IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
* f9fe17dbde Use vmlinux.h from kernel-devel
* 9cbad936a6 Pull in openssl-devel-engine
* 8ae009f929 Only add Requires on python3-zstd on Fedora
* 750e910c7c Drop BuildRequires on python3-zstd
(cherry picked from commit 6bd14bf4b3)
* 8153d9b0f9 Revert "Remove tmpfiles snippet for /home and /srv"
* a76669ee22 Remove tmpfiles snippet for /home and /srv
* b3e1d52cb4 Soft-disable tmpfiles --purge until a good use case comes up
* 4a29ab3f3b Version 256.1
* ebf352d292 disable auto-features when bootstrapping
* 1ae0516ae7 Version 256
* b32641170e Restore patch to drop varlink method call
* 421f0041b3 Version 256~rc4
* 65d9b49791 Fix typo
* c56891fb68 Drop sysusers.d/basic.conf
* 69472997b9 Renumber sources and make order more consistent
(cherry picked from commit b6a9ad2c62)
These are not actually needed or installed, so delete them from the
build directory, so that inside an image one can do:
apt install --reinstall /work/build/*.deb
Follow-up for 690a85b1d4
(cherry picked from commit ce513c6c6c)
With the latest mkosi, mkosi -t none can be used to rerun the build
script without messing with a previously built image. This allows
one to run "mkosi -t disk -f qemu" in one terminal to build and boot
an image in qemu and then run "mkosi -t none" in another terminal to
rebuild the packages. If one then has "RuntimeBuildSources=yes" set
in their mkosi configuration, the build directory is mounted into the
virtual machine, which means that one can then run "dnf upgrade
/work/build/*.rpm" from within the VM to install the new packages.
This allows for quickly iterating on changes without having to rebuild
the image all the time.
We'll probably want to document this at some point, but let's start
with making it possible by copying the built packages to the build directory.
(cherry picked from commit 690a85b1d4)
Currently if git merge-base fails we'll hide the error and exit with
exit status 0. Let's make we only exit early if git merge-base exits
with 1 which indicates the current commit is not on the target branch.
Any other error is considered fatal.
(cherry picked from commit 2fe6ad5a64)
The repository on Salsa includes the full upstream sources, which means
they are duplicated, taking extra space and showing duplicated grep results.
But we only need the debian/ subfolder, so do a sparse clone and checkout.
* 5b9607385d debian/tests/storage: without scsi_debug, skip test
* 8a195a6327 debian/extra: use a dropin to configure Nice=-1 on systemd-journald.service
* 5436d49288 debian/extra: use a drop-in resolved.conf to configure Cache=no-negative
* 596a99d2d3 debian/extra: set ManagedOOMSwap=auto on -.slice
* 07ba81b14d LimitCORE: restore default hard limit to infinity
* df3a9a91e8 Restart managers on libc-upgrade dpkg trigger
Those scripts are written with the expectation that all input variables are set
and will not behave correctly if something is ommitted. In particular, the
non-chrooted scripts (mkosi.clean, mkosi.sync) might wreak havoc if called
without the full environment.
We don't need this anymore since we now just do delayed evaluation
of $CFLAGS in /etc/makepkg.conf and it imports $CFLAGS into the
script environment which messes everything up.
meson does not support changing compilation flags on the fly, when
doing so, the entire build directory has to be cleared explicitly, so
let's add a way to do that by setting WIPE=1.
Let's also allow developers to specify their own meson options via
$MESON_OPTIONS.
If the none format is specified, we don't use the extra trees at all
so let's make the dependencies on the subimages conditional on Format=
not being set to "none".
This speeds up builds when using Format=none.
When we query dependencies with rpmspec, we get the following:
"""
bash-5.2# mkosi-chroot rpmspec --with upstream --query --requires --define "_topdir /var/tmp" --define "_sourcedir pkg/fedora" "pkg/fedora/systemd.spec" | sort --unique
(grubby > 8.40-72 if grubby)
(sdubby > 1.0-3 if sdubby)
(systemd-rpm-macros = 256~rc3-1.fc41 if rpm-build)
(util-linux-core or util-linux)
/bin/sh
coreutils
dbus >= 1.9.18
firewalld-filesystem
grep
kbd
kmod >= 18-4
libidn2.so.0()(64bit)
libidn2.so.0(IDN2_0.0.0)(64bit)
libkmod.so.2()(64bit)
libkmod.so.2(LIBKMOD_5)(64bit)
openssl-libs
python3dist(cryptography)
python3dist(pefile)
python3dist(psutil)
python3dist(zstd)
systemd = 256~rc3-1.fc41
systemd(x86-64) = 256~rc3-1.fc41
systemd-boot
systemd-libs(x86-64) = 256~rc3-1.fc41
systemd-networkd = 256~rc3-1.fc41
systemd-pam(x86-64) = 256~rc3-1.fc41
systemd-udev = 256~rc3-1.fc41
"""
Trying to install with dnf5 correctly filters out grubby and sdubby
as they are conditional dependencies and shouldn't be installed. However,
dnf doesn't do the right thing and tries to install both grubby and sdubby,
and since they conflict this causes the build to fail.
Let's filter out sdubby and grubby explicitly to work around the bug in dnf
as it's unlikely to get fixed since all development effort is now focused on
dnf5.
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
This reverts commit e74a994ebf.
The description in that commit was confused, add-determinism was not broken
and was not causing any problems, except a log message.
Since rpm 4.20 it tries to fix the permissions of all source files
in the sources. This takes forever and fails in our case with a
permission error. Since we don't want rpm touching our source files,
override the script to be a noop.
This was added for reproducible builds which we don't really care
about when building rpms in mkosi, so disable it from running as it's
broken and breaks our rpm builds.
The corresponding bug was fixed in rpm 4.20 (of which the alpha is in
rawhide as rpm 4.19.91) so skip the workaround when we detect a newer
rpm version.
Unfortunately, git submodules break in all sorts of ways:
- Various github workflows (dependabot, github pages) try to do a shallow
clone of git submodules which does not work at all when the git repository
is hosted on pagure (https://pagure.io/pagure/issue/5453,
https://github.com/dependabot/dependabot-core/issues/9391).
- If the git forge hosting the git repository uses SHA256, then it breaks our
usage of it as a submodule as SHA256 repositories cannot be used as submodules
in SHA1 repositories (src.opensuse.org moved to SHA256 which broke our usage of
opensuse's systemd spec as a submodule).
- git submodules completely break usage of git worktrees.
- ...
Let's avoid all these issues by just doing our own home grown implementation of
git submodules. We lose the automatic dependabot updates this way but since dependabot
fails to run more often that not with submodules we don't really lose anything.
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
dbus-broker and dbus-daemon have not been made interchangable on
OpenSUSE so we currently end up with dbus-broker used for the system
bus and dbus-daemon for the session bus. Let's stick to dbus-daemon
on OpenSUSE until they switch to dbus-broker.
Mounting multiple btrfs filesystems with the same fsid only works
properly from kernel 6.7 onwards. Let's switch to ext4 for now which
does support this.
In mkosi, we run the test inside the VM instead of outside. To simplify
the implementation we drop the reboot part and only verify that we can
schedule and cancel shutdowns and that the wall messages are sent as
expected.
Encrypted /var is skipped because meson's limitations make per test
images not really feasible and we can't encrypt /var by default because
it slows down the image build too much.
Co-authored-by: Richard Maw <richard.maw@codethink.co.uk>
Having these named differently than the test itself mostly creates
unecessary confusion and makes writing logic against the tests harder
so let's rename the testsuite-xx units and scripts to just use the
test name itself.
Required to run systemd-networkd-tests.py. Already a dependency of
systemd-tests on Fedora so we don't add it there as it'll be pulled
in via the prepare script.
We want /tmp to be a tmpfs so let's hack the debian packaging to
make sure that's the case until the debian packaging is fixed to
make /tmp a tmpfs for UPSTREAM=1 builds.
Only missing on CentOS/Fedora/OpenSUSE as in Arch/Debian/Ubuntu it's
part of the cryptsetup package which we already install.
Required for TEST-58-REPART.