We're not going ahead with the corresponding change in mkosi
after all so revert the preparatory change in systemd as well.
This reverts commit f756bcdf17.
Next release of mkosi will not use subdirectories under the cache
and build directory by default anymore, so let's make sure we already
start creating those ourselves.
If the systemd version on the host is too old and there's no local
build directory, use the default tools tree which will build an
image containing all the tooling required to build systemd and use
that to build the other presets.
Let's not build all presets by default, but only the system preset.
Also, let's only make the system preset depend on the initrd preset
if we're building a bootable disk image. This means that if we build
the system image as a cpio, uki or directory, the initrd preset will
be skipped as it's not necessary, making the build a little faster.
Configuration now takes priority over CLI options so we have to
configure the defaults for settings that we want to allow overriding
from the CLI. We also explicitly set some other settings so that they
can't be overridden from the CLI anymore. For example the base and
initrd image should never be made bootable so we set Bootable=no
explicitly for both.
mkosi now supports CentOS SIGs natively so we drop our own definition
of that and use the mkosi builtin one. We also enable hyperscale for
both CentOS 8 and CentOS 9 for consistency and add epel-next as well
which is a requirement for Hyperscale.
Since mkosi is now smart enough to drop the caches when the list of
packages changes, let's enable Incremental= mode by default to ensure
a good experience for anyone new to hacking on systemd with mkosi.
We only really care about lowering the device timeout so we get to
a shell faster when the root device doesn't appear so let's only
lower that timeout instead of lowering all default timeouts.
If this module is loaded, sending readiness notifications from the
VM will fail with "no route to host" so let's blacklist the module
to prevent that from happening.
Let's start moving towards a more involved partitioning setup to
test our stuff more when using mkosi.
The root partition is generated on boot with systemd-repart.
CentOS supports neither erofs nor btrfs so we use squashfs and xfs
instead.
We also enable SecureBoot= locally for additional coverage. This
and the use of verity means users need to run `mkosi genkey` once
to generate the keys necessary to do secure boot and verity.
This is only useful to be able to remove generated files using rm -rf
instead of mkosi clean and has some implications for the generated
rootfs so let's not enable it by default.
This allows setting it on the kernel cmdline and having it work
automatically without having to write any dropins or such.
Also enable the option in mkosi so that we can debug the initrd
properly with a locked root account.
Instead of building the initrds for the mkosi images with dracut,
let's switch to using mkosi presets to build the initrd with mkosi
as well.
This commit splits up our single image build into three separate
mkosi presets:
1. The "base" preset. This image contains systemd and all its runtime
dependencies. The sole purpose of this image is to serve as a base image
for the initrd and the final image. It's also responsible for building
systemd from source with the build script. The results are installed into
the base image. Note that we install the systemd and udev packages into this
image as well to prevent package managers from overriding the systemd we built
from source with the distro packaged systemd if it's pulled in as a dependency
by another package from the initrd or final profiles.
2. The "initrd" preset. This image provides the initrd. It's trivial and does
nothing more than packaging the base image up as a zstd compressed initramfs and
adds /init and /etc/initrd-release symlinks to the image.
3. The "final" preset. This image builds on top of the base image and adds
a kernel and extra packages that are useful for testing and debugging.
We also split out the optional kernel build into a separate set of config files
that are only included if a kernel to build is actually provided.
Note that this commit doesn't really change anything about how mkosi is used.
The commands remain the same, except that mkosi will now build all the presets
in order. "mkosi summary" will show the summary of all the presets. "mkosi qemu,
boot, shell" will always boot the final preset. With "-f", all presets will be
built and the final one is booted. "-i" makes a cache of each preset.
The only thing to keep in mind is that specifying config via the mkosi CLI will
apply to each of the presets. e.g. any extra packages added with "-p" will be
installed in both the initrd and the final image. To apply local configuration
to a single preset, create a file 00-local.conf in
mkosi.presets/<profile>/mkosi.conf.d and put all the preset specific configuration
in there.
Let's use the new support for matching against any distribution in
a list of distributions to start sharing most things between the
ubuntu/debian configs and centos/fedora configs.
Requires apt 2.3.10 which is not available in stable, and also doesn't
seem necessary, same packages are installed anyway
Add tzdata manually, as that doesn't seem to be pulled in via the CI.
It'll be out this week. We can't update the man pages before it is realeased,
but we can use it for mkosi builds and do some very late testing.
Also, use filepath specification for /bin/pkg-config. We need it for meson, and
meson calls it directly by this path. pkgconfig is a virtual Provides on
pkgconf-pkg-config, and the indirection here just obfuscates things with no
benefit.
Add it explicitly for centos too. (I think it is pulled in by packages which
contain pkg-config modules anyway, but it's better to be explicit).
This also migrates the configuration to the new format that was
just merged in mkosi. Specifically, we make use of the new [Match]
sections to only include specific config snippets per distro.
This reverts commit be266f49d6b7e3f021e2a07f937d39d1f14a283d.
Turns out we installed this because it's required by the bpf selftests
so let's keep it intact.
- Drop Netdev= as it was removed in mkosi
- Always install python-psutil in the final image (required for networkd tests)
- Always Install python-pytest in the final image (required for ukify tests)
- Use the narrow glob for all centos python packages
- Drop the networkd mkosi config files (the default image can be used instead)
- Use ".conf" as the mkosi config file suffix everywhere
- Copy src/ to /root/src in the final image and set gdb substitute path in
.gdbinit to make gdb work properly
- ACLs are not set on generated directories anymore by default, so
we enable them explictly now so that when running unprivileged mkosi,
the user running mkosi can remove all generated files and directories.
- We don't explicitly set QemuHeadless= anymore as the option was removed
and made the default.
- We set the loglevel= kernel cmdline argument explicitly now as mkosi
doesn't set it by default anymore.
Let's make sure we only install the python3 and python39 python
packages, instead of all the packages of all versions that are
packaged.
This also fixes the CentOS 8 CI because python3.11-pytest was failing
to install.
We have to ship our own powertools repo definition because we need to
enable module_hotfixes for powertools to coerce dnf into installing
some of the python packages.
