IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This drops all mentions of gnu-efi and its manual build machinery. A
future commit will bring bootloader builds back. A new bootloader meson
option is now used to control whether to build sd-boot and its userspace
tooling.
Let's move stuff that only applies to the final image to the
postinst script. Let's also move out some of the static files to
mkosi.extra/ instead of hardcoding them in scripts.
Debian/Ubuntu use /usr/lib/<triplet> instead of /usr/lib64, so configure it
accordingly. This is especially important for cryptsetup token plugins,
as cryptsetup comes from the distro and is configured to look into those
directories.
Let's make sure we're testing unprivileged builds properly. Usage
of SourceFileTransfer= and SourceFileTransferFinal= are removed as
they were dropped by mkosi. SourceFileTransfer=mount is now the
default in mkosi so behavior for the build script is unchanged. We
stop copying sources in the final image until mkosi adds support
for virtiofs.
When unprivileged mkosi becomes available, builds will be executed
as an unprivileged user, so we won't be able to modify the rootfs
anymore. Let's update the build script to account for this.
We also add the necessary deps for ukify to the mkosi configs.
CentOS Stream 8 is dropped from CI because its python version is too
old (3.6) to be able to run ukify.
Instead of relying on the arch specific kconfigs that enable all
kinds of options that are irrelevant for our use case, let's beef
up our own config a little so that we don't need to rely on the
arch specific configs anymore.
Also, instead of using scripts/config to enable options in the
mkosi build script, let's add a new kernel.config file that includes
all the configs we want enabled/disabled.
Finally, let's make sure we can properly run the bpf selftests by
making sure we enable all the right configs required to run the bpf
selftests successfully. We use the scripts/kconfig/merge_config.sh
script to merge the three different config files together.
We already depend on the skeleton APIs introduced in libbpf 0.7 so
let's bump our minimum version to reflect that.
We don't enforce bpf compilation on mkosi anymore since not all
distros have sufficiently up-to-date libbpf available.
If mkosi.kernel/ exists, the mkosi script will try to build a kernel
image from it. We use the architecture defconfig as a base and add
our own extra configuration on top.
We also add some extra tooling to the build image required to build
the kernel and include some documentation in HACKING.md on how to
use this new feature.
To avoid the kernel sources from being copied into the build or
final image (which we don't want because it takes a while), we put
the mkosi.kernel/ directory in .gitignore and use
"SourceFileTransfer=mount" so that the sources are still accessible
in the build image.
Explicitly enable all features/components in the mkosi build to
ensure they all get built and we get an error if they can't be built.
We also rework the packages sections of all mkosi configs to reduce
duplication and cover all the dependencies necessary to build/use all
systemd features.
Note that for the final image, since systemd is installed by default
in base images, we rely on that to install the base library dependencies
and we only list extra optional dependencies and tools that aren't already
installed by default into the base image.
We also drop the centos stream 8 mkosi build as dependencies on that
distro are too out-of-date to be able to build all systemd features.
Since centos stream 9 has been out for a while, let's focus on that
and leave it to downstream to keep systemd building on centos stream 8.
Finally, there's a few additions to the mkosi scripts to make sure
services don't start by default on boot.
- Extra memory because ASAN needs it
- The environment variables to make the sanitizers more useful
- LD_PRELOAD because the ASAN DSO needs to be the first in the list
- The sanitizer library packages
- Disable syscall filters because they interfere with ASAN
- Disable systemd-hwdb-update because it's super slow when systemd-hwdb
is built with sanitizers
- Take the value for meson's b_sanitize option from the SANITIZERS
environment variable
The comments were outdated: at least "nfsnobody" is not used in Fedora since a
few years. So I hope we don't need this anymore. The meson build scripts do
autodetection on their own.
On Fedora /usr/bin/ld is a symlink managed via the "alternatives"
system. This unfortunately means the binary is not usable in
environments where /var or /etc are unpopulated. Let's address this by
redirecting "ld" to "ld.bfd" manually if such an environment is
detected, via $PATH.
This is useful for building systemd in mkosi with UsrOnly=1 set.
Until now, update-man-rules assumed that the build directory was
a subdirectory of the project directory. When using mkosi, this is
not the case. We use find instead of git ls-files because git ls-files
does not seem to support outputting absolute paths.
Also, this makes update-man-rules a bit more user-friendly as new manpages
don't have to be added to the git staging area before they are processed by
update-man-rules.py.
mkosi recently gained support to pass arguments to the build script.
Let's take advantage of this in systemd's build script to allow
passing which target to build to ninja in the build script.
With https://github.com/systemd/mkosi/pull/630, we can set environment
variables for the build script in mkosi. Let's modify the build script
so we can set the version-tag option via an environment variable of the
same name. The default is the empty string which causes meson to fall
back to the default behavior (git version).
If $SRCDIR is mounted into the build image (via mkosi overrides),
let's not reset the permissions fo the source tree so as to not
modify the original files on the host.
When using `ninja -C "$BUILDDIR"`, ninja prints an annoying log
message about entering the directory that cannot be silenced. Let's
manually move in and out of the build directory instead.
Recently, mkosi gained support for specifying an --install-directory
option to save the contents of the install directory between bulids.
By enabling the --only-changed meson install option, meson won't
overwrite the contents of files that haven't changed since the last
build when using --install-directory.