Skip to content

v2.4.0

Latest
Latest

Choose a tag to compare

View all tags
@learmj learmj released this 09 Mar 11:38
· 40 commits to master since this release
v2.4.0
7454a94
This commit was signed with the committer’s verified signature.
learmj Matthew Lear
SSH Key Fingerprint: CjqEviMlb4jMSHicItkv95dweaqkzABfcHZarp/LPN0
Verified
Learn about vigilant mode.

The main purpose of this release is to highlight that passwordless sudo is disabled by default for the primary user account.

The IDP documentation has also received updates intended to help third-party image builders create assets allowing them to opt into the Raspberry Pi provisioning flow.

New Features

  • rpi-user-credentials - Pre-hashed password support. The device scope user1passhash accepts a pre-hashed password string (eg, created using bin/genpasswd) and is installed via chpasswd -e. Mutually exclusive with user1pass.
  • rpi-user-credentials - Optional UID and GID assignment support allowing the primary user account to be assigned a specific UID and/or GID.
  • engine: Wildcard trigger conditions. Trigger conditions now support * as a wildcard value, matching any non-empty variable value.
  • IDP: Full JSON schema validation and test suite. Added a new JSON schema for Image Description Provisioning (IDP) documents and an updated PMAP schema, all with full field descriptions and applicable constraints.
  • image-rota: dm-verity hash generation. Uses veritysetup to generate the hash tree of the EROFS root filesystem.
  • docs: local documentation server. rpi-image-gen doc starts a local web server on port 3142 serving the auto-generated HTML documentation, including IDP and PMAP schema docs.

Breakages

  • rpi-user-credentials - sudo access is now disabled by default. The device scope user1sudo variable controls sudo access for the primary user account and defaults to none. Previously, passwordless sudo was always granted. Existing configurations that require passwordless sudo must now set IGconf_device_user1sudo=nopasswd explicitly.

What's Changed

  • doc: Update image-rota companion doc by @learmj in #194
  • image-rota: Generate dm-verity hash assets for root by @learmj in #195
  • package: use Make-driven variable extraction for deps by @learmj in #196
  • IDP: schema validation, test suite, docgen and improved templates by @learmj in #197
  • doc: Add cli cmd to serve docs locally, link schema docs by @learmj in #200
  • Improve user account configuration by @learmj in #201

Full Changelog: v2.3.0...v2.4.0

Contributors

learmj
Assets 2
Loading