1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

mkosi: Make sure our systemd build always overrides the distros

Currently, we install the systemd install tree in the base image and
then build the initrd and final images from the base image. This means
if that any systemd package is pulled in during the initrd or final
image builds, it will override our version.

To fix this, we stop installing our build of systemd in the base image,
and store it in the output directory instead. That allows us to refer to
it using ExtraTrees= in the final and initrd image builds to install it
after all the distro packages have been installed, ensuring our version
always takes priority.
This commit is contained in:
Daan De Meyer 2023-08-04 10:40:30 +02:00
parent f2f8ed193c
commit 6ac5aa97ec
8 changed files with 32 additions and 20 deletions

View File

@ -9,6 +9,11 @@ if [ "${container:-}" != "mkosi" ]; then
exec mkosi-chroot "$SCRIPT" "$@"
fi
# We don't want to install our build of systemd in the base image, but use it as an extra tree for the
# initrd and final images, so override DESTDIR to store it in the output directory so we can reference it as
# an extra tree in the initrd and final image builds.
DESTDIR="$OUTPUTDIR/systemd"
# If mkosi.builddir/ exists mkosi will set $BUILDDIR to it, let's then use it
# as out-of-tree build dir. Otherwise, let's make up our own builddir.
[ -z "$BUILDDIR" ] && BUILDDIR="$PWD"/build
@ -29,7 +34,8 @@ done
# CentOS Stream 8 includes bpftool 4.18.0 which is lower than what we need. However, they've backported the
# specific feature we need ("gen skeleton") to this version, so we replace bpftool with a script that reports
# version 5.6.0 to satisfy meson which makes bpf work on CentOS Stream 8 as well.
if [ "$(grep '^ID=' /etc/os-release)" = "ID=\"centos\"" ] && [ "$(grep '^VERSION=' /etc/os-release)" = "VERSION=\"8\"" ]; then
. /usr/lib/os-release
if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then
cat >"$BUILDDIR"/bpftool <<EOF
#!/bin/sh
if [ "\$1" = --version ]; then
@ -44,7 +50,6 @@ fi
if [ ! -f "$BUILDDIR"/build.ninja ]; then
sysvinit_path=$(realpath /etc/init.d)
. /etc/os-release
if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then
UKIFY=false
else
@ -157,7 +162,7 @@ if [ ! -f "$BUILDDIR"/build.ninja ]; then
# On debian-like systems the library directory is not /usr/lib64 but /usr/lib/<arch-triplet>/.
# It is important to use the right one especially for cryptsetup plugins, otherwise they will be
# installed in the wrong directory and not be found by cryptsetup. Assume native build.
if grep -q -e "ID=debian" -e "ID_LIKE=debian" /etc/os-release && command -v dpkg 2>/dev/null; then
if grep -q -e "ID=debian" -e "ID_LIKE=debian" /usr/lib/os-release && command -v dpkg 2>/dev/null; then
CONFIGURE_OPTS+=(
-D libdir="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)"
-D pamlibdir="/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)/security"
@ -167,7 +172,7 @@ if [ ! -f "$BUILDDIR"/build.ninja ]; then
# Set various uids and gids for which Fedora has "soft static" allocations.
# Without this, we would get warning about mismatched sysusers.d entries
# between the files that we and Fedora's setup package install.
if grep -q '^ID=fedora' /etc/os-release; then
if grep -q '^ID=fedora' /usr/lib/os-release; then
CONFIGURE_OPTS+=(
-Dadm-gid=4
-Daudio-gid=63
@ -192,7 +197,7 @@ if [ ! -f "$BUILDDIR"/build.ninja ]; then
)
fi
if grep -q '^ID="opensuse' /etc/os-release; then
if grep -q '^ID="opensuse' /usr/lib/os-release; then
CONFIGURE_OPTS+=(
-Dbpf-compiler=gcc
)

View File

@ -9,8 +9,7 @@ CleanPackageMetadata=no
Packages=
kmod
less
systemd
udev
util-linux
BuildPackages=
acl

View File

@ -5,16 +5,18 @@ Distribution=arch
[Content]
Packages=
cryptsetup
dbus
gnutls
libbpf
libfido2
libmicrohttpd
libnftnl
libpwquality
libseccomp
libxkbcommon
openssl
qrencode
systemd-sysvcompat
tpm2-tss
BuildPackages=

View File

@ -21,8 +21,6 @@ Packages=
libqrencode4
libssl3
libtss2-dev # Use the -dev package to avoid churn in updating version numbers
systemd
systemd-sysv
tzdata
BuildPackages=

View File

@ -4,9 +4,12 @@
Distribution=opensuse
[Content]
# We install gawk, gzip, grep, xz here explicitly so that the busybox versions don't get installed instead.
# We install gawk, gzip, grep, xz, sed, rsync and docbook-xsl-stylesheets here explicitly so that the busybox
# versions don't get installed instead.
Packages=
device-mapper
distribution-release
docbook-xsl-stylesheets
gawk
grep
gzip
@ -25,16 +28,16 @@ Packages=
libp11-kit0
libqrencode4
libseccomp2
libxkbcommon0
libzstd1
pam
shadow
libtss2-esys0
libtss2-mu0
libtss2-rc0
libtss2-tcti-device0
# Workaround for CI issue with our stub getting overwritten
systemd-boot
libxkbcommon0
libzstd1
pam
rsync
sed
shadow
tpm2-0-tss
xz
@ -43,7 +46,6 @@ BuildPackages=
bpftool
cross-bpf-gcc13
dbus-1-devel
docbook-xsl-stylesheets
fdupes
gcc-c++
glib2-devel
@ -84,7 +86,6 @@ BuildPackages=
python3-pytest-flakes
qrencode-devel
shadow
systemd-sysvinit
timezone
tpm2-0-tss-devel
xen-devel

View File

@ -9,7 +9,11 @@ Format=cpio
[Content]
BaseTrees=../../mkosi.output/base
ExtraTrees=../../mkosi.output/base-systemd
MakeInitrd=yes
Packages=
systemd
udev
# Arch Linux doesn't split their gcc-libs package so we manually remove unneeded stuff here to make sure it
# doesn't end up in the initrd.

View File

@ -3,6 +3,7 @@
[Content]
Autologin=yes
BaseTrees=../../mkosi.output/base
ExtraTrees=../../mkosi.output/base-systemd
ExtraTrees=../../src:/root/src
Initrds=../../mkosi.output/initrd
Packages=
@ -28,8 +29,10 @@ Packages=
sed
socat
strace
systemd
tmux
tree
udev
util-linux
valgrind
wireguard-tools

View File

@ -79,7 +79,7 @@ fi
# Let tmpfiles.d/systemd-resolve.conf handle the symlink
rm -f /etc/resolv.conf
. /etc/os-release
. /usr/lib/os-release
if [ "$ID" = "centos" ] && [ "$VERSION" = "8" ]; then
alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 1