summaryrefslogtreecommitdiffstats
path: root/mkosi.images/initrd
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-16 18:20:20 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-16 18:20:20 +0000
commit8612d3d858fa108e5732a586d4e2d0227ae34422 (patch)
tree33e7f8b3d5caa6c44b4d6759cb25d3eff4b2d975 /mkosi.images/initrd
parentAdding debian version 256.2-1. (diff)
downloadsystemd-8612d3d858fa108e5732a586d4e2d0227ae34422.tar.xz
systemd-8612d3d858fa108e5732a586d4e2d0227ae34422.zip
Merging upstream version 256.4.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'mkosi.images/initrd')
-rw-r--r--mkosi.images/initrd/mkosi.conf16
-rw-r--r--mkosi.images/initrd/mkosi.conf.d/arch.conf14
-rw-r--r--mkosi.images/initrd/mkosi.conf.d/build.conf9
-rw-r--r--mkosi.images/initrd/mkosi.conf.d/centos-fedora.conf14
-rw-r--r--mkosi.images/initrd/mkosi.conf.d/debian-ubuntu.conf19
-rw-r--r--mkosi.images/initrd/mkosi.conf.d/fedora.conf8
-rw-r--r--mkosi.images/initrd/mkosi.conf.d/opensuse.conf17
-rw-r--r--mkosi.images/initrd/mkosi.extra/usr/lib/encrypted-var.repart.d/00-root.conf15
-rw-r--r--mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/encrypted-var.service20
-rw-r--r--mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrd-run-mount.service11
-rw-r--r--mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrdcred.service9
11 files changed, 152 insertions, 0 deletions
diff --git a/mkosi.images/initrd/mkosi.conf b/mkosi.images/initrd/mkosi.conf
new file mode 100644
index 0000000..3f2c5c7
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.conf
@@ -0,0 +1,16 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Config]
+Include=
+ mkosi-initrd
+ %D/mkosi.sanitizers
+
+[Content]
+ExtraTrees=
+ %D/mkosi.leak-sanitizer-suppressions:/usr/lib/systemd/leak-sanitizer-suppressions
+ %D/mkosi.coredump-journal-storage.conf:/usr/lib/systemd/coredump.conf.d/10-coredump-journal-storage.conf
+
+Packages=
+ findutils
+ grep
+ sed
diff --git a/mkosi.images/initrd/mkosi.conf.d/arch.conf b/mkosi.images/initrd/mkosi.conf.d/arch.conf
new file mode 100644
index 0000000..99e039d
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.conf.d/arch.conf
@@ -0,0 +1,14 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Match]
+Distribution=arch
+
+[Content]
+Packages=
+ btrfs-progs
+ tpm2-tools
+
+VolatilePackages=
+ systemd
+ systemd-libs
+ systemd-sysvcompat
diff --git a/mkosi.images/initrd/mkosi.conf.d/build.conf b/mkosi.images/initrd/mkosi.conf.d/build.conf
new file mode 100644
index 0000000..8c16d9b
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.conf.d/build.conf
@@ -0,0 +1,9 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+# Add a dependency on the build image unless NO_BUILD=1.
+
+[Match]
+Environment=!NO_BUILD=1
+
+[Config]
+Dependencies=build
diff --git a/mkosi.images/initrd/mkosi.conf.d/centos-fedora.conf b/mkosi.images/initrd/mkosi.conf.d/centos-fedora.conf
new file mode 100644
index 0000000..6607dab
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.conf.d/centos-fedora.conf
@@ -0,0 +1,14 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Match]
+Distribution=|centos
+Distribution=|fedora
+
+[Content]
+Packages=
+ tpm2-tools
+
+VolatilePackages=
+ systemd
+ systemd-libs
+ systemd-udev
diff --git a/mkosi.images/initrd/mkosi.conf.d/debian-ubuntu.conf b/mkosi.images/initrd/mkosi.conf.d/debian-ubuntu.conf
new file mode 100644
index 0000000..093c1bd
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.conf.d/debian-ubuntu.conf
@@ -0,0 +1,19 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Match]
+Distribution=|debian
+Distribution=|ubuntu
+
+[Content]
+Packages=
+ btrfs-progs
+ tpm2-tools
+
+VolatilePackages=
+ libsystemd-shared
+ libsystemd0
+ libudev1
+ systemd
+ systemd-cryptsetup
+ systemd-repart
+ udev
diff --git a/mkosi.images/initrd/mkosi.conf.d/fedora.conf b/mkosi.images/initrd/mkosi.conf.d/fedora.conf
new file mode 100644
index 0000000..634b5a0
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.conf.d/fedora.conf
@@ -0,0 +1,8 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Match]
+Distribution=fedora
+
+[Content]
+Packages=
+ btrfs-progs
diff --git a/mkosi.images/initrd/mkosi.conf.d/opensuse.conf b/mkosi.images/initrd/mkosi.conf.d/opensuse.conf
new file mode 100644
index 0000000..9f685e6
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.conf.d/opensuse.conf
@@ -0,0 +1,17 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Match]
+Distribution=opensuse
+
+[Content]
+Packages=
+ btrfs-progs
+ kmod
+ tpm2.0-tools
+
+VolatilePackages=
+ libsystemd0
+ libudev1
+ systemd
+ udev
+ systemd-experimental
diff --git a/mkosi.images/initrd/mkosi.extra/usr/lib/encrypted-var.repart.d/00-root.conf b/mkosi.images/initrd/mkosi.extra/usr/lib/encrypted-var.repart.d/00-root.conf
new file mode 100644
index 0000000..b252491
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.extra/usr/lib/encrypted-var.repart.d/00-root.conf
@@ -0,0 +1,15 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Partition]
+Type=var
+# This label is the partition's label. The filesystem inside may have its own label.
+Label=varcrypt
+# This UUID is the decrypted partition UUID, there are also filesystem and luks UUIDs.
+# The original test finds the partition by this UUID, but it doesn't appear
+# since the luks UUID, which is derived by hash of this UUID, is different
+# and the luks UUID is needed before the decrypted partition UUID.
+# The resulting luks UUID is 0d318174-56b0-4d6e-a324-ac1e7e7d235d.
+UUID=deadbeef-dead-dead-beef-000000000000
+Format=ext4
+Encrypt=key-file
+SizeMinBytes=1G
diff --git a/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/encrypted-var.service b/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/encrypted-var.service
new file mode 100644
index 0000000..54a9b8a
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/encrypted-var.service
@@ -0,0 +1,20 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Unit]
+Description=Add encrypted var partition to root disk
+Documentation=man:systemd-repart.service(8)
+
+ConditionVirtualization=!container
+
+DefaultDependencies=no
+Wants=modprobe@loop.service modprobe@dm_mod.service
+After=modprobe@loop.service modprobe@dm_mod.service sysroot.mount
+Before=initrd-root-fs.target
+Conflicts=shutdown.target initrd-switch-root.target
+Before=shutdown.target initrd-switch-root.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=systemd-repart --definitions /usr/lib/encrypted-var.repart.d --key-file %d/keyfile --dry-run=no /sysroot
+ImportCredential=keyfile
diff --git a/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrd-run-mount.service b/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrd-run-mount.service
new file mode 100644
index 0000000..845ac57
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrd-run-mount.service
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Unit]
+Description=Create a mount in /run that should survive the transition from initrd
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=mkdir /run/initrd-mount-source /run/initrd-mount-target
+ExecStart=mount -v --bind /run/initrd-mount-source /run/initrd-mount-target
+ExecStart=cp -v /etc/initrd-release /run/initrd-mount-target/hello-world
diff --git a/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrdcred.service b/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrdcred.service
new file mode 100644
index 0000000..2c709bc
--- /dev/null
+++ b/mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/initrdcred.service
@@ -0,0 +1,9 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+[Unit]
+Description=populate initrd credential dir for TEST-54-CREDS
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=sh -c "mkdir -m 0755 -p /run/credentials && mkdir -m 0700 /run/credentials/@initrd && umask 0077 && echo guatemala > /run/credentials/@initrd/myinitrdcred"
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-28 02:23:00 +0000