veilor-org/veilor-os
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions
veilor-os/test/test-runs/_TEMPLATE.md

81 lines
1.6 KiB
Markdown
Raw Normal View History

v0.5.27: rd.luks.uuid via grubby, GRUB rebrand, fbcon=nodefer, ASCII gum cursor Critical install bug fix + cosmetic round-up + first formal test procedure document. ## Critical: LUKS unlock on first boot Generated installer kickstart's %post was injecting `rd.luks.uuid=…` into `/etc/default/grub` only. Fedora 43 uses BLS (Boot Loader Specification) entries in `/boot/loader/entries/*.conf`; those are NOT regenerated by `grub2-mkconfig`. Result: the kernel boots without `rd.luks.uuid=`, dracut's cryptsetup-generator never spawns the unlock unit, plymouth has no password to ask for, and dracut-initqueue loops on dev-disk-by-uuid for ~3min before dropping to emergency shell. The fix layers both write paths: - `/etc/default/grub` — keeps the args around for future kernels (kernel-install reads this when adding new entries). - `grubby --update-kernel=ALL --args=...` — rewrites the `options` line of every existing BLS entry so the kernel that boots NEXT actually has the args. Verified by reading `/proc/cmdline` from the dracut emergency shell on a v0.5.26 install; old cmdline had only `root=UUID=… ro rootflags=subvol=root` and was missing the LUKS arg entirely. ## GRUB / branding - `/etc/default/grub` is sed'd to `GRUB_DISTRIBUTOR="veilor-os"` (was already there, kept). - BLS entries' `title` line is rewritten in-place to "veilor-os (<kver>)" for every kernel — `grub2-mkconfig` does not touch BLS titles, so this is the only path. - `/boot/loader/entries/*-0-rescue-*.conf` is removed: the auto-built rescue entry was leaking "Fedora Linux" into the GRUB menu and showing a second boot option that nobody asked for. The rescue kernel image itself is left in /boot. - Hostname defaults to `veilor` (was inheriting the `localhost-live` name anaconda writes when the kickstart's network directive is ignored under cmdline mode). - `/etc/machine-info` adds `PRETTY_HOSTNAME="veilor-os"` so `hostnamectl status` and any consumer reading machine-info see the brand. ## Boot UX - `fbcon=nodefer` added to live-ISO bootloader cmdline. On real laptops with a hardware GPU, the kernel modeset blanks the framebuffer console mid-boot; without `nodefer` the installer banner draws into a frozen framebuffer and the user sees a black screen with a blinking cursor for ~30s. virtio-vga in QEMU doesn't trigger this so it never reproduced in VM. Symptom report on v0.5.26 was the trigger to investigate. ## Installer cosmetics - `GUM_CHOOSE_CURSOR` and `GUM_INPUT_PROMPT` switched from `❯ ` to `> `. The unicode arrow falls back to a fixed-width block on the linux fbcon font and lipgloss then duplicates that block at col +23, producing the "Install Install" double-render and the stray-T artifact in password fields. Plain ASCII renders identically across fbcon, virtio-vga, and X/Wayland gum runs. - `VERSION_ID` bumped 0.5.8 → 0.5.27 in the os-release drop-in. The installer banner reads this at runtime, so the live ISO + installed system both now show "veilor-os 0.5.27". ## Test procedure - `test/TESTING.md` — first canonical test procedure document. Splits VM (cheap iteration, hybrid sendkey + human passwords) from real hardware (mandatory for tag). Documents the standard test passwords (`veilortest1` for both LUKS and admin), the kill-and-relaunch step to skip CD on second boot, and the per-step pass/fail contract. - `test/METHOD-CHANGELOG.md` — append-only audit trail for changes to the procedure. Future releases that alter the test method must add an entry here with the why. - `test/test-runs/_TEMPLATE.md` — per-run report template. Each tagged release should land a filled report alongside it. ## test/run-vm.sh Decoupled QEMU monitor sock setup from auto-inject. Previously `NO_INJECT=1` (used to suppress autotype noise into prompts) also killed the monitor sock, leaving the VM undriveable. Monitor sock is now always exposed; only the inject helper is gated on the pubkey detection.
2026-05-05 01:43:00 +01:00
# Test run — vX.Y.Z
- **Date:** YYYY-MM-DD
- **ISO:** `veilor-os-43-YYYYMMDD-HHMMSS.iso` (sha256: `...`)
- **Tester:** name / handle
- **Environment:** VM (qemu/q35/ovmf, 4 vCPU, 4G RAM, virtio-vga) — OR — Real HW (model, CPU, GPU)
---
## Result
✅ Pass / ⚠️ Pass-with-issues / ❌ Fail
One-line summary.
---
## Regressions vs previous run
(Things that worked in the prior tagged release but failed here. Empty
if none. Always check this section first when reading the report.)
---
## Per-step results
Walk `test/TESTING.md` step-by-step. Mark each pass/fail with a brief
note when failed.
| # | Step | Result | Notes |
|---|------|--------|-------|
| 1 | Live boot to installer banner | ✅ | |
| 2 | Installer menu render | ✅ | |
| 3 | Disk picker | ✅ | |
| 4 | LUKS + admin passwords | ✅ | |
| 5 | Locale | ✅ | |
| 6 | Confirm | ✅ | |
| 7 | Anaconda transaction | ✅ | |
| 8 | Reboot | ✅ | |
| 9 | GRUB single veilor-os entry | ✅ | |
| 10 | LUKS unlock prompt | ✅ | |
| 11 | First boot → SDDM → KDE | ✅ | |
| 12 | Hardening checks | ✅ | |
---
## Hardening verification
```
$ getenforce
Enforcing
$ systemctl is-active fail2ban usbguard tuned auditd firewalld
active
active
active
active
active
$ cat /proc/cmdline
... rd.luks.uuid=luks-... ...
$ lsblk -f
...
```
Paste real output. If any service is inactive or any cmdline arg is
missing, raise as a Regression above.
---
## Findings
Free-form notes. Cosmetic glitches, slow paths, surprising behaviour.
---
## Action items for next release
- [ ] ...
- [ ] ...
(Linked PRs / commits if you opened any during the test.)
Reference in a new issue Copy permalink