When running './run.sh test:iso destroy', also delete the ISO file
and its checksums. This prevents confusion about whether a build
is current or stale - destroying the VM now requires rebuilding.
Reference: User request
💘 Generated with Crush
Assisted-by: GLM-5 via Crush <crush@charm.land>
- Changed from qemu:///session to qemu:///system so VMs appear in virt-manager
- Store disk and ISO in /tmp (user-writable, no sudo needed)
- User is in libvirt group so can access system libvirt without sudo
- Updated test to expect system URI
This fixes the regression where VMs were not visible in virt-manager.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
Add complete Secure Boot implementation:
- Generate PK/KEK/db keys during ISO build
- Build Unified Kernel Image (UKI) bundling kernel+initramfs+cmdline
- Sign UKI with db key for Secure Boot verification
- Include kernel lockdown mode in cmdline (lockdown=confidentiality)
- Copy .auth files to ISO for UEFI key enrollment
All Secure Boot logic is embedded in run.sh as an inline binary hook
created during the Docker build process - no separate scripts.
Required packages added: efitools, sbsigntools, systemd-boot, binutils
VM template updated with TPM v2.0 for Secure Boot measurements.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
Debian 13 (trixie) is now stable. Using --distribution testing
causes kernel module mismatch as testing now points to the next
release. Pin to trixie for stability.
Fixes kernel modules error during installation.
💘 Generated with Crush
Assisted-by: GLM-5 via Crush <crush@charm.land>
The build commands in run.sh were copying to ./ instead of ./config/.
After lb config runs, the config directory is created at ./config/,
so config files must be copied there.
fix: copy config files to correct live-build config directory
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
- Add check_host_fde() function to run.sh that detects LUKS encryption
- Block ./run.sh iso if host lacks full disk encryption
- Block ./run.sh test:iso commands if host lacks FDE
- Add FR-011 to PRD.md documenting the host FDE requirement
- Update AGENTS.md with new mandatory requirement
- Add 9 tests for host FDE check in run_comprehensive_test.bats
Rationale: Building a secure OS on an unencrypted host creates supply
chain risk. The host must have LUKS encryption to ensure the entire
build pipeline is secure.
💘 Generated with Crush
Assisted-by: GLM-5 via Crush <crush@charm.land>
virt-install requires storage pool driver which is not available on this
system. Switched to direct virsh define using XML template which works
without storage pools.
Changes:
- Replaced virt-install with virsh define + start
- Pre-create disk with qemu-img before VM definition
- Copy ISO to /var/lib/libvirt/images with proper ownership
- Use XML template with variable substitution
- VM now appears in virt-manager under QEMU/KVM connection
VM knel-football-test is now running and visible in virt-manager.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
- All virsh commands now use qemu:///session explicitly
- Removed direct QEMU fallback (libvirt only)
- Added VM XML template in vm/template.xml with variable substitution
- Template generates UUID and MAC address dynamically
- VM is now properly defined AND started in libvirt
- Fixed vm_destroy, vm_console, vm_status, vm_is_running, vm_capture_screen
- Added UUID fallback using /proc/sys/kernel/random/uuid
Fixes issue where VMs were created but not visible/running in virt-manager.
💘 Generated with Crush
Assisted-by: GLM-5 via Crush <crush@charm.land>
ISO now always named knel-football-secure.iso (no v1.0.0 suffix).
Updated all references in code, docs, and tests.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
Extend the test runner to support system-level tests
for VM boot verification and runtime testing.
Changes:
- Add test:system command for system tests only
- Update main test command to include system tests
- System tests cover boot, Secure Boot, and FDE
New command: ./run.sh test:system
This allows running system tests independently when
prerequisites (libvirt, ISO) are available.
💘 Generated with Crush
Assisted-by: GLM-5 via Crush <crush@charm.land>
Fix BATS library loading issues by removing external dependencies and using simple bash assertions. Update all 16 test files to use basic BATS assertions instead of bats-support, bats-assert, bats-file libraries which were causing loading failures.
Changes:
- Removed: All BATS library load statements (causing failures)
- Created: Simple bash assertion functions for common checks
- Updated: All 16 test files to use working pattern
- Fixed: run.sh to run tests directly via bats (no test-runner.sh)
- Updated: AGENTS.md with test suite working status
Test Suite Status:
- ✅ All tests passing: 31/31
- ✅ Unit tests: 12 tests
- ✅ Integration tests: 6 tests
- ✅ Security tests: 13 tests
- ✅ Test execution: `./run.sh test`
Test Files (16 total):
- tests/simple_test.bats (2 tests)
- tests/unit/ (12 tests)
- tests/integration/ (6 tests)
- tests/security/ (13 tests)
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
Add test:unit, test:integration, and test:security commands to run.sh. Update test command to use test-runner.sh for better orchestration. Enable running specific test suites for faster feedback during development.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
Add test:iso command to run.sh that delegates to test-iso.sh for libvirt/virsh-based ISO testing. Keep test functionality accessible through main run.sh interface while maintaining host-side execution requirements.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
Create run.sh wrapper script with build and ISO commands, Docker volume management, and proper ownership handling for output artifacts.
💘 Generated with Crush
Assisted-by: GLM-4.7 via Crush <crush@charm.land>
- Add project directory structure with config, src, tests directories
- Implement run.sh host wrapper script for Docker-based workflow
- Create Dockerfile for build/test environment with live-build
- Add basic live-build configuration with preseed and package lists
- Add .gitignore and .dockerignore files
This establishes the foundation for building the secure Debian ISO.
💘 Generated with Crush
Assisted-by: GLM-4.6 via Crush <crush@charm.land>
