kairos
kairos copied to clipboard
kairos-io
feat: remove firmware in Ubuntu uki images
The firmware in the ubuntu image brings nearly ~500MB (see also the previous attempt in #2283 ).
We can drop the firmware in the core uki images such as those have to be consumed already in a process that includes remastering and customization - and document that we don't ship firmware and is left to the user to build images with the proper firmware.
@@ -229,8 +229,10 @@ FROM base-ubuntu-current AS kernel-ubuntu-24.04
RUN apt-get update
# If a kernel is already installed, don't try to install it again, this way the base image can
# be non-hwe for older releases
+#RUN [ -z "$(ls -A /lib/modules/)" ] && apt-get install -y --no-install-recommends \
+# linux-image-generic-hwe-24.04 || true
RUN [ -z "$(ls -A /lib/modules/)" ] && apt-get install -y --no-install-recommends \
- linux-image-generic-hwe-24.04 || true
+ amd64-microcode intel-microcode iucode-tool kmod linux-base linux-image-6.8.0-31-generic linux-modules-6.8.0-31-generic || true
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
Hello mudler, thank you for opening this issue (kairos-io/kairos#2565). In order to meet the project's requirements, please provide a detailed description of the issue and, if it's a bug, the steps to reproduce it. Additionally, it would be helpful if you could mention the versions of the relevant artifacts being used. I apologize for any inconvenience this may cause, but as a bot, I have labeled this issue with 'enhancement' and 'triage' labels. Please update the issue with the necessary information to proceed with the review process. Remember, this is an experiment by @mudler and @jimmykarily. If you have any further questions, feel free to ask.
@mudler what do you think about #2566 ? I also like the idea of no firmware
For anyone who needs firmware and finds this you can install the firmware then remove the things you don't need. I figured this out by booting a system with firmware removed and grepping dmesg for firmware then noting the missing directories and adding them to the code below. This should go into a dockerfile before doing any enki packaging.
# Remove all files in /usr/lib/firmware except the specified ones in mediatek, i915, intel, amd, and their sub-directories
RUN find /usr/lib/firmware \
! -path "/usr/lib/firmware" \
! -path "/usr/lib/firmware/mediatek" \
! -path "/usr/lib/firmware/mediatek/*" \
! -path "/usr/lib/firmware/i915" \
! -path "/usr/lib/firmware/i915/*" \
! -path "/usr/lib/firmware/intel-ucode" \
! -path "/usr/lib/firmware/intel-ucode/*" \
! -path "/usr/lib/firmware/intel" \
! -path "/usr/lib/firmware/intel/*" \
! -path "/usr/lib/firmware/amd" \
! -path "/usr/lib/firmware/amd/*" \
! -path "/usr/lib/firmware/amd-ucode" \
! -path "/usr/lib/firmware/amd-ucode/*" \
! -path "/usr/lib/firmware/mediatek/*MT7922*.bin" \
! -path "/usr/lib/firmware/mediatek/*MT7922*.bin.zst" \
-type f -exec rm -f {} \;
