summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.github/workflows/mkosi.yml2
-rwxr-xr-xmkosi.build89
-rw-r--r--mkosi.default.d/10-systemd.conf40
-rw-r--r--mkosi.default.d/arch/10-mkosi.arch75
-rw-r--r--mkosi.default.d/centos_epel/10-mkosi.centos_epel76
-rw-r--r--mkosi.default.d/debian/10-mkosi.debian73
-rw-r--r--mkosi.default.d/fedora/10-mkosi.fedora75
-rw-r--r--mkosi.default.d/opensuse/10-mkosi.opensuse85
-rw-r--r--mkosi.default.d/ubuntu/10-mkosi.ubuntu77
-rwxr-xr-xmkosi.postinst3
10 files changed, 305 insertions, 290 deletions
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml
index fa0a22a577..c2c12f3393 100644
--- a/.github/workflows/mkosi.yml
+++ b/.github/workflows/mkosi.yml
@@ -45,8 +45,6 @@ jobs:
- distro: opensuse
release: tumbleweed
- distro: centos_epel
- release: 8-stream
- - distro: centos_epel
release: 9-stream
steps:
diff --git a/mkosi.build b/mkosi.build
index 210811e768..76a813bf0a 100755
--- a/mkosi.build
+++ b/mkosi.build
@@ -47,6 +47,15 @@ if [ "$(locale charmap 2>/dev/null)" != "UTF-8" ] ; then
fi
fi
+# The bpftool script shipped by Ubuntu tries to find the actual program to run via querying `uname -r` and
+# using the current kernel version. This obviously doesn't work in containers. As a workaround, we override
+# the ubuntu script with a symlink to the first bpftool program we can find.
+for bpftool in /usr/lib/linux-tools/*/bpftool; do
+ [ -x "$bpftool" ] || continue
+ ln -sf "$bpftool" /usr/sbin/bpftool
+ break
+done
+
if [ ! -f "$BUILDDIR"/build.ninja ] ; then
sysvinit_path=$(realpath /etc/init.d)
@@ -66,7 +75,81 @@ if [ ! -f "$BUILDDIR"/build.ninja ] ; then
-D version-tag="${VERSION_TAG}" \
-D mode=developer \
-D b_sanitize="${SANITIZERS:-none}" \
- -D install-tests=true
+ -D install-tests=true \
+ -D tests=unsafe \
+ -D slow-tests=true \
+ -D utmp=true \
+ -D hibernate=true \
+ -D ldconfig=true \
+ -D resolve=true \
+ -D efi=true \
+ -D tpm=true \
+ -D environment-d=true \
+ -D binfmt=true \
+ -D repart=true \
+ -D sysupdate=true \
+ -D coredump=true \
+ -D pstore=true \
+ -D oomd=true \
+ -D logind=true \
+ -D hostnamed=true \
+ -D localed=true \
+ -D machined=true \
+ -D portabled=true \
+ -D sysext=true \
+ -D userdb=true \
+ -D homed=true \
+ -D networkd=true \
+ -D timedated=true \
+ -D timesyncd=true \
+ -D remote=true \
+ -D nss-myhostname=true \
+ -D nss-mymachines=true \
+ -D nss-resolve=true \
+ -D nss-systemd=true \
+ -D firstboot=true \
+ -D randomseed=true \
+ -D backlight=true \
+ -D vconsole=true \
+ -D quotacheck=true \
+ -D sysusers=true \
+ -D tmpfiles=true \
+ -D importd=true \
+ -D hwdb=true \
+ -D rfkill=true \
+ -D xdg-autostart=true \
+ -D translations=true \
+ -D polkit=true \
+ -D acl=true \
+ -D audit=true \
+ -D blkid=true \
+ -D fdisk=true \
+ -D kmod=true \
+ -D pam=true \
+ -D pwquality=true \
+ -D microhttpd=true \
+ -D libcryptsetup=true \
+ -D libcurl=true \
+ -D idn=true \
+ -D libidn2=true \
+ -D qrencode=true \
+ -D gcrypt=true \
+ -D gnutls=true \
+ -D openssl=true \
+ -D cryptolib=openssl \
+ -D p11kit=true \
+ -D libfido2=true \
+ -D tpm2=true \
+ -D elfutils=true \
+ -D zstd=true \
+ -D xkbcommon=true \
+ -D pcre2=true \
+ -D glib=true \
+ -D dbus=true \
+ -D gnu-efi=true \
+ -D kernel-install=true \
+ -D analyze=true \
+ -D bpf-framework=true
fi
cd "$BUILDDIR"
@@ -172,3 +255,7 @@ TTYVHangup=no
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
EOF
fi
+
+# Make sure services aren't enabled by default on Debian/Ubuntu.
+mkdir -p "$DESTDIR/etc/systemd/system-preset"
+echo "disable *" > "$DESTDIR/etc/systemd/system-preset/99-mkosi.preset"
diff --git a/mkosi.default.d/10-systemd.conf b/mkosi.default.d/10-systemd.conf
index 8efd1e97fa..1c69dc46e0 100644
--- a/mkosi.default.d/10-systemd.conf
+++ b/mkosi.default.d/10-systemd.conf
@@ -14,6 +14,46 @@ OutputDirectory=mkosi.output
BuildDirectory=mkosi.builddir
Cache=mkosi.cache
SourceFileTransferFinal=copy-git-others
+Packages=
+ acl
+ bash-completion
+ coreutils
+ diffutils
+ dnsmasq
+ findutils
+ gcc # For sanitizer libraries
+ gdb
+ grep
+ kbd
+ kexec-tools
+ kmod
+ less
+ nano
+ nftables
+ openssl
+ python3
+ qrencode
+ sed
+ strace
+ tree
+ util-linux
+ valgrind
+ wireguard-tools
+ zsh
+
+BuildPackages=
+ clang
+ gcc
+ gettext
+ git
+ gnu-efi
+ gperf
+ llvm
+ meson
+ pkgconf
+ rpm
+ rsync
+ zstd
[Host]
QemuHeadless=yes
diff --git a/mkosi.default.d/arch/10-mkosi.arch b/mkosi.default.d/arch/10-mkosi.arch
index 12f46c71c7..bd54b08c54 100644
--- a/mkosi.default.d/arch/10-mkosi.arch
+++ b/mkosi.default.d/arch/10-mkosi.arch
@@ -9,65 +9,28 @@
Distribution=arch
[Content]
-BuildPackages=
- acl
- bzip2
- clang
- cryptsetup
- curl
- dbus
- diffutils
- docbook-xsl
- elfutils
- gcc
- git
- gnu-efi-libs
+Packages=
+ compsize
+ dhcp
gnutls
- gperf
- inetutils
- iptables
- kmod
+ iproute
libbpf
- libcap
- libgcrypt
- libidn2
+ libfido2
libmicrohttpd
- libseccomp
- libutil-linux
+ libpwquality
libxkbcommon
- libxslt
- llvm
- lz4
- meson
- pam
- pkgconfig
- python
- python-lxml
- python-jinja
- qrencode
- rsync
- xz
- zstd
-
-Packages=
- gdb
- libbpf
- libidn2
- nano
- qrencode
- strace
- # For testing "systemd-analyze verify".
man-db
- # For testing systemd's bash completion scripts.
- bash-completion
- # For testing systemd's zsh completion scripts
- # Run `autoload -Uz compinit; compinit` from a zsh shell in the booted image to enable completions.
- zsh
- # xxd is provided by the vim package
+ openbsd-netcat
+ polkit
+ quota-tools
+ tpm2-tss
vim
- # Required to run systemd-networkd-tests.py
- python
- iproute
- dnsmasq
- wireguard-tools
- dhcp
+
+BuildPackages=
+ bpf
+ docbook-xsl
+ libxslt
+ linux-api-headers
+ perl
+ python-jinja
+ python-lxml
diff --git a/mkosi.default.d/centos_epel/10-mkosi.centos_epel b/mkosi.default.d/centos_epel/10-mkosi.centos_epel
index 5e726d4aef..482b5935ce 100644
--- a/mkosi.default.d/centos_epel/10-mkosi.centos_epel
+++ b/mkosi.default.d/centos_epel/10-mkosi.centos_epel
@@ -11,39 +11,54 @@ Format=gpt_xfs
HostonlyInitrd=no
[Content]
-BuildPackages=
- diffutils
- docbook-style-xsl
- findutils
- gcc
- gettext
- git
+Packages=
+ audit
+ cryptsetup
+ dhcp-server
+ glib2
glibc-minimal-langpack
- gnu-efi
+ gnutls
+ iproute
+ iproute-tc
+ kernel-modules-extra
+ libbpf
+ libfido2
+ libmicrohttpd
+ libxcrypt
+ libxkbcommon
+ netcat
+ p11-kit
+ pam
+ polkit
+ procps-ng
+ quota
+ tpm2-tss
+ vim-common
+
+BuildPackages=
+ bpftool
+ docbook-xsl
gnu-efi-devel
- gperf
- lz4
- meson
- ninja-build
+ libgcrypt-devel # CentOS Stream 8 libgcrypt-devel doesn't ship a pkg-config file.
+ libxslt
pam-devel
- # CentOS Stream 8 libgcrypt-devel doesn't ship a pkg-config file.
- libgcrypt-devel
- pkgconfig
+ perl-interpreter
pkgconfig(audit)
pkgconfig(blkid)
pkgconfig(bzip2)
pkgconfig(dbus-1)
pkgconfig(fdisk)
+ pkgconfig(glib-2.0)
pkgconfig(gnutls)
pkgconfig(libacl)
+ pkgconfig(libbpf)
pkgconfig(libcap)
pkgconfig(libcryptsetup)
pkgconfig(libcurl)
pkgconfig(libdw)
+ pkgconfig(libfido2)
pkgconfig(libidn2)
pkgconfig(libkmod)
- pkgconfig(liblz4)
- pkgconfig(liblzma)
pkgconfig(libmicrohttpd)
pkgconfig(libpcre2-8)
pkgconfig(libqrencode)
@@ -61,30 +76,3 @@ BuildPackages=
pkgconfig(xkbcommon)
python3dist(jinja2)
python3dist(lxml)
- rpm
- tree
- zstd
- /usr/bin/xsltproc
-
-Packages=
- gdb
- nano
- # procps-ng provides a set of useful utilities (ps, free, etc)
- procps-ng
- strace
- tpm2-tss
- less
- netcat
- e2fsprogs
- # xxd is provided by the vim-common package
- vim-common
- libasan
- libubsan
- # Required to run systemd-networkd-tests.py
- python3
- iproute
- iproute-tc
- dnsmasq
- wireguard-tools
- dhcp-server
- kernel-modules-extra
diff --git a/mkosi.default.d/debian/10-mkosi.debian b/mkosi.default.d/debian/10-mkosi.debian
index 2488eeb557..2b712d6778 100644
--- a/mkosi.default.d/debian/10-mkosi.debian
+++ b/mkosi.default.d/debian/10-mkosi.debian
@@ -8,17 +8,31 @@ Distribution=debian
Release=testing
[Content]
+Packages=
+ cryptsetup-bin
+ iproute2
+ isc-dhcp-server
+ libbpf0
+ libfido2-1
+ libglib2.0-0
+ libgnutls30
+ libidn2-0
+ libmicrohttpd12
+ libp11-kit0
+ libpam0g
+ libpwquality1
+ libqrencode4
+ libtss2-dev # Use the -dev package to avoid churn in updating version numbers
+ netcat-openbsd
+ policykit-1
+ procps
+ quota
+ xxd
+
BuildPackages=
- acl
- clang
- docbook-xml
+ bpftool
docbook-xsl
- gcc
g++
- gettext
- git
- gnu-efi
- gperf
libacl1-dev
libaudit-dev
libblkid-dev
@@ -26,59 +40,28 @@ BuildPackages=
libbz2-dev
libcap-dev
libcryptsetup-dev
- libcurl4-gnutls-dev
+ libcurl4-openssl-dev
libdbus-1-dev
libdw-dev
libfdisk-dev
libfido2-dev
libgcrypt20-dev
+ libglib2.0-dev
libgnutls28-dev
- libidn2-0-dev
+ libidn2-dev
libiptc-dev
libkmod-dev
- liblz4-dev
- liblz4-tool
- liblzma-dev
libmicrohttpd-dev
libmount-dev
+ libp11-kit-dev
libpam0g-dev
+ libpwquality-dev
libqrencode-dev
libseccomp-dev
libsmartcols-dev
libssl-dev
- libtss2-dev
libxkbcommon-dev
libzstd-dev
- llvm
- meson
- pkg-config
- python3
- python3-lxml
python3-jinja2
- tree
- uuid-dev
+ python3-lxml
xsltproc
- xz-utils
- zstd
-
-Packages=
- gdb
- libbpf0
- libfdisk1
- libfido2-1
- libidn2-0
- libqrencode4
- # We pull in the -dev package here, since the binary ones appear to change names too often, and the -dev package pulls the right deps in automatically
- libtss2-dev
- locales
- nano
- strace
- xxd
- # Provides libasan/libubsan
- gcc
- # Required to run systemd-networkd-tests.py
- python3
- iproute2
- dnsmasq-base
- wireguard-tools
- isc-dhcp-server
diff --git a/mkosi.default.d/fedora/10-mkosi.fedora b/mkosi.default.d/fedora/10-mkosi.fedora
index c1d8a57557..9561117789 100644
--- a/mkosi.default.d/fedora/10-mkosi.fedora
+++ b/mkosi.default.d/fedora/10-mkosi.fedora
@@ -8,29 +8,42 @@ Distribution=fedora
Release=36
[Content]
-BuildPackages=
- diffutils
- docbook-style-xsl
- findutils
- gcc
- gettext
- git
+Packages=
+ compsize
+ cryptsetup
+ dhcp-server
+ glib2
glibc-minimal-langpack
- gnu-efi
+ gnutls
+ iproute
+ iproute-tc
+ kernel-modules-extra
+ libbpf
+ libfido2
+ libmicrohttpd
+ libxcrypt
+ libxkbcommon
+ netcat
+ pam
+ polkit
+ procps-ng
+ quota
+ tpm2-tss
+ vim-common
+
+BuildPackages=
+ bpftool
+ docbook-xsl
gnu-efi-devel
- gperf
- lz4
- meson
- ninja-build
pam-devel
- pkgconfig
+ pkgconfig # pkgconf shim to provide /usr/bin/pkg-config
pkgconfig(audit)
pkgconfig(blkid)
- pkgconfig(bzip2)
pkgconfig(dbus-1)
pkgconfig(fdisk)
- pkgconfig(gnutls)
+ pkgconfig(glib-2.0)
pkgconfig(libacl)
+ pkgconfig(libbpf)
pkgconfig(libcap)
pkgconfig(libcryptsetup)
pkgconfig(libcurl)
@@ -39,8 +52,6 @@ BuildPackages=
pkgconfig(libgcrypt)
pkgconfig(libidn2)
pkgconfig(libkmod)
- pkgconfig(liblz4)
- pkgconfig(liblzma)
pkgconfig(libmicrohttpd)
pkgconfig(libpcre2-8)
pkgconfig(libqrencode)
@@ -58,33 +69,3 @@ BuildPackages=
pkgconfig(xkbcommon)
python3dist(jinja2)
python3dist(lxml)
- rpm
- tree
- zstd
- /usr/bin/xsltproc
-
-Packages=
- acl
- gdb
- nano
- # procps-ng provides a set of useful utilities (ps, free, etc)
- procps-ng
- strace
- tpm2-tss
- less
- netcat
- e2fsprogs
- compsize
- # xxd is provided by the vim-common package
- vim-common
- # Sanitizers
- libasan
- libubsan
- # Required to run systemd-networkd-tests.py
- python
- iproute
- iproute-tc
- dnsmasq
- wireguard-tools
- dhcp-server
- kernel-modules-extra
diff --git a/mkosi.default.d/opensuse/10-mkosi.opensuse b/mkosi.default.d/opensuse/10-mkosi.opensuse
index 16fdecdede..8dbb1dc50f 100644
--- a/mkosi.default.d/opensuse/10-mkosi.opensuse
+++ b/mkosi.default.d/opensuse/10-mkosi.opensuse
@@ -8,72 +8,59 @@ Distribution=opensuse
Release=tumbleweed
[Content]
+Packages=
+ dbus-1
+ glibc-locale-base
+ libbpf0
+ libcrypt1
+ libcryptsetup12
+ libdw1
+ libelf1
+ libfido2
+ libgcrypt20
+ libglib-2_0-0
+ libkmod2
+ liblz4-1
+ libmount1
+ libp11-kit0
+ libqrencode4
+ libseccomp2
+ libxkbcommon0
+ pam
+ tpm2-0-tss
+ vim
+
BuildPackages=
+ audit-devel
+ bpftool
+ dbus-1-devel
docbook-xsl-stylesheets
- fdupes
- gcc
- gnu-efi
- gperf
- intltool
+ glib2-devel
+ glibc-locale
libacl-devel
- libapparmor-devel
libblkid-devel
- libbz2-devel
+ libbpf-devel
libcap-devel
libcryptsetup-devel
libcurl-devel
+ libdw-devel
+ libelf-devel
+ libfdisk-devel
+ libfido2-devel
libgcrypt-devel
libgnutls-devel
libkmod-devel
- liblz4-devel
libmicrohttpd-devel
libmount-devel
+ libpwquality-devel
libseccomp-devel
libselinux-devel
+ libxkbcommon-devel
libxslt-tools
- meson
+ openssl-devel
pam-devel
- pciutils-devel
pcre-devel
- python3
python3-Jinja2
python3-lxml
qrencode-devel
- shadow
- system-user-nobody
- systemd-sysvinit
- zlib-devel
-# to satisfy tests
- acl
- diffutils
- glibc-locale
- system-group-obsolete
- system-user-bin
- system-user-daemon
- system-user-root
- timezone
-
-Packages=
- gdb
- # brought in via meson->python3
- libp11-kit0
- # --bootable=no
- dbus-1
- libapparmor1
- libcrypt1
- libcryptsetup12
- libgcrypt20
- libgnutls30
- libkmod2
- liblz4-1
- libmount1
- libqrencode4
- libseccomp2
- pam
- nano
- strace
- util-linux
- # xxd is provided by the vim package
- vim
- # Provides libasan/libubsan
- gcc
+ tpm2-0-tss-devel
diff --git a/mkosi.default.d/ubuntu/10-mkosi.ubuntu b/mkosi.default.d/ubuntu/10-mkosi.ubuntu
index 2d73746f3f..60e1bcfa66 100644
--- a/mkosi.default.d/ubuntu/10-mkosi.ubuntu
+++ b/mkosi.default.d/ubuntu/10-mkosi.ubuntu
@@ -9,75 +9,60 @@ Release=jammy
Repositories=main,universe
[Content]
+Packages=
+ cryptsetup-bin
+ iproute2
+ isc-dhcp-server
+ libbpf0
+ libfdisk1
+ libfido2-1
+ libglib2.0-0
+ libidn2-0
+ libmicrohttpd12
+ libp11-kit0
+ libpwquality1
+ libqrencode4
+ libtss2-dev # Use the -dev package to avoid churn in updating version numbers
+ linux-tools-common
+ linux-tools-generic
+ netcat-openbsd
+ policykit-1
+ procps
+ quota
+ xxd
+
BuildPackages=
- acl
- docbook-xml
docbook-xsl
- gcc
- gettext
- git
- gnu-efi
- gperf
+ g++
libacl1-dev
libaudit-dev
libblkid-dev
+ libbpf-dev
libbz2-dev
libcap-dev
libcryptsetup-dev
- libcurl4-gnutls-dev
+ libcurl4-openssl-dev
libdbus-1-dev
libdw-dev
libfdisk-dev
libfido2-dev
libgcrypt20-dev
+ libglib2.0-dev
libgnutls28-dev
- libidn2-0-dev
- libip4tc-dev
- libip6tc-dev
+ libidn2-dev
+ libiptc-dev
libkmod-dev
- liblz4-dev
- liblz4-tool
- liblzma-dev
libmicrohttpd-dev
libmount-dev
+ libp11-kit-dev
libpam0g-dev
+ libpwquality-dev
libqrencode-dev
libseccomp-dev
libsmartcols-dev
libssl-dev
- libtss2-dev
libxkbcommon-dev
- libxtables-dev
libzstd-dev
- meson
- pkg-config
- python3
- python3-lxml
python3-jinja2
- tree
- tzdata
- uuid-dev
+ python3-lxml
xsltproc
- xz-utils
- zstd
-
-Packages=
- gdb
- libfido2-1
- libidn2-0
- libqrencode4
- # We pull in the -dev package here, since the binary ones appear to change names too often, and the -dev package pulls the right deps in automatically
- libtss2-dev
- libfdisk1
- locales
- nano
- strace
- xxd
- # Provides libasan/libubsan
- gcc
- # Required to run systemd-networkd-tests.py
- python3
- iproute2
- dnsmasq-base
- wireguard-tools
- isc-dhcp-server
diff --git a/mkosi.postinst b/mkosi.postinst
index 1c24b4f51a..fb59d31115 100755
--- a/mkosi.postinst
+++ b/mkosi.postinst
@@ -18,6 +18,9 @@ EOF
# `systemd-hwdb update` takes > 50s when built with sanitizers so let's not run it by default.
systemctl mask systemd-hwdb-update.service
fi
+
+ # Make sure dnsmasq.service doesn't start on boot on Debian/Ubuntu.
+ rm -f /etc/systemd/system/multi-user.target.wants/dnsmasq.service
fi
# Temporary workaround until https://github.com/openSUSE/suse-module-tools/commit/158643414ddb8d8208016a5f03a4484d58944d7a
View Lorry Controller Status