diff options
Diffstat (limited to 'mkosi.images/system/mkosi.extra/usr/lib')
6 files changed, 59 insertions, 0 deletions
diff --git a/mkosi.images/system/mkosi.extra/usr/lib/repart.d/15-swap.conf b/mkosi.images/system/mkosi.extra/usr/lib/repart.d/15-swap.conf new file mode 100644 index 0000000..3755278 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/repart.d/15-swap.conf @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=swap +SizeMinBytes=100M +SizeMaxBytes=100M diff --git a/mkosi.images/system/mkosi.extra/usr/lib/repart.d/20-root.conf b/mkosi.images/system/mkosi.extra/usr/lib/repart.d/20-root.conf new file mode 100644 index 0000000..71eb9e3 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/repart.d/20-root.conf @@ -0,0 +1,8 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +[Partition] +Type=root +Format=btrfs +SizeMinBytes=1G +Subvolumes=/home /var +MakeDirectories=/home /var diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf b/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf new file mode 100644 index 0000000..2f95329 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/journald.conf.d/50-persistent.conf @@ -0,0 +1,8 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +# We only ship /usr in the image so /var/log/journal won't exist on boot which means systemd-journald won't +# persist any logs as the default Storage= setting is "auto". We can't create /var/log/journal using tmpfiles +# as systemd-journal-flush.service runs before systemd-tmpfiles-setup.service so instead we explicitly set +# Storage= to persistent to have systemd-journald create /var/log/journal itself. +[Journal] +Storage=persistent diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh b/mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh new file mode 100755 index 0000000..9bb2462 --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh @@ -0,0 +1,19 @@ +#!/bin/bash -eux +# SPDX-License-Identifier: LGPL-2.1-or-later + +# TODO: Figure out why this is failing +systemctl reset-failed systemd-vconsole-setup.service + +systemctl --failed --no-legend | tee /failed-services + +# Check that secure boot keys were properly enrolled. +if ! systemd-detect-virt --container; then + cmp /sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c <(printf '\6\0\0\0\1') + cmp /sys/firmware/efi/efivars/SetupMode-8be4df61-93ca-11d2-aa0d-00e098032b8c <(printf '\6\0\0\0\0') + # TODO: Figure out why this is failing + # grep -q this_should_be_here /proc/cmdline + # grep -q this_should_not_be_here /proc/cmdline && exit 1 +fi + +# Exit with non-zero EC if the /failed-services file is not empty (we have -e set) +[[ ! -s /failed-services ]] diff --git a/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service new file mode 100644 index 0000000..7942cbf --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later +[Unit] +Description=Check if any service failed and then shutdown the machine +After=multi-user.target network-online.target +Requires=multi-user.target +Wants=systemd-resolved.service systemd-networkd.service network-online.target +SuccessAction=exit +FailureAction=exit +# On success, exit with 123 so that we can check that we receive the actual exit code from the script on the +# host. +SuccessActionExitStatus=123 + +[Service] +Type=oneshot +ExecStart=/usr/lib/systemd/mkosi-check-and-shutdown.sh diff --git a/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf b/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf new file mode 100644 index 0000000..dac79ba --- /dev/null +++ b/mkosi.images/system/mkosi.extra/usr/lib/tmpfiles.d/99-mkosi.conf @@ -0,0 +1,3 @@ +# SPDX-License-Identifier: LGPL-2.1-or-later + +C+! /etc - - - - /usr/share/factory/mkosi |