Instead of parsing the human readable output of apt-cache, let's
use apt patterns to figure out the dependencies.
We also filter out virtual packages as apt will fail and say we need
to install an implementation of the virtual package even if a package
that provides the virtual package is already installed.
login is now from util-linux so credentials are supported.
It also needs to be pulled in as it's Protected: yes rather than
Essential: yes.
Keep the old setting for Ubuntu as that still uses login from shadow.
The next commit will introduce a way to iterate on integration
tests which depends on btrfs specific features.
We leave CentOS on ext4 as its kernel does not support btrfs.
CentOS Stream 10 has a newer util-linux which means the terminal
gets correctly resized to the size specified by mkosi. This is a
much nicer experience than CentOS Stream 9 where you're stuck on
80x24 so let's make CentOS Stream 10 the default release to build.
Let's document in detail how to build the integration test image and run
the integration tests without building systemd. To streamline the process,
we stop automatically using binaries from build/ when invoking mkosi directly
and don't automatically use a tools tree anymore if systemd on the host is too
old. Instead, we document these options in HACKING.md and change the mkosi meson
target to automatically use the current build directory as an extra binary search
path for mkosi.
Let's make things a little more consistent and build the initrd
explicitly as a subimage as well instead of relying on mkosi building
it as part of the main image build.
We drop the opensuse initrd postinst script as we don't use erofs by
default anymore. We can always reintroduce it again later if needed.
This allows us to add CI for CentOS Stream 10 as EPEL 10 doesn't
exist yet and won't exist for quite some time.
CentOS Stream 10 will be enabled later as soon as
https://issues.redhat.com/browse/RHEL-46604 is resolved.
We want the exitrd image to be built with the latest systemd as well.
As the exitrd image is built as part of mkosi.images, and all subimages
are built before the main image, this implies the packages must be built
as a subimage in mkosi.images/ as well. So we introduce the build image and
move all logic related to building distribution packages there.
This also has the nice side effect of slimming down the main image as the
build dependencies are not installed into the main image anymore. It also
makes sure the packages are built in a "clean" chroot without any of the
other packages which we install in the main image available.
* a3524fc837 Use a more precise Recommends for libkxbcommon
* 980ede8c0f Drop machined revert
* d569018a92 Rebuilt for the bin-sbin merge
* 8881fa94ee Version 256.2
* 1cc4f83002 Link systemd-executor statically
* 0319e62d9c Update dracut workaround
* c96f54de22 Fix ELN build
* 3f68c5d802 Only exclude dracut conflicts on non-fedora on upstream builds
* 7db154308b Conditionalize dracut Conflicts more
* 8c025c3bdf Accepting request 1184267 from Base:System
|\
| * 735f8c4ba4 - Import commit 5a8eadd0c021758337a020c423f25a353bdb9b3c (merge of v255.8) For a complete list of changes, visit: 603cd1d4d8...5a8eadd0c0 - Drop 5003-Revert-run-pass-the-pty-slave-fd-to-transient-servic.patch as v255.8 contains the workaround (commit 639c922ede9485) for the broken commit 28459ba1f4.
* | 37853fecc3 Accepting request 1183029 from Base:System
|/
* 638de11012 - Don't automatically clean unmodified config files up (bsc#1226415)
* 369c023c24 reorder one more time...
* ffa9f0ac80 reorder the runtime deps of the testsuite package so the format_spec_file thingy stop screwing up the spec file...
* 12c1190a79 fix rev 1529: the devel packages are really needed by the testsuite script to install the dlopened libs into the image
* ca8e7f54ce - systemd.spec: move a misplaced %endif in the testsuite sub-package.
* b7944f5b14 - Merge systemd-coredump back into the main package (bsc#1091684)
* 3fa0dea84a - Don't pull the devel packages in when installing the testsuite package.
- Stop installing the policy in the initramfs as it's not really
supported anyway (https://github.com/fedora-selinux/selinux-policy/issues/2221)
- Stop relabeling on first boot and prefer to do it at image build time
- Disable mkosi relabeling by default but enable it in CI
- Build image as root in CI so the SELinux relabeling works properly
In https://github.com/systemd/mkosi/pull/2847, the '@' specifier is
removed, CLI arguments take priority over configuration files again
and the "main" image is defined at the top level instead of in
mkosi.images/. Additionally, not every setting from the top level
configuration is inherited by the images in mkosi.images/ anymore,
only settings which make sense to be inherited are inherited.
This commit gets rid of all the usages of '@', moves the "main" image
configuration from mkosi.images/system to the top level and gets rid
of various hacks we had in place to deal with quirks of the old
configuration parsing logic.
We also remove usages of Images= and --append as these options are
removed by the mentioned PR.
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
Mounting multiple btrfs filesystems with the same fsid only works
properly from kernel 6.7 onwards. Let's switch to ext4 for now which
does support this.
Enable updates-testing and use the most recent mirror to make sure
we get util-linux 2.40.1 which contains a crucial fix to make sure
the serial terminal in virtual machines works properly.
Not supported by e2fsck from centos. We also disable building repart
from source in CI as running it from the build directory means repart
will run mkfs.ext4 from the host which doesn't know about the orphan_file
feature causing it to fail.
Instead of running meson install and hoping for the best, let's build
distribution packages from the downstream packaging specs. This gets
us the following:
- Vastly simplified mkosi scripts since we don't need a separate initrd
image anymore but can just reuse the default mkosi initrd.
- Almost everything can move to the base image as its not the basis
anymore for the initrd and as such we don't need to care about the
size anymore.
- The systemd packages that get pulled in as dependencies of other
packages get properly uninstalled and replaced with our packages that
we built instead of just installing on top of an existing systemd
installation with no guarantee that everything from that previous
installation was removed.
- Much better testing coverage as what we're testing is much closer
to what will actually be deployed in distributions.
- Immediate feedback if something we change breaks distribution packaging
- We get integration with the distribution for free as we'll automatically
use the proper directories and such instead of having to hack this
into a mkosi build script.
- ...
- Use mkosi.images/ instead of mkosi.presets/
- Use the .chroot suffix to run scripts in the image
- Use BuildSources= match for the kernel build
- Move 10-systemd.conf to mkosi.conf and rely on mkosi.local.conf
for local configuration
We're not going ahead with the corresponding change in mkosi
after all so revert the preparatory change in systemd as well.
This reverts commit f756bcdf17.
Next release of mkosi will not use subdirectories under the cache
and build directory by default anymore, so let's make sure we already
start creating those ourselves.
If the systemd version on the host is too old and there's no local
build directory, use the default tools tree which will build an
image containing all the tooling required to build systemd and use
that to build the other presets.
Let's not build all presets by default, but only the system preset.
Also, let's only make the system preset depend on the initrd preset
if we're building a bootable disk image. This means that if we build
the system image as a cpio, uki or directory, the initrd preset will
be skipped as it's not necessary, making the build a little faster.
Configuration now takes priority over CLI options so we have to
configure the defaults for settings that we want to allow overriding
from the CLI. We also explicitly set some other settings so that they
can't be overridden from the CLI anymore. For example the base and
initrd image should never be made bootable so we set Bootable=no
explicitly for both.
