What are these changes?
Maru on the left and LXC-2 on the right.
@pdsouza If I want to build my own image, I need to modify the template file?

Hi @pdsouza , I have tried upgrade debian to buster, but I found the firefox-esr crashed in it, but firefox works fine in debian buster. Maybe when someone wants to upgrade to buster, he/she should be attention to this problem.

Thanks.

Debian Jessie now ships Firefox ESR instead of Iceweasel:
https://wiki.debian.org/Iceweasel

• Update desktop shortcut
• Move useragent override to /etc/firefox-esr/firefox-esr.js

Right now, we only have a 32-bit armhf mclient binary.

Ideally, we ne need to build this from source depending on the target architecture so this scales to other architectures easily.

This is especially needed to support arm64 ports due to issues with 64-bit mflinger and 32-bit mclient communication.

It's necessary to test MaruOS for Android-x86. cc @pdsouza .

Buster has been released and we should upgrade from stretch ASAP.

Press release: https://lists.debian.org/debian-announce/2019/msg00003.html
Overview of new stuff: https://wiki.debian.org/NewInBuster
Complete release notes: https://www.debian.org/releases/buster/amd64/release-notes/ch-whats-new.en.html

It can help us to download desktop rootfs from GitHub directly and can be used to test every PR. cc @pdsouza .

HOST : DEBIAN 10
BUILD : BLUEPRINT DEBIAN

sudo ./build.sh -b debian -n stretch-container -- -r stretch -a arm64 --minimal
[] Loading distro plugin...
[ DEBIAN ] loading...
[] Building image...
[ DEBIAN ] bootstrapping rootfs...
debootstrap is /usr/sbin/debootstrap
Checking cache download in /var/cache/lxc/debian/rootfs-stretch-arm64 ...
Copying rootfs to /home/zerocool/Android/maru/vendor/maruos/blueprints/out/stretch-container-intermediates/rootfs...Generating locales (this might take a while)...
en_US.UTF-8... done
Generation complete.
update-rc.d: error: cannot find a LSB script for checkroot.sh
update-rc.d: error: cannot find a LSB script for umountfs
update-rc.d: error: cannot find a LSB script for hwclockfirst.sh
Creating SSH2 RSA key; this may take some time ...
2048 SHA256:5UFQ5hLAd6QXcpuj2LcUpU7v2axP1UOUancFFJGJNQY root@debian (RSA)
Creating SSH2 ECDSA key; this may take some time ...
256 SHA256:g9s7QkUUi8BGobM4+eDFPeuKqpMuApNtF+N0HDbKVF8 root@debian (ECDSA)
Creating SSH2 ED25519 key; this may take some time ...
256 SHA256:Inghmld4lB2/mgC+ZluhUVCUzhBq2sLP1+Eog8JgcNY root@debian (ED25519)
invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of start.

Current default time zone: 'Etc/UTC'
Local time is now: Mon May 18 07:57:03 UTC 2020.
Universal Time is now: Mon May 18 07:57:03 UTC 2020.

lxc-create: stretch-container: confile.c: parse_line: 2367 Unknown configuration key "lxc.tty"
lxc-create: stretch-container: parse.c: lxc_file_for_each_line_mmap: 141 Failed to parse config file "/var/lib/lxc/stretch-container/config" at line "lxc.tty = 4"
lxc-create: stretch-container: tools/lxc_create.c: main: 331 Failed to create container stretch-container
[*] Cleaning up...
rm: cannot remove 'maru_0.1-1_all.deb': No such file or directory
make: [Makefile:31: clean] Error 1 (ignored)

System: Ubuntu 16.04 LTS
Device: Mido
Vendor: Xiaomi

./build.sh -n jessie -- -a arm64
update-binfmts: warning: unable to open /proc/sys/fs/binfmt_misc/status for writing: Permission denied
[] Loading distro plugin...
[ DEBIAN ] loading...
[] Building image...
[ DEBIAN ] bootstrapping rootfs...
lxc-create: conf.c: chown_mapped_root: 3626 No mapping for container root
lxc-create: lxccontainer.c: do_bdev_create: 1052 Error chowning /home/ghostzero0_r2/.local/share/lxc/jessie/rootfs to container root
lxc-create: conf.c: suggest_default_idmap: 4749 You must either run as root, or define uid mappings
lxc-create: conf.c: suggest_default_idmap: 4750 To pass uid mappings to lxc-create, you could create
lxc-create: conf.c: suggest_default_idmap: 4751 ~/.config/lxc/default.conf:
lxc-create: conf.c: suggest_default_idmap: 4752 lxc.include = /etc/lxc/default.conf
lxc-create: conf.c: suggest_default_idmap: 4753 lxc.id_map = u 0 231072 65536
lxc-create: conf.c: suggest_default_idmap: 4754 lxc.id_map = g 0 231072 65536
lxc-create: lxccontainer.c: do_lxcapi_create: 1516 Error creating backing store type (none) for jessie
lxc-create: tools/lxc_create.c: main: 318 Error creating container jessie
[*] Cleaning up...
rm: cannot remove 'maru_0.1-1_all.deb': No such file or directory
make: [clean] Error 1 (ignored)

N7 only has 650MB of system space so it needs a desktop image < 350 MB.

Add a minimal option so that we can support devices with constrained system partitions.

Hi @pdsouza , I encountered a problem that mclient's mmap failed on rockchip devices because of permission denied. After some days' debug, I found the rockchip set buffer fd's access mode to 0(READONLY), when it try to transfer shared buffer fd which created by rockchip gralloc implementation to user space. In AOSP, there is a code snippet to do the same thing. To fix this problem, I just #include <fcntl.h> and change 0 to O_RDWR to make sure the fd has the r/w access mode.

I don't have a better solution to avoid mclient's use of mmap, so I just note the problem I encountered, and hope it will be helpful for someone who has the same problem now or later.

Thanks.

Upload generated rootfs files to artifact.

The current Maru APT archive doesn't use a signed Release file so packages cannot be verified. We currently get around this with --allow-unauthenticated, but it would be best to use secure APT asap.

To use secure APT, we need to create a signed Release.gpg file for the archive which contains hashes that apt-get will automatically check when installing a package. See docs for more info.

As @utzcoz has mentioned, stretch uses the lxc 2.0.x package so we should upgrade our old debian lxc 1.0.x template to the latest from lxc 2.0.x.

The latest template from lxc 2.0.x is here.