Monday, June 11, 2018

Custom Server ISO cannot find kernel to install


I'm trying to build a custom Ubuntu Server ISO, and am hitting a weird problem I'm hoping someone here can help with. I'm using UCK and these instructions.


When I do the minimum possible to build a "custom" ISO, it spits out an ISO which installs and works without any issues.


uck-remaster-unpack-iso ./ubuntu_trusty-server-amd64.iso
uck-remaster-pack-iso

However, I want to be able to include custom packages on my ISO too. UCK sets up the environment for you and then takes your GPG key and automatically signs everything for you:


uck-remaster-clean
uck-remaster-unpack-iso ubuntu_trusty-server-amd64.iso
uck-remaster-prepare-alternate
gpg --list-keys
uck-remaster-finalize-alternate 60FB276F
uck-remaster-pack-iso

It generates an ISO without any errors, however the ISO those this wonderful error:


No kernel found


Syslog shows these (full):


Mar 19 19:37:28 base-installer: Using CD-ROM mount point /media/cdrom/
Mar 19 19:37:28 base-installer: Identifying..
Mar 19 19:37:28 base-installer: [53fed41586d1f78a456ce051a5c87264-2]
Mar 19 19:37:28 base-installer: Scanning disc for index files..
Mar 19 19:37:29 base-installer: Found 3 package indexes, 0 source indexes, 0 translation indexes and 1 signatures
Mar 19 19:37:29 base-installer: Found label 'Ubuntu-Server 14.04 LTS _Trusty Tahr_ - Alpha amd64 (20140306)'
Mar 19 19:37:29 base-installer: This disc is called:
Mar 19 19:37:29 base-installer: 'Ubuntu-Server 14.04 LTS _Trusty Tahr_ - Alpha amd64 (20140306)'
Mar 19 19:37:29 base-installer: Copying package lists...
Mar 19 19:37:29 base-installer: gpgv: Signature made Fri 14 Mar 2014 01:18:54 AM UTC using RSA key ID 60FB276F
Mar 19 19:37:29 base-installer: gpgv: Can't check signature: public key not found
Mar 19 19:37:29 base-installer: E: Sub-process gpgv returned an error code (2)
Mar 19 19:37:29 base-installer: W: Signature verification failed for: /media/cdrom/dists/trusty/Release.gpg
Mar 19 19:37:29 base-installer: E: No CD-ROM could be auto-detected or found using the default mount point.
Mar 19 19:37:29 base-installer: You may try the --cdrom option to set the CD-ROM mount point. See 'man apt-cdrom' for more information about the CD-ROM auto-detection and mount point.
Mar 19 19:37:29 base-installer: error: error while running apt-cdrom

I also tried following the instructions here but it had the same result - UCK seems to follow those instructions from looking at the source.


Any ideas or suggestions would be appreciated.


Updates after more investigation:


Breaking out to a shell after the 'bad kernel' message: When examining the keys found in /usr/share/keyrings with gpg --list-keys --keyring ./ubuntu-archive-keyring.gpg the signing key injected by UCK or manually through a ubuntu-keyring rebuild are NOT installed prior to the apt-cdrom call in the installer. As such, dists/trusty/Release.gpg fails gpg verification.


Manually running dpkg -i on the rebuilt ubuntu-keyring package installs the replacement keys correctly; both in /usr/share/keyrings and into the appropriate gpg envelope - however, exiting the shell, and reinstating the software installation at that point from the installation menu, does not fix the apt-cdrom gpg validation process - it looks as though gpg keys are getting injected from some other udeb, and ubuntu-keyring is not installed prior to the apt-cdrom check.


Unfortunately, the error message displayed, is not reflective of the underlying problem. The problem is that that apt-cdrom cannot verify the gpg signature, therefore doesn't recognise the CDRom as a valid package source. That means that there are no kernels available to install.



[cdrom]/install/filesystem.squashfs contains a pre-installed version of ubuntu-keyring, and the ubuntu-keyring package within /pool/ on the CD is not installed prior to apt-cdrom being executed by debian-installer - therefore apt-cdrom fails to verify the modified Release file, and apt won't touch the packages on the CD.


Something like this is required, in order to replace the baseline keys with your modified version:


mkdir /tmp/CDRom
mount -o loop /path/to/trusty.iso /tmp/CDRom
mkdir /tmp/SquashFS
cd /tmp/SquashFS
unsquashfs /tmp/CDRom/install/filesystem.squashfs
cd squashfs-root
cp /path/to/modified/ubuntu-archive-keyring.gpg usr/share/keyrings/ubuntu-archive-keyring.gpg
rm /path/to/FinalCD/install/filesystem.size /path/to/FinalCD/install/filesystem.squashfs
du -sx --block-size=1 ./ | cut -f1 > /path/to/FinalCD/install/filesystem.size
mksquashfs ./ /path/to/FinalCD/install/filesystem.squashfs

apt-cdrom will then work correctly.


No comments:

Post a Comment

11.10 - Can't boot from USB after installing Ubuntu

I bought a Samsung series 5 notebook and a very strange thing happened: I installed Ubuntu 11.10 from a usb pen drive but when I restarted (...