| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Newer gcc complains if FORTIFY_SOURCE=0 is set so just undefine it
instead.
|
| |
|
|
|
|
|
|
| |
When we're building debuginfo packages, the original binaries and
libraries are stripped so make sure we install the debuginfo
packages to make sure debugging in the container/VM still works.
|
|
|
|
|
|
| |
This doesn't actually work because the opensuse spec doesn't allow
adding extra build flags, but I'm working on fixing that, so let's
already set things up for later.
|
|
|
|
| |
Otherwise we get warnings from gcc.
|
|
|
|
|
| |
Let's install everything we can to get more coverage and make sure
all build outputs are available in mkosi containers or VMs.
|
|
|
|
| |
This is just a Provides for systemd-udev.
|
|
|
|
|
| |
With the latest Github Actions image release none of these should
be required anymore (20240414.1.1).
|
|
|
|
|
|
| |
-Og still causes a lot of "<optimized out>" in GDB so let's use -O0
instead and disable FORTIFY_SOURCE as it doesn't work without
optimizations enabled.
|
|
|
|
|
| |
We care more about fast builds in this case so disable the DWARF
debug optimization that's done by default.
|
|
|
|
| |
The latter is not supported on CentOS Stream 9.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes sure that the debuginfo files contain source files pointing
to the source files shipped by the debugsource package.
Normally this should be done automatically by rpm invoking debugedit
but for some unknown reason debugedit refuses to rewrite the source
files in our binaries.
Given that debugedit is completely undebugable (does not generate any
logs at all, and its source code is ridiculously obtuse), let's set
-ffile-prefix-map= when building instead which achieves the same
effect.
|
|
|
|
|
|
| |
This allows building debug packages by setting WITH_DEBUG=1. This
slows down the build a lot so it's opt in. We don't yet install
these but can do so in a future commit.
|
|
|
|
|
|
| |
The entire build environment is ephemeral anyway so everything is
cleaned regardless. By specifying --noclean, we make debugging
easier as the rpm build root can be inspected when using --debug-shell.
|
|
|
|
|
|
|
|
| |
gdb-headless in Fedora is missing a dependency on which:
https://bugzilla.redhat.com/show_bug.cgi?id=2275274
This happens all the time so let's make sure which is always installed
in the image.
|
|
|
|
|
|
|
| |
- We have ssh-generator now, so need for mkosi's Ssh= option anymore.
- By enabling RuntimeBuildSources= by default, we don't need the gdb
config file in the image anymore, since the build and source
directories will be mounted at the expected locations.
|
|
|
|
|
|
| |
mkosi just learned to do natively what we currently do with environment
variables and a postinst script, so let's update to the latest version
and start using the new settings instead.
|
|
|
|
| |
Must be executable.
|
| |
|
|
|
|
|
|
| |
Just like we already have $SYSTEMD_PACKAGES for systemd packages to
re-install in the main image, let's add $INITRD_PACKAGES for all
systemd packages to re-install in the initrd.
|
|
|
|
|
|
|
|
| |
distribution-release is a virtual package that is by default satisfied
by the openSUSE MicroOS-release package. Let's make sure we pull in the
generic openSUSE-release package instead by installing
patterns-base-minimal_base which has a Suggests dependency on
openSUSE-release which makes sure it takes priority over the MicroOS one.
|
|
|
|
|
|
|
|
|
| |
We might want to run the build scripts outside of mkosi as well at
some point, e.g. to build an rpm after booting the image, so let's
make them more generic by using /usr/lib/os-release to figure out
which pkg specs we should use instead of $PKG_SUBDIR. To make ubuntu
use the debian pkg spec, we add a symlink pkg/ubuntu which points to
debian/ in the same directory.
|
|
|
|
|
| |
The arch PKGBUILD now packages the tests when building for upstream
so let's make sure we install the new package.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This allows us to build and install after booting without having to
build a new image. Together with
https://github.com/systemd/mkosi/pull/2601 and after enabling
RuntimeBuildSources=yes, after booting, "meson install -C /work/build"
can be used to do an incremental build and install. This won't build
proper packages, but will be invaluable for having a quick compile,
edit, test cycle without having to rebuild the image all the time.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As it turns out libkmod has quite a bunch of deps, including various
compressing libs and similar. By turning this into a dlopen()
dependency, we can make our depchain during install time quite a bit
smaller. In particular as inside of containers kmod doesn't help anyway
as CAP_SYS_MODULE is not available anyway.
While we are at it, also share the code that sets up logging/kmod
context.
After:
$ lddtree ./build/systemd
systemd => ./build/systemd (interpreter => /lib64/ld-linux-x86-64.so.2)
libsystemd-core-255.so => ./build/src/core/libsystemd-core-255.so
libaudit.so.1 => /lib64/libaudit.so.1
libcap-ng.so.0 => /lib64/libcap-ng.so.0
ld-linux-x86-64.so.2 => /lib64/ld-linux-x86-64.so.2
libm.so.6 => /lib64/libm.so.6
libmount.so.1 => /lib64/libmount.so.1
libblkid.so.1 => /lib64/libblkid.so.1
libseccomp.so.2 => /lib64/libseccomp.so.2
libselinux.so.1 => /lib64/libselinux.so.1
libpcre2-8.so.0 => /lib64/libpcre2-8.so.0
libsystemd-shared-255.so => /home/lennart/projects/systemd/build/src/shared/libsystemd-shared-255.so
libacl.so.1 => /lib64/libacl.so.1
libattr.so.1 => /lib64/libattr.so.1
libcap.so.2 => /lib64/libcap.so.2
libcrypt.so.2 => /lib64/libcrypt.so.2
libgcrypt.so.20 => /lib64/libgcrypt.so.20
libgpg-error.so.0 => /lib64/libgpg-error.so.0
liblz4.so.1 => /lib64/liblz4.so.1
libcrypto.so.3 => /lib64/libcrypto.so.3
libz.so.1 => /lib64/libz.so.1
libpam.so.0 => /lib64/libpam.so.0
libeconf.so.0 => /lib64/libeconf.so.0
liblzma.so.5 => /lib64/liblzma.so.5
libzstd.so.1 => /lib64/libzstd.so.1
libc.so.6 => /lib64/libc.so.6
Before:
$ lddtree ./build/systemd
systemd => ./build/systemd (interpreter => /lib64/ld-linux-x86-64.so.2)
libsystemd-core-255.so => ./build/src/core/libsystemd-core-255.so
libaudit.so.1 => /lib64/libaudit.so.1
libcap-ng.so.0 => /lib64/libcap-ng.so.0
ld-linux-x86-64.so.2 => /lib64/ld-linux-x86-64.so.2
libkmod.so.2 => /lib64/libkmod.so.2
libzstd.so.1 => /lib64/libzstd.so.1
liblzma.so.5 => /lib64/liblzma.so.5
libz.so.1 => /lib64/libz.so.1
libcrypto.so.3 => /lib64/libcrypto.so.3
libgcc_s.so.1 => /lib64/libgcc_s.so.1
libm.so.6 => /lib64/libm.so.6
libmount.so.1 => /lib64/libmount.so.1
libblkid.so.1 => /lib64/libblkid.so.1
libseccomp.so.2 => /lib64/libseccomp.so.2
libselinux.so.1 => /lib64/libselinux.so.1
libpcre2-8.so.0 => /lib64/libpcre2-8.so.0
libsystemd-shared-255.so => /home/lennart/projects/systemd/build/src/shared/libsystemd-shared-255.so
libacl.so.1 => /lib64/libacl.so.1
libattr.so.1 => /lib64/libattr.so.1
libcap.so.2 => /lib64/libcap.so.2
libcrypt.so.2 => /lib64/libcrypt.so.2
libgcrypt.so.20 => /lib64/libgcrypt.so.20
libgpg-error.so.0 => /lib64/libgpg-error.so.0
liblz4.so.1 => /lib64/liblz4.so.1
libpam.so.0 => /lib64/libpam.so.0
libeconf.so.0 => /lib64/libeconf.so.0
libc.so.6 => /lib64/libc.so.6
|
|
|
|
|
|
|
| |
- Install individual asan libraries instead of gcc
- Drop duplicate qrencode package from arch config
- Install dbus-user-session which provides default-dbus-session-bus
- Explicitly install dbus-broker on Arch Linux
|
|
|
|
|
|
| |
Also install setools-console and policycoreutils instead of setools
which pulls in the kitchen sink. Also install selinux-policy-targeted
to make sure the right policy is installed.
|
|
|
|
| |
This avoids pulling in the perl kitchen sink.
|
|
|
|
|
|
| |
The debian revision starts after the '-' character, so make sure the
timestamp we append is treated as the revision instead of being a part
of the upstream version.
|
|
|
|
|
| |
This now finally has support for credentials and erofs so let's switch
to this much smaller kernel package that doesn't pull in linux-firmware.
|
|
|
|
|
| |
This allows the built packages to be inspected if needed, or installed
on the host system for anyone who's daring enough to do so.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The only reason to have these split up is to be able to build extension
images that use the base image as a base tree and install extra packages.
Until we have such a use case, let's merge the base and system images to
simplify things a bit.
We keep the mkosi.images/ directory to not cause too many conflicts with
the integration tests PR.
|
|
|
|
|
|
| |
The testuser user is only needed for integration tests,
which are used in the system user and this config
can be provided as drop-ins instead of inline in postinst scripts.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of running meson install and hoping for the best, let's build
distribution packages from the downstream packaging specs. This gets
us the following:
- Vastly simplified mkosi scripts since we don't need a separate initrd
image anymore but can just reuse the default mkosi initrd.
- Almost everything can move to the base image as its not the basis
anymore for the initrd and as such we don't need to care about the
size anymore.
- The systemd packages that get pulled in as dependencies of other
packages get properly uninstalled and replaced with our packages that
we built instead of just installing on top of an existing systemd
installation with no guarantee that everything from that previous
installation was removed.
- Much better testing coverage as what we're testing is much closer
to what will actually be deployed in distributions.
- Immediate feedback if something we change breaks distribution packaging
- We get integration with the distribution for free as we'll automatically
use the proper directories and such instead of having to hack this
into a mkosi build script.
- ...
|
|
|
|
| |
Otherwise the output directory cannot be configured by users.
|
|
|
|
|
|
| |
This doesn't seem to fail anymore.
This reverts commit 84c7929cd461f6f1cc2c44c69877b9fd0676c794.
|
|
|
|
|
|
| |
Let's see if this finally works.
This reverts commit e167a8283d5964ca0f903b3e362ab7e48a1ed2ab.
|
|
|
|
|
|
|
| |
The test hasn't been working for a while, since there's no /efi or /boot
in $DESTDIR.
Resolves: #31618
|
|
|
|
|
| |
We install apt and dnf in the other images as well, so lets be
consistent and install pacman in the Arch image as well.
|
|
|
|
|
|
| |
authselect 1.5.0 removed the "minimal" profile and added the "local"
profile instead. Let's modify our post-installation script to take
these changes into account.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both building and booting a directory image is much faster than
building or booting a disk image so let's default to a directory
image.
In CI, we stick to a disk image to make sure that keeps working as
well.
The only extra dependency this introduces is virtiofsd which is
packaged in all distributions except Debian stable. For users
hacking on systemd on Debian stable, a disk image can be built by
writing the following to mkosi.local.conf:
```
[Output]
Format=disk
```
|
|
|
|
| |
AF_UNIX/AF_VSOCK
|
|
|
|
|
|
|
| |
The mkosi github action doesn't set up the host machine for building
full images anymore. Instead, only sufficient packages are installed
to be able to build tools trees so we configure a fedora tools tree
to build the actual images.
|
|
|
|
|
|
|
| |
A fixed kernel finally landed on mirrors, so let's revert the C8S kernel
pin.
This reverts commit a64398b2ca1cdaee291550face0d1ce5f8ea52f6.
|
|
|
|
|
|
|
|
| |
locale files are not generated on-demand in Fedora like they are in
Debian-like systems and are typically installed from package instead.
This is necessary for the locale tests,
which expect en_US.UTF-8 to be available.
|
|
|
|
|
|
|
| |
The integration tests are installed into the image
with the intention that it should be possible to run those tests,
but those tests require the named user testuser
and tar is needed for machined-import
|
|
|
|
|
| |
Newer mkosi will start installing UKIs to /boot so prepare for that
by making sure we also copy /boot into the ESP.
|