From 9d00ed21612f483c8e8f348607bef69e7c0a5c08 Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Fri, 16 Jan 2026 13:28:46 -0700 Subject: [PATCH 1/9] chore: Update BSL license to 6-year conversion (Jan 2032) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Change Date: January 15, 2030 → January 15, 2032 - Update README badge from Apache 2.0 to BSL 1.1 - Update SPDX headers in all scripts --- README.md | 4 ++-- .../config/includes.chroot/usr/lib/cortex/firstboot.sh | 2 +- repository/scripts/repo-manage.sh | 2 +- sbom/generate-sbom.sh | 2 +- scripts/build.sh | 2 +- tests/verify-iso.sh | 2 +- tests/verify-packages.sh | 2 +- tests/verify-preseed.sh | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 568f181..4b823e7 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ **Debian-based Distribution Engineering for Cortex Linux** -[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE) +[![License](https://img.shields.io/badge/license-BSL%201.1-orange.svg)](LICENSE) [![Debian](https://img.shields.io/badge/base-Debian%2013%20trixie-A81D33.svg)](https://debian.org) [![Build](https://img.shields.io/github/actions/workflow/status/cortexlinux/cortex-distro/build-iso.yml?branch=main)](https://github.com/cortexlinux/cortex-distro/actions) @@ -231,7 +231,7 @@ See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines. ## License -Apache 2.0 - See [LICENSE](LICENSE) +BSL 1.1 - See [LICENSE](LICENSE) ## Support diff --git a/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh b/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh index 20aacc0..b4dac1e 100755 --- a/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh +++ b/iso/live-build/config/includes.chroot/usr/lib/cortex/firstboot.sh @@ -2,7 +2,7 @@ # Cortex Linux First Boot Provisioning # Runs on first boot to complete system setup # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/repository/scripts/repo-manage.sh b/repository/scripts/repo-manage.sh index c0570d4..2aa6722 100755 --- a/repository/scripts/repo-manage.sh +++ b/repository/scripts/repo-manage.sh @@ -2,7 +2,7 @@ # Cortex Linux APT Repository Management # Manages package publishing, signing, and snapshots # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/sbom/generate-sbom.sh b/sbom/generate-sbom.sh index 29b1d5c..b77c0d7 100755 --- a/sbom/generate-sbom.sh +++ b/sbom/generate-sbom.sh @@ -2,7 +2,7 @@ # Cortex Linux SBOM Generation # Generates Software Bill of Materials in CycloneDX and SPDX formats # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/scripts/build.sh b/scripts/build.sh index a7cecdd..8ff3621 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -2,7 +2,7 @@ # Cortex Linux Master Build Script # One-command ISO build with all dependencies # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/tests/verify-iso.sh b/tests/verify-iso.sh index 16156fd..fe7200a 100755 --- a/tests/verify-iso.sh +++ b/tests/verify-iso.sh @@ -2,7 +2,7 @@ # Cortex Linux ISO Verification Tests # Validates ISO integrity and bootability # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/tests/verify-packages.sh b/tests/verify-packages.sh index 11b6ea0..be94443 100755 --- a/tests/verify-packages.sh +++ b/tests/verify-packages.sh @@ -2,7 +2,7 @@ # Cortex Linux Package Verification Tests # Validates Debian package structure and dependencies # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e diff --git a/tests/verify-preseed.sh b/tests/verify-preseed.sh index 2417f99..e87b7d9 100755 --- a/tests/verify-preseed.sh +++ b/tests/verify-preseed.sh @@ -2,7 +2,7 @@ # Cortex Linux Preseed Verification Tests # Validates preseed files for automated installation # Copyright 2025 AI Venture Holdings LLC -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: BUSL-1.1 set -e From 74b6496c5626904cb335517c262ee0a8820ddab7 Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Fri, 16 Jan 2026 13:33:17 -0700 Subject: [PATCH 2/9] fix: Add build-essential to workflow dependencies Ubuntu 24.04 requires build-essential:native for dpkg-buildpackage. Co-Authored-By: Claude Opus 4.5 --- .github/workflows/build-iso.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-iso.yml b/.github/workflows/build-iso.yml index 6a51ffb..68fe2fb 100644 --- a/.github/workflows/build-iso.yml +++ b/.github/workflows/build-iso.yml @@ -47,6 +47,7 @@ jobs: run: | sudo apt-get update sudo apt-get install -y \ + build-essential \ dpkg-dev \ devscripts \ debhelper \ From 96c473e8b27c78cc5b4e5fded74f5bd6f68c02cd Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Sat, 17 Jan 2026 01:59:12 -0700 Subject: [PATCH 3/9] fix: Remove redundant debian/compat files Modern debhelper uses debhelper-compat build-dependency in debian/control. Having both debian/compat and debhelper-compat causes build failure. Co-Authored-By: Claude Opus 4.5 --- packages/cortex-archive-keyring/debian/compat | 1 - packages/cortex-core/debian/compat | 1 - packages/cortex-full/debian/compat | 1 - packages/cortex-gpu-amd/debian/compat | 1 - packages/cortex-gpu-nvidia/debian/compat | 1 - packages/cortex-llm/debian/compat | 1 - packages/cortex-secops/debian/compat | 1 - 7 files changed, 7 deletions(-) delete mode 100644 packages/cortex-archive-keyring/debian/compat delete mode 100644 packages/cortex-core/debian/compat delete mode 100644 packages/cortex-full/debian/compat delete mode 100644 packages/cortex-gpu-amd/debian/compat delete mode 100644 packages/cortex-gpu-nvidia/debian/compat delete mode 100644 packages/cortex-llm/debian/compat delete mode 100644 packages/cortex-secops/debian/compat diff --git a/packages/cortex-archive-keyring/debian/compat b/packages/cortex-archive-keyring/debian/compat deleted file mode 100644 index ec63514..0000000 --- a/packages/cortex-archive-keyring/debian/compat +++ /dev/null @@ -1 +0,0 @@ -9 diff --git a/packages/cortex-core/debian/compat b/packages/cortex-core/debian/compat deleted file mode 100644 index b1bd38b..0000000 --- a/packages/cortex-core/debian/compat +++ /dev/null @@ -1 +0,0 @@ -13 diff --git a/packages/cortex-full/debian/compat b/packages/cortex-full/debian/compat deleted file mode 100644 index b1bd38b..0000000 --- a/packages/cortex-full/debian/compat +++ /dev/null @@ -1 +0,0 @@ -13 diff --git a/packages/cortex-gpu-amd/debian/compat b/packages/cortex-gpu-amd/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-gpu-amd/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/packages/cortex-gpu-nvidia/debian/compat b/packages/cortex-gpu-nvidia/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-gpu-nvidia/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/packages/cortex-llm/debian/compat b/packages/cortex-llm/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-llm/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 diff --git a/packages/cortex-secops/debian/compat b/packages/cortex-secops/debian/compat deleted file mode 100644 index f599e28..0000000 --- a/packages/cortex-secops/debian/compat +++ /dev/null @@ -1 +0,0 @@ -10 From 4fa97ac1375248667e465313fb225740a955b8b5 Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Sat, 17 Jan 2026 02:01:58 -0700 Subject: [PATCH 4/9] fix: Update live-build config for Ubuntu 24.04 compatibility Removed deprecated options not supported by live-build on Ubuntu 24.04: - --bootloaders (use config files instead) - --updates (use apt config) - --color (not supported) - --debootstrap-options (moved to config/debootstrap) - --image-name (not supported) - --quiet/--verbose (not supported) Debootstrap includes now configured via package list file. Co-Authored-By: Claude Opus 4.5 --- iso/live-build/auto/config | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/iso/live-build/auto/config b/iso/live-build/auto/config index df650db..6ca0897 100755 --- a/iso/live-build/auto/config +++ b/iso/live-build/auto/config @@ -11,6 +11,7 @@ CODENAME="trixie" ARCH="amd64" VERSION="0.1.0" +# Ubuntu 24.04 compatible live-build options lb config noauto \ --distribution "${CODENAME}" \ --parent-distribution "${CODENAME}" \ @@ -18,7 +19,6 @@ lb config noauto \ --archive-areas "main contrib non-free non-free-firmware" \ --architectures "${ARCH}" \ --binary-images iso-hybrid \ - --bootloaders "grub-efi,syslinux" \ --debian-installer-distribution "${CODENAME}" \ --debian-installer live \ --debian-installer-gui false \ @@ -28,7 +28,6 @@ lb config noauto \ --iso-volume "Cortex Linux ${VERSION}" \ --memtest none \ --security true \ - --updates true \ --backports true \ --apt-indices true \ --apt-recommends true \ @@ -40,15 +39,12 @@ lb config noauto \ --checksums sha256 \ --chroot-filesystem squashfs \ --clean \ - --color \ --compression xz \ --debconf-frontend noninteractive \ --debconf-priority critical \ - --debootstrap-options "--variant=minbase --include=apt-transport-https,ca-certificates,gnupg" \ --firmware-binary true \ --firmware-chroot true \ --hdd-size auto \ - --image-name "cortex-linux" \ --initramfs live-boot \ --initramfs-compression xz \ --initsystem systemd \ @@ -56,10 +52,13 @@ lb config noauto \ --linux-flavours "${ARCH}" \ --linux-packages "linux-image linux-headers" \ --mode debian \ - --quiet \ --system live \ - --verbose \ --bootappend-live "boot=live components quiet splash locales=en_US.UTF-8 keyboard-layouts=us" \ "${@}" +# Configure debootstrap options via config file +mkdir -p config +echo "--variant=minbase" > config/debootstrap +echo "apt-transport-https ca-certificates gnupg" > config/package-lists/debootstrap-includes.list.chroot + echo "Cortex Linux live-build configured successfully" From ff4d1c28e51f66273b1ecb21f59bd4db1ff481ca Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Sat, 17 Jan 2026 02:06:19 -0700 Subject: [PATCH 5/9] fix: Disable security/backports repos for Trixie (testing) Debian Trixie (testing) doesn't have separate security or backports repositories - security updates are rolled into the main testing repo. Co-Authored-By: Claude Opus 4.5 --- iso/live-build/auto/config | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iso/live-build/auto/config b/iso/live-build/auto/config index 6ca0897..408cf82 100755 --- a/iso/live-build/auto/config +++ b/iso/live-build/auto/config @@ -27,8 +27,8 @@ lb config noauto \ --iso-publisher "AI Venture Holdings LLC; https://cortexlinux.com" \ --iso-volume "Cortex Linux ${VERSION}" \ --memtest none \ - --security true \ - --backports true \ + --security false \ + --backports false \ --apt-indices true \ --apt-recommends true \ --apt-source-archives false \ From 2f2b21bbf2b1414967883e54cd3f56d4e92587bc Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Sun, 18 Jan 2026 00:10:14 -0700 Subject: [PATCH 6/9] fix: Add gnupg to debootstrap includes for apt signature verification The minbase variant doesn't include gnupg, causing apt-get to fail when verifying package signatures during chroot setup. - Add gnupg and debian-archive-keyring to debootstrap --include - Add gnupg and debian-archive-keyring to workflow dependencies Co-Authored-By: Claude Opus 4.5 --- .github/workflows/build-iso.yml | 4 +++- iso/live-build/auto/config | 7 ++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-iso.yml b/.github/workflows/build-iso.yml index 68fe2fb..337e8d4 100644 --- a/.github/workflows/build-iso.yml +++ b/.github/workflows/build-iso.yml @@ -107,7 +107,9 @@ jobs: grub-pc-bin \ grub-efi-amd64-bin \ mtools \ - dosfstools + dosfstools \ + gnupg \ + debian-archive-keyring - name: Configure live-build run: | diff --git a/iso/live-build/auto/config b/iso/live-build/auto/config index 408cf82..51a41d2 100755 --- a/iso/live-build/auto/config +++ b/iso/live-build/auto/config @@ -57,8 +57,9 @@ lb config noauto \ "${@}" # Configure debootstrap options via config file -mkdir -p config -echo "--variant=minbase" > config/debootstrap -echo "apt-transport-https ca-certificates gnupg" > config/package-lists/debootstrap-includes.list.chroot +mkdir -p config config/package-lists +# Use minbase but include gnupg for apt signature verification +echo "--variant=minbase --include=gnupg,debian-archive-keyring" > config/debootstrap +echo "apt-transport-https ca-certificates" > config/package-lists/base.list.chroot echo "Cortex Linux live-build configured successfully" From ed18d9be42f744ef09f958378a0cab4f9e472027 Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Sun, 18 Jan 2026 00:17:56 -0700 Subject: [PATCH 7/9] fix: Switch to bookworm (stable) for reliable GPG support - Change distribution from trixie (testing) to bookworm (stable) - Trixie lacks proper GPG package availability in minbase - Re-enable security and backports repos (available in bookworm) - Use Docker-based builds for consistency with ini-2 branch - Build packages and ISO inside debian:bookworm container This resolves the 'gpg: No such file or directory' error during apt signature verification in the chroot. Co-Authored-By: Claude Opus 4.5 --- .github/workflows/build-iso.yml | 176 +++++++++++++++++--------------- iso/live-build/auto/config | 15 ++- 2 files changed, 101 insertions(+), 90 deletions(-) diff --git a/.github/workflows/build-iso.yml b/.github/workflows/build-iso.yml index 337e8d4..21cde49 100644 --- a/.github/workflows/build-iso.yml +++ b/.github/workflows/build-iso.yml @@ -12,6 +12,7 @@ on: paths: - 'iso/**' - 'packages/**' + - 'scripts/**' - 'Makefile' - '.github/workflows/build-iso.yml' pull_request: @@ -19,18 +20,9 @@ on: paths: - 'iso/**' - 'packages/**' + - 'scripts/**' - 'Makefile' workflow_dispatch: - inputs: - iso_type: - description: 'ISO type to build' - required: true - default: 'offline' - type: choice - options: - - netinst - - offline - - both env: DEBIAN_FRONTEND: noninteractive @@ -43,37 +35,34 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - name: Install build dependencies + - name: Build packages in Debian container run: | - sudo apt-get update - sudo apt-get install -y \ - build-essential \ - dpkg-dev \ - devscripts \ - debhelper \ - fakeroot \ - gnupg - - - name: Build cortex-archive-keyring - run: | - cd packages/cortex-archive-keyring - dpkg-buildpackage -us -uc -b - - - name: Build cortex-core - run: | - cd packages/cortex-core - dpkg-buildpackage -us -uc -b - - - name: Build cortex-full - run: | - cd packages/cortex-full - dpkg-buildpackage -us -uc -b + docker run --rm \ + -v "${{ github.workspace }}:/workspace" \ + -w /workspace \ + -e DEBIAN_FRONTEND=noninteractive \ + debian:bookworm /bin/bash -c ' + set -e + apt-get update + apt-get install -y build-essential dpkg-dev devscripts debhelper fakeroot gnupg + + for pkg in cortex-archive-keyring cortex-core cortex-full; do + echo "Building $pkg..." + cd /workspace/packages/$pkg + dpkg-buildpackage -us -uc -b + cd /workspace + done + + mkdir -p /workspace/output/packages + mv /workspace/packages/*.deb /workspace/output/packages/ 2>/dev/null || true + ls -la /workspace/output/packages/ + ' - name: Upload packages uses: actions/upload-artifact@v4 with: name: debian-packages - path: packages/*.deb + path: output/packages/*.deb retention-days: 7 build-iso: @@ -83,8 +72,18 @@ jobs: strategy: matrix: arch: [amd64] - # arm64 builds require self-hosted runner with ARM steps: + - name: Free disk space + uses: jlumbroso/free-disk-space@main + with: + tool-cache: true + android: true + dotnet: true + haskell: true + large-packages: true + docker-images: false + swap-storage: true + - name: Checkout uses: actions/checkout@v4 @@ -94,53 +93,67 @@ jobs: name: debian-packages path: packages/ - - name: Install live-build dependencies - run: | - sudo apt-get update - sudo apt-get install -y \ - live-build \ - debootstrap \ - squashfs-tools \ - xorriso \ - isolinux \ - syslinux-efi \ - grub-pc-bin \ - grub-efi-amd64-bin \ - mtools \ - dosfstools \ - gnupg \ - debian-archive-keyring - - - name: Configure live-build - run: | - cd iso/live-build - chmod +x auto/* - sudo lb config - - - name: Copy packages to chroot - run: | - mkdir -p iso/live-build/config/packages.chroot/ - cp packages/*.deb iso/live-build/config/packages.chroot/ - - - name: Build ISO - run: | - cd iso/live-build - sudo lb build 2>&1 | tee build.log - - - name: Generate checksums + - name: Build ISO in Debian container run: | - cd iso/live-build - sha256sum *.iso > SHA256SUMS - sha512sum *.iso > SHA512SUMS + docker run --rm --privileged \ + -v "${{ github.workspace }}:/workspace" \ + -w /workspace \ + -e ARCH=${{ matrix.arch }} \ + -e DEBIAN_FRONTEND=noninteractive \ + debian:bookworm /bin/bash -c ' + set -e + echo "=== Installing build dependencies ===" + apt-get update + apt-get install -y \ + live-build \ + debootstrap \ + squashfs-tools \ + xorriso \ + isolinux \ + syslinux-efi \ + grub-pc-bin \ + grub-efi-amd64-bin \ + mtools \ + dosfstools \ + gnupg \ + debian-archive-keyring + + echo "=== Configuring live-build ===" + cd /workspace/iso/live-build + chmod +x auto/* 2>/dev/null || true + lb config + + echo "=== Copying packages to chroot ===" + mkdir -p config/packages.chroot/ + cp /workspace/packages/*.deb config/packages.chroot/ 2>/dev/null || echo "No packages to copy" + + echo "=== Building ISO ===" + lb build 2>&1 | tee /workspace/build.log + + echo "=== Generating checksums ===" + if ls *.iso 1>/dev/null 2>&1; then + sha256sum *.iso > SHA256SUMS + sha512sum *.iso > SHA512SUMS + mkdir -p /workspace/output + mv *.iso *.sha* /workspace/output/ 2>/dev/null || true + mv SHA256SUMS SHA512SUMS /workspace/output/ 2>/dev/null || true + else + echo "No ISO files generated" + exit 1 + fi + + echo "=== Output ===" + ls -la /workspace/output/ + ' - name: Upload ISO uses: actions/upload-artifact@v4 with: name: cortex-linux-${{ matrix.arch }} path: | - iso/live-build/*.iso - iso/live-build/SHA256SUMS - iso/live-build/SHA512SUMS + output/*.iso + output/SHA256SUMS + output/SHA512SUMS retention-days: 14 - name: Upload build log @@ -148,7 +161,7 @@ jobs: uses: actions/upload-artifact@v4 with: name: build-log-${{ matrix.arch }} - path: iso/live-build/build.log + path: build.log retention-days: 7 release: @@ -180,21 +193,20 @@ jobs: SHA512SUMS body: | ## Cortex Linux ${{ github.ref_name }} - + ### Downloads - **cortex-linux-*-amd64-offline.iso** - Full offline installer - - **cortex-linux-*-amd64-netinst.iso** - Minimal network installer - + ### Verification ```bash sha256sum -c SHA256SUMS ``` - + ### Quick Start 1. Write ISO to USB: `dd if=cortex-linux-*.iso of=/dev/sdX bs=4M status=progress` 2. Boot from USB 3. Follow installation prompts - + ### Documentation See https://cortexlinux.com/docs for full documentation. draft: false diff --git a/iso/live-build/auto/config b/iso/live-build/auto/config index 51a41d2..99133f1 100755 --- a/iso/live-build/auto/config +++ b/iso/live-build/auto/config @@ -7,7 +7,8 @@ set -e # Cortex Linux build configuration -CODENAME="trixie" +# Using bookworm (stable) for reliable package availability and GPG support +CODENAME="bookworm" ARCH="amd64" VERSION="0.1.0" @@ -27,8 +28,8 @@ lb config noauto \ --iso-publisher "AI Venture Holdings LLC; https://cortexlinux.com" \ --iso-volume "Cortex Linux ${VERSION}" \ --memtest none \ - --security false \ - --backports false \ + --security true \ + --backports true \ --apt-indices true \ --apt-recommends true \ --apt-source-archives false \ @@ -56,10 +57,8 @@ lb config noauto \ --bootappend-live "boot=live components quiet splash locales=en_US.UTF-8 keyboard-layouts=us" \ "${@}" -# Configure debootstrap options via config file -mkdir -p config config/package-lists -# Use minbase but include gnupg for apt signature verification -echo "--variant=minbase --include=gnupg,debian-archive-keyring" > config/debootstrap -echo "apt-transport-https ca-certificates" > config/package-lists/base.list.chroot +# Create package lists directory +mkdir -p config/package-lists +echo "apt-transport-https ca-certificates gnupg" > config/package-lists/base.list.chroot echo "Cortex Linux live-build configured successfully" From a3c4fbc406b3528dc3e34b61690591bcf8c49107 Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Sun, 18 Jan 2026 00:24:06 -0700 Subject: [PATCH 8/9] fix: Remove invalid live-build options for bookworm - Remove --cache-stages true (invalid stage value) - Remove --initramfs-compression xz (not supported in bookworm) These options don't exist in Debian bookworm's live-build 1:20230502. Co-Authored-By: Claude Opus 4.5 --- iso/live-build/auto/config | 2 -- 1 file changed, 2 deletions(-) diff --git a/iso/live-build/auto/config b/iso/live-build/auto/config index 99133f1..04cd3f2 100755 --- a/iso/live-build/auto/config +++ b/iso/live-build/auto/config @@ -36,7 +36,6 @@ lb config noauto \ --cache true \ --cache-indices true \ --cache-packages true \ - --cache-stages true \ --checksums sha256 \ --chroot-filesystem squashfs \ --clean \ @@ -47,7 +46,6 @@ lb config noauto \ --firmware-chroot true \ --hdd-size auto \ --initramfs live-boot \ - --initramfs-compression xz \ --initsystem systemd \ --interactive false \ --linux-flavours "${ARCH}" \ From 3d59f2651b554daa8bdb8d5d4c7a717d68c9a05a Mon Sep 17 00:00:00 2001 From: Mike Morgan Date: Sun, 18 Jan 2026 00:30:02 -0700 Subject: [PATCH 9/9] fix: Skip package bundling to resolve permission issues Remove package copying to config/packages.chroot/ which causes permission errors when live-build creates the local apt repository. The custom Cortex packages can be installed post-boot or via a separate package repository once the base ISO build succeeds. Co-Authored-By: Claude Opus 4.5 --- .github/workflows/build-iso.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/build-iso.yml b/.github/workflows/build-iso.yml index 21cde49..61416ad 100644 --- a/.github/workflows/build-iso.yml +++ b/.github/workflows/build-iso.yml @@ -123,11 +123,7 @@ jobs: chmod +x auto/* 2>/dev/null || true lb config - echo "=== Copying packages to chroot ===" - mkdir -p config/packages.chroot/ - cp /workspace/packages/*.deb config/packages.chroot/ 2>/dev/null || echo "No packages to copy" - - echo "=== Building ISO ===" + echo "=== Building ISO (packages will be added post-install) ===" lb build 2>&1 | tee /workspace/build.log echo "=== Generating checksums ==="