diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-09-16 18:20:20 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-09-16 18:20:20 +0000 |
commit | 8612d3d858fa108e5732a586d4e2d0227ae34422 (patch) | |
tree | 33e7f8b3d5caa6c44b4d6759cb25d3eff4b2d975 /mkosi.conf.d | |
parent | Adding debian version 256.2-1. (diff) | |
download | systemd-8612d3d858fa108e5732a586d4e2d0227ae34422.tar.xz systemd-8612d3d858fa108e5732a586d4e2d0227ae34422.zip |
Merging upstream version 256.4.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'mkosi.conf.d')
46 files changed, 701 insertions, 41 deletions
diff --git a/mkosi.conf.d/10-arch/mkosi.conf b/mkosi.conf.d/10-arch/mkosi.conf new file mode 100644 index 0000000..5a4015e --- /dev/null +++ b/mkosi.conf.d/10-arch/mkosi.conf @@ -0,0 +1,54 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=arch + +[Content] +VolatilePackages= + systemd + systemd-libs + systemd-resolvconf + systemd-sysvcompat + systemd-tests + systemd-ukify + +Packages= + bind + bpf + btrfs-progs + compsize + cryptsetup + dbus-broker + dbus-broker-units + dhcp + erofs-utils + f2fs-tools + git + gnutls + iproute + iputils + knot + linux + man-db + multipath-tools + nmap + open-iscsi + openssh + openssl + pacman + perf + polkit + procps-ng + psmisc + python-pexpect + python-psutil + qrencode + quota-tools + sbsigntools + shadow + softhsm + squashfs-tools + stress-ng + tgt + tpm2-tools + vim diff --git a/mkosi.conf.d/10-arch/mkosi.conf.d/10-debug.conf b/mkosi.conf.d/10-arch/mkosi.conf.d/10-debug.conf new file mode 100644 index 0000000..4a6d2e9 --- /dev/null +++ b/mkosi.conf.d/10-arch/mkosi.conf.d/10-debug.conf @@ -0,0 +1,7 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Environment=WITH_DEBUG=1 + +[Content] +VolatilePackages=systemd-debug diff --git a/mkosi.conf.d/10-arch/mkosi.prepare b/mkosi.conf.d/10-arch/mkosi.prepare new file mode 100755 index 0000000..aac7b3d --- /dev/null +++ b/mkosi.conf.d/10-arch/mkosi.prepare @@ -0,0 +1,33 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +DEPS="" + +while read -r PACKAGE; do + DEPS="$DEPS $( + pacman --sync --info "$PACKAGE" | + sed '1,/^$/d' | # Only keep result from first repository (delete everything after first blank line). + sed --quiet 's/^Depends On *: //p' # Filter out everything except "Depends On:" line and fetch dependencies from it. + )" + + DEPS="$DEPS $( + pacman --sync --info "$PACKAGE" | + sed '1,/^$/d' | # Only keep result from first repository (delete everything after first blank line). + sed --quiet '/Optional Deps/,/Conflicts With/{/Conflicts With/!p}' | # Get every line from "Optional Deps" (inclusive) until "Conflicts With" (exclusive). + sed 's/Optional Deps *: //' | # Drop "Optional Deps :" from first line. + sed 's/ *\(.*\):.*/\1/' | # Drop descriptions (everything after first colon for all lines). + tr '\n' ' ' # Transform newlines to whitespace. + )" +done < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") + +echo "$DEPS" | + xargs | # Remove extra whitespace. + tr ' ' '\n' | + grep --invert-match --regexp systemd --regexp None | # systemd packages will be installed later on. + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install diff --git a/mkosi.conf.d/10-centos-fedora/mkosi.conf b/mkosi.conf.d/10-centos-fedora/mkosi.conf new file mode 100644 index 0000000..5b1865a --- /dev/null +++ b/mkosi.conf.d/10-centos-fedora/mkosi.conf @@ -0,0 +1,60 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=|centos +Distribution=|fedora + +[Content] +VolatilePackages= + systemd + systemd-boot + systemd-container + systemd-devel + systemd-journal-remote + systemd-libs + systemd-networkd + systemd-networkd-defaults + systemd-oomd-defaults + systemd-pam + systemd-resolved + systemd-tests + systemd-udev + systemd-ukify + +Packages= + bind-utils + bpftool + cryptsetup + device-mapper-event + device-mapper-multipath + dnf + git-core + glibc-langpack-de + glibc-langpack-en + gnutls-utils + integritysetup + iproute + iproute-tc + iputils + iscsi-initiator-utils + kernel-core + libcap-ng-utils + man-db + nmap-ncat + openssh-clients + openssh-server + pam + passwd + perf + policycoreutils + polkit + procps-ng + python3-pexpect + quota + rpm + softhsm + squashfs-tools + stress-ng + tpm2-tools + veritysetup + vim-common diff --git a/mkosi.conf.d/10-centos-fedora/mkosi.conf.d/10-debug.conf b/mkosi.conf.d/10-centos-fedora/mkosi.conf.d/10-debug.conf new file mode 100644 index 0000000..0c3707b --- /dev/null +++ b/mkosi.conf.d/10-centos-fedora/mkosi.conf.d/10-debug.conf @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Environment=WITH_DEBUG=1 + +[Content] +VolatilePackages= + systemd-container-debuginfo + systemd-debuginfo + systemd-debugsource + systemd-journal-remote-debuginfo + systemd-libs-debuginfo + systemd-networkd-debuginfo + systemd-pam-debuginfo + systemd-resolved-debuginfo + systemd-tests-debuginfo + systemd-udev-debuginfo diff --git a/mkosi.conf.d/10-centos-fedora/mkosi.conf.d/10-selinux.conf b/mkosi.conf.d/10-centos-fedora/mkosi.conf.d/10-selinux.conf new file mode 100644 index 0000000..0a388f3 --- /dev/null +++ b/mkosi.conf.d/10-centos-fedora/mkosi.conf.d/10-selinux.conf @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# libselinux does not work in the slightest with /usr-only images so don't install the packages if we're +# building a /usr-only image. + +[Match] +Profile=!particle + +[Content] +Packages= + selinux-policy + selinux-policy-targeted + setools-console diff --git a/mkosi.conf.d/10-centos-fedora/mkosi.prepare b/mkosi.conf.d/10-centos-fedora/mkosi.prepare new file mode 100755 index 0000000..2a890bc --- /dev/null +++ b/mkosi.conf.d/10-centos-fedora/mkosi.prepare @@ -0,0 +1,19 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +mapfile -t PACKAGES < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") + +for DEPS in --requires --recommends --suggests; do + # We need --latest-limit=1 to only consider the newest version of the packages. + # --latest-limit=1 is per <name>.<arch> so we have to pass --arch= explicitly to make sure i686 packages + # are not considerd on x86-64. + dnf repoquery --arch="$DISTRIBUTION_ARCHITECTURE" --latest-limit=1 --quiet "$DEPS" "${PACKAGES[@]}" | + grep --invert-match --regexp systemd --regexp udev --regexp /bin/sh --regexp grubby --regexp sdubby --regexp libcurl-minimal | + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install +done diff --git a/mkosi.conf.d/10-centos.conf b/mkosi.conf.d/10-centos.conf deleted file mode 100644 index ee8d0e5..0000000 --- a/mkosi.conf.d/10-centos.conf +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=centos - -[Distribution] -@Release=9 -Repositories=epel - epel-next - hyperscale-packages-main - hyperscale-packages-experimental diff --git a/mkosi.conf.d/10-centos/mkosi.conf b/mkosi.conf.d/10-centos/mkosi.conf new file mode 100644 index 0000000..d97b081 --- /dev/null +++ b/mkosi.conf.d/10-centos/mkosi.conf @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=centos + +[Distribution] +Release=10 + +[Content] +Environment= + # We'd prefer to use XFS here but it fails to mount on duplicate filesystem UUIDs which + # happens when running tests in parallel so we use ext4 instead. + SYSTEMD_REPART_OVERRIDE_FSTYPE_ROOT=ext4 + # The kernel versions in CentOS Stream 9 doesn't support orphan_file, but later versions of + # mkfs.ext4 enabled it by default, so we disable it explicitly. + SYSTEMD_REPART_MKFS_OPTIONS_EXT4="-O ^orphan_file" + +Packages= + kernel-modules # For squashfs diff --git a/mkosi.conf.d/10-fedora.conf b/mkosi.conf.d/10-centos/mkosi.conf.d/10-epel.conf index 71948d8..9e92a4f 100644 --- a/mkosi.conf.d/10-fedora.conf +++ b/mkosi.conf.d/10-centos/mkosi.conf.d/10-epel.conf @@ -1,7 +1,9 @@ # SPDX-License-Identifier: LGPL-2.1-or-later [Match] -Distribution=fedora +Release=9 [Distribution] -@Release=rawhide +Repositories= + epel + epel-next diff --git a/mkosi.conf.d/10-centos/mkosi.conf.d/20-epel-packages.conf b/mkosi.conf.d/10-centos/mkosi.conf.d/20-epel-packages.conf new file mode 100644 index 0000000..11dc969 --- /dev/null +++ b/mkosi.conf.d/10-centos/mkosi.conf.d/20-epel-packages.conf @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Repositories=epel + +[Content] +Packages= + dfuzzer + dhcp-server + erofs-utils + knot + qrencode + sbsigntools diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi-pinning.pref b/mkosi.conf.d/10-debian-ubuntu/mkosi-pinning.pref new file mode 100644 index 0000000..5649b70 --- /dev/null +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi-pinning.pref @@ -0,0 +1,3 @@ +Package: * +Pin: release l=mkosi +Pin-Priority: 1100 diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.conf b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf new file mode 100644 index 0000000..43e0781 --- /dev/null +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf @@ -0,0 +1,77 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=|debian +Distribution=|ubuntu + +[Distribution] +PackageManagerTrees=mkosi-pinning.pref:/etc/apt/preferences.d/mkosi-pinning.pref + +[Content] +VolatilePackages= + libnss-myhostname + libnss-mymachines + libnss-resolve + libnss-systemd + libpam-systemd + libsystemd-dev + libsystemd-shared + libsystemd0 + libudev-dev + systemd + systemd-container + systemd-coredump + systemd-cryptsetup + systemd-dev + systemd-homed + systemd-journal-remote + systemd-oomd + systemd-repart + systemd-resolved + systemd-sysv + systemd-tests + systemd-timesyncd + systemd-ukify + systemd-userdbd + udev + +Packages= + btrfs-progs + apt + bind9-dnsutils + cryptsetup-bin + dbus-broker + dbus-user-session + dmsetup + erofs-utils + f2fs-tools + fdisk + git-core + gnutls-bin + iproute2 + iputils-ping + isc-dhcp-server + knot + libcap-ng-utils + locales + man-db + multipath-tools + ncat + open-iscsi + openssh-client + openssh-server + passwd + polkitd + procps + psmisc + python3-pexpect + python3-psutil + qrencode + quota + softhsm2 + squashfs-tools + stress-ng + tgt + tpm2-tools + tzdata + xxd diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/10-debug.conf b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/10-debug.conf new file mode 100644 index 0000000..2bb6164 --- /dev/null +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/10-debug.conf @@ -0,0 +1,29 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Environment=WITH_DEBUG=1 + +[Content] +VolatilePackages= + libnss-myhostname-dbgsym + libnss-mymachines-dbgsym + libnss-resolve-dbgsym + libnss-systemd-dbgsym + libpam-systemd-dbgsym + libsystemd-shared-dbgsym + libsystemd0-dbgsym + libudev1-dbgsym + systemd-boot-dbgsym + systemd-container-dbgsym + systemd-coredump-dbgsym + systemd-cryptsetup-dbgsym + systemd-dbgsym + systemd-homed-dbgsym + systemd-journal-remote-dbgsym + systemd-oomd-dbgsym + systemd-repart-dbgsym + systemd-resolved-dbgsym + systemd-tests-dbgsym + systemd-timesyncd-dbgsym + systemd-userdbd-dbgsym + udev-dbgsym diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf new file mode 100644 index 0000000..781670a --- /dev/null +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# sbsigntool exists only on UEFI architectures + +[Match] +Architecture=|x86 +Architecture=|x86-64 +Architecture=|arm +Architecture=|arm64 +Architecture=|riscv32 +Architecture=|riscv64 + +[Content] +Packages= + sbsigntool + systemd-boot + systemd-boot-efi diff --git a/mkosi.conf.d/10-extra-search-paths.conf b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/network.conf index bd3cdb1..4fb4f46 100644 --- a/mkosi.conf.d/10-extra-search-paths.conf +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/network.conf @@ -1,7 +1,7 @@ # SPDX-License-Identifier: LGPL-2.1-or-later [Match] -PathExists=build/ +Environment=NO_BUILD=1 -[Host] -ExtraSearchPaths=build/ +[Content] +WithNetwork=yes diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare b/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare new file mode 100755 index 0000000..acab113 --- /dev/null +++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.prepare @@ -0,0 +1,16 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +mapfile -t PACKAGES < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") + +apt-cache depends "${PACKAGES[@]}" | + grep --invert-match --regexp "<" --regexp "|" --regexp systemd | # Remove e.g. <python3:any> and |dbus-broker like results + grep --extended-regexp "Depends|Suggests|Recommends" | + sed --quiet 's/.*: //p' | # Get every line with ": " in it and strip it at the same time. + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install diff --git a/mkosi.conf.d/10-debian.conf b/mkosi.conf.d/10-debian/mkosi.conf index 8674e88..c960a1b 100644 --- a/mkosi.conf.d/10-debian.conf +++ b/mkosi.conf.d/10-debian/mkosi.conf @@ -4,4 +4,8 @@ Distribution=debian [Distribution] -@Release=testing +Release=testing + +[Content] +Packages= + linux-perf diff --git a/mkosi.conf.d/10-debian/mkosi.conf.d/arm64.conf b/mkosi.conf.d/10-debian/mkosi.conf.d/arm64.conf new file mode 100644 index 0000000..af923fa --- /dev/null +++ b/mkosi.conf.d/10-debian/mkosi.conf.d/arm64.conf @@ -0,0 +1,8 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Architecture=arm64 + +[Content] +Packages= + linux-image-cloud-arm64 diff --git a/mkosi.conf.d/10-debian/mkosi.conf.d/x86-64.conf b/mkosi.conf.d/10-debian/mkosi.conf.d/x86-64.conf new file mode 100644 index 0000000..615de52 --- /dev/null +++ b/mkosi.conf.d/10-debian/mkosi.conf.d/x86-64.conf @@ -0,0 +1,8 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Architecture=x86-64 + +[Content] +Packages= + linux-image-cloud-amd64 diff --git a/mkosi.conf.d/10-fedora/mkosi.conf b/mkosi.conf.d/10-fedora/mkosi.conf new file mode 100644 index 0000000..adb7779 --- /dev/null +++ b/mkosi.conf.d/10-fedora/mkosi.conf @@ -0,0 +1,25 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=fedora + +[Distribution] +Release=rawhide + +[Content] +Packages= + btrfs-progs + compsize + dfuzzer + dhcp-server + dnf5 + erofs-utils + f2fs-tools + # Required for systemd-networkd-tests.py (netdevsim and sch_xxx modules) + kernel-modules-extra + kernel-modules-internal + knot + qrencode + rpmautospec + sbsigntools + scsi-target-utils diff --git a/mkosi.conf.d/10-opensuse.conf b/mkosi.conf.d/10-opensuse.conf deleted file mode 100644 index f976fc8..0000000 --- a/mkosi.conf.d/10-opensuse.conf +++ /dev/null @@ -1,8 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=opensuse - -[Distribution] -@Release=tumbleweed -PackageManagerTrees=mkosi.conf.d/macros.db_backend:/etc/rpm/macros.db_backend diff --git a/mkosi.conf.d/macros.db_backend b/mkosi.conf.d/10-opensuse/macros.db_backend index 4a58f06..4a58f06 100644 --- a/mkosi.conf.d/macros.db_backend +++ b/mkosi.conf.d/10-opensuse/macros.db_backend diff --git a/mkosi.conf.d/10-opensuse/mkosi.conf b/mkosi.conf.d/10-opensuse/mkosi.conf new file mode 100644 index 0000000..e741aa4 --- /dev/null +++ b/mkosi.conf.d/10-opensuse/mkosi.conf @@ -0,0 +1,79 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=opensuse + +[Distribution] +Release=tumbleweed +Repositories=non-oss +PackageManagerTrees=macros.db_backend:/etc/rpm/macros.db_backend + +[Content] +VolatilePackages= + libsystemd0 + libudev1 + systemd + systemd-boot + systemd-container + systemd-devel + systemd-doc + systemd-experimental + systemd-homed + systemd-lang + systemd-network + systemd-portable + systemd-sysvcompat + systemd-testsuite + udev + +# We install gawk, gzip, grep, xz, sed, rsync and docbook-xsl-stylesheets here explicitly so that the busybox +# versions don't get installed instead. +Packages= + bind-utils + bpftool + btrfs-progs + cryptsetup + device-mapper + dhcp-server + docbook-xsl-stylesheets + erofs-utils + f2fs-tools + gawk + git-core + glibc-locale-base + gnutls + grep + gzip + iputils + kernel-default + kmod + knot + multipath-tools + ncat + open-iscsi + openssh-clients + openssh-server + pam + patterns-base-minimal_base + perf + procps4 + psmisc + python3-pefile + python3-pexpect + python3-psutil + qrencode + quota + rsync + sbsigntools + sed + shadow + softhsm + squashfs + stress-ng + tgt + timezone + tpm2.0-tools + veritysetup + vim + xz + zypper diff --git a/mkosi.conf.d/10-opensuse/mkosi.conf.d/10-debug.conf b/mkosi.conf.d/10-opensuse/mkosi.conf.d/10-debug.conf new file mode 100644 index 0000000..6c57d04 --- /dev/null +++ b/mkosi.conf.d/10-opensuse/mkosi.conf.d/10-debug.conf @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Environment=WITH_DEBUG=1 + +[Content] +VolatilePackages= + libsystemd0-debuginfo + libudev1-debuginfo + systemd-boot-debuginfo + systemd-container-debuginfo + systemd-debuginfo + systemd-debugsource + systemd-experimental-debuginfo + systemd-homed-debuginfo + systemd-journal-remote-debuginfo + systemd-network-debuginfo + systemd-portable-debuginfo + systemd-sysvcompat-debuginfo + systemd-testsuite-debuginfo + udev-debuginfo diff --git a/mkosi.conf.d/10-opensuse/mkosi.prepare b/mkosi.conf.d/10-opensuse/mkosi.prepare new file mode 100755 index 0000000..6ee0af2 --- /dev/null +++ b/mkosi.conf.d/10-opensuse/mkosi.prepare @@ -0,0 +1,23 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +if [[ "$1" == "build" ]]; then + exit 0 +fi + +DEPS="" + +while read -r PACKAGE; do + # zypper's output is not machine readable so we make do with sed instead. + DEPS="$DEPS\n$( + zypper info --requires --recommends --suggests "$PACKAGE" | + sed '/Requires/,$!d' | # Remove everything before Requires line + sed --quiet 's/^ //p' # All indented lines have dependencies + )" +done < <(jq --raw-output .VolatilePackages[] <"$MKOSI_CONFIG") + +echo -e "$DEPS" | + grep --invert-match --regexp systemd --regexp udev --regexp qemu | + sort --unique | + xargs --delimiter '\n' --no-run-if-empty mkosi-install diff --git a/mkosi.conf.d/10-tools.conf b/mkosi.conf.d/10-tools.conf deleted file mode 100644 index 9d276d4..0000000 --- a/mkosi.conf.d/10-tools.conf +++ /dev/null @@ -1,8 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -PathExists=!build/ -SystemdVersion=<254 - -[Host] -@ToolsTree=default diff --git a/mkosi.conf.d/10-ubuntu.conf b/mkosi.conf.d/10-ubuntu.conf deleted file mode 100644 index da2d318..0000000 --- a/mkosi.conf.d/10-ubuntu.conf +++ /dev/null @@ -1,8 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later - -[Match] -Distribution=ubuntu - -[Distribution] -@Release=noble -Repositories=universe diff --git a/mkosi.conf.d/10-ubuntu/mkosi.conf b/mkosi.conf.d/10-ubuntu/mkosi.conf new file mode 100644 index 0000000..1ffa3ab --- /dev/null +++ b/mkosi.conf.d/10-ubuntu/mkosi.conf @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Distribution=ubuntu + +[Distribution] +Release=noble +Repositories=universe + +[Content] +Packages= + linux-image-generic + linux-tools-common + linux-tools-virtual diff --git a/mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf b/mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf new file mode 100644 index 0000000..582f038 --- /dev/null +++ b/mkosi.conf.d/10-ubuntu/mkosi.conf.d/non-x86.conf @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# The ports Ubuntu archive is for non i386/amd64 repositories + +[Match] +Architecture=!x86-64 +Architecture=!x86 +Release=noble + +[Distribution] +PackageManagerTrees=noble-backports-ports.sources:/etc/apt/sources.list.d/noble-backports-ports.sources diff --git a/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf b/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf new file mode 100644 index 0000000..7347be9 --- /dev/null +++ b/mkosi.conf.d/10-ubuntu/mkosi.conf.d/x86.conf @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +# The main Ubuntu archive is only for i386/amd64 repositories + +[Match] +Architecture=|x86-64 +Architecture=|x86 +Release=noble + +[Distribution] +PackageManagerTrees=noble-backports.sources:/etc/apt/sources.list.d/noble-backports.sources diff --git a/mkosi.conf.d/10-ubuntu/noble-backports-ports.sources b/mkosi.conf.d/10-ubuntu/noble-backports-ports.sources new file mode 100644 index 0000000..5b96dc5 --- /dev/null +++ b/mkosi.conf.d/10-ubuntu/noble-backports-ports.sources @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +Types: deb +URIs: http://ports.ubuntu.com +Suites: noble-backports +Components: main universe +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg diff --git a/mkosi.conf.d/10-ubuntu/noble-backports.sources b/mkosi.conf.d/10-ubuntu/noble-backports.sources new file mode 100644 index 0000000..d10c1e8 --- /dev/null +++ b/mkosi.conf.d/10-ubuntu/noble-backports.sources @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +Types: deb +URIs: http://archive.ubuntu.com/ubuntu +Suites: noble-backports +Components: main universe +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg diff --git a/mkosi.conf.d/20-build.conf b/mkosi.conf.d/20-build.conf new file mode 100644 index 0000000..8c16d9b --- /dev/null +++ b/mkosi.conf.d/20-build.conf @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# Add a dependency on the build image unless NO_BUILD=1. + +[Match] +Environment=!NO_BUILD=1 + +[Config] +Dependencies=build diff --git a/mkosi.conf.d/20-none.conf b/mkosi.conf.d/20-none.conf new file mode 100644 index 0000000..0e4d919 --- /dev/null +++ b/mkosi.conf.d/20-none.conf @@ -0,0 +1,11 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# If we're only rerunning the build script, remove all subimage dependencies except the build image to speed +# up builds. + +[Match] +Format=none + +[Config] +Dependencies= +Dependencies=build diff --git a/mkosi.conf.d/20-particle/mkosi.conf b/mkosi.conf.d/20-particle/mkosi.conf new file mode 100644 index 0000000..99dad00 --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.conf @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Match] +Profile=particle + +[Output] +RepartDirectories= +RepartDirectories=mkosi.repart + +[Validation] +SecureBoot=yes +SignExpectedPcr=yes + +[Host] +RuntimeSize=8G diff --git a/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/repart.d/15-swap.conf b/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/repart.d/15-swap.conf new file mode 100644 index 0000000..3755278 --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/repart.d/15-swap.conf @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=swap +SizeMinBytes=100M +SizeMaxBytes=100M diff --git a/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/repart.d/20-root.conf b/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/repart.d/20-root.conf new file mode 100644 index 0000000..2f92af2 --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/repart.d/20-root.conf @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=root +Format=btrfs +SizeMinBytes=1G diff --git a/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf b/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf new file mode 100644 index 0000000..dac79ba --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf @@ -0,0 +1,3 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +C+! /etc - - - - /usr/share/factory/mkosi diff --git a/mkosi.conf.d/20-particle/mkosi.finalize b/mkosi.conf.d/20-particle/mkosi.finalize new file mode 100755 index 0000000..69f9554 --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.finalize @@ -0,0 +1,6 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +mkdir -p "$BUILDROOT"/usr/share/factory/mkosi +cp --archive --recursive --no-target-directory --reflink=auto "$BUILDROOT"/etc "$BUILDROOT"/usr/share/factory/mkosi diff --git a/mkosi.conf.d/20-particle/mkosi.postinst.chroot b/mkosi.conf.d/20-particle/mkosi.postinst.chroot new file mode 100755 index 0000000..95e0552 --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.postinst.chroot @@ -0,0 +1,12 @@ +#!/bin/bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -e + +# sbsign is not available on CentOS Stream +if command -v sbsign &>/dev/null; then + # Ensure that side-loaded PE addons are loaded if signed, and ignored if not + addons_dir=/efi/loader/addons + mkdir -p "$addons_dir" + ukify build --secureboot-private-key mkosi.key --secureboot-certificate mkosi.crt --cmdline this_should_be_here -o "$addons_dir/good.addon.efi" + ukify build --cmdline this_should_not_be_here -o "$addons_dir/bad.addon.efi" +fi diff --git a/mkosi.conf.d/20-particle/mkosi.repart/00-esp.conf b/mkosi.conf.d/20-particle/mkosi.repart/00-esp.conf new file mode 100644 index 0000000..391543d --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.repart/00-esp.conf @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=esp +Format=vfat +CopyFiles=/boot:/ +CopyFiles=/efi:/ +SizeMinBytes=1G +SizeMaxBytes=1G diff --git a/mkosi.conf.d/20-particle/mkosi.repart/10-usr.conf b/mkosi.conf.d/20-particle/mkosi.repart/10-usr.conf new file mode 100644 index 0000000..343761d --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.repart/10-usr.conf @@ -0,0 +1,9 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=usr +Format=erofs +CopyFiles=/usr:/ +Verity=data +VerityMatchKey=usr +Minimize=yes diff --git a/mkosi.conf.d/20-particle/mkosi.repart/11-usr-verity.conf b/mkosi.conf.d/20-particle/mkosi.repart/11-usr-verity.conf new file mode 100644 index 0000000..b4d45dd --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.repart/11-usr-verity.conf @@ -0,0 +1,7 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=usr-verity +Verity=hash +VerityMatchKey=usr +Minimize=yes diff --git a/mkosi.conf.d/20-particle/mkosi.repart/12-usr-verity-sig.conf b/mkosi.conf.d/20-particle/mkosi.repart/12-usr-verity-sig.conf new file mode 100644 index 0000000..1841d0a --- /dev/null +++ b/mkosi.conf.d/20-particle/mkosi.repart/12-usr-verity-sig.conf @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=usr-verity-sig +Verity=signature +VerityMatchKey=usr diff --git a/mkosi.conf.d/20-sanitizers.conf b/mkosi.conf.d/20-sanitizers.conf index 235b233..62d0523 100644 --- a/mkosi.conf.d/20-sanitizers.conf +++ b/mkosi.conf.d/20-sanitizers.conf @@ -2,6 +2,7 @@ [Match] Environment=SANITIZERS +Environment=!SANITIZERS= [Content] # Set verify_asan_link_order=0 to prevent ASAN warnings when building the image and make sure the real ASAN @@ -17,3 +18,6 @@ KernelCommandLine= systemd.setenv=UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 LSAN_OPTIONS=suppressions=/usr/lib/systemd/leak-sanitizer-suppressions systemd.setenv=LSAN_OPTIONS=suppressions=/usr/lib/systemd/leak-sanitizer-suppressions + +[Config] +Include=%D/mkosi.sanitizers |