOS/Vyatta packages.

c-po closed this task as Resolved.Feb 2 2020, 10:02 AM
c-po moved this task from In Progress to Finished on the VyOS 1.3 Equuleus board.
c-po added a comment.Feb 2 2020, 11:05 AM

  • 538 MB -> current status without modifications
  • 506 MB -> removved /usr/share/docs
  • 394 MB -> --apt-recommends false