From b1d66d258dca8edd6afdcccb3dd735a823cdd15f Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Wed, 9 Oct 2024 23:01:58 +0900
Subject: [PATCH 1/2] alpine: sshd: enable PAM

So as to load `/etc/environment` via `pam_env`.

This has been already applied to alpine-lima ISO via `genapkovl-lima.sh`.
https://github.com/lima-vm/alpine-lima/blob/v0.2.39/genapkovl-lima.sh#L95

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 pkg/cidata/cidata.TEMPLATE.d/boot/10-alpine-prep.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkg/cidata/cidata.TEMPLATE.d/boot/10-alpine-prep.sh b/pkg/cidata/cidata.TEMPLATE.d/boot/10-alpine-prep.sh
index 051e9d5e72a4..606f5d6ca3e8 100644
--- a/pkg/cidata/cidata.TEMPLATE.d/boot/10-alpine-prep.sh
+++ b/pkg/cidata/cidata.TEMPLATE.d/boot/10-alpine-prep.sh
@@ -29,6 +29,8 @@ usermod -p '*' "${LIMA_CIDATA_USER}"
 
 # Alpine disables TCP forwarding, which is needed by the lima-guestagent
 sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/g' /etc/ssh/sshd_config
+# Enable PAM so as to load /etc/environment via pam_env
+sed -i 's/#UsePAM no/UsePAM yes/g' /etc/ssh/sshd_config
 rc-service --ifstarted sshd reload
 
 # mount /sys/fs/cgroup

From f70b3d36582cbf4db2d3f5d1f2911fbec0907dcc Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Wed, 9 Oct 2024 14:49:03 +0900
Subject: [PATCH 2/2] templates: replace `alpine` with `alpine-image`

The old ISO9660-based `alpine` template is still available as `alpine-iso`.

Fix issue 2366
Fix issue 2386

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 .github/workflows/test.yml                    |  2 +-
 examples/README.md                            |  1 +
 examples/alpine-image.yaml                    | 17 ---------------
 examples/alpine-iso.yaml                      | 21 +++++++++++++++++++
 examples/alpine.yaml                          | 12 ++++-------
 hack/calculate-cache.sh                       |  2 +-
 hack/test-templates.sh                        |  6 +++---
 ...table.yaml => alpine-iso-9p-writable.yaml} |  0
 8 files changed, 31 insertions(+), 30 deletions(-)
 delete mode 100644 examples/alpine-image.yaml
 create mode 100644 examples/alpine-iso.yaml
 rename hack/test-templates/{alpine-9p-writable.yaml => alpine-iso-9p-writable.yaml} (100%)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 21023a39d4eb..4fbf19c81d01 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -226,7 +226,7 @@ jobs:
         - experimental/net-user-v2.yaml
         - experimental/9p.yaml
         - docker.yaml
-        - ../hack/test-templates/alpine-9p-writable.yaml
+        - ../hack/test-templates/alpine-iso-9p-writable.yaml  # Covers alpine-iso.yaml
         - ../hack/test-templates/test-misc.yaml
     steps:
     - uses: actions/checkout@v4
diff --git a/examples/README.md b/examples/README.md
index aa1b5ecb12e2..1dbe113cc46c 100644
--- a/examples/README.md
+++ b/examples/README.md
@@ -14,6 +14,7 @@ Distro:
 - [`almalinux-8`](./almalinux-8.yaml): AlmaLinux 8
 - [`almalinux-9`](./almalinux-9.yaml), `almalinux.yaml`: AlmaLinux 9
 - [`alpine`](./alpine.yaml): ☆Alpine Linux
+- [`alpine-iso`](./alpine-iso.yaml): ☆Alpine Linux (ISO9660 image). Compatible with the `alpine` template used in Lima prior to v1.0.
 - [`archlinux`](./archlinux.yaml): ⭐Arch Linux
 - [`centos-stream-9`](./centos-stream-9.yaml), `centos-stream.yaml`: CentOS Stream 9
 - [`debian-11`](./debian-11.yaml): Debian GNU/Linux 11(bullseye)
diff --git a/examples/alpine-image.yaml b/examples/alpine-image.yaml
deleted file mode 100644
index 658535a04f66..000000000000
--- a/examples/alpine-image.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-images:
-- location: "https://dl-cdn.alpinelinux.org/alpine/v3.20/releases/cloud/nocloud_alpine-3.20.2-x86_64-uefi-cloudinit-r0.qcow2"
-  arch: "x86_64"
-  digest: "sha512:5828254c27c948824c4c6d4fb88c4d96ee9b5b58ae455036b1571bb037a5b5de124e1d55f00386b9e711cef7771146278bd5eb1036a2f8db6fa34611393ebec1"
-- location: "https://dl-cdn.alpinelinux.org/alpine/v3.20/releases/cloud/nocloud_alpine-3.20.2-aarch64-uefi-cloudinit-r0.qcow2"
-  arch: "aarch64"
-  digest: "sha512:76eeef3cb1b38b3a0c2e745d8108558645220355cd870cba3a88198bcd0036485a0a683d8469f8405251918e972d24c461d418a30112e92efe44b460e4cba7ba"
-
-mounts:
-- location: "~"
-- location: "/tmp/lima"
-  writable: true
-
-# The built-in containerd installer does not support Alpine currently.
-containerd:
-  system: false
-  user: false
diff --git a/examples/alpine-iso.yaml b/examples/alpine-iso.yaml
new file mode 100644
index 000000000000..68e6629efd34
--- /dev/null
+++ b/examples/alpine-iso.yaml
@@ -0,0 +1,21 @@
+# This template requires Lima v0.7.0 or later.
+# Using the Alpine 3.20 aarch64 image with vmType=vz requires macOS Ventura 13.3 or later.
+
+images:
+- location: "https://github.com/lima-vm/alpine-lima/releases/download/v0.2.39/alpine-lima-std-3.20.0-x86_64.iso"
+  arch: "x86_64"
+  digest: "sha512:df013ba0666460c9e303e996e46e061e613ce546124a9de60060041874c702444ac7a90e67f1aed4756b85cc89d40c5ea4375dea62c98b9536ceb44f18874b67"
+- location: "https://github.com/lima-vm/alpine-lima/releases/download/v0.2.39/alpine-lima-std-3.20.0-aarch64.iso"
+  arch: "aarch64"
+  digest: "sha512:7ff023e354bbf78eaf44f32a5417bec3ca2af853691e4c64ee4aa819674acd22720897ce9f23e3e959679a72e8300a31f5c6aa12be1c3d8ae7eff3c25b8b5e36"
+
+mounts:
+- location: "~"
+- location: "/tmp/lima"
+  writable: true
+
+# The built-in containerd installer does not support Alpine currently.
+# Hint: use the "rd" ISO instead of the "std" ISO to enable containerd: https://github.com/lima-vm/alpine-lima/releases/
+containerd:
+  system: false
+  user: false
diff --git a/examples/alpine.yaml b/examples/alpine.yaml
index 68e6629efd34..658535a04f66 100644
--- a/examples/alpine.yaml
+++ b/examples/alpine.yaml
@@ -1,13 +1,10 @@
-# This template requires Lima v0.7.0 or later.
-# Using the Alpine 3.20 aarch64 image with vmType=vz requires macOS Ventura 13.3 or later.
-
 images:
-- location: "https://github.com/lima-vm/alpine-lima/releases/download/v0.2.39/alpine-lima-std-3.20.0-x86_64.iso"
+- location: "https://dl-cdn.alpinelinux.org/alpine/v3.20/releases/cloud/nocloud_alpine-3.20.2-x86_64-uefi-cloudinit-r0.qcow2"
   arch: "x86_64"
-  digest: "sha512:df013ba0666460c9e303e996e46e061e613ce546124a9de60060041874c702444ac7a90e67f1aed4756b85cc89d40c5ea4375dea62c98b9536ceb44f18874b67"
-- location: "https://github.com/lima-vm/alpine-lima/releases/download/v0.2.39/alpine-lima-std-3.20.0-aarch64.iso"
+  digest: "sha512:5828254c27c948824c4c6d4fb88c4d96ee9b5b58ae455036b1571bb037a5b5de124e1d55f00386b9e711cef7771146278bd5eb1036a2f8db6fa34611393ebec1"
+- location: "https://dl-cdn.alpinelinux.org/alpine/v3.20/releases/cloud/nocloud_alpine-3.20.2-aarch64-uefi-cloudinit-r0.qcow2"
   arch: "aarch64"
-  digest: "sha512:7ff023e354bbf78eaf44f32a5417bec3ca2af853691e4c64ee4aa819674acd22720897ce9f23e3e959679a72e8300a31f5c6aa12be1c3d8ae7eff3c25b8b5e36"
+  digest: "sha512:76eeef3cb1b38b3a0c2e745d8108558645220355cd870cba3a88198bcd0036485a0a683d8469f8405251918e972d24c461d418a30112e92efe44b460e4cba7ba"
 
 mounts:
 - location: "~"
@@ -15,7 +12,6 @@ mounts:
   writable: true
 
 # The built-in containerd installer does not support Alpine currently.
-# Hint: use the "rd" ISO instead of the "std" ISO to enable containerd: https://github.com/lima-vm/alpine-lima/releases/
 containerd:
   system: false
   user: false
diff --git a/hack/calculate-cache.sh b/hack/calculate-cache.sh
index 1d1a89e95551..a87af6bc6b41 100755
--- a/hack/calculate-cache.sh
+++ b/hack/calculate-cache.sh
@@ -69,7 +69,7 @@ export LIMA_HOME
 # ubuntu-24.04    templates/experimental/net-user-v2.yaml
 # ubuntu-24.04    templates/experimental/9p.yaml
 # ubuntu-24.04    templates/docker.yaml
-# ubuntu-24.04    templates/../hack/test-templates/alpine-9p-writable.yaml
+# ubuntu-24.04    templates/../hack/test-templates/alpine-iso-9p-writable.yaml
 # ubuntu-24.04    templates/../hack/test-templates/test-misc.yaml
 # macos-12        templates/vmnet.yaml
 # macos-12        https://raw.githubusercontent.com/lima-vm/lima/v0.15.1/examples/ubuntu-lts.yaml
diff --git a/hack/test-templates.sh b/hack/test-templates.sh
index e36eafe8a6e0..3e3aa25b0cac 100755
--- a/hack/test-templates.sh
+++ b/hack/test-templates.sh
@@ -44,7 +44,7 @@ case "$NAME" in
 	WARNING "Alpine does not support systemd"
 	CHECKS["systemd"]=
 	CHECKS["container-engine"]=
-	[ "$NAME" = "alpine-9p-writable" ] && CHECKS["mount-path-with-spaces"]="1"
+	[ "$NAME" = "alpine-iso-9p-writable" ] && CHECKS["mount-path-with-spaces"]="1"
 	;;
 "k3s")
 	ERROR "File \"$FILE\" is not testable with this script"
@@ -269,7 +269,7 @@ if [[ -n ${CHECKS["port-forwards"]} ]]; then
 	fi
 	"${scriptdir}/test-port-forwarding.pl" "${NAME}"
 
-	if [[ -n ${CHECKS["container-engine"]} || ${NAME} == "alpine" ]]; then
+	if [[ -n ${CHECKS["container-engine"]} || ${NAME} == "alpine"* ]]; then
 		INFO "Testing that \"${CONTAINER_ENGINE} run\" binds to 0.0.0.0 by default and is forwarded to the host"
 		if [ "$(uname)" = "Darwin" ]; then
 			# macOS runners seem to use `localhost` as the hostname, so the perl lookup just returns `127.0.0.1`
@@ -279,7 +279,7 @@ if [[ -n ${CHECKS["port-forwards"]} ]]; then
 		fi
 		if [ -n "${hostip}" ]; then
 			sudo=""
-			if [ "${NAME}" = "alpine" ]; then
+			if [[ ${NAME} == "alpine"* ]]; then
 				arch=$(limactl info | jq -r .defaultTemplate.arch)
 				nerdctl=$(limactl info | jq -r ".defaultTemplate.containerd.archives[] | select(.arch==\"$arch\").location")
 				curl -Lso nerdctl-full.tgz "${nerdctl}"
diff --git a/hack/test-templates/alpine-9p-writable.yaml b/hack/test-templates/alpine-iso-9p-writable.yaml
similarity index 100%
rename from hack/test-templates/alpine-9p-writable.yaml
rename to hack/test-templates/alpine-iso-9p-writable.yaml