diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml index 829d0c5c454..e42f304115d 100644 --- a/.github/workflows/mkosi.yml +++ b/.github/workflows/mkosi.yml @@ -73,7 +73,7 @@ jobs: steps: - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - - uses: systemd/mkosi@ee7f2950a25fdaaa7027937c5d9f3df6761e9fd9 + - uses: systemd/mkosi@779484101987048b820b07a6111bcb0e8d5ebc1d - name: Configure run: | @@ -92,6 +92,9 @@ jobs: systemd.journald.max_level_console=debug # udev's debug log output is very verbose, so up it to info in CI. udev.log_level=info + + [Host] + ExtraSearchPaths=!* EOF - name: Generate secure boot key diff --git a/mkosi.conf.d/10-systemd.conf b/mkosi.conf.d/10-systemd.conf index 2c7eb63e71c..b7175fb705f 100644 --- a/mkosi.conf.d/10-systemd.conf +++ b/mkosi.conf.d/10-systemd.conf @@ -1,7 +1,6 @@ # SPDX-License-Identifier: LGPL-2.1-or-later [Output] -Bootable=yes # Prevent ASAN warnings when building the image and ship the real ASAN options prefixed with MKOSI_. Environment=ASAN_OPTIONS=verify_asan_link_order=false MKOSI_ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:disable_coredump=0:use_madv_dontdump=1 @@ -19,6 +18,7 @@ Packages= diffutils dnsmasq dosfstools + dracut e2fsprogs findutils gcc # For sanitizer libraries @@ -36,7 +36,9 @@ Packages= qrencode sed strace + systemd tree + udev util-linux valgrind wireguard-tools diff --git a/mkosi.conf.d/20-arch.conf b/mkosi.conf.d/20-arch.conf index c926c88c1a0..6dcbb9f6ab6 100644 --- a/mkosi.conf.d/20-arch.conf +++ b/mkosi.conf.d/20-arch.conf @@ -8,6 +8,7 @@ Distribution=arch [Content] Packages= alsa-lib + base btrfs-progs compsize dhcp @@ -22,9 +23,11 @@ Packages= libmnl libpwquality libxkbcommon + linux man-db numactl openbsd-netcat + openssh polkit popt python-pefile diff --git a/mkosi.conf.d/20-centos.conf b/mkosi.conf.d/20-centos.conf index 09b79731952..a28167f8bf9 100644 --- a/mkosi.conf.d/20-centos.conf +++ b/mkosi.conf.d/20-centos.conf @@ -20,6 +20,7 @@ Packages= gnutls iproute iproute-tc + kernel kernel-modules-extra libasan libbpf @@ -33,6 +34,7 @@ Packages= libxkbcommon netcat numactl-libs + openssh-server p11-kit pam passwd @@ -42,6 +44,7 @@ Packages= python3-docutils quota tpm2-tss + util-linux vim-common BuildPackages= diff --git a/mkosi.conf.d/20-debian.conf b/mkosi.conf.d/20-debian.conf index 5244194a01d..9e61b53eba6 100644 --- a/mkosi.conf.d/20-debian.conf +++ b/mkosi.conf.d/20-debian.conf @@ -10,6 +10,8 @@ Release=testing Packages= btrfs-progs cryptsetup-bin + dbus + default-dbus-session-bus f2fs-tools fdisk fuse @@ -34,7 +36,9 @@ Packages= libpwquality1 libqrencode4 libtss2-dev # Use the -dev package to avoid churn in updating version numbers + linux-image-cloud-amd64 netcat-openbsd + openssh-server passwd policykit-1 procps @@ -42,6 +46,7 @@ Packages= python3-psutil python3-pytest quota + systemd-sysv xxd BuildPackages= diff --git a/mkosi.conf.d/20-fedora.conf b/mkosi.conf.d/20-fedora.conf index 5967c3670f3..c76c01f14bc 100644 --- a/mkosi.conf.d/20-fedora.conf +++ b/mkosi.conf.d/20-fedora.conf @@ -21,6 +21,7 @@ Packages= gnutls iproute iproute-tc + kernel libasan libbpf libcap-ng @@ -34,6 +35,7 @@ Packages= libxkbcommon netcat numactl-libs + openssh-server pam passwd polkit @@ -44,6 +46,7 @@ Packages= python3dist(pytest) quota tpm2-tss + util-linux vim-common BuildPackages= diff --git a/mkosi.conf.d/20-opensuse.conf b/mkosi.conf.d/20-opensuse.conf index 96093951e1d..caf84ba0ab5 100644 --- a/mkosi.conf.d/20-opensuse.conf +++ b/mkosi.conf.d/20-opensuse.conf @@ -15,6 +15,7 @@ Packages= gcc # Provides libasan/libubsan glibc-32bit glibc-locale-base + kernel-default libasound2 libbpf1 libcap-ng-utils @@ -36,6 +37,7 @@ Packages= libqrencode4 libseccomp2 libxkbcommon0 + openssh-server pam python3-pefile python3-psutil diff --git a/mkosi.conf.d/20-ubuntu.conf b/mkosi.conf.d/20-ubuntu.conf index 97deb709473..132f72a8d34 100644 --- a/mkosi.conf.d/20-ubuntu.conf +++ b/mkosi.conf.d/20-ubuntu.conf @@ -5,12 +5,14 @@ Distribution=ubuntu [Distribution] Release=jammy -Repositories=main,universe +Repositories=universe [Content] Packages= btrfs-progs cryptsetup-bin + dbus + default-dbus-session-bus f2fs-tools fdisk fuse @@ -36,7 +38,9 @@ Packages= libtss2-dev # Use the -dev package to avoid churn in updating version numbers linux-tools-common linux-tools-generic + linux-virtual netcat-openbsd + openssh-server passwd policykit-1 procps @@ -44,6 +48,7 @@ Packages= python3-psutil python3-pytest quota + systemd-sysv xxd BuildPackages= diff --git a/mkosi.postinst b/mkosi.postinst index 43cc818393a..b84f0342355 100755 --- a/mkosi.postinst +++ b/mkosi.postinst @@ -47,8 +47,10 @@ EOF systemctl mask systemd-hwdb-update.service fi -# Make sure dnsmasq.service doesn't start on boot on Debian/Ubuntu. -rm -f /etc/systemd/system/multi-user.target.wants/dnsmasq.service +# Make sure dnsmasq doesn't start on boot on Debian/Ubuntu. +systemctl disable dnsmasq +# Make sure sshd doesn't start on Opensuse. +echo "disable sshd.service" > /usr/lib/systemd/system-preset/00-mkosi.preset if [ -n "$IMAGE_ID" ] ; then sed -n \