summaryrefslogtreecommitdiffstats
path: root/mkosi.images/system (follow)
Commit message (Collapse)AuthorAgeFilesLines
* mkosi: undefine FORTIFY_SOURCE instead of setting it zeroDaan De Meyer2024-04-183-4/+4
| | | | | Newer gcc complains if FORTIFY_SOURCE=0 is set so just undefine it instead.
* mkosi: Disable bash debugging in Arch build scriptDaan De Meyer2024-04-181-1/+1
|
* mkosi: Install debug packages when WITH_DEBUG=1 is enabledDaan De Meyer2024-04-184-0/+73
| | | | | | When we're building debuginfo packages, the original binaries and libraries are stripped so make sure we install the debuginfo packages to make sure debugging in the container/VM still works.
* mkosi: Setup --ffile-prefix-map= for opensuse as wellDaan De Meyer2024-04-181-2/+18
| | | | | | This doesn't actually work because the opensuse spec doesn't allow adding extra build flags, but I'm working on fixing that, so let's already set things up for later.
* mkosi: Undefine FORTIFY_SOURCE before setting it againDaan De Meyer2024-04-182-2/+2
| | | | Otherwise we get warnings from gcc.
* mkosi: Install more packagesDaan De Meyer2024-04-183-16/+29
| | | | | Let's install everything we can to get more coverage and make sure all build outputs are available in mkosi containers or VMs.
* mkosi: Drop systemd-repart from package listsDaan De Meyer2024-04-181-1/+0
| | | | This is just a Provides for systemd-udev.
* mkosi: Drop workaroundsDaan De Meyer2024-04-171-1/+0
| | | | | With the latest Github Actions image release none of these should be required anymore (20240414.1.1).
* mkosi: Switch to O0 and disable FORTIFY_SOURCEDaan De Meyer2024-04-173-8/+10
| | | | | | -Og still causes a lot of "<optimized out>" in GDB so let's use -O0 instead and disable FORTIFY_SOURCE as it doesn't work without optimizations enabled.
* mkosi: Disable DWARF debug info optimizationDaan De Meyer2024-04-171-0/+1
| | | | | We care more about fast builds in this case so disable the DWARF debug optimization that's done by default.
* mkosi: Override build_cflags instead of _distro_extra_cflagsDaan De Meyer2024-04-171-1/+1
| | | | The latter is not supported on CentOS Stream 9.
* mkosi: Set up -ffile-prefix-map= correctly when building debuginfo packagesDaan De Meyer2024-04-171-3/+15
| | | | | | | | | | | | | | This makes sure that the debuginfo files contain source files pointing to the source files shipped by the debugsource package. Normally this should be done automatically by rpm invoking debugedit but for some unknown reason debugedit refuses to rewrite the source files in our binaries. Given that debugedit is completely undebugable (does not generate any logs at all, and its source code is ridiculously obtuse), let's set -ffile-prefix-map= when building instead which achieves the same effect.
* mkosi: Add support for building debug packagesDaan De Meyer2024-04-164-6/+46
| | | | | | This allows building debug packages by setting WITH_DEBUG=1. This slows down the build a lot so it's opt in. We don't yet install these but can do so in a future commit.
* mkosi: Add --noclean when running rpmbuildDaan De Meyer2024-04-162-0/+2
| | | | | | The entire build environment is ephemeral anyway so everything is cleaned regardless. By specifying --noclean, we make debugging easier as the rpm build root can be inspected when using --debug-shell.
* mkosi: Install which in imageDaan De Meyer2024-04-161-0/+1
| | | | | | | | gdb-headless in Fedora is missing a dependency on which: https://bugzilla.redhat.com/show_bug.cgi?id=2275274 This happens all the time so let's make sure which is always installed in the image.
* Update debugging with vscode sectionDaan De Meyer2024-04-162-3/+1
| | | | | | | - We have ssh-generator now, so need for mkosi's Ssh= option anymore. - By enabling RuntimeBuildSources= by default, we don't need the gdb config file in the image anymore, since the build and source directories will be mounted at the expected locations.
* mkosi: Use new volatile package settingsDaan De Meyer2024-04-147-58/+66
| | | | | | mkosi just learned to do natively what we currently do with environment variables and a postinst script, so let's update to the latest version and start using the new settings instead.
* mkosi; Fix permissions of mkosi.postinst scriptDaan De Meyer2024-04-091-0/+0
| | | | Must be executable.
* mkosi: Drop out-of-date commentDaan De Meyer2024-04-091-2/+0
|
* mkosi: Unify initrd post-install scriptsDaan De Meyer2024-04-099-30/+12
| | | | | | Just like we already have $SYSTEMD_PACKAGES for systemd packages to re-install in the main image, let's add $INITRD_PACKAGES for all systemd packages to re-install in the initrd.
* mkosi: Install openSUSE-release instead of distribution-releaseDaan De Meyer2024-04-091-1/+1
| | | | | | | | distribution-release is a virtual package that is by default satisfied by the openSUSE MicroOS-release package. Let's make sure we pull in the generic openSUSE-release package instead by installing patterns-base-minimal_base which has a Suggests dependency on openSUSE-release which makes sure it takes priority over the MicroOS one.
* mkosi: Make scripts more genericDaan De Meyer2024-04-0914-53/+71
| | | | | | | | | We might want to run the build scripts outside of mkosi as well at some point, e.g. to build an rpm after booting the image, so let's make them more generic by using /usr/lib/os-release to figure out which pkg specs we should use instead of $PKG_SUBDIR. To make ubuntu use the debian pkg spec, we add a symlink pkg/ubuntu which points to debian/ in the same directory.
* mkosi: Update pkg/arch to latest and install systemd-testsDaan De Meyer2024-04-091-1/+1
| | | | | The arch PKGBUILD now packages the tests when building for upstream so let's make sure we install the new package.
* mkosi: Fix environment variable in arch prepare scriptDaan De Meyer2024-04-081-1/+1
|
* Install build dependencies into final imageDaan De Meyer2024-04-086-67/+57
| | | | | | | | | | This allows us to build and install after booting without having to build a new image. Together with https://github.com/systemd/mkosi/pull/2601 and after enabling RuntimeBuildSources=yes, after booting, "meson install -C /work/build" can be used to do an incremental build and install. This won't build proper packages, but will be invaluable for having a quick compile, edit, test cycle without having to rebuild the image all the time.
* mkosi: Install dnf5 in Fedora imageDaan De Meyer2024-04-071-0/+1
|
* libkmod: turn into dlopen() dependencyLennart Poettering2024-04-041-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As it turns out libkmod has quite a bunch of deps, including various compressing libs and similar. By turning this into a dlopen() dependency, we can make our depchain during install time quite a bit smaller. In particular as inside of containers kmod doesn't help anyway as CAP_SYS_MODULE is not available anyway. While we are at it, also share the code that sets up logging/kmod context. After: $ lddtree ./build/systemd systemd => ./build/systemd (interpreter => /lib64/ld-linux-x86-64.so.2) libsystemd-core-255.so => ./build/src/core/libsystemd-core-255.so libaudit.so.1 => /lib64/libaudit.so.1 libcap-ng.so.0 => /lib64/libcap-ng.so.0 ld-linux-x86-64.so.2 => /lib64/ld-linux-x86-64.so.2 libm.so.6 => /lib64/libm.so.6 libmount.so.1 => /lib64/libmount.so.1 libblkid.so.1 => /lib64/libblkid.so.1 libseccomp.so.2 => /lib64/libseccomp.so.2 libselinux.so.1 => /lib64/libselinux.so.1 libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 libsystemd-shared-255.so => /home/lennart/projects/systemd/build/src/shared/libsystemd-shared-255.so libacl.so.1 => /lib64/libacl.so.1 libattr.so.1 => /lib64/libattr.so.1 libcap.so.2 => /lib64/libcap.so.2 libcrypt.so.2 => /lib64/libcrypt.so.2 libgcrypt.so.20 => /lib64/libgcrypt.so.20 libgpg-error.so.0 => /lib64/libgpg-error.so.0 liblz4.so.1 => /lib64/liblz4.so.1 libcrypto.so.3 => /lib64/libcrypto.so.3 libz.so.1 => /lib64/libz.so.1 libpam.so.0 => /lib64/libpam.so.0 libeconf.so.0 => /lib64/libeconf.so.0 liblzma.so.5 => /lib64/liblzma.so.5 libzstd.so.1 => /lib64/libzstd.so.1 libc.so.6 => /lib64/libc.so.6 Before: $ lddtree ./build/systemd systemd => ./build/systemd (interpreter => /lib64/ld-linux-x86-64.so.2) libsystemd-core-255.so => ./build/src/core/libsystemd-core-255.so libaudit.so.1 => /lib64/libaudit.so.1 libcap-ng.so.0 => /lib64/libcap-ng.so.0 ld-linux-x86-64.so.2 => /lib64/ld-linux-x86-64.so.2 libkmod.so.2 => /lib64/libkmod.so.2 libzstd.so.1 => /lib64/libzstd.so.1 liblzma.so.5 => /lib64/liblzma.so.5 libz.so.1 => /lib64/libz.so.1 libcrypto.so.3 => /lib64/libcrypto.so.3 libgcc_s.so.1 => /lib64/libgcc_s.so.1 libm.so.6 => /lib64/libm.so.6 libmount.so.1 => /lib64/libmount.so.1 libblkid.so.1 => /lib64/libblkid.so.1 libseccomp.so.2 => /lib64/libseccomp.so.2 libselinux.so.1 => /lib64/libselinux.so.1 libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 libsystemd-shared-255.so => /home/lennart/projects/systemd/build/src/shared/libsystemd-shared-255.so libacl.so.1 => /lib64/libacl.so.1 libattr.so.1 => /lib64/libattr.so.1 libcap.so.2 => /lib64/libcap.so.2 libcrypt.so.2 => /lib64/libcrypt.so.2 libgcrypt.so.20 => /lib64/libgcrypt.so.20 libgpg-error.so.0 => /lib64/libgpg-error.so.0 liblz4.so.1 => /lib64/liblz4.so.1 libpam.so.0 => /lib64/libpam.so.0 libeconf.so.0 => /lib64/libeconf.so.0 libc.so.6 => /lib64/libc.so.6
* mkosi: More package updatesDaan De Meyer2024-04-034-4/+7
| | | | | | | - Install individual asan libraries instead of gcc - Drop duplicate qrencode package from arch config - Install dbus-user-session which provides default-dbus-session-bus - Explicitly install dbus-broker on Arch Linux
* mkosi: Install selinux tools in main image instead of initramfsDaan De Meyer2024-04-031-2/+4
| | | | | | Also install setools-console and policycoreutils instead of setools which pulls in the kitchen sink. Also install selinux-policy-targeted to make sure the right policy is installed.
* mkosi: Install git-core where possibleDaan De Meyer2024-04-035-1/+4
| | | | This avoids pulling in the perl kitchen sink.
* mkosi: Use '-' instead of '.' to separate upstream version and debian revisionDaan De Meyer2024-04-021-1/+1
| | | | | | The debian revision starts after the '-' character, so make sure the timestamp we append is treated as the revision instead of being a part of the upstream version.
* mkosi: Switch to linux-virtual on UbuntuDaan De Meyer2024-03-291-3/+2
| | | | | This now finally has support for credentials and erofs so let's switch to this much smaller kernel package that doesn't pull in linux-firmware.
* mkosi: Copy built packages to output directoryDaan De Meyer2024-03-275-4/+15
| | | | | This allows the built packages to be inspected if needed, or installed on the host system for anyone who's daring enough to do so.
* mkosi: Specify --without docs if needed for fedora/centosDaan De Meyer2024-03-271-1/+2
|
* mkosi: Merge base and system imagesDaan De Meyer2024-03-2736-8/+942
| | | | | | | | | | The only reason to have these split up is to be able to build extension images that use the base image as a base tree and install extra packages. Until we have such a use case, let's merge the base and system images to simplify things a bit. We keep the mkosi.images/ directory to not cause too many conflicts with the integration tests PR.
* mkosi: Remove testuser from base/mkosi.postinst.chrootRichard Maw2024-03-252-0/+2
| | | | | | The testuser user is only needed for integration tests, which are used in the system user and this config can be provided as drop-ins instead of inline in postinst scripts.
* Build distribution packages in mkosiDaan De Meyer2024-03-0721-389/+6
| | | | | | | | | | | | | | | | | | | | | | | | Instead of running meson install and hoping for the best, let's build distribution packages from the downstream packaging specs. This gets us the following: - Vastly simplified mkosi scripts since we don't need a separate initrd image anymore but can just reuse the default mkosi initrd. - Almost everything can move to the base image as its not the basis anymore for the initrd and as such we don't need to care about the size anymore. - The systemd packages that get pulled in as dependencies of other packages get properly uninstalled and replaced with our packages that we built instead of just installing on top of an existing systemd installation with no guarantee that everything from that previous installation was removed. - Much better testing coverage as what we're testing is much closer to what will actually be deployed in distributions. - Immediate feedback if something we change breaks distribution packaging - We get integration with the distribution for free as we'll automatically use the proper directories and such instead of having to hack this into a mkosi build script. - ...
* mkosi: Use specifier to refer to the output directoryDaan De Meyer2024-03-052-3/+3
| | | | Otherwise the output directory cannot be configured by users.
* Revert "mkosi: Don't fail on systemd-vconsole-setup.service failure for now"Frantisek Sumsal2024-03-051-3/+0
| | | | | | This doesn't seem to fail anymore. This reverts commit 84c7929cd461f6f1cc2c44c69877b9fd0676c794.
* Revert "mkosi: Disable cmdline addon test for now"Frantisek Sumsal2024-03-051-3/+6
| | | | | | Let's see if this finally works. This reverts commit e167a8283d5964ca0f903b3e362ab7e48a1ed2ab.
* mkosi: fix UKI addons testFrantisek Sumsal2024-03-055-1/+14
| | | | | | | The test hasn't been working for a while, since there's no /efi or /boot in $DESTDIR. Resolves: #31618
* Install pacman in Arch Linux imageDaan De Meyer2024-02-091-0/+1
| | | | | We install apt and dnf in the other images as well, so lets be consistent and install pacman in the Arch image as well.
* mkosi: Use authselect local profile if it existsDaan De Meyer2024-01-221-2/+10
| | | | | | authselect 1.5.0 removed the "minimal" profile and added the "local" profile instead. Let's modify our post-installation script to take these changes into account.
* mkosi: Build a directory image by defaultDaan De Meyer2024-01-121-0/+3
| | | | | | | | | | | | | | | | | | | Both building and booting a directory image is much faster than building or booting a disk image so let's default to a directory image. In CI, we stick to a disk image to make sure that keeps working as well. The only extra dependency this introduces is virtiofsd which is packaged in all distributions except Debian stable. For users hacking on systemd on Debian stable, a disk image can be built by writing the following to mkosi.local.conf: ``` [Output] Format=disk ```
* mkosi: also add ssh client, to make it easier to test ssh logins via ↵Lennart Poettering2024-01-113-0/+3
| | | | AF_UNIX/AF_VSOCK
* mkosi: Update to latestDaan De Meyer2024-01-091-0/+3
| | | | | | | The mkosi github action doesn't set up the host machine for building full images anymore. Instead, only sufficient packages are installed to be able to build tools trees so we configure a fedora tools tree to build the actual images.
* Revert "mkosi: pin CentOS8 kernel to working version"Frantisek Sumsal2023-12-195-19/+5
| | | | | | | A fixed kernel finally landed on mirrors, so let's revert the C8S kernel pin. This reverts commit a64398b2ca1cdaee291550face0d1ce5f8ea52f6.
* mkosi: Install locales in fedoraRichard Maw2023-12-141-0/+1
| | | | | | | | locale files are not generated on-demand in Fedora like they are in Debian-like systems and are typically installed from package instead. This is necessary for the locale tests, which expect en_US.UTF-8 to be available.
* mkosi: Add testuser and tar to system imageRichard Maw2023-12-132-0/+10
| | | | | | | The integration tests are installed into the image with the intention that it should be possible to run those tests, but those tests require the named user testuser and tar is needed for machined-import
* mkosi: Copy /boot into the ESP as wellDaan De Meyer2023-12-101-0/+1
| | | | | Newer mkosi will start installing UKIs to /boot so prepare for that by making sure we also copy /boot into the ESP.