system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-10-06 16:21:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

mkosi: Ensure we build all features/components in mkosi

Browse source 
Explicitly enable all features/components in the mkosi build to
ensure they all get built and we get an error if they can't be built.

We also rework the packages sections of all mkosi configs to reduce
duplication and cover all the dependencies necessary to build/use all
systemd features.

Note that for the final image, since systemd is installed by default
in base images, we rely on that to install the base library dependencies
and we only list extra optional dependencies and tools that aren't already
installed by default into the base image.

We also drop the centos stream 8 mkosi build as dependencies on that
distro are too out-of-date to be able to build all systemd features.
Since centos stream 9 has been out for a while, let's focus on that
and leave it to downstream to keep systemd building on centos stream 8.

Finally, there's a few additions to the mkosi scripts to make sure
services don't start by default on boot.
This commit is contained in:
Daan De Meyer 2022-08-22 13:21:07 +02:00
parent 0f74ca8668
commit 37d35150cb
10 changed files with 317 additions and 302 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/mkosi.yml vendored
View file

@ -44,8 +44,6 @@ jobs:
release: rawhide
- distro: opensuse
release: tumbleweed
- distro: centos_epel
release: 8-stream
- distro: centos_epel
release: 9-stream

89
mkosi.build
View file

@ -47,6 +47,15 @@ if [ "$(locale charmap 2>/dev/null)" != "UTF-8" ] ; then
fi
fi
# The bpftool script shipped by Ubuntu tries to find the actual program to run via querying `uname -r` and
# using the current kernel version. This obviously doesn't work in containers. As a workaround, we override
# the ubuntu script with a symlink to the first bpftool program we can find.
for bpftool in /usr/lib/linux-tools/*/bpftool; do
[ -x "$bpftool" ] || continue
ln -sf "$bpftool" /usr/sbin/bpftool
break
done
if [ ! -f "$BUILDDIR"/build.ninja ] ; then
sysvinit_path=$(realpath /etc/init.d)
@ -66,7 +75,81 @@ if [ ! -f "$BUILDDIR"/build.ninja ] ; then
-D version-tag="${VERSION_TAG}" \
-D mode=developer \
-D b_sanitize="${SANITIZERS:-none}" \
-D install-tests=true
-D install-tests=true \
-D tests=unsafe \
-D slow-tests=true \
-D utmp=true \
-D hibernate=true \
-D ldconfig=true \
-D resolve=true \
-D efi=true \
-D tpm=true \
-D environment-d=true \
-D binfmt=true \
-D repart=true \
-D sysupdate=true \
-D coredump=true \
-D pstore=true \
-D oomd=true \
-D logind=true \
-D hostnamed=true \
-D localed=true \
-D machined=true \
-D portabled=true \
-D sysext=true \
-D userdb=true \
-D homed=true \
-D networkd=true \
-D timedated=true \
-D timesyncd=true \
-D remote=true \
-D nss-myhostname=true \
-D nss-mymachines=true \
-D nss-resolve=true \
-D nss-systemd=true \
-D firstboot=true \
-D randomseed=true \
-D backlight=true \
-D vconsole=true \
-D quotacheck=true \
-D sysusers=true \
-D tmpfiles=true \
-D importd=true \
-D hwdb=true \
-D rfkill=true \
-D xdg-autostart=true \
-D translations=true \
-D polkit=true \
-D acl=true \
-D audit=true \
-D blkid=true \
-D fdisk=true \
-D kmod=true \
-D pam=true \
-D pwquality=true \
-D microhttpd=true \
-D libcryptsetup=true \
-D libcurl=true \
-D idn=true \
-D libidn2=true \
-D qrencode=true \
-D gcrypt=true \
-D gnutls=true \
-D openssl=true \
-D cryptolib=openssl \
-D p11kit=true \
-D libfido2=true \
-D tpm2=true \
-D elfutils=true \
-D zstd=true \
-D xkbcommon=true \
-D pcre2=true \
-D glib=true \
-D dbus=true \
-D gnu-efi=true \
-D kernel-install=true \
-D analyze=true \
-D bpf-framework=true
fi
cd "$BUILDDIR"
@ -172,3 +255,7 @@ TTYVHangup=no
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
EOF
fi
# Make sure services aren't enabled by default on Debian/Ubuntu.
mkdir -p "$DESTDIR/etc/systemd/system-preset"
echo "disable *" > "$DESTDIR/etc/systemd/system-preset/99-mkosi.preset"

40
mkosi.default.d/10-systemd.conf
View file

@ -14,6 +14,46 @@ OutputDirectory=mkosi.output
BuildDirectory=mkosi.builddir
Cache=mkosi.cache
SourceFileTransferFinal=copy-git-others
Packages=
acl
bash-completion
coreutils
diffutils
dnsmasq
findutils
gcc # For sanitizer libraries
gdb
grep
kbd
kexec-tools
kmod
less
nano
nftables
openssl
python3
qrencode
sed
strace
tree
util-linux
valgrind
wireguard-tools
zsh
BuildPackages=
clang
gcc
gettext
git
gnu-efi
gperf
llvm
meson
pkgconf
rpm
rsync
zstd
[Host]
QemuHeadless=yes

83
mkosi.default.d/arch/10-mkosi.arch
View file

@ -9,65 +9,28 @@
Distribution=arch
[Content]
BuildPackages=
acl
bzip2
clang
cryptsetup
curl
dbus
diffutils
docbook-xsl
elfutils
gcc
git
gnu-efi-libs
gnutls
gperf
inetutils
iptables
kmod
libbpf
libcap
libgcrypt
libidn2
libmicrohttpd
libseccomp
libutil-linux
libxkbcommon
libxslt
llvm
lz4
meson
pam
pkgconfig
python
python-lxml
python-jinja
qrencode
rsync
xz
zstd
Packages=
gdb
libbpf
libidn2
nano
qrencode
strace
# For testing "systemd-analyze verify".
man-db
# For testing systemd's bash completion scripts.
bash-completion
# For testing systemd's zsh completion scripts
# Run `autoload -Uz compinit; compinit` from a zsh shell in the booted image to enable completions.
zsh
# xxd is provided by the vim package
vim
# Required to run systemd-networkd-tests.py
python
iproute
dnsmasq
wireguard-tools
compsize
dhcp
gnutls
iproute
libbpf
libfido2
libmicrohttpd
libpwquality
libxkbcommon
man-db
openbsd-netcat
polkit
quota-tools
tpm2-tss
vim
BuildPackages=
bpf
docbook-xsl
libxslt
linux-api-headers
perl
python-jinja
python-lxml

76
mkosi.default.d/centos_epel/10-mkosi.centos_epel
View file

@ -11,39 +11,54 @@ Format=gpt_xfs
HostonlyInitrd=no
[Content]
BuildPackages=
diffutils
docbook-style-xsl
findutils
gcc
gettext
git
Packages=
audit
cryptsetup
dhcp-server
glib2
glibc-minimal-langpack
gnu-efi
gnutls
iproute
iproute-tc
kernel-modules-extra
libbpf
libfido2
libmicrohttpd
libxcrypt
libxkbcommon
netcat
p11-kit
pam
polkit
procps-ng
quota
tpm2-tss
vim-common
BuildPackages=
bpftool
docbook-xsl
gnu-efi-devel
gperf
lz4
meson
ninja-build
libgcrypt-devel # CentOS Stream 8 libgcrypt-devel doesn't ship a pkg-config file.
libxslt
pam-devel
# CentOS Stream 8 libgcrypt-devel doesn't ship a pkg-config file.
libgcrypt-devel
pkgconfig
perl-interpreter
pkgconfig(audit)
pkgconfig(blkid)
pkgconfig(bzip2)
pkgconfig(dbus-1)
pkgconfig(fdisk)
pkgconfig(glib-2.0)
pkgconfig(gnutls)
pkgconfig(libacl)
pkgconfig(libbpf)
pkgconfig(libcap)
pkgconfig(libcryptsetup)
pkgconfig(libcurl)
pkgconfig(libdw)
pkgconfig(libfido2)
pkgconfig(libidn2)
pkgconfig(libkmod)
pkgconfig(liblz4)
pkgconfig(liblzma)
pkgconfig(libmicrohttpd)
pkgconfig(libpcre2-8)
pkgconfig(libqrencode)
@ -61,30 +76,3 @@ BuildPackages=
pkgconfig(xkbcommon)
python3dist(jinja2)
python3dist(lxml)
rpm
tree
zstd
/usr/bin/xsltproc
Packages=
gdb
nano
# procps-ng provides a set of useful utilities (ps, free, etc)
procps-ng
strace
tpm2-tss
less
netcat
e2fsprogs
# xxd is provided by the vim-common package
vim-common
libasan
libubsan
# Required to run systemd-networkd-tests.py
python3
iproute
iproute-tc
dnsmasq
wireguard-tools
dhcp-server
kernel-modules-extra

73
mkosi.default.d/debian/10-mkosi.debian
View file

@ -8,17 +8,31 @@ Distribution=debian
Release=testing
[Content]
Packages=
cryptsetup-bin
iproute2
isc-dhcp-server
libbpf0
libfido2-1
libglib2.0-0
libgnutls30
libidn2-0
libmicrohttpd12
libp11-kit0
libpam0g
libpwquality1
libqrencode4
libtss2-dev # Use the -dev package to avoid churn in updating version numbers
netcat-openbsd
policykit-1
procps
quota
xxd
BuildPackages=
acl
clang
docbook-xml
bpftool
docbook-xsl
gcc
g++
gettext
git
gnu-efi
gperf
libacl1-dev
libaudit-dev
libblkid-dev
@ -26,59 +40,28 @@ BuildPackages=
libbz2-dev
libcap-dev
libcryptsetup-dev
libcurl4-gnutls-dev
libcurl4-openssl-dev
libdbus-1-dev
libdw-dev
libfdisk-dev
libfido2-dev
libgcrypt20-dev
libglib2.0-dev
libgnutls28-dev
libidn2-0-dev
libidn2-dev
libiptc-dev
libkmod-dev
liblz4-dev
liblz4-tool
liblzma-dev
libmicrohttpd-dev
libmount-dev
libp11-kit-dev
libpam0g-dev
libpwquality-dev
libqrencode-dev
libseccomp-dev
libsmartcols-dev
libssl-dev
libtss2-dev
libxkbcommon-dev
libzstd-dev
llvm
meson
pkg-config
python3
python3-lxml
python3-jinja2
tree
uuid-dev
python3-lxml
xsltproc
xz-utils
zstd
Packages=
gdb
libbpf0
libfdisk1
libfido2-1
libidn2-0
libqrencode4
# We pull in the -dev package here, since the binary ones appear to change names too often, and the -dev package pulls the right deps in automatically
libtss2-dev
locales
nano
strace
xxd
# Provides libasan/libubsan
gcc
# Required to run systemd-networkd-tests.py
python3
iproute2
dnsmasq-base
wireguard-tools
isc-dhcp-server

75
mkosi.default.d/fedora/10-mkosi.fedora
View file

@ -8,29 +8,42 @@ Distribution=fedora
Release=36
[Content]
BuildPackages=
diffutils
docbook-style-xsl
findutils
gcc
gettext
git
Packages=
compsize
cryptsetup
dhcp-server
glib2
glibc-minimal-langpack
gnu-efi
gnutls
iproute
iproute-tc
kernel-modules-extra
libbpf
libfido2
libmicrohttpd
libxcrypt
libxkbcommon
netcat
pam
polkit
procps-ng
quota
tpm2-tss
vim-common
BuildPackages=
bpftool
docbook-xsl
gnu-efi-devel
gperf
lz4
meson
ninja-build
pam-devel
pkgconfig
pkgconfig # pkgconf shim to provide /usr/bin/pkg-config
pkgconfig(audit)
pkgconfig(blkid)
pkgconfig(bzip2)
pkgconfig(dbus-1)
pkgconfig(fdisk)
pkgconfig(gnutls)
pkgconfig(glib-2.0)
pkgconfig(libacl)
pkgconfig(libbpf)
pkgconfig(libcap)
pkgconfig(libcryptsetup)
pkgconfig(libcurl)
@ -39,8 +52,6 @@ BuildPackages=
pkgconfig(libgcrypt)
pkgconfig(libidn2)
pkgconfig(libkmod)
pkgconfig(liblz4)
pkgconfig(liblzma)
pkgconfig(libmicrohttpd)
pkgconfig(libpcre2-8)
pkgconfig(libqrencode)
@ -58,33 +69,3 @@ BuildPackages=
pkgconfig(xkbcommon)
python3dist(jinja2)
python3dist(lxml)
rpm
tree
zstd
/usr/bin/xsltproc
Packages=
acl
gdb
nano
# procps-ng provides a set of useful utilities (ps, free, etc)
procps-ng
strace
tpm2-tss
less
netcat
e2fsprogs
compsize
# xxd is provided by the vim-common package
vim-common
# Sanitizers
libasan
libubsan
# Required to run systemd-networkd-tests.py
python
iproute
iproute-tc
dnsmasq
wireguard-tools
dhcp-server
kernel-modules-extra

101
mkosi.default.d/opensuse/10-mkosi.opensuse
View file

@ -8,72 +8,59 @@ Distribution=opensuse
Release=tumbleweed
[Content]
BuildPackages=
docbook-xsl-stylesheets
fdupes
gcc
gnu-efi
gperf
intltool
libacl-devel
libapparmor-devel
libblkid-devel
libbz2-devel
libcap-devel
libcryptsetup-devel
libcurl-devel
libgcrypt-devel
libgnutls-devel
libkmod-devel
liblz4-devel
libmicrohttpd-devel
libmount-devel
libseccomp-devel
libselinux-devel
libxslt-tools
meson
pam-devel
pciutils-devel
pcre-devel
python3
python3-Jinja2
python3-lxml
qrencode-devel
shadow
system-user-nobody
systemd-sysvinit
zlib-devel
# to satisfy tests
acl
diffutils
glibc-locale
system-group-obsolete
system-user-bin
system-user-daemon
system-user-root
timezone
Packages=
gdb
# brought in via meson->python3
libp11-kit0
# --bootable=no
dbus-1
libapparmor1
glibc-locale-base
libbpf0
libcrypt1
libcryptsetup12
libdw1
libelf1
libfido2
libgcrypt20
libgnutls30
libglib-2_0-0
libkmod2
liblz4-1
libmount1
libp11-kit0
libqrencode4
libseccomp2
libxkbcommon0
pam
nano
strace
util-linux
# xxd is provided by the vim package
tpm2-0-tss
vim
# Provides libasan/libubsan
gcc
BuildPackages=
audit-devel
bpftool
dbus-1-devel
docbook-xsl-stylesheets
glib2-devel
glibc-locale
libacl-devel
libblkid-devel
libbpf-devel
libcap-devel
libcryptsetup-devel
libcurl-devel
libdw-devel
libelf-devel
libfdisk-devel
libfido2-devel
libgcrypt-devel
libgnutls-devel
libkmod-devel
libmicrohttpd-devel
libmount-devel
libpwquality-devel
libseccomp-devel
libselinux-devel
libxkbcommon-devel
libxslt-tools
openssl-devel
pam-devel
pcre-devel
python3-Jinja2
python3-lxml
qrencode-devel
tpm2-0-tss-devel

77
mkosi.default.d/ubuntu/10-mkosi.ubuntu
View file

@ -9,75 +9,60 @@ Release=jammy
Repositories=main,universe
[Content]
Packages=
cryptsetup-bin
iproute2
isc-dhcp-server
libbpf0
libfdisk1
libfido2-1
libglib2.0-0
libidn2-0
libmicrohttpd12
libp11-kit0
libpwquality1
libqrencode4
libtss2-dev # Use the -dev package to avoid churn in updating version numbers
linux-tools-common
linux-tools-generic
netcat-openbsd
policykit-1
procps
quota
xxd
BuildPackages=
acl
docbook-xml
docbook-xsl
gcc
gettext
git
gnu-efi
gperf
g++
libacl1-dev
libaudit-dev
libblkid-dev
libbpf-dev
libbz2-dev
libcap-dev
libcryptsetup-dev
libcurl4-gnutls-dev
libcurl4-openssl-dev
libdbus-1-dev
libdw-dev
libfdisk-dev
libfido2-dev
libgcrypt20-dev
libglib2.0-dev
libgnutls28-dev
libidn2-0-dev
libip4tc-dev
libip6tc-dev
libidn2-dev
libiptc-dev
libkmod-dev
liblz4-dev
liblz4-tool
liblzma-dev
libmicrohttpd-dev
libmount-dev
libp11-kit-dev
libpam0g-dev
libpwquality-dev
libqrencode-dev
libseccomp-dev
libsmartcols-dev
libssl-dev
libtss2-dev
libxkbcommon-dev
libxtables-dev
libzstd-dev
meson
pkg-config
python3
python3-lxml
python3-jinja2
tree
tzdata
uuid-dev
python3-lxml
xsltproc
xz-utils
zstd
Packages=
gdb
libfido2-1
libidn2-0
libqrencode4
# We pull in the -dev package here, since the binary ones appear to change names too often, and the -dev package pulls the right deps in automatically
libtss2-dev
libfdisk1
locales
nano
strace
xxd
# Provides libasan/libubsan
gcc
# Required to run systemd-networkd-tests.py
python3
iproute2
dnsmasq-base
wireguard-tools
isc-dhcp-server

3
mkosi.postinst
View file

@ -18,6 +18,9 @@ EOF
# `systemd-hwdb update` takes > 50s when built with sanitizers so let's not run it by default.
systemctl mask systemd-hwdb-update.service
fi
# Make sure dnsmasq.service doesn't start on boot on Debian/Ubuntu.
rm -f /etc/systemd/system/multi-user.target.wants/dnsmasq.service
fi
# Temporary workaround until https://github.com/openSUSE/suse-module-tools/commit/158643414ddb8d8208016a5f03a4484d58944d7a