reanimator/bee
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Fix critical ISO build bugs: kernel pinning, service registration, PATH, audit checks

Browse Source 
- Pin linux-lts to exact KERNEL_PKG_VERSION=6.12.76-r0 in build and ISO package list
- Add build-time verification that compiled kernel version matches pin (fails loudly)
- Fix bee-audit-debug → bee-audit in genapkovl OpenRC registration (service was never starting)
- Add AUDIT_VERSION=0.1.0 to VERSIONS (was undefined, bee-release had empty fields)
- Pin linux-lts-dev version in second apk add in build-nvidia-module.sh
- Add /root/.profile to overlay so /usr/local/bin is in PATH for SSH sessions
- Remove "DEBUG MODE" from motd
- Fix smoketest: grep for slog "audit output written" instead of non-existent "audit completed"
- Document no-internet constraint in system-overview and runtime-flows
- Remove redundant genapkovl copy to /var/tmp (now found via ~/.mkimage/)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Mikhail Chusavitin
2026-03-07 10:52:54 +03:00
parent 493ccea415
commit ffc7e5c71a
10 changed files with 73 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
iso/builder/smoketest.sh
View File

@@ -126,20 +126,30 @@ fi
echo ""
echo "-- audit last run --"
# audit binary logs via slog to stderr (bee-audit.log); JSON output goes to bee-audit.json.
# slog format: time=... level=INFO msg="audit output written" path=...
if [ -f /var/log/bee-audit.json ] && [ -s /var/log/bee-audit.json ]; then
ok "audit: bee-audit.json present and non-empty"
info "size: $(du -sh /var/log/bee-audit.json | cut -f1)"
else
fail "audit: bee-audit.json missing or empty"
fi
if [ -f /var/log/bee-audit.log ]; then
last_line=$(tail -1 /var/log/bee-audit.log)
info "last log line: $last_line"
if grep -q "audit completed" /var/log/bee-audit.log 2>/dev/null; then
# slog writes: msg="audit output written" on success
if grep -q "audit output written" /var/log/bee-audit.log 2>/dev/null; then
ok "audit: completed successfully"
elif grep -q "audit started" /var/log/bee-audit.log 2>/dev/null; then
warn "audit: started but may not have completed"
else
warn "audit: 'audit output written' not found in log — may have failed"
fi
# check for nvidia enrichment
if grep -q "nvidia: enrichment skipped" /var/log/bee-audit.log 2>/dev/null; then
reason=$(grep "nvidia: enrichment skipped" /var/log/bee-audit.log | tail -1)
# check for nvidia enrichment skip (slog message from nvidia collector)
if grep -q "nvidia: enrichment skipped\|nvidia.*skipped\|enrichment skipped" /var/log/bee-audit.log 2>/dev/null; then
reason=$(grep -E "nvidia.*skipped|enrichment skipped" /var/log/bee-audit.log | tail -1)
fail "audit: nvidia enrichment skipped — $reason"
else
ok "audit: nvidia enrichment OK"
ok "audit: nvidia enrichment OK (no skip message)"
fi
else
warn "audit: no log found at /var/log/bee-audit.log"