| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
For llvm-symbolizer which is required to sanitize address sanitizer
reports.
|
|
|
|
|
|
|
| |
The next commit will introduce a way to iterate on integration
tests which depends on btrfs specific features.
We leave CentOS on ext4 as its kernel does not support btrfs.
|
|
|
|
|
|
| |
Let's use the newly added credentials to only enable autologin for
/dev/console (systemd-nspawn) and /dev/hvc0 (qemu) instead of enabling
autologin for every tty.
|
|
|
|
| |
I still manage to hit it in some cases so let's bump again.
|
|
|
|
|
|
| |
We've been getting some integration test failures due to timeouts
on finding the root partition device. Let's bump the default device
timeout a little to see if it mitigates these failures.
|
|
|
|
| |
It's pulled in via VolatilePackages=, no need to put it in Packages=.
|
|
|
|
|
| |
All of our lists start on the next line, so let's make KernelCommandLine=
fit that as well.
|
|
|
|
|
|
| |
We already have selinux=0 in the default kernel command line so
enforcing=0 is redundant. Instead, pass in enforcing=0 when we
enable selinux in TEST-06-SELINUX.
|
|
|
|
|
|
| |
It doesn't get pulled in as a dependency anyway and kernel command
line space is precious so let's remove apparmor=0 as it's a noop
anyway.
|
|
|
|
|
|
|
|
|
| |
Let's make things a little more consistent and build the initrd
explicitly as a subimage as well instead of relying on mkosi building
it as part of the main image build.
We drop the opensuse initrd postinst script as we don't use erofs by
default anymore. We can always reintroduce it again later if needed.
|
| |
|
|
|
|
|
|
|
|
| |
This allows us to add CI for CentOS Stream 10 as EPEL 10 doesn't
exist yet and won't exist for quite some time.
CentOS Stream 10 will be enabled later as soon as
https://issues.redhat.com/browse/RHEL-46604 is resolved.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We want the exitrd image to be built with the latest systemd as well.
As the exitrd image is built as part of mkosi.images, and all subimages
are built before the main image, this implies the packages must be built
as a subimage in mkosi.images/ as well. So we introduce the build image and
move all logic related to building distribution packages there.
This also has the nice side effect of slimming down the main image as the
build dependencies are not installed into the main image anymore. It also
makes sure the packages are built in a "clean" chroot without any of the
other packages which we install in the main image available.
|
|\
| |
| | |
Various integration test improvements
|
| |
| |
| |
| |
| |
| |
| |
| | |
- Stop installing the policy in the initramfs as it's not really
supported anyway (https://github.com/fedora-selinux/selinux-policy/issues/2221)
- Stop relabeling on first boot and prefer to do it at image build time
- Disable mkosi relabeling by default but enable it in CI
- Build image as root in CI so the SELinux relabeling works properly
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In https://github.com/systemd/mkosi/pull/2847, the '@' specifier is
removed, CLI arguments take priority over configuration files again
and the "main" image is defined at the top level instead of in
mkosi.images/. Additionally, not every setting from the top level
configuration is inherited by the images in mkosi.images/ anymore,
only settings which make sense to be inherited are inherited.
This commit gets rid of all the usages of '@', moves the "main" image
configuration from mkosi.images/system to the top level and gets rid
of various hacks we had in place to deal with quirks of the old
configuration parsing logic.
We also remove usages of Images= and --append as these options are
removed by the mentioned PR.
|
| |
|
|
|
|
|
| |
Let's only use mkosi's default list of modules instead of all of
them.
|
|
|
|
|
| |
We include scratch space in the rootfs image itself so we don't have
need for the scratch device so let's disable it by default.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
|
| |
|
|
|
|
|
| |
The log context is already enabled by virtue of the log level being
set to debug, so no need to enable it explicitly.
|
|
|
|
|
|
| |
Now that we use KVM and don't use repart anymore to create a root
partition on first boot, let's see if we can use the same device timeout
for both local and CI runs.
|
|
|
|
| |
This reverts commit aef13ad0294b403993e19b424b26535fb65749f4.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
|
|
|
|
|
|
| |
Mounting multiple btrfs filesystems with the same fsid only works
properly from kernel 6.7 onwards. Let's switch to ext4 for now which
does support this.
|
|
|
|
|
| |
They always fail and do not ship with proper units so we can't
disable them with presets so we mask them instead.
|
|
|
|
| |
Helps with noticing kernel related failures.
|
|
|
|
| |
Should speed up boot times a little.
|
|
|
|
|
|
|
|
| |
By default mkosi will not run VMs with these features if they're not
available, but since various stuff in systemd makes use of these, let's
fail loudly if any of these are not available by default in systemd.
Users can still override these defaults locally if they wish.
|
|
|
|
|
|
|
|
|
| |
If we're not debugging tests, there's no point in persisting the journal,
so let's use the volatile journal storage mode in that case to avoid doing
unnecessary work.
We don't disable journal storage alltogether since various tests check
that stuff is written to the journal.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately the current mkosi partitioning setup is a bit too
avant-garde for the integration tests. Both in that distributions
aren't ready for it yet (some more than others), and that software
which we depend on in the integration tests isn't ready for it yet
(e.g. libselinux does not read its configuration from /usr).
Let's switch back to a more boring partioning setup by default but
keep the fancy stuff around as a mkosi profile. This means that it
can still be used for manually testing stuff by running
"mkosi --profile particle -f qemu".
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Stop using logging module since the default output formatting is
pretty bad. Prefer print() for now.
- Log less, logging the full mkosi command line is rather verbose,
especially when it contains multi-line dropins.
- Streamline the journalctl command we output for debugging failed
tests.
- Don't force usage of the disk image format.
- Don't force running without unit tests.
- Don't force disabling RuntimeBuildSources.
- Update documentation to streamline the command for running a single
test and remove sudo as it's not required anymore.
- Improve the console output by having the test unit's output logged
to both the journal and the console.
- Disable journal console log forwarding as we have journal forwarding
as a better alternative.
- Delete existing journal file before running test.
- Delete journal files of succeeded tests to reduce disk usage.
- Rename system_mkosi target to just mkosi
- Pass in mkosi source directory explicitly to accomodate arbitrary
build directory locations.
- Add test interactive debugging if stdout is connected to a tty
- Stop explicitly using the 'system' image since it'll likely be
dropped soon.
- Only forward journal if we're not running in debugging mode.
- Stop using testsuite.target and instead just add the necessary
extras to the main testsuite unit via the credential dropin.
- Override type to idle so test output is not interleaved with
status output.
- Don't build mkosi target by default
- Always add the mkosi target if mkosi is found
- Remove dependency of the integration tests on the mkosi target
as otherwise the image is always built, even though we configure
it to not be built by default.
- Move mkosi output, cache and build directory into build/ so that
invocations from meson and regular invocations share the same
directories.
- Various aesthetic cleanups.
|
|
|
|
|
| |
This allows using systemd-vmspawn itself while still getting a decent
experience.
|
|
|
|
|
| |
The first two tests are included to ensure parallel test execution is
demonstrable.
|
|
|
|
|
|
| |
A moderately heavily loaded system booting an image without a rootfs
may timeout before the root device appears.
20 seconds is enough for a VM with 2 CPUs and 2GB RAM.
|
|
|
|
|
|
|
| |
- We have ssh-generator now, so need for mkosi's Ssh= option anymore.
- By enabling RuntimeBuildSources= by default, we don't need the gdb
config file in the image anymore, since the build and source
directories will be mounted at the expected locations.
|
|
|
|
|
|
|
| |
We have various tools that log directly to the console, as well as
pid1 which logs directly to the console when running in a container.
Let's make sure that we don't log debug messages to the console by
default, but keep the behavior when running in CI.
|
| |
|
|
|
|
|
| |
This now finally has support for credentials and erofs so let's switch
to this much smaller kernel package that doesn't pull in linux-firmware.
|
| |
|
|
|
|
|
|
| |
Required to make sure that any changes packaging specs make to the
source files are thrown away after the build so they don't mess with
the source tree.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of running meson install and hoping for the best, let's build
distribution packages from the downstream packaging specs. This gets
us the following:
- Vastly simplified mkosi scripts since we don't need a separate initrd
image anymore but can just reuse the default mkosi initrd.
- Almost everything can move to the base image as its not the basis
anymore for the initrd and as such we don't need to care about the
size anymore.
- The systemd packages that get pulled in as dependencies of other
packages get properly uninstalled and replaced with our packages that
we built instead of just installing on top of an existing systemd
installation with no guarantee that everything from that previous
installation was removed.
- Much better testing coverage as what we're testing is much closer
to what will actually be deployed in distributions.
- Immediate feedback if something we change breaks distribution packaging
- We get integration with the distribution for free as we'll automatically
use the proper directories and such instead of having to hack this
into a mkosi build script.
- ...
|
| |
|
|
|
|
|
| |
This will only be taken into account by newer mkosi versions but it'll
at least save some pain from running on a too old version.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both building and booting a directory image is much faster than
building or booting a disk image so let's default to a directory
image.
In CI, we stick to a disk image to make sure that keeps working as
well.
The only extra dependency this introduces is virtiofsd which is
packaged in all distributions except Debian stable. For users
hacking on systemd on Debian stable, a disk image can be built by
writing the following to mkosi.local.conf:
```
[Output]
Format=disk
```
|
|\
| |
| | |
Misc integration test fixes
|
| |
| |
| |
| |
| | |
For integration tests it would be preferable to operate on a copy
so tests can be run in parallel and avoid interfering.
|
|/
|
|
|
|
| |
Now that creds are processed even if systemd.firstboot=no is set, we can
use it to disable the root pw prompt *and* the new homectl prompt at the
same time, without breaking the creds stuff.
|