search

bitsy-ai / printnanny-os

Image repository, change logs, and issue tracking for PrintNanny OS
GNU Affero General Public License v3.0
23 stars 2 forks source link

SSH host keys are not saved to persistent data partition #227

Closed leigh-johnson closed 1 year ago

leigh-johnson commented 1 year ago

Describe the bug

SSH keys are currently being generated each time you image/upgrade PrintNanny OS, and are saved to the rootfs partition. Anything written to the rootfs only survives until the next upgrade.

Let's make sure SSH keys are written to an overlayfs backed by the persistent data partition.

leigh-johnson commented 1 year ago

:+1: We're now mounting /etc/ssh as an overlayfs, backed by a persistent data partition. Host SSH keys shouldn't be getting re-generated when you upgrade PrintNanny OS, after you install v0.6.2

You'll still see host keys getting generated when upgrading v0.6.1 -> v0.6.2 

printnanny:/home/pi# ls -ahl /data/upper/etc/ssh/   
total 11K
drwxr-xr-x 3 root root 1.0K Jan 29 10:49 .
drwxr-xr-x 4 root root 1.0K Dec 20 10:15 ..
-rw------- 1 root root  505 Jan 29 10:49 ssh_host_ecdsa_key
-rw-r--r-- 1 root root  177 Jan 29 10:49 ssh_host_ecdsa_key.pub
-rw------- 1 root root  411 Jan 29 10:49 ssh_host_ed25519_key
-rw-r--r-- 1 root root   97 Jan 29 10:49 ssh_host_ed25519_key.pub
-rw------- 1 root root 2.6K Jan 29 10:49 ssh_host_rsa_key
-rw-r--r-- 1 root root  569 Jan 29 10:49 ssh_host_rsa_key.pub
drwxr-xr-x 2 root root 1.0K Jan 29 10:49 sshd_config.d
leigh-johnson commented 1 year ago

Re-opening. I think cloud-init is re-generating host keys even if they're already present. In the lastest v0.6.2 build:

$ssh pi@printnanny.local         
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:Sqd0OY4iHoHR2evWNvfy/oC5jaIIiHenuIw/bp1RAJk.
Please contact your system administrator.
Add correct host key in /home/leigh/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/leigh/.ssh/known_hosts:119
  remove with:
  ssh-keygen -f "/home/leigh/.ssh/known_hosts" -R "printnanny.local"
Host key for printnanny.local has changed and you have requested strict checking.
Host key verification failed.
leigh-johnson commented 1 year ago

Testing out a solution to this today. The tl;dr is that we need to:

  1. Mount /etc/as an overlayfs, with the image rootfs as the lower dir and upper dir on a persistent data partition.

This will result in changes to /etc/netplan /etc/ssh/ /etc/password and /etc/defaults being persistent across upgrades of PrintNanny OS.

  1. Mount the /etc/ overlayfs at the earliest possible boot stage, before systemd's init stage. OpenEmbedded includes a nifty overlayfs-etc.bbclass that I'm trying out now. 
#
# Copyright OpenEmbedded Contributors
#
# SPDX-License-Identifier: MIT
#

# Class for setting up /etc in overlayfs
#
# In order to have /etc directory in overlayfs a special handling at early boot stage is required
# The idea is to supply a custom init script that mounts /etc before launching actual init program,
# because the latter already requires /etc to be mounted
#
# The configuration must be machine specific. You should at least set these three variables:
#   OVERLAYFS_ETC_MOUNT_POINT ?= "/data"
#   OVERLAYFS_ETC_FSTYPE ?= "ext4"
#   OVERLAYFS_ETC_DEVICE ?= "/dev/mmcblk0p2"
#
# To control more mount options you should consider setting mount options:
#   OVERLAYFS_ETC_MOUNT_OPTIONS ?= "defaults"
#
# The class provides two options for /sbin/init generation
# 1. Default option is to rename original /sbin/init to /sbin/init.orig and place generated init under
#    original name, i.e. /sbin/init. It has an advantage that you won't need to change any kernel
#    parameters in order to make it work, but it poses a restriction that package-management can't
#    be used, becaause updating init manager would remove generated script
# 2. If you are would like to keep original init as is, you can set
#    OVERLAYFS_ETC_USE_ORIG_INIT_NAME = "0"
#    Then generated init will be named /sbin/preinit and you would need to extend you kernel parameters
#    manually in your bootloader configuration.
#
# Regardless which mode you choose, update and migration strategy of configuration files under /etc
# overlay is out of scope of this class

ROOTFS_POSTPROCESS_COMMAND += '${@bb.utils.contains("IMAGE_FEATURES", "overlayfs-etc", "create_overlayfs_etc_preinit;", "", d)}'
IMAGE_FEATURES_CONFLICTS_overlayfs-etc = "${@ 'package-management' if bb.utils.to_boolean(d.getVar('OVERLAYFS_ETC_USE_ORIG_INIT_NAME'), True) else ''}"

OVERLAYFS_ETC_MOUNT_POINT ??= ""
OVERLAYFS_ETC_FSTYPE ??= ""
OVERLAYFS_ETC_DEVICE ??= ""
OVERLAYFS_ETC_USE_ORIG_INIT_NAME ??= "1"
OVERLAYFS_ETC_MOUNT_OPTIONS ??= "defaults"
OVERLAYFS_ETC_INIT_TEMPLATE ??= "${COREBASE}/meta/files/overlayfs-etc-preinit.sh.in"
OVERLAYFS_ETC_EXPOSE_LOWER ??= "0"

python create_overlayfs_etc_preinit() {
    overlayEtcMountPoint = d.getVar("OVERLAYFS_ETC_MOUNT_POINT")
    overlayEtcFsType = d.getVar("OVERLAYFS_ETC_FSTYPE")
    overlayEtcDevice = d.getVar("OVERLAYFS_ETC_DEVICE")

    if not overlayEtcMountPoint:
        bb.fatal("OVERLAYFS_ETC_MOUNT_POINT must be set in your MACHINE configuration")
    if not overlayEtcDevice:
        bb.fatal("OVERLAYFS_ETC_DEVICE must be set in your MACHINE configuration")
    if not overlayEtcFsType:
        bb.fatal("OVERLAYFS_ETC_FSTYPE should contain a valid file system type on {0}".format(overlayEtcDevice))

    with open(d.getVar("OVERLAYFS_ETC_INIT_TEMPLATE"), "r") as f:
        PreinitTemplate = f.read()

    useOrigInit = oe.types.boolean(d.getVar('OVERLAYFS_ETC_USE_ORIG_INIT_NAME'))
    preinitPath = oe.path.join(d.getVar("IMAGE_ROOTFS"), d.getVar("base_sbindir"), "preinit")
    initBaseName = oe.path.join(d.getVar("base_sbindir"), "init")
    origInitNameSuffix = ".orig"
    exposeLower = oe.types.boolean(d.getVar('OVERLAYFS_ETC_EXPOSE_LOWER'))

    args = {
        'OVERLAYFS_ETC_MOUNT_POINT': overlayEtcMountPoint,
        'OVERLAYFS_ETC_MOUNT_OPTIONS': d.getVar('OVERLAYFS_ETC_MOUNT_OPTIONS'),
        'OVERLAYFS_ETC_FSTYPE': overlayEtcFsType,
        'OVERLAYFS_ETC_DEVICE': overlayEtcDevice,
        'SBIN_INIT_NAME': initBaseName + origInitNameSuffix if useOrigInit else initBaseName,
        'OVERLAYFS_ETC_EXPOSE_LOWER': "true" if exposeLower else "false"
    }

    if useOrigInit:
        # rename original /sbin/init
        origInit = oe.path.join(d.getVar("IMAGE_ROOTFS"), initBaseName)
        bb.debug(1, "rootfs path %s, init path %s, test %s" % (d.getVar('IMAGE_ROOTFS'), origInit, d.getVar("IMAGE_ROOTFS")))
        bb.utils.rename(origInit, origInit + origInitNameSuffix)
        preinitPath = origInit

    with open(preinitPath, 'w') as f:
        f.write(PreinitTemplate.format(**args))
    os.chmod(preinitPath, 0o755)
}
  1. Updated kernel init parameters to include init=/sbin/preinit, which is templated from overlayfs-etc-preinit.sh.in

The bad news is that even if this works smoothly, v0.6.2 will need to be installed from scratch (no upgrade path available from v0.5.x v0.6.x).

This is because PrintNanny OS upgrades only cover changes to the root ext4 filesystem. In this case, we're modifying kernel parameters that are written to the fat32 boot partition - so you'd need to re-install the base image to pick up this change.

leigh-johnson commented 1 year ago

Testing results

-- Boot Record 01 --

-- Boot Record 01 --
The total time elapsed since completing an event is printed after the "@" character.
The time the event takes is printed after the "+" character.

Starting stage: init-local
|`->no cache found @00.04600s +00.00200s
|`->found local data from DataSourceNoCloud @00.08000s +00.41200s
Finished stage: (init-local) 02.54400 seconds

Starting stage: init-network
|`->restored from cache with run check: DataSourceNoCloud [seed=/dev/mmcblk0p1][dsmode=net] @13.22900s +00.01400s
|`->setting up datasource @18.38300s +00.00100s
|`->reading and applying user-data @18.46800s +00.05800s
|`->reading and applying vendor-data @18.52700s +00.05000s
|`->reading and applying vendor-data2 @18.57700s +00.00100s
|`->activating datasource @18.90600s +00.01000s
|`->config-migrator ran successfully @19.16600s +00.00400s
|`->config-seed_random ran successfully @19.17200s +00.00700s
|`->config-set_hostname ran successfully @19.18100s +00.06400s
|`->config-update_hostname ran successfully @19.24800s +00.03500s
|`->config-update_etc_hosts ran successfully @19.28600s +00.05500s
|`->config-users-groups ran successfully @19.34300s +00.19700s
|`->config-ssh ran successfully @19.54200s +07.22400s
Finished stage: (init-network) 13.64000 seconds

Starting stage: modules-config
|`->config-locale ran successfully @31.09300s +00.44000s
|`->config-set-passwords ran successfully @31.53500s +00.16700s
|`->config-timezone ran successfully @31.70400s +00.42600s
|`->config-runcmd ran successfully @32.13300s +00.01000s
Finished stage: (modules-config) 01.20400 seconds

Starting stage: modules-final
|`->config-scripts-vendor ran successfully @36.49400s +00.00700s
|`->config-scripts-per-once ran successfully @36.50300s +00.02900s
|`->config-scripts-per-boot ran successfully @36.53500s +00.22000s
|`->config-scripts-per-instance ran successfully @36.75700s +00.02900s
|`->config-scripts-user ran successfully @36.78900s +00.69800s
|`->config-ssh-authkey-fingerprints ran successfully @37.48900s +00.02700s
|`->config-keys-to-console ran successfully @37.51900s +00.22200s
|`->config-install-hotplug ran successfully @37.74400s +00.04200s
|`->config-final-message ran successfully @37.78900s +00.06000s
Finished stage: (modules-final) 01.60300 seconds

Total Time: 18.99100 seconds

1 boot records analyzed

Build:

-----------------------
Build Info:  |
-----------------------
IMAGE_NAME = printnanny-debug-image-raspberrypi4-64-20230201195855
DISTRO_PRETTY = PrintNanny Linux 0.6.2 (Feldspar)
VARIANT_NAME = PrintNanny OS Debug
VARIANT_ID = debug
DISTRO = printnanny
DISTRO_NAME = PrintNanny Linux
DISTRO_VERSION = 0.6.2
DISTRO_CODENAME = Feldspar
ID_LIKE = BitsyLinux
HOME_URL = https://printnanny.ai
BUG_REPORT_URL = https://github.com/bitsy-ai/printnanny-os/issues
YOCTO_VERSION = 4.1.2
YOCTO_CODENAME = Mickledore
MACHINE = raspberrypi4-64
TUNE_PKGARCH = cortexa72
-----------------------
Layer Revisions:      |
-----------------------
meta              = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-poky         = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-yocto-bsp    = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-raspberrypi  = langdale-libcamera-fix:99f5a91d9d4b34ff8c214cf61cd12f375da1a76a
meta-oe           = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-python       = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-multimedia   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-bitsy        = etc-overlay-fs:9612543573425b7044f9c74a134983b6911508c1
meta-neural-network = mickledore:f19fa74c2f4c868eda1c48d709b66848f9cca5e8
meta-printnanny   = etc-overlay-fs:9612543573425b7044f9c74a134983b6911508c1
meta-networking   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-filesystems  = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-initramfs    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-webserver    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-swupdate     = mickledore:c47a10be18412919f4c7041be05509ba97ac79f4
meta-microcontroller = mickledore:a848733698649628d0c3e34ae04ced0ee6ce3aee
debug-v0-6:~$ cat /etc/ssh/ssh_host_rsa_key.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCz2VrsUzNF+4ZipbsVJmhcDUhd8OAOgo0IzTNL0cRmNfzhpIHSkmqGSDNFj2IP7njLgoH5KWIU5k8UkWJpi8aBWQySJlMaQgsnyMX4oShgc0t5UOtZcOevGnekn5gsmgiEA1hVU64WrZFM8NCIwx52llT7bchTheixDT4sO4h07SpD1Qi4TyEk4e5/PwQ36ZrbEOcp313pXNQQRo72mgz+cRsfzk2HkgcaNgGdjljlKv6dc3GHL/vbhBNhmztC6KhpKuhQsnsEoY7Lkbne1jaGB6nQvU8DyCLbXWgsMmaUE0CPuVs/4q0/lXMTYL3dJkSBCxPasVleD5763Wf5q1rFMLvn10eSsu4NsIX1Wdd/JEAORRIhCSKuaA/nFADqEt6eJfMvX98JmTF92HydwzqFBKlN0rfa6/8Ucpj3y1oOZCkwA7ujM6U8dYJH+oOq5SBYnqysBCdv7RyTdv+aulahNdfKlLYzHC7i94ufW3Mf+BCbXcGuGA1ZudOFrKthgik= root@debug-v0-6
debug-v0-6:~$ cat /etc/machine-id 
b1408f7c3d98421bb7b7f18d860a7f70

Boot record #2 in the next post... :point_down:

leigh-johnson commented 1 year ago

Testing results (continued)

-- Boot Record 02 --

Boo. I applied a rootfs patch via swupdate, with the following results. Cloud-init is still treating this as a new instance, instead of the 2nd boot of the same instance. 

-- Boot Record 01 --
The total time elapsed since completing an event is printed after the "@" character.
The time the event takes is printed after the "+" character.

Starting stage: init-local
|`->no cache found @00.04600s +00.00100s
|`->found local data from DataSourceNoCloud @00.07900s +00.41700s
Finished stage: (init-local) 02.52300 seconds

Starting stage: init-network
|`->restored from cache with run check: DataSourceNoCloud [seed=/dev/mmcblk0p1][dsmode=net] @09.42100s +00.01500s
|`->setting up datasource @14.56500s +00.00100s
|`->reading and applying user-data @14.65000s +00.05700s
|`->reading and applying vendor-data @14.70800s +00.04800s
|`->reading and applying vendor-data2 @14.75600s +00.00100s
|`->activating datasource @15.08400s +00.01000s
|`->config-migrator ran successfully @15.34100s +00.00900s
|`->config-seed_random ran successfully @15.35300s +00.00600s
|`->config-set_hostname ran successfully @15.36100s +00.05900s
|`->config-update_hostname ran successfully @15.42300s +00.03500s
|`->config-update_etc_hosts ran successfully @15.46000s +00.05400s
|`->config-users-groups ran successfully @15.51700s +00.01000s
|`->config-ssh ran successfully @15.52900s +7369837.00300s
Finished stage: (init-network) 7369843.21400 seconds

Starting stage: modules-config
|`->config-locale ran successfully @7369857.02200s +00.44800s
|`->config-set-passwords ran successfully @7369857.47300s +00.09800s
|`->config-timezone ran successfully @7369857.57400s +00.44100s
|`->config-runcmd ran successfully @7369858.01800s +00.01400s
Finished stage: (modules-config) 01.16500 seconds

Starting stage: modules-final
|`->config-scripts-vendor ran successfully @7369862.35400s +00.00700s
|`->config-scripts-per-once ran successfully @7369862.36300s +00.03000s
|`->config-scripts-per-boot ran successfully @7369862.39600s +07.29900s
|`->config-scripts-per-instance ran successfully @7369869.69700s +00.03200s
|`->config-scripts-user ran successfully @7369869.73200s +00.66300s
|`->config-ssh-authkey-fingerprints ran successfully @7369870.39800s +00.02800s
|`->config-keys-to-console ran successfully @7369870.42800s +00.22700s
|`->config-install-hotplug ran successfully @7369870.65800s +00.04000s
|`->config-final-message ran successfully @7369870.70200s +00.06100s
Finished stage: (modules-final) 08.65900 seconds

Total Time: 7369855.56100 seconds

1 boot records analyzed
-----------------------
Build Info:  |
-----------------------
IMAGE_NAME = printnanny-debug-image-raspberrypi4-64-20230201204727
DISTRO_PRETTY = PrintNanny Linux 0.6.2 (Feldspar)
VARIANT_NAME = PrintNanny OS Debug
VARIANT_ID = debug
DISTRO = printnanny
DISTRO_NAME = PrintNanny Linux
DISTRO_VERSION = 0.6.2
DISTRO_CODENAME = Feldspar
ID_LIKE = BitsyLinux
HOME_URL = https://printnanny.ai
BUG_REPORT_URL = https://github.com/bitsy-ai/printnanny-os/issues
YOCTO_VERSION = 4.1.2
YOCTO_CODENAME = Mickledore
MACHINE = raspberrypi4-64
TUNE_PKGARCH = cortexa72
-----------------------
Layer Revisions:      |
-----------------------
meta              = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-poky         = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-yocto-bsp    = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-raspberrypi  = langdale-libcamera-fix:99f5a91d9d4b34ff8c214cf61cd12f375da1a76a
meta-oe           = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-python       = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-multimedia   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-bitsy        = main:bc730d4a24149cb922a89294c2d0b26e4505525f
meta-neural-network = mickledore:f19fa74c2f4c868eda1c48d709b66848f9cca5e8
meta-printnanny   = main:bc730d4a24149cb922a89294c2d0b26e4505525f
meta-networking   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-filesystems  = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-initramfs    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-webserver    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-swupdate     = mickledore:c47a10be18412919f4c7041be05509ba97ac79f4
meta-microcontroller = mickledore:a848733698649628d0c3e34ae04ced0ee6ce3aee
leigh-johnson commented 1 year ago

Test number 2

-----------------------
Build Info:  |
-----------------------
IMAGE_NAME = printnanny-release-image-raspberrypi4-64-20230201231351
DISTRO_PRETTY = PrintNanny Linux 0.6.2 (Feldspar)
VARIANT_NAME = PrintNanny OS Core
VARIANT_ID = core
DISTRO = printnanny
DISTRO_NAME = PrintNanny Linux
DISTRO_VERSION = 0.6.2
DISTRO_CODENAME = Feldspar
ID_LIKE = BitsyLinux
HOME_URL = https://printnanny.ai
BUG_REPORT_URL = https://github.com/bitsy-ai/printnanny-os/issues
YOCTO_VERSION = 4.1.2
YOCTO_CODENAME = Langdale
MACHINE = raspberrypi4-64
TUNE_PKGARCH = cortexa72
-----------------------
Layer Revisions:      |
-----------------------
meta              = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-poky         = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-yocto-bsp    = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-raspberrypi  = langdale-libcamera-fix:99f5a91d9d4b34ff8c214cf61cd12f375da1a76a
meta-oe           = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-python       = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-multimedia   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-bitsy        = main:3bfee97d988636417c75d02cb24da5bc47b1736b
meta-neural-network = mickledore:f19fa74c2f4c868eda1c48d709b66848f9cca5e8
meta-printnanny   = main:3bfee97d988636417c75d02cb24da5bc47b1736b
meta-networking   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-filesystems  = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-initramfs    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-webserver    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-swupdate     = mickledore:c47a10be18412919f4c7041be05509ba97ac79f4
meta-microcontroller = mickledore:a848733698649628d0c3e34ae04ced0ee6ce3aee
-- Boot Record 01 --
The total time elapsed since completing an event is printed after the "@" character.
The time the event takes is printed after the "+" character.

Starting stage: init-local
|`->no cache found @00.04600s +00.00200s
|`->found local data from DataSourceNoCloud @00.08000s +00.42500s
Finished stage: (init-local) 02.69200 seconds

Starting stage: init-network
|`->restored from cache with run check: DataSourceNoCloud [seed=/dev/mmcblk0p1][dsmode=net] @14.07900s +00.01500s
|`->setting up datasource @19.19600s +00.00100s
|`->reading and applying user-data @19.28200s +00.05700s
|`->reading and applying vendor-data @19.34000s +00.04800s
|`->reading and applying vendor-data2 @19.38900s +00.00100s
|`->activating datasource @19.71700s +00.01000s
|`->config-migrator ran successfully @19.97700s +00.00400s
|`->config-seed_random ran successfully @19.98300s +00.00700s
|`->config-set_hostname ran successfully @19.99200s +00.06400s
|`->config-update_hostname ran successfully @20.05900s +00.03500s
|`->config-update_etc_hosts ran successfully @20.09700s +00.05400s
|`->config-users-groups ran successfully @20.15400s +00.18900s
|`->config-ssh ran successfully @20.34500s +7377863.28400s
Finished stage: (init-network) 7377869.64700 seconds

Starting stage: modules-config
|`->config-locale ran successfully @7377888.00700s +00.46500s
|`->config-set-passwords ran successfully @7377888.47400s +00.21300s
|`->config-timezone ran successfully @7377888.68900s +00.44100s
|`->config-runcmd ran successfully @7377889.13300s +00.01100s
Finished stage: (modules-config) 01.29100 seconds

Starting stage: modules-final
|`->config-scripts-vendor ran successfully @7377893.41800s +00.00600s
|`->config-scripts-per-once ran successfully @7377893.42600s +00.03000s
|`->config-scripts-per-boot ran successfully @7377893.45800s +00.23100s
|`->config-scripts-per-instance ran successfully @7377893.69200s +00.02900s
|`->config-scripts-user ran successfully @7377893.72300s +00.65400s
|`->config-ssh-authkey-fingerprints ran successfully @7377894.38000s +00.02800s
|`->config-keys-to-console ran successfully @7377894.41100s +00.21600s
|`->config-install-hotplug ran successfully @7377894.62900s +00.04000s
|`->config-final-message ran successfully @7377894.67200s +00.06800s
Finished stage: (modules-final) 01.57400 seconds

Total Time: 7377875.20400 seconds

1 boot records analyzed
printnanny:~$ cat /etc/machine-id 
d146f0a2d1e2442795115fbc4e9490e7
printnanny:~$ cat /etc/ssh/ssh_host_rsa_key.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCblewK7ON1+BJBQKK07eei5+p6j0FfZpurHlKS8RzGa9qx5ZhT8c2J9fGqClFWo4uBLQRjLWLnS3KBe4+Da1KMqjqqB+B26AcmrIYTw7aeb1NgsLBgsotyMtuPudsO+ylYwhLThnUbb750pWFal4qSGhNEWQkOr2Ukt0PV2quLvXBiub85O2zJeYVz9Cy/JPi5tg6BTD3fh/gWc/kX46wT7MpXn4BV1RedsO5nn2E0W0vaGHz8Cq5Sr/5HGm2CYrq0T8lpLnIveQmIxX6az0Ze5gyeNZ4a3Q9q3xrFXe6V2eUr4yxJFlY4EjExTa7flL4xwFOKo75VmjGnMZGw2bl//dkI9mJEu6u2jm+Z/Fyh7qUBCxROaHl1/Rc18YI2L6yGN3ONxRzcaohBniJgUKKcNcw9fGi0uwfNCXtQqrkIN5aASvacXs1U3Zwnhhotps6Gv1lH8sgwGH/bOjsha8nfoUOr/K6/aJY9cuL23ftAKWhd4MTDdj3B4+l5FQP3zts= root@printnanny
leigh-johnson commented 1 year ago

Test number 3

-----------------------
Build Info:  |
-----------------------
IMAGE_NAME = printnanny-release-image-raspberrypi4-64-20230202011316
DISTRO_PRETTY = PrintNanny Linux 0.6.2 (Feldspar)
VARIANT_NAME = PrintNanny OS Core
VARIANT_ID = core
DISTRO = printnanny
DISTRO_NAME = PrintNanny Linux
DISTRO_VERSION = 0.6.2
DISTRO_CODENAME = Feldspar
ID_LIKE = BitsyLinux
HOME_URL = https://printnanny.ai
BUG_REPORT_URL = https://github.com/bitsy-ai/printnanny-os/issues
YOCTO_VERSION = 4.1.2
YOCTO_CODENAME = Langdale
MACHINE = raspberrypi4-64
TUNE_PKGARCH = cortexa72
-----------------------
Layer Revisions:      |
-----------------------
meta              = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-poky         = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-yocto-bsp    = langdale:f59aa3752dbc5552469207894bea9c01bd68fb6e
meta-raspberrypi  = langdale-libcamera-fix:99f5a91d9d4b34ff8c214cf61cd12f375da1a76a
meta-oe           = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-python       = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-multimedia   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-bitsy        = main:5e05be02ebe2f764f60785ac9658f1dd1505fda7
meta-neural-network = mickledore:f19fa74c2f4c868eda1c48d709b66848f9cca5e8
meta-printnanny   = main:5e05be02ebe2f764f60785ac9658f1dd1505fda7
meta-networking   = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-filesystems  = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-initramfs    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-webserver    = langdale:f8cb46d803190bb02085c8a7d20957a71d32f311
meta-swupdate     = mickledore:c47a10be18412919f4c7041be05509ba97ac79f4
meta-microcontroller = mickledore:a848733698649628d0c3e34ae04ced0ee6ce3aee
office-v0-6:~$ cat /etc/machine-id 
868d207b25e943c191a723715f44d466
office-v0-6:~$ cat /etc/ssh/ssh_host_rsa_key.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCP5XexzXqaEtpkM7bWCCY4ZngkfmZa6kOoXN3Jtgs+puQX21vFIUCHispcU/Zc8afsvWlFMJzUIdicKG2vYSK2l5dqgUmq8nignAgB1SH/103P4KdY8qUavYYlg55EX4JzE32Z0LQqoMRckyAHcz+/xLwHxCBvySex2s6LAHGUw1DXqqrAAV2K00JUCWxP7HliOxHeDrIvvjNQLhECzmXRFlUEaotZtCBaz8O8IsD/UKZKMEK8nr4sv+aXpphCeHh4rtsf/hmIaC5v84S9KyhEt1ItDI8VjxeWR/YHpeD0WSMNuaySNBXxewUpMG9V4TT0GBEMfBxgHmIEWo2ksO+gbKAYi8to/TUXrwYJ/0sHQrACixrEYS5k+oDNypsh1P6iyo8yM7u37NjTAF4vyy77F86KkjIcUzEN0I+ifDcb41IpuNtqxWzD3A637ZsO3iePCzJmnJGLrmNSGlRRlHir8H9p8Qd1MqjLSvkCIB29J/EBzYZHRtI4Api0V9+INMM= root@office-v0-6
-- Boot Record 01 --
The total time elapsed since completing an event is printed after the "@" character.
The time the event takes is printed after the "+" character.

Starting stage: init-local
|`->no cache found @00.04500s +00.00200s
|`->found local data from DataSourceNoCloud @00.07800s +00.41200s
Finished stage: (init-local) 02.49000 seconds

Starting stage: init-network
|`->restored from cache with run check: DataSourceNoCloud [seed=/dev/mmcblk0p1][dsmode=net] @13.43600s +00.01600s
|`->setting up datasource @18.57400s +00.00100s
|`->reading and applying user-data @18.65500s +00.05600s
|`->reading and applying vendor-data @18.71200s +00.04800s
|`->reading and applying vendor-data2 @18.76100s +00.00000s
|`->activating datasource @19.08400s +00.01000s
|`->config-migrator ran successfully @19.32700s +00.00400s
|`->config-seed_random ran successfully @19.33300s +00.00700s
|`->config-set_hostname ran successfully @19.34200s +00.06300s
|`->config-update_hostname ran successfully @19.40700s +00.03600s
|`->config-update_etc_hosts ran successfully @19.44500s +00.05900s
|`->config-users-groups ran successfully @19.50600s +00.24100s
|`->config-ssh ran successfully @19.74900s +05.56700s
Finished stage: (init-network) 11.98100 seconds

Starting stage: modules-config
|`->config-locale ran successfully @7385233.65100s +00.46800s
|`->config-set-passwords ran successfully @7385234.12200s +00.18600s
|`->config-timezone ran successfully @7385234.31000s +00.42600s
|`->config-runcmd ran successfully @7385234.73900s +00.01000s
Finished stage: (modules-config) 01.24400 seconds

Starting stage: modules-final
|`->config-scripts-vendor ran successfully @7385239.07400s +00.00700s
|`->config-scripts-per-once ran successfully @7385239.08400s +00.03200s
|`->config-scripts-per-boot ran successfully @7385239.11900s +00.26200s
|`->config-scripts-per-instance ran successfully @7385239.38400s +00.03100s
|`->config-scripts-user ran successfully @7385239.41800s +00.67200s
|`->config-ssh-authkey-fingerprints ran successfully @7385240.09300s +00.02800s
|`->config-keys-to-console ran successfully @7385240.12300s +00.22200s
|`->config-install-hotplug ran successfully @7385240.34800s +00.04200s
|`->config-final-message ran successfully @7385240.39300s +00.04900s
Finished stage: (modules-final) 01.62500 seconds

Total Time: 17.34000 seconds

1 boot records analyzed
leigh-johnson commented 1 year ago

Whew, the custom overlay .bbclass in https://github.com/bitsy-ai/meta-bitsy/pull/415 did the trick. Cutting an official v0.6.2 shortly.