I apologise if this is not the appropriate list for the following issue,
but...
Is it possible to upgrade the Linux kernel on a kickstart CD?
I've changed the vmlinuz and initrd.img files in the isolinux directory
from the distro's ISO image; so kernel 2.6.32-504.3.3.el6.i686 now boots
from a DVD, and loads the appropriate modules and firmware from the
stage 1 initrd.img.
However, anaconda (13.21.229) exits abnormally with a DBusException
(org.freedesktop.DBus.Error.NoReply); possibly because NetworkManager is
unable to launch the wpa_supplicant.
Anaconda appears to be choking during initialisation:
anaconda.id = instClass.installDataClass(anaconda, extraModules,
opts.display_mode, anaconda.backend)
File "/usr/lib/anaconda/instdata.py", line 324, in __init__
self.reset()
File "/usr/lib/anaconda/instdata.py", line 64, in reset
self.network = network.Network()
File "/usr/lib/anaconda/network.py", line 308, in __init__
self.update()
File "/usr/lib/anaconda/network.py", line 326, in update
devhash = isys.getDeviceProperties(dev=none)
File "/usr/lib/anaconda/isys.py", line 375, in getDeviceProperties
bus = dbus.SystemBus()
File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 202, in
__new__
private=private()
File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 108, in
__new__
bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop)
File "/usr/lib/python2.6/site-packages/dbus/bus.py", line 125, in
__new__
bus = cls._new_for_bus(address_or_type, mainloop=mainloop)
dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did
not receive a reply. Possible causes include: the remote application did
not send a reply, the message bus security policy blocked the reply, the
reply timeout expired, or the network connection was broken.
install exited abnormally [1/1]
The system will be rebooted when you press Ctrl-C or Ctrl-Alt-Delete.
The shell prompt is available on tty2; and so I can see the syslog,
which has repeated messages at its tail end:
INFO NetworkManager: <info> Trying to start the supplicant
So, something needs to be changed somewhere (kernel recompilation?
missing module? wpa_supplicant / NM upgrade? stage 2 install.img?) which
is where I'm stuck. Do I need to hack Wifi NIC related lines out of
anaconda?
The reason that I'd like the final kernel version to be running during
the install, is that it's needed to compile the low-level driver for a
FIPS-140 crypto coprocessor. The target system will be an off-line
certification authority system, and will certainly not need Wifi (in
fact the hardening procedure foresees removal of most network hardware
drivers).
I know I could do everything in three stages (initial install - software
upgrade - crypto driver install); but being able to do everything in one
go would simplify business continuity / bare metal recovery.
In the meantime, I'm very happy to have learned something about anaconda
/ kickstart and so on, which will be very useful in future.
If there's a quick fix to the above issues, I'd be happy to hear it.
Thanks in advance
James Bishop
--
_____________________________________________
James Bishop
European Commission - Joint Research Centre
IPSC Unit G.5 (TP.723)
Via E.Fermi, 2749
I - 21027 Ispra (VA)
Italy
Tel.: +39 0332 786225
Fax.: +39 0332 786280
e-mail: james.bishop at jrc.ec.europa.eu
On 01/08/2015 11:18 AM, James Bishop wrote:> I apologise if this is not the appropriate list for the following > issue, but... > > Is it possible to upgrade the Linux kernel on a kickstart CD? > > I've changed the vmlinuz and initrd.img files in the isolinux > directory from the distro's ISO image; so kernel > 2.6.32-504.3.3.el6.i686 now boots from a DVD, and loads the > appropriate modules and firmware from the stage 1 initrd.img. > > However, anaconda (13.21.229) exits abnormally with a DBusException > (org.freedesktop.DBus.Error.NoReply); possibly because NetworkManager > is unable to launch the wpa_supplicant. > > Anaconda appears to be choking during initialisation: > > anaconda.id = instClass.installDataClass(anaconda, extraModules, > opts.display_mode, anaconda.backend) > File "/usr/lib/anaconda/instdata.py", line 324, in __init__ > self.reset() > File "/usr/lib/anaconda/instdata.py", line 64, in reset > self.network = network.Network() > File "/usr/lib/anaconda/network.py", line 308, in __init__ > self.update() > File "/usr/lib/anaconda/network.py", line 326, in update > devhash = isys.getDeviceProperties(dev=none) > File "/usr/lib/anaconda/isys.py", line 375, in getDeviceProperties > bus = dbus.SystemBus() > File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 202, in > __new__ > private=private() > File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 108, in > __new__ > bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop) > File "/usr/lib/python2.6/site-packages/dbus/bus.py", line 125, in > __new__ > bus = cls._new_for_bus(address_or_type, mainloop=mainloop) > dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did > not receive a reply. Possible causes include: the remote application > did not send a reply, the message bus security policy blocked the > reply, the reply timeout expired, or the network connection was broken. > install exited abnormally [1/1] > The system will be rebooted when you press Ctrl-C or Ctrl-Alt-Delete. > > The shell prompt is available on tty2; and so I can see the syslog, > which has repeated messages at its tail end: > > INFO NetworkManager: <info> Trying to start the supplicant > > So, something needs to be changed somewhere (kernel recompilation? > missing module? wpa_supplicant / NM upgrade? stage 2 install.img?) > which is where I'm stuck. Do I need to hack Wifi NIC related lines out > of anaconda? > > The reason that I'd like the final kernel version to be running during > the install, is that it's needed to compile the low-level driver for a > FIPS-140 crypto coprocessor. The target system will be an off-line > certification authority system, and will certainly not need Wifi (in > fact the hardening procedure foresees removal of most network hardware > drivers). > > I know I could do everything in three stages (initial install - > software upgrade - crypto driver install); but being able to do > everything in one go would simplify business continuity / bare metal > recovery. > > In the meantime, I'm very happy to have learned something about > anaconda / kickstart and so on, which will be very useful in future. > > If there's a quick fix to the above issues, I'd be happy to hear it. > > Thanks in advance > James BishopSounds like the "Rolling media" announced in: http://lists.centos.org/pipermail/centos-announce/2014-December/020807.html could be useful to you, although judging by the kernel version you mentioned, it looks like you're looking for CentOS 6 updates. Unfortunately, it appears the rolling media is only available for CentOS 7 at the moment. Did you update modules.dep and modules.alias in the stage1 image? -Greg
I'm looking for an image for CentOS v7 to download.... Any suggestion on a suitable website? Sent from my iPhone> On Jan 8, 2015, at 1:30 PM, Greg Bailey <gbailey at lxpro.com> wrote: > >> On 01/08/2015 11:18 AM, James Bishop wrote: >> I apologise if this is not the appropriate list for the following issue, but... >> >> Is it possible to upgrade the Linux kernel on a kickstart CD? >> >> I've changed the vmlinuz and initrd.img files in the isolinux directory from the distro's ISO image; so kernel 2.6.32-504.3.3.el6.i686 now boots from a DVD, and loads the appropriate modules and firmware from the stage 1 initrd.img. >> >> However, anaconda (13.21.229) exits abnormally with a DBusException (org.freedesktop.DBus.Error.NoReply); possibly because NetworkManager is unable to launch the wpa_supplicant. >> >> Anaconda appears to be choking during initialisation: >> >> anaconda.id = instClass.installDataClass(anaconda, extraModules, opts.display_mode, anaconda.backend) >> File "/usr/lib/anaconda/instdata.py", line 324, in __init__ >> self.reset() >> File "/usr/lib/anaconda/instdata.py", line 64, in reset >> self.network = network.Network() >> File "/usr/lib/anaconda/network.py", line 308, in __init__ >> self.update() >> File "/usr/lib/anaconda/network.py", line 326, in update >> devhash = isys.getDeviceProperties(dev=none) >> File "/usr/lib/anaconda/isys.py", line 375, in getDeviceProperties >> bus = dbus.SystemBus() >> File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 202, in __new__ >> private=private() >> File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 108, in __new__ >> bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop) >> File "/usr/lib/python2.6/site-packages/dbus/bus.py", line 125, in __new__ >> bus = cls._new_for_bus(address_or_type, mainloop=mainloop) >> dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. >> install exited abnormally [1/1] >> The system will be rebooted when you press Ctrl-C or Ctrl-Alt-Delete. >> >> The shell prompt is available on tty2; and so I can see the syslog, which has repeated messages at its tail end: >> >> INFO NetworkManager: <info> Trying to start the supplicant >> >> So, something needs to be changed somewhere (kernel recompilation? missing module? wpa_supplicant / NM upgrade? stage 2 install.img?) which is where I'm stuck. Do I need to hack Wifi NIC related lines out of anaconda? >> >> The reason that I'd like the final kernel version to be running during the install, is that it's needed to compile the low-level driver for a FIPS-140 crypto coprocessor. The target system will be an off-line certification authority system, and will certainly not need Wifi (in fact the hardening procedure foresees removal of most network hardware drivers). >> >> I know I could do everything in three stages (initial install - software upgrade - crypto driver install); but being able to do everything in one go would simplify business continuity / bare metal recovery. >> >> In the meantime, I'm very happy to have learned something about anaconda / kickstart and so on, which will be very useful in future. >> >> If there's a quick fix to the above issues, I'd be happy to hear it. >> >> Thanks in advance >> James Bishop > > Sounds like the "Rolling media" announced in: > > http://lists.centos.org/pipermail/centos-announce/2014-December/020807.html > > could be useful to you, although judging by the kernel version you mentioned, it looks like you're looking for CentOS 6 updates. Unfortunately, it appears the rolling media is only available for CentOS 7 at the moment. > > Did you update modules.dep and modules.alias in the stage1 image? > > -Greg > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos
On 08/01/15 20:30, Greg Bailey wrote:> On 01/08/2015 11:18 AM, James Bishop wrote: >> I apologise if this is not the appropriate list for the following >> issue, but... >> >> Is it possible to upgrade the Linux kernel on a kickstart CD? >> >> I've changed the vmlinuz and initrd.img files in the isolinux >> directory from the distro's ISO image; so kernel >> 2.6.32-504.3.3.el6.i686 now boots from a DVD, and loads the >> appropriate modules and firmware from the stage 1 initrd.img. >> >> However, anaconda (13.21.229) exits abnormally with a DBusException >> (org.freedesktop.DBus.Error.NoReply); possibly because NetworkManager >> is unable to launch the wpa_supplicant. >> >> Anaconda appears to be choking during initialisation: >> >> anaconda.id = instClass.installDataClass(anaconda, extraModules, >> opts.display_mode, anaconda.backend) >> File "/usr/lib/anaconda/instdata.py", line 324, in __init__ >> self.reset() >> File "/usr/lib/anaconda/instdata.py", line 64, in reset >> self.network = network.Network() >> File "/usr/lib/anaconda/network.py", line 308, in __init__ >> self.update() >> File "/usr/lib/anaconda/network.py", line 326, in update >> devhash = isys.getDeviceProperties(dev=none) >> File "/usr/lib/anaconda/isys.py", line 375, in getDeviceProperties >> bus = dbus.SystemBus() >> File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 202, in >> __new__ >> private=private() >> File "/usr/lib/python2.6/site-packages/dbus/_dbus.py", line 108, in >> __new__ >> bus = BusConnection.__new__(subclass, bus_type, mainloop=mainloop) >> File "/usr/lib/python2.6/site-packages/dbus/bus.py", line 125, in >> __new__ >> bus = cls._new_for_bus(address_or_type, mainloop=mainloop) >> dbus.exceptions.DBusException: org.freedesktop.DBus.Error.NoReply: Did >> not receive a reply. Possible causes include: the remote application >> did not send a reply, the message bus security policy blocked the >> reply, the reply timeout expired, or the network connection was broken. >> install exited abnormally [1/1] >> The system will be rebooted when you press Ctrl-C or Ctrl-Alt-Delete. >> >> The shell prompt is available on tty2; and so I can see the syslog, >> which has repeated messages at its tail end: >> >> INFO NetworkManager: <info> Trying to start the supplicant >> >> So, something needs to be changed somewhere (kernel recompilation? >> missing module? wpa_supplicant / NM upgrade? stage 2 install.img?) >> which is where I'm stuck. Do I need to hack Wifi NIC related lines out >> of anaconda? >> >> The reason that I'd like the final kernel version to be running during >> the install, is that it's needed to compile the low-level driver for a >> FIPS-140 crypto coprocessor. The target system will be an off-line >> certification authority system, and will certainly not need Wifi (in >> fact the hardening procedure foresees removal of most network hardware >> drivers). >> >> I know I could do everything in three stages (initial install - >> software upgrade - crypto driver install); but being able to do >> everything in one go would simplify business continuity / bare metal >> recovery. >> >> In the meantime, I'm very happy to have learned something about >> anaconda / kickstart and so on, which will be very useful in future. >> >> If there's a quick fix to the above issues, I'd be happy to hear it. >> >> Thanks in advance >> James Bishop > > Sounds like the "Rolling media" announced in: > > http://lists.centos.org/pipermail/centos-announce/2014-December/020807.html > > could be useful to you, although judging by the kernel version you > mentioned, it looks like you're looking for CentOS 6 updates. > Unfortunately, it appears the rolling media is only available for CentOS > 7 at the moment. > > Did you update modules.dep and modules.alias in the stage1 image? > > -Greg > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centosThanks Greg, I think so: I used depmod in the attached bash script (update_initrd.sh); on my system, the command expands to: /sbin/depmod -b /tmp/initrd -F /tmp/root/boot/System-map-2.6.32-504.3.3.el6.i686 2.6.32-504.3.3.el6.i686 where /tmp/initrd is the working directory for preparing the initrd file system; /tmp/root is where the kernel and kernel-firmware packages have been extracted. The script is my attempt at copying only the kernel modules already present in the original initrd. It also looks for RPMs required by the latest kernel version (it identified kernel-firmware, initscripts and iproute), and copies changed executables (only the ip command). Thankyou for suggesting the Rolling media; I'll take a look at that. I'm using CentOS 6 because I based my hardening process on the DISA STIG for RHEL6; I haven't checked to see if there is now an equivalent for CentOS 7. James -- _____________________________________________ James Bishop European Commission - Joint Research Centre IPSC Unit G.5 (TP.723) Via E.Fermi, 2749 I - 21027 Ispra (VA) Italy Tel.: +39 0332 786225 Fax.: +39 0332 786280 e-mail: james.bishop at jrc.ec.europa.eu