1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

108 Commits

Author SHA1 Message Date
Daan De Meyer
2defccf3e1 mkosi: Drop kernel command line arguments that are set by mkosi
mkosi sets these by default now so let's drop them from our
configuration.
2023-07-14 14:51:42 +02:00
Daan De Meyer
5b79e9d7a9 mkosi: Update to latest
mkosi now supports CentOS SIGs natively so we drop our own definition
of that and use the mkosi builtin one. We also enable hyperscale for
both CentOS 8 and CentOS 9 for consistency and add epel-next as well
which is a requirement for Hyperscale.
2023-07-14 14:47:45 +02:00
Daan De Meyer
95b8bf9df2 mkosi: Set systemd.early_core_pattern=/core
This makes sure we get pid1 coredumps during early boot.
2023-07-14 09:13:10 +02:00
Daan De Meyer
2fe24cccde mkosi: Enable Incremental= mode by default
Since mkosi is now smart enough to drop the caches when the list of
packages changes, let's enable Incremental= mode by default to ensure
a good experience for anyone new to hacking on systemd with mkosi.
2023-06-29 13:11:39 +01:00
Yu Watanabe
f06390d504 mkosi: install HyperScale repository for CentOS 8
Preparation for bumping meson requirement higher than 0.56.2.
2023-06-16 10:43:06 +09:00
Daan De Meyer
abeecde242 mkosi: Update to latest
We update our configuration to replace the removed
RepositoryDirectories= option with the new PackageManagerTrees=
option.
2023-06-13 16:04:08 +02:00
Daan De Meyer
9f89c2d420 mkosi: Update to latest
mkosi's match syntax was changed so we update our config files to
use the new match syntax which mimicks the systemd condition syntax.
2023-06-07 15:59:03 +02:00
Daan De Meyer
cc532533b8 mkosi: Enable more options
We build with support for selinux/apparmor where applicable but
disable them at runtime as even in permissive mode they're horribly
broken.
2023-06-02 17:25:23 +02:00
Daan De Meyer
a47c48cbb2 mkosi: Only lower device timeout instead of all timeouts
We only really care about lowering the device timeout so we get to
a shell faster when the root device doesn't appear so let's only
lower that timeout instead of lowering all default timeouts.
2023-06-02 15:43:28 +02:00
Daan De Meyer
ee6eedab82 mkosi: Sign expected PCRs
This is now possible without a TMP device so let's start signing
PCRs when building images with mkosi.
2023-06-02 15:43:28 +02:00
Daan De Meyer
fdeed78a71 mkosi: Blacklist vmw_vmci to avoid issues with vsock in Github Actions
If this module is loaded, sending readiness notifications from the
VM will fail with "no route to host" so let's blacklist the module
to prevent that from happening.
2023-05-31 14:19:25 +02:00
Daan De Meyer
78c49d012c mkosi: Always pull in network-online.target
Let's always pull this in so that we always activate
systemd-networkd-wait-online for extra coverage.
2023-05-15 15:41:53 +02:00
Daan De Meyer
47e5e12866 mkosi: Package a erofs usr partition with signed verity
Let's start moving towards a more involved partitioning setup to
test our stuff more when using mkosi.

The root partition is generated on boot with systemd-repart.

CentOS supports neither erofs nor btrfs so we use squashfs and xfs
instead.

We also enable SecureBoot= locally for additional coverage. This
and the use of verity means users need to run `mkosi genkey` once
to generate the keys necessary to do secure boot and verity.
2023-05-13 10:49:17 +02:00
Daan De Meyer
79255d86ba mkosi: Do not enable ACL usage by default
This is only useful to be able to remove generated files using rm -rf
instead of mkosi clean and has some implications for the generated
rootfs so let's not enable it by default.
2023-05-13 09:17:15 +02:00
Daan De Meyer
fecbce1fc6 sulogin: Read SYSTEMD_SULOGIN_FORCE from kernel cmdline
This allows setting it on the kernel cmdline and having it work
automatically without having to write any dropins or such.

Also enable the option in mkosi so that we can debug the initrd
properly with a locked root account.
2023-05-13 09:16:55 +02:00
Daan De Meyer
949e1fdd52 mkosi: Disable auditd in the preset instead of masking it 2023-05-11 12:18:50 +02:00
Daan De Meyer
4decc7a514 mkosi: Replace root password setting with a credential 2023-05-11 12:18:50 +02:00
Daan De Meyer
d052cc8893 mkosi: Switch to use mkosi presets with prebuilt initrds
Instead of building the initrds for the mkosi images with dracut,
let's switch to using mkosi presets to build the initrd with mkosi
as well.

This commit splits up our single image build into three separate
mkosi presets:

1. The "base" preset. This image contains systemd and all its runtime
dependencies. The sole purpose of this image is to serve as a base image
for the initrd and the final image. It's also responsible for building
systemd from source with the build script. The results are installed into
the base image. Note that we install the systemd and udev packages into this
image as well to prevent package managers from overriding the systemd we built
from source with the distro packaged systemd if it's pulled in as a dependency
by another package from the initrd or final profiles.
2. The "initrd" preset. This image provides the initrd. It's trivial and does
nothing more than packaging the base image up as a zstd compressed initramfs and
adds /init and /etc/initrd-release symlinks to the image.
3. The "final" preset. This image builds on top of the base image and adds
a kernel and extra packages that are useful for testing and debugging.

We also split out the optional kernel build into a separate set of config files
that are only included if a kernel to build is actually provided.

Note that this commit doesn't really change anything about how mkosi is used.
The commands remain the same, except that mkosi will now build all the presets
in order. "mkosi summary" will show the summary of all the presets. "mkosi qemu,
boot, shell" will always boot the final preset. With "-f", all presets will be
built and the final one is booted. "-i" makes a cache of each preset.

The only thing to keep in mind is that specifying config via the mkosi CLI will
apply to each of the presets. e.g. any extra packages added with "-p" will be
installed in both the initrd and the final image. To apply local configuration
to a single preset, create a file 00-local.conf in
mkosi.presets/<profile>/mkosi.conf.d and put all the preset specific configuration
in there.
2023-05-01 15:39:50 +02:00
Luca Boccassi
48df882c7f mkosi: add tmpfiles to create debian/ubuntu /etc/default/locale link 2023-04-24 10:47:29 +01:00
Luca Boccassi
0b5382ed03 mkosi: move debian/ubuntu ignore preset to config directory 2023-04-24 10:46:39 +01:00
Luca Boccassi
6f9b70fc69 mkosi: move debian/ubuntu common conf under common directory 2023-04-24 10:44:42 +01:00
Daan De Meyer
f997f91d7d mkosi: Update to latest
Let's use the new support for matching against any distribution in
a list of distributions to start sharing most things between the
ubuntu/debian configs and centos/fedora configs.
2023-04-24 10:56:55 +02:00
Luca Boccassi
2f39220e7c mkosi: remove ?priority(required) from debian pkg list
Requires apt 2.3.10 which is not available in stable, and also doesn't
seem necessary, same packages are installed anyway
Add tzdata manually, as that doesn't seem to be pulled in via the CI.
2023-04-21 13:43:49 +02:00
Daan De Meyer
85003d1296 mkosi: Disable kmsg ratelimiting 2023-04-20 13:43:37 +02:00
Daan De Meyer
6b7e774b5d mkosi: Update to latest 2023-04-19 10:13:06 +02:00
Daan De Meyer
c8ae0a81bf mkosi: Use kernel-core for Fedora and CentOS images
Let's reduce image size by using a smaller kernel package.
2023-04-17 10:50:14 +02:00
Zbigniew Jędrzejewski-Szmek
4518126807 mkosi: default to Fedora 38
It'll be out this week. We can't update the man pages before it is realeased,
but we can use it for mkosi builds and do some very late testing.

Also, use filepath specification for /bin/pkg-config. We need it for meson, and
meson calls it directly by this path. pkgconfig is a virtual Provides on
pkgconf-pkg-config, and the indirection here just obfuscates things with no
benefit.

Add it explicitly for centos too. (I think it is pulled in by packages which
contain pkg-config modules anyway, but it's better to be explicit).
2023-04-16 15:22:54 +02:00
Daan De Meyer
5739271000 mkosi: Update to latest
mkosi now installs a "ignore *" default preset on Debian. We also
switch Debian to dbus-broker now that preset doesn't disable it
anymore.
2023-04-15 19:04:25 +08:00
Daan De Meyer
fde55f3a32 mkosi: Update to latest
The Bootable= option was removed and mkosi installs less packages
by default now, so let's adapt our configs to those changes.
2023-04-13 13:49:30 +01:00
Daan De Meyer
af6c5c7025 mkosi: Update to latest
This also migrates the configuration to the new format that was
just merged in mkosi. Specifically, we make use of the new [Match]
sections to only include specific config snippets per distro.
2023-04-07 08:13:42 +09:00
Daan De Meyer
89c8328fc9 Revert "mkosi: Drop python-docutils"
This reverts commit be266f49d6b7e3f021e2a07f937d39d1f14a283d.

Turns out we installed this because it's required by the bpf selftests
so let's keep it intact.
2023-04-05 11:00:52 +02:00
Daan De Meyer
6fdd30fb7c mkosi: Drop python-docutils
We don't seem to use anything from python-docutils at all, so let's
drop the dependency.
2023-03-29 14:33:06 +02:00
Daan De Meyer
94c9855a18 mkosi: Update to latest
- Drop Netdev= as it was removed in mkosi
- Always install python-psutil in the final image (required for networkd tests)
- Always Install python-pytest in the final image (required for ukify tests)
- Use the narrow glob for all centos python packages
- Drop the networkd mkosi config files (the default image can be used instead)
- Use ".conf" as the mkosi config file suffix everywhere
- Copy src/ to /root/src in the final image and set gdb substitute path in
  .gdbinit to make gdb work properly
2023-03-29 13:27:19 +02:00
Daan De Meyer
0beb2a95a4 mkosi: Update to latest
- ACLs are not set on generated directories anymore by default, so
we enable them explictly now so that when running unprivileged mkosi,
the user running mkosi can remove all generated files and directories.
- We don't explicitly set QemuHeadless= anymore as the option was removed
and made the default.
- We set the loglevel= kernel cmdline argument explicitly now as mkosi
doesn't set it by default anymore.
2023-03-29 11:13:33 +01:00
Daan De Meyer
89de1d983e mkosi: Narrow glob used to install python packages
Let's make sure we only install the python3 and python39 python
packages, instead of all the packages of all versions that are
packaged.

This also fixes the CentOS 8 CI because python3.11-pytest was failing
to install.

We have to ship our own powertools repo definition because we need to
enable module_hotfixes for powertools to coerce dnf into installing
some of the python packages.
2023-03-27 14:03:42 +02:00
Daan De Meyer
26f51ae430 mkosi: Default to debug log level for udev as well
Unlike CI, the debug output just goes to the journal, so there's no
harm in enabling it, even if it's noisy.
2023-03-21 11:01:34 +01:00
Daan De Meyer
58caedadbb mkosi: Enable some debugging options by default 2023-03-17 12:13:26 +09:00
Jan Janssen
e8509329d7 ci: Adjust for new EFI build 2023-03-10 11:41:08 +01:00
Jan Janssen
dfca5587cf tree-wide: Drop gnu-efi
This drops all mentions of gnu-efi and its manual build machinery. A
future commit will bring bootloader builds back. A new bootloader meson
option is now used to control whether to build sd-boot and its userspace
tooling.
2023-03-10 11:41:03 +01:00
Daan De Meyer
877e68e702 mkosi: Install dnf on centos and fedora
dnf is not installed by default anymore, but it's still useful to
have in our images, so let's install it explicitly.
2023-03-05 18:05:19 +09:00
Lennart Poettering
b65a4aec05 mkosi: add some really basic tools to default mkosi image
"passwd" and "pscap" are extremely useful to debug basic OS behaviour,
and tiny. So let's add them to our default development images, just to
save us some headaches.
2023-02-28 21:42:29 +01:00
Daan De Meyer
01a0756427 mkosi: Move more logic to the postinst script
Let's move stuff that only applies to the final image to the
postinst script. Let's also move out some of the static files to
mkosi.extra/ instead of hardcoding them in scripts.
2023-02-21 15:20:18 +01:00
Luca Boccassi
bbb40c4e6f mkosi: configure multiarch libdir in debian/ubuntu builds
Debian/Ubuntu use /usr/lib/<triplet> instead of /usr/lib64, so configure it
accordingly. This is especially important for cryptsetup token plugins,
as cryptsetup comes from the distro and is configured to look into those
directories.
2023-02-16 11:30:32 +01:00
Daan De Meyer
39a6a5169b mkosi: Use globs instead of prepare script to install extra packages
This allows us to install everything in the same dnf command instead
of having to use a prepare script to run dnf from within the image.

This is a hack until mkosi supports release specific dropin files.
2023-02-10 16:05:32 +01:00
Daan De Meyer
c9853672a0 mkosi: Update to latest
Let's make sure we're testing unprivileged builds properly. Usage
of SourceFileTransfer= and SourceFileTransferFinal= are removed as
they were dropped by mkosi. SourceFileTransfer=mount is now the
default in mkosi so behavior for the build script is unchanged. We
stop copying sources in the final image until mkosi adds support
for virtiofs.
2023-02-10 18:16:54 +09:00
Daan De Meyer
c3caadb400 mkosi: Drop epel-testing repository from centos config
python3-pefile was pushed to epel 9 stable.
2023-01-29 11:55:57 +01:00
Daan De Meyer
c8943ce884 mkosi: Update and enable ukify in mkosi builds
We also add the necessary deps for ukify to the mkosi configs.

CentOS Stream 8 is dropped from CI because its python version is too
old (3.6) to be able to run ukify.
2023-01-27 15:05:04 +01:00
Daan De Meyer
396a249388 mkosi: Rename the configuration files to use ".conf" as extension 2023-01-19 16:34:49 +01:00
Daan De Meyer
9d2e4ceee5 ci: Update mkosi action to latest commit
Let's make sure we're testing with the latest changes in mkosi. This
includes both the switch to systemd-repart and ukify, making sure we
get extra testing coverage for those components.

This also drops options from the centos config that have been removed
in the newer mkosi.

For some reason idmapping runs into some issues so we disable it for
now.
2023-01-15 20:44:53 +01:00
Daan De Meyer
99173cafbe mkosi: Drop i686 packages
These are only needed for some kernel selftests but they prevent
building the mkosi image on aarch64 systems so let's drop them
until mkosi has support for conditional configuration so we can
only add these packages on the right architecture.
2022-12-13 22:00:04 +09:00
Daan De Meyer
d3a8471754 mkosi: Drop HostonlyInitrd=yes
This option will be removed in the upcoming version of mkosi so let's
stop using it in our config.
2022-12-02 10:46:32 +01:00
Daan De Meyer
6263e0a2c0 mkosi: Drop explicit Format=
Once mkosi migrates to systemd-repart, only "disk" will be supported
for making disk images with mkosi and the filesystem will have to be
specified in repart partition definition files. To accomodate this
change, let's remove the explicit Format= assignment which means we'll
default to a disk image with ext4 until we add our own mkosi.repart/
directory.
2022-12-02 10:44:56 +01:00
Lennart Poettering
0d9e6d76be mkosi: pull in libbpf1 instead of legacy libbpf0 on debian 2022-11-21 16:13:29 +01:00
Daan De Meyer
bf3598beff mkfs-util: Add support to populate vfat without mounting using mcopy
mkfs.vfat doesn't support specifying a root directory to bootstrap
the filesystem from (see https://github.com/dosfstools/dosfstools/issues/183).
Instead, we can use the mcopy tool from the mtools package to copy
files into the vfat filesystem after creating it without needing to
mount the vfat filesystem.
2022-11-15 20:07:54 +01:00
Daan De Meyer
68665704dc mkosi: Add mkfs tools to mkosi image
Useful for testing systemd-repart
2022-11-15 20:07:54 +01:00
Daan De Meyer
6c2ff4a050 mkosi: Build and install kernel selftests 2022-11-08 16:24:21 +01:00
Daan De Meyer
165176d199 mkosi: Add back libasan/libubsan libraries
These were accidentally removed as part of #24025
2022-11-08 16:20:51 +01:00
Zbigniew Jędrzejewski-Szmek
e02db840ac mkosi: use the new mkosi.conf suffix
Mkosi 14 is out, compat with old mkosi is not terribly important. Let's
use the new nice suffix.
2022-11-08 01:32:00 +09:00