2021-01-03 18:05:06 +03:00
# SPDX-License-Identifier: LGPL-2.1-or-later
2023-11-28 20:38:22 +03:00
[Config]
2024-04-14 20:53:09 +03:00
MinimumVersion=23~devel
2024-07-08 13:59:52 +03:00
InitrdInclude=mkosi.initrd/
2023-09-09 11:20:01 +03:00
2021-01-03 18:05:06 +03:00
[Output]
2024-07-08 13:59:52 +03:00
RepartDirectories=mkosi.repart
OutputDirectory=build/mkosi.output
BuildDirectory=build/mkosi.builddir
CacheDirectory=build/mkosi.cache
2023-07-14 15:52:58 +03:00
[Content]
2024-07-08 13:59:52 +03:00
SELinuxRelabel=no
2024-03-08 21:12:16 +03:00
BuildSourcesEphemeral=yes
2024-07-08 13:59:52 +03:00
Autologin=yes
PostInstallationScripts=mkosi.sanitizers.chroot
ExtraTrees=
mkosi.crt:/usr/lib/verity.d/mkosi.crt # sysext verification key
mkosi.leak-sanitizer-suppressions:/usr/lib/systemd/leak-sanitizer-suppressions
mkosi.coredump-journal-storage.conf:/usr/lib/systemd/coredump.conf.d/10-coredump-journal-storage.conf
Environment=
SYSTEMD_REPART_OVERRIDE_FSTYPE_ROOT=%F
2021-01-03 18:05:06 +03:00
2024-05-31 18:26:01 +03:00
# Adding more kernel command line arguments is likely to hit the kernel command line limit (512 bytes) in
# various scenarios. Consider adding support for a credential instead if possible and using that.
2024-04-19 14:25:31 +03:00
KernelCommandLine=systemd.crash_shell
systemd.log_level=debug,console:info
systemd.log_ratelimit_kmsg=0
# Disable the kernel's ratelimiting on userspace logging to kmsg.
printk.devkmsg=on
# Make sure /sysroot is mounted rw in the initrd.
rw
# Lower the default device timeout so we get a shell earlier if the root device does
# not appear for some reason.
2024-05-31 11:25:08 +03:00
systemd.default_device_timeout_sec=30
2024-04-19 14:25:31 +03:00
# Make sure no LSMs are enabled by default.
apparmor=0
selinux=0
enforcing=0
systemd.early_core_pattern=/core
systemd.firstboot=no
2024-05-09 10:56:06 +03:00
raid=noautodetect
2024-05-09 10:57:12 +03:00
oops=panic
panic=-1
softlockup_panic=1
panic_on_warn=1
2024-05-14 10:11:51 +03:00
# These don't ship proper units with [Install] directives so we have to mask them instead.
systemd.mask=isc-dhcp-server.service
systemd.mask=mdmonitor.service
2024-04-19 14:25:31 +03:00
2024-06-05 19:22:22 +03:00
KernelModulesInitrdExclude=.*
KernelModulesInitrdInclude=default
2024-07-08 13:59:52 +03:00
ExtraTrees=
%O/minimal-0.root-%a.raw:/usr/share/minimal_0.raw
%O/minimal-0.root-%a-verity.raw:/usr/share/minimal_0.verity
%O/minimal-0.root-%a-verity-sig.raw:/usr/share/minimal_0.verity.sig
%O/minimal-1.root-%a.raw:/usr/share/minimal_1.raw
%O/minimal-1.root-%a-verity.raw:/usr/share/minimal_1.verity
%O/minimal-1.root-%a-verity-sig.raw:/usr/share/minimal_1.verity.sig
%O/minimal-base:/usr/share/TEST-13-NSPAWN-container-template
%O/exitrd:/exitrd
InitrdPackages=
btrfs-progs
findutils
grep
sed
Packages=
acl
attr
bash-completion
bpftrace
btrfs-progs
clang
coreutils
curl
diffutils
dnsmasq
dosfstools
e2fsprogs
2024-07-10 11:05:59 +03:00
erofs-utils
2024-07-08 13:59:52 +03:00
findutils
gdb
grep
gzip
jq
kbd
kexec-tools
kmod
knot
less
lld
llvm
lvm2
man
mdadm
mtools
nano
nftables
nvme-cli
opensc
openssl
p11-kit
pciutils
python3
qrencode
radvd
rsync
sed
socat
strace
systemd
tar
tmux
tree
udev
util-linux
valgrind
which
wireguard-tools
xfsprogs
zsh
zstd
2021-01-03 18:05:06 +03:00
[Host]
2024-04-30 15:29:14 +03:00
Credentials=journal.storage=persistent
2024-07-08 13:59:52 +03:00
Incremental=yes
RuntimeBuildSources=yes
RuntimeScratch=no
QemuSmp=2
QemuSwtpm=yes
QemuVsock=yes
QemuKvm=yes
2023-12-07 21:52:41 +03:00
ToolsTreePackages=virtiofsd