diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml index 3690f74d0d0..6663dfe0ccd 100644 --- a/.github/workflows/mkosi.yml +++ b/.github/workflows/mkosi.yml @@ -59,24 +59,24 @@ jobs: - distro: debian release: testing - distro: ubuntu - release: jammy + release: noble - distro: fedora release: "39" - distro: fedora release: rawhide - - distro: opensuse - release: tumbleweed + # TODO: Re-enable once https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/AU4NWTBXNA7MVAUXWR74XYCHCSZN4Z4K/ + # is resolved or https://build.opensuse.org/request/show/1152118 is merged. + # - distro: opensuse + # release: tumbleweed - distro: centos release: "9" - - distro: centos - release: "8" env: SYSTEMD_LOG_LEVEL: debug steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - - uses: systemd/mkosi@070528fec478fc93af7ec057a5d2fd0045123c99 + - uses: systemd/mkosi@ea1b00c3dba12662214b2e95dd1fe837cb13664b - name: Free disk space run: | @@ -94,10 +94,6 @@ jobs: # Build a disk image in CI as this logic is much more prone to breakage. Format=disk - [Content] - Environment=CI_BUILD=1 - SLOW_TESTS=true - [Host] ToolsTree=default ToolsTreeDistribution=fedora diff --git a/docs/HACKING.md b/docs/HACKING.md index 270c39b587a..1fbbed91d11 100644 --- a/docs/HACKING.md +++ b/docs/HACKING.md @@ -32,16 +32,16 @@ run the relevant tool from the build directory. For some components (most importantly, systemd/PID 1 itself) this is not possible, however. In order to simplify testing for cases like this we provide -a set of `mkosi` build files directly in the source tree. +a set of `mkosi` config files directly in the source tree. [mkosi](https://github.com/systemd/mkosi) is a tool for building clean OS images from an upstream distribution in combination with a fresh build of the project -in the local working directory. To make use of this, please install `mkosi` v19 -or newer using your distribution's package manager or from the -[GitHub repository](https://github.com/systemd/mkosi). `mkosi` will build an -image for the host distro by default. First, run `mkosi genkey` to generate a key -and certificate to be used for secure boot and verity signing. After that is done, -it is sufficient to type `mkosi` in the systemd project directory to generate a disk -image you can boot either in `systemd-nspawn` or in a UEFI-capable VM: +in the local working directory. To make use of this, please install the latest +version of mkosi from the [GitHub repository](https://github.com/systemd/mkosi). +`mkosi` will build an image for the host distro by default. First, run +`mkosi genkey` to generate a key and certificate to be used for secure boot and +verity signing. After that is done, it is sufficient to type `mkosi` in the +systemd project directory to generate a disk image you can boot either in +`systemd-nspawn` or in a UEFI-capable VM: ```sh $ sudo mkosi boot # nspawn still needs sudo for now diff --git a/mkosi.conf b/mkosi.conf index 2605e062ad7..d611635ce73 100644 --- a/mkosi.conf +++ b/mkosi.conf @@ -2,7 +2,7 @@ [Config] Images=system -MinimumVersion=20.2 +MinimumVersion=21 [Output] @OutputDirectory=mkosi.output @@ -14,10 +14,12 @@ MinimumVersion=20.2 Environment=ASAN_OPTIONS=verify_asan_link_order=false MKOSI_ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:disable_coredump=0:use_madv_dontdump=1 MKOSI_UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 +@SELinuxRelabel=no [Host] @Incremental=yes -@QemuMem=2G +# TODO: Drop to 2G again once the next Noble kernel update ships and we can use linux-image-virtual. +@QemuMem=4G @RuntimeSize=8G ToolsTreePackages=virtiofsd KernelCommandLineExtra=systemd.crash_shell diff --git a/mkosi.conf.d/05-qemu-mem.conf b/mkosi.conf.d/05-qemu-mem.conf deleted file mode 100644 index 3a6f24a7b0c..00000000000 --- a/mkosi.conf.d/05-qemu-mem.conf +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -# Arch and CentOS 8 Stream initrds are rather big so we need to give QEMU more memory so the kernel can load -# them without OOMing. - -[Match] -Distribution=|arch -Distribution=|centos - -[Host] -@QemuMem=3G diff --git a/mkosi.conf.d/10-opensuse.conf b/mkosi.conf.d/10-opensuse.conf index 832c0d15fb2..f976fc80435 100644 --- a/mkosi.conf.d/10-opensuse.conf +++ b/mkosi.conf.d/10-opensuse.conf @@ -5,3 +5,4 @@ Distribution=opensuse [Distribution] @Release=tumbleweed +PackageManagerTrees=mkosi.conf.d/macros.db_backend:/etc/rpm/macros.db_backend diff --git a/mkosi.conf.d/10-ubuntu.conf b/mkosi.conf.d/10-ubuntu.conf index b0ebbadd489..da2d318295e 100644 --- a/mkosi.conf.d/10-ubuntu.conf +++ b/mkosi.conf.d/10-ubuntu.conf @@ -4,5 +4,5 @@ Distribution=ubuntu [Distribution] -@Release=jammy +@Release=noble Repositories=universe diff --git a/mkosi.conf.d/macros.db_backend b/mkosi.conf.d/macros.db_backend new file mode 100644 index 00000000000..4a58f06458d --- /dev/null +++ b/mkosi.conf.d/macros.db_backend @@ -0,0 +1 @@ +%_db_backend ndb diff --git a/mkosi.images/base/mkosi.build.chroot b/mkosi.images/base/mkosi.build.chroot deleted file mode 100755 index b59f339b11a..00000000000 --- a/mkosi.images/base/mkosi.build.chroot +++ /dev/null @@ -1,171 +0,0 @@ -#!/bin/bash -# SPDX-License-Identifier: LGPL-2.1-or-later -set -e - -# This is a build script for OS image generation using mkosi (https://github.com/systemd/mkosi). -# Simply invoke "mkosi" in the project directory to build an OS image. - -# We don't want to install our build of systemd in the base image, but use it as an extra tree for the -# initrd and system images, so override DESTDIR to store it in the output directory so we can reference it as -# an extra tree in the initrd and system image builds. -export DESTDIR="$OUTPUTDIR/systemd" - -# If mkosi.builddir/ exists mkosi will set $BUILDDIR to it, let's then use it -# as out-of-tree build dir. Otherwise, let's make up our own builddir. -[ -z "$BUILDDIR" ] && BUILDDIR="$PWD"/build - -# Let's make sure we're using stuff from the build directory first if available there. -PATH="$BUILDDIR:$PATH" -export PATH - -# The bpftool script shipped by Ubuntu tries to find the actual program to run via querying `uname -r` and -# using the current kernel version. This obviously doesn't work in containers. As a workaround, we override -# the ubuntu script with a symlink to the first bpftool program we can find. -for bpftool in /usr/lib/linux-tools/*/bpftool; do - [ -x "$bpftool" ] || continue - ln -sf "$bpftool" "$BUILDDIR"/bpftool - break -done - -# CentOS Stream 8 includes bpftool 4.18.0 which is lower than what we need. However, they've backported the -# specific feature we need ("gen skeleton") to this version, so we replace bpftool with a script that reports -# version 5.6.0 to satisfy meson which makes bpf work on CentOS Stream 8 as well. -. /usr/lib/os-release -if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then - cat >"$BUILDDIR"/bpftool </. - # It is important to use the right one especially for cryptsetup plugins, otherwise they will be - # installed in the wrong directory and not be found by cryptsetup. Assume native build. - if grep -q -e "ID=debian" -e "ID_LIKE=debian" /usr/lib/os-release && command -v dpkg 2>/dev/null; then - CONFIGURE_OPTS+=( - -D libdir="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)" - -D pamlibdir="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)/security" - ) - fi - - # Set various uids and gids for which Fedora has "soft static" allocations. - # Without this, we would get warning about mismatched sysusers.d entries - # between the files that we and Fedora's setup package install. - if grep -q '^ID=fedora' /usr/lib/os-release; then - CONFIGURE_OPTS+=( - -D adm-gid=4 - -D audio-gid=63 - -D cdrom-gid=11 - -D dialout-gid=18 - -D disk-gid=6 - -D input-gid=104 - -D kmem-gid=9 - -D kvm-gid=36 - -D lp-gid=7 - -D render-gid=105 - -D sgx-gid=106 - -D tape-gid=33 - -D tty-gid=5 - -D users-gid=100 - -D utmp-gid=22 - -D video-gid=39 - -D wheel-gid=10 - -D systemd-journal-gid=190 - -D systemd-network-uid=192 - -D systemd-resolve-uid=193 - ) - fi - - if grep -q '^ID="opensuse' /usr/lib/os-release; then - CONFIGURE_OPTS+=( - -Dbpf-compiler=gcc - ) - fi - - ( set -x; meson setup "$BUILDDIR" "$SRCDIR" --auto-features=enabled "${CONFIGURE_OPTS[@]}" ) -fi - -( set -x; ninja -C "$BUILDDIR" "$@" ) -if [ "$WITH_TESTS" = 1 ]; then - if [ -n "$SANITIZERS" ]; then - export ASAN_OPTIONS="$MKOSI_ASAN_OPTIONS" - export UBSAN_OPTIONS="$MKOSI_UBSAN_OPTIONS" - TIMEOUT_MULTIPLIER=3 - else - TIMEOUT_MULTIPLIER=1 - fi - - ( set -x; meson test -C "$BUILDDIR" --print-errorlogs --timeout-multiplier=$TIMEOUT_MULTIPLIER ) -fi - -( set -x; meson install -C "$BUILDDIR" --quiet --no-rebuild --only-changed ) diff --git a/mkosi.images/base/mkosi.conf b/mkosi.images/base/mkosi.conf index be8586ce3b9..fcefc3ead2b 100644 --- a/mkosi.images/base/mkosi.conf +++ b/mkosi.images/base/mkosi.conf @@ -4,33 +4,51 @@ Format=directory [Content] -Bootable=no +Autologin=yes +# Make sure we build the default initrd as part of the base image as it will have access to the systemd and +# udev rpms which are built by the build scripts that are part of the base image. +Bootable=yes +# we want to build the UKI as part of the system image so make sure none are built here. +Bootloader=none CleanPackageMetadata=no Packages= -Packages= + acl + bash-completion + coreutils + diffutils + dnsmasq + dosfstools + e2fsprogs + findutils + gcc # Sanitizer libraries + gdb + git + grep + gzip + jq + kbd + kexec-tools kmod less - util-linux - -BuildPackages= - acl - binutils - clang - diffutils - gawk - gdb - gettext - git - gperf - grep - lld - llvm - make - meson - pkgconf + mtools + nano + nftables + openssl + python3 + qrencode rsync sed + socat strace + systemd tar + tmux + tree + udev + util-linux + valgrind + wireguard-tools + xfsprogs + zsh zstd diff --git a/mkosi.images/base/mkosi.conf.d/10-arch.conf b/mkosi.images/base/mkosi.conf.d/10-arch.conf deleted file mode 100644 index 385c73979f1..00000000000 --- a/mkosi.images/base/mkosi.conf.d/10-arch.conf +++ /dev/null @@ -1,33 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=arch - -[Content] -Packages= - cryptsetup - dbus - gnutls - libarchive - libbpf - libfido2 - libmicrohttpd - libnftnl - libpwquality - libseccomp - libxkbcommon - openssl - qrencode - tpm2-tss - -BuildPackages= - bpf - docbook-xsl - glib2 - libxslt - linux-api-headers - python - python-jinja - python-lxml - python-pefile - python-pyelftools diff --git a/mkosi.images/base/mkosi.conf.d/10-arch/initrd/mkosi.postinst b/mkosi.images/base/mkosi.conf.d/10-arch/initrd/mkosi.postinst new file mode 100755 index 00000000000..ad4fe6e9a10 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-arch/initrd/mkosi.postinst @@ -0,0 +1,5 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +mkosi-install systemd systemd-sysvcompat diff --git a/mkosi.images/base/mkosi.conf.d/10-arch/mkosi.build.chroot b/mkosi.images/base/mkosi.conf.d/10-arch/mkosi.build.chroot new file mode 100755 index 00000000000..7fe05aa3a40 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-arch/mkosi.build.chroot @@ -0,0 +1,53 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -ex + +if [ ! -f "pkg/$DISTRIBUTION/PKGBUILD" ]; then + echo "PKGBUILD not found at pkg/$DISTRIBUTION/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2 + exit 1 +fi + +# We can't configure the source or build directory so we use bind mounts instead to make sure they are in the +# expected locations. +mount --mkdir --bind "$SRCDIR" "pkg/$DISTRIBUTION/systemd-stable/" +mount --mkdir --bind "$BUILDDIR" "pkg/$DISTRIBUTION/build/" +# Because we run with --noextract we are responsible for making sure the source files appear in src/. +mount --mkdir --rbind "$PWD/pkg/$DISTRIBUTION" "pkg/$DISTRIBUTION/src/" + +# shellcheck source=/dev/null +. /etc/makepkg.conf + +# Override the default options. Use -Og because -O0 doesn't work with FORTIFY_SOURCE. We specifically disable +# "strip", "zipman" and "lto" as they slow down builds significantly. OPTIONS= cannot be overridden on the +# makepkg command line so we append to /etc/makepkg.conf instead. The rootfs is overlayed with a writable +# tmpfs during the build script so these changes don't end up in the image itself. +tee --append /etc/makepkg.conf >/dev/null <&2 + exit 1 +fi + +if [ "$1" = "final" ]; then + # We get depends and optdepends from .SRCINFO as getting them from the PKGBUILD is rather complex. + sed --expression 's/^[ \t]*//' "pkg/$DISTRIBUTION/.SRCINFO" | + grep --regexp '^depends =' --regexp '^optdepends =' | + sed --expression 's/^depends = //' --expression 's/^optdepends = //' --expression 's/:.*//' | + xargs --delimiter '\n' mkosi-install +else + # We get makedepends from the PKGBUILD as .SRCINFO can't encode conditional dependencies depending on + # whether some environment variable is set or not. + # shellcheck source=/dev/null + UPSTREAM=1 . "pkg/$DISTRIBUTION/PKGBUILD" + + # shellcheck disable=SC2154 + mkosi-install "${makedepends[@]}" +fi diff --git a/mkosi.images/base/mkosi.conf.d/10-centos-fedora.conf b/mkosi.images/base/mkosi.conf.d/10-centos-fedora.conf deleted file mode 100644 index d7a135a5c04..00000000000 --- a/mkosi.images/base/mkosi.conf.d/10-centos-fedora.conf +++ /dev/null @@ -1,78 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=|centos -Distribution=|fedora - -[Content] -Packages= - audit-libs - cryptsetup-libs - gnutls - libarchive - libasan - libbpf - libfido2 - libgcrypt - libmicrohttpd - libnftnl - libubsan - libxcrypt - libxkbcommon - openssl-libs - qrencode-libs - tpm2-tss - util-linux - -BuildPackages= - pkgconf - bpftool - docbook-xsl - findutils - libgcrypt-devel # CentOS Stream 8 libgcrypt-devel doesn't ship a pkg-config file. - libxslt - pam-devel - pkgconfig(audit) - pkgconfig(blkid) - pkgconfig(bzip2) - pkgconfig(dbus-1) - pkgconfig(fdisk) - pkgconfig(glib-2.0) - pkgconfig(gnutls) - pkgconfig(libacl) - pkgconfig(libarchive) - pkgconfig(libbpf) - pkgconfig(libcap) - pkgconfig(libcryptsetup) - pkgconfig(libcurl) - pkgconfig(libdw) - pkgconfig(libfido2) - pkgconfig(libidn2) - pkgconfig(libkmod) - pkgconfig(liblz4) - pkgconfig(libmicrohttpd) - pkgconfig(libnftnl) - pkgconfig(libpcre2-8) - pkgconfig(libqrencode) - pkgconfig(libseccomp) - pkgconfig(libselinux) - pkgconfig(libzstd) - pkgconfig(mount) - pkgconfig(numa) - pkgconfig(openssl) - pkgconfig(openssl) - pkgconfig(p11-kit-1) - pkgconfig(pwquality) - pkgconfig(tss2-esys) - pkgconfig(tss2-mu) - pkgconfig(tss2-rc) - pkgconfig(tss2-tcti-device) - pkgconfig(valgrind) - pkgconfig(xkbcommon) - python3 - python3dist(jinja2) - python3dist(lxml) - python3dist(pefile) - python3dist(pyelftools) - python3dist(pytest) - rpm diff --git a/mkosi.images/base/mkosi.conf.d/10-centos-fedora/initrd/mkosi.postinst b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/initrd/mkosi.postinst new file mode 100755 index 00000000000..0b7a4cb6b73 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/initrd/mkosi.postinst @@ -0,0 +1,5 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +mkosi-install systemd systemd-udev diff --git a/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.build.chroot b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.build.chroot new file mode 100755 index 00000000000..cf3be645386 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.build.chroot @@ -0,0 +1,47 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -ex + +if [ ! -f "pkg/$DISTRIBUTION/systemd.spec" ]; then + echo "spec not found at pkg/$DISTRIBUTION/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2 + exit 1 +fi + +if [ -d .git/ ] && [ -z "$(git status --porcelain)" ]; then + TS="$(git show --no-patch --format=%ct HEAD)" +else + TS="${SOURCE_DATE_EPOCH:-$(date +%s)}" +fi + +# TODO: Replace meson_build and meson_install overrides with "--undefine __meson_verbose" once +# https://github.com/mesonbuild/meson/pull/12835 is available. +# shellcheck disable=SC2046 +rpmbuild \ + -bb \ + --build-in-place \ + --with upstream \ + $( ((WITH_TESTS)) || echo --nocheck) \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$DISTRIBUTION" \ + --define "_rpmdir $PACKAGEDIR" \ + ${BUILDDIR:+--define} \ + ${BUILDDIR:+"_vpath_builddir $BUILDDIR"} \ + --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ + --define "_binary_payload w.ufdio" \ + --define "debug_package %{nil}" \ + --define "version_override $(cat meson.version)" \ + --define "release_override $(date "+%Y%m%d%H%M%S" --date "@$TS")" \ + --define "_distro_extra_cflags -Og" \ + --define "meson_build %{shrink:%{__meson} compile -C %{_vpath_builddir} -j %{_smp_build_ncpus} %{nil}}" \ + --define "meson_install %{shrink:DESTDIR=%{buildroot} %{__meson} install -C %{_vpath_builddir} --no-rebuild --quiet %{nil}}" \ + --define "meson_extra_configure_options -D mode=developer -D b_sanitize=${SANITIZERS:-none}" \ + --define "__brp_strip %{nil}" \ + --define "__brp_compress %{nil}" \ + --define "__brp_mangle_shebangs %{nil}" \ + --define "__brp_strip_comment_note %{nil}" \ + --define "__brp_strip_static_archive %{nil}" \ + --define "__brp_check_rpaths %{nil}" \ + --define "__elf_exclude_path ^/usr/lib/systemd/tests/unit-tests/.*$" \ + --define "__script_requires %{nil}" \ + --undefine _lto_cflags \ + "pkg/$DISTRIBUTION/systemd.spec" diff --git a/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.conf b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.conf new file mode 100644 index 00000000000..4c80b0a36fd --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.conf @@ -0,0 +1,54 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=|centos +Distribution=|fedora + +[Config] +InitrdInclude=initrd/ + +[Content] +Environment= + SYSTEMD_PACKAGES="systemd + systemd-udev + systemd-container + systemd-repart + systemd-resolved + systemd-networkd + systemd-boot + systemd-tests + systemd-ukify + systemd-pam + systemd-oomd-defaults + systemd-journal-remote + systemd-networkd-defaults" +Packages= + bpftool + cryptsetup + dhcp-server + dnf + gnutls + integritysetup + iproute + iproute-tc + kernel-core + libasan + libcap-ng-utils + libubsan + netcat + openssh-clients + openssh-server + p11-kit + pam + passwd + polkit + procps-ng + quota + rpm + rpm-build + rpmautospec + util-linux + vim-common + +InitrdPackages= + tpm2-tools diff --git a/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.prepare b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.prepare new file mode 100755 index 00000000000..c07251a7e18 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-centos-fedora/mkosi.prepare @@ -0,0 +1,66 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -ex + +if [ ! -f "pkg/$DISTRIBUTION/systemd.spec" ]; then + echo "spec not found at pkg/$DISTRIBUTION/systemd.spec, run mkosi with -ff to make sure the spec is cloned" >&2 + exit 1 +fi + +if [ "$1" = "final" ]; then + DEPS="--requires" +else + DEPS="--buildrequires" +fi + +mkosi-chroot \ + rpmspec \ + --with upstream \ + --query \ + "$DEPS" \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$DISTRIBUTION" \ + "pkg/$DISTRIBUTION/systemd.spec" | + grep --invert-match --regexp systemd --regexp /bin/sh --regexp "rpmlib(" --regexp udev | + sort --unique | + tee /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install + +if [ "$1" = "final" ]; then + exit 0 +fi + +# rpmbuild -br tries to build a source package which means all source files have to exist which isn't the +# case when using --build-in-place so we get rid of the source file that doesn't exist to make it happy. +# TODO: Use -bd instead of -br and get rid of this once we don't need to build on CentOS Stream 9 anymore. +sed '/Source0/d' --in-place "pkg/$DISTRIBUTION/systemd.spec" + +until mkosi-chroot \ + rpmbuild \ + -br \ + --build-in-place \ + --with upstream \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$DISTRIBUTION" \ + --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ + "pkg/$DISTRIBUTION/systemd.spec" +do + EXIT_STATUS=$? + if [ $EXIT_STATUS -ne 11 ]; then + exit $EXIT_STATUS + fi + + mkosi-chroot \ + rpm \ + --query \ + --package \ + --requires \ + /var/tmp/SRPMS/systemd-*.buildreqs.nosrc.rpm | + grep --invert-match '^rpmlib(' | + sort --unique >/tmp/dynamic-buildrequires + + sort /tmp/buildrequires /tmp/dynamic-buildrequires | + uniq --unique | + tee --append /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install +done diff --git a/mkosi.images/base/mkosi.conf.d/10-centos/mkosi.conf b/mkosi.images/base/mkosi.conf.d/10-centos/mkosi.conf new file mode 100644 index 00000000000..dd08467aaf2 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-centos/mkosi.conf @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=centos + +[Content] +Environment= + PKG_URL="https://git.centos.org/rpms/systemd" + PKG_BRANCH="c9s-sig-hyperscale" + +Packages= + kernel-modules # For squashfs support + rpmautospec-rpm-macros diff --git a/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu.conf b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu.conf deleted file mode 100644 index 1d28be30f82..00000000000 --- a/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu.conf +++ /dev/null @@ -1,77 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=|debian -Distribution=|ubuntu - -[Content] -Packages= - ^libtss2-esys-[0-9\.]+-0$ - dmsetup - libapparmor1 - libarchive13 - libfdisk1 - libfido2-1 - libglib2.0-0 - libgnutls30 - libidn2-0 - liblz4-1 - libmicrohttpd12 - libnftnl11 - libp11-kit0 - libpam0g - libpwquality1 - libqrencode4 - libssl3 - libip4tc2 - ^libtss2-mu[0-9\.-]+$ - libtss2-rc0 - libtss2-tcti-device0 - tzdata - -BuildPackages= - docbook-xsl - dpkg-dev - g++ - libacl1-dev - libapparmor-dev - libarchive-dev - libaudit-dev - libblkid-dev - libbpf-dev - libbz2-dev - libcap-dev - libcryptsetup-dev - libcurl4-openssl-dev - libdbus-1-dev - libdw-dev - libfdisk-dev - libfido2-dev - libgcrypt20-dev - libglib2.0-dev - libgnutls28-dev - libidn2-dev - libiptc-dev - libkmod-dev - liblz4-dev - libmicrohttpd-dev - libmount-dev - libnftnl-dev - libp11-kit-dev - libpam0g-dev - libpwquality-dev - libqrencode-dev - libseccomp-dev - libsmartcols-dev - libssl-dev - libtss2-dev - libxen-dev - libxkbcommon-dev - libzstd-dev - python3 - python3-jinja2 - python3-lxml - python3-pefile - python3-pyelftools - python3-pytest - xsltproc diff --git a/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/initrd/mkosi.postinst b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/initrd/mkosi.postinst new file mode 100755 index 00000000000..640cdb1e32a --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/initrd/mkosi.postinst @@ -0,0 +1,5 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +mkosi-install systemd udev diff --git a/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.build.chroot b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.build.chroot new file mode 100755 index 00000000000..d1ec8c18942 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.build.chroot @@ -0,0 +1,89 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [ ! -d "pkg/$DISTRIBUTION/debian" ]; then + echo "deb rules not found at pkg/$DISTRIBUTION/debian, run mkosi once with -ff to make sure the rules are cloned" >&2 + exit 1 +fi + +# We transplant the debian/ folder from the deb package sources into the upstream sources. +mount --mkdir --bind "$SRCDIR/pkg/$DISTRIBUTION/debian" "$SRCDIR"/debian + +# We hide the patches/ directory by mounting an empty directory on top so they don't get applied. +TMP=$(mktemp -d) +mount --bind "$TMP" "$SRCDIR"/debian/patches + +# While the build directory can be specified through DH_OPTIONS, the default one is hardcoded everywhere so +# we have to use that. Because it is architecture dependent, we query it using dpkg-architecture first. +DEB_HOST_GNU_TYPE="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)" +mount --mkdir --bind "$BUILDDIR" "$SRCDIR/obj-$DEB_HOST_GNU_TYPE" + +if [ -d .git/ ] && [ -z "$(git status --porcelain)" ]; then + TS="$(git show --no-patch --format=%ct HEAD)" +else + TS="${SOURCE_DATE_EPOCH:-$(date +%s)}" +fi + +# Add a new changelog entry to update the version. We use a fixed date since a dynamic one causes a full +# rebuild every time. +cat >debian/changelog.new < $(date --rfc-email --date "@$TS") + +EOF +cat debian/changelog >>debian/changelog.new +mv debian/changelog.new debian/changelog + +build() { + DEB_BUILD_OPTIONS="$( ((WITH_TESTS)) || echo nocheck) $( ((WITH_DOCS)) || echo nodoc) nostrip terse optimize=-lto" \ + DEB_BUILD_PROFILES="$( ((WITH_TESTS)) || echo nocheck) $( ((WITH_DOCS)) || echo nodoc) pkg.systemd.upstream" \ + DEB_CFLAGS_APPEND="-Og" \ + DPKG_FORCE="unsafe-io" \ + DPKG_DEB_COMPRESSOR_TYPE="none" \ + DH_MISSING="--fail-missing" \ + CONFFLAGS_UPSTREAM="-D mode=developer -D b_sanitize=${SANITIZERS:-none}" \ + dpkg-buildpackage \ + --no-pre-clean \ + --unsigned-changes \ + --build=binary +} + +if ! build; then + # debhelper installs files for each package to debian/ so we figure out which files were + # packaged by querying all the package names from debian/control and running find on each of the + # corresponding package directory in debian/. + grep "Package:" debian/control | + sed "s/Package: //" | + xargs -d '\n' -I {} sh -c "[ -d debian/{} ] && (cd debian/{} && find . ! -type d ! -path "*dh-exec*" -printf '%P\n')" | + # Remove compression suffix from compressed manpages as the manpages in debian/tmp will be uncompressed. + sed --regexp-extended 's/([0-9])\.gz$/\1/' | + sort --unique >/tmp/packaged-files + + # We figure out the installed files by running find on debian/tmp/ which contains the files installed + # by meson install. + (cd debian/tmp/ && find . ! -type d ! -path "*dh-exec*" -printf '%P\n') >/tmp/installed-files + + if [ -f debian/not-installed ]; then + grep --invert-match "^#" debian/not-installed >>/tmp/installed-files + fi + + sort --unique --output /tmp/installed-files /tmp/installed-files + + # We get all the installed files that were not packaged by finding entries in the installed file that are + # not in the packaged file. + comm -23 /tmp/installed-files /tmp/packaged-files > /tmp/unpackaged-files + # If there are no unpackaged files something else went wrong. + if [ ! -s /tmp/unpackaged-files ]; then + exit 1 + fi + + # Otherwise, we append the unpackaged files to the filelist for the systemd package and retry the build. + cat /tmp/unpackaged-files >>debian/systemd.install + build +fi + +mv ../*.deb "$PACKAGEDIR" diff --git a/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.conf b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.conf new file mode 100644 index 00000000000..c2a9c399e17 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.conf @@ -0,0 +1,61 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=|debian +Distribution=|ubuntu + +[Config] +InitrdInclude=initrd/ + +[Content] +Environment= + PKG_URL="https://salsa.debian.org/systemd-team/systemd" + PKG_BRANCH="debian/master" + SYSTEMD_PACKAGES="systemd + systemd-userdbd + systemd-oomd + systemd-sysv + systemd-tests + systemd-timesyncd + systemd-resolved + systemd-homed + systemd-coredump + systemd-journal-remote + systemd-container + systemd-boot + systemd-ukify + udev" + +Packages= + ^libtss2-esys-[0-9.]+-0$ + ^libtss2-mu-[0-9.]+-0$ + apt + btrfs-progs + cryptsetup-bin + dbus-broker + default-dbus-session-bus + dmsetup + f2fs-tools + fdisk + iproute2 + isc-dhcp-server + libcap-ng-utils + libtss2-rc0 + libtss2-tcti-device0 + netcat-openbsd + openssh-client + openssh-server + passwd + policykit-1 + procps + quota + sbsigntool + tzdata + xxd + +InitrdPackages= + btrfs-progs + tpm2-tools + +BuildPackages= + dpkg-dev diff --git a/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare new file mode 100755 index 00000000000..32c60feb7ee --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare @@ -0,0 +1,15 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [ "$1" = "final" ]; then + exit 0 +fi + +if [ ! -d "pkg/$DISTRIBUTION/debian" ]; then + echo "deb rules not found at pkg/$DISTRIBUTION/debian, run mkosi once with -ff to make sure the rules are cloned" >&2 + exit 1 +fi + +cd "pkg/$DISTRIBUTION" +DEB_BUILD_PROFILES="pkg.systemd.upstream" apt-get build-dep . diff --git a/mkosi.images/base/mkosi.conf.d/10-debian.conf b/mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf similarity index 51% rename from mkosi.images/base/mkosi.conf.d/10-debian.conf rename to mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf index 020b02b61c2..c6b6155dda3 100644 --- a/mkosi.images/base/mkosi.conf.d/10-debian.conf +++ b/mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf @@ -2,10 +2,3 @@ [Match] Distribution=debian - -[Content] -Packages= - libbpf1 - -BuildPackages= - bpftool diff --git a/mkosi.images/system/mkosi.conf.d/10-debian-amd64.conf b/mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf.d/amd64.conf similarity index 77% rename from mkosi.images/system/mkosi.conf.d/10-debian-amd64.conf rename to mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf.d/amd64.conf index d3c89f3a8c7..615de52499e 100644 --- a/mkosi.images/system/mkosi.conf.d/10-debian-amd64.conf +++ b/mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf.d/amd64.conf @@ -1,10 +1,8 @@ # SPDX-License-Identifier: LGPL-2.1-or-later [Match] -Distribution=debian Architecture=x86-64 [Content] Packages= - bpftool linux-image-cloud-amd64 diff --git a/mkosi.images/system/mkosi.conf.d/10-debian-arm64.conf b/mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf.d/arm64.conf similarity index 77% rename from mkosi.images/system/mkosi.conf.d/10-debian-arm64.conf rename to mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf.d/arm64.conf index 76a68981113..af923fa4427 100644 --- a/mkosi.images/system/mkosi.conf.d/10-debian-arm64.conf +++ b/mkosi.images/base/mkosi.conf.d/10-debian/mkosi.conf.d/arm64.conf @@ -1,10 +1,8 @@ # SPDX-License-Identifier: LGPL-2.1-or-later [Match] -Distribution=debian Architecture=arm64 [Content] Packages= - bpftool linux-image-cloud-arm64 diff --git a/mkosi.images/base/mkosi.conf.d/10-fedora.conf b/mkosi.images/base/mkosi.conf.d/10-fedora.conf deleted file mode 100644 index a8fbce47fb5..00000000000 --- a/mkosi.images/base/mkosi.conf.d/10-fedora.conf +++ /dev/null @@ -1,9 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=fedora - -[Content] -BuildPackages= - python3dist(pytest-flakes) - pkgconfig(xencontrol) diff --git a/mkosi.images/system/mkosi.conf.d/10-fedora.conf b/mkosi.images/base/mkosi.conf.d/10-fedora/mkosi.conf similarity index 58% rename from mkosi.images/system/mkosi.conf.d/10-fedora.conf rename to mkosi.images/base/mkosi.conf.d/10-fedora/mkosi.conf index 7554ad2dc31..cea31ed697c 100644 --- a/mkosi.images/system/mkosi.conf.d/10-fedora.conf +++ b/mkosi.images/base/mkosi.conf.d/10-fedora/mkosi.conf @@ -4,9 +4,16 @@ Distribution=fedora [Content] +Environment= + PKG_URL="https://src.fedoraproject.org/rpms/systemd" + PKG_BRANCH="rawhide" + Packages= btrfs-progs compsize f2fs-tools glibc-langpack-en sbsigntools + +InitrdPackages= + btrfs-progs diff --git a/mkosi.images/base/mkosi.conf.d/10-opensuse.conf b/mkosi.images/base/mkosi.conf.d/10-opensuse.conf deleted file mode 100644 index 941a50a6d19..00000000000 --- a/mkosi.images/base/mkosi.conf.d/10-opensuse.conf +++ /dev/null @@ -1,95 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=opensuse - -[Content] -# We install gawk, gzip, grep, xz, sed, rsync and docbook-xsl-stylesheets here explicitly so that the busybox -# versions don't get installed instead. -Packages= - device-mapper - distribution-release - docbook-xsl-stylesheets - gawk - grep - gzip - libbpf1 - libarchive13 - libcrypt1 - libcryptsetup12 - libdw1 - libelf1 - libfido2 - libgcrypt20 - libglib-2_0-0 - libkmod2 - libmount1 - libnftnl11 - libopenssl3 - libp11-kit0 - libqrencode4 - libseccomp2 - libtss2-esys0 - libtss2-mu0 - libtss2-rc0 - libtss2-tcti-device0 - libxkbcommon0 - libzstd1 - pam - rsync - sed - shadow - tpm2-0-tss - xz - -BuildPackages= - audit-devel - bpftool - cross-bpf-gcc13 - dbus-1-devel - fdupes - gcc-c++ - glib2-devel - glibc-locale - intltool - libacl-devel - libapparmor-devel - libarchive-devel - libblkid-devel - libbpf-devel - libbz2-devel - libcap-devel - libcryptsetup-devel - libcurl-devel - libdw-devel - libelf-devel - libfdisk-devel - libfido2-devel - libgcrypt-devel - libgnutls-devel - libkmod-devel - liblz4-devel - libmicrohttpd-devel - libmount-devel - libnftnl-devel - libpwquality-devel - libseccomp-devel - libselinux-devel - libxkbcommon-devel - libxslt-tools - libzstd-devel - openssl-devel - pam-devel - pciutils-devel - python3 - python3-Jinja2 - python3-lxml - python3-pefile - python3-pyelftools - python3-pytest - python3-pytest-flakes - qrencode-devel - shadow - timezone - tpm2-0-tss-devel - xen-devel diff --git a/mkosi.images/initrd/mkosi.postinst b/mkosi.images/base/mkosi.conf.d/10-opensuse/initrd/mkosi.postinst similarity index 91% rename from mkosi.images/initrd/mkosi.postinst rename to mkosi.images/base/mkosi.conf.d/10-opensuse/initrd/mkosi.postinst index de610dfeb64..6a60ce83e52 100755 --- a/mkosi.images/initrd/mkosi.postinst +++ b/mkosi.images/base/mkosi.conf.d/10-opensuse/initrd/mkosi.postinst @@ -5,3 +5,5 @@ set -e # OpenSUSE insists on blacklisting erofs by default because its supposedly a legacy filesystem. # See https://github.com/openSUSE/suse-module-tools/pull/71 rm -f "$BUILDROOT/usr/lib/modprobe.d/60-blacklist_fs-erofs.conf" + +mkosi-install systemd udev diff --git a/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.build.chroot b/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.build.chroot new file mode 100755 index 00000000000..e1abe0b1351 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.build.chroot @@ -0,0 +1,63 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -ex + +if [ ! -f "pkg/$DISTRIBUTION/systemd.spec" ]; then + echo "spec not found at pkg/$DISTRIBUTION/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2 + exit 1 +fi + +if [ -d .git/ ] && [ -z "$(git status --porcelain)" ]; then + TS="$(git show --no-patch --format=%ct HEAD)" +else + TS="${SOURCE_DATE_EPOCH:-$(date +%s)}" +fi + +# The openSUSE filelists hardcode the manpage compression extension. This causes rpmbuild errors since we +# disable manpage compression as the files cannot be found. Fix the issue by removing the compression +# extension. +find "pkg/$DISTRIBUTION" -name "files.*" -exec sed --in-place 's/\.gz$//' {} \; + +build() { + # TODO: Replace meson_build and meson_install overrides with "--undefine __meson_verbose" once + # https://github.com/mesonbuild/meson/pull/12835 is available. + # shellcheck disable=SC2046 + rpmbuild \ + -bb \ + --build-in-place \ + --with upstream \ + $( ((WITH_TESTS)) || echo --nocheck) \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$DISTRIBUTION" \ + --define "_rpmdir $PACKAGEDIR" \ + ${BUILDDIR:+--define} \ + ${BUILDDIR:+"_vpath_builddir $BUILDDIR"} \ + --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ + --define "_binary_payload w.ufdio" \ + --define "debug_package %{nil}" \ + --define "vendor openSUSE" \ + --define "version_override $(cat meson.version)" \ + --define "release_override $(date "+%Y%m%d%H%M%S" --date "@$TS")" \ + --define "__check_files sh -c '$(rpm --eval %__check_files) | tee /tmp/unpackaged-files'" \ + --define "meson_build %{shrink:%{__meson} compile -C %{_vpath_builddir} -j %{_smp_build_ncpus} %{nil}}" \ + --define "meson_install %{shrink:DESTDIR=%{buildroot} %{__meson} install -C %{_vpath_builddir} --no-rebuild --quiet %{nil}}" \ + --define "meson_extra_configure_options -D mode=developer -D b_sanitize=${SANITIZERS:-none}" \ + --define "__os_install_post /usr/lib/rpm/brp-suse %{nil}" \ + --define "__elf_exclude_path ^/usr/lib/systemd/tests/unit-tests/.*$" \ + --define "__script_requires %{nil}" \ + "$@" \ + "pkg/$DISTRIBUTION/systemd.spec" +} + +if ! build; then + if [ ! -s /tmp/unpackaged-files ]; then + exit 1 + fi + + # rpm will append to any existing systemd.lang so delete it explicitly so we don't get duplicate file + # warnings. + rm systemd.lang + + cat /tmp/unpackaged-files >>"pkg/$DISTRIBUTION/files.systemd" + build --noprep --nocheck +fi diff --git a/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.conf b/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.conf new file mode 100644 index 00000000000..4ef13b6ca5b --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.conf @@ -0,0 +1,55 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=opensuse + +[Config] +InitrdInclude=initrd/ + +[Content] +Environment= + PKG_URL="https://code.opensuse.org/package/systemd" + PKG_BRANCH="master" + SYSTEMD_PACKAGES="systemd + udev + systemd-experimental + systemd-boot + systemd-container + systemd-homed + systemd-network + systemd-portable + systemd-sysvcompat + systemd-testsuite" + +# We install gawk, gzip, grep, xz, sed, rsync and docbook-xsl-stylesheets here explicitly so that the busybox +# versions don't get installed instead. +Packages= + bpftool + btrfs-progs + cryptsetup + dbus-broker + device-mapper + distribution-release + docbook-xsl-stylesheets + f2fs-tools + gawk + glibc-locale-base + grep + gzip + kernel-kvmsmall + openssh-clients + openssh-server + pam + quota + rpm-build + rsync + sbsigntools + sed + shadow + timezone + vim + xz + +InitrdPackages= + btrfs-progs + tpm2.0-tools diff --git a/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.prepare b/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.prepare new file mode 100755 index 00000000000..dd01a3f20e9 --- /dev/null +++ b/mkosi.images/base/mkosi.conf.d/10-opensuse/mkosi.prepare @@ -0,0 +1,61 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [ ! -f "pkg/$DISTRIBUTION/systemd.spec" ]; then + echo "spec not found at pkg/$DISTRIBUTION/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2 + exit 1 +fi + +if [ "$1" = "final" ]; then + DEPS="--requires" +else + DEPS="--buildrequires" +fi + +mkosi-chroot \ + rpmspec \ + --with upstream \ + --query \ + "$DEPS" \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$DISTRIBUTION" \ + "pkg/$DISTRIBUTION/systemd.spec" | + grep --invert-match --regexp systemd --regexp /bin/sh --regexp "rpmlib(" --regexp udev | + sort --unique | + tee /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install + +if [ "$1" = "final" ]; then + exit 0 +fi + +until mkosi-chroot \ + rpmbuild \ + -bd \ + --build-in-place \ + --with upstream \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$DISTRIBUTION" \ + --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ + "pkg/$DISTRIBUTION/systemd.spec" +do + EXIT_STATUS=$? + if [ $EXIT_STATUS -ne 11 ]; then + exit $EXIT_STATUS + fi + + mkosi-chroot \ + rpm \ + --query \ + --package \ + --requires \ + /var/tmp/SRPMS/systemd-*.buildreqs.nosrc.rpm | + grep --invert-match '^rpmlib(' | + sort --unique >/tmp/dynamic-buildrequires + + sort /tmp/buildrequires /tmp/dynamic-buildrequires | + uniq --unique | + tee --append /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install +done diff --git a/mkosi.images/base/mkosi.conf.d/10-ubuntu.conf b/mkosi.images/base/mkosi.conf.d/10-ubuntu/mkosi.conf similarity index 54% rename from mkosi.images/base/mkosi.conf.d/10-ubuntu.conf rename to mkosi.images/base/mkosi.conf.d/10-ubuntu/mkosi.conf index 717809fd03c..85126a1a37e 100644 --- a/mkosi.images/base/mkosi.conf.d/10-ubuntu.conf +++ b/mkosi.images/base/mkosi.conf.d/10-ubuntu/mkosi.conf @@ -5,8 +5,7 @@ Distribution=ubuntu [Content] Packages= - libbpf0 - -BuildPackages= + # We would like to use linux-virtual but it does not have support for SMBIOS credentials. + linux-image-generic linux-tools-common linux-tools-generic diff --git a/mkosi.images/system/mkosi.extra/etc/issue b/mkosi.images/base/mkosi.extra/etc/issue similarity index 100% rename from mkosi.images/system/mkosi.extra/etc/issue rename to mkosi.images/base/mkosi.extra/etc/issue diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf b/mkosi.images/base/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf similarity index 100% rename from mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf rename to mkosi.images/base/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh b/mkosi.images/base/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh similarity index 100% rename from mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh rename to mkosi.images/base/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service b/mkosi.images/base/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service similarity index 100% rename from mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service rename to mkosi.images/base/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service diff --git a/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf b/mkosi.images/base/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf similarity index 100% rename from mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf rename to mkosi.images/base/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf diff --git a/mkosi.images/system/mkosi.extra/usr/share/factory/mkosi/gdbinit.d/systemd.gdb b/mkosi.images/base/mkosi.extra/usr/share/factory/mkosi/gdbinit.d/systemd.gdb similarity index 100% rename from mkosi.images/system/mkosi.extra/usr/share/factory/mkosi/gdbinit.d/systemd.gdb rename to mkosi.images/base/mkosi.extra/usr/share/factory/mkosi/gdbinit.d/systemd.gdb diff --git a/mkosi.images/system/mkosi.finalize b/mkosi.images/base/mkosi.finalize similarity index 100% rename from mkosi.images/system/mkosi.finalize rename to mkosi.images/base/mkosi.finalize diff --git a/mkosi.images/base/mkosi.postinst b/mkosi.images/base/mkosi.postinst new file mode 100755 index 00000000000..caaf253ef69 --- /dev/null +++ b/mkosi.images/base/mkosi.postinst @@ -0,0 +1,6 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +# shellcheck disable=SC2086 +mkosi-install $SYSTEMD_PACKAGES diff --git a/mkosi.images/system/mkosi.postinst.chroot b/mkosi.images/base/mkosi.postinst.chroot similarity index 85% rename from mkosi.images/system/mkosi.postinst.chroot rename to mkosi.images/base/mkosi.postinst.chroot index 330fa3b73e2..26459b165de 100755 --- a/mkosi.images/system/mkosi.postinst.chroot +++ b/mkosi.images/base/mkosi.postinst.chroot @@ -2,10 +2,6 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -if [ "$1" = "build" ]; then - exit 0 -fi - if [ -n "$SANITIZERS" ]; then LD_PRELOAD=$(ldd /usr/lib/systemd/systemd | grep libasan.so | awk '{print $3}') @@ -48,22 +44,6 @@ EOF systemctl mask systemd-hwdb-update.service fi -if [ -n "$IMAGE_ID" ] ; then - sed -n \ - -i \ - -e '/^IMAGE_ID=/!p' \ - -e "\$aIMAGE_ID=$IMAGE_ID" \ - /usr/lib/os-release -fi - -if [ -n "$IMAGE_VERSION" ] ; then - sed -n \ - -i \ - -e '/^IMAGE_VERSION=/!p' \ - -e "\$aIMAGE_VERSION=$IMAGE_VERSION" \ - /usr/lib/os-release -fi - if command -v authselect >/dev/null; then # authselect 1.5.0 renamed the minimal profile to the local profile without keeping backwards compat so # let's use the new name if it exists. @@ -87,11 +67,6 @@ rm -f /etc/resolv.conf . /usr/lib/os-release -if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then - alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 1 - alternatives --set python3 /usr/bin/python3.9 -fi - mkdir -p /usr/lib/sysusers.d cat >/usr/lib/sysusers.d/testuser.conf <