From 7205fc7dc31eb2be3075ee6ba23ebe84324aa5cb Mon Sep 17 00:00:00 2001 From: Daan De Meyer Date: Fri, 12 Jul 2024 15:33:49 +0200 Subject: [PATCH] mkosi: Introduce build image We want the exitrd image to be built with the latest systemd as well. As the exitrd image is built as part of mkosi.images, and all subimages are built before the main image, this implies the packages must be built as a subimage in mkosi.images/ as well. So we introduce the build image and move all logic related to building distribution packages there. This also has the nice side effect of slimming down the main image as the build dependencies are not installed into the main image anymore. It also makes sure the packages are built in a "clean" chroot without any of the other packages which we install in the main image available. --- mkosi.conf | 41 +++++++---- mkosi.conf.d/10-arch/mkosi.conf | 12 ---- mkosi.conf.d/10-arch/mkosi.prepare | 42 ++++++----- mkosi.conf.d/10-centos-fedora/mkosi.conf | 7 +- mkosi.conf.d/10-centos-fedora/mkosi.prepare | 66 +++--------------- mkosi.conf.d/10-centos/mkosi.conf | 5 -- mkosi.conf.d/10-debian-ubuntu/mkosi.conf | 17 +---- mkosi.conf.d/10-debian-ubuntu/mkosi.postinst | 29 -------- mkosi.conf.d/10-debian-ubuntu/mkosi.prepare | 18 +++-- mkosi.conf.d/10-fedora/mkosi.conf | 5 -- mkosi.conf.d/10-opensuse/mkosi.conf | 24 +------ mkosi.conf.d/10-opensuse/mkosi.prepare | 69 ++++--------------- mkosi.conf.d/20-build.conf | 9 +++ mkosi.conf.d/20-none.conf | 4 +- mkosi.conf.d/20-sanitizers.conf | 4 ++ mkosi.images/build/mkosi.conf | 11 +++ .../mkosi.conf.d/arch}/mkosi.build.chroot | 8 +-- .../build/mkosi.conf.d/arch/mkosi.conf | 16 +++++ .../build/mkosi.conf.d/arch/mkosi.prepare | 21 ++++++ .../centos-fedora}/mkosi.build.chroot | 10 +-- .../mkosi.conf.d/centos-fedora/mkosi.conf | 14 ++++ .../mkosi.conf.d/centos-fedora/mkosi.prepare | 63 +++++++++++++++++ .../build/mkosi.conf.d/centos/mkosi.conf | 14 ++++ .../debian-ubuntu}/mkosi.build.chroot | 12 ++-- .../mkosi.conf.d/debian-ubuntu/mkosi.conf | 18 +++++ .../mkosi.conf.d/debian-ubuntu/mkosi.prepare | 18 +++++ .../build/mkosi.conf.d/fedora/mkosi.conf | 10 +++ .../mkosi.conf.d/opensuse}/mkosi.build.chroot | 12 ++-- .../build/mkosi.conf.d/opensuse/mkosi.conf | 16 +++++ .../build/mkosi.conf.d/opensuse/mkosi.prepare | 62 +++++++++++++++++ mkosi.sync => mkosi.images/build/mkosi.sync | 5 ++ mkosi.images/exitrd/mkosi.conf | 3 + mkosi.images/exitrd/mkosi.conf.d/10-arch.conf | 2 +- .../exitrd/mkosi.conf.d/10-centos-fedora.conf | 2 +- .../exitrd/mkosi.conf.d/10-debian.conf | 2 +- .../exitrd/mkosi.conf.d/10-opensuse.conf | 3 + .../exitrd/mkosi.conf.d/10-ubuntu.conf | 2 +- .../exitrd/mkosi.conf.d/20-build.conf | 9 +++ mkosi.images/minimal-base/mkosi.conf | 3 + .../minimal-base/mkosi.conf.d/10-arch.conf | 3 + .../mkosi.conf.d/10-centos-fedora.conf | 3 + ...tu-opensuse.conf => 10-debian-ubuntu.conf} | 4 ++ .../mkosi.conf.d/10-opensuse.conf | 4 ++ .../minimal-base/mkosi.conf.d/20-build.conf | 9 +++ mkosi.initrd/mkosi.conf | 4 +- mkosi.sanitizers/mkosi.conf | 5 ++ mkosi.sanitizers/mkosi.conf.d/arch.conf | 9 +++ .../mkosi.conf.d/debian-ubuntu.conf | 11 +++ mkosi.sanitizers/mkosi.conf.d/opensuse.conf | 10 +++ .../mkosi.postinst | 32 +++++---- tools/update-distro-hash.py | 5 +- 51 files changed, 487 insertions(+), 300 deletions(-) delete mode 100755 mkosi.conf.d/10-debian-ubuntu/mkosi.postinst create mode 100644 mkosi.conf.d/20-build.conf create mode 100644 mkosi.images/build/mkosi.conf rename {mkosi.conf.d/10-arch => mkosi.images/build/mkosi.conf.d/arch}/mkosi.build.chroot (95%) create mode 100644 mkosi.images/build/mkosi.conf.d/arch/mkosi.conf create mode 100755 mkosi.images/build/mkosi.conf.d/arch/mkosi.prepare rename {mkosi.conf.d/10-centos-fedora => mkosi.images/build/mkosi.conf.d/centos-fedora}/mkosi.build.chroot (95%) create mode 100644 mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.conf create mode 100755 mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.prepare create mode 100644 mkosi.images/build/mkosi.conf.d/centos/mkosi.conf rename {mkosi.conf.d/10-debian-ubuntu => mkosi.images/build/mkosi.conf.d/debian-ubuntu}/mkosi.build.chroot (96%) create mode 100644 mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.conf create mode 100755 mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.prepare create mode 100644 mkosi.images/build/mkosi.conf.d/fedora/mkosi.conf rename {mkosi.conf.d/10-opensuse => mkosi.images/build/mkosi.conf.d/opensuse}/mkosi.build.chroot (94%) create mode 100644 mkosi.images/build/mkosi.conf.d/opensuse/mkosi.conf create mode 100755 mkosi.images/build/mkosi.conf.d/opensuse/mkosi.prepare rename mkosi.sync => mkosi.images/build/mkosi.sync (88%) create mode 100644 mkosi.images/exitrd/mkosi.conf.d/20-build.conf rename mkosi.images/minimal-base/mkosi.conf.d/{10-debian-ubuntu-opensuse.conf => 10-debian-ubuntu.conf} (76%) create mode 100644 mkosi.images/minimal-base/mkosi.conf.d/20-build.conf create mode 100644 mkosi.sanitizers/mkosi.conf create mode 100644 mkosi.sanitizers/mkosi.conf.d/arch.conf create mode 100644 mkosi.sanitizers/mkosi.conf.d/debian-ubuntu.conf create mode 100644 mkosi.sanitizers/mkosi.conf.d/opensuse.conf rename mkosi.sanitizers.chroot => mkosi.sanitizers/mkosi.postinst (66%) diff --git a/mkosi.conf b/mkosi.conf index b47b30c98b9..5654af0956c 100644 --- a/mkosi.conf +++ b/mkosi.conf @@ -3,6 +3,24 @@ [Config] MinimumVersion=23~devel InitrdInclude=mkosi.initrd/ +Dependencies= + exitrd + minimal-base + minimal-0 + minimal-1 + +PassEnvironment= + NO_BUILD + NO_SYNC + WIPE + SANITIZERS + CFLAGS + LDFLAGS + LLVM + MESON_VERBOSE + MESON_OPTIONS + SYSEXT + WITH_DEBUG [Output] RepartDirectories=mkosi.repart @@ -14,11 +32,18 @@ CacheDirectory=build/mkosi.cache BuildSourcesEphemeral=yes Autologin=yes -PostInstallationScripts=mkosi.sanitizers.chroot ExtraTrees= mkosi.crt:/usr/lib/verity.d/mkosi.crt # sysext verification key mkosi.leak-sanitizer-suppressions:/usr/lib/systemd/leak-sanitizer-suppressions mkosi.coredump-journal-storage.conf:/usr/lib/systemd/coredump.conf.d/10-coredump-journal-storage.conf + %O/minimal-0.root-%a.raw:/usr/share/minimal_0.raw + %O/minimal-0.root-%a-verity.raw:/usr/share/minimal_0.verity + %O/minimal-0.root-%a-verity-sig.raw:/usr/share/minimal_0.verity.sig + %O/minimal-1.root-%a.raw:/usr/share/minimal_1.raw + %O/minimal-1.root-%a-verity.raw:/usr/share/minimal_1.verity + %O/minimal-1.root-%a-verity-sig.raw:/usr/share/minimal_1.verity.sig + %O/minimal-base:/usr/share/TEST-13-NSPAWN-container-template + %O/exitrd:/exitrd Environment= SYSTEMD_REPART_OVERRIDE_FSTYPE_ROOT=%F @@ -57,16 +82,6 @@ KernelCommandLine=systemd.crash_shell KernelModulesInitrdExclude=.* KernelModulesInitrdInclude=default -ExtraTrees= - %O/minimal-0.root-%a.raw:/usr/share/minimal_0.raw - %O/minimal-0.root-%a-verity.raw:/usr/share/minimal_0.verity - %O/minimal-0.root-%a-verity-sig.raw:/usr/share/minimal_0.verity.sig - %O/minimal-1.root-%a.raw:/usr/share/minimal_1.raw - %O/minimal-1.root-%a-verity.raw:/usr/share/minimal_1.verity - %O/minimal-1.root-%a-verity-sig.raw:/usr/share/minimal_1.verity.sig - %O/minimal-base:/usr/share/TEST-13-NSPAWN-container-template - %O/exitrd:/exitrd - InitrdPackages= btrfs-progs findutils @@ -79,7 +94,6 @@ Packages= bash-completion bpftrace btrfs-progs - clang coreutils curl diffutils @@ -97,8 +111,6 @@ Packages= kmod knot less - lld - llvm lvm2 man mdadm @@ -117,7 +129,6 @@ Packages= sed socat strace - systemd tar tmux tree diff --git a/mkosi.conf.d/10-arch/mkosi.conf b/mkosi.conf.d/10-arch/mkosi.conf index d9f75c65d33..e7288cc19df 100644 --- a/mkosi.conf.d/10-arch/mkosi.conf +++ b/mkosi.conf.d/10-arch/mkosi.conf @@ -4,11 +4,6 @@ Distribution=arch [Content] -Environment= - GIT_URL=https://gitlab.archlinux.org/archlinux/packaging/packages/systemd.git - GIT_BRANCH=main - GIT_COMMIT=d74b24c7c6077740c35a876445febe6d26bf013c - VolatilePackages= systemd systemd-libs @@ -20,18 +15,14 @@ VolatilePackages= Packages= bind bpf - compiler-rt compsize cryptsetup dbus-broker dbus-broker-units - debugedit dhcp f2fs-tools - fakeroot git gnutls - gnutls iproute iputils linux @@ -43,7 +34,6 @@ Packages= openssl pacman perf - pkgconf polkit procps-ng psmisc @@ -57,11 +47,9 @@ Packages= stress-ng tgt tpm2-tools - tpm2-tss vim InitrdPackages= - compiler-rt tpm2-tools InitrdVolatilePackages= diff --git a/mkosi.conf.d/10-arch/mkosi.prepare b/mkosi.conf.d/10-arch/mkosi.prepare index fd78e81114e..aac7b3d76f9 100755 --- a/mkosi.conf.d/10-arch/mkosi.prepare +++ b/mkosi.conf.d/10-arch/mkosi.prepare @@ -2,28 +2,32 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -if [ "$1" = "build" ] || ((NO_BUILD)); then +if [[ "$1" == "build" ]]; then exit 0 fi -# shellcheck source=/dev/null -. "$BUILDROOT/usr/lib/os-release" +DEPS="" -if [ ! -f "pkg/$ID/PKGBUILD" ]; then - echo "PKGBUILD not found at pkg/$ID/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2 - exit 1 -fi +while read -r PACKAGE; do + DEPS="$DEPS $( + pacman --sync --info "$PACKAGE" | + sed '1,/^$/d' | # Only keep result from first repository (delete everything after first blank line). + sed --quiet 's/^Depends On *: //p' # Filter out everything except "Depends On:" line and fetch dependencies from it. + )" -# We get depends and optdepends from .SRCINFO as getting them from the PKGBUILD is rather complex. -sed --expression 's/^[ \t]*//' "pkg/$ID/.SRCINFO" | - grep --regexp '^depends =' --regexp '^optdepends =' | - sed --expression 's/^depends = //' --expression 's/^optdepends = //' --expression 's/:.*//' --expression 's/=.*//' | - xargs --delimiter '\n' mkosi-install + DEPS="$DEPS $( + pacman --sync --info "$PACKAGE" | + sed '1,/^$/d' | # Only keep result from first repository (delete everything after first blank line). + sed --quiet '/Optional Deps/,/Conflicts With/{/Conflicts With/!p}' | # Get every line from "Optional Deps" (inclusive) until "Conflicts With" (exclusive). + sed 's/Optional Deps *: //' | # Drop "Optional Deps :" from first line. + sed 's/ *\(.*\):.*/\1/' | # Drop descriptions (everything after first colon for all lines). + tr '\n' ' ' # Transform newlines to whitespace. + )" +done < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") -# We get makedepends from the PKGBUILD as .SRCINFO can't encode conditional dependencies depending on -# whether some environment variable is set or not. -# shellcheck source=/dev/null -_systemd_UPSTREAM=1 . "pkg/$ID/PKGBUILD" - -# shellcheck disable=SC2154 -mkosi-install "${makedepends[@]}" +echo "$DEPS" | + xargs | # Remove extra whitespace. + tr ' ' '\n' | + grep --invert-match --regexp systemd --regexp None | # systemd packages will be installed later on. + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install diff --git a/mkosi.conf.d/10-centos-fedora/mkosi.conf b/mkosi.conf.d/10-centos-fedora/mkosi.conf index 4c6109a5445..d046eb218b5 100644 --- a/mkosi.conf.d/10-centos-fedora/mkosi.conf +++ b/mkosi.conf.d/10-centos-fedora/mkosi.conf @@ -11,6 +11,7 @@ VolatilePackages= systemd-container systemd-devel systemd-journal-remote + systemd-libs systemd-networkd systemd-networkd-defaults systemd-oomd-defaults @@ -23,7 +24,6 @@ VolatilePackages= Packages= bind-utils bpftool - compiler-rt cryptsetup device-mapper-event device-mapper-multipath @@ -33,7 +33,6 @@ Packages= git-core glibc-langpack-de glibc-langpack-en - gnutls gnutls-utils integritysetup iproute @@ -41,9 +40,7 @@ Packages= iputils iscsi-initiator-utils kernel-core - libasan libcap-ng-utils - libubsan man-db nmap-ncat openssh-clients @@ -57,8 +54,6 @@ Packages= python3-pexpect quota rpm - rpm-build - rpmautospec sbsigntools softhsm squashfs-tools diff --git a/mkosi.conf.d/10-centos-fedora/mkosi.prepare b/mkosi.conf.d/10-centos-fedora/mkosi.prepare index 1b86073ef54..2a890bcada8 100755 --- a/mkosi.conf.d/10-centos-fedora/mkosi.prepare +++ b/mkosi.conf.d/10-centos-fedora/mkosi.prepare @@ -2,64 +2,18 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -if [ "$1" = "build" ] || ((NO_BUILD)); then +if [[ "$1" == "build" ]]; then exit 0 fi -# shellcheck source=/dev/null -. "$BUILDROOT/usr/lib/os-release" +mapfile -t PACKAGES < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") -if [ ! -f "pkg/$ID/systemd.spec" ]; then - echo "spec not found at pkg/$ID/systemd.spec, run mkosi with -ff to make sure the spec is cloned" >&2 - exit 1 -fi - -for DEPS in --requires --buildrequires; do - mkosi-chroot \ - rpmspec \ - --with upstream \ - --query \ - "$DEPS" \ - --define "_topdir /var/tmp" \ - --define "_sourcedir pkg/$ID" \ - "pkg/$ID/systemd.spec" | - grep --invert-match --regexp systemd --regexp /bin/sh --regexp "rpmlib(" --regexp udev --regexp grubby --regexp sdubby | - sort --unique | - tee /tmp/buildrequires | - xargs --delimiter '\n' mkosi-install -done - -# rpmbuild -br tries to build a source package which means all source files have to exist which isn't the -# case when using --build-in-place so we get rid of the source file that doesn't exist to make it happy. -# TODO: Use -bd instead of -br and get rid of this once we don't need to build on CentOS Stream 9 anymore. -sed '/Source0/d' --in-place "pkg/$ID/systemd.spec" - -until mkosi-chroot \ - rpmbuild \ - -br \ - --build-in-place \ - --with upstream \ - --define "_topdir /var/tmp" \ - --define "_sourcedir pkg/$ID" \ - --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ - "pkg/$ID/systemd.spec" -do - EXIT_STATUS=$? - if [ $EXIT_STATUS -ne 11 ]; then - exit $EXIT_STATUS - fi - - mkosi-chroot \ - rpm \ - --query \ - --package \ - --requires \ - /var/tmp/SRPMS/systemd-*.buildreqs.nosrc.rpm | - grep --invert-match '^rpmlib(' | - sort --unique >/tmp/dynamic-buildrequires - - sort /tmp/buildrequires /tmp/dynamic-buildrequires | - uniq --unique | - tee --append /tmp/buildrequires | - xargs --delimiter '\n' mkosi-install +for DEPS in --requires --recommends --suggests; do + # We need --latest-limit=1 to only consider the newest version of the packages. + # --latest-limit=1 is per . so we have to pass --arch= explicitly to make sure i686 packages + # are not considerd on x86-64. + dnf repoquery --arch="$DISTRIBUTION_ARCHITECTURE" --latest-limit=1 --quiet "$DEPS" "${PACKAGES[@]}" | + grep --invert-match --regexp systemd --regexp udev --regexp /bin/sh --regexp grubby --regexp sdubby --regexp libcurl-minimal | + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install done diff --git a/mkosi.conf.d/10-centos/mkosi.conf b/mkosi.conf.d/10-centos/mkosi.conf index 66aa0611d68..f9ea9a6596e 100644 --- a/mkosi.conf.d/10-centos/mkosi.conf +++ b/mkosi.conf.d/10-centos/mkosi.conf @@ -20,10 +20,5 @@ Environment= # mkfs.ext4 enabled it by default, so we disable it explicitly. SYSTEMD_REPART_MKFS_OPTIONS_EXT4="-O ^orphan_file" - GIT_URL=https://git.centos.org/rpms/systemd.git - GIT_BRANCH=c9s-sig-hyperscale - GIT_COMMIT=8cf2aed0181920611421384f7374720db269d6c7 - Packages= kernel-modules # For squashfs - rpmautospec-rpm-macros diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.conf b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf index 07bf95cee70..41f1972e1f5 100644 --- a/mkosi.conf.d/10-debian-ubuntu/mkosi.conf +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf @@ -8,12 +8,6 @@ Distribution=|ubuntu PackageManagerTrees=mkosi-pinning.pref:/etc/apt/preferences.d/mkosi-pinning.pref [Content] -Environment= - GIT_URL=https://salsa.debian.org/systemd-team/systemd.git - GIT_SUBDIR=debian - GIT_BRANCH=debian/master - GIT_COMMIT=abf24e775c67cf054f474526dd5d9d952a00228b - VolatilePackages= libnss-myhostname libnss-mymachines @@ -21,6 +15,8 @@ VolatilePackages= libnss-systemd libpam-systemd libsystemd-dev + libsystemd-shared + libsystemd0 libudev-dev systemd systemd-container @@ -40,17 +36,12 @@ VolatilePackages= udev Packages= - ^libasan[0-9]+$ - ^libtss2-esys-[0-9.]+-0$ - ^libtss2-mu-[0-9.]+-0$ - ^libubsan[0-9]+$ apt bind9-dnsutils cryptsetup-bin dbus-broker dbus-user-session dmsetup - dpkg-dev f2fs-tools fdisk git-core @@ -59,9 +50,6 @@ Packages= iputils-ping isc-dhcp-server libcap-ng-utils - libclang-rt-dev - libtss2-rc0 - libtss2-tcti-device0 locales man-db multipath-tools @@ -85,7 +73,6 @@ Packages= xxd InitrdPackages= - libclang-rt-dev tpm2-tools InitrdVolatilePackages= diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.postinst b/mkosi.conf.d/10-debian-ubuntu/mkosi.postinst deleted file mode 100755 index 314f235f5fe..00000000000 --- a/mkosi.conf.d/10-debian-ubuntu/mkosi.postinst +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# SPDX-License-Identifier: LGPL-2.1-or-later -set -e - -# By default Suggests are not installed (and often Recommends are disabled too), which means we will miss -# the dlopen optional dependencies, but the tests need them, so parse them from the package metadata and -# install them. This is not an issue when building locally, as the build and runtime images are the same, -# so they would get installed as build dependencies anyway. - -if [ "$1" = "build" ] || ! ((NO_BUILD)); then - exit 0 -fi - -# Query the Recommends and Suggests of all systemd packages, by matching on the version -systemd_version="$(dpkg-query --showformat '${Version}' --show systemd)" -mapfile -t systemd_packages < <( dpkg --list | grep '^ii' | grep "$systemd_version" | awk '{print $2}' | tr '\n' ' ' ) -extra_packages=() -# shellcheck disable=SC2068 -for package in ${systemd_packages[@]}; do - # We are looking for dlopens, so filter for libraries - mapfile -t -O "${#extra_packages[@]}" extra_packages < <(dpkg-query --showformat '${Suggests}' --show "$package" | sed -e "s/, /\n/g" -e "s/|.*//" | grep "lib") - mapfile -t -O "${#extra_packages[@]}" extra_packages < <(dpkg-query --showformat '${Recommends}' --show "$package" | sed -e "s/, /\n/g" -e "s/|.*//" | grep "lib") -done - -if [ "${#extra_packages[@]}" -eq 0 ]; then - exit 0 -fi - -apt install "${extra_packages[@]}" diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare b/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare index 645671a0313..acab113b8c1 100755 --- a/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare @@ -2,17 +2,15 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -if [ "$1" = "build" ] || ((NO_BUILD)); then +if [[ "$1" == "build" ]]; then exit 0 fi -# shellcheck source=/dev/null -. "$BUILDROOT/usr/lib/os-release" +mapfile -t PACKAGES < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") -if [ ! -d "pkg/$ID/debian" ]; then - echo "deb rules not found at pkg/$ID/debian, run mkosi once with -ff to make sure the rules are cloned" >&2 - exit 1 -fi - -cd "pkg/$ID" -DEB_BUILD_PROFILES="pkg.systemd.upstream" apt-get build-dep . +apt-cache depends "${PACKAGES[@]}" | + grep --invert-match --regexp "<" --regexp "|" --regexp systemd | # Remove e.g. and |dbus-broker like results + grep --extended-regexp "Depends|Suggests|Recommends" | + sed --quiet 's/.*: //p' | # Get every line with ": " in it and strip it at the same time. + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install diff --git a/mkosi.conf.d/10-fedora/mkosi.conf b/mkosi.conf.d/10-fedora/mkosi.conf index ff716e27df9..1b76d9ac941 100644 --- a/mkosi.conf.d/10-fedora/mkosi.conf +++ b/mkosi.conf.d/10-fedora/mkosi.conf @@ -7,11 +7,6 @@ Distribution=fedora Release=rawhide [Content] -Environment= - GIT_URL=https://src.fedoraproject.org/rpms/systemd.git - GIT_BRANCH=rawhide - GIT_COMMIT=a3524fc837f5e7b68f86b3e0a9d470a94a04c4c8 - Packages= compsize dnf5 diff --git a/mkosi.conf.d/10-opensuse/mkosi.conf b/mkosi.conf.d/10-opensuse/mkosi.conf index 06edcbae413..df01c3b6bed 100644 --- a/mkosi.conf.d/10-opensuse/mkosi.conf +++ b/mkosi.conf.d/10-opensuse/mkosi.conf @@ -12,12 +12,9 @@ Repositories=non-oss PackageManagerTrees=macros.db_backend:/etc/rpm/macros.db_backend [Content] -Environment= - GIT_URL=https://code.opensuse.org/package/systemd - GIT_BRANCH=master - GIT_COMMIT=6812406e52a474568744c267e7bade1496bb26a5 - VolatilePackages= + libsystemd0 + libudev1 systemd systemd-boot systemd-container @@ -43,23 +40,14 @@ Packages= docbook-xsl-stylesheets f2fs-tools gawk - gcc-c++ git-core glibc-locale-base gnutls grep - group(bin) - group(daemon) - group(games) - group(nobody) - group(root) gzip iputils kernel-default kmod - libasan8 - libkmod2 - libubsan1 multipath-tools ncat open-iscsi @@ -74,7 +62,6 @@ Packages= python3-pexpect python3-psutil quota - rpm-build rsync sbsigntools sed @@ -85,20 +72,13 @@ Packages= tgt timezone tpm2.0-tools - user(bin) - user(daemon) - user(games) - user(nobody) - user(root) veritysetup vim xz zypper InitrdPackages= - clang kmod - libkmod2 tpm2.0-tools InitrdVolatilePackages= diff --git a/mkosi.conf.d/10-opensuse/mkosi.prepare b/mkosi.conf.d/10-opensuse/mkosi.prepare index c57aa878b8b..6ee0af2de93 100755 --- a/mkosi.conf.d/10-opensuse/mkosi.prepare +++ b/mkosi.conf.d/10-opensuse/mkosi.prepare @@ -2,63 +2,22 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -if [ "$1" = "build" ] || ((NO_BUILD)); then +if [[ "$1" == "build" ]]; then exit 0 fi -# shellcheck source=/dev/null -. "$BUILDROOT/usr/lib/os-release" -ID="${ID%-*}" +DEPS="" -if [ ! -f "pkg/$ID/systemd.spec" ]; then - echo "spec not found at pkg/$ID/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2 - exit 1 -fi +while read -r PACKAGE; do + # zypper's output is not machine readable so we make do with sed instead. + DEPS="$DEPS\n$( + zypper info --requires --recommends --suggests "$PACKAGE" | + sed '/Requires/,$!d' | # Remove everything before Requires line + sed --quiet 's/^ //p' # All indented lines have dependencies + )" +done < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") -# TODO: Drop when the spec is fixed (either the patch is adapted or not applied when building for upstream). -sed --in-place '/0009-pid1-handle-console-specificities-weirdness-for-s390.patch/d' "pkg/$ID/systemd.spec" - -for DEPS in --requires --buildrequires; do - mkosi-chroot \ - rpmspec \ - --with upstream \ - --query \ - "$DEPS" \ - --define "_topdir /var/tmp" \ - --define "_sourcedir pkg/$ID" \ - "pkg/$ID/systemd.spec" | - grep --invert-match --regexp systemd --regexp /bin/sh --regexp "rpmlib(" --regexp udev | - sort --unique | - tee /tmp/buildrequires | - xargs --delimiter '\n' mkosi-install -done - -until mkosi-chroot \ - rpmbuild \ - -bd \ - --build-in-place \ - --with upstream \ - --define "_topdir /var/tmp" \ - --define "_sourcedir pkg/$ID" \ - --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ - "pkg/$ID/systemd.spec" -do - EXIT_STATUS=$? - if [ $EXIT_STATUS -ne 11 ]; then - exit $EXIT_STATUS - fi - - mkosi-chroot \ - rpm \ - --query \ - --package \ - --requires \ - /var/tmp/SRPMS/systemd-*.buildreqs.nosrc.rpm | - grep --invert-match '^rpmlib(' | - sort --unique >/tmp/dynamic-buildrequires - - sort /tmp/buildrequires /tmp/dynamic-buildrequires | - uniq --unique | - tee --append /tmp/buildrequires | - xargs --delimiter '\n' mkosi-install -done +echo -e "$DEPS" | + grep --invert-match --regexp systemd --regexp udev --regexp qemu | + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install diff --git a/mkosi.conf.d/20-build.conf b/mkosi.conf.d/20-build.conf new file mode 100644 index 00000000000..8c16d9b9f87 --- /dev/null +++ b/mkosi.conf.d/20-build.conf @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# Add a dependency on the build image unless NO_BUILD=1. + +[Match] +Environment=!NO_BUILD=1 + +[Config] +Dependencies=build diff --git a/mkosi.conf.d/20-none.conf b/mkosi.conf.d/20-none.conf index 57a2f3f0e37..0e4d919a277 100644 --- a/mkosi.conf.d/20-none.conf +++ b/mkosi.conf.d/20-none.conf @@ -1,9 +1,11 @@ # SPDX-License-Identifier: LGPL-2.1-or-later -# If we're only rerunning the build script, remove all subimage dependencies to speed up builds. +# If we're only rerunning the build script, remove all subimage dependencies except the build image to speed +# up builds. [Match] Format=none [Config] Dependencies= +Dependencies=build diff --git a/mkosi.conf.d/20-sanitizers.conf b/mkosi.conf.d/20-sanitizers.conf index 235b233e1ad..62d052360ab 100644 --- a/mkosi.conf.d/20-sanitizers.conf +++ b/mkosi.conf.d/20-sanitizers.conf @@ -2,6 +2,7 @@ [Match] Environment=SANITIZERS +Environment=!SANITIZERS= [Content] # Set verify_asan_link_order=0 to prevent ASAN warnings when building the image and make sure the real ASAN @@ -17,3 +18,6 @@ KernelCommandLine= systemd.setenv=UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 LSAN_OPTIONS=suppressions=/usr/lib/systemd/leak-sanitizer-suppressions systemd.setenv=LSAN_OPTIONS=suppressions=/usr/lib/systemd/leak-sanitizer-suppressions + +[Config] +Include=%D/mkosi.sanitizers diff --git a/mkosi.images/build/mkosi.conf b/mkosi.images/build/mkosi.conf new file mode 100644 index 00000000000..037d25c5016 --- /dev/null +++ b/mkosi.images/build/mkosi.conf @@ -0,0 +1,11 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Content] +Packages= + clang + erofs-utils + lld + llvm + +[Output] +Format=none diff --git a/mkosi.conf.d/10-arch/mkosi.build.chroot b/mkosi.images/build/mkosi.conf.d/arch/mkosi.build.chroot similarity index 95% rename from mkosi.conf.d/10-arch/mkosi.build.chroot rename to mkosi.images/build/mkosi.conf.d/arch/mkosi.build.chroot index 268bdc2ee74..7798e78dda4 100755 --- a/mkosi.conf.d/10-arch/mkosi.build.chroot +++ b/mkosi.images/build/mkosi.conf.d/arch/mkosi.build.chroot @@ -2,14 +2,10 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -if ((NO_BUILD)); then - exit 0 -fi - # shellcheck source=/dev/null . /usr/lib/os-release -if [ ! -f "pkg/$ID/PKGBUILD" ]; then +if [[ ! -f "pkg/$ID/PKGBUILD" ]]; then echo "PKGBUILD not found at pkg/$ID/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2 exit 1 fi @@ -65,7 +61,7 @@ EOF # Linting the PKGBUILD takes multiple seconds every build so avoid that by nuking all the linting functions. rm /usr/share/makepkg/lint_pkgbuild/* -if [ -d .git/ ] && [ -z "$(git status --porcelain)" ]; then +if [[ -d .git/ ]] && [[ -z "$(git status --porcelain)" ]]; then TS="$(git show --no-patch --format=%ct HEAD)" else TS="${SOURCE_DATE_EPOCH:-$(date +%s)}" diff --git a/mkosi.images/build/mkosi.conf.d/arch/mkosi.conf b/mkosi.images/build/mkosi.conf.d/arch/mkosi.conf new file mode 100644 index 00000000000..d5148eacb66 --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/arch/mkosi.conf @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=arch + +[Content] +Environment= + GIT_URL=https://gitlab.archlinux.org/archlinux/packaging/packages/systemd.git + GIT_BRANCH=main + GIT_COMMIT=d74b24c7c6077740c35a876445febe6d26bf013c + +Packages= + base + base-devel + diffutils + git diff --git a/mkosi.images/build/mkosi.conf.d/arch/mkosi.prepare b/mkosi.images/build/mkosi.conf.d/arch/mkosi.prepare new file mode 100755 index 00000000000..e880449b72b --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/arch/mkosi.prepare @@ -0,0 +1,21 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +# shellcheck source=/dev/null +. "$BUILDROOT/usr/lib/os-release" + +if [[ ! -f "pkg/$ID/PKGBUILD" ]]; then + echo "PKGBUILD not found at pkg/$ID/PKGBUILD, run mkosi once with -ff to make sure the PKGBUILD is cloned" >&2 + exit 1 +fi + +# shellcheck source=/dev/null +_systemd_UPSTREAM=1 . "pkg/$ID/PKGBUILD" + +# shellcheck disable=SC2154 +mkosi-install "${makedepends[@]}" diff --git a/mkosi.conf.d/10-centos-fedora/mkosi.build.chroot b/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.build.chroot similarity index 95% rename from mkosi.conf.d/10-centos-fedora/mkosi.build.chroot rename to mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.build.chroot index dcb90c31ccd..3daa699b3e8 100755 --- a/mkosi.conf.d/10-centos-fedora/mkosi.build.chroot +++ b/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.build.chroot @@ -4,25 +4,21 @@ set -e . mkosi.functions -if ((NO_BUILD)); then - exit 0 -fi - # shellcheck source=/dev/null . /usr/lib/os-release -if [ ! -f "pkg/$ID/systemd.spec" ]; then +if [[ ! -f "pkg/$ID/systemd.spec" ]]; then echo "spec not found at pkg/$ID/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2 exit 1 fi -if [ -d .git/ ] && [ -z "$(git status --porcelain)" ]; then +if [[ -d .git/ ]] && [[ -z "$(git status --porcelain)" ]]; then TS="$(git show --no-patch --format=%ct HEAD)" else TS="${SOURCE_DATE_EPOCH:-$(date +%s)}" fi -if systemd-analyze compare-versions "$(rpm --version | cut -d ' ' -f3)" lt "4.19.91"; then +if [[ "$(rpm --eval "%{lua:print(rpm.vercmp('$(rpm --version | cut -d ' ' -f3)', '4.19.91'))}")" == "-1" ]]; then # Fix the %install override so debuginfo packages are generated even when --build-in-place is used. # See https://github.com/rpm-software-management/rpm/issues/3042. tee --append /usr/lib/rpm/redhat/macros <<'EOF' diff --git a/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.conf b/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.conf new file mode 100644 index 00000000000..06ea2acc8df --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.conf @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=|centos +Distribution=|fedora + +[Content] +Packages= + compiler-rt + git-core + libasan + libubsan + rpm-build + rpmautospec diff --git a/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.prepare b/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.prepare new file mode 100755 index 00000000000..fe3c14eede6 --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/centos-fedora/mkosi.prepare @@ -0,0 +1,63 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +# shellcheck source=/dev/null +. "$BUILDROOT/usr/lib/os-release" + +if [[ ! -f "pkg/$ID/systemd.spec" ]]; then + echo "spec not found at pkg/$ID/systemd.spec, run mkosi with -ff to make sure the spec is cloned" >&2 + exit 1 +fi + +mkosi-chroot \ + rpmspec \ + --with upstream \ + --query \ + --buildrequires \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$ID" \ + "pkg/$ID/systemd.spec" | + grep --invert-match --regexp systemd --regexp /bin/sh --regexp "rpmlib(" --regexp udev --regexp grubby --regexp sdubby | + sort --unique | + tee /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install + +# rpmbuild -br tries to build a source package which means all source files have to exist which isn't the +# case when using --build-in-place so we get rid of the source file that doesn't exist to make it happy. +# TODO: Use -bd instead of -br and get rid of this once we don't need to build on CentOS Stream 9 anymore. +sed '/Source0/d' --in-place "pkg/$ID/systemd.spec" + +until mkosi-chroot \ + rpmbuild \ + -br \ + --build-in-place \ + --with upstream \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$ID" \ + --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ + "pkg/$ID/systemd.spec" +do + EXIT_STATUS=$? + if [[ $EXIT_STATUS -ne 11 ]]; then + exit $EXIT_STATUS + fi + + mkosi-chroot \ + rpm \ + --query \ + --package \ + --requires \ + /var/tmp/SRPMS/systemd-*.buildreqs.nosrc.rpm | + grep --invert-match '^rpmlib(' | + sort --unique >/tmp/dynamic-buildrequires + + sort /tmp/buildrequires /tmp/dynamic-buildrequires | + uniq --unique | + tee --append /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install +done diff --git a/mkosi.images/build/mkosi.conf.d/centos/mkosi.conf b/mkosi.images/build/mkosi.conf.d/centos/mkosi.conf new file mode 100644 index 00000000000..99316bec5f6 --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/centos/mkosi.conf @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=centos + +[Content] +Packages= + rsync # TODO: Drop when CentOS Stream 9 CI is removed. + rpmautospec-rpm-macros + +Environment= + GIT_URL=https://git.centos.org/rpms/systemd.git + GIT_BRANCH=c9s-sig-hyperscale + GIT_COMMIT=46480aaa9e0ea63a85b6ca676554ce2aae10ce36 diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.build.chroot b/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.build.chroot similarity index 96% rename from mkosi.conf.d/10-debian-ubuntu/mkosi.build.chroot rename to mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.build.chroot index 1a03dcd9564..6620bda1755 100755 --- a/mkosi.conf.d/10-debian-ubuntu/mkosi.build.chroot +++ b/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.build.chroot @@ -2,14 +2,10 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e -if ((NO_BUILD)); then - exit 0 -fi - # shellcheck source=/dev/null . /usr/lib/os-release -if [ ! -d "pkg/$ID/debian" ]; then +if [[ ! -d "pkg/$ID/debian" ]]; then echo "deb rules not found at pkg/$ID/debian, run mkosi once with -ff to make sure the rules are cloned" >&2 exit 1 fi @@ -25,7 +21,7 @@ rm -rf "$SRCDIR"/debian/patches/* DEB_HOST_GNU_TYPE="$(dpkg-architecture --query DEB_HOST_GNU_TYPE)" mount --mkdir --bind "$BUILDDIR" "$SRCDIR/obj-$DEB_HOST_GNU_TYPE" -if [ -d .git/ ] && [ -z "$(git status --porcelain)" ]; then +if [[ -d .git/ ]] && [[ -z "$(git status --porcelain)" ]]; then TS="$(git show --no-patch --format=%ct HEAD)" else TS="${SOURCE_DATE_EPOCH:-$(date +%s)}" @@ -116,7 +112,7 @@ if ! build; then # by meson install. (cd debian/tmp/ && find . ! -type d ! -path "*dh-exec*" -printf '%P\n') >/tmp/installed-files - if [ -f debian/not-installed ]; then + if [[ -f debian/not-installed ]]; then grep --invert-match "^#" debian/not-installed >>/tmp/installed-files fi @@ -126,7 +122,7 @@ if ! build; then # not in the packaged file. comm -23 /tmp/installed-files /tmp/packaged-files > /tmp/unpackaged-files # If there are no unpackaged files something else went wrong. - if [ ! -s /tmp/unpackaged-files ]; then + if [[ ! -s /tmp/unpackaged-files ]]; then exit 1 fi diff --git a/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.conf b/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.conf new file mode 100644 index 00000000000..a7464aafe3e --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.conf @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=|debian +Distribution=|ubuntu + +[Content] +Environment= + GIT_URL=https://salsa.debian.org/systemd-team/systemd.git + GIT_SUBDIR=debian + GIT_BRANCH=debian/master + GIT_COMMIT=abf24e775c67cf054f474526dd5d9d952a00228b + +Packages= + apt + git-core + libclang-rt-dev + dpkg-dev diff --git a/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.prepare b/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.prepare new file mode 100755 index 00000000000..d9021fd65b2 --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/debian-ubuntu/mkosi.prepare @@ -0,0 +1,18 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +# shellcheck source=/dev/null +. "$BUILDROOT/usr/lib/os-release" + +if [[ ! -d "pkg/$ID/debian" ]]; then + echo "deb rules not found at pkg/$ID/debian, run mkosi once with -ff to make sure the rules are cloned" >&2 + exit 1 +fi + +cd "pkg/$ID" +DEB_BUILD_PROFILES="pkg.systemd.upstream" apt-get build-dep . diff --git a/mkosi.images/build/mkosi.conf.d/fedora/mkosi.conf b/mkosi.images/build/mkosi.conf.d/fedora/mkosi.conf new file mode 100644 index 00000000000..1f001452eb3 --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/fedora/mkosi.conf @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=fedora + +[Content] +Environment= + GIT_URL=https://src.fedoraproject.org/rpms/systemd.git + GIT_BRANCH=rawhide + GIT_COMMIT=a3524fc837f5e7b68f86b3e0a9d470a94a04c4c8 diff --git a/mkosi.conf.d/10-opensuse/mkosi.build.chroot b/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.build.chroot similarity index 94% rename from mkosi.conf.d/10-opensuse/mkosi.build.chroot rename to mkosi.images/build/mkosi.conf.d/opensuse/mkosi.build.chroot index 0c598eae563..266695ccc78 100755 --- a/mkosi.conf.d/10-opensuse/mkosi.build.chroot +++ b/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.build.chroot @@ -4,20 +4,16 @@ set -e . mkosi.functions -if ((NO_BUILD)); then - exit 0 -fi - # shellcheck source=/dev/null . /usr/lib/os-release ID="${ID%-*}" -if [ ! -f "pkg/$ID/systemd.spec" ]; then +if [[ ! -f "pkg/$ID/systemd.spec" ]]; then echo "spec not found at pkg/$ID/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2 exit 1 fi -if [ -d .git/ ] && [ -z "$(git status --porcelain)" ]; then +if [[ -d .git/ ]] && [[ -z "$(git status --porcelain)" ]]; then TS="$(git show --no-patch --format=%ct HEAD)" else TS="${SOURCE_DATE_EPOCH:-$(date +%s)}" @@ -28,7 +24,7 @@ fi # extension. find "pkg/$ID" -name "files.*" -exec sed --in-place 's/\.gz$//' {} \; -if systemd-analyze compare-versions "$(rpm --version | cut -d ' ' -f3)" lt "4.20"; then +if [[ "$(rpm --eval "%{lua:print(rpm.vercmp('$(rpm --version | cut -d ' ' -f3)', '4.20'))}")" == "-1" ]]; then # Fix the %install override so debuginfo packages are generated. tee --append /usr/lib/rpm/suse/macros <<'EOF' %install %{debug_package}\ @@ -122,7 +118,7 @@ build() { } if ! build; then - if [ ! -s /tmp/unpackaged-files ]; then + if [[ ! -s /tmp/unpackaged-files ]]; then exit 1 fi diff --git a/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.conf b/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.conf new file mode 100644 index 00000000000..ad6388faf7b --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.conf @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=opensuse + +[Content] +Environment= + GIT_URL=https://code.opensuse.org/package/systemd + GIT_BRANCH=master + GIT_COMMIT=6812406e52a474568744c267e7bade1496bb26a5 + +Packages= + gcc-c++ + git-core + patterns-base-minimal_base + rpm-build diff --git a/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.prepare b/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.prepare new file mode 100755 index 00000000000..3c398593b59 --- /dev/null +++ b/mkosi.images/build/mkosi.conf.d/opensuse/mkosi.prepare @@ -0,0 +1,62 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +# shellcheck source=/dev/null +. "$BUILDROOT/usr/lib/os-release" +ID="${ID%-*}" + +if [[ ! -f "pkg/$ID/systemd.spec" ]]; then + echo "spec not found at pkg/$ID/systemd.spec, run mkosi once with -ff to make sure the spec is cloned" >&2 + exit 1 +fi + +# TODO: Drop when the spec is fixed (either the patch is adapted or not applied when building for upstream). +sed --in-place '/0009-pid1-handle-console-specificities-weirdness-for-s390.patch/d' "pkg/$ID/systemd.spec" + +mkosi-chroot \ + rpmspec \ + --with upstream \ + --query \ + --buildrequires \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$ID" \ + "pkg/$ID/systemd.spec" | + grep --invert-match --regexp systemd --regexp /bin/sh --regexp "rpmlib(" --regexp udev | + sort --unique | + tee /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install + +until mkosi-chroot \ + rpmbuild \ + -bd \ + --build-in-place \ + --with upstream \ + --define "_topdir /var/tmp" \ + --define "_sourcedir pkg/$ID" \ + --define "_build_name_fmt %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" \ + "pkg/$ID/systemd.spec" +do + EXIT_STATUS=$? + if [[ $EXIT_STATUS -ne 11 ]]; then + exit $EXIT_STATUS + fi + + mkosi-chroot \ + rpm \ + --query \ + --package \ + --requires \ + /var/tmp/SRPMS/systemd-*.buildreqs.nosrc.rpm | + grep --invert-match '^rpmlib(' | + sort --unique >/tmp/dynamic-buildrequires + + sort /tmp/buildrequires /tmp/dynamic-buildrequires | + uniq --unique | + tee --append /tmp/buildrequires | + xargs --delimiter '\n' mkosi-install +done diff --git a/mkosi.sync b/mkosi.images/build/mkosi.sync similarity index 88% rename from mkosi.sync rename to mkosi.images/build/mkosi.sync index d56ddf57906..198e1bc1475 100755 --- a/mkosi.sync +++ b/mkosi.images/build/mkosi.sync @@ -14,6 +14,11 @@ if [[ -d "$PKG_SUBDIR/.git" ]]; then exit 0 fi + if ! git -C "$PKG_SUBDIR" show-ref --quiet "origin/$GIT_BRANCH"; then + git -C "$PKG_SUBDIR" remote set-url origin "$GIT_URL" + git -C "$PKG_SUBDIR" fetch origin "$GIT_BRANCH" + fi + # If work is being done on the packaging rules in a separate branch, don't touch the checkout. if ! git -C "$PKG_SUBDIR" merge-base --is-ancestor HEAD "origin/$GIT_BRANCH"; then EXIT_STATUS=$? diff --git a/mkosi.images/exitrd/mkosi.conf b/mkosi.images/exitrd/mkosi.conf index 3b25091759c..28da8a592b8 100644 --- a/mkosi.images/exitrd/mkosi.conf +++ b/mkosi.images/exitrd/mkosi.conf @@ -12,3 +12,6 @@ MakeInitrd=yes Packages= bash + +[Config] +Include=%D/mkosi.sanitizers diff --git a/mkosi.images/exitrd/mkosi.conf.d/10-arch.conf b/mkosi.images/exitrd/mkosi.conf.d/10-arch.conf index c8b1904f6f4..a5a6506e942 100644 --- a/mkosi.images/exitrd/mkosi.conf.d/10-arch.conf +++ b/mkosi.images/exitrd/mkosi.conf.d/10-arch.conf @@ -4,7 +4,7 @@ Distribution=arch [Content] -Packages= +VolatilePackages= systemd RemoveFiles= diff --git a/mkosi.images/exitrd/mkosi.conf.d/10-centos-fedora.conf b/mkosi.images/exitrd/mkosi.conf.d/10-centos-fedora.conf index 8458dee37ef..a1fa32b7860 100644 --- a/mkosi.images/exitrd/mkosi.conf.d/10-centos-fedora.conf +++ b/mkosi.images/exitrd/mkosi.conf.d/10-centos-fedora.conf @@ -5,5 +5,5 @@ Distribution=|centos Distribution=|fedora [Content] -Packages= +VolatilePackages= systemd-standalone-shutdown diff --git a/mkosi.images/exitrd/mkosi.conf.d/10-debian.conf b/mkosi.images/exitrd/mkosi.conf.d/10-debian.conf index 68b0aa5fe7f..6ca310cbc26 100644 --- a/mkosi.images/exitrd/mkosi.conf.d/10-debian.conf +++ b/mkosi.images/exitrd/mkosi.conf.d/10-debian.conf @@ -4,5 +4,5 @@ Distribution=debian [Content] -Packages= +VolatilePackages= systemd-standalone-shutdown diff --git a/mkosi.images/exitrd/mkosi.conf.d/10-opensuse.conf b/mkosi.images/exitrd/mkosi.conf.d/10-opensuse.conf index 3f6df21f841..fb0a498df5f 100644 --- a/mkosi.images/exitrd/mkosi.conf.d/10-opensuse.conf +++ b/mkosi.images/exitrd/mkosi.conf.d/10-opensuse.conf @@ -5,4 +5,7 @@ Distribution=opensuse [Content] Packages= + patterns-base-minimal_base + +VolatilePackages= systemd diff --git a/mkosi.images/exitrd/mkosi.conf.d/10-ubuntu.conf b/mkosi.images/exitrd/mkosi.conf.d/10-ubuntu.conf index ddd68dc1b4b..61fe6baee03 100644 --- a/mkosi.images/exitrd/mkosi.conf.d/10-ubuntu.conf +++ b/mkosi.images/exitrd/mkosi.conf.d/10-ubuntu.conf @@ -4,5 +4,5 @@ Distribution=ubuntu [Content] -Packages= +VolatilePackages= systemd diff --git a/mkosi.images/exitrd/mkosi.conf.d/20-build.conf b/mkosi.images/exitrd/mkosi.conf.d/20-build.conf new file mode 100644 index 00000000000..8c16d9b9f87 --- /dev/null +++ b/mkosi.images/exitrd/mkosi.conf.d/20-build.conf @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# Add a dependency on the build image unless NO_BUILD=1. + +[Match] +Environment=!NO_BUILD=1 + +[Config] +Dependencies=build diff --git a/mkosi.images/minimal-base/mkosi.conf b/mkosi.images/minimal-base/mkosi.conf index f6deeeadfb8..d841f9b76b5 100644 --- a/mkosi.images/minimal-base/mkosi.conf +++ b/mkosi.images/minimal-base/mkosi.conf @@ -14,3 +14,6 @@ Packages= coreutils grep util-linux + +[Config] +Include=%D/mkosi.sanitizers diff --git a/mkosi.images/minimal-base/mkosi.conf.d/10-arch.conf b/mkosi.images/minimal-base/mkosi.conf.d/10-arch.conf index 4978ca5cf7b..044199a6c13 100644 --- a/mkosi.images/minimal-base/mkosi.conf.d/10-arch.conf +++ b/mkosi.images/minimal-base/mkosi.conf.d/10-arch.conf @@ -9,6 +9,9 @@ Packages= iproute nmap +VolatilePackages= + systemd-libs + RemoveFiles= # Arch Linux doesn't split their gcc-libs package so we manually remove # unneeded stuff here to make sure it doesn't end up in the image. diff --git a/mkosi.images/minimal-base/mkosi.conf.d/10-centos-fedora.conf b/mkosi.images/minimal-base/mkosi.conf.d/10-centos-fedora.conf index c0a43cba19d..e9893ad9897 100644 --- a/mkosi.images/minimal-base/mkosi.conf.d/10-centos-fedora.conf +++ b/mkosi.images/minimal-base/mkosi.conf.d/10-centos-fedora.conf @@ -10,3 +10,6 @@ Packages= iproute iproute-tc nmap-ncat + +VolatilePackages= + systemd-libs diff --git a/mkosi.images/minimal-base/mkosi.conf.d/10-debian-ubuntu-opensuse.conf b/mkosi.images/minimal-base/mkosi.conf.d/10-debian-ubuntu.conf similarity index 76% rename from mkosi.images/minimal-base/mkosi.conf.d/10-debian-ubuntu-opensuse.conf rename to mkosi.images/minimal-base/mkosi.conf.d/10-debian-ubuntu.conf index b293926b08d..d524ec17fee 100644 --- a/mkosi.images/minimal-base/mkosi.conf.d/10-debian-ubuntu-opensuse.conf +++ b/mkosi.images/minimal-base/mkosi.conf.d/10-debian-ubuntu.conf @@ -10,3 +10,7 @@ Packages= iproute2 mount ncat + +VolatilePackages= + libsystemd0 + libudev1 diff --git a/mkosi.images/minimal-base/mkosi.conf.d/10-opensuse.conf b/mkosi.images/minimal-base/mkosi.conf.d/10-opensuse.conf index c164d328745..9bd40cff379 100644 --- a/mkosi.images/minimal-base/mkosi.conf.d/10-opensuse.conf +++ b/mkosi.images/minimal-base/mkosi.conf.d/10-opensuse.conf @@ -9,3 +9,7 @@ Packages= iproute2 ncat patterns-base-minimal_base + +VolatilePackages= + libsystemd0 + libudev1 diff --git a/mkosi.images/minimal-base/mkosi.conf.d/20-build.conf b/mkosi.images/minimal-base/mkosi.conf.d/20-build.conf new file mode 100644 index 00000000000..8c16d9b9f87 --- /dev/null +++ b/mkosi.images/minimal-base/mkosi.conf.d/20-build.conf @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# Add a dependency on the build image unless NO_BUILD=1. + +[Match] +Environment=!NO_BUILD=1 + +[Config] +Dependencies=build diff --git a/mkosi.initrd/mkosi.conf b/mkosi.initrd/mkosi.conf index 8f8cc2fbe6f..baf08726c0a 100644 --- a/mkosi.initrd/mkosi.conf +++ b/mkosi.initrd/mkosi.conf @@ -1,7 +1,9 @@ # SPDX-License-Identifier: LGPL-2.1-or-later [Content] -PostInstallationScripts=../mkosi.sanitizers.chroot ExtraTrees= ../mkosi.leak-sanitizer-suppressions:/usr/lib/systemd/leak-sanitizer-suppressions ../mkosi.coredump-journal-storage.conf:/usr/lib/systemd/coredump.conf.d/10-coredump-journal-storage.conf + +[Config] +Include=../mkosi.sanitizers diff --git a/mkosi.sanitizers/mkosi.conf b/mkosi.sanitizers/mkosi.conf new file mode 100644 index 00000000000..844541ce8b4 --- /dev/null +++ b/mkosi.sanitizers/mkosi.conf @@ -0,0 +1,5 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Environment=SANITIZERS +Environment=!SANITIZERS= diff --git a/mkosi.sanitizers/mkosi.conf.d/arch.conf b/mkosi.sanitizers/mkosi.conf.d/arch.conf new file mode 100644 index 00000000000..195556aa9b9 --- /dev/null +++ b/mkosi.sanitizers/mkosi.conf.d/arch.conf @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=arch +Environment=LLVM=1 + +[Content] +Packages= + compiler-rt diff --git a/mkosi.sanitizers/mkosi.conf.d/debian-ubuntu.conf b/mkosi.sanitizers/mkosi.conf.d/debian-ubuntu.conf new file mode 100644 index 00000000000..cfeef85758a --- /dev/null +++ b/mkosi.sanitizers/mkosi.conf.d/debian-ubuntu.conf @@ -0,0 +1,11 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# TODO: Drop when https://bugzilla.suse.com/show_bug.cgi?id=1225784 is fixed. + +[Match] +Distribution=|debian +Distribution=|ubuntu +Environment=LLVM=1 + +[Content] +Packages= + libclang-rt-dev diff --git a/mkosi.sanitizers/mkosi.conf.d/opensuse.conf b/mkosi.sanitizers/mkosi.conf.d/opensuse.conf new file mode 100644 index 00000000000..28357df498b --- /dev/null +++ b/mkosi.sanitizers/mkosi.conf.d/opensuse.conf @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# TODO: Drop when https://bugzilla.suse.com/show_bug.cgi?id=1225784 is fixed. + +[Match] +Distribution=opensuse +Environment=LLVM=1 + +[Content] +Packages= + clang diff --git a/mkosi.sanitizers.chroot b/mkosi.sanitizers/mkosi.postinst similarity index 66% rename from mkosi.sanitizers.chroot rename to mkosi.sanitizers/mkosi.postinst index 524e3dadb19..e0ad422f5d6 100755 --- a/mkosi.sanitizers.chroot +++ b/mkosi.sanitizers/mkosi.postinst @@ -3,31 +3,35 @@ set -e set -o nounset -if [[ -z "${SANITIZERS:-}" ]]; then +LIBSYSTEMD="$(mkosi-chroot ldconfig -p | grep libsystemd.so.0 | sed 's/[^/]*\//\//')" + +if [[ ! -f "$BUILDROOT/$LIBSYSTEMD" ]]; then exit 0 fi # Sanitizers log to stderr by default. However, journald's stderr is connected to /dev/null, so we lose # all the sanitizer logs. To rectify that, let's connect journald's stdout to kmsg so that the sanitizer # failures end up in the journal. -mkdir -p /etc/systemd/system/systemd-journald.service.d -cat >/etc/systemd/system/systemd-journald.service.d/10-stdout-tty.conf <"$BUILDROOT"/etc/systemd/system/systemd-journald.service.d/10-stdout-tty.conf < 50s when built with sanitizers so let's not run it by default. -systemctl mask systemd-hwdb-update.service +systemctl --root="$BUILDROOT" mask systemd-hwdb-update.service -ASAN_RT_PATH="$(grep libasan.so < <(ldd /usr/lib/systemd/systemd) | cut -d ' ' -f 3)" +ASAN_RT_PATH="$(grep libasan.so < <(mkosi-chroot ldd "$LIBSYSTEMD") | cut -d ' ' -f 3)" if [[ -z "$ASAN_RT_PATH" ]]; then - ASAN_RT_PATH="$(grep libclang_rt.asan < <(ldd /usr/lib/systemd/systemd) | cut -d ' ' -f 3)" + ASAN_RT_PATH="$(grep libclang_rt.asan < <(mkosi-chroot ldd "$LIBSYSTEMD") | cut -d ' ' -f 3)" # As clang's ASan DSO is usually in a non-standard path, let's check if the RUNPATH is set accordingly. - if ldd /usr/lib/systemd/systemd | grep -q "libclang_rt.asan.*not found"; then + if mkosi-chroot ldd "$LIBSYSTEMD" | grep -q "libclang_rt.asan.*not found"; then echo >&2 "clang's ASan DSO libclang_rt.asan is not present in the runtime library path" exit 1 fi @@ -94,7 +98,7 @@ wrap=( ) for bin in "${wrap[@]}"; do - if ! command -v "$bin" >/dev/null; then + if ! mkosi-chroot command -v "$bin" >/dev/null; then continue fi @@ -104,11 +108,11 @@ for bin in "${wrap[@]}"; do enable_lsan=0 fi - target="$(command -v "$bin")" + target="$(mkosi-chroot command -v "$bin")" - mv "$target" "$target.orig" + mv "$BUILDROOT/$target" "$BUILDROOT/$target.orig" - cat >"$target" <"$BUILDROOT/$target" </usr/lib/systemd/systemd-asan-env <"$BUILDROOT"/usr/lib/systemd/systemd-asan-env <