From 37d35150cbb5db063aaa8e5878ec03258414b0e5 Mon Sep 17 00:00:00 2001 From: Daan De Meyer Date: Mon, 22 Aug 2022 13:21:07 +0200 Subject: mkosi: Ensure we build all features/components in mkosi Explicitly enable all features/components in the mkosi build to ensure they all get built and we get an error if they can't be built. We also rework the packages sections of all mkosi configs to reduce duplication and cover all the dependencies necessary to build/use all systemd features. Note that for the final image, since systemd is installed by default in base images, we rely on that to install the base library dependencies and we only list extra optional dependencies and tools that aren't already installed by default into the base image. We also drop the centos stream 8 mkosi build as dependencies on that distro are too out-of-date to be able to build all systemd features. Since centos stream 9 has been out for a while, let's focus on that and leave it to downstream to keep systemd building on centos stream 8. Finally, there's a few additions to the mkosi scripts to make sure services don't start by default on boot. --- mkosi.build | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 88 insertions(+), 1 deletion(-) (limited to 'mkosi.build') diff --git a/mkosi.build b/mkosi.build index 210811e768..76a813bf0a 100755 --- a/mkosi.build +++ b/mkosi.build @@ -47,6 +47,15 @@ if [ "$(locale charmap 2>/dev/null)" != "UTF-8" ] ; then fi fi +# The bpftool script shipped by Ubuntu tries to find the actual program to run via querying `uname -r` and +# using the current kernel version. This obviously doesn't work in containers. As a workaround, we override +# the ubuntu script with a symlink to the first bpftool program we can find. +for bpftool in /usr/lib/linux-tools/*/bpftool; do + [ -x "$bpftool" ] || continue + ln -sf "$bpftool" /usr/sbin/bpftool + break +done + if [ ! -f "$BUILDDIR"/build.ninja ] ; then sysvinit_path=$(realpath /etc/init.d) @@ -66,7 +75,81 @@ if [ ! -f "$BUILDDIR"/build.ninja ] ; then -D version-tag="${VERSION_TAG}" \ -D mode=developer \ -D b_sanitize="${SANITIZERS:-none}" \ - -D install-tests=true + -D install-tests=true \ + -D tests=unsafe \ + -D slow-tests=true \ + -D utmp=true \ + -D hibernate=true \ + -D ldconfig=true \ + -D resolve=true \ + -D efi=true \ + -D tpm=true \ + -D environment-d=true \ + -D binfmt=true \ + -D repart=true \ + -D sysupdate=true \ + -D coredump=true \ + -D pstore=true \ + -D oomd=true \ + -D logind=true \ + -D hostnamed=true \ + -D localed=true \ + -D machined=true \ + -D portabled=true \ + -D sysext=true \ + -D userdb=true \ + -D homed=true \ + -D networkd=true \ + -D timedated=true \ + -D timesyncd=true \ + -D remote=true \ + -D nss-myhostname=true \ + -D nss-mymachines=true \ + -D nss-resolve=true \ + -D nss-systemd=true \ + -D firstboot=true \ + -D randomseed=true \ + -D backlight=true \ + -D vconsole=true \ + -D quotacheck=true \ + -D sysusers=true \ + -D tmpfiles=true \ + -D importd=true \ + -D hwdb=true \ + -D rfkill=true \ + -D xdg-autostart=true \ + -D translations=true \ + -D polkit=true \ + -D acl=true \ + -D audit=true \ + -D blkid=true \ + -D fdisk=true \ + -D kmod=true \ + -D pam=true \ + -D pwquality=true \ + -D microhttpd=true \ + -D libcryptsetup=true \ + -D libcurl=true \ + -D idn=true \ + -D libidn2=true \ + -D qrencode=true \ + -D gcrypt=true \ + -D gnutls=true \ + -D openssl=true \ + -D cryptolib=openssl \ + -D p11kit=true \ + -D libfido2=true \ + -D tpm2=true \ + -D elfutils=true \ + -D zstd=true \ + -D xkbcommon=true \ + -D pcre2=true \ + -D glib=true \ + -D dbus=true \ + -D gnu-efi=true \ + -D kernel-install=true \ + -D analyze=true \ + -D bpf-framework=true fi cd "$BUILDDIR" @@ -172,3 +255,7 @@ TTYVHangup=no CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG EOF fi + +# Make sure services aren't enabled by default on Debian/Ubuntu. +mkdir -p "$DESTDIR/etc/systemd/system-preset" +echo "disable *" > "$DESTDIR/etc/systemd/system-preset/99-mkosi.preset" -- cgit v1.2.1